What is a "Broken Stack Frame"?

[Steve Kirkendall]

In article <114 at vdbsan.UUCP> brian at vdbsan.UUCP (Brian Bainter) writes:
>Can anyone tell me what the hell a "Broken stack frame" message from the
>debugger is telling me.  I have a program that keeps aborting at odd times
>and when I bring the thing in to the debugger, all I get is a broken stack
>frame message and no idea where or what aborted the program.

A "stack frame" is the mechanism that is used to allocate space for local
variables on the stack.  The CPU has a register called a "frame pointer"
that points to the base address of the local variables.  This is the "bp"
register in 80x86 chips, and usually the A6 register in 680x0 chips.

A subroutine call pushes the arguments, the return address, and the frame
pointer onto the stack.  It then loads the frame pointer with the value of
the stack pointer, and decrements the stack pointer to allocate space for
local variables.

A stack frame is "broken" when either the return address or the old frame
pointer fields have been clobbered.  The easiest way to clobber those fields
is to declare a local array, and then write past the end of the array.

	/* This function will have a broken stack frame if it ever *
	 * encounters a line that is more than 79 characters long. */
	scum()
	{
		char	buf[80];

		gets(buf);
	}

The debugger can't display a stack trace because it needs a healthy set of
frame pointers to follow.  You might try running `adb' and giving it the
"?" command.  This *may* tell you which function it was trying to return from.
-------------------------------------------------------------------------------
Steve Kirkendall    kirkenda at cs.pdx.edu    uunet!tektronix!psueea!eecs!kirkenda
-------------------------------------------------------------------------------
Steve Kirkendall    kirkenda at cs.pdx.edu    uunet!tektronix!psueea!eecs!kirkenda