Login
Log in using an SSO provider:
Fedora Account System
Red Hat Associate
Red Hat Customer
Login using a Red Hat Bugzilla account
Forgot Password
Create an Account
Red Hat Bugzilla – Attachment 1946597 Details for
Bug 2173437
[abrt] openssh-server: kex_assemble_names(): sshd killed by SIGSYS
Home
New
Search
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh90 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
[?]
This site requires JavaScript to be enabled to function correctly, please enable it.
File: backtrace
backtrace (text/plain), 22.70 KB, created by
Johannes Maybaum
on 2023-02-26 17:32:08 UTC
(
hide
)
Description:
File: backtrace
Filename:
MIME Type:
Creator:
Johannes Maybaum
Created:
2023-02-26 17:32:08 UTC
Size:
22.70 KB
patch
obsolete
>Downloading 2.23 MB separate debug info for /usr/sbin/sshd... >Downloading 0.32 MB separate debug info for /tmp/debuginfod/28aa0c958312172dc18428c6b3c4480d02f037ad/debuginfo... >warning: Can't open file /usr/lib64/libpath_utils.so.1.0.1 during file-backed mapping note processing >warning: Can't open file /usr/lib64/libcollection.so.4.1.1 during file-backed mapping note processing >warning: Can't open file /usr/lib64/libini_config.so.5.2.1 during file-backed mapping note processing >warning: Can't open file /usr/lib64/gssproxy/proxymech.so during file-backed mapping note processing >warning: Can't open file /usr/lib64/libbasicobjects.so.0.1.0 during file-backed mapping note processing >warning: Can't open file /usr/lib64/libref_array.so.1.2.1 during file-backed mapping note processing >[New LWP 14714] >warning: Could not load shared library symbols for 6 libraries, e.g. /usr/lib64/gssproxy/proxymech.so. >Use the "info sharedlibrary" command to see the complete listing. >Do you need "set solib-search-path" or "set sysroot"? >[Thread debugging using libthread_db enabled] >Using host libthread_db library "/lib64/libthread_db.so.1". >Core was generated by `sshd: [net] '. >Program terminated with signal SIGSYS, Bad system call. >#0 writev_for_fatal (total=41, niov=2, iov=0x7ffd6b84ab90, fd=2) at ../sysdeps/unix/sysv/linux/libc_fatal.c:31 >Downloading 0.00 MB source file /usr/src/debug/glibc-2.36-9.fc37.x86_64/libio/../sysdeps/unix/sysv/linux/libc_fatal.c... >31 && INTERNAL_SYSCALL_ERRNO (cnt) == EINTR); >----------PYTHON-START-------- >Undefined command: "py-bt". Try "help". >Undefined command: "py-list". Try "help". >Undefined command: "py-locals". Try "help". >----------PYTHON--END--------- > >Thread 1 (Thread 0x7f1351fcc900 (LWP 14714)): >#0 writev_for_fatal (total=41, niov=2, iov=0x7ffd6b84ab90, fd=2) at ../sysdeps/unix/sysv/linux/libc_fatal.c:31 > cnt = 20 >#1 __libc_message (action=action@entry=do_abort, fmt=fmt@entry=0x7f1351881465 "%s\n") at ../sysdeps/posix/libc_fatal.c:124 > iov = 0x7ffd6b84ab90 > total = 41 > ap = {{gp_offset = 24, fp_offset = 0, overflow_arg_area = 0x7ffd6b84aca0, reg_save_area = 0x7ffd6b84ac30}} > fd = <optimized out> > list = <optimized out> > nlist = 2 > cp = <optimized out> >#2 0x00007f135177db9c in malloc_printerr (str=str@entry=0x7f1351883fe8 "free(): double free detected in tcache 2") at malloc.c:5660 >No locals. >#3 0x00007f135177fee6 in _int_free (av=0x7f13518bac80 <main_arena>, p=0x55dccd6ec930, have_lock=0) at malloc.c:4469 > tmp = <optimized out> > cnt = <optimized out> > e = 0x55dccd6ec940 > tc_idx = 17 > size = 304 > fb = <optimized out> > nextchunk = <optimized out> > nextsize = <optimized out> > nextinuse = <optimized out> > prevsize = <optimized out> > bck = <optimized out> > fwd = <optimized out> > __PRETTY_FUNCTION__ = "_int_free" >#4 0x00007f1351782363 in __GI___libc_free (mem=mem@entry=0x55dccd6ec940) at malloc.c:3385 > ar_ptr = <optimized out> > p = 0x55dccd6ec930 > err = 1 >#5 0x000055dccbfb12da in kex_assemble_names (listp=0x55dccc026d28 <options+1224>, def=<optimized out>, all=<optimized out>) at /usr/src/debug/openssh-8.8p1-7.fc37.x86_64/kex.c:356 > cp = <optimized out> > tmp = <optimized out> > patterns = 0x0 > list = 0x55dccd6ec940 "\f\203\243\220\331U" > ret = 0x55dccd6f7740 "" > matching = 0x55dccd6e6c50 "V\026\242\220\331U" > opatterns = 0x55dccd6f7680 "\247%\243\220\331U" > r = -10 >#6 0x000055dccbfc1f73 in assemble_algorithms.constprop.0 (o=<optimized out>) at /usr/src/debug/openssh-8.8p1-7.fc37.x86_64/servconf.c:246 > all_cipher = 0x55dccd6fe8c0 "3des-cbc,aes128-cbc,aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com" > all_mac = 0x55dccd6fa320 "hmac-sha1,hmac-sha1-96,hmac-sha2-256,hmac-sha2-512,hmac-md5,hmac-md5-96,umac-64@openssh.com,umac-128@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hm"... > all_kex = 0x55dccd6fa480 "diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group"... > all_key = 0x55dccd6fa5f0 "ssh-ed25519,ssh-ed25519-cert-v01@openssh.com,sk-ssh-ed25519@openssh.com,sk-ssh-ed25519-cert-v01@openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2"... > all_sig = 0x55dccd6fa840 "ssh-ed25519,sk-ssh-ed25519@openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@openssh.com,webauthn-sk-ecdsa-sha2-n"... > def_cipher = <optimized out> > def_mac = 0x55dccd6eeef0 "umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-"... > def_kex = 0x55dccd6f9b50 "curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512"... > def_key = 0x55dccd6ee900 "ssh-ed25519-cert-v01@openssh.com,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,sk-ssh-ed25519-cert-v01@openssh.com,sk-ecdsa"... > def_sig = 0x55dccd6f0540 "ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ssh-ed25519@openssh.com,sk-ecdsa-sha2-nistp256@openssh.com,rsa-sha2-512,rsa-sha2-256" > r = <optimized out> > __func__ = <optimized out> >#7 0x000055dccbfc2bdb in copy_set_server_options.constprop.0 (src=src@entry=0x55dccd700db0, preauth=preauth@entry=1, dst=<optimized out>) at /usr/src/debug/openssh-8.8p1-7.fc37.x86_64/servconf.c:2743 >No locals. >#8 0x000055dccbf7114c in mm_getpwnamallow (username=<optimized out>, ssh=0x55dccd7095f0) at /usr/src/debug/openssh-8.8p1-7.fc37.x86_64/monitor_wrap.c:336 > m = 0x55dccd7106c0 > len = <optimized out> > i = <optimized out> > ok = <optimized out> > pw = <optimized out> > newopts = 0x55dccd700db0 > r = <optimized out> > p = <optimized out> > m = <optimized out> > pw = <optimized out> > len = <optimized out> > i = <optimized out> > newopts = <optimized out> > r = <optimized out> > ok = <optimized out> > p = <optimized out> > __func__ = <optimized out> > out = <optimized out> >#9 input_userauth_request (type=<optimized out>, seq=<optimized out>, ssh=0x55dccd7095f0) at /usr/src/debug/openssh-8.8p1-7.fc37.x86_64/auth2.c:293 > authctxt = 0x55dccd70b3f0 > m = 0x0 > user = 0x55dccd6f7970 "0" > service = 0x55dccd6f8dc0 "ssh-connection" > method = 0x55dccd700d90 "none" > style = <optimized out> > role = <optimized out> > r = <optimized out> > authenticated = 0 > tstart = <optimized out> > __func__ = "input_userauth_request" >#10 0x000055dccbfa827e in ssh_dispatch_run (done=0x55dccd70b3f0, mode=0, ssh=0x55dccd7095f0) at /usr/src/debug/openssh-8.8p1-7.fc37.x86_64/dispatch.c:113 > r = <optimized out> > type = 50 '2' > seqnr = 4 > r = <optimized out> > type = <optimized out> > seqnr = <optimized out> > __func__ = <optimized out> >#11 ssh_dispatch_run_fatal (ssh=0x55dccd7095f0, mode=0, done=0x55dccd70b3f0) at /usr/src/debug/openssh-8.8p1-7.fc37.x86_64/dispatch.c:133 > r = <optimized out> > __func__ = "ssh_dispatch_run_fatal" >#12 0x000055dccbf54b94 in do_authentication2 (ssh=<optimized out>) at /usr/src/debug/openssh-8.8p1-7.fc37.x86_64/auth2.c:178 > authctxt = <optimized out> > authctxt = <optimized out> >#13 main (ac=<optimized out>, av=<optimized out>) at /usr/src/debug/openssh-8.8p1-7.fc37.x86_64/sshd.c:2367 > ssh = <optimized out> > r = <optimized out> > opt = <optimized out> > on = 1 > already_daemon = <optimized out> > remote_port = 55707 > sock_in = 4 > sock_out = 4 > newsock = -1 > remote_ip = 0x55dccd6feea0 "185.217.0.127" > rdomain = <optimized out> > fp = <optimized out> > line = <optimized out> > laddr = <optimized out> > logfile = <optimized out> > config_s = {-1, -1} > i = <optimized out> > j = <optimized out> > ibytes = <optimized out> > obytes = <optimized out> > new_umask = <optimized out> > key = 0x55dccd704dc0 > pubkey = 0x55dccd704e70 > keytype = <optimized out> > authctxt = 0x55dccd70b3f0 > connection_info = <optimized out> > __func__ = "main" >From To Syms Read Shared Object Library >0x00007f1351feabd0 0x00007f1351ff1b54 Yes /lib64/libaudit.so.1 >0x00007f1351fd2a90 0x00007f1351fdab5c Yes /lib64/libpam.so.0 >0x00007f1351f084d0 0x00007f1351f89710 Yes /lib64/libsystemd.so.0 >0x00007f1351aaf000 0x00007f1351d03e22 Yes /lib64/libcrypto.so.3 >0x00007f1351ed2650 0x00007f1351edfbab Yes /lib64/libz.so.1 >0x00007f1351e91050 0x00007f1351ea4984 Yes /lib64/libcrypt.so.2 >0x00007f1351e66050 0x00007f1351e7f23c Yes /lib64/libselinux.so.1 >0x00007f13519b5d50 0x00007f13519ed150 Yes /lib64/libgssapi_krb5.so.2 >0x00007f13518ef090 0x00007f135195409e Yes /lib64/libkrb5.so.3 >0x00007f1351e59490 0x00007f1351e5a039 Yes /lib64/libcom_err.so.2 >0x00007f135170d700 0x00007f135186119d Yes /lib64/libc.so.6 >0x00007f1351e49610 0x00007f1351e4c070 Yes /lib64/libcap-ng.so.0 >0x00007f1351e39650 0x00007f1351e3db51 Yes /lib64/libeconf.so.0 >0x00007f13516173d0 0x00007f135168a738 Yes /lib64/libm.so.6 >0x00007f13515f9770 0x00007f13515fc99a Yes /lib64/libcap.so.2 >0x00007f13515c3af0 0x00007f13515e3f59 Yes /lib64/liblzma.so.5 >0x00007f135150ce80 0x00007f13515a9bb2 Yes /lib64/libzstd.so.1 >0x00007f13514e2550 0x00007f13514fc7c7 Yes /lib64/liblz4.so.1 >0x00007f13514c2670 0x00007f13514d8c05 Yes /lib64/libgcc_s.so.1 >0x00007f13520300a0 0x00007f13520560e5 Yes /lib64/ld-linux-x86-64.so.2 >0x00007f13514224b0 0x00007f135148d298 Yes /lib64/libpcre2-8.so.0 >0x00007f1351404f50 0x00007f1351410612 Yes /lib64/libk5crypto.so.3 >0x00007f13513ebf10 0x00007f13513f2b12 Yes /lib64/libkrb5support.so.0 >0x00007f13513e14b0 0x00007f13513e25f9 Yes /lib64/libkeyutils.so.1 >0x00007f13513ca6d0 0x00007f13513d23d9 Yes /lib64/libresolv.so.2 > No /usr/lib64/gssproxy/proxymech.so > No /lib64/libref_array.so.1 > No /lib64/libini_config.so.5 >0x00007f13520213d0 0x00007f135202387c Yes /lib64/libverto.so.1 >0x00007f135134e310 0x00007f135135f00f Yes /lib64/libgssrpc.so.4 > No /lib64/libcollection.so.4 > No /lib64/libpath_utils.so.1 > No /lib64/libbasicobjects.so.0 >$1 = 0x0 >No symbol "__glib_assert_msg" in current context. >rax 0x14 20 >rbx 0x7ffd6b84ab90 140726407310224 >rcx 0x7f1351767ff0 139720947826672 >rdx 0x2 2 >rsi 0x7ffd6b84ab90 140726407310224 >rdi 0x2 2 >rbp 0x7ffd6b84ac90 0x7ffd6b84ac90 >rsp 0x7ffd6b84ab90 0x7ffd6b84ab90 >r8 0x29 41 >r9 0x2 2 >r10 0x14 20 >r11 0x246 582 >r12 0x0 0 >r13 0x0 0 >r14 0x1 1 >r15 0x1 1 >rip 0x7f1351767ff0 0x7f1351767ff0 <__libc_message+512> >eflags 0x246 [ PF ZF IF ] >cs 0x33 51 >ss 0x2b 43 >ds 0x0 0 >es 0x0 0 >fs 0x0 0 >gs 0x0 0 >Dump of assembler code for function __libc_message: > 0x00007f1351767df0 <+0>: endbr64 > 0x00007f1351767df4 <+4>: push %rbp > 0x00007f1351767df5 <+5>: and $0x1,%edi > 0x00007f1351767df8 <+8>: mov %rsp,%rbp > 0x00007f1351767dfb <+11>: push %r15 > 0x00007f1351767dfd <+13>: mov %edi,%r15d > 0x00007f1351767e00 <+16>: push %r14 > 0x00007f1351767e02 <+18>: xor %r14d,%r14d > 0x00007f1351767e05 <+21>: push %r13 > 0x00007f1351767e07 <+23>: push %r12 > 0x00007f1351767e09 <+25>: xor %r12d,%r12d > 0x00007f1351767e0c <+28>: push %rbx > 0x00007f1351767e0d <+29>: mov %rsi,%rbx > 0x00007f1351767e10 <+32>: sub $0x68,%rsp > 0x00007f1351767e14 <+36>: mov %rdx,-0x50(%rbp) > 0x00007f1351767e18 <+40>: mov %rcx,-0x48(%rbp) > 0x00007f1351767e1c <+44>: mov %r8,-0x40(%rbp) > 0x00007f1351767e20 <+48>: mov %r9,-0x38(%rbp) > 0x00007f1351767e24 <+52>: movzbl (%rsi),%r13d > 0x00007f1351767e28 <+56>: mov %fs:0x28,%rax > 0x00007f1351767e31 <+65>: mov %rax,-0x68(%rbp) > 0x00007f1351767e35 <+69>: xor %eax,%eax > 0x00007f1351767e37 <+71>: lea 0x10(%rbp),%rax > 0x00007f1351767e3b <+75>: movl $0x10,-0x80(%rbp) > 0x00007f1351767e42 <+82>: mov %rax,-0x78(%rbp) > 0x00007f1351767e46 <+86>: lea -0x60(%rbp),%rax > 0x00007f1351767e4a <+90>: mov %rax,-0x70(%rbp) > 0x00007f1351767e4e <+94>: test %r13b,%r13b > 0x00007f1351767e51 <+97>: je 0x7f1351768090 <__libc_message+672> > 0x00007f1351767e57 <+103>: nopw 0x0(%rax,%rax,1) > 0x00007f1351767e60 <+112>: mov %r13d,%edx > 0x00007f1351767e63 <+115>: mov %rbx,%rax > 0x00007f1351767e66 <+118>: jmp 0x7f1351767e85 <__libc_message+149> > 0x00007f1351767e68 <+120>: nopl 0x0(%rax,%rax,1) > 0x00007f1351767e70 <+128>: lea 0x1(%rax),%rdi > 0x00007f1351767e74 <+132>: mov $0x25,%esi > 0x00007f1351767e79 <+137>: call 0x7f135170d4d0 <*ABS*+0x9fc40@plt> > 0x00007f1351767e7e <+142>: movzbl (%rax),%edx > 0x00007f1351767e81 <+145>: test %dl,%dl > 0x00007f1351767e83 <+147>: je 0x7f1351767e90 <__libc_message+160> > 0x00007f1351767e85 <+149>: cmp $0x25,%dl > 0x00007f1351767e88 <+152>: jne 0x7f1351767e70 <__libc_message+128> > 0x00007f1351767e8a <+154>: cmpb $0x73,0x1(%rax) > 0x00007f1351767e8e <+158>: jne 0x7f1351767e70 <__libc_message+128> > 0x00007f1351767e90 <+160>: cmp $0x25,%r13b > 0x00007f1351767e94 <+164>: je 0x7f1351767ef8 <__libc_message+264> > 0x00007f1351767e96 <+166>: mov %rax,%r8 > 0x00007f1351767e99 <+169>: mov %rbx,%rcx > 0x00007f1351767e9c <+172>: sub %rbx,%r8 > 0x00007f1351767e9f <+175>: mov %rax,%rbx > 0x00007f1351767ea2 <+178>: mov %rsp,%rax > 0x00007f1351767ea5 <+181>: cmp %rax,%rsp > 0x00007f1351767ea8 <+184>: je 0x7f1351767ebf <__libc_message+207> > 0x00007f1351767eaa <+186>: sub $0x1000,%rsp > 0x00007f1351767eb1 <+193>: orq $0x0,0xff8(%rsp) > 0x00007f1351767eba <+202>: cmp %rax,%rsp > 0x00007f1351767ebd <+205>: jne 0x7f1351767eaa <__libc_message+186> > 0x00007f1351767ebf <+207>: sub $0x20,%rsp > 0x00007f1351767ec3 <+211>: orq $0x0,0x18(%rsp) > 0x00007f1351767ec9 <+217>: lea 0xf(%rsp),%rax > 0x00007f1351767ece <+222>: lea 0x1(%r14),%edx > 0x00007f1351767ed2 <+226>: and $0xfffffffffffffff0,%rax > 0x00007f1351767ed6 <+230>: mov %rcx,(%rax) > 0x00007f1351767ed9 <+233>: mov %r8,0x8(%rax) > 0x00007f1351767edd <+237>: mov %r12,0x10(%rax) > 0x00007f1351767ee1 <+241>: movzbl (%rbx),%r13d > 0x00007f1351767ee5 <+245>: test %r13b,%r13b > 0x00007f1351767ee8 <+248>: je 0x7f1351767f3b <__libc_message+331> > 0x00007f1351767eea <+250>: mov %edx,%r14d > 0x00007f1351767eed <+253>: mov %rax,%r12 > 0x00007f1351767ef0 <+256>: jmp 0x7f1351767e60 <__libc_message+112> > 0x00007f1351767ef5 <+261>: nopl (%rax) > 0x00007f1351767ef8 <+264>: cmpb $0x73,0x1(%rbx) > 0x00007f1351767efc <+268>: jne 0x7f1351767e96 <__libc_message+166> > 0x00007f1351767efe <+270>: mov -0x80(%rbp),%eax > 0x00007f1351767f01 <+273>: cmp $0x2f,%eax > 0x00007f1351767f04 <+276>: ja 0x7f13517680b2 <__libc_message+706> > 0x00007f1351767f0a <+282>: mov %eax,%edx > 0x00007f1351767f0c <+284>: add $0x8,%eax > 0x00007f1351767f0f <+287>: add -0x70(%rbp),%rdx > 0x00007f1351767f13 <+291>: mov %eax,-0x80(%rbp) > 0x00007f1351767f16 <+294>: mov (%rdx),%rcx > 0x00007f1351767f19 <+297>: add $0x2,%rbx > 0x00007f1351767f1d <+301>: mov %rcx,%rdi > 0x00007f1351767f20 <+304>: mov %rcx,-0x88(%rbp) > 0x00007f1351767f27 <+311>: call 0x7f135170d490 <*ABS*+0xa17f0@plt> > 0x00007f1351767f2c <+316>: mov -0x88(%rbp),%rcx > 0x00007f1351767f33 <+323>: mov %rax,%r8 > 0x00007f1351767f36 <+326>: jmp 0x7f1351767ea2 <__libc_message+178> > 0x00007f1351767f3b <+331>: movslq %edx,%r9 > 0x00007f1351767f3e <+334>: mov %rsp,%rsi > 0x00007f1351767f41 <+337>: mov %r9,%rdx > 0x00007f1351767f44 <+340>: shl $0x4,%rdx > 0x00007f1351767f48 <+344>: lea 0x10(%rdx),%rax > 0x00007f1351767f4c <+348>: mov %rax,%rdi > 0x00007f1351767f4f <+351>: and $0xfffffffffffff000,%rdi > 0x00007f1351767f56 <+358>: sub %rdi,%rsi > 0x00007f1351767f59 <+361>: cmp %rsi,%rsp > 0x00007f1351767f5c <+364>: je 0x7f1351767f73 <__libc_message+387> > 0x00007f1351767f5e <+366>: sub $0x1000,%rsp > 0x00007f1351767f65 <+373>: orq $0x0,0xff8(%rsp) > 0x00007f1351767f6e <+382>: cmp %rsi,%rsp > 0x00007f1351767f71 <+385>: jne 0x7f1351767f5e <__libc_message+366> > 0x00007f1351767f73 <+387>: and $0xfff,%eax > 0x00007f1351767f78 <+392>: sub %rax,%rsp > 0x00007f1351767f7b <+395>: test %rax,%rax > 0x00007f1351767f7e <+398>: jne 0x7f13517680c3 <__libc_message+723> > 0x00007f1351767f84 <+404>: lea 0xf(%rsp),%rbx > 0x00007f1351767f89 <+409>: and $0xfffffffffffffff0,%rbx > 0x00007f1351767f8d <+413>: lea -0x10(%rbx,%rdx,1),%rax > 0x00007f1351767f92 <+418>: mov %rcx,(%rax) > 0x00007f1351767f95 <+421>: mov %r8,0x8(%rax) > 0x00007f1351767f99 <+425>: test %r14d,%r14d > 0x00007f1351767f9c <+428>: je 0x7f1351767fd9 <__libc_message+489> > 0x00007f1351767f9e <+430>: lea -0x1(%r14),%ecx > 0x00007f1351767fa2 <+434>: sub $0x20,%rdx > 0x00007f1351767fa6 <+438>: shl $0x4,%rcx > 0x00007f1351767faa <+442>: sub %rcx,%rdx > 0x00007f1351767fad <+445>: lea (%rbx,%rdx,1),%rcx > 0x00007f1351767fb1 <+449>: nopl 0x0(%rax) > 0x00007f1351767fb8 <+456>: mov 0x8(%r12),%rdx > 0x00007f1351767fbd <+461>: mov (%r12),%rsi > 0x00007f1351767fc1 <+465>: sub $0x10,%rax > 0x00007f1351767fc5 <+469>: mov 0x10(%r12),%r12 > 0x00007f1351767fca <+474>: add %rdx,%r8 > 0x00007f1351767fcd <+477>: mov %rsi,(%rax) > 0x00007f1351767fd0 <+480>: mov %rdx,0x8(%rax) > 0x00007f1351767fd4 <+484>: cmp %rcx,%rax > 0x00007f1351767fd7 <+487>: jne 0x7f1351767fb8 <__libc_message+456> > 0x00007f1351767fd9 <+489>: mov $0x14,%r10d > 0x00007f1351767fdf <+495>: nop > 0x00007f1351767fe0 <+496>: mov %r9,%rdx > 0x00007f1351767fe3 <+499>: mov %rbx,%rsi > 0x00007f1351767fe6 <+502>: mov $0x2,%edi > 0x00007f1351767feb <+507>: mov %r10d,%eax > 0x00007f1351767fee <+510>: syscall >=> 0x00007f1351767ff0 <+512>: cmp $0xfffffffffffffffc,%rax > 0x00007f1351767ff4 <+516>: je 0x7f1351767fe0 <__libc_message+496> > 0x00007f1351767ff6 <+518>: test %r15d,%r15d > 0x00007f1351767ff9 <+521>: je 0x7f1351768094 <__libc_message+676> > 0x00007f1351767fff <+527>: xor %r9d,%r9d > 0x00007f1351768002 <+530>: mov $0x22,%ecx > 0x00007f1351768007 <+535>: mov $0x3,%edx > 0x00007f135176800c <+540>: xor %edi,%edi > 0x00007f135176800e <+542>: mov 0x151eb3(%rip),%rax # 0x7f13518b9ec8 > 0x00007f1351768015 <+549>: mov 0x18(%rax),%rax > 0x00007f1351768019 <+553>: add %rax,%r8 > 0x00007f135176801c <+556>: neg %rax > 0x00007f135176801f <+559>: and %rax,%r8 > 0x00007f1351768022 <+562>: mov %r8,%r12 > 0x00007f1351768025 <+565>: mov $0xffffffff,%r8d > 0x00007f135176802b <+571>: mov %r12,%rsi > 0x00007f135176802e <+574>: call 0x7f13517ebab0 <__GI___mmap64> > 0x00007f1351768033 <+579>: mov %rax,%r13 > 0x00007f1351768036 <+582>: cmp $0xffffffffffffffff,%rax > 0x00007f135176803a <+586>: je 0x7f1351768089 <__libc_message+665> > 0x00007f135176803c <+588>: mov %r12d,(%rax) > 0x00007f135176803f <+591>: movslq %r14d,%r12 > 0x00007f1351768042 <+594>: lea 0x4(%rax),%rdi > 0x00007f1351768046 <+598>: add $0x1,%r12 > 0x00007f135176804a <+602>: shl $0x4,%r12 > 0x00007f135176804e <+606>: add %rbx,%r12 > 0x00007f1351768051 <+609>: nopl 0x0(%rax) > 0x00007f1351768058 <+616>: mov 0x8(%rbx),%rdx > 0x00007f135176805c <+620>: mov (%rbx),%rsi > 0x00007f135176805f <+623>: add $0x10,%rbx > 0x00007f1351768063 <+627>: call 0x7f135170d3d0 <*ABS*+0x9ec40@plt> > 0x00007f1351768068 <+632>: mov %rax,%rdi > 0x00007f135176806b <+635>: cmp %r12,%rbx > 0x00007f135176806e <+638>: jne 0x7f1351768058 <__libc_message+616> > 0x00007f1351768070 <+640>: movb $0x0,(%rax) > 0x00007f1351768073 <+643>: mov %r13,%rdi > 0x00007f1351768076 <+646>: xchg %rdi,0x153e03(%rip) # 0x7f13518bbe80 <__abort_msg> > 0x00007f135176807d <+653>: test %rdi,%rdi > 0x00007f1351768080 <+656>: je 0x7f1351768089 <__libc_message+665> > 0x00007f1351768082 <+658>: mov (%rdi),%esi > 0x00007f1351768084 <+660>: call 0x7f13517ebb10 <munmap> > 0x00007f1351768089 <+665>: call 0x7f135170d725 <__GI_abort> > 0x00007f135176808e <+670>: xchg %ax,%ax > 0x00007f1351768090 <+672>: test %edi,%edi > 0x00007f1351768092 <+674>: jne 0x7f1351768089 <__libc_message+665> > 0x00007f1351768094 <+676>: mov -0x68(%rbp),%rax > 0x00007f1351768098 <+680>: sub %fs:0x28,%rax > 0x00007f13517680a1 <+689>: jne 0x7f13517680ce <__libc_message+734> > 0x00007f13517680a3 <+691>: lea -0x28(%rbp),%rsp > 0x00007f13517680a7 <+695>: pop %rbx > 0x00007f13517680a8 <+696>: pop %r12 > 0x00007f13517680aa <+698>: pop %r13 > 0x00007f13517680ac <+700>: pop %r14 > 0x00007f13517680ae <+702>: pop %r15 > 0x00007f13517680b0 <+704>: pop %rbp > 0x00007f13517680b1 <+705>: ret > 0x00007f13517680b2 <+706>: mov -0x78(%rbp),%rdx > 0x00007f13517680b6 <+710>: lea 0x8(%rdx),%rax > 0x00007f13517680ba <+714>: mov %rax,-0x78(%rbp) > 0x00007f13517680be <+718>: jmp 0x7f1351767f16 <__libc_message+294> > 0x00007f13517680c3 <+723>: orq $0x0,-0x8(%rsp,%rax,1) > 0x00007f13517680c9 <+729>: jmp 0x7f1351767f84 <__libc_message+404> > 0x00007f13517680ce <+734>: call 0x7f1351802a20 <__stack_chk_fail> >End of assembler dump.
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=1946597">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 2173437
: 1946597 |
1946598
|
1946599
|
1946600
|
1946601
|
1946602
|
1946603
|
1946604
|
1946605