|
Lewis Donzis
03/18/2011 2:05 AM
post84085
|
Recently came across some code that runs ok on 6.3.2 and crashes on 6.5.0.
Long story short, it appears that when we have a nested C function that generates a "trampoline" call, this is not
working on 6.5.0.
I noticed the "-mx" option on procnto, which is supposed to be the default. So I tried specifying the option and it
didn't change.
I also found that on some x86 machines, e.g., old Pentium IV, and VMware ESXi, the problem does not occur. But it
occurs on Pentium D, Core2, and later.
I mainly wanted to confirm whether it's possible that procnto is not enabling PROT_EXEC for stack meomry, even if -mx is
specified? Or maybe I don't understand the problem.
Here is a sample program that crashes reliably on 6.5.0:
#include <stdio.h>
#include <stdlib.h>
int main ()
{
int callbacks = 0;
static char buf [] = "9876543210";
int cmp (const void *p1, const void *p2)
{
callbacks++;
return *(char *)p1 - *(char *)p2;
}
qsort(buf, sizeof buf - 1, sizeof buf[0], cmp);
return 0;
}
|
|
|
|
|
