Re: [gentoo-hardened] Re: cpufreqd-1.1.1 segmentation fault with hardened - gentoo-hardened

From:	Barry Dunn <lists@×××××××××××.uk>
To:	gentoo-hardened@l.g.o
Subject:	Re: [gentoo-hardened] Re: cpufreqd-1.1.1 segmentation fault with hardened
Date:	Wed, 21 Jul 2004 20:24:22
Message-Id:	`20040721211517.0570f700@gen.aqui`
In Reply to:	[gentoo-hardened] Re: cpufreqd-1.1.1 segmentation fault with hardened by Mattia Dongili

1

On Wed, 21 Jul 2004 14:54:51 +0000 (UTC)

2

Mattia Dongili <dongili@××××××××.it> wrote:

3

4

>  <pageexec@...> writes:

5

>

6

> >

7

> > > > Thanks for your help everyone, should I still submit a bug

8

> > > > report?

9

> [...]

10

> >

11

> > well, i don't actually know if the problem is with cpufreqd or the

12

> > toolchain (PIE enforcement), better not rush with that bugreport

13

> > upstream (unless they're interested in debugging it nevertheless .

14

>

15

> here I am :) I had a nice irc chat on #gentoo-hardened today.

16

> I'm in touch with one of the irc people, it seems he can help

17

> in debugging, otherwise I'll need some time to setup a

18

> gentoo-hardened box (and read some docs).

19

>

20

> If somebody could file a detailed bug report I'll have a

21

> starting point.

22

> Also: I'm subscribed to the list now.

23

>

24

> thanks

25

> --

26

> mattia

27

>

28

>

29

>

30

> --

31

> gentoo-hardened@g.o mailing list

32

>

33

34

Hi Mattia,

35

36

I posted the original query on this, appreciate your input! Afraid I'm

37

not the most useful person to help you on debugging but I'll provide

38

what information I can, if there's anything you want tried I'll be glad

39

to help.

40

41

I was holding back on posting a bug report in case anyone better

42

identified the source of the problem, though wouldn't be sure what to

43

usefully include anyway beyond what's been covered here. I've reposted

44

the strace and gdb output below (though you've probably got them from

45

the archives), since last posting I've tried cpufreqd-1.1.2 (from

46

portage) and it still segfaults on startup with PIE enabled. If there's

47

specific info you need let me know and I'll add it to a bug report.

48

49

Many thanks,

50

51

Barry

52

53

54

execve("/usr/sbin/cpufreqd", ["/usr/sbin/cpufreqd"], [/* 31 vars */]) =

55

0 uname({sys="Linux", node="tin", ...})   = 0

56

brk(0)                                  = 0x800075e0

57

open("/etc/ld.so.preload", O_RDONLY)    = -1 ENOENT (No such file or

58

directory) open("/etc/ld.so.cache", O_RDONLY)      = 3

59

fstat64(3, {st_mode=S_IFREG|0644, st_size=31190, ...}) = 0

60

mmap2(NULL, 31190, PROT_READ, MAP_PRIVATE, 3, 0) = 0x40014000

61

close(3)                                = 0

62

open("/lib/libdl.so.2", O_RDONLY)       = 3

63

read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\\\33\0"...,

64

512) = 512 fstat64(3, {st_mode=S_IFREG|0755, st_size=10452, ...}) = 0

65

mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,

66

0) = 0x4001c000 mmap2(NULL, 12072, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3,

67

0) = 0x4001d000 mmap2(0x4001f000, 4096, PROT_READ|PROT_WRITE,

68

MAP_PRIVATE|MAP_FIXED, 3, 0x1) = 0x4001f000 close(3)                    

69

           = 0 open("/lib/libc.so.6", O_RDONLY)        = 3

70

read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0001Y\1\000"...,

71

512) = 512 fstat64(3, {st_mode=S_IFREG|0755, st_size=1182840, ...}) = 0

72

mmap2(NULL, 1103620, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) =

73

0x40020000 mmap2(0x40128000, 12288, PROT_READ|PROT_WRITE,

74

MAP_PRIVATE|MAP_FIXED, 3, 0x107) = 0x40128000 mmap2(0x4012b000, 9988,

75

PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) =

76

0x4012b000 close(3)                                = 0

77

munmap(0x40014000, 31190)               = 0

78

open("/dev/urandom", O_RDONLY)          = 3

79

read(3, "\17;\256\334", 4)              = 4

80

close(3)                                = 0

81

brk(0)                                  = 0x800075e0

82

brk(0x800285e0)                         = 0x800285e0

83

brk(0)                                  = 0x800285e0

84

brk(0x80029000)                         = 0x80029000

85

stat64("/proc/cpufreq", 0xbffff92c)     = -1 ENOENT (No such file or

86

directory) stat64("/sys/devices/system/cpu/cpu0/cpufreq",

87

{st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 open("/etc/cpufreqd.conf",

88

O_RDONLY)    = 3 fstat64(3, {st_mode=S_IFREG|0644, st_size=1687, ...}) =

89

0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,

90

0) = 0x40014000 read(3, "# cpufreqd.conf\n\n[General]\npidfi"..., 4096)

91

= 1687 time([1090190008])                      = 1090190008

92

open("/etc/localtime", O_RDONLY)        = 4

93

fstat64(4, {st_mode=S_IFREG|0644, st_size=1323, ...}) = 0

94

mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,

95

0) = 0x40015000 read(4,

96

"TZif\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\7\0\0\0\7\0"..., 4096) =

97

1323 close(4)                                = 0

98

munmap(0x40015000, 4096)                = 0

99

rt_sigaction(SIGPIPE, {0x400ceef2, [], 0}, {SIG_DFL}, 8) = 0

100

socket(PF_UNIX, SOCK_DGRAM, 0)          = 4

101

fcntl64(4, F_SETFD, FD_CLOEXEC)         = 0

102

connect(4, {sa_family=AF_UNIX, path="/dev/log"}, 16) = -1 EPROTOTYPE

103

(Protocol wrong type for socket) close(4)                               

