[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Segfaults in Windows 7

[Date Prev] | [Date Next]

Subject: Re: Segfaults in Windows 7
From: Aris Adamantiadis <aris@xxxxxxxxxxxx>
Reply-to: libssh@xxxxxxxxxx
Date: Fri, 27 Aug 2010 15:25:11 +0200
To: libssh@xxxxxxxxxx

Eduardo,

I now understand the output you get. In the build of libssh you're
using, the only exported symbols are the one part of the public API.
Since it crashed somewhere inside libssh, in a place for which no symbol
exists, it said it was "somewhere" after ssh_bind_options_set.

The instruction that caused the crash is
0x61ad4f51 <ssh_bind_options_set+1205>:	mov    0x130(%eax),%eax
So, kind-of null pointer deference with a broken pointer.

To investigate ...

Aris

Le 27/08/10 15:16, Eduardo Valdes a écrit :
> Aris,
> 
> Program received signal SIGSEGV, Segmentation fault.
> 0x61ad4f51 in ssh_bind_options_set () from
> H:\freepascal\RAT\Work\trash\libssh.dll
> (gdb) info registers
> eax            0x7f     127
> ecx            0x776dad14       2003676436
> edx            0x20ae1dc        34267612
> ebx            0x20ae1fc        34267644
> esp            0x20ae114        0x20ae114
> ebp            0x20ae19c        0x20ae19c
> esi            0x61ad683a       1638754362
> edi            0xf3108  995592
> eip            0x61ad4f51       0x61ad4f51 <ssh_bind_options_set+1205>
> eflags         0x10202  [ IF RF ]
> cs             0x1b     27
> ss             0x23     35
> ds             0x23     35
> es             0x23     35
> fs             0x3b     59
> gs             0x0      0
> 
> The output from "disassemble $eip" is 120K, so I am including it as an
> attachment.
> 
> (gdb) x/128x $esp
> 0x20ae114:      0x000f5468      0x000f3108      0x00000170      0x00000014
> 0x20ae124:      0x00000014      0x00000170      0x00000001      0x01000000
> 0x20ae134:      0x020ae10c      0x00000009      0x020af7c4      0x776e3562
> 0x20ae144:      0xe06261b1      0xfffffffe      0x776dad14      0x61ad8209
> 0x20ae154:      0x020ae17c      0x00000001      0x00000000      0x005ea910
> 0x20ae164:      0x020ae1ac      0x0040dc88      0x0040e16a      0x0040c8ad
> 0x20ae174:      0x00000000      0xb59426e8      0x00000170      0x01100310
> 0x20ae184:      0x00000025      0x020ae1ac      0x020ae178      0x020ae1fc
> 0x20ae194:      0x61ad683a      0x000f3108      0x020ae1fc      0x61ad6804
> 0x20ae1a4:      0x020ae1fc      0x020ae1e0      0x020ae1dc      0x020ae300
> 0x20ae1b4:      0x00000025      0x00000001      0x020ae300      0x020ae214
> 0x20ae1c4:      0x0040aca7      0x020ae300      0x004075cf      0x00000000
> 0x20ae1d4:      0x020ae300      0x00000000      0x00000000      0x00000010
> 0x20ae1e4:      0x020ae300      0x00000000      0x00000001      0x000fad38
> 0x20ae1f4:      0x000fa980      0x000f5468      0x020ae24c      0x61ac4daf
> 0x20ae204:      0x000f5468      0x0040a9f5      0x020ae258      0x0040aca7
> 0x20ae214:      0x001604d0      0x00446a65      0x00000000      0x000fad38
> 0x20ae224:      0x000fa980      0x020ae244      0x0040df11      0x00000000
> 0x20ae234:      0x00000001      0x020ae29c      0x020ae2b4      0x000fad38
> 0x20ae244:      0x001604d0      0x00000001      0x020af30c      0x0042adf7
> 0x20ae254:      0x000fad38      0x00000000      0x00000000      0x00000000
> 0x20ae264:      0x02e77350      0x00000000      0x00000000      0x00000000
> 0x20ae274:      0x00000000      0x00000000      0x00000000      0x00000000
> 0x20ae284:      0x00000000      0x00000000      0x00000000      0x00000000
> 0x20ae294:      0x00000000      0x00000000      0x000fad38      0x001604d0
> 0x20ae2a4:      0x00000001      0x020af30c      0x020ae260      0x0042ade5
> 0x20ae2b4:      0x020ae29c      0x020ae2e4      0x00000001      0x00000000
> 0x20ae2c4:      0x00000000      0x00000000      0x02e77350      0x001604d0
> 0x20ae2d4:      0x00000001      0x020af30c      0x020ae264      0x0042ad4c
> 0x20ae2e4:      0x020ae2cc      0x020af340      0x00000001      0x00000000
> 0x20ae2f4:      0x00000000      0x00000001      0x00000000      0x7361622d
> 0x20ae304:      0x64203a68      0x6f637269      0x73726f6c      0x02e77350
> (gdb)
> 
> Yes, my program is calling channel_poll just before the seg fault.
> 
> I hope this is useful.
> 
> Thanks.
> 
> Eddy
> 
> On Thu, Aug 26, 2010 at 8:53 AM, Aris Adamantiadis <aris@xxxxxxxxxxxx
> <mailto:aris@xxxxxxxxxxxx>> wrote:
> 
>     Eduardo,
> 
>     I don't understand the backtrace you got. Could you send me the
>     output of
>     info registers
>     disassemble $eip
>     x/128x $esp
> 
>     and anything else that would let us watch the stack and why gdb show the
>     crash in apparently unrelated function calls
> 
>     Also, I'd like to know what the current pascal function is doing during
>     the crash (calling channel_poll ?)
> 
>     Aris
> 
>     Le 26/08/10 14:32, Eduardo Valdes a écrit :
>     > Andreas,
>     >
>     > Using the dll in libssh-mingw4-20100826-bin I get the following
>     > backtrace in Windows 7:
>     >
>     > Program received signal SIGSEGV, Segmentation fault.
>     > 0x61ad4f51 in ssh_bind_options_set () from
>     > H:\freepascal\RAT\Work\trash\libssh.dll
>     > (gdb) bt
>     > #0  0x61ad4f51 in ssh_bind_options_set () from
>     > H:\freepascal\RAT\Work\trash\libssh.dll
>     > #1  0x61ad6804 in ssh_get_status () from
>     > H:\freepascal\RAT\Work\trash\libssh.dll
>     > #2  0x61ac4daf in libssh!channel_poll () from
>     > H:\freepascal\RAT\Work\trash\libssh.dll
>     > #3  0x0042adf7 in TSSHTERMINALHELPER__TERMINALRECEIVE
>     (this=0xbb9e0) at
>     > usshterminalhelper.pas:282
>     > #4  0x0042b4df in TTERMINALFORM__RUN (this=0x1a2700) at
>     > uterminalform.pas:163
>     > #5  0x00421307 in TFRMMAIN__BTNCONNECTTO1CLICK (SENDER=0x136888,
>     > this=0x13f078) at umain.pas:614
>     > #6  0x004c09f4 in TCONTROL__CLICK (this=0x136888) at control.inc:2227
>     > #7  0x005033cf in TBUTTONCONTROL__CLICK (this=0x136888) at
>     > buttoncontrol.inc:72
>     >
>     > My program using this dll still works fine in XP SP3.
>     >
>     > Thanks.
>     >
>     > Eddy
>     >
>     > On Thu, Aug 26, 2010 at 4:41 AM, Andreas Schneider
>     <asn@xxxxxxxxxxxx <mailto:asn@xxxxxxxxxxxx>
>     > <mailto:asn@xxxxxxxxxxxx <mailto:asn@xxxxxxxxxxxx>>> wrote:
>     >
>     >     On Friday 20 August 2010 16:05:18 you wrote:
>     >     > Thanks Andreas. I will give it a try as soon as I get set up to
>     >     compile in
>     >     > Windows.
>     >     >
>     >
>     >     I've pushed the changes. The packages at
>     >
>     >     http://winkde.org/pub/kde/ports/win32/releases/nightly/latest/
>     >
>     >     should provide the fixes.
>     >
>     >
>     >            -- andreas
>     >
>     >
>     >
>     >
>     >
>     > --
>     > Eddy Valdes
>     > Project Manager
>     > Atronix Engineering
>     > evaldes@xxxxxxxxxxxxxxxxxxxxxx
>     <mailto:evaldes@xxxxxxxxxxxxxxxxxxxxxx>
>     <mailto:evaldes@xxxxxxxxxxxxxxxxxxxxxx
>     <mailto:evaldes@xxxxxxxxxxxxxxxxxxxxxx>>
>     >
> 
> 
> 
> 
> 
> -- 
> Eddy Valdes
> Project Manager
> Atronix Engineering
> evaldes@xxxxxxxxxxxxxxxxxxxxxx <mailto:evaldes@xxxxxxxxxxxxxxxxxxxxxx>
>

References:
Segfaults in Windows 7	Eduardo Valdes <evaldes@xxxxxxxxxxxxxxxxxxxxxx>
Re: Segfaults in Windows 7	Andreas Schneider <asn@xxxxxxxxxxxx>
Re: Segfaults in Windows 7	Eduardo Valdes <evaldes@xxxxxxxxxxxxxxxxxxxxxx>
Re: Segfaults in Windows 7	Andreas Schneider <asn@xxxxxxxxxxxx>
Re: Segfaults in Windows 7	Eduardo Valdes <evaldes@xxxxxxxxxxxxxxxxxxxxxx>
Re: Segfaults in Windows 7	Aris Adamantiadis <aris@xxxxxxxxxxxx>
Re: Segfaults in Windows 7	Eduardo Valdes <evaldes@xxxxxxxxxxxxxxxxxxxxxx>

Archive administrator: postmaster@lists.cynapses.org