4.1a BSD longjmp() bug and fix
utzoo!decvax!yale-com!brunix!mjb
utzoo!decvax!yale-com!brunix!mjb
Thu Mar 10 20:04:25 AEST 1983
We found a bug in the new, improved longjmp() which we received with our
4.1a BSD release. A 'beql' should be changed to a 'bneq' as shown in the
code fragment below (from /usr/src/libc/sys/setjmp.s):
# @(#)setjmp.s 4.2 (Berkeley) 81/07/10
.
.
_longjmp:
.word 0x0000
movl 8(ap),r0 # return(v)
##### beql L1 # REMOVE THIS
bneq L1 # ADD THIS
movzbl $1,r0
L1:
.
.
The effect of the distributed code was to return 0 instead of 1 at the
setjmp(jbuf) when you did a longjmp(jbuf,0) or (I'll admit to doing this,
but not on purpose!) longjmp(jbuf), and to return 1 instead of N for
longjmp(jbuf,N) for N != 0.
Mike Braca, Brown CS, ..!decvax!brunix!mjb, mjb.brown at udel-relay
PS: In case anyone is wondering in what way the longjmp is "new and improved",
what it does is instead of just blindly rewinding the stack like the old
one does, it pops the stack frame by frame, in order to write out
'longjmp botch', then execute an illegal instruction (instead of just
leaving garbage in your registers), when you do something tricky like a
longjmp() with no previous setjmp().
More information about the Comp.bugs.4bsd.ucb-fixes
mailing list