Fix bug 246152
When unwinding needs to be done because the stack pointer is reset
(e.g. by a longjmp), it makes no sense to interprete the control
flow change as call, but should be seen as a return.
This indirectly fixes bug 246152. Unwinding potentially changes the
exec state, which is unique for threads, but also for signal handlers.
E.g. this is true for a longjmp out of a signal handler. Exec state
changes modify members of struct CLG_(current_state), such as
CLG_(current_state).bbcc and CLG_(current_state).jmps_passed, which
are backed in CLG_(setup_bbcc)() by last_bbcc and passed, respectivly.
On a exec state change, these local vars go out of sync, and lead
to invalid data passed to CLG_(push_call_stack)() for handling a call,
which triggered data corruption, and the symptoms seen in bug 246152.
As in the given situation, there is no call anymore, there is no call
into CLG_(push_call_stack)(), and the corruption (or since last commit
the failed assertion) is not triggered any more.
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@11524 a5019735-40e9-0310-863c-91ae7b9d1cf9
diff --git a/callgrind/bbcc.c b/callgrind/bbcc.c
index 24862a8..bab4858 100644
--- a/callgrind/bbcc.c
+++ b/callgrind/bbcc.c
@@ -741,7 +741,11 @@
}
}
else {
- CLG_(unwind_call_stack)(sp, 0);
+ Int unwind_count = CLG_(unwind_call_stack)(sp, 0);
+ if (unwind_count > 0) {
+ /* if unwinding was done, this actually is a return */
+ jmpkind = Ijk_Ret;
+ }
if (jmpkind == Ijk_Call) {
delayed_push = True;