Ticket #9247: debugger_nullptr_crash.patch

File debugger_nullptr_crash.patch, 2.3 KB (added by anevilyak, 11 years ago)

  • src/apps/debugger/arch/x86/ArchitectureX86.cpp 

    diff --git a/src/apps/debugger/arch/x86/ArchitectureX86.cpp b/src/apps/debugger/arch/x86/ArchitectureX86.cpp
index bc2e075..63a080f 100644
    a b ArchitectureX86::CreateStackFrame(Image* image, FunctionDebugInfo* function,  
    309309        // If the function is not frameless and we're at the top frame we need
    310310        // to check whether the prologue has not been executed (completely) or
    311311        // we're already after the epilogue.
    312         if (hasPrologue && isTopFrame) {
     312        if (isTopFrame) {
    313313            uint32 stack = 0;
    314             if (eip < function->Address() + 3) {
    315                 // The prologue has not been executed yet, i.e. there's no
    316                 // stack frame yet. Get the return address from the stack.
    317                 stack = cpuState->IntRegisterValue(X86_REGISTER_ESP);
    318                 if (eip > function->Address()) {
    319                     // The "push %ebp" has already been executed.
    320                     stack += 4;
     314            if (hasPrologue) {
     315                if (eip < function->Address() + 3) {
     316                    // The prologue has not been executed yet, i.e. there's no
     317                    // stack frame yet. Get the return address from the stack.
     318                    stack = cpuState->IntRegisterValue(X86_REGISTER_ESP);
     319                    if (eip > function->Address()) {
     320                        // The "push %ebp" has already been executed.
     321                        stack += 4;
     322                    }
     323                } else {
     324                    // Not in the function prologue, but maybe after the
     325                    // epilogue. The epilogue is a single "pop %ebp", so we
     326                    // check whether the current instruction is already a
     327                    // "ret".
     328                    uint8 code[1];
     329                    if (fTeamMemory->ReadMemory(eip, &code, 1) == 1
     330                        && code[0] == 0xc3) {
     331                        stack = cpuState->IntRegisterValue(X86_REGISTER_ESP);
     332                    }
    321333                }
    322334            } else {
    323                 // Not in the function prologue, but maybe after the epilogue.
    324                 // The epilogue is a single "pop %ebp", so we check whether the
    325                 // current instruction is already a "ret".
    326                 uint8 code[1];
    327                 if (fTeamMemory->ReadMemory(eip, &code, 1) == 1
    328                     && code[0] == 0xc3) {
     335                // in the case of a NULL function pointer, the prologue
     336                // has, by definition not been executed. In such a case,
     337                // everything we need is right at the top of the stack.
     338                if (eip == 0)
    329339                    stack = cpuState->IntRegisterValue(X86_REGISTER_ESP);
    330                 }
    331340            }
    332341
    333342            if (stack != 0) {