warum wird strcmp nicht gefunden?

27/09/2012 - 23:10 von Jens Kallup | Report spam
valgrind output:

=‡19== Memcheck, a memory error detector
=‡19== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al.
=‡19== Using Valgrind-3.6.0.SVN-Debian and LibVEX; rerun with -h for copyright info
=‡19== Command: ./p
=‡19==
=‡19== WARNING: new redirection conflicts with existing -- ignoring it
=‡19== Invalid read of size 1
=‡19== at 0x4417138: strcmp (strcmp.S:39)
=‡19== by 0x4409A5B: do_lookup_x (dl-lookup.c:272)
=‡19== by 0x4409CF1: _dl_lookup_symbol_x (dl-lookup.c:725)
=‡19== by 0x440B74C: _dl_relocate_object (dl-machine.h:344)
=‡19== by 0x44036B6: dl_main (rtld.c:2239)
=‡19== by 0x4414F26: _dl_sysdep_start (dl-sysdep.c:243)
=‡19== by 0x4401237: _dl_start (rtld.c:338)
=‡19== by 0x4400856: ??? (in /lib32/ld-2.11.3.so)
=‡19== Address 0x7170aec8 is not stack'd, malloc'd or (recently) free'd
=‡19==
=‡19==
=‡19== Process terminating with default action of signal 11 (SIGSEGV)
=‡19== Access not within mapped region at address 0x7170AEC8
=‡19== at 0x4417138: strcmp (strcmp.S:39)
=‡19== by 0x4409A5B: do_lookup_x (dl-lookup.c:272)
=‡19== by 0x4409CF1: _dl_lookup_symbol_x (dl-lookup.c:725)
=‡19== by 0x440B74C: _dl_relocate_object (dl-machine.h:344)
=‡19== by 0x44036B6: dl_main (rtld.c:2239)
=‡19== by 0x4414F26: _dl_sysdep_start (dl-sysdep.c:243)
=‡19== by 0x4401237: _dl_start (rtld.c:338)
=‡19== by 0x4400856: ??? (in /lib32/ld-2.11.3.so)
=‡19== If you believe this happened as a result of a stack
=‡19== overflow in your program's main thread (unlikely but
=‡19== possible), you can try to increase the size of the
=‡19== main thread stack using the --main-stacksize= flag.
=‡19== The main thread stack size used in this run was 8388608.
=‡19== Jump to the invalid address stated on the next line
=‡19== at 0x352: ???
=‡19== by 0x44094A3: check_match.8665 (dl-lookup.c:150)
=‡19== by 0x4409A5B: do_lookup_x (dl-lookup.c:272)
=‡19== by 0x4409CF1: _dl_lookup_symbol_x (dl-lookup.c:725)
=‡19== by 0x440B74C: _dl_relocate_object (dl-machine.h:344)
=‡19== by 0x44036B6: dl_main (rtld.c:2239)
=‡19== by 0x4414F26: _dl_sysdep_start (dl-sysdep.c:243)
=‡19== by 0x4401237: _dl_start (rtld.c:338)
=‡19== by 0x4400856: ??? (in /lib32/ld-2.11.3.so)
=‡19== Address 0x352 is not stack'd, malloc'd or (recently) free'd
=‡19==
=‡19==
=‡19== Process terminating with default action of signal 11 (SIGSEGV)
=‡19== Bad permissions for mapped region at address 0x352
=‡19== at 0x352: ???
=‡19== by 0x44094A3: check_match.8665 (dl-lookup.c:150)
=‡19== by 0x4409A5B: do_lookup_x (dl-lookup.c:272)
=‡19== by 0x4409CF1: _dl_lookup_symbol_x (dl-lookup.c:725)
=‡19== by 0x440B74C: _dl_relocate_object (dl-machine.h:344)
=‡19== by 0x44036B6: dl_main (rtld.c:2239)
=‡19== by 0x4414F26: _dl_sysdep_start (dl-sysdep.c:243)
=‡19== by 0x4401237: _dl_start (rtld.c:338)
=‡19== by 0x4400856: ??? (in /lib32/ld-2.11.3.so)
=‡19==
=‡19== HEAP SUMMARY:
=‡19== in use at exit: 0 bytes in 0 blocks
=‡19== total heap usage: 0 allocs, 0 frees, 0 bytes allocated
=‡19==
=‡19== All heap blocks were freed -- no leaks are possible
=‡19==
=‡19== ERROR SUMMARY: 2 errors from 2 contexts (suppressed: 0 from 0)
=‡19==
=‡19== 1 errors in context 1 of 2:
=‡19== Jump to the invalid address stated on the next line
=‡19== at 0x352: ???
=‡19== by 0x44094A3: check_match.8665 (dl-lookup.c:150)
=‡19== by 0x4409A5B: do_lookup_x (dl-lookup.c:272)
=‡19== by 0x4409CF1: _dl_lookup_symbol_x (dl-lookup.c:725)
=‡19== by 0x440B74C: _dl_relocate_object (dl-machine.h:344)
=‡19== by 0x44036B6: dl_main (rtld.c:2239)
=‡19== by 0x4414F26: _dl_sysdep_start (dl-sysdep.c:243)
=‡19== by 0x4401237: _dl_start (rtld.c:338)
=‡19== by 0x4400856: ??? (in /lib32/ld-2.11.3.so)
=‡19== Address 0x352 is not stack'd, malloc'd or (recently) free'd
=‡19==
=‡19==
=‡19== 1 errors in context 2 of 2:
=‡19== Invalid read of size 1
=‡19== at 0x4417138: strcmp (strcmp.S:39)
=‡19== by 0x4409A5B: do_lookup_x (dl-lookup.c:272)
=‡19== by 0x4409CF1: _dl_lookup_symbol_x (dl-lookup.c:725)
=‡19== by 0x440B74C: _dl_relocate_object (dl-machine.h:344)
=‡19== by 0x44036B6: dl_main (rtld.c:2239)
=‡19== by 0x4414F26: _dl_sysdep_start (dl-sysdep.c:243)
=‡19== by 0x4401237: _dl_start (rtld.c:338)
=‡19== by 0x4400856: ??? (in /lib32/ld-2.11.3.so)
=‡19== Address 0x7170aec8 is not stack'd, malloc'd or (recently) free'd
=‡19==
=‡19== ERROR SUMMARY: 2 errors from 2 contexts (suppressed: 0 from 0)
Speicherzugriffsfehler


;-
mydll.c:

void Xtest(void)
{
printf("ok");
}


prog.asm:
;;

BITS 32

;; Macro for accessing addresses in .bss and some of .text via ebp.

%define ADDR(a) ebp + ((a) - _ebp_pos_)

org 0x08048000

;; A basic ELF header, indicating that the program segment header
;; has three entries, and that there is no section header table.

db 0x7F, 'ELF'
db 1 ; ELFCLASS32
db 1 ; ELFDATA2LSB
db 1 ; EV_CURRENT
db 0 ; ELFOSABI_NONE
dd 0
dd 0
dw 2 ; ET_EXEC
dw 3 ; EM_386
dd 1 ; EV_CURRENT
dd _start
dd phdrs - $$
dd 0
dd 0
dw 0x34 ; sizeof(Elf32_Ehdr)
dw 0x20 ; sizeof(Elf32_Phdr)
dw 3
dw 0
dw 0
dw 0

;; The program header table contains three entries. The first one
;; indicates that the entire file is to be loaded into read-write-exec
;; memory. The second entry identifies the location of the _DYNAMIC
;; section, and the third entry gives the location of the interpreter
;; pathname. The last dword value of the table, a 1, overlaps with the
;; next structure. Note that two of the entries reuse the ignored paddr
;; field to store other data.

