This is the mail archive of the
systemtap@sourceware.org
mailing list for the systemtap project.
[Bug runtime/14546] New: DWARF unwinder can corrupt probe memory
- From: "smakarov at redhat dot com" <sourceware-bugzilla at sourceware dot org>
- To: systemtap at sourceware dot org
- Date: Wed, 05 Sep 2012 15:35:20 +0000
- Subject: [Bug runtime/14546] New: DWARF unwinder can corrupt probe memory
- Auto-submitted: auto-generated
http://sourceware.org/bugzilla/show_bug.cgi?id=14546
Bug #: 14546
Summary: DWARF unwinder can corrupt probe memory
Product: systemtap
Version: unspecified
Status: NEW
Severity: normal
Priority: P2
Component: runtime
AssignedTo: systemtap@sourceware.org
ReportedBy: smakarov@redhat.com
Classification: Unclassified
As far back as release 1.8 we have the following problem:
$ stap -e 'probe kernel.function("irq_*").call { x = 1; y = 1; z = 1;
println(backtrace()); println(backtrace()); printf("CORRUPTED: %d %d %d\n", x,
y, z) }'
0xffffffff8105f3b0 0xffffffff815fe2fe 0xffffffff815fcfde
CORRUPTED: 2 6 0
(Other values like 2 -48 0 might also appear.)
Namely, at least the first two words of the probe's local memory can be
corrupted by a repeated call to backtrace().
(There's also evidence that a *single* call to backtrace() can produce
corruption, but here results seem to vary for people who've tried to
replicate.)
(This bug is evidently dependent on the fact that "struct unwind_context
uwcontext;" is laid out at the very end of common_probe_context.h. So if it's
placed elsewhere in the file, the corruption becomes far less obvious...)
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.