Bug#433809: enemylines3: SIGSEGV in strlen

Philipp Marek philipp at marek.priv.at
Sun Feb 3 18:04:22 UTC 2008 

Hello Gonéri,

On Sunday 03 February 2008 Gonéri Le Bouder wrote:
> It got the same issue but I can't reproduct it in gdb. Can you provide a
> backtrace with this unstripped binary?
> http://nana.rulezlan.org/~goneri/enemylines3-unstripped/
here's the trace.

Hope that helps ... tell me if you need further information.


Regards,

Phil


Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x2ac07417a7e0 (LWP 6691)]
0x00002ac06ef6b020 in strlen () from /lib/libc.so.6
(gdb) bt
#0  0x00002ac06ef6b020 in strlen () from /lib/libc.so.6
#1  0x0000000000412f6e in el3::Hiscore::draw ()
#2  0x000000000040ac86 in el3::Game::draw_hud ()
#3  0x00000000004150d2 in el3::main ()
#4  0x0000000000416098 in main ()
(gdb) info registers
rax            0x0      0
rbx            0x0      0
rcx            0x0      0
rdx            0xa6dda0 10935712
rsi            0xa22e60 10628704
rdi            0x0      0
rbp            0x647b40 0x647b40
rsp            0x7fff3d336118   0x7fff3d336118
r8             0xfefefefefefefeff       -72340172838076673
r9             0x3f800000       1065353216
r10            0x0      0
r11            0x2ac06f257dd0   47005986815440
r12            0xa909e0 11078112
r13            0xa90b04 11078404
r14            0x1      1
r15            0x7fff3d3362b0   140734220165808
rip            0x2ac06ef6b020   0x2ac06ef6b020 <strlen+48>
eflags         0x10246  [ PF ZF IF RF ]
cs             0x33     51
ss             0x2b     43
ds             0x0      0
es             0x0      0
fs             0x0      0
gs             0x0      0
fctrl          0x37f    895
fstat          0x20     32
ftag           0xffff   65535
fiseg          0x0      0
fioff          0x0      0
foseg          0x0      0
fooff          0x0      0
fop            0x0      0
mxcsr          0x1fa0   [ PE IM DM ZM OM UM PM ]

Dump of assembler code for function strlen:
0x00002ac06ef6aff0 <strlen+0>:  mov    %rdi,%rcx
0x00002ac06ef6aff3 <strlen+3>:  and    $0x7,%ecx
0x00002ac06ef6aff6 <strlen+6>:  mov    %rdi,%rax
0x00002ac06ef6aff9 <strlen+9>:  je     0x2ac06ef6b010 <strlen+32>
0x00002ac06ef6affb <strlen+11>: neg    %ecx
0x00002ac06ef6affd <strlen+13>: add    $0x8,%ecx
0x00002ac06ef6b000 <strlen+16>: cmpb   $0x0,(%rax)
0x00002ac06ef6b003 <strlen+19>: je     0x2ac06ef6b0d5 <strlen+229>
0x00002ac06ef6b009 <strlen+25>: inc    %rax
0x00002ac06ef6b00c <strlen+28>: dec    %ecx
0x00002ac06ef6b00e <strlen+30>: jne    0x2ac06ef6b000 <strlen+16>
0x00002ac06ef6b010 <strlen+32>: mov    $0xfefefefefefefeff,%r8
0x00002ac06ef6b01a <strlen+42>: nopw   0x0(%rax,%rax,1)

0x00002ac06ef6b020 <strlen+48>: mov    (%rax),%rcx		<< HERE

0x00002ac06ef6b023 <strlen+51>: add    $0x8,%rax
0x00002ac06ef6b027 <strlen+55>: mov    %r8,%rdx
0x00002ac06ef6b02a <strlen+58>: add    %rcx,%rdx
0x00002ac06ef6b02d <strlen+61>: jae    0x2ac06ef6b090 <strlen+160>
0x00002ac06ef6b02f <strlen+63>: xor    %rcx,%rdx
0x00002ac06ef6b032 <strlen+66>: or     %r8,%rdx
0x00002ac06ef6b035 <strlen+69>: inc    %rdx
0x00002ac06ef6b038 <strlen+72>: jne    0x2ac06ef6b090 <strlen+160>
0x00002ac06ef6b03a <strlen+74>: mov    (%rax),%rcx
0x00002ac06ef6b03d <strlen+77>: add    $0x8,%rax
0x00002ac06ef6b041 <strlen+81>: mov    %r8,%rdx
0x00002ac06ef6b044 <strlen+84>: add    %rcx,%rdx
0x00002ac06ef6b047 <strlen+87>: jae    0x2ac06ef6b090 <strlen+160>
0x00002ac06ef6b049 <strlen+89>: xor    %rcx,%rdx
0x00002ac06ef6b04c <strlen+92>: or     %r8,%rdx
0x00002ac06ef6b04f <strlen+95>: inc    %rdx
0x00002ac06ef6b052 <strlen+98>: jne    0x2ac06ef6b090 <strlen+160>
0x00002ac06ef6b054 <strlen+100>:        mov    (%rax),%rcx


Dump of assembler code for function _ZN3el37Hiscore4drawEv:
0x0000000000412f10 <_ZN3el37Hiscore4drawEv+0>:  push   %r15
0x0000000000412f12 <_ZN3el37Hiscore4drawEv+2>:  push   %r14
0x0000000000412f14 <_ZN3el37Hiscore4drawEv+4>:  push   %r13
0x0000000000412f16 <_ZN3el37Hiscore4drawEv+6>:  push   %r12
0x0000000000412f18 <_ZN3el37Hiscore4drawEv+8>:  push   %rbp
0x0000000000412f19 <_ZN3el37Hiscore4drawEv+9>:  push   %rbx
0x0000000000412f1a <_ZN3el37Hiscore4drawEv+10>: sub    $0x98,%rsp
0x0000000000412f21 <_ZN3el37Hiscore4drawEv+17>: callq  0x406770 <_ZN3el36Config7offlineEv>
0x0000000000412f26 <_ZN3el37Hiscore4drawEv+22>: test   %al,%al
0x0000000000412f28 <_ZN3el37Hiscore4drawEv+24>: jne    0x4130a6 <_ZN3el37Hiscore4drawEv+406>
0x0000000000412f2e <_ZN3el37Hiscore4drawEv+30>: cmpb   $0x0,0x23519b(%rip)        # 0x6480d0 <_ZN3el35readyE>
0x0000000000412f35 <_ZN3el37Hiscore4drawEv+37>: je     0x4130a6 <_ZN3el37Hiscore4drawEv+406>
0x0000000000412f3b <_ZN3el37Hiscore4drawEv+43>: cmpb   $0x0,0x23518f(%rip)        # 0x6480d1 <_ZN3el37cleanedE>
0x0000000000412f42 <_ZN3el37Hiscore4drawEv+50>: je     0x413105 <_ZN3el37Hiscore4drawEv+501>
0x0000000000412f48 <_ZN3el37Hiscore4drawEv+56>: mov    0x235171(%rip),%rbx        # 0x6480c0 <_ZN3el35chunkE>
0x0000000000412f4f <_ZN3el37Hiscore4drawEv+63>: movq   $0x647b58,0x70(%rsp)
0x0000000000412f58 <_ZN3el37Hiscore4drawEv+72>: mov    $0x647b40,%ebp
0x0000000000412f5d <_ZN3el37Hiscore4drawEv+77>: movq   $0x647b58,0x60(%rsp)
0x0000000000412f66 <_ZN3el37Hiscore4drawEv+86>: mov    %rbx,%rdi

0x0000000000412f69 <_ZN3el37Hiscore4drawEv+89>: callq  0x403930 <strlen at plt>

0x0000000000412f6e <_ZN3el37Hiscore4drawEv+94>: mov    %rbx,%rsi
0x0000000000412f71 <_ZN3el37Hiscore4drawEv+97>: mov    %rax,%rdx


-- 
Versioning your /etc, /home or even your whole installation?
             Try fsvs (fsvs.tigris.org)!

More information about the Pkg-games-devel mailing list