[Libunwind-devel] Crash when unwinding using ARM exidx info

libunwind-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Libunwind-devel] Crash when unwinding using ARM exidx info

From:	Fischer, Matt
Subject:	[Libunwind-devel] Crash when unwinding using ARM exidx info
Date:	Tue, 7 May 2013 22:58:50 +0000

When unwinding an executable that has no DWARF info but does contain an ARM 
exidx section, I'm getting a segfault.  I looked into it a bit, and I believe 
that the problem has to do with the unwind_info caching that goes on in 
src/dwarf/Gparser.c.  Specifically, the following function, which is called 
during cleanup:

static inline void
put_unwind_info (struct dwarf_cursor *c, unw_proc_info_t *pi)
{
  if (c->pi_is_dynamic)
    unwi_put_dynamic_unwind_info (c->as, pi, c->as_arg);
  else if (pi->unwind_info)
    {
      mempool_free (&dwarf_cie_info_pool, pi->unwind_info);
      pi->unwind_info = NULL;
    }
}

This function attempts to return the unwind_info structure to the mempool using 
mempool_free().  This is the correct behavior if the unwind_info structure was 
allocated by the DWARF code in dwarf_extract_proc_info_from_fde() in 
src/dwarf/Gfde.c.  However, if there is no DWARF info, but there is exidx info, 
then the unwind_info will be created instead by tdep_search_unwind_table() in 
src/arm/Gex_tables.c.  In that case, this cleanup function should not attempt 
to call mempool_free() on the unwind_info, because it was not allocated out of 
the pool in the first place.

I think the right fix is to change the condition to:

  else if (pi->unwind_info && pi->format == UNW_INFO_FORMAT_TABLE)

This works, because the DWARF code sets pi->format to that value when 
allocating an unwind_info, but the exidx code sets it instead to 
UNW_INFO_FORMAT_ARM_EXIDX.  But I'm not very familiar with this code, so I'm 
not positive this is the correct fix.  Could somebody let me know whether I'm 
on the right track?  If so, I'll happily put a patch together.

Thanks,
Matt

________________________________

CONFIDENTIALITY NOTICE: This email and any attachments are for the sole use of 
the intended recipient(s) and contain information that may be confidential 
and/or legally privileged. If you have received this email in error, please 
notify the sender by reply email and delete the message. Any disclosure, 
copying, distribution or use of this communication (including attachments) by 
someone other than the intended recipient is prohibited. Thank you.

[Prev in Thread]

Current Thread

[Next in Thread]

[Libunwind-devel] Crash when unwinding using ARM exidx info, Fischer, Matt <=
- Re: [Libunwind-devel] Crash when unwinding using ARM exidx info, Arun Sharma, 2013/05/09
  - Re: [Libunwind-devel] Crash when unwinding using ARM exidx info, Fischer, Matt, 2013/05/09
  - Re: [Libunwind-devel] Crash when unwinding using ARM exidx info, Fischer, Matt, 2013/05/14
    - Re: [Libunwind-devel] Crash when unwinding using ARM exidx info, Arun Sharma, 2013/05/19
    - Re: [Libunwind-devel] Crash when unwinding using ARM exidx info, Fischer, Matt, 2013/05/19

Prev by Date: Re: [Libunwind-devel] QNX support
Next by Date: [Libunwind-devel] Correct config flag
Previous by thread: Re: [Libunwind-devel] QNX support
Next by thread: Re: [Libunwind-devel] Crash when unwinding using ARM exidx info
Index(es):
- Date
- Thread