Port-powerpc archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
random crashes
Hello,
I've been getting more random crashes. Not a whole lot but they all
look like this ( this is sshd crashing on startup ):
(gdb) bt
#0 0xfdadde2c in ?? () from /usr/lib/libcrypto.so.11
#1 0xfdadde14 in BN_sub () from /usr/lib/libcrypto.so.11
#2 0xfdad2a48 in BN_mod_sub_quick () from /usr/lib/libcrypto.so.11
#3 0xfdac2ae8 in ec_GFp_simple_dbl () from /usr/lib/libcrypto.so.11
#4 0xfdad6ef0 in EC_POINT_dbl () from /usr/lib/libcrypto.so.11
#5 0xfda892fc in ec_wNAF_mul () from /usr/lib/libcrypto.so.11
#6 0xfdad7728 in EC_POINTs_mul () from /usr/lib/libcrypto.so.11
#7 0xfdad7784 in EC_POINT_mul () from /usr/lib/libcrypto.so.11
#8 0xfdc17a2c in sshkey_ec_validate_public ()
from /usr/lib/libssh.so.27 #9 0xfdc17f54 in ?? ()
from /usr/lib/libssh.so.27 #10 0xfdc18380 in sshkey_from_blob ()
from /usr/lib/libssh.so.27 #11 0xfdc18500 in sshkey_read ()
from /usr/lib/libssh.so.27 #12 0xfdc113fc in ?? ()
from /usr/lib/libssh.so.27 #13 0xfdc11de8 in sshkey_load_public ()
from /usr/lib/libssh.so.27 #14 0xfdbe889c in key_load_public ()
from /usr/lib/libssh.so.27 #15 0x01835774 in main ()
0xfdadde2c is not part of a function, in fact it's right behind
BN_sub().
Disassembling BN_sub:
0xfdadddf8 <+364>: cntlzw r3,r3
0xfdadddfc <+368>: rlwinm r27,r3,27,5,31
0xfdadde00 <+372>: b 0xfdaddd78 <BN_sub+236>
0xfdadde04 <+376>: mr r5,r31
0xfdadde08 <+380>: mr r4,r29
0xfdadde0c <+384>: mr r3,r28
0xfdadde10 <+388>: bl 0xfdafbff0 <00008000.got2.plt_pic32.BN_usub>
=> 0xfdadde14 <+392>: cmpwi cr7,r3,0
0xfdadde18 <+396>: beq cr7,0xfdaddcfc <BN_sub+112>
0xfdadde1c <+400>: li r9,1
0xfdadde20 <+404>: li r3,1
0xfdadde24 <+408>: stw r9,12(r28)
0xfdadde28 <+412>: b 0xfdaddd00 <BN_sub+116>
... so I guess we jumped through 00008000.got2.plt_pic32.BN_usub, which looks like this:
(gdb) disassemble 0xfdafbff0
Dump of assembler code for function 00008000.got2.plt_pic32.BN_usub:
0xfdafbff0 <+0>: lwz r11,-27100(r30)
0xfdafbff4 <+4>: mtctr r11
0xfdafbff8 <+8>: bctr
0xfdafbffc <+12>: nop
0xfdafc000 <+16>: lwz r11,-27008(r30)
0xfdafc004 <+20>: mtctr r11
0xfdafc008 <+24>: bctr
0xfdafc00c <+28>: nop
0xfdafc010 <+32>: lwz r11,-27004(r30)
0xfdafc014 <+36>: mtctr r11
0xfdafc018 <+40>: bctr
0xfdafc01c <+44>: nop
r30 at this point is supposed to be 0xfdbc5854, how on earth we end up
at 0xfdadde2c I have no idea.
(gdb) info registers
r0 0xfdadde14 4256030228
r1 0xffff9160 4294938976
r2 0xfdfc1608 4261156360
r3 0x1 1
r4 0xfd435390 4249047952
r5 0xfd435420 4249048096
r6 0xfd435420 4249048096
r7 0x13a 314
r8 0x0 0
r9 0x1 1
r10 0xfd435420 4249048096
r11 0xfd4353e0 4249048032
r12 0x42888428 1116242984
r13 0x185eae8 25553640
r14 0xfd41b090 4248940688
r15 0x8 8
r16 0x1 1
r17 0xfd4277a8 4248991656
r18 0xfd42a1cc 4249002444
r19 0xfd42a1b8 4249002424
r20 0xfdac0cfc 4255911164
r21 0xfd442158 4249100632
r22 0xfd42a1a4 4249002404
r23 0xfd427b50 4248992592
r24 0xfdac0e98 4255911576
r25 0xfd42a190 4249002384
r26 0x0 0
r27 0x0 0
r28 0xfd427b54 4248992596
r29 0xfd42a190 4249002384
r30 0xfdbc5854 4256979028
r31 0xfd427b54 4248992596
pc 0xfdadde2c 0xfdadde2c
msr <unavailable>
cr 0x42888424 1116242980
lr 0xfdadde14 0xfdadde14 <BN_sub+392>
ctr 0x11 17
xer 0x20000000 536870912
have fun
Michael
Home |
Main Index |
Thread Index |
Old Index