Red Hat Bugzilla – Bug 1012498
Suspect results of exploitability analysis
Last modified: 2016-07-19 06:26:43 EDT
Looking at bug #1012128:
> Likely crash reason: Jump to an invalid address
Yet, in the backtrace, %rip is
> rip 0x7fb56ea6eb85 0x7fb56ea6eb85 <intel_miptree_map+85>
which, according to the disassembly directly below, seems to be a valid instruction address.
I don't know how it happens, need more diagnostic.
I added the following in order to have it:
Author: Denys Vlasenko <email@example.com>
Date: Sun Sep 1 20:09:30 2013 +0200
abrt-gdb-exploitable: print current instruction
I've seen strange BZ created by abrt where "exploitable" element
looked bogus. It claimed that the crash was jumping to bogus address
yet crashing insn was a benign reg-to-reg move.
This patch makes analyzer to record what it thinks current insn is.
Signed-off-by: Denys Vlasenko <firstname.lastname@example.org>
Signed-off-by: Richard Marko <email@example.com>
diff --git a/src/plugins/abrt-gdb-exploitable b/src/plugins/abrt-gdb-exploitable
index 950797b..abc1fa4 100755
@@ -705,6 +705,8 @@ class AbrtExploitable(gdb.Command):
f = open(args, 'w')
f.write(_("Likely crash reason: ") + si.exploitable_desc + "\n")
f.write(_("Exploitable rating (0-9 scale): ") + str(si.exploitable_rating) + "\n")
+ if si.current_instruction:
+ f.write(_("Current instruction: ") + si.current_instruction + "\n")
There are 522 bugs filed so far with "exploitable" element. I checked a few recent ones, all of them are:
Likely crash reason: Jump to an invalid address
Exploitable rating (0-9 scale): 6
This bug appears to have been reported against 'rawhide' during the Fedora 22 development cycle.
Changing version to '22'.
More information and reason for this action is here:
Fedora 22 changed to end-of-life (EOL) status on 2016-07-19. Fedora 22 is
no longer maintained, which means that it will not receive any further
security or bug fix updates. As a result we are closing this bug.
If you can reproduce this bug against a currently maintained version of
Fedora please feel free to reopen this bug against that version. If you
are unable to reopen this bug, please file a new report against the
current release. If you experience problems, please add a comment to this
Thank you for reporting this bug and we are sorry it could not be fixed.