This is the mail archive of the
gdb@sourceware.org
mailing list for the GDB project.
Re: Stepping over longjmp presumably broken for glibc
- From: Daniel Jacobowitz <drow at false dot org>
- To: Eli Zaretskii <eliz at gnu dot org>
- Cc: gdb at sourceware dot org
- Date: Fri, 23 Dec 2005 08:20:40 -0500
- Subject: Re: Stepping over longjmp presumably broken for glibc
- References: <20051222211734.GA13178@nevyn.them.org> <uslski5jz.fsf@gnu.org>
On Fri, Dec 23, 2005 at 10:25:04AM +0200, Eli Zaretskii wrote:
> > Date: Thu, 22 Dec 2005 16:17:34 -0500
> > From: Daniel Jacobowitz <drow@false.org>
> > Cc: libc-alpha@sourceware.org
> >
> > Current versions of glibc for many platforms xor the saved PC with a
> > randomized canary, so setting a breakpoint at that "address" isn't
> > going to work especially well.
>
> How does glibc restore the correct address when you call longjmp? Do
> they save the canary in some place, or something?
Yes. However, where it is safed is not a public ABI, and varies wildly
by architecture; I wouldn't care to try to reverse it in GDB, personally.
For instance, during ld.so bootstrapping it's in a global variable
named __pointer_chk_guard; if the platform supports TLS, then later in
execution it will be at some architecture-dependent offset from the
thread pointer.
--
Daniel Jacobowitz
CodeSourcery, LLC