Re: [gentoo-hardened] cpufreqd-1.1.1 segmentation fault with hardened - gentoo-hardened

From:	Barry Dunn <lists@×××××××××××.uk>
To:	gentoo-hardened@l.g.o
Subject:	Re: [gentoo-hardened] cpufreqd-1.1.1 segmentation fault with hardened
Date:	Tue, 20 Jul 2004 17:19:24
Message-Id:	`20040720181027.232f921b@gen.aqui`
In Reply to:	Re: [gentoo-hardened] cpufreqd-1.1.1 segmentation fault with hardened by pageexec@freemail.hu

1

On Tue, 20 Jul 2004 11:07:18 +0200

2

pageexec@××××××××.hu wrote:

3

4

> you're running a PaX kernel, that's not what we're debugging ;-).

5

> short of rebooting to a normal kernel you can try

6

> 'paxctl -smpr /usr/sbin/cpufreqd' and then do the gdb session

7

> again.

8

>

9

> > So it will help to recompile glibc with nostrip etc.? Thanks again,

10

>

11

> well, your previous attempt was cut short by PaX, but i still

12

> think you'll need the debug info in glibc.

13

>

14

15

Crap, I'd booted back to a grsec/pax kernel in the meantime to mess on

16

with gradm... one thing at a time.

17

18

Ok, I've reemerged glibc with debugging and tried again, cheers (maybe a

19

new doc is called for, Debugging for the Clueless ;)

20

21

(gdb) run cpufreqd

22

Starting program: /usr/sbin/cpufreqd cpufreqd

23

24

Program received signal SIGSEGV, Segmentation fault.

25

0x40016e0e in ?? ()

26

(gdb) bt

27

#0  0x40016e0e in ?? ()

28

#1  0x40020108 in ?? ()

29

#2  0x40014580 in ?? ()

30

#3  0x40014820 in ?? ()

31

#4  0xbffff818 in ?? ()

32

#5  0x4001f16b in ?? ()

33

#6  0x40014598 in ?? ()

34

#7  0x80007338 in ?? ()

35

#8  0x8000389c in ?? ()

36

#9  0xb03d3201 in ?? ()

37

#10 0x80001cde in ?? ()

38

(gdb) info registers

39

eax            0x8000389c       -2147469156

40

ecx            0x0      0

41

edx            0x8000389c       -2147469156

42

ebx            0x400180f4       1073840372

43

esp            0xbffff7e0       0xbffff7e0

44

ebp            0xbffff818       0xbffff818

45

esi            0x800072ac       -2147454292

46

edi            0x40014820       1073825824

47

eip            0x40016e0e       0x40016e0e

48

eflags         0x10212  66066

49

cs             0x73     115

50

ss             0x7b     123

51

ds             0x7b     123

52

es             0x7b     123

53

fs             0x0      0

54

gs             0x0      0

55

(gdb) x/8i $pc

56

0x40016e0e:     mov    %eax,(%edx)

57

0x40016e10:     mov    0x54(%ebx),%edx

58

0x40016e16:     mov    0xffffffe0(%ebp),%eax

59

0x40016e19:     mov    %eax,(%edx)

60

0x40016e1b:     mov    0x64(%ebx),%edx

61

0x40016e21:     lea    0xfffffb8c(%ebx),%eax

62

0x40016e27:     mov    %eax,0x4(%esp,1)

63

0x40016e2b:     movl   $0x6,(%esp,1)

64

(gdb) x/16x $sp

65

0xbffff7e0:     0x40020108      0x40014580      0x40014820     

66

0xbffff818 0xbffff7f0:     0x4001f16b      0x40014598      0x80007338   

67

  0x8000389c 0xbffff800:     0xb03d3201      0x80001cde      0x00000000 

68

    0x8000716c 0xbffff810:     0x800072ac      0x8000716c     

69

0xbffffa78      0x80001d44

70

71

--

72

gentoo-hardened@g.o mailing list

Gentoo Archives: gentoo-hardened

Replies

1	On Tue, 20 Jul 2004 11:07:18 +0200
2	pageexec@××××××××.hu wrote:
3
4	> you're running a PaX kernel, that's not what we're debugging ;-).
5	> short of rebooting to a normal kernel you can try
6	> 'paxctl -smpr /usr/sbin/cpufreqd' and then do the gdb session
7	> again.
8	>
9	> > So it will help to recompile glibc with nostrip etc.? Thanks again,
10	>
11	> well, your previous attempt was cut short by PaX, but i still
12	> think you'll need the debug info in glibc.
13	>
14
15	Crap, I'd booted back to a grsec/pax kernel in the meantime to mess on
16	with gradm... one thing at a time.
17
18	Ok, I've reemerged glibc with debugging and tried again, cheers (maybe a
19	new doc is called for, Debugging for the Clueless ;)
20
21	(gdb) run cpufreqd
22	Starting program: /usr/sbin/cpufreqd cpufreqd
23
24	Program received signal SIGSEGV, Segmentation fault.
25	0x40016e0e in ?? ()
26	(gdb) bt
27	#0 0x40016e0e in ?? ()
28	#1 0x40020108 in ?? ()
29	#2 0x40014580 in ?? ()
30	#3 0x40014820 in ?? ()
31	#4 0xbffff818 in ?? ()
32	#5 0x4001f16b in ?? ()
33	#6 0x40014598 in ?? ()
34	#7 0x80007338 in ?? ()
35	#8 0x8000389c in ?? ()
36	#9 0xb03d3201 in ?? ()
37	#10 0x80001cde in ?? ()
38	(gdb) info registers
39	eax 0x8000389c -2147469156
40	ecx 0x0 0
41	edx 0x8000389c -2147469156
42	ebx 0x400180f4 1073840372
43	esp 0xbffff7e0 0xbffff7e0
44	ebp 0xbffff818 0xbffff818
45	esi 0x800072ac -2147454292
46	edi 0x40014820 1073825824
47	eip 0x40016e0e 0x40016e0e
48	eflags 0x10212 66066
49	cs 0x73 115
50	ss 0x7b 123
51	ds 0x7b 123
52	es 0x7b 123
53	fs 0x0 0
54	gs 0x0 0
55	(gdb) x/8i $pc
56	0x40016e0e: mov %eax,(%edx)
57	0x40016e10: mov 0x54(%ebx),%edx
58	0x40016e16: mov 0xffffffe0(%ebp),%eax
59	0x40016e19: mov %eax,(%edx)
60	0x40016e1b: mov 0x64(%ebx),%edx
61	0x40016e21: lea 0xfffffb8c(%ebx),%eax
62	0x40016e27: mov %eax,0x4(%esp,1)
63	0x40016e2b: movl $0x6,(%esp,1)
64	(gdb) x/16x $sp
65	0xbffff7e0: 0x40020108 0x40014580 0x40014820
66	0xbffff818 0xbffff7f0: 0x4001f16b 0x40014598 0x80007338
67	0x8000389c 0xbffff800: 0xb03d3201 0x80001cde 0x00000000
68	0x8000716c 0xbffff810: 0x800072ac 0x8000716c
69	0xbffffa78 0x80001d44
70
71	--
72	gentoo-hardened@g.o mailing list