Re: weird IOKit crash in IOIteratorNext()
Re: weird IOKit crash in IOIteratorNext()
- Subject: Re: weird IOKit crash in IOIteratorNext()
- From: Julian Mayer <email@hidden>
- Date: Fri, 2 Dec 2005 04:08:55 +0100
If you look at the disassembled code for IOIteratorNext in
IOKit.framework, you'll see there is no way this call sequence
should happen.
_IOIteratorNext:
+00 mfspr r0,lr
+04 stw r0,0x8(r1)
+08 stwu r1,0xffa0(r1)
+0C addi r4,r1,0x40
+10 bl 0x905cd014 ; symbol stub for: _io_iterator_next
+14 cmpwi cr7,r3,0x0
IOIteratorNext does not call CFRelease at + 0x10, it calls
_io_iterator_next by way of a dyld_stub, which loads a function
pointer and jumps to it. There are only two reasonable ways that
dyld's function pointer could be wrong.
- its prebound, incorrectly.
- its been stomped by a memory smasher.
My bet, from having witnessed this happen before, is the first.
-Ed
hello ed
thanks for your analysis!
it is still not clear to me why the binary in question crashes on one
machine and runs properly on all other...is there a real problem and
the prebinding problem only accounts for an incorrect crash log, or
is prebinding completely responsible for the problem? if so, what do
i have to do to remedy this problem? does this also mean that the
rest of the crash log is also wrong?
i've not taken any special steps in regards to prebinding, i've just
used Xcode's defaults for the deployment mode, which i thought are
fine...?
thanks, julian
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden