Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20180718190024.GL4418@port70.net>
Date: Wed, 18 Jul 2018 21:00:24 +0200
From: Szabolcs Nagy <nsz@...t70.net>
To: musl@...ts.openwall.com
Subject: Re: Re: Segmentation fault in static binaries built with
 recent binutils

* Reiner Herrmann <reiner@...ner-h.de> [2018-07-18 20:14:38 +0200]:
> > Can you attach a readelf -a of the binary that's crashing?
> 
> The output is attached.

i could reproduce the crash in a debian:unstable docker image

i see incorrect auxv[AT_PHDR] value, not yet sure why.


Program received signal SIGSEGV, Segmentation fault.
static_init_tls (aux=aux@...ry=0x7fffffffebc0) at ../src/env/__init_tls.c:88
88			if (phdr->p_type == PT_PHDR)
(gdb) disas
Dump of assembler code for function static_init_tls:
   0x0000000000401404 <+0>:	sub    $0x8,%rsp
   0x0000000000401408 <+4>:	mov    0x18(%rdi),%r9
   0x000000000040140c <+8>:	mov    0x28(%rdi),%rsi
   0x0000000000401410 <+12>:	xor    %ecx,%ecx
   0x0000000000401412 <+14>:	xor    %eax,%eax
   0x0000000000401414 <+16>:	mov    %r9,%rdx
   0x0000000000401417 <+19>:	test   %rsi,%rsi
   0x000000000040141a <+22>:	je     0x401456 <static_init_tls+82>
=> 0x000000000040141c <+24>:	mov    (%rdx),%r8d
...
(gdb) p/x aux[3]
$4 = 0x400040
(gdb) i proc map
process 13499
Mapped address spaces:

          Start Addr           End Addr       Size     Offset objfile
            0x401000           0x402000     0x1000     0x1000 /musl/build/a.out
            0x402000           0x403000     0x1000     0x2000 /musl/build/a.out
            0x403000           0x405000     0x2000     0x2000 /musl/build/a.out
      0x7ffff7ffa000     0x7ffff7ffd000     0x3000        0x0 [vvar]
      0x7ffff7ffd000     0x7ffff7fff000     0x2000        0x0 [vdso]
      0x7ffffffde000     0x7ffffffff000    0x21000        0x0 [stack]
(gdb) i reg
rax            0x0	0
rbx            0x0	0
rcx            0x0	0
rdx            0x400040	4194368
rsi            0x5	5
rdi            0x7fffffffebc0	140737488350144
rbp            0x1	0x1
rsp            0x7fffffffeb90	0x7fffffffeb90
r8             0x4015a1	4199841
r9             0x400040	4194368
r10            0x0	0
r11            0x0	0
r12            0x7fffffffed58	140737488350552
r13            0x401127	4198695
r14            0x0	0
r15            0x0	0
rip            0x40141c	0x40141c <static_init_tls+24>
eflags         0x10206	[ PF IF RF ]
cs             0x33	51
ss             0x2b	43
ds             0x0	0
es             0x0	0
fs             0x0	0
gs             0x0	0

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.