commit df4200e8c255fca1d03855b971b57036b9ccaa94
author Elliott Hughes <enh@google.com> Thu Feb 14 14:41:57 2013 -0800
committer Elliott Hughes <enh@google.com> Thu Feb 14 14:41:57 2013 -0800
tree b3cf4fee9d9a211e3a0c7489c6e294e379da095c
parent 90dd14029414af26e64e3232f37c84feaa317ea8

Add a "smash-stack" option to crasher.

bionic's __stack_chk_fail was preventing debuggerd from dumping
stacks, which was not helpful.

Bug: 2487269
Change-Id: Idba2a274037b960dfb2ac1c21686323268c4b372

debuggerd/crasher.c

diff --git a/debuggerd/crasher.c b/debuggerd/crasher.c
index 74eaa49..134fe80 100644
--- a/debuggerd/crasher.c
+++ b/debuggerd/crasher.c
@@ -35,6 +35,18 @@
     }
 }
 
+int smash_stack(int i) {
+    printf("crasher: deliberately corrupting stack...\n");
+    // Unless there's a "big enough" buffer on the stack, gcc
+    // doesn't bother inserting checks.
+    char buf[8];
+    // If we don't write something relatively unpredicatable
+    // into the buffer and then do something with it, gcc
+    // optimizes everything away and just returns a constant.
+    *(int*)(&buf[7]) = (uintptr_t) &buf[0];
+    return *(int*)(&buf[0]);
+}
+
 void test_call1()
 {
     *((int*) 32) = 1;
@@ -95,6 +107,7 @@
         return do_action_on_thread(arg + strlen("thread-"));
     }
 
+    if(!strcmp(arg,"smash-stack")) return smash_stack(42);
     if(!strcmp(arg,"nostack")) crashnostack();
     if(!strcmp(arg,"ctest")) return ctest();
     if(!strcmp(arg,"exit")) exit(1);