This is the mail archive of the
gcc-patches@gcc.gnu.org
mailing list for the GCC project.
Re: [PING][PATCH] Segfault while unwinding an invalid function pointer
- From: Pete Eberlein <eberlein at linux dot vnet dot ibm dot com>
- To: gcc-patches at gcc dot gnu dot org
- Date: Mon, 05 Nov 2007 15:38:20 -0800
- Subject: Re: [PING][PATCH] Segfault while unwinding an invalid function pointer
- References: <470D384A.5060302@linux.vnet.ibm.com> <472257C7.9050608@linux.vnet.ibm.com> <18211.7927.465759.15249@zebedee.pink> <47265B9E.1020106@linux.vnet.ibm.com> <4726675E.9020605@linux.vnet.ibm.com>
- Reply-to: eberlein at us dot ibm dot com
Daniel Jacobowitz <drow@false.org> wrote on 11/03/2007 10:58:51 AM:
> Is there anything besides read/write we can take advantage of for the
> same effect?
I looked through system calls again, and mlock() caught my eye. Now I
think this is the perfect candidate for checking for invalid memory,
since it accepts a pointer and a size to lock. If the lock is
successful, simply unlock and continue. If the lock is unsuccessful,
make sure errno is ENOMEM to verify that the "address range specified by
the addr and len arguments does not correspond to valid mapped pages in
the address space of the process." [man mlock]
Errno would need to be saved and restored. No problem.
The only side effect I can see is that any call frame addresses
processed by the x86_64_fallback_frame_state function will be unlocked.
The munlock function will alawys unlock regardless of the number of
times mlock was called for a memory range. So if the address was locked
by user code, it would be unlocked after backtrace. Would this be a
deal-breaker?
--
Pete Eberlein
IBM Linux Technology Center
Linux on Power Toolchain