Changes between Initial Version and Version 2 of Ticket #5590
- Timestamp:
- Jul 25, 2014, 12:45:51 PM (10 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #5590
- Property Version unspecified → 1.10.1
- Property Severity normal → critical
-
Ticket #5590 – Description
initial v2 1 In 32bit mode, when compiling with STDCALL=YES in nmake.opt, the CPLSetThreadLocalConfigOption() function in port/cpl_conv.cpp sets a deletion callback with CPLSetTLSWithFreeFunc() by passing in a pointer to CSLDestroy. CSLDestroy was changed to STDCALL in 2005, but CPLSetTLSWithFreeFunc() only takes callbacks that are non-STDCALL. So when this callback is run, the stack is out of sync by 4 bytes because the calle rremoved the argument and so does the caller (resulting in one too many removals of the argument from the stack) and the thread promptly crashes upon return since the return address used is bogus.1 In 32bit mode, when compiling with STDCALL=YES in nmake.opt, the CPLSetThreadLocalConfigOption() function in port/cpl_conv.cpp sets a deletion callback with CPLSetTLSWithFreeFunc() by passing in a pointer to CSLDestroy. CSLDestroy was changed to STDCALL in 2005, but CPLSetTLSWithFreeFunc() only takes callbacks that are non-STDCALL. So when this callback is run, the stack is out of sync by 4 bytes because the callee removed the argument and so does the caller (resulting in one too many removals of the argument from the stack) and the thread promptly crashes upon return since the return address used is bogus. 2 2 3 3 This bug has caused us a significant amount of headaches and appears to have been there for quite a while.