Skip to content

Instantly share code, notes, and snippets.

@cneira

cneira/nwserver8166-core

Created April 9, 2018 21:09
Show Gist options
  • Save cneira/cbd63643ab9c9f744fab2516896ca14c to your computer and use it in GitHub Desktop.
Save cneira/cbd63643ab9c9f744fab2516896ca14c to your computer and use it in GitHub Desktop.
Download ZIP
nwserver 8166 32-bit coredumps
Raw
nwserver8166-core
> $c
ld-linux.so.2`init_tls+0xfc(f9200034, 9, 804766c, 8047750, 0, 0)
ld-linux.so.2`_dl_sysdep_start+0x224()
> ::status
debugging core file of nwserver-linux (32-bit) from 26c4e9b2-3885-432d-a8de-c5be7215e348
file: /home/nwn/server/bin/linux-x86/nwserver-linux
initial argv: ./nwserver-linux
threading model: native threads
status: process terminated by SIGSEGV (Segmentation Fault), addr=321c8
> $c
ld-linux.so.2`init_tls+0xfc(f9200034, 9, 804766c, 8047750, 0, 0)
ld-linux.so.2`_dl_sysdep_start+0x224()
> $r
%cs = 0x0043 %eax = 0x000001cb
%ds = 0x004b %ebx = 0xfef79fbc
%ss = 0x004b %ecx = 0x08046530
%es = 0x004b %edx = 0xf8bb0700
%fs = 0x0000 %esi = 0x00000041
%gs = 0x01c3 %edi = 0xfef7a51c ld-linux.so.2`_rtld_global+0x51c
%eip = 0xfef57d7e ld-linux.so.2`init_tls+0xfc
%ebp = 0x08047618
%kesp = 0x00000000
%eflags = 0x00010246
id=0 vip=0 vif=0 ac=0 vm=0 rf=1 nt=0 iopl=0x0
status=<of,df,IF,tf,sf,ZF,af,PF,cf>
%esp = 0x08046520
%trapno = 0xe
%err = 0x3
> 0xfef57d7e::dis
ld-linux.so.2`init_tls+0xd3: movl %edx,0x14(%esp)
ld-linux.so.2`init_tls+0xd7: movl $0xfffff,0x18(%esp)
ld-linux.so.2`init_tls+0xdf: movl $0x51,0x1c(%esp)
ld-linux.so.2`init_tls+0xe7: xchgl %ecx,%ebx
ld-linux.so.2`init_tls+0xe9: int $0x80
ld-linux.so.2`init_tls+0xeb: xchgl %ecx,%ebx
ld-linux.so.2`init_tls+0xed: testl %eax,%eax
ld-linux.so.2`init_tls+0xef: jne +0x18 <ld-linux.so.2`init_tls+0x109>
ld-linux.so.2`init_tls+0xf1: movl 0x10(%esp),%eax
ld-linux.so.2`init_tls+0xf5: leal 0x3(,%eax,8),%eax
ld-linux.so.2`init_tls+0xfc: movw %eax,%gs
ld-linux.so.2`init_tls+0xfe: movb $0x1,0x890(%ebx)
ld-linux.so.2`init_tls+0x105: movl %edx,%eax
ld-linux.so.2`init_tls+0x107: jmp +0x2e <ld-linux.so.2`init_tls+0x137>
ld-linux.so.2`init_tls+0x109: leal 0xffff9cec(%ebx),%edi
ld-linux.so.2`init_tls+0x10f: leal 0xffff9d64(%ebx),%esi
ld-linux.so.2`init_tls+0x115: movl %edi,0x8(%esp)
ld-linux.so.2`init_tls+0x119: movl %esi,0x4(%esp)
ld-linux.so.2`init_tls+0x11d: movl $0x2,(%esp)
ld-linux.so.2`init_tls+0x124: call +0xfbd5 <ld-linux.so.2`_dl_dprintf>
ld-linux.so.2`init_tls+0x129: movl $0x7f,(%esp)
> 0x08046520,0x10::dump
\/ 1 2 3 4 5 6 7 8 9 a b c d e f v123456789abcdef
8046520: 10020000 01000000 00000000 f8650408 .............e..
@cneira
Copy link
Author

cneira commented Apr 11, 2018

ldd nwserver working
97120/1: executing linux process: /lib/ld-linux.so.2
97120/1: branding myself and setting handler to 0xfefddd48
97120/1: interposition handler setup for SIGPWR
97120/1: thr_keycreate created lx_tsd_key (3)
97120/1: lx tsd allocated @ fed20018
97120/1: stack fecdf000 stack_top fed1f000
97120/1: starting Linux program sp 8047658 ldentry fef58010
97120/1: lx_emulate(fed1ee00, 252, [0, 8046278, 0, 0, 0, 8047580])
97120/1: lx_exit_common(LX_ET_EXIT_GROUP, 0)
97118/1: lx_emulate(7fffef07eca0, 14, [2, 7fffffefdf60, 0, 8, 0, 6f14f0])
97118/1: lx_emulate(14) done (ret 0 / 0x0 ; errno 0)
97118/1: lx_emulate(7fffef07eca0, 13, [2, 7fffffefdc30, 7fffffefdcd0, 8, 7fffffefde20, 7fffffefdcd0])
97118/1: &lx_sighandlers.lx_sa[2] = 0x7fffef4fd840
97118/1: interposing handler @ 0x456c10 for signal 2 (lx 2), flags 0x4000000
97118/1: lx_emulate(13) done (ret 0 / 0x0 ; errno 0)
97118/1: lx_emulate(7fffef07eca0, 231, [0, 0, 0, ffffffffffffff80, 3c, e7])
97118/1: lx_exit_common(LX_ET_EXIT_GROUP, 0)
97119/1: lx_emulate(7fffef07eca0, 231, [0, 0, 0, ffffffffffffff80, 3c, e7])
97119/1: lx_exit_common(LX_ET_EXIT_GROUP, 0)
97116/1: lx_emulate(7fffef07eca0, 14, [2, 7fffffefe220, 0, 8, 0, 6fb850])
97116/1: lx_emulate(14) done (ret 0 / 0x0 ; errno 0)
97116/1: lx_emulate(7fffef07eca0, 13, [2, 7fffffefdef0, 7fffffefdf90, 8, 7fffffefe0e0, 7fffffefdf90])
97116/1: &lx_sighandlers.lx_sa[2] = 0x7fffef4fd840
97116/1: lx_emulate(13) done (ret 0 / 0x0 ; errno 0)
97116/1: lx_emulate(7fffef07eca0, 14, [2, 7fffffefe490, 0, 8, 7fffffefe0e0, 0])
97116/1: lx_emulate(14) done (ret 0 / 0x0 ; errno 0)
97116/1: lx_emulate(7fffef07eca0, 14, [0, 7fffffeff070, 7fffffeff0f0, 8, 6fa8a0, 0])
97116/1: lx_emulate(14) done (ret 0 / 0x0 ; errno 0)
97116/1: lx_emulate(7fffef07eca0, 14, [2, 7fffffeff0f0, 0, 8, 7d0, 0])
97116/1: lx_emulate(14) done (ret 0 / 0x0 ; errno 0)
97116/1: lx_emulate(7fffef07eca0, 14, [0, 0, 6eb028, 8, 6fa510, 6fa550])
97116/1: lx_emulate(14) done (ret 0 / 0x0 ; errno 0)
97116/1: lx_emulate(7fffef07eca0, 14, [0, 0, 6eb028, 8, ff33, 7fffffefe248])
97116/1: lx_emulate(14) done (ret 0 / 0x0 ; errno 0)
97116/1: lx_emulate(7fffef07eca0, 14, [2, 6eb028, 0, 8, 7fffee7bd060, 6fa1b1])
97116/1: lx_emulate(14) done (ret 0 / 0x0 ; errno 0)
97116/1: lx_emulate(7fffef07eca0, 231, [0, 0, 0, ffffffffffffff80, 3c, e7])
97116/1: lx_exit_common(LX_ET_EXIT_GROUP, 0)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment