[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Spiped 1.4.x segfaults on i386



I did that and got the following results:

(gdb) p key
$1 = (const uint8_t *) 0xbfa8a85c ""

(gdb) p rkeys
$2 = (__m128i *) 0x8a8b7c8

The complete output is in the attachment.

On Tue, Oct 7, 2014, at 09:41 PM, Colin Percival wrote:
> On 10/07/14 00:08, Denis Krienb�hl wrote:
> > I followed your steps and got the following results after running
> > addr2line:
> > 
> > /opt/spiped/1.4.1/spiped/../libcperciva/crypto/crypto_aes_aesni.c:52
> 
> Hmm, interesting!  Ok, next step:
> 
> 1. Build again with `make CFLAGS="-O0 -g"`.
> 2. Run the utility and watch it crash.
> 3. Run `gdb ./spiped/spiped spiped.core` and at the prompt "p key" and
> "p rkeys".
> 
> If gdb complains that spiped.core doesn't exist you'll need to enable
> core dumps -- I'm not sure if Ubuntu has them turned on by default.
> 
> I *think* I know what the problem is here, but seeing the value of those
> two pointers when the crash occurs should confirm it.
> 
> -- 
> Colin Percival
> Security Officer Emeritus, FreeBSD | The power to serve
> Founder, Tarsnap | www.tarsnap.com | Online backups for the truly
> paranoid
> 
GNU gdb (Ubuntu/Linaro 7.4-2012.04-0ubuntu2.1) 7.4-2012.04
Copyright (C) 2012 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "i686-linux-gnu".
For bug reporting instructions, please see:
<http://bugs.launchpad.net/gdb-linaro/>...
Reading symbols from /opt/spiped/1.4.1/spiped/spiped...done.
[New LWP 23043]
[New LWP 23044]

warning: Can't read pathname for load map: Input/output error.
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/i386-linux-gnu/libthread_db.so.1".
Core was generated by `spiped/spiped -e -s [127.0.0.1]:1234 -t server.example.org:1234 -k /var/spipe'.
Program terminated with signal 11, Segmentation fault.
#0  0x08054cba in crypto_aes_key_expand_128_aesni (key=0xbfa8a85c "", rkeys=0x8a8b7c8)
    at ../libcperciva/crypto/crypto_aes_aesni.c:52
52      rkeys[0] = _mm_loadu_si128((const __m128i *)&key[0]);
(gdb) p key
$1 = (const uint8_t *) 0xbfa8a85c ""
(gdb) p rkeys
$2 = (__m128i *) 0x8a8b7c8