Bug#38978: (libc6) signal 4, illegal instruction (on i386SX)
Package: libc6
Version: 2.1.1-10
Severity: Important
(I assume potato is supposed to work on a 386SX; if not, close this bug and let me know.)
Various programs, e.g. ping, route, ifconfig, pmap_dump, fail consistently with signal 4 (illegal instruction) during and after upgrade from slink (Debian 2.1) to potato.
Here's the log from a quick look at three of their core files; the first two (route and ping)
failed on a 'bswap %edx' at 0x400d58b8 in inet_aton(); the third one (pmap_dump) failed on
a 'bswap %eax' at 0x4010017d in xdrmem_putlong() -- there are possibly others, these are the
only ones I've made core files for .... let me know if you want to see more.
GNU gdb 4.18
Copyright 1998 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i686-pc-linux-gnu"...
(no debugging symbols found)...
Core was generated by `/sbin/route'.
Program terminated with signal 4, Illegal instruction.
Reading symbols from /lib/libc.so.6...(no debugging symbols found)...done.
Reading symbols from /lib/ld-linux.so.2...(no debugging symbols found)...done.
Reading symbols from /lib/libnss_files.so.2...(no debugging symbols found)...
done.
#0 0x400d58b8 in inet_aton () from /lib/libc.so.6
(gdb) disassemble
Dump of assembler code for function inet_aton:
0x400d5790 <inet_aton>: push %ebp
0x400d5791 <inet_aton+1>: mov %esp,%ebp
0x400d5793 <inet_aton+3>: sub $0x20,%esp
0x400d5796 <inet_aton+6>: push %edi
0x400d5797 <inet_aton+7>: push %esi
0x400d5798 <inet_aton+8>: push %ebx
0x400d5799 <inet_aton+9>: call 0x400d579e <inet_aton+14>
0x400d579e <inet_aton+14>: pop %ebx
0x400d579f <inet_aton+15>: add $0x2ffae,%ebx
0x400d57a5 <inet_aton+21>: lea 0xfffffff0(%ebp),%edi
0x400d57a8 <inet_aton+24>: mov %edi,0xffffffe4(%ebp)
0x400d57ab <inet_aton+27>: call 0x4002eab4 <_dl_pagesize+108136>
0x400d57b0 <inet_aton+32>: mov (%eax),%ecx
0x400d57b2 <inet_aton+34>: mov %ecx,0xffffffec(%ebp)
0x400d57b5 <inet_aton+37>: movl $0x0,(%eax)
0x400d57bb <inet_aton+43>: movl $0x0,0xfffffff0(%ebp)
0x400d57c2 <inet_aton+50>: movl $0x0,0xfffffff4(%ebp)
0x400d57c9 <inet_aton+57>: movl $0x0,0xfffffff8(%ebp)
0x400d57d0 <inet_aton+64>: movl $0x0,0xfffffffc(%ebp)
0x400d57d7 <inet_aton+71>: mov 0x8(%ebp),%esi
0x400d57da <inet_aton+74>: lea 0x8(%ebp),%ecx
0x400d57dd <inet_aton+77>: mov (%esi),%al
0x400d57df <inet_aton+79>: mov %ecx,0xffffffe8(%ebp)
0x400d57e2 <inet_aton+82>: mov 0x764(%ebx),%edx
0x400d57e8 <inet_aton+88>: movsbl %al,%eax
0x400d57eb <inet_aton+91>: mov (%edx),%edx
0x400d57ed <inet_aton+93>: testb $0x8,0x1(%edx,%eax,2)
0x400d57f2 <inet_aton+98>: je 0x400d58d0 <inet_aton+320>
0x400d57f8 <inet_aton+104>: push $0x0
0x400d57fa <inet_aton+106>: push $0x0
0x400d57fc <inet_aton+108>: mov 0xffffffe8(%ebp),%ecx
0x400d57ff <inet_aton+111>: push %ecx
0x400d5800 <inet_aton+112>: push %esi
0x400d5801 <inet_aton+113>: call 0x4002dab4 <_dl_pagesize+104040>
0x400d5806 <inet_aton+118>: mov %eax,%esi
0x400d5808 <inet_aton+120>: add $0x10,%esp
0x400d580b <inet_aton+123>: cmp $0xffffffff,%esi
0x400d580e <inet_aton+126>: jne 0x400d581e <inet_aton+142>
0x400d5810 <inet_aton+128>: call 0x4002eab4 <_dl_pagesize+108136>
0x400d5815 <inet_aton+133>: cmpl $0x22,(%eax)
0x400d5818 <inet_aton+136>: je 0x400d58d0 <inet_aton+320>
0x400d581e <inet_aton+142>: mov %esi,%edx
0x400d5820 <inet_aton+144>: mov 0x8(%ebp),%ecx
0x400d5823 <inet_aton+147>: mov %ecx,0xffffffe0(%ebp)
0x400d5826 <inet_aton+150>: mov (%ecx),%al
0x400d5828 <inet_aton+152>: cmp $0x2e,%al
0x400d582a <inet_aton+154>: jne 0x400d5850 <inet_aton+192>
0x400d582c <inet_aton+156>: lea 0xfffffffc(%ebp),%eax
0x400d582f <inet_aton+159>: cmp %eax,%edi
0x400d5831 <inet_aton+161>: jae 0x400d58d0 <inet_aton+320>
0x400d5837 <inet_aton+167>: mov %edx,(%edi)
0x400d5839 <inet_aton+169>: inc %ecx
0x400d583a <inet_aton+170>: mov %ecx,0x8(%ebp)
0x400d583d <inet_aton+173>: mov %ecx,%esi
0x400d583f <inet_aton+175>: mov 0xffffffe0(%ebp),%ecx
0x400d5842 <inet_aton+178>: add $0x4,%edi
0x400d5845 <inet_aton+181>: mov 0x1(%ecx),%al
0x400d5848 <inet_aton+184>: jmp 0x400d57e2 <inet_aton+82>
0x400d584a <inet_aton+186>: lea 0x0(%esi),%esi
0x400d5850 <inet_aton+192>: test %al,%al
0x400d5852 <inet_aton+194>: je 0x400d5868 <inet_aton+216>
0x400d5854 <inet_aton+196>: jl 0x400d58d0 <inet_aton+320>
0x400d5856 <inet_aton+198>: mov 0x764(%ebx),%edx
0x400d585c <inet_aton+204>: movsbl %al,%eax
0x400d585f <inet_aton+207>: mov (%edx),%edx
0x400d5861 <inet_aton+209>: testb $0x20,0x1(%edx,%eax,2)
0x400d5866 <inet_aton+214>: je 0x400d58d0 <inet_aton+320>
0x400d5868 <inet_aton+216>: mov %edi,%edx
0x400d586a <inet_aton+218>: sub 0xffffffe4(%ebp),%edx
0x400d586d <inet_aton+221>: sar $0x2,%edx
0x400d5870 <inet_aton+224>: cmp $0xffffffff,%edx
0x400d5873 <inet_aton+227>: je 0x400d58d0 <inet_aton+320>
0x400d5875 <inet_aton+229>: mov 0xfffffff0(%ebp),%edi
0x400d5878 <inet_aton+232>: cmp $0xff,%edi
0x400d587e <inet_aton+238>: ja 0x400d58d0 <inet_aton+320>
0x400d5880 <inet_aton+240>: mov 0xfffffff4(%ebp),%ecx
0x400d5883 <inet_aton+243>: mov %ecx,0xffffffe0(%ebp)
0x400d5886 <inet_aton+246>: cmp $0xff,%ecx
0x400d588c <inet_aton+252>: ja 0x400d58d0 <inet_aton+320>
0x400d588e <inet_aton+254>: mov 0xfffffff8(%ebp),%eax
0x400d5891 <inet_aton+257>: cmp $0xff,%eax
0x400d5896 <inet_aton+262>: ja 0x400d58d0 <inet_aton+320>
0x400d5898 <inet_aton+264>: cmp 0xffff94a0(%ebx,%edx,4),%esi
0x400d589f <inet_aton+271>: ja 0x400d58d0 <inet_aton+320>
0x400d58a1 <inet_aton+273>: mov %edi,%edx
0x400d58a3 <inet_aton+275>: shl $0x18,%edx
0x400d58a6 <inet_aton+278>: shl $0x10,%ecx
0x400d58a9 <inet_aton+281>: or %ecx,%edx
0x400d58ab <inet_aton+283>: shl $0x8,%eax
0x400d58ae <inet_aton+286>: or %eax,%edx
0x400d58b0 <inet_aton+288>: or %esi,%edx
0x400d58b2 <inet_aton+290>: cmpl $0x0,0xc(%ebp)
0x400d58b6 <inet_aton+294>: je 0x400d58bf <inet_aton+303>
0x400d58b8 <inet_aton+296>: bswap %edx
0x400d58ba <inet_aton+298>: mov 0xc(%ebp),%ecx
0x400d58bd <inet_aton+301>: mov %edx,(%ecx)
0x400d58bf <inet_aton+303>: call 0x4002eab4 <_dl_pagesize+108136>
0x400d58c4 <inet_aton+308>: mov 0xffffffec(%ebp),%ecx
0x400d58c7 <inet_aton+311>: mov %ecx,(%eax)
0x400d58c9 <inet_aton+313>: mov $0x1,%eax
0x400d58ce <inet_aton+318>: jmp 0x400d58dc <inet_aton+332>
0x400d58d0 <inet_aton+320>: call 0x4002eab4 <_dl_pagesize+108136>
0x400d58d5 <inet_aton+325>: mov 0xffffffec(%ebp),%ecx
0x400d58d8 <inet_aton+328>: mov %ecx,(%eax)
0x400d58da <inet_aton+330>: xor %eax,%eax
0x400d58dc <inet_aton+332>: lea 0xffffffd4(%ebp),%esp
0x400d58df <inet_aton+335>: pop %ebx
0x400d58e0 <inet_aton+336>: pop %esi
0x400d58e1 <inet_aton+337>: pop %edi
0x400d58e2 <inet_aton+338>: mov %ebp,%esp
0x400d58e4 <inet_aton+340>: pop %ebp
0x400d58e5 <inet_aton+341>: ret
0x400d58e6 <inet_aton+342>: nop
0x400d58e7 <inet_aton+343>: nop
0x400d58e8 <inet_aton+344>: nop
0x400d58e9 <inet_aton+345>: nop
0x400d58ea <inet_aton+346>: nop
0x400d58eb <inet_aton+347>: nop
0x400d58ec <inet_aton+348>: nop
0x400d58ed <inet_aton+349>: nop
0x400d58ee <inet_aton+350>: nop
0x400d58ef <inet_aton+351>: nop
End of assembler dump.
(gdb) quit
GNU gdb 4.18
...
(no debugging symbols found)...
Core was generated by `ping 204.245.154.1'.
Program terminated with signal 4, Illegal instruction.
Reading symbols from /lib/libc.so.6...GNU gdb 4.18
Copyright 1998 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i686-pc-linux-gnu"...
(no debugging symbols found)...
Core was generated by `ping 204.245.154.1'.
Program terminated with signal 4, Illegal instruction.
Reading symbols from /lib/libc.so.6...(no debugging symbols found)...done.
Reading symbols from /lib/ld-linux.so.2...(no debugging symbols found)...done.
Reading symbols from /lib/libnss_db.so.2...(no debugging symbols found)...done.
Reading symbols from /lib/libdb.so.3...(no debugging symbols found)...done.
Reading symbols from /lib/libnss_files.so.2...(no debugging symbols found)...
done.
#0 0x400d58b8 in inet_aton () from /lib/libc.so.6
(gdb) quit
GNU gdb 4.18
...
(no debugging symbols found)...
Core was generated by `pmap_dump'.
Program terminated with signal 4, Illegal instruction.
Reading symbols from /lib/libnsl.so.1...(no debugging symbols found)...done.
Reading symbols from /lib/libc.so.6...(no debugging symbols found)...done.
Reading symbols from /lib/ld-linux.so.2...(no debugging symbols found)...done.
#0 0x4010017d in xdrmem_putlong () from /lib/libc.so.6
(gdb) disassemble
Dump of assembler code for function xdrmem_putlong:
0x40100160 <xdrmem_putlong>: push %ebp
0x40100161 <xdrmem_putlong+1>: mov %esp,%ebp
0x40100163 <xdrmem_putlong+3>: mov 0x8(%ebp),%ecx
0x40100166 <xdrmem_putlong+6>: mov 0x14(%ecx),%eax
0x40100169 <xdrmem_putlong+9>: add $0xfffffffc,%eax
0x4010016c <xdrmem_putlong+12>: mov %eax,0x14(%ecx)
0x4010016f <xdrmem_putlong+15>: jns 0x40100175 <xdrmem_putlong+21>
0x40100171 <xdrmem_putlong+17>: xor %eax,%eax
0x40100173 <xdrmem_putlong+19>: jmp 0x4010018a <xdrmem_putlong+42>
0x40100175 <xdrmem_putlong+21>: mov 0xc(%ebp),%eax
0x40100178 <xdrmem_putlong+24>: mov 0xc(%ecx),%edx
0x4010017b <xdrmem_putlong+27>: mov (%eax),%eax
0x4010017d <xdrmem_putlong+29>: bswap %eax
0x4010017f <xdrmem_putlong+31>: mov %eax,(%edx)
0x40100181 <xdrmem_putlong+33>: addl $0x4,0xc(%ecx)
0x40100185 <xdrmem_putlong+37>: mov $0x1,%eax
0x4010018a <xdrmem_putlong+42>: mov %ebp,%esp
0x4010018c <xdrmem_putlong+44>: pop %ebp
0x4010018d <xdrmem_putlong+45>: ret
0x4010018e <xdrmem_putlong+46>: mov %esi,%esi
End of assembler dump.
(gdb) quit
Reply to: