On Apr 01 2023, Finn Thain wrote:
So, in summary, the canary validation failed in this case not because the canary got clobbered but because %a3 got clobbered, somewhere between __wait3+24 and __wait3+70 (below). The call to __GI___wait4_time64 causes %a3 to be saved to and restored from the stack, so stack corruption seems to be a strong possibility to explain the change in %a3. But if that's what happened, I'd expect __GI___wait4_time64 to report stack smashing, not __wait3...
The stask smashing probably didn't fire in __wait4_time64, because it hit the saved register area, not the canary (which reside on the opposite ends of the stack frame). -- Andreas Schwab, schwab@xxxxxxxxxxxxxx GPG Key fingerprint = 7578 EB47 D4E5 4D69 2510 2552 DF73 E780 A9DA AEC1 "And now for something completely different."
