-
Notifications
You must be signed in to change notification settings - Fork 63
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Infinite loop causing OOM when walking stack in minidump-processor
#428
Comments
We already enforce forward-progress but it appears I forgot to port the Arm fix in #309 to Arm64 and OldArm64 |
(Arm leaf functions can genuinely not use the stack at all because the link register creates a buffer of one call where you don't even need to push a return pointer, so the unwinder needs to allow forward progress to not occur for the top of the stack, but after that it needs to be strict again) |
(So very good catch, this a real annoying bug we've seen in the wild!) |
On commit ebbee33, running
cargo fuzz run process oom
(attached below in a .zip file) will infinitely loop in the followingwhile
statement, pushing more stuff to theframes
vec until you eventually OOM.https:/luser/rust-minidump/blob/a32419975ba6f190081a148f04a41fc42aa4eb26/minidump-processor/src/stackwalker/mod.rs#L174-L193
oom.zip
Bailing out if you ever see a frame twice sounds smart.
Are instruction pointers always monotonically increasing/decreasing? If so, we can do this perfectly accurately in O(1) per frame by just checking that the instruction pointer is always increasing or decreasing by at least 1 byte per frame.
The text was updated successfully, but these errors were encountered: