GNOME Bugzilla – Bug 664833
[abrt] tracker-0.12.7-1.fc16: read_uint32: Process /usr/libexec/tracker-store was killed by signal 11 (SIGSEGV)
Last modified: 2011-12-08 10:15:45 UTC
Originally reported at https://bugzilla.redhat.com/show_bug.cgi?id=756871 .Full backtrace pasted below; [New LWP 1342] [New LWP 1344] [New LWP 1343] [New LWP 1348] [New LWP 1347] [New LWP 1346] [New LWP 1345] [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/libthread_db.so.1". Core was generated by `/usr/libexec/tracker-store'. Program terminated with signal 11, Segmentation fault.
+ Trace 229133
Thread 1 (Thread 0xb77a3780 (LWP 1342))
From To Syms Read Shared Object Library 0x44805cd0 0x44867748 Yes /usr/lib/tracker-0.12/libtracker-data.so.0 0x44890a90 0x448a39e8 Yes /usr/lib/tracker-0.12/libtracker-common.so.0 0x447d3ea0 0x447e9ca8 Yes /usr/lib/libtracker-sparql-0.12.so.0 0x48dd1770 0x48e088fc Yes /usr/lib/libunistring.so.0 0x47ffb010 0x47ffccb8 Yes /lib/libuuid.so.1 0x47724ee0 0x477efc48 Yes /lib/libgio-2.0.so.0 0x476b42b0 0x476e71f8 Yes /lib/libgobject-2.0.so.0 0x4769cec0 0x4769e608 Yes /lib/libgthread-2.0.so.0 0x476fdbf0 0x476fed78 Yes /lib/libgmodule-2.0.so.0 0x474f7920 0x474fba98 Yes /lib/librt.so.1 0x4756e0f0 0x4760c9b8 Yes /lib/libglib-2.0.so.0 0x48b7e730 0x48bfbd38 Yes /usr/lib/libsqlite3.so.0 0x47503670 0x47510948 Yes /lib/libz.so.1 0x474a9420 0x474c43a8 Yes /lib/libm.so.6 0x474d6680 0x474e26e8 Yes /lib/libpthread.so.0 0x4730ee90 0x47445d44 Yes /lib/libc.so.6 0x472d3850 0x472ecedf Yes /lib/ld-linux.so.2 0x476a5020 0x476a8678 Yes /usr/lib/libffi.so.5 0x474efa60 0x474f0a88 Yes /lib/libdl.so.2 0x4753d6e0 0x4754f468 Yes /lib/libselinux.so.1 0x47681670 0x47692088 Yes /lib/libresolv.so.2 0x00311530 0x0032d618 Yes /usr/lib/gio/modules/libgvfsdbus.so 0x47880bc0 0x4788c198 Yes /usr/lib/libgvfscommon.so.0 0x4784d8d0 0x4786dce8 Yes /usr/lib/libbluray.so.0 0x479b06a0 0x479dff28 Yes /lib/libdbus-1.so.3 0x487ce4f0 0x487d7e48 Yes /lib/libudev.so.0 0x48d79a20 0x48d7a448 Yes /lib/libutil.so.1 0x47b1ac80 0x47c05bec Yes /usr/lib/libxml2.so.2 0x4751bf30 0x47532c48 Yes /lib/libgcc_s.so.1 0x47e25e30 0x47e99818 Yes /usr/lib/libstdc++.so.6 0x00bd1ba0 0x00bde6e8 Yes /usr/lib/gio/modules/libgioremote-volume-monitor.so 0x00c3ddc0 0x00c417e8 Yes /usr/lib/gio/modules/libdconfsettings.so 0x0026ca10 0x00274158 Yes /lib/libnss_files.so.2 $1 = 0x0 $2 = 0x0 eax 0x2744e534 658826548 ecx 0xbfac4c00 -1079227392 edx 0x2500 9472 ebx 0x44882ff4 1149775860 esp 0xbfac4b90 0xbfac4b90 ebp 0x732f2535 0x732f2535 esi 0xbfac4c00 -1079227392 edi 0xbfac4bcc -1079227444 eip 0x448559f9 0x448559f9 <db_journal_reader_next+1337> eflags 0x10203 [ CF IF RF ] cs 0x73 115 ss 0x7b 123 ds 0x7b 123 es 0x7b 123 fs 0x0 0 gs 0x33 51 Dump of assembler code for function db_journal_reader_next: 0x448554c0 <+0>: lea -0x5c(%esp),%esp 0x448554c4 <+4>: mov %esi,0x50(%esp) 0x448554c8 <+8>: mov %eax,%esi 0x448554ca <+10>: mov 0x10(%eax),%eax 0x448554cd <+13>: mov %ebx,0x4c(%esp) 0x448554d1 <+17>: call 0x44808489 <__i686.get_pc_thunk.bx> 0x448554d6 <+22>: add $0x2db1e,%ebx 0x448554dc <+28>: test %eax,%eax 0x448554de <+30>: mov %edi,0x54(%esp) 0x448554e2 <+34>: mov %ebp,0x58(%esp) 0x448554e6 <+38>: mov %edx,%edi 0x448554e8 <+40>: movl $0x0,0x3c(%esp) 0x448554f0 <+48>: je 0x44855800 <db_journal_reader_next+832> 0x448554f6 <+54>: mov 0x3c(%esi),%eax 0x448554f9 <+57>: mov %eax,(%esp) 0x448554fc <+60>: call 0x44802c00 <g_free@plt> 0x44855501 <+65>: mov 0x50(%esi),%eax 0x44855504 <+68>: movl $0x0,0x3c(%esi) 0x4485550b <+75>: mov %eax,(%esp) 0x4485550e <+78>: movl $0x0,0x40(%esi) 0x44855515 <+85>: movl $0x0,0x44(%esi) 0x4485551c <+92>: movl $0x0,0x48(%esi) 0x44855523 <+99>: movl $0x0,0x4c(%esi) 0x4485552a <+106>: call 0x44802c00 <g_free@plt> 0x4485552f <+111>: mov 0x38(%esi),%eax 0x44855532 <+114>: movl $0x0,0x50(%esi) 0x44855539 <+121>: cmp $0x3,%eax 0x4485553c <+124>: jne 0x44855618 <db_journal_reader_next+344> 0x44855542 <+130>: mov 0xd6c(%ebx),%ebp 0x44855548 <+136>: test %ebp,%ebp 0x4485554a <+138>: je 0x44855588 <db_journal_reader_next+200> 0x4485554c <+140>: lea -0xfeec(%ebx),%eax 0x44855552 <+146>: mov %eax,(%esp) 0x44855555 <+149>: call 0x44804830 <g_getenv@plt> 0x4485555a <+154>: mov %eax,(%esp) 0x4485555d <+157>: lea -0x1015b(%ebx),%edx 0x44855563 <+163>: mov %edx,0x4(%esp) 0x44855567 <+167>: call 0x44803350 <g_strcmp0@plt> 0x4485556c <+172>: test %eax,%eax 0x4485556e <+174>: jne 0x4485557a <db_journal_reader_next+186> 0x44855570 <+176>: movl $0x1,0x1088(%ebx) 0x4485557a <+186>: movl $0x0,0xd6c(%ebx) 0x44855584 <+196>: lea 0x0(%esi,%eiz,1),%esi 0x44855588 <+200>: mov 0x1088(%ebx),%ecx 0x4485558e <+206>: test %ecx,%ecx 0x44855590 <+208>: je 0x4485559e <db_journal_reader_next+222> 0x44855592 <+210>: movl $0x1,(%esp) 0x44855599 <+217>: call 0x44804ff0 <sleep@plt> 0x4485559e <+222>: mov 0x4(%esi),%ebp 0x448555a1 <+225>: test %ebp,%ebp 0x448555a3 <+227>: je 0x44855718 <db_journal_reader_next+600> 0x448555a9 <+233>: call 0x44805840 <g_buffered_input_stream_get_type@plt> 0x448555ae <+238>: mov %eax,0x4(%esp) 0x448555b2 <+242>: mov %ebp,(%esp) 0x448555b5 <+245>: call 0x44804d30 <g_type_check_instance_cast@plt> 0x448555ba <+250>: mov %eax,(%esp) 0x448555bd <+253>: mov %eax,%ebp 0x448555bf <+255>: call 0x448059f0 <g_buffered_input_stream_get_available@plt> 0x448555c4 <+260>: test %eax,%eax 0x448555c6 <+262>: je 0x44855838 <db_journal_reader_next+888> 0x448555cc <+268>: mov 0x14(%esi),%eax 0x448555cf <+271>: mov %eax,0x1c(%esi) 0x448555d2 <+274>: lea 0x3c(%esp),%edi 0x448555d6 <+278>: mov %esi,%eax 0x448555d8 <+280>: mov %edi,%edx 0x448555da <+282>: call 0x448534c0 <journal_read_uint32> 0x448555df <+287>: mov %eax,%ebp 0x448555e1 <+289>: mov 0x3c(%esp),%eax 0x448555e5 <+293>: test %eax,%eax 0x448555e7 <+295>: je 0x44855868 <db_journal_reader_next+936> 0x448555ed <+301>: mov %eax,0x4(%esp) 0x448555f1 <+305>: mov 0x60(%esp),%eax 0x448555f5 <+309>: mov %eax,(%esp) 0x448555f8 <+312>: call 0x44804410 <g_propagate_error@plt> 0x448555fd <+317>: xor %eax,%eax 0x448555ff <+319>: mov 0x4c(%esp),%ebx 0x44855603 <+323>: mov 0x50(%esp),%esi 0x44855607 <+327>: mov 0x54(%esp),%edi 0x4485560b <+331>: mov 0x58(%esp),%ebp 0x4485560f <+335>: lea 0x5c(%esp),%esp 0x44855613 <+339>: ret 0x44855614 <+340>: lea 0x0(%esi,%eiz,1),%esi 0x44855618 <+344>: test %eax,%eax 0x4485561a <+346>: je 0x44855542 <db_journal_reader_next+130> 0x44855620 <+352>: mov 0x2c(%esi),%ebp 0x44855623 <+355>: test %ebp,%ebp 0x44855625 <+357>: jne 0x44855660 <db_journal_reader_next+416> 0x44855627 <+359>: lea 0x3c(%esp),%edx 0x4485562b <+363>: mov %esi,%eax 0x4485562d <+365>: call 0x448534c0 <journal_read_uint32> 0x44855632 <+370>: mov 0x3c(%esp),%eax 0x44855636 <+374>: test %eax,%eax 0x44855638 <+376>: jne 0x448555ed <db_journal_reader_next+301> 0x4485563a <+378>: mov 0x4(%esi),%edi 0x4485563d <+381>: test %edi,%edi 0x4485563f <+383>: mov 0x14(%esi),%edi 0x44855642 <+386>: je 0x44855990 <db_journal_reader_next+1232> 0x44855648 <+392>: movl $0x3,0x38(%esi) 0x4485564f <+399>: mov %edi,0x24(%esi) 0x44855652 <+402>: mov $0x1,%eax 0x44855657 <+407>: jmp 0x448555ff <db_journal_reader_next+319> 0x44855659 <+409>: lea 0x0(%esi,%eiz,1),%esi 0x44855660 <+416>: lea 0x3c(%esp),%edi 0x44855664 <+420>: mov %esi,%eax 0x44855666 <+422>: mov %edi,%edx 0x44855668 <+424>: call 0x448534c0 <journal_read_uint32> 0x4485566d <+429>: mov %eax,%ebp 0x4485566f <+431>: mov 0x3c(%esp),%eax 0x44855673 <+435>: test %eax,%eax 0x44855675 <+437>: jne 0x448555ed <db_journal_reader_next+301> 0x4485567b <+443>: cmp $0x1,%ebp 0x4485567e <+446>: je 0x44855a40 <db_journal_reader_next+1408> 0x44855684 <+452>: mov %ebp,%eax 0x44855686 <+454>: and $0x2,%eax 0x44855689 <+457>: cmp $0x1,%eax 0x4485568c <+460>: sbb %eax,%eax 0x4485568e <+462>: test $0x4,%ebp 0x44855694 <+468>: je 0x44855908 <db_journal_reader_next+1096> 0x4485569a <+474>: add $0x8,%eax 0x4485569d <+477>: mov %eax,0x38(%esi) 0x448556a0 <+480>: test $0x8,%ebp 0x448556a6 <+486>: jne 0x44855970 <db_journal_reader_next+1200> 0x448556ac <+492>: movl $0x0,0x40(%esi) 0x448556b3 <+499>: mov %edi,%edx 0x448556b5 <+501>: mov %esi,%eax 0x448556b7 <+503>: call 0x448534c0 <journal_read_uint32> 0x448556bc <+508>: mov %eax,0x44(%esi) 0x448556bf <+511>: mov 0x3c(%esp),%eax 0x448556c3 <+515>: test %eax,%eax 0x448556c5 <+517>: jne 0x448555ed <db_journal_reader_next+301> 0x448556cb <+523>: mov %edi,%edx 0x448556cd <+525>: mov %esi,%eax 0x448556cf <+527>: call 0x448534c0 <journal_read_uint32> 0x448556d4 <+532>: mov %eax,0x48(%esi) 0x448556d7 <+535>: mov 0x3c(%esp),%eax 0x448556db <+539>: test %eax,%eax 0x448556dd <+541>: jne 0x448555ed <db_journal_reader_next+301> 0x448556e3 <+547>: and $0x2,%ebp 0x448556e6 <+550>: mov %edi,%edx 0x448556e8 <+552>: mov %esi,%eax 0x448556ea <+554>: je 0x44855a9d <db_journal_reader_next+1501> 0x448556f0 <+560>: call 0x448534c0 <journal_read_uint32> 0x448556f5 <+565>: mov %eax,0x4c(%esi) 0x448556f8 <+568>: mov 0x3c(%esp),%eax 0x448556fc <+572>: test %eax,%eax 0x448556fe <+574>: jne 0x448555ed <db_journal_reader_next+301> 0x44855704 <+580>: subl $0x1,0x2c(%esi) 0x44855708 <+584>: mov $0x1,%eax 0x4485570d <+589>: jmp 0x448555ff <db_journal_reader_next+319> 0x44855712 <+594>: lea 0x0(%esi),%esi 0x44855718 <+600>: mov 0x14(%esi),%eax 0x4485571b <+603>: cmp 0x18(%esi),%eax 0x4485571e <+606>: jb 0x448555cf <db_journal_reader_next+271> 0x44855724 <+612>: xor %eax,%eax 0x44855726 <+614>: test %edi,%edi 0x44855728 <+616>: je 0x448555ff <db_journal_reader_next+319> 0x4485572e <+622>: mov 0x54(%esi),%edx 0x44855731 <+625>: test %edx,%edx 0x44855733 <+627>: je 0x448555ff <db_journal_reader_next+319> 0x44855739 <+633>: lea 0x102c(%ebx),%eax 0x4485573f <+639>: call 0x44852a10 <reader_get_next_filepath> 0x44855744 <+644>: mov %eax,%ebp 0x44855746 <+646>: mov 0x1030(%ebx),%eax 0x4485574c <+652>: test %eax,%eax 0x4485574e <+654>: je 0x44855a80 <db_journal_reader_next+1472> 0x44855754 <+660>: mov %eax,(%esp) 0x44855757 <+663>: call 0x448032c0 <g_object_unref@plt> 0x4485575c <+668>: mov 0x1034(%ebx),%eax 0x44855762 <+674>: movl $0x0,0x1030(%ebx) 0x4485576c <+684>: mov %eax,(%esp) 0x4485576f <+687>: call 0x448032c0 <g_object_unref@plt> 0x44855774 <+692>: mov 0x1038(%ebx),%eax 0x4485577a <+698>: movl $0x0,0x1034(%ebx) 0x44855784 <+708>: test %eax,%eax 0x44855786 <+710>: je 0x4485579a <db_journal_reader_next+730> 0x44855788 <+712>: mov %eax,(%esp) 0x4485578b <+715>: call 0x448032c0 <g_object_unref@plt> 0x44855790 <+720>: movl $0x0,0x1038(%ebx) 0x4485579a <+730>: mov 0x60(%esp),%eax 