NULL pointer dereference panic
Yar Tikhiy
yar at comp.chem.msu.su
Tue Jun 20 17:55:58 UTC 2006
On Tue, Jun 20, 2006 at 08:30:50AM -0700, Tim Kientzle wrote:
> Andrew R. Reiter wrote:
> >On Tue, 20 Jun 2006, Yar Tikhiy wrote:
> >
> >:On Tue, Jun 20, 2006 at 05:08:22AM +1000, Peter Jeremy wrote:
> >:> On Mon, 2006-Jun-19 22:45:41 +0400, Yar Tikhiy wrote:
> >:> >Peter, what gcc options did you build the kernel with? My question
> >:> >is unrelated to the panic, I'd just like to make stack traces look
> >:> >sane in common cases :-)
> >:>
> >:
> >:When in basic i386 mode, gcc calls functions in the traditional
> >:way. E.g., the "foo(1, 2)" call will look as follows in asm:
> >:
> >: pushl $2
> >: pushl $1
> >: call foo
> >: addl $8, %esp
> >:
> >:By merely decoding the addl instruction at the return pointer we
> >:can find how many words of arguments the called function takes.
>
> I'm not sure which -O flags enable this, but I've
> certainly seen lazy stack cleanups in gcc-generated
> code on i386:
>
> pushl $2
> pushl $1
> call foo
> pushl $3
> pushl $4
> call foo
> addl $16, %esp
Thanks for this observation!
> This optimization would also confuse the stack-tracing
> logic you describe.
"Why do we call our software `beta'? 'Coz it's beta than nothing" :-)
The logic is older than FreeBSD itself, and alas, new compiler tricks
don't allow for an alternative one that is simple enough to be used in
the kernel.
--
Yar
More information about the freebsd-current
mailing list