phdrs:
dd 1 ; PT_LOAD
dd 0
dd $$
dd $$
dd file_size
dd mem_size
dd 7 ; PF_R | PF_W | PF_X
dd 0x1000
dd 2 ; PT_DYNAMIC
dd dynamic - $$
dd dynamic
framebits: db 0x05, 0x0E, 0x05, 0x0B ; The frame's stipple pattern
dd dynamic_size
dd dynamic_size
dd 6 ; PF_R | PF_W
dd 4
dd 3 ; PT_INTERP
dd interp - $$
dd interp
titlestrlist: dd titlestr ; A string list of length one
dd interp_size
dd interp_size
dd 4 ; PF_R

;; A degenerate hash table. This structure is purely a formality. The
;; last 5 entries in the hash table (11, 16, 1, 10, 4) overlap
;; with the next structure.

hash:
dd 1 ; nbucket = 1
dd dynsym_count ; nchain = 18
dd 15
dd 0, 2, 3, 17, 5, 6, 7 ; a chain with 18 links
dd 8, 9, 16, 13, 12, 0

;; The _DYNAMIC section. Indicates the presence and location of the
;; dynamic symbol section (and associated string table and hash table)
;; and the relocation section. The final DT_NULL entry in the dynamic
;; section overlaps with the next structure.

dynamic:
dd 11, 16 ; DT_SYMENT = sizeof(Elf32_Sym)
dd 1, lib_name ; DT_NEEDED = 10
dd 4, hash ; DT_HASH
dd 5, dynstr ; DT_STRTAB
dd 6, dynsym ; DT_SYMTAB
dd 10, dynstr_size ; DT_STRSZ
dd 17, reltext ; DT_REL
dd 18, reltext_size ; DT_RELSZ
dd 19, 8 ; DT_RELENT = sizeof(Elf32_Rel)
dynamic_size equ $ - dynamic + 8

;; The dynamic symbol table. Entries are included for the _DYNAMIC
;; section and the seventeen functions imported from libX11.so.

dynsym:
dd 0
dd 0
dd 0
dw 0
dw 0
dynamic_sym equ 1
dd dynamic_name
dd dynamic
dd 0
dw 0x11 ; STB_GLOBAL, STT_OBJECT
dw 0xFFF1 ; SHN_ABS
Xtext_sym equ 2
dd Xtext_name
dd 0
dd 0
dw 0x12 ; STB_GLOBAL, STT_FUNC
dw 0
dynsym_count equ 3

;; The relocation table. The addresses of the functions imported from
;; libX11 are stored in the program's bss area. Since they will be
;; used with indirect calls, the R_386_32 relocation is used throughout.

reltext:
dd Xtext_rel
db 1, Xtext_sym, 0, 0

reltext_size equ $ - reltext

;; The interpreter pathname. The final NUL byte appears in the next
;; section.

interp:
db '/lib32/ld-linux.so.2'
interp_size equ $ - interp + 1

;; The string table for the dynamic symbol table.

dynstr:
db 0
dynamic_name equ $ - dynstr
db '_DYNAMIC', 0
lib_name equ $ - dynstr
db './libmydll.so.1', 0
Xtext_name equ $ - dynstr
db 'Xtext', 0
dynstr_size equ $ - dynstr

;;
;; The program proper.
;;

_start:
mov ebp, _ebp_pos_
xor eax, eax
;push eax

call [ADDR(Xtext_rel)]

mov eax, 0
int 0x80

ret

;;
;; Program data.
;;

;; The window title text.

titlestr: db 'Puzzle', 0

;; ebp is set to point here during initialization. From here most of
;; the data needed by the program is within 127 bytes.

_ebp_pos_:

;;
;; End of the file image.
;;

file_size equ $ - $$

;;
;; Beginning of the program's bss section.
;;

ABSOLUTE $

;; Terminating NUL byte for the protocol string.

resb 1

ALIGNB 4

stackptr:
Xtext_rel: resd 1

mem_size equ $ - $$
 

Lesen sie die antworten

#1 Jan Seiffert
28/09/2012 - 00:38 | Warnen spam
Jens Kallup schrieb:
valgrind output:



[snip]

strcmp wird doch gefunden.
Es greift nur auf auf nicht gemappeten Speicher zu aka. einen
ungültigen Pointer.


Gruss
Jan

Ähnliche fragen