104

= 0 socket(PF_UNIX, SOCK_STREAM, 0)         = 4

105

fcntl64(4, F_SETFD, FD_CLOEXEC)         = 0

106

connect(4, {sa_family=AF_UNIX, path="/dev/log"}, 16) = 0

107

send(4, "<28>Jul 18 23:33:28 cpufreqd: pa"..., 80, 0) = 80

108

rt_sigaction(SIGPIPE, {SIG_DFL}, NULL, 8) = 0

109

read(3, "", 4096)                       = 0

110

close(3)                                = 0

111

munmap(0x40014000, 4096)                = 0

112

time([1090190008])                      = 1090190008

113

rt_sigaction(SIGPIPE, {0x400ceef2, [], 0}, {SIG_DFL}, 8) = 0

114

send(4, "<29>Jul 18 23:33:28 cpufreqd: pa"..., 91, 0) = 91

115

rt_sigaction(SIGPIPE, {SIG_DFL}, NULL, 8) = 0

116

time([1090190008])                      = 1090190008

117

rt_sigaction(SIGPIPE, {0x400ceef2, [], 0}, {SIG_DFL}, 8) = 0

118

send(4, "<29>Jul 18 23:33:28 cpufreqd: pa"..., 87, 0) = 87

119

rt_sigaction(SIGPIPE, {SIG_DFL}, NULL, 8) = 0

120

time([1090190008])                      = 1090190008

121

rt_sigaction(SIGPIPE, {0x400ceef2, [], 0}, {SIG_DFL}, 8) = 0

122

send(4, "<29>Jul 18 23:33:28 cpufreqd: pa"..., 84, 0) = 84

123

rt_sigaction(SIGPIPE, {SIG_DFL}, NULL, 8) = 0

124

time([1090190008])                      = 1090190008

125

rt_sigaction(SIGPIPE, {0x400ceef2, [], 0}, {SIG_DFL}, 8) = 0

126

send(4, "<29>Jul 18 23:33:28 cpufreqd: pa"..., 89, 0) = 89

127

rt_sigaction(SIGPIPE, {SIG_DFL}, NULL, 8) = 0

128

time([1090190008])                      = 1090190008

129

rt_sigaction(SIGPIPE, {0x400ceef2, [], 0}, {SIG_DFL}, 8) = 0

130

send(4, "<29>Jul 18 23:33:28 cpufreqd: pa"..., 89, 0) = 89

131

rt_sigaction(SIGPIPE, {SIG_DFL}, NULL, 8) = 0

132

geteuid32()                             = 0

133

time([1090190008])                      = 1090190008

134

rt_sigaction(SIGPIPE, {0x400ceef2, [], 0}, {SIG_DFL}, 8) = 0

135

send(4, "<29>Jul 18 23:33:28 cpufreqd: St"..., 52, 0) = 52

136

rt_sigaction(SIGPIPE, {SIG_DFL}, NULL, 8) = 0

137

rt_sigaction(SIGTERM, {0x800032fa, [HUP INT TERM], 0}, NULL, 8) = 0

138

rt_sigaction(SIGINT, {0x8000327c, [HUP INT TERM], 0}, NULL, 8) = 0

139

rt_sigaction(SIGHUP, {0x800031fe, [HUP INT TERM], 0}, NULL, 8) = 0

140

open("/usr/lib/libsys_acpi.so", O_RDONLY) = 3

141

read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\200\f\0"...,

142

512) = 512 fstat64(3, {st_mode=S_IFREG|0755, st_size=10168, ...}) = 0

143

mmap2(NULL, 9000, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x40014000

144

mmap2(0x40016000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3,

145

0x2) = 0x40016000 close(3)                                = 0

146

--- SIGSEGV (Segmentation fault) @ 0 (0) ---

147

+++ killed by SIGSEGV +++

148

149

150

(gdb) run cpufreqd

151

Starting program: /usr/sbin/cpufreqd cpufreqd

152

153

Program received signal SIGSEGV, Segmentation fault.

154

0x40016e0e in ?? ()

155

(gdb) bt

156

#0  0x40016e0e in ?? ()

157

#1  0x40020108 in ?? ()

158

#2  0x40014580 in ?? ()

159

#3  0x40014820 in ?? ()

160

#4  0xbffff818 in ?? ()

161

#5  0x4001f16b in ?? ()

162

#6  0x40014598 in ?? ()

163

#7  0x80007338 in ?? ()

164

#8  0x8000389c in ?? ()

165

#9  0xb03d3201 in ?? ()

166

#10 0x80001cde in ?? ()

167

(gdb) info registers

168

eax            0x8000389c       -2147469156

169

ecx            0x0      0

170

edx            0x8000389c       -2147469156

171

ebx            0x400180f4       1073840372

172

esp            0xbffff7e0       0xbffff7e0

173

ebp            0xbffff818       0xbffff818

174

esi            0x800072ac       -2147454292

175

edi            0x40014820       1073825824

176

eip            0x40016e0e       0x40016e0e

177

eflags         0x10212  66066

178

cs             0x73     115

179

ss             0x7b     123

180

ds             0x7b     123

181

es             0x7b     123

182

fs             0x0      0

183

gs             0x0      0

184

(gdb) x/8i $pc

185

0x40016e0e:     mov    %eax,(%edx)

186

0x40016e10:     mov    0x54(%ebx),%edx

187

0x40016e16:     mov    0xffffffe0(%ebp),%eax

188

0x40016e19:     mov    %eax,(%edx)

189

0x40016e1b:     mov    0x64(%ebx),%edx

190

0x40016e21:     lea    0xfffffb8c(%ebx),%eax

191

0x40016e27:     mov    %eax,0x4(%esp,1)

192

0x40016e2b:     movl   $0x6,(%esp,1)

