Re: Some more info about that guname bug

[Martin Baulig <martin home-of-linux org>]

Just saw my own posting here on the gnome-devel-list.

It's already fixed! DrMike did it for us.

Martin Baulig <martin@home-of-linux.org> writes:

> Hello hackers,
> 
> Here are some more info about that guname core dump.
> 
> I renamed `descriptions' to `guname_descriptions' and inserted a 0x80
> bytes large, zero-initialized array called `not_used' like this:
> 
> 	long long int not_used[16] = {
> 	 0, 0, 0, 0, 0, 0, 0, 0,
> 	 0, 0, 0, 0, 0, 0, 0 ,0
> 	};
> 
> This is from the resulting binary:
> 
> 08050b48 D __data_start
> 08050b48 W data_start
> 08050b4c d p.2
> 08050b50 d completed.3
> 08050b54 D popup
> 08050b54 d force_to_data
> 08050b58 d scroll_text
> 08050ec4 d nscroll_texts
> 08050ec8 d scroll_text_widths
> 080511e8 d cur_scroll_text
> 080511ec d cur_scroll_index
> 080511f0 d scroll_area
> 080511f4 d scroll_pixmap
> 080511f8 d do_scrolling
> 080511fc d scroll_state
> 08051200 d offset
> 08051204 d timer
> 0805120c D not_used
> 0805128c D guname_descriptions
> 
> Some strange thing happens while imlib is loading the png module which
> causes parts of the data segment (around that 0x0805120c address) being
> overwritten.
> 
> This is causing the segfault later where it tries to access one of the
> strings in the `guname_descriptions'.
> 
> Moving this `guname_description' symbol further to the end of the data
> segment (by inserting the `not_used' unused initialized array) fixes
> this problem as it is this unused array being overwritten.
> 
> I really start getting confused - any ideas what is happening here ?
> 
> -- 
> Martin Baulig - martin@home-of-linux.org - http://www.home-of-linux.org
> 
> 
> -- 
> To unsubscribe: mail gnome-devel-list-request@gnome.org with "unsubscribe"
> as the Subject.
> 

-- 
Martin Baulig - martin@home-of-linux.org - http://www.home-of-linux.org