From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 6027 invoked by alias); 23 Dec 2005 13:20:45 -0000 Received: (qmail 6020 invoked by uid 22791); 23 Dec 2005 13:20:45 -0000 X-Spam-Check-By: sourceware.org Received: from nevyn.them.org (HELO nevyn.them.org) (66.93.172.17) by sourceware.org (qpsmtpd/0.31.1) with ESMTP; Fri, 23 Dec 2005 13:20:42 +0000 Received: from drow by nevyn.them.org with local (Exim 4.54) id 1Epmqe-0006Ua-4d; Fri, 23 Dec 2005 08:20:40 -0500 Date: Fri, 23 Dec 2005 13:20:00 -0000 From: Daniel Jacobowitz To: Eli Zaretskii Cc: gdb@sourceware.org Subject: Re: Stepping over longjmp presumably broken for glibc Message-ID: <20051223132039.GA24942@nevyn.them.org> Mail-Followup-To: Eli Zaretskii , gdb@sourceware.org References: <20051222211734.GA13178@nevyn.them.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.8i X-IsSubscribed: yes Mailing-List: contact gdb-help@sourceware.org; run by ezmlm Precedence: bulk List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-owner@sourceware.org X-SW-Source: 2005-12/txt/msg00182.txt.bz2 On Fri, Dec 23, 2005 at 10:25:04AM +0200, Eli Zaretskii wrote: > > Date: Thu, 22 Dec 2005 16:17:34 -0500 > > From: Daniel Jacobowitz > > Cc: libc-alpha@sourceware.org > > > > Current versions of glibc for many platforms xor the saved PC with a > > randomized canary, so setting a breakpoint at that "address" isn't > > going to work especially well. > > How does glibc restore the correct address when you call longjmp? Do > they save the canary in some place, or something? Yes. However, where it is safed is not a public ABI, and varies wildly by architecture; I wouldn't care to try to reverse it in GDB, personally. For instance, during ld.so bootstrapping it's in a global variable named __pointer_chk_guard; if the platform supports TLS, then later in execution it will be at some architecture-dependent offset from the thread pointer. -- Daniel Jacobowitz CodeSourcery, LLC