193

(gdb) x/16x $sp

194

0xbffff7e0:     0x40020108      0x40014580      0x40014820     

195

0xbffff818 0xbffff7f0:     0x4001f16b      0x40014598      0x80007338   

196

  0x8000389c 0xbffff800:     0xb03d3201      0x80001cde      0x00000000 

197

    0x8000716c 0xbffff810:     0x800072ac      0x8000716c     

198

0xbffffa78      0x80001d44

199

200

201

--

202

gentoo-hardened@g.o mailing list

Gentoo Archives: gentoo-hardened

Replies

1	On Wed, 21 Jul 2004 14:54:51 +0000 (UTC)
2	Mattia Dongili <dongili@××××××××.it> wrote:
3
4	> <pageexec@...> writes:
5	>
6	> >
7	> > > > Thanks for your help everyone, should I still submit a bug
8	> > > > report?
9	> [...]
10	> >
11	> > well, i don't actually know if the problem is with cpufreqd or the
12	> > toolchain (PIE enforcement), better not rush with that bugreport
13	> > upstream (unless they're interested in debugging it nevertheless .
14	>
15	> here I am :) I had a nice irc chat on #gentoo-hardened today.
16	> I'm in touch with one of the irc people, it seems he can help
17	> in debugging, otherwise I'll need some time to setup a
18	> gentoo-hardened box (and read some docs).
19	>
20	> If somebody could file a detailed bug report I'll have a
21	> starting point.
22	> Also: I'm subscribed to the list now.
23	>
24	> thanks
25	> --
26	> mattia
27	>
28	>
29	>
30	> --
31	> gentoo-hardened@g.o mailing list
32	>
33
34	Hi Mattia,
35
36	I posted the original query on this, appreciate your input! Afraid I'm
37	not the most useful person to help you on debugging but I'll provide
38	what information I can, if there's anything you want tried I'll be glad
39	to help.
40
41	I was holding back on posting a bug report in case anyone better
42	identified the source of the problem, though wouldn't be sure what to
43	usefully include anyway beyond what's been covered here. I've reposted
44	the strace and gdb output below (though you've probably got them from
45	the archives), since last posting I've tried cpufreqd-1.1.2 (from
46	portage) and it still segfaults on startup with PIE enabled. If there's
47	specific info you need let me know and I'll add it to a bug report.
48
49	Many thanks,
50
51	Barry
52
53
54	execve("/usr/sbin/cpufreqd", ["/usr/sbin/cpufreqd"], [/* 31 vars */]) =
55	0 uname({sys="Linux", node="tin", ...}) = 0
56	brk(0) = 0x800075e0
57	open("/etc/ld.so.preload", O_RDONLY) = -1 ENOENT (No such file or
58	directory) open("/etc/ld.so.cache", O_RDONLY) = 3
59	fstat64(3, {st_mode=S_IFREG\|0644, st_size=31190, ...}) = 0
60	mmap2(NULL, 31190, PROT_READ, MAP_PRIVATE, 3, 0) = 0x40014000
61	close(3) = 0
62	open("/lib/libdl.so.2", O_RDONLY) = 3
63	read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\\\33\0"...,
64	512) = 512 fstat64(3, {st_mode=S_IFREG\|0755, st_size=10452, ...}) = 0
65	mmap2(NULL, 4096, PROT_READ\|PROT_WRITE, MAP_PRIVATE\|MAP_ANONYMOUS, -1,
66	0) = 0x4001c000 mmap2(NULL, 12072, PROT_READ\|PROT_EXEC, MAP_PRIVATE, 3,
