Re: find segfault

To: debian-68k@lists.debian.org
Subject: Re: find segfault
From: Wouter Verhelst <wouter@debian.org>
Date: Tue, 22 Jan 2008 20:37:36 +0100
Message-id: <[🔎] 20080122193736.GA29853@country.grep.be>
In-reply-to: <[🔎] 20080122184104.GA7241@country.grep.be>
References: <[🔎] 20080117171549.GA6785@marenka.net> <[🔎] 20080122184104.GA7241@country.grep.be>

On Tue, Jan 22, 2008 at 07:41:04PM +0100, Wouter Verhelst wrote:
> On Thu, Jan 17, 2008 at 11:15:49AM -0600, Stephen R Marenka wrote:
> > In current sid executing 'find /usr/bin -type d -o -ls' results in a
> > segfault. This works fine in etch-m68k.
> > 
> > Anyone care to followup?
> 
> Having a look at it now.

Looks like some fine register or stack corruption somewhere.

------------
Core was generated by `find /usr/bin/ -type d -o -ls'.
Program terminated with signal 11, Segmentation fault.
#0  0x80007cba in ?? ()
(gdb) x/i $pc
0x80007cba <fdopendir@plt+23314>:	unlk %fp
(gdb) p $fp
$1 = (void *) 0x82f888
(gdb) p $sp
$2 = (void *) 0xef82f870
(gdb) 
------------

Unh. For some reaason, the leading byte is stripped off the frame
pointer. This is reproducable; in concurrent runs, every time the frame
pointer loses the 0xef in the beginning. Of course dropping a stack
frame is very problematic if your frame pointer is broken.

The entire subroutine looks like this:

------------
(gdb) disass 0x80007c8e 0x80007cbd
Dump of assembler code from 0x80007c8e to 0x80007cbd:
0x80007c8e <fdopendir@plt+23270>:	linkw %fp,#0
0x80007c92 <fdopendir@plt+23274>:	movel 0x8001e58c <stdout>,%sp@-
0x80007c98 <fdopendir@plt+23280>:	movel 0x8001e9bc,%sp@-
0x80007c9e <fdopendir@plt+23286>:	movel 0x8001e9b2,%sp@-
0x80007ca4 <fdopendir@plt+23292>:	movel %fp@(12),%sp@-
0x80007ca8 <fdopendir@plt+23296>:	movel 0x8001e9d8,%sp@-
0x80007cae <fdopendir@plt+23302>:	movel %fp@(8),%sp@-
0x80007cb2 <fdopendir@plt+23306>:	bsrl 0x800093ce <fdopendir@plt+29222>
0x80007cb8 <fdopendir@plt+23312>:	moveq #1,%d0
0x80007cba <fdopendir@plt+23314>:	unlk %fp
0x80007cbc <fdopendir@plt+23316>:	rts
------------

If I set a breakpoint somewhere before that bsrl and inspect the
registers, everything is fine. At 800093ce, a somewhat longish
subroutine starts, with the rts at 800097ea, and many jumps in between;
and somewhere in there, that byte is lost.

Debugging this is going to be fun.

-- 
<Lo-lan-do> Home is where you have to wash the dishes.
  -- #debian-devel, Freenode, 2004-09-22

Reply to:

Follow-Ups:
- Re: find segfault
  - From: Wouter Verhelst <wouter@debian.org>

References:
- find segfault
  - From: Stephen R Marenka <stephen@marenka.net>
- Re: find segfault
  - From: Wouter Verhelst <wouter@debian.org>

Prev by Date: Re: find segfault
Next by Date: Re: find segfault
Previous by thread: Re: find segfault
Next by thread: Re: find segfault
Index(es):
- Date
- Thread