0x4485579e <+734>: mov %ebp,%edx 0x448557a0 <+736>: mov %eax,(%esp) 0x448557a3 <+739>: lea 0x102c(%ebx),%eax 0x448557a9 <+745>: call 0x448531f0 <db_journal_reader_init_file> 0x448557ae <+750>: test %eax,%eax 0x448557b0 <+752>: mov %ebp,(%esp) 0x448557b3 <+755>: je 0x44855958 <db_journal_reader_next+1176> 0x448557b9 <+761>: call 0x44802c00 <g_free@plt> 0x448557be <+766>: mov 0x60(%esp),%eax 0x448557c2 <+770>: mov %edi,%edx 0x448557c4 <+772>: mov %eax,(%esp) 0x448557c7 <+775>: mov %esi,%eax 0x448557c9 <+777>: movl $0x3,0x1064(%ebx) 0x448557d3 <+787>: movl $0x0,0x1048(%ebx) 0x448557dd <+797>: movl $0x0,0x104c(%ebx) 0x448557e7 <+807>: movl $0x0,0x1058(%ebx) 0x448557f1 <+817>: call 0x448554c0 <db_journal_reader_next> 0x448557f6 <+822>: jmp 0x448555ff <db_journal_reader_next+319> 0x448557fb <+827>: nop 0x448557fc <+828>: lea 0x0(%esi,%eiz,1),%esi 0x44855800 <+832>: mov 0x4(%esi),%eax 0x44855803 <+835>: test %eax,%eax 0x44855805 <+837>: jne 0x448554f6 <db_journal_reader_next+54> 0x4485580b <+843>: lea -0xfd9c(%ebx),%eax 0x44855811 <+849>: mov %eax,0x8(%esp) 0x44855815 <+853>: lea -0xf791(%ebx),%eax 0x4485581b <+859>: mov %eax,0x4(%esp) 0x4485581f <+863>: lea -0x1acad(%ebx),%eax 0x44855825 <+869>: mov %eax,(%esp) 0x44855828 <+872>: call 0x448045d0 <g_return_if_fail_warning@plt> 0x4485582d <+877>: xor %eax,%eax 0x4485582f <+879>: jmp 0x448555ff <db_journal_reader_next+319> 0x44855834 <+884>: lea 0x0(%esi,%eiz,1),%esi 0x44855838 <+888>: movl $0x0,0xc(%esp) 0x44855840 <+896>: movl $0x0,0x8(%esp) 0x44855848 <+904>: movl $0xffffffff,0x4(%esp) 0x44855850 <+912>: mov %ebp,(%esp) 0x44855853 <+915>: call 0x44804600 <g_buffered_input_stream_fill@plt> 0x44855858 <+920>: test %eax,%eax 0x4485585a <+922>: je 0x44855724 <db_journal_reader_next+612> 0x44855860 <+928>: jmp 0x448555cc <db_journal_reader_next+268> 0x44855865 <+933>: lea 0x0(%esi),%esi 0x44855868 <+936>: cmp $0x13,%ebp 0x4485586b <+939>: nop 0x4485586c <+940>: lea 0x0(%esi,%eiz,1),%esi 0x44855870 <+944>: jbe 0x44855920 <db_journal_reader_next+1120> 0x44855876 <+950>: mov 0x4(%esi),%eax 0x44855879 <+953>: test %eax,%eax 0x4485587b <+955>: je 0x448559e8 <db_journal_reader_next+1320> 0x44855881 <+961>: mov %edi,%edx 0x44855883 <+963>: mov %esi,%eax 0x44855885 <+965>: call 0x448534c0 <journal_read_uint32> 0x4485588a <+970>: mov %eax,0x2c(%esi) 0x4485588d <+973>: mov 0x3c(%esp),%eax 0x44855891 <+977>: test %eax,%eax 0x44855893 <+979>: jne 0x448555ed <db_journal_reader_next+301> 0x44855899 <+985>: mov %edi,%edx 0x4485589b <+987>: mov %esi,%eax 0x4485589d <+989>: call 0x448534c0 <journal_read_uint32> 0x448558a2 <+994>: mov %eax,%edx 0x448558a4 <+996>: mov 0x3c(%esp),%eax 0x448558a8 <+1000>: test %eax,%eax 0x448558aa <+1002>: jne 0x448555ed <db_journal_reader_next+301> 0x448558b0 <+1008>: mov 0x4(%esi),%eax 0x448558b3 <+1011>: test %eax,%eax 0x448558b5 <+1013>: je 0x44855ae4 <db_journal_reader_next+1572> 0x448558bb <+1019>: mov %edi,%edx 0x448558bd <+1021>: mov %esi,%eax 0x448558bf <+1023>: call 0x448534c0 <journal_read_uint32> 0x448558c4 <+1028>: mov %eax,0x30(%esi) 0x448558c7 <+1031>: mov 0x3c(%esp),%eax 0x448558cb <+1035>: test %eax,%eax 0x448558cd <+1037>: movl $0x0,0x34(%esi) 0x448558d4 <+1044>: jne 0x448555ed <db_journal_reader_next+301> 0x448558da <+1050>: mov %edi,%edx 0x448558dc <+1052>: mov %esi,%eax 0x448558de <+1054>: call 0x448534c0 <journal_read_uint32> 0x448558e3 <+1059>: mov 0x3c(%esp),%edx 0x448558e7 <+1063>: test %edx,%edx 0x448558e9 <+1065>: je 0x44855b27 <db_journal_reader_next+1639> 0x448558ef <+1071>: mov 0x60(%esp),%eax 0x448558f3 <+1075>: mov %edx,0x4(%esp) 0x448558f7 <+1079>: mov %eax,(%esp) 0x448558fa <+1082>: call 0x44804410 <g_propagate_error@plt> 0x448558ff <+1087>: xor %eax,%eax 0x44855901 <+1089>: jmp 0x448555ff <db_journal_reader_next+319> 0x44855906 <+1094>: xchg %ax,%ax 0x44855908 <+1096>: test $0x10,%ebp 0x4485590e <+1102>: je 0x448559d8 <db_journal_reader_next+1304> 0x44855914 <+1108>: add $0xa,%eax 0x44855917 <+1111>: mov %eax,0x38(%esi) 0x4485591a <+1114>: jmp 0x448556a0 <db_journal_reader_next+480> 0x4485591f <+1119>: nop 0x44855920 <+1120>: call 0x44805060 <tracker_db_journal_error_quark@plt> 0x44855925 <+1125>: mov %eax,0x4(%esp) 0x44855929 <+1129>: mov 0x60(%esp),%eax 0x4485592d <+1133>: lea -0xfebc(%ebx),%edx 0x44855933 <+1139>: mov %eax,(%esp) 0x44855936 <+1142>: mov %ebp,0x10(%esp) 0x4485593a <+1146>: mov %edx,0xc(%esp) 0x4485593e <+1150>: movl $0x1,0x8(%esp) 0x44855946 <+1158>: call 0x448046b0 <g_set_error@plt> 0x4485594b <+1163>: xor %eax,%eax 0x4485594d <+1165>: jmp 0x448555ff <db_journal_reader_next+319> 0x44855952 <+1170>: lea 0x0(%esi),%esi 0x44855958 <+1176>: call 0x44802c00 <g_free@plt> 0x4485595d <+1181>: lea 0x0(%esi),%esi 0x44855960 <+1184>: call 0x44805830 <tracker_db_journal_reader_shutdown@plt> 0x44855965 <+1189>: xor %eax,%eax 0x44855967 <+1191>: jmp 0x448555ff <db_journal_reader_next+319> 0x4485596c <+1196>: lea 0x0(%esi,%eiz,1),%esi 0x44855970 <+1200>: mov %edi,%edx 0x44855972 <+1202>: mov %esi,%eax 0x44855974 <+1204>: call 0x448534c0 <journal_read_uint32> 0x44855979 <+1209>: mov %eax,0x40(%esi) 0x4485597c <+1212>: mov 0x3c(%esp),%eax 0x44855980 <+1216>: test %eax,%eax 0x44855982 <+1218>: jne 0x448555ed <db_journal_reader_next+301> 