MIPS Binary Segmentation Fault #16253
Milestone
Comments
|
cant reproduce
… On 19 Mar 2020, at 03:06, Наташа ***@***.***> wrote:
# uname -a
Linux raspberrypi 4.19.97-v7l+ #1294 SMP Thu Jan 30 13:21:14 GMT 2020 armv7l GNU/Linux
# file binary
binary: ELF 32-bit MSB executable, MIPS, MIPS-I version 1 (SYSV), dynamically linked, interpreter /lib/ld-uClibc.so.0, stripped
# r2 -v
radare2 4.4.0-git 24013 @ linux-arm-32 git.4.3.1-69-g4c684f197
commit: 4c684f1 build: 2020-03-19__02:51:54
After loading binary in r2 and issuing 'aaa' got segfault trying to open visual view
Steps to reproduce the behavior
download and unpack binary.zip <https://github.com/radareorg/radare2/files/4352291/binary.zip>
load binary (r2 binary)
issue 'aaa'
issue 'v'
Core was generated by `radare2 binary'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 strlen () at ../sysdeps/arm/armv6/strlen.S:26
26 ../sysdeps/arm/armv6/strlen.S: No such file or directory.
(gdb) bt
#0 strlen () at ../sysdeps/arm/armv6/strlen.S:26
#1 0xb6ce4de0 in _IO_vfprintf_internal ***@***.***=0xbebe6908, ***@***.***=0xb54eaf88 "0x%x(%s)", ap=..., ***@***.***=...) at vfprintf.c:1638
#2 0xb6d08278 in _IO_vsnprintf (string=0xbebe69b0 "0x0(@\021\343\266\370", <incomplete sequence \373\266>, maxlen=<optimized out>, format=0xb54eaf88 "0x%x(%s)", args=...)
at vsnprintf.c:114
#3 0xb6e5258c in r_str_newf (fmt=0xb54eaf88 "0x%x(%s)") at str.c:753
#4 0xb54c2cb8 in varsub (p=0xb29600, f=0xbece28, addr=4199920, oplen=4, data=0xc03fc0 "move zero, ra", str=0xc79474 "", len=1024) at p/parse_mips_pseudo.c:280
#5 0xb54a04a4 in r_parse_varsub (p=0xb29600, f=0xbece28, addr=4199920, oplen=4, data=0xc03fc0 "move zero, ra", str=0xc79474 "", len=1024) at parse.c:139
#6 0xb61196d0 in ds_build_op_str (ds=0xc79070, print_color=true) at disasm.c:1039
#7 0xb612b514 in r_core_print_disasm (p=0xaef390, core=0xb526f008, addr=4199920, buf=0xaec1b0 <incomplete sequence \340>, len=256, l=50, invbreak=0, cbytes=0, json=false, pj=0x0,
pdf=0x0) at disasm.c:5513
#8 0xb607b0fc in cmd_print (data=0xb526f008, input=0xc84ef1 "d 50") at cmd_print.c:5916
#9 0xb60f4544 in r_cmd_call (cmd=0xb44490, input=0xc84ef0 "pd 50") at cmd_api.c:248
#10 0xb608f39c in r_core_cmd_subst_i (core=0xb526f008, cmd=0xc84ef0 "pd 50", colon=0x0, tmpseek=0xbebe77eb) at cmd.c:3671
#11 0xb608b874 in r_core_cmd_subst (core=0xb526f008, cmd=0xc84ef0 "pd 50") at cmd.c:2627
#12 0xb60919c8 in run_cmd_depth (core=0xb526f008, cmd=0xc95770 "pd 50") at cmd.c:6079
#13 0xb6091e10 in r_core_cmd (core=0xb526f008, cstr=0xc6d058 "pd 50", log=0) at cmd.c:6161
#14 0xb60927c8 in r_core_cmd_str (core=0xb526f008, cmd=0xc6d058 "pd 50") at cmd.c:6401
#15 0xb6145220 in __handle_cmd_str_cache (core=0xb526f008, panel=0xc425f0, force_cache=false) at panels.c:1263
#16 0xb61509bc in __print_disassembly_cb (user=0xb526f008, p=0xc425f0) at panels.c:4192
#17 0xb6144f80 in __default_panel_print (core=0xb526f008, panel=0xc425f0) at panels.c:1221
#18 0xb6144048 in __panel_print (core=0xb526f008, can=0xc57110, panel=0xc425f0, color=1) at panels.c:1024
#19 0xb6154928 in __panels_refresh (core=0xb526f008) at panels.c:5017
#20 0xb6145e48 in __panels_layout_refresh (core=0xb526f008) at panels.c:1461
#21 0xb615b044 in __panels_process (core=0xb526f008, panels=0xc47960) at panels.c:6691
#22 0xb615a00c in r_core_visual_panels_root (core=0xb526f008, panels_root=0xc7d2f0) at panels.c:6381
#23 0xb6089970 in cmd_panels (data=0xb526f008, input=0xc54c59 "") at cmd.c:1890
#24 0xb60f4544 in r_cmd_call (cmd=0xb44490, input=0xc54c58 "v") at cmd_api.c:248
#25 0xb608f39c in r_core_cmd_subst_i (core=0xb526f008, cmd=0xc54c58 "v", colon=0x0, tmpseek=0xbebe7e13) at cmd.c:3671
#26 0xb608b874 in r_core_cmd_subst (core=0xb526f008, cmd=0xc54c58 "v") at cmd.c:2627
#27 0xb60919c8 in run_cmd_depth (core=0xb526f008, cmd=0xbebd90 "v") at cmd.c:6079
#28 0xb6091e10 in r_core_cmd (core=0xb526f008, cstr=0xbebd80 "v", log=1) at cmd.c:6161
#29 0xb5fcfc04 in r_core_prompt_exec (r=0xb526f008) at core.c:3043
#30 0xb5fcf250 in r_core_prompt_loop (r=0xb526f008) at core.c:2894
#31 0xb6e0f704 in r_main_radare2 (argc=2, argv=0xbebe8244) at radare2.c:1350
#32 0x0040aa68 in main (argc=2, argv=0xbebe8244) at radare2.c:96
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub <#16253>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AAG75FQ7633SVBVHUGI3FI3RIF4Z3ANCNFSM4LO6UYFA>.
|
|
can anyone try to repro?
… On 19 Mar 2020, at 03:06, Наташа ***@***.***> wrote:
# uname -a
Linux raspberrypi 4.19.97-v7l+ #1294 SMP Thu Jan 30 13:21:14 GMT 2020 armv7l GNU/Linux
# file binary
binary: ELF 32-bit MSB executable, MIPS, MIPS-I version 1 (SYSV), dynamically linked, interpreter /lib/ld-uClibc.so.0, stripped
# r2 -v
radare2 4.4.0-git 24013 @ linux-arm-32 git.4.3.1-69-g4c684f197
commit: 4c684f1 build: 2020-03-19__02:51:54
After loading binary in r2 and issuing 'aaa' got segfault trying to open visual view
Steps to reproduce the behavior
download and unpack binary.zip <https://github.com/radareorg/radare2/files/4352291/binary.zip>
load binary (r2 binary)
issue 'aaa'
issue 'v'
Core was generated by `radare2 binary'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 strlen () at ../sysdeps/arm/armv6/strlen.S:26
26 ../sysdeps/arm/armv6/strlen.S: No such file or directory.
(gdb) bt
#0 strlen () at ../sysdeps/arm/armv6/strlen.S:26
#1 0xb6ce4de0 in _IO_vfprintf_internal ***@***.***=0xbebe6908, ***@***.***=0xb54eaf88 "0x%x(%s)", ap=..., ***@***.***=...) at vfprintf.c:1638
#2 0xb6d08278 in _IO_vsnprintf (string=0xbebe69b0 "0x0(@\021\343\266\370", <incomplete sequence \373\266>, maxlen=<optimized out>, format=0xb54eaf88 "0x%x(%s)", args=...)
at vsnprintf.c:114
#3 0xb6e5258c in r_str_newf (fmt=0xb54eaf88 "0x%x(%s)") at str.c:753
#4 0xb54c2cb8 in varsub (p=0xb29600, f=0xbece28, addr=4199920, oplen=4, data=0xc03fc0 "move zero, ra", str=0xc79474 "", len=1024) at p/parse_mips_pseudo.c:280
#5 0xb54a04a4 in r_parse_varsub (p=0xb29600, f=0xbece28, addr=4199920, oplen=4, data=0xc03fc0 "move zero, ra", str=0xc79474 "", len=1024) at parse.c:139
#6 0xb61196d0 in ds_build_op_str (ds=0xc79070, print_color=true) at disasm.c:1039
#7 0xb612b514 in r_core_print_disasm (p=0xaef390, core=0xb526f008, addr=4199920, buf=0xaec1b0 <incomplete sequence \340>, len=256, l=50, invbreak=0, cbytes=0, json=false, pj=0x0,
pdf=0x0) at disasm.c:5513
#8 0xb607b0fc in cmd_print (data=0xb526f008, input=0xc84ef1 "d 50") at cmd_print.c:5916
#9 0xb60f4544 in r_cmd_call (cmd=0xb44490, input=0xc84ef0 "pd 50") at cmd_api.c:248
#10 0xb608f39c in r_core_cmd_subst_i (core=0xb526f008, cmd=0xc84ef0 "pd 50", colon=0x0, tmpseek=0xbebe77eb) at cmd.c:3671
#11 0xb608b874 in r_core_cmd_subst (core=0xb526f008, cmd=0xc84ef0 "pd 50") at cmd.c:2627
#12 0xb60919c8 in run_cmd_depth (core=0xb526f008, cmd=0xc95770 "pd 50") at cmd.c:6079
#13 0xb6091e10 in r_core_cmd (core=0xb526f008, cstr=0xc6d058 "pd 50", log=0) at cmd.c:6161
#14 0xb60927c8 in r_core_cmd_str (core=0xb526f008, cmd=0xc6d058 "pd 50") at cmd.c:6401
#15 0xb6145220 in __handle_cmd_str_cache (core=0xb526f008, panel=0xc425f0, force_cache=false) at panels.c:1263
#16 0xb61509bc in __print_disassembly_cb (user=0xb526f008, p=0xc425f0) at panels.c:4192
#17 0xb6144f80 in __default_panel_print (core=0xb526f008, panel=0xc425f0) at panels.c:1221
#18 0xb6144048 in __panel_print (core=0xb526f008, can=0xc57110, panel=0xc425f0, color=1) at panels.c:1024
#19 0xb6154928 in __panels_refresh (core=0xb526f008) at panels.c:5017
#20 0xb6145e48 in __panels_layout_refresh (core=0xb526f008) at panels.c:1461
#21 0xb615b044 in __panels_process (core=0xb526f008, panels=0xc47960) at panels.c:6691
#22 0xb615a00c in r_core_visual_panels_root (core=0xb526f008, panels_root=0xc7d2f0) at panels.c:6381
#23 0xb6089970 in cmd_panels (data=0xb526f008, input=0xc54c59 "") at cmd.c:1890
#24 0xb60f4544 in r_cmd_call (cmd=0xb44490, input=0xc54c58 "v") at cmd_api.c:248
#25 0xb608f39c in r_core_cmd_subst_i (core=0xb526f008, cmd=0xc54c58 "v", colon=0x0, tmpseek=0xbebe7e13) at cmd.c:3671
#26 0xb608b874 in r_core_cmd_subst (core=0xb526f008, cmd=0xc54c58 "v") at cmd.c:2627
#27 0xb60919c8 in run_cmd_depth (core=0xb526f008, cmd=0xbebd90 "v") at cmd.c:6079
#28 0xb6091e10 in r_core_cmd (core=0xb526f008, cstr=0xbebd80 "v", log=1) at cmd.c:6161
#29 0xb5fcfc04 in r_core_prompt_exec (r=0xb526f008) at core.c:3043
#30 0xb5fcf250 in r_core_prompt_loop (r=0xb526f008) at core.c:2894
#31 0xb6e0f704 in r_main_radare2 (argc=2, argv=0xbebe8244) at radare2.c:1350
#32 0x0040aa68 in main (argc=2, argv=0xbebe8244) at radare2.c:96
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub <#16253>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AAG75FQ7633SVBVHUGI3FI3RIF4Z3ANCNFSM4LO6UYFA>.
|
|
Can't reproduce too. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
After loading binary in r2 and issuing 'aaa' got segfault trying to open visual view
Steps to reproduce the behavior
The text was updated successfully, but these errors were encountered: