Geoffrey <esoteric@xxxxxxxxxxxx> writes: > Tom Lane wrote: >> Well, this trace doesn't prove any such thing. If it was a wild jump, >> we can surmise that it landed someplace in the first few instructions of >> FileRead (before the call to FileAccess), but there's no proof here that >> it landed on-the-nose at the first instruction. > So you're saying that the debugger will simply point to that function if > the address it 'jumps to' is somewhere in address space of this > function? I don't know the intricacies of the debugger to understand > how all that works. My expectation is that a random address is unlikely > to make any sense to the debugger. It is a bit surprising that it didn't jump to a nonexistent address and die immediately, but if you're on a little-endian machine then maybe this isn't quite as improbable as it looks. A stack clobber that writes just a few more bytes than the intended buffer can hold might overwrite just the first couple bytes of a return address, which are the LSBs on a little-endian machine, leading to a return address somewhere within 64K of where it should have been, which most likely is within the code area rather than off in an unmapped range. The fact that the code area is only a small part of the address space doesn't change the odds if that's what happened. regards, tom lane