0x44855988 <+1224>: jmp 0x448556b3 <db_journal_reader_next+499> 0x4485598d <+1229>: lea 0x0(%esi),%esi 0x44855990 <+1232>: mov 0x20(%esi),%ebp 0x44855993 <+1235>: cmp %ebp,%edi 0x44855995 <+1237>: je 0x44855648 <db_journal_reader_next+392> 0x4485599b <+1243>: nop 0x4485599c <+1244>: lea 0x0(%esi,%eiz,1),%esi 0x448559a0 <+1248>: call 0x44805060 <tracker_db_journal_error_quark@plt> 0x448559a5 <+1253>: mov %ebp,0x14(%esp) 0x448559a9 <+1257>: mov %edi,0x10(%esp) 0x448559ad <+1261>: lea -0xfde0(%ebx),%edx 0x448559b3 <+1267>: mov %eax,0x4(%esp) 0x448559b7 <+1271>: mov 0x60(%esp),%eax 0x448559bb <+1275>: mov %eax,(%esp) 0x448559be <+1278>: mov %edx,0xc(%esp) 0x448559c2 <+1282>: movl $0x1,0x8(%esp) 0x448559ca <+1290>: call 0x448046b0 <g_set_error@plt> 0x448559cf <+1295>: xor %eax,%eax 0x448559d1 <+1297>: jmp 0x448555ff <db_journal_reader_next+319> 0x448559d6 <+1302>: xchg %ax,%ax 0x448559d8 <+1304>: add $0x6,%eax 0x448559db <+1307>: mov %eax,0x38(%esi) 0x448559de <+1310>: jmp 0x448556a0 <db_journal_reader_next+480> 0x448559e3 <+1315>: nop 0x448559e4 <+1316>: lea 0x0(%esi,%eiz,1),%esi 0x448559e8 <+1320>: mov 0x1c(%esi),%eax 0x448559eb <+1323>: add %ebp,%eax 0x448559ed <+1325>: cmp 0x18(%esi),%eax 0x448559f0 <+1328>: mov %eax,0x20(%esi) 0x448559f3 <+1331>: ja 0x44855ab6 <db_journal_reader_next+1526> => 0x448559f9 <+1337>: movzbl -0x4(%eax),%ecx 0x448559fd <+1341>: movzbl -0x3(%eax),%edx 0x44855a01 <+1345>: shl $0x10,%edx 0x44855a04 <+1348>: shl $0x18,%ecx 0x44855a07 <+1351>: or %edx,%ecx 0x44855a09 <+1353>: movzbl -0x1(%eax),%edx 0x44855a0d <+1357>: movzbl -0x2(%eax),%eax 0x44855a11 <+1361>: or %edx,%ecx 0x44855a13 <+1363>: shl $0x8,%eax 0x44855a16 <+1366>: or %eax,%ecx 0x44855a18 <+1368>: cmp %ecx,%ebp 0x44855a1a <+1370>: je 0x44855881 <db_journal_reader_next+961> 0x44855a20 <+1376>: mov %ecx,0x2c(%esp) 0x44855a24 <+1380>: call 0x44805060 <tracker_db_journal_error_quark@plt> 0x44855a29 <+1385>: mov 0x2c(%esp),%ecx 0x44855a2d <+1389>: mov %ebp,0x10(%esp) 0x44855a31 <+1393>: mov %ecx,0x14(%esp) 0x44855a35 <+1397>: lea -0xfe5c(%ebx),%edx 0x44855a3b <+1403>: jmp 0x448559b3 <db_journal_reader_next+1267> 0x44855a40 <+1408>: movl $0x4,0x38(%esi) 0x44855a47 <+1415>: mov %edi,%edx 0x44855a49 <+1417>: mov %esi,%eax 0x44855a4b <+1419>: call 0x448534c0 <journal_read_uint32> 0x44855a50 <+1424>: mov %eax,0x44(%esi) 0x44855a53 <+1427>: mov 0x3c(%esp),%eax 0x44855a57 <+1431>: test %eax,%eax 0x44855a59 <+1433>: jne 0x448555ed <db_journal_reader_next+301> 0x44855a5f <+1439>: mov %edi,%edx 0x44855a61 <+1441>: mov %esi,%eax 0x44855a63 <+1443>: call 0x44853580 <journal_read_string> 0x44855a68 <+1448>: mov %eax,0x3c(%esi) 0x44855a6b <+1451>: mov 0x3c(%esp),%eax 0x44855a6f <+1455>: test %eax,%eax 0x44855a71 <+1457>: jne 0x448555ed <db_journal_reader_next+301> 0x44855a77 <+1463>: jmp 0x44855704 <db_journal_reader_next+580> 0x44855a7c <+1468>: lea 0x0(%esi,%eiz,1),%esi 0x44855a80 <+1472>: mov 0x103c(%ebx),%eax 0x44855a86 <+1478>: mov %eax,(%esp) 0x44855a89 <+1481>: call 0x44804b50 <g_mapped_file_unref@plt> 0x44855a8e <+1486>: movl $0x0,0x103c(%ebx) 0x44855a98 <+1496>: jmp 0x4485579a <db_journal_reader_next+730> 0x44855a9d <+1501>: call 0x44853580 <journal_read_string> 0x44855aa2 <+1506>: mov %eax,0x50(%esi) 0x44855aa5 <+1509>: mov 0x3c(%esp),%eax 0x44855aa9 <+1513>: test %eax,%eax 0x44855aab <+1515>: jne 0x448555ed <db_journal_reader_next+301> 0x44855ab1 <+1521>: jmp 0x44855704 <db_journal_reader_next+580> 0x44855ab6 <+1526>: call 0x44805060 <tracker_db_journal_error_quark@plt> 0x44855abb <+1531>: mov %eax,0x4(%esp) 0x44855abf <+1535>: mov 0x60(%esp),%eax 0x44855ac3 <+1539>: lea -0xfe84(%ebx),%edx 0x44855ac9 <+1545>: mov %eax,(%esp) 0x44855acc <+1548>: mov %edx,0xc(%esp) 0x44855ad0 <+1552>: movl $0x1,0x8(%esp) 0x44855ad8 <+1560>: call 0x448046b0 <g_set_error@plt> 0x44855add <+1565>: xor %eax,%eax 0x44855adf <+1567>: jmp 0x448555ff <db_journal_reader_next+319> 0x44855ae4 <+1572>: mov 0x1c(%esi),%eax 0x44855ae7 <+1575>: sub $0xc,%ebp 0x44855aea <+1578>: add $0xc,%eax 0x44855aed <+1581>: mov %ebp,0x4(%esp) 0x44855af1 <+1585>: mov %eax,(%esp) 0x44855af4 <+1588>: mov %edx,0x2c(%esp) 0x44855af8 <+1592>: call 0x44804e10 <tracker_crc32@plt> 0x44855afd <+1597>: mov 0x2c(%esp),%edx 0x44855b01 <+1601>: mov %eax,%ebp 0x44855b03 <+1603>: cmp %eax,%edx 0x44855b05 <+1605>: je 0x448558bb <db_journal_reader_next+1019> 0x44855b0b <+1611>: call 0x44805060 <tracker_db_journal_error_quark@plt> 0x44855b10 <+1616>: mov 0x2c(%esp),%edx 0x44855b14 <+1620>: mov %ebp,0x10(%esp) 0x44855b18 <+1624>: mov %edx,0x14(%esp) 0x44855b1c <+1628>: lea -0xfe18(%ebx),%edx 0x44855b22 <+1634>: jmp 0x448559b3 <db_journal_reader_next+1267> 0x44855b27 <+1639>: cmp $0x1,%eax 0x44855b2a <+1642>: je 0x44855b3d <db_journal_reader_next+1661> 0x44855b2c <+1644>: movl $0x2,0x38(%esi) 0x44855b33 <+1651>: mov $0x1,%eax 0x44855b38 <+1656>: jmp 0x448555ff <db_journal_reader_next+319> 0x44855b3d <+1661>: movl $0x1,0x38(%esi) 0x44855b44 <+1668>: jmp 0x448555ff <db_journal_reader_next+319> End of assembler dump.
CCing Juerg
commit b75b6732ea6f04b6885335e90a56105fb83b48e0 Author: Jürg Billeter <j@bitron.ch> Date: Thu Dec 8 11:13:03 2011 +0100 libtracker-data: Fix crash due to overflow in journal reader Fixes GB#664833.