《coredump问题原理探究》Linux x86版7.12节string coredump

看一个coredump:

Program terminated with signal 11, Segmentation fault.
#0  0x0090bb06 in __strlen_sse2_bsf () from /lib/libc.so.6
Missing separate debuginfos, use: debuginfo-install glibc-2.12-1.149.el6_6.5.i686 libgcc-4.4.7-11.el6.i686 libstdc++-4.4.7-11.el6.i686
(gdb) bt
#0  0x0090bb06 in __strlen_sse2_bsf () from /lib/libc.so.6
#1  0x00cd88b3 in std::basic_string, std::allocator >::operator=(char const*) () from /usr/lib/libstdc++.so.6
#2  0x080485b7 in main ()

看一下__strlen_sse2_bsf的汇编:

(gdb) frame 0
#0  0x0090bb06 in __strlen_sse2_bsf () from /lib/libc.so.6
(gdb) disassemble 
Dump of assembler code for function __strlen_sse2_bsf:
   0x0090baf0 <+0>:  push   %esi
   0x0090baf1 <+1>:  push   %edi
   0x0090baf2 <+2>:  mov    0xc(%esp),%edi
   0x0090baf6 <+6>:  xor    %eax,%eax
   0x0090baf8 <+8>:  mov    %edi,%ecx
   0x0090bafa <+10>:  and    $0x3f,%ecx
   0x0090bafd <+13>:  pxor   %xmm0,%xmm0
   0x0090bb01 <+17>:  cmp    $0x30,%ecx
   0x0090bb04 <+20>:  ja     0x90bb1d <__strlen_sse2_bsf+45>
=> 0x0090bb06 <+22>:  movdqu (%edi),%xmm1
   0x0090bb0a <+26>:  pcmpeqb %xmm1,%xmm0
   0x0090bb0e <+30>:  pmovmskb %xmm0,%edx
   0x0090bb12 <+34>:  test   %edx,%edx
   0x0090bb14 <+36>:  jne    0x90bb89 <__strlen_sse2_bsf+153>
   0x0090bb16 <+38>:  mov    %edi,%eax
   0x0090bb18 <+40>:  and    $0xfffffff0,%eax
   0x0090bb1b <+43>:  jmp    0x90bb37 <__strlen_sse2_bsf+71>
   0x0090bb1d <+45>:  mov    %edi,%eax

看一下寄存器的值:

(gdb) i r edi
edi            0x0  0
(gdb) i r ecx
ecx            0x0  0

更多内容 请关注微信公众号“debugeeker", 链接为https://mp.weixin.qq.com/s/VV7nI1wkaM4uXnihUPvc6w