Infinite loop causing OOM when walking stack in minidump-processor
#428
Comments
|
We already enforce forward-progress but it appears I forgot to port the Arm fix in #309 to Arm64 and OldArm64 |
|
(Arm leaf functions can genuinely not use the stack at all because the link register creates a buffer of one call where you don't even need to push a return pointer, so the unwinder needs to allow forward progress to not occur for the top of the stack, but after that it needs to be strict again) |
|
(So very good catch, this a real annoying bug we've seen in the wild!) |
# for free
to join this conversation on GitHub.
Already have an account?
# to comment
On commit ebbee33, running
cargo fuzz run process oom(attached below in a .zip file) will infinitely loop in the followingwhilestatement, pushing more stuff to theframesvec until you eventually OOM.https://github.com/luser/rust-minidump/blob/a32419975ba6f190081a148f04a41fc42aa4eb26/minidump-processor/src/stackwalker/mod.rs#L174-L193
oom.zip
Bailing out if you ever see a frame twice sounds smart.
Are instruction pointers always monotonically increasing/decreasing? If so, we can do this perfectly accurately in O(1) per frame by just checking that the instruction pointer is always increasing or decreasing by at least 1 byte per frame.
The text was updated successfully, but these errors were encountered: