[syslinux] Crash with core32 (syslinux-3.81-pre12-68-g4a211f6)
H. Peter Anvin
hpa at zytor.com
Mon May 25 16:00:04 PDT 2009
Sebastian Herbszt wrote:
>
> 8783 0000AD0B 8B25[4C040000] <2> mov
> esp,[PMESP] ; Load protmode %esp
> 8784 0000AD11 89E8 <2> mov
> eax,ebp ; EAX -> top of real-mode stack
> 8785 0000AD13 FFE3 <2> jmp
> ebx ; Go to where we need to go
>
>> In both cases it looks like it's jumping through an invalid pointer.
>
> Guess ebx is not what it's supposed to be since there are just a bunch
> of 0-bytes
> at 0x000034b4.
>
0x34b4 doesn't sound right there at all; ebx should have been set on
line 106 of core/callback.inc to core_syscall.pm_return, which should be
a symbol in the .text segment and hence a bit above 0x100000; the exact
address should be possible to determine via nm core/<name>.elf; e.g:
: tazenda 320 ; nm -n core/ldlinux.elf | grep core_syscall
0000a344 t core_syscall.rm
0000a354 t core_syscall.rm_return
00100047 t core_syscall
00100094 t core_syscall.pm_return <--- what should be in ebx
001000ad t core_syscall.no_copy
001000af t core_syscall.do_copy
I'm wondering if there is a linker issue...
-hpa
--
H. Peter Anvin, Intel Open Source Technology Center
I work for Intel. I don't speak on their behalf.
More information about the Syslinux
mailing list