67	0) = 0x4001d000 mmap2(0x4001f000, 4096, PROT_READ\|PROT_WRITE,
68	MAP_PRIVATE\|MAP_FIXED, 3, 0x1) = 0x4001f000 close(3)
69	= 0 open("/lib/libc.so.6", O_RDONLY) = 3
70	read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0001Y\1\000"...,
71	512) = 512 fstat64(3, {st_mode=S_IFREG\|0755, st_size=1182840, ...}) = 0
72	mmap2(NULL, 1103620, PROT_READ\|PROT_EXEC, MAP_PRIVATE, 3, 0) =
73	0x40020000 mmap2(0x40128000, 12288, PROT_READ\|PROT_WRITE,
74	MAP_PRIVATE\|MAP_FIXED, 3, 0x107) = 0x40128000 mmap2(0x4012b000, 9988,
75	PROT_READ\|PROT_WRITE, MAP_PRIVATE\|MAP_FIXED\|MAP_ANONYMOUS, -1, 0) =
76	0x4012b000 close(3) = 0
77	munmap(0x40014000, 31190) = 0
78	open("/dev/urandom", O_RDONLY) = 3
79	read(3, "\17;\256\334", 4) = 4
80	close(3) = 0
81	brk(0) = 0x800075e0
82	brk(0x800285e0) = 0x800285e0
83	brk(0) = 0x800285e0
84	brk(0x80029000) = 0x80029000
85	stat64("/proc/cpufreq", 0xbffff92c) = -1 ENOENT (No such file or
86	directory) stat64("/sys/devices/system/cpu/cpu0/cpufreq",
87	{st_mode=S_IFDIR\|0755, st_size=0, ...}) = 0 open("/etc/cpufreqd.conf",
88	O_RDONLY) = 3 fstat64(3, {st_mode=S_IFREG\|0644, st_size=1687, ...}) =
89	0 mmap2(NULL, 4096, PROT_READ\|PROT_WRITE, MAP_PRIVATE\|MAP_ANONYMOUS, -1,
90	0) = 0x40014000 read(3, "# cpufreqd.conf\n\n[General]\npidfi"..., 4096)
91	= 1687 time([1090190008]) = 1090190008
92	open("/etc/localtime", O_RDONLY) = 4
93	fstat64(4, {st_mode=S_IFREG\|0644, st_size=1323, ...}) = 0
94	mmap2(NULL, 4096, PROT_READ\|PROT_WRITE, MAP_PRIVATE\|MAP_ANONYMOUS, -1,
95	0) = 0x40015000 read(4,
96	"TZif\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\7\0\0\0\7\0"..., 4096) =
97	1323 close(4) = 0
98	munmap(0x40015000, 4096) = 0
99	rt_sigaction(SIGPIPE, {0x400ceef2, [], 0}, {SIG_DFL}, 8) = 0
100	socket(PF_UNIX, SOCK_DGRAM, 0) = 4
101	fcntl64(4, F_SETFD, FD_CLOEXEC) = 0
102	connect(4, {sa_family=AF_UNIX, path="/dev/log"}, 16) = -1 EPROTOTYPE
103	(Protocol wrong type for socket) close(4)
104	= 0 socket(PF_UNIX, SOCK_STREAM, 0) = 4
105	fcntl64(4, F_SETFD, FD_CLOEXEC) = 0
106	connect(4, {sa_family=AF_UNIX, path="/dev/log"}, 16) = 0
107	send(4, "<28>Jul 18 23:33:28 cpufreqd: pa"..., 80, 0) = 80
108	rt_sigaction(SIGPIPE, {SIG_DFL}, NULL, 8) = 0
109	read(3, "", 4096) = 0
110	close(3) = 0
111	munmap(0x40014000, 4096) = 0
112	time([1090190008]) = 1090190008
113	rt_sigaction(SIGPIPE, {0x400ceef2, [], 0}, {SIG_DFL}, 8) = 0
114	send(4, "<29>Jul 18 23:33:28 cpufreqd: pa"..., 91, 0) = 91
115	rt_sigaction(SIGPIPE, {SIG_DFL}, NULL, 8) = 0
116	time([1090190008]) = 1090190008
117	rt_sigaction(SIGPIPE, {0x400ceef2, [], 0}, {SIG_DFL}, 8) = 0
118	send(4, "<29>Jul 18 23:33:28 cpufreqd: pa"..., 87, 0) = 87
119	rt_sigaction(SIGPIPE, {SIG_DFL}, NULL, 8) = 0
120	time([1090190008]) = 1090190008
121	rt_sigaction(SIGPIPE, {0x400ceef2, [], 0}, {SIG_DFL}, 8) = 0
122	send(4, "<29>Jul 18 23:33:28 cpufreqd: pa"..., 84, 0) = 84
123	rt_sigaction(SIGPIPE, {SIG_DFL}, NULL, 8) = 0
124	time([1090190008]) = 1090190008
125	rt_sigaction(SIGPIPE, {0x400ceef2, [], 0}, {SIG_DFL}, 8) = 0
126	send(4, "<29>Jul 18 23:33:28 cpufreqd: pa"..., 89, 0) = 89
127	rt_sigaction(SIGPIPE, {SIG_DFL}, NULL, 8) = 0
128	time([1090190008]) = 1090190008
129	rt_sigaction(SIGPIPE, {0x400ceef2, [], 0}, {SIG_DFL}, 8) = 0
130	send(4, "<29>Jul 18 23:33:28 cpufreqd: pa"..., 89, 0) = 89
131	rt_sigaction(SIGPIPE, {SIG_DFL}, NULL, 8) = 0
132	geteuid32() = 0
133	time([1090190008]) = 1090190008
134	rt_sigaction(SIGPIPE, {0x400ceef2, [], 0}, {SIG_DFL}, 8) = 0
135	send(4, "<29>Jul 18 23:33:28 cpufreqd: St"..., 52, 0) = 52
136	rt_sigaction(SIGPIPE, {SIG_DFL}, NULL, 8) = 0
137	rt_sigaction(SIGTERM, {0x800032fa, [HUP INT TERM], 0}, NULL, 8) = 0
138	rt_sigaction(SIGINT, {0x8000327c, [HUP INT TERM], 0}, NULL, 8) = 0
139	rt_sigaction(SIGHUP, {0x800031fe, [HUP INT TERM], 0}, NULL, 8) = 0
140	open("/usr/lib/libsys_acpi.so", O_RDONLY) = 3
141	read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\200\f\0"...,
142	512) = 512 fstat64(3, {st_mode=S_IFREG\|0755, st_size=10168, ...}) = 0
143	mmap2(NULL, 9000, PROT_READ\|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x40014000
144	mmap2(0x40016000, 4096, PROT_READ\|PROT_WRITE, MAP_PRIVATE\|MAP_FIXED, 3,
145	0x2) = 0x40016000 close(3) = 0
146	--- SIGSEGV (Segmentation fault) @ 0 (0) ---
147	+++ killed by SIGSEGV +++
148
149
150	(gdb) run cpufreqd
151	Starting program: /usr/sbin/cpufreqd cpufreqd
152
153	Program received signal SIGSEGV, Segmentation fault.
154	0x40016e0e in ?? ()
155	(gdb) bt
156	#0 0x40016e0e in ?? ()
157	#1 0x40020108 in ?? ()
158	#2 0x40014580 in ?? ()
159	#3 0x40014820 in ?? ()
160	#4 0xbffff818 in ?? ()
161	#5 0x4001f16b in ?? ()
162	#6 0x40014598 in ?? ()
163	#7 0x80007338 in ?? ()
164	#8 0x8000389c in ?? ()
165	#9 0xb03d3201 in ?? ()
166	#10 0x80001cde in ?? ()
167	(gdb) info registers
168	eax 0x8000389c -2147469156
169	ecx 0x0 0
170	edx 0x8000389c -2147469156
171	ebx 0x400180f4 1073840372
172	esp 0xbffff7e0 0xbffff7e0
173	ebp 0xbffff818 0xbffff818
174	esi 0x800072ac -2147454292
175	edi 0x40014820 1073825824
176	eip 0x40016e0e 0x40016e0e
177	eflags 0x10212 66066
178	cs 0x73 115
179	ss 0x7b 123
180	ds 0x7b 123
181	es 0x7b 123
182	fs 0x0 0
183	gs 0x0 0
184	(gdb) x/8i $pc
185	0x40016e0e: mov %eax,(%edx)
186	0x40016e10: mov 0x54(%ebx),%edx
187	0x40016e16: mov 0xffffffe0(%ebp),%eax
188	0x40016e19: mov %eax,(%edx)
189	0x40016e1b: mov 0x64(%ebx),%edx
190	0x40016e21: lea 0xfffffb8c(%ebx),%eax
191	0x40016e27: mov %eax,0x4(%esp,1)
192	0x40016e2b: movl $0x6,(%esp,1)
193	(gdb) x/16x $sp
194	0xbffff7e0: 0x40020108 0x40014580 0x40014820
195	0xbffff818 0xbffff7f0: 0x4001f16b 0x40014598 0x80007338
196	0x8000389c 0xbffff800: 0xb03d3201 0x80001cde 0x00000000
197	0x8000716c 0xbffff810: 0x800072ac 0x8000716c
198	0xbffffa78 0x80001d44
199
200
201	--
202	gentoo-hardened@g.o mailing list