[PATCH] Fix libbacktrace on 32-bit sparc
David Miller
davem@davemloft.net
Sun Oct 28 08:42:00 GMT 2012
From: David Miller <davem@davemloft.net>
Date: Sun, 28 Oct 2012 00:31:27 -0400 (EDT)
> The size is 24, and my patch definitely makes the crashes go away.
>
> It seems like a vector is being used for a mixed set of objects.
> I'll try to figure out how that is happening.
Ok, the problem seems to have to do with releases.
The releases place vector memory chunks into a global pool.
So a memory chunk from a vector used for one type of object,
can be sucked into and used by another vector.
But the alignment requirements are different, so we can
obtain a chunk from the freelist that was being used for
a vector of 4-byte aligned objects.
The crash sequences are always of the form:
vec_release(0xffb37ac8) base+size(0xf0199008) amount(312)
...
vec_grow(0xffb37ac8:24) from 0x975168, ret=0xf01754cc [size(24):alc(360)]
That size alignment done by backtrace_alloc() has no influence upon
this issue. Since chunks are released from wherever the vector's
allocation point was at the time of the release.
In fact I bet that alignment in backtrace_alloc() never triggers when
it is invoked from backtrace_vector_grow().
More information about the Gcc-patches
mailing list