user4929293 user4929293 - 1 month ago 7
Bash Question

Why SIGSEGV while push instruction

=> 0x7fffffffeefc: xor %eax,%eax
0x7fffffffeefe: movabs $0xff978cd091969dd1,%rbx
0x7fffffffef08: neg %rbx
0x7fffffffef0b: push %rbx
0x7fffffffef0c: push %rsp
0x7fffffffef0d: pop %rdi
0x7fffffffef0e: mov $0x3b,%al
0x7fffffffef10: syscall
0x7fffffffef12: add %cl,0x4e(%rcx,%rcx,2)
0x7fffffffef16: rex.RB push %r11
(gdb) nexti
0x00007fffffffeefe in ?? ()
(gdb) nexti
0x00007fffffffef08 in ?? ()
(gdb) nexti
0x00007fffffffef0b in ?? ()
(gdb) nexti
0x00007fffffffef0c in ?? ()
(gdb) nexti

Program received signal SIGSEGV, Segmentation fault.
0x00007fffffffef12 in ?? ()


I can't understand why segmentation fault occur in
0x7fffffffef0c
. After segmentation fault rip jump to
0x7fffffffef12
instead of
0x7fffffffef0c
. Is this mean
0x7fffffffef0c
is error handler?

Answer

It appears that gdb stepped over the syscall instruction and some of the surrounding instructions. The SIGSEGV probably has something to with the value of the rcx register, used in the instruction at 0x7fffffffef12. If you want gdb to stop at every instruction rather than proceeding over function calls, stepi is likely to be better for that than nexti.

Comments