Opened 3 months ago
Closed 2 months ago
#11125 closed defect (fixed)
overflow bug in libavcodec/adpcm.c:2136
| Reported by: | kmfl | Owned by: | |
|---|---|---|---|
| Priority: | important | Component: | avcodec |
| Version: | git-master | Keywords: | |
| Cc: | Blocked By: | ||
| Blocking: | Reproduced by developer: | no | |
| Analyzed by developer: | no |
Description
Summary of the bug:
An overflow bug was found in the latest version, it may cause information leaks or arbitrary code execution.
How to reproduce:
ffmepg -i overflow_bug test
GDB output
root@Lab649-v100:/home/crash_test# gdb /home/ffmpeg-debug/ffmpeg_g
GNU gdb (Ubuntu 12.1-0ubuntu1~22.04.2) 12.1
Copyright (C) 2022 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<https://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /home/ffmpeg-debug/ffmpeg_g...
(gdb) run -i overflow_bug test
Starting program: /home/ffmpeg-debug/ffmpeg_g -i overflow_bug test
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
ffmpeg version N-116527-g9a2171318d Copyright (c) 2000-2024 the FFmpeg developers
built with gcc 11 (Ubuntu 11.4.0-1ubuntu1~22.04)
configuration: --disable-shared --pkg-config-flags=--static --extra-libs='-lpthread -lm' --enable-gpl --enable-libass --enable-libfreetype --enable-libmp3lame --enable-libopus --enable-libvorbis --enable-libx264 --enable-libx265 --enable-nonfree --enable-debug
libavutil 59. 31.100 / 59. 31.100
libavcodec 61. 11.100 / 61. 11.100
libavformat 61. 5.101 / 61. 5.101
libavdevice 61. 2.100 / 61. 2.100
libavfilter 10. 2.102 / 10. 2.102
libswscale 8. 2.100 / 8. 2.100
libswresample 5. 2.100 / 5. 2.100
libpostproc 58. 2.100 / 58. 2.100
Ignoring attempt to set invalid timebase 1/0 for st:0
Program received signal SIGSEGV, Segmentation fault.
adpcm_decode_frame (avctx=0x5555581f4ac0, frame=<optimized out>, got_frame_ptr=0x7fffffffd56c, avpkt=0x5555581f5fc0) at libavcodec/adpcm.c:2136
2136 CASE(ADPCM_DTK,
(gdb) bt
#0 adpcm_decode_frame (avctx=0x5555581f4ac0, frame=<optimized out>, got_frame_ptr=0x7fffffffd56c, avpkt=0x5555581f5fc0) at libavcodec/adpcm.c:2136
#1 0x0000555555c797f4 in decode_simple_internal (discarded_samples=0x7fffffffd570, frame=0x5555581f5240, avctx=0x5555581f4ac0) at libavcodec/decode.c:429
#2 decode_simple_receive_frame (frame=0x5555581f5240, avctx=0x5555581f4ac0) at libavcodec/decode.c:600
#3 decode_receive_frame_internal (avctx=avctx@entry=0x5555581f4ac0, frame=0x5555581f5240) at libavcodec/decode.c:631
#4 0x0000555555c79eaa in avcodec_send_packet (avctx=avctx@entry=0x5555581f4ac0, avpkt=avpkt@entry=0x5555581f4fc8) at libavcodec/decode.c:721
#5 0x0000555555a3385b in try_decode_frame (s=s@entry=0x5555581f3980, st=st@entry=0x5555581f4580, pkt=pkt@entry=0x5555581f4fc8, options=<optimized out>) at libavformat/demux.c:2156
#6 0x0000555555a38750 in avformat_find_stream_info (ic=0x5555581f3980, options=0x5555581f4f80) at libavformat/demux.c:2840
#7 0x0000555555729724 in ifile_open (o=o@entry=0x7fffffffd9d0, filename=<optimized out>, sch=sch@entry=0x5555581f3380) at fftools/ffmpeg_demux.c:1771
#8 0x0000555555743977 in open_files (l=0x5555581f3558, inout=inout@entry=0x555556749381 "input", sch=sch@entry=0x5555581f3380, open_file=0x555555728b10 <ifile_open>) at fftools/ffmpeg_opt.c:1188
#9 0x0000555555746768 in ffmpeg_parse_options (argc=argc@entry=4, argv=argv@entry=0x7fffffffe6a8, sch=0x5555581f3380) at fftools/ffmpeg_opt.c:1228
#10 0x000055555571e3b8 in main (argc=4, argv=0x7fffffffe6a8) at fftools/ffmpeg.c:972
(gdb) disass $pc-32,$pc+32
Dump of assembler code from 0x5555562e2307 to 0x5555562e2347:
0x00005555562e2307 <adpcm_decode_frame+17079>: and $0x0,%al
0x00005555562e2309 <adpcm_decode_frame+17081>: add %al,-0x77(%rbp)
0x00005555562e230c <adpcm_decode_frame+17084>: hlt
0x00005555562e230d <adpcm_decode_frame+17085>: mov -0x4(%r8),%eax
0x00005555562e2311 <adpcm_decode_frame+17089>: xor %ebp,%ebp
0x00005555562e2313 <adpcm_decode_frame+17091>: sub %r10d,%r12d
0x00005555562e2316 <adpcm_decode_frame+17094>: add $0x1,%r12
0x00005555562e231a <adpcm_decode_frame+17098>: cmp $0x1,%r10
0x00005555562e231e <adpcm_decode_frame+17102>: mov %eax,%r9d
0x00005555562e2321 <adpcm_decode_frame+17105>: sbb $0xffffffffffffffff,%r11
0x00005555562e2325 <adpcm_decode_frame+17109>: xor %edx,%edx
=> 0x00005555562e2327 <adpcm_decode_frame+17111>: movzbl (%r11),%edi
0x00005555562e232b <adpcm_decode_frame+17115>: add %r12,%r11
0x00005555562e232e <adpcm_decode_frame+17118>: mov %edi,%ecx
0x00005555562e2330 <adpcm_decode_frame+17120>: sar $0x4,%edi
0x00005555562e2333 <adpcm_decode_frame+17123>: and $0xf,%ecx
0x00005555562e2336 <adpcm_decode_frame+17126>: jmp 0x5555562e23ad <adpcm_decode_frame+17245>
0x00005555562e2338 <adpcm_decode_frame+17128>: nopl 0x0(%rax,%rax,1)
0x00005555562e2340 <adpcm_decode_frame+17136>: xor %esi,%esi
0x00005555562e2342 <adpcm_decode_frame+17138>: cmp $0x1,%edi
0x00005555562e2345 <adpcm_decode_frame+17141>: je 0x5555562e45c8 <adpcm_decode_frame+25976>
End of assembler dump.
(gdb) info all-registers
rax 0x0 0
rbx 0x7ffff562feb0 140737310293680
rcx 0x0 0
rdx 0x0 0
rsi 0x0 0
rdi 0x0 0
rbp 0xc42 0xc42
rsp 0x7fffffffd060 0x7fffffffd060
r8 0x5555581f5594 93825039029652
r9 0x0 0
r10 0x0 0
r11 0x55555821d000 93825039192064
r12 0x4 4
r13 0xe71 3697
r14 0x3 3
r15 0x0 0
rip 0x5555562e2327 0x5555562e2327 <adpcm_decode_frame+17111>
eflags 0x10246 [ PF ZF IF RF ]
cs 0x33 51
ss 0x2b 43
ds 0x0 0
es 0x0 0
fs 0x0 0
gs 0x0 0
st0 0 (raw 0x00000000000000000000)
st1 0 (raw 0x00000000000000000000)
st2 0 (raw 0x00000000000000000000)
st3 0 (raw 0x00000000000000000000)
st4 0 (raw 0x00000000000000000000)
st5 0 (raw 0x00000000000000000000)
st6 0 (raw 0x00000000000000000000)
st7 0 (raw 0x00000000000000000000)
fctrl 0x37f 895
fstat 0x0 0
ftag 0xffff 65535
fiseg 0x0 0
fioff 0x0 0
foseg 0x0 0
--Type <RET> for more, q to quit, c to continue without paging--
fooff 0x0 0
fop 0x0 0
mxcsr 0x1fa0 [ PE IM DM ZM OM UM PM ]
bndcfgu {raw = 0x0, config = {base = 0x0, reserved = 0x0, preserved = 0x0, enabled = 0x0}} {raw = 0x0, config = {base = 0, reserved = 0, preserved = 0, enabled = 0}}
bndstatus {raw = 0x0, status = {bde = 0x0, error = 0x0}} {raw = 0x0, status = {bde = 0, error = 0}}
k0 0x2040822 33818658
k1 0xffffff 16777215
k2 0xfffdffff 4294836223
k3 0x0 0
k4 0xffffffff 4294967295
k5 0x0 0
k6 0x0 0
k7 0x0 0
pkru 0x55555554 1431655764
zmm0 {v32_bfloat16 = {0x0 <repeats 32 times>}, v32_half = {0x0 <repeats 32 times>}, v16_float = {0x0 <repeats 16 times>}, v8_double = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v64_int8 = {0x0 <repeats 64 times>}, v32_int16 = {0x0 <repeats 32 times>}, v16_int32 = {0x0 <repeats 16 times>}, v8_int64 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int128 = {0x0, 0x0, 0x0, 0x0}}
zmm1 {v32_bfloat16 = {0xece0, 0xf64e, 0x7fff, 0x0, 0xece0, 0xf64e, 0x7fff, 0x0 <repeats 25 times>}, v32_half = {0xece0, 0xf64e, 0x7fff, 0x0, 0xece0, 0xf64e, 0x7fff, 0x0 <repeats 25 times>}, v16_float = {0xf64eece0, 0x7fff, 0xf64eece0, 0x7fff, 0x0 <repeats 12 times>}, v8_double = {0x7ffff64eece0, 0x7ffff64eece0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v64_int8 = {0xe0, 0xec, 0x4e, 0xf6, 0xff, 0x7f, 0x0, 0x0, 0xe0, 0xec, 0x4e, 0xf6, 0xff, 0x7f, 0x0 <repeats 50 times>}, v32_int16 = {0xece0, 0xf64e, 0x7fff, 0x0, 0xece0, 0xf64e, 0x7fff, 0x0 <repeats 25 times>}, v16_int32 = {0xf64eece0, 0x7fff, 0xf64eece0, 0x7fff, 0x0 <repeats 12 times>}, v8_int64 = {0x7ffff64eece0, 0x7ffff64eece0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int128 = {0x7ffff64eece000007ffff64eece0, 0x0, 0x0, 0x0}}
zmm2 {v32_bfloat16 = {0x6960, 0x581f, 0x5555, 0x0 <repeats 29 times>}, v32_half = {0x6960, 0x581f, 0x5555, 0x0 <repeats 29 times>}, v16_float = {0x581f6960, 0x5555, 0x0 <repeats 14 times>}, v8_double = {0x5555581f6960, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v64_int8 = {0x60, 0x69, 0x1f, 0x58, 0x55, 0x55, 0x0 <repeats 58 times>}, v32_int16 = {0x6960, 0x581f, 0x5555, 0x0 <repeats 29 times>}, v16_int32 = {0x581f6960, 0x5555, 0x0 <repeats 14 times>}, v8_int64 = {0x5555581f6960, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int128 = {0x5555581f6960, 0x0, 0x0, 0x0}}
zmm3 {v32_bfloat16 = {0x0 <repeats 32 times>}, v32_half = {0x0 <repeats 32 times>}, v16_float = {0x0 <repeats 16 times>}, v8_double = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v64_int8 = {0x0 <repeats 64 times>}, v32_int16 = {0x0 <repeats 32 times>}, v16_int32 = {0x0 <repeats 16 times>}, v8_int64 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int128 = {0x0, 0x0, 0x0, 0x0}}
zmm4 {v32_bfloat16 = {0x0, 0x0, 0x0, 0x0, 0x800, 0x0 <repeats 27 times>}, v32_half = {0x0, 0x0, 0x0, 0x0, 0x800, 0x0 <repeats 27 times>}, v16_float = {0x0, 0x0, 0x800, 0x0 <repeats 13 times>}, v8_double = {0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v64_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0 <repeats 54 times>}, v32_int16 = {0x0, 0x0, 0x0, 0x0, 0x800, 0x0 <repeats 27 times>}, v16_int32 = {0x0, 0x0, 0x800, 0x0 <repeats 13 times>}, v8_int64 = {0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int128 = {0x8000000000000000000, 0x0, 0x0, 0x0}}
zmm5 {v32_bfloat16 = {0xece0, 0xf64e, 0x7fff, 0x0 <repeats 29 times>}, v32_half = {0xece0, 0xf64e, 0x7fff, 0x0 <repeats 29 times>}, v16_float = {0xf64eece0, 0x7fff, 0x0 <repeats 14 times>}, v8_double = {0x7ffff64eece0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v64_int8 = {0xe0, 0xec, 0x4e, 0xf6, 0xff, 0x7f, 0x0 <repeats 58 times>}, v32_int16 = {0xece0, 0xf64e, 0x7fff, 0x0 <repeats 29 times>}, v16_int32 = {0xf64eece0, 0x7fff, 0x0 <repeats 14 times>}, v8_int64 = {0x7ffff64eece0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int128 = {0x7ffff64eece0, 0x0, 0x0, 0x0}}
zmm6 {v32_bfloat16 = {0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0 <repeats 25 times>}, v32_half = {0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0 <repeats 25 times>}, v16_float = {0x0, 0x1, 0x0, 0x1, 0x0 <repeats 12 times>}, v8_double = {0x100000000, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v64_int8 = {0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0 <repeats 51 times>}, v32_int16 = {0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0 <repeats 25 times>}, v16_int32 = {0x0, 0x1, 0x0, 0x1, 0x0 <repeats 12 times>}, v8_int64 = {0x100000000, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int128 = {0x1000000000000000100000000, 0x0, 0x0, 0x0}}
zmm7 {v32_bfloat16 = {0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2, 0x0 <repeats 25 times>}, v32_half = {0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2, 0x0 <repeats 25 times>}, v16_float = {0x0, 0x0, 0x2, 0x2, 0x0 <repeats 12 times>}, v8_double = {0x0, 0x200000002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v64_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2, 0x0 <repeats 51 times>}, v32_int16 = {0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2, 0x0 <repeats 25 times>}, v16_int32 = {0x0, 0x0, 0x2, 0x2, 0x0 <repeats 12 times>}, v8_int64 = {0x0, 0x200000002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int128 = {0x2000000020000000000000000, 0x0, 0x0, 0x0}}
zmm8 {v32_bfloat16 = {0xf150, 0xf609, 0x7fff, 0x0, 0xe5d0, 0xf58d, 0x7fff, 0x0 <repeats 25 times>}, v32_half = {0xf150, 0xf609, 0x7fff, 0x0, 0xe5d0, 0xf58d, 0x7fff, 0x0 <repeats 25 times>}, v16_float = {0xf609f150, 0x7fff,--Type <RET> for more, q to quit, c to continue without paging--
0xf58de5d0, 0x7fff, 0x0 <repeats 12 times>}, v8_double = {0x7ffff609f150, 0x7ffff58de5d0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v64_int8 = {0x50, 0xf1, 0x9, 0xf6, 0xff, 0x7f, 0x0, 0x0, 0xd0, 0xe5, 0x8d, 0xf5, 0xff, 0x7f, 0x0 <repeats 50 times>}, v32_int16 = {0xf150, 0xf609, 0x7fff, 0x0, 0xe5d0, 0xf58d, 0x7fff, 0x0 <repeats 25 times>}, v16_int32 = {0xf609f150, 0x7fff, 0xf58de5d0, 0x7fff, 0x0 <repeats 12 times>}, v8_int64 = {0x7ffff609f150, 0x7ffff58de5d0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int128 = {0x7ffff58de5d000007ffff609f150, 0x0, 0x0, 0x0}}
zmm9 {v32_bfloat16 = {0x0 <repeats 32 times>}, v32_half = {0x0 <repeats 32 times>}, v16_float = {0x0 <repeats 16 times>}, v8_double = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v64_int8 = {0x0 <repeats 64 times>}, v32_int16 = {0x0 <repeats 32 times>}, v16_int32 = {0x0 <repeats 16 times>}, v8_int64 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int128 = {0x0, 0x0, 0x0, 0x0}}
zmm10 {v32_bfloat16 = {0x0 <repeats 32 times>}, v32_half = {0x0 <repeats 32 times>}, v16_float = {0x0 <repeats 16 times>}, v8_double = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v64_int8 = {0x0 <repeats 64 times>}, v32_int16 = {0x0 <repeats 32 times>}, v16_int32 = {0x0 <repeats 16 times>}, v8_int64 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int128 = {0x0, 0x0, 0x0, 0x0}}
zmm11 {v32_bfloat16 = {0x0 <repeats 32 times>}, v32_half = {0x0 <repeats 32 times>}, v16_float = {0x0 <repeats 16 times>}, v8_double = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v64_int8 = {0x0 <repeats 64 times>}, v32_int16 = {0x0 <repeats 32 times>}, v16_int32 = {0x0 <repeats 16 times>}, v8_int64 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int128 = {0x0, 0x0, 0x0, 0x0}}
zmm12 {v32_bfloat16 = {0x0 <repeats 32 times>}, v32_half = {0x0 <repeats 32 times>}, v16_float = {0x0 <repeats 16 times>}, v8_double = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v64_int8 = {0x0 <repeats 64 times>}, v32_int16 = {0x0 <repeats 32 times>}, v16_int32 = {0x0 <repeats 16 times>}, v8_int64 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int128 = {0x0, 0x0, 0x0, 0x0}}
zmm13 {v32_bfloat16 = {0x0 <repeats 32 times>}, v32_half = {0x0 <repeats 32 times>}, v16_float = {0x0 <repeats 16 times>}, v8_double = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v64_int8 = {0x0 <repeats 64 times>}, v32_int16 = {0x0 <repeats 32 times>}, v16_int32 = {0x0 <repeats 16 times>}, v8_int64 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int128 = {0x0, 0x0, 0x0, 0x0}}
zmm14 {v32_bfloat16 = {0x0 <repeats 32 times>}, v32_half = {0x0 <repeats 32 times>}, v16_float = {0x0 <repeats 16 times>}, v8_double = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v64_int8 = {0x0 <repeats 64 times>}, v32_int16 = {0x0 <repeats 32 times>}, v16_int32 = {0x0 <repeats 16 times>}, v8_int64 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int128 = {0x0, 0x0, 0x0, 0x0}}
zmm15 {v32_bfloat16 = {0x0 <repeats 32 times>}, v32_half = {0x0 <repeats 32 times>}, v16_float = {0x0 <repeats 16 times>}, v8_double = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v64_int8 = {0x0 <repeats 64 times>}, v32_int16 = {0x0 <repeats 32 times>}, v16_int32 = {0x0 <repeats 16 times>}, v8_int64 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int128 = {0x0, 0x0, 0x0, 0x0}}
zmm16 {v32_bfloat16 = {0x0 <repeats 32 times>}, v32_half = {0x0 <repeats 32 times>}, v16_float = {0x0 <repeats 16 times>}, v8_double = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v64_int8 = {0x0 <repeats 64 times>}, v32_int16 = {0x0 <repeats 32 times>}, v16_int32 = {0x0 <repeats 16 times>}, v8_int64 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int128 = {0x0, 0x0, 0x0, 0x0}}
zmm17 {v32_bfloat16 = {0x7865, 0x7274, 0x6361, 0x5f74, 0x7865, 0x7274, 0x6461, 0x7461, 0x61, 0x7270, 0x626f, 0x6e69, 0x2067, 0x7473, 0x6572, 0x6d61, 0x0 <repeats 16 times>}, v32_half = {0x7865, 0x7274, 0x6361, 0x5f74, 0x7865, 0x7274, 0x6461, 0x7461, 0x61, 0x7270, 0x626f, 0x6e69, 0x2067, 0x7473, 0x6572, 0x6d61, 0x0 <repeats 16 times>}, v16_float = {0x72747865, 0x5f746361, 0x72747865, 0x74616461, 0x72700061, 0x6e69626f, 0x74732067, 0x6d616572, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_double = {0x5f74636172747865, 0x7461646172747865, 0x6e69626f72700061, 0x6d61657274732067, 0x0, 0x0, 0x0, 0x0}, v64_int8 = {0x65, 0x78, 0x74, 0x72, 0x61, 0x63, 0x74, 0x5f, 0x65, 0x78, 0x74, 0x72, 0x61, 0x64, 0x61, 0x74, 0x61, 0x0, 0x70, 0x72, 0x6f, 0x62, 0x69, 0x6e, 0x67, 0x20, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x0 <repeats 32 times>}, v32_int16 = {0x7865, 0x7274, 0x6361, 0x5f74, 0x7865, 0x7274, 0x6461, 0x7461, 0x61, 0x7270, 0x626f, 0x6e69, 0x2067, 0x7473, 0x6572, 0x6d61, 0x0 <repeats 16 times>}, v16_int32 = {0x72747865, 0x5f746361, 0x72747865, 0x74616461, 0x72700061, 0x6e69626f, 0x74732067, 0x6d616572, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int64 = {0x5f74636172747865, 0x7461646172747865, 0x6e69626f72700061, 0x6d61657274732067, 0x0, 0x0, 0x0, 0x0}, v4_int128 = {0x74616461727478655f74636172747865, 0x6d616572747320676e69626f72700061, 0x0, 0x0}}
zmm18 {v32_bfloat16 = {0x656d, 0x6174, 0x0 <repeats 30 times>}, v32_half = {0x656d, 0x6174, 0x0 <repeats 30 times>}, v16_float = {0x6174656d, 0x0 <repeats 15 times>}, v8_double = {0x6174656d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v64_int8 = {0x6d, 0x65, 0x74, 0x61, 0x0 <repeats 60 times>}, v32_int16 = {0x656d, 0x6174, 0x0 <repeats 30 times>}, v16_int32 = {0x6174656d, 0x0 <repeats 15 times>}, v8_int64 = {0x6174656d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int128 = {0x6174656d, 0x0, 0x0, 0x0}}
zmm19 {v32_bfloat16 = {0x5b1b, 0x4815, 0x1b00, 0x115b, 0x1e1d, 0x1e10, 0x5000, 0x1b48, 0x165b, 0x1e1d, 0x1e10, 0x4100, 0x48, 0x1b56, 0x155b, 0x48, 0x0 <repeats 16 times>}, v32_half = {0x5b1b, 0x4815, 0x1b00, 0x115b, 0x1e1d, 0x1e10, 0x5000, 0x1b48, 0x165b, 0x1e1d, 0x1e10, 0x4100, 0x48, 0x1b56, 0x155b, 0x48, 0x0 <repeats 16 times>}, v16_float = {0x48155b1b, 0x115b1b00, 0x1e101e1d, 0x1b485000, 0x1e1d165b, 0x41001e10, 0x1b560048, 0x48155b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_double = {0x115b1b0048155b1b, 0x1b4850001e101e1d, 0x41001e101e1d165b, 0x48155b1b560048, 0x0, 0x0, 0x0, 0x0}, v64_int8 = {0x1b, 0x5b, 0x15, 0x48, 0x0, 0x1b, 0x5b, 0x11, 0x1d, 0x1e, 0x10, 0x1e, 0x0, 0x50, 0x48, 0x1b, 0x5b, 0x16, 0x1d, 0x1e, 0x10, 0x1e, 0x0, 0x41, 0x48, 0x0, 0x56, 0x1b, 0x5b, 0x15, 0x48, 0x0 <repeats 33 times>}, v32_int16 = {0x5b1b, 0x4815, 0x1b00, 0x115b, 0x1e1d, 0x1e10, 0x5000, 0x1b48, 0x165b, 0x1e1d, 0x1e10, 0x4100, 0x48, 0x1b56, 0x155b, 0x48, 0x0 <repeats 16 times>}, v16_int32 = {0x48155b1b, 0x115b1b00, 0x1e101e1d, 0x1b485000, 0x1e1d165b, 0x41001e10, 0x1b560048, 0x48155b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int64 = {0x115b1b0048155b1b, 0x1b4850001e101e1d, 0x41001e101e1d165b, 0x48155b1b560048, 0x0, 0x0, 0x0, 0x0}, v4_int128 = {0x1b4850001e101e1d115b1b0048155b1b, 0x48155b1b56004841001e101e1d165b, 0x0, 0x0}}
zmm20 {v32_bfloat16 = {0xbcf3, 0xeecd, 0xf81d, 0x8eb1, 0x3ff7, 0xfabd, 0x3cfd, 0xc3f8, 0xe60, 0xdcbd, 0x73ff, 0x7e48, 0x11de, 0xbd63, 0xac86, 0xc5e6, 0x0 <repeats 16 times>}, v32_half = {0xbcf3, 0xeecd, 0xf81d, 0x8eb1, 0x3ff7, 0xfabd, 0x3cfd, 0xc3f8, 0xe60, 0xdcbd, 0x73ff, 0x7e48, 0x11de, 0xbd63, 0xac86, 0xc5e6, 0x0 <repeats 16 times>}, v16_float = {0xeecdbcf3, 0x8eb1f81d, 0xfabd3ff7, 0xc3f83cfd, 0xdcbd0e60, 0x7e4873ff, 0xbd6311de, 0xc5e6ac86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_double = {0x8eb1f81deecdbcf3, 0xc3f83cfdfabd3ff7, 0x7e4873ffdcbd0e60, 0xc5e6ac86bd6311de, 0x0, 0x0, 0x0, 0x0}, v64_int8 = {0xf3, 0xbc, 0xcd, 0xee, 0x1d, 0xf8, 0xb1, 0x8e, 0xf7, 0x3f, 0xbd, 0xfa, 0xfd, 0x3c, 0xf8, 0xc3, 0x60, 0xe, 0xbd, 0xdc, 0xff, 0x73, 0x48, 0x7e, 0xde, 0x11, 0x63, 0xbd, 0x86, 0xac, 0xe6, 0xc5, 0x0 <repeats 32 times>}, v32_int16 = {0xbcf3, 0xeecd, 0xf81d, 0x8eb1, 0x3ff7, 0xfabd, 0x3cfd, 0xc3f8, 0xe60, 0xdc--Type <RET> for more, q to quit, c to continue without paging--
bd, 0x73ff, 0x7e48, 0x11de, 0xbd63, 0xac86, 0xc5e6, 0x0 <repeats 16 times>}, v16_int32 = {0xeecdbcf3, 0x8eb1f81d, 0xfabd3ff7, 0xc3f83cfd, 0xdcbd0e60, 0x7e4873ff, 0xbd6311de, 0xc5e6ac86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int64 = {0x8eb1f81deecdbcf3, 0xc3f83cfdfabd3ff7, 0x7e4873ffdcbd0e60, 0xc5e6ac86bd6311de, 0x0, 0x0, 0x0, 0x0}, v4_int128 = {0xc3f83cfdfabd3ff78eb1f81deecdbcf3, 0xc5e6ac86bd6311de7e4873ffdcbd0e60, 0x0, 0x0}}
zmm21 {v32_bfloat16 = {0x736, 0x331f, 0x1093, 0xedb3, 0xb81f, 0x2fa5, 0x6cc6, 0xf47, 0x70da, 0x39ef, 0xc2cf, 0x479f, 0x2afb, 0x3dcb, 0xfc18, 0x3557, 0x0 <repeats 16 times>}, v32_half = {0x736, 0x331f, 0x1093, 0xedb3, 0xb81f, 0x2fa5, 0x6cc6, 0xf47, 0x70da, 0x39ef, 0xc2cf, 0x479f, 0x2afb, 0x3dcb, 0xfc18, 0x3557, 0x0 <repeats 16 times>}, v16_float = {0x331f0736, 0xedb31093, 0x2fa5b81f, 0xf476cc6, 0x39ef70da, 0x479fc2cf, 0x3dcb2afb, 0x3557fc18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_double = {0xedb31093331f0736, 0xf476cc62fa5b81f, 0x479fc2cf39ef70da, 0x3557fc183dcb2afb, 0x0, 0x0, 0x0, 0x0}, v64_int8 = {0x36, 0x7, 0x1f, 0x33, 0x93, 0x10, 0xb3, 0xed, 0x1f, 0xb8, 0xa5, 0x2f, 0xc6, 0x6c, 0x47, 0xf, 0xda, 0x70, 0xef, 0x39, 0xcf, 0xc2, 0x9f, 0x47, 0xfb, 0x2a, 0xcb, 0x3d, 0x18, 0xfc, 0x57, 0x35, 0x0 <repeats 32 times>}, v32_int16 = {0x736, 0x331f, 0x1093, 0xedb3, 0xb81f, 0x2fa5, 0x6cc6, 0xf47, 0x70da, 0x39ef, 0xc2cf, 0x479f, 0x2afb, 0x3dcb, 0xfc18, 0x3557, 0x0 <repeats 16 times>}, v16_int32 = {0x331f0736, 0xedb31093, 0x2fa5b81f, 0xf476cc6, 0x39ef70da, 0x479fc2cf, 0x3dcb2afb, 0x3557fc18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int64 = {0xedb31093331f0736, 0xf476cc62fa5b81f, 0x479fc2cf39ef70da, 0x3557fc183dcb2afb, 0x0, 0x0, 0x0, 0x0}, v4_int128 = {0xf476cc62fa5b81fedb31093331f0736, 0x3557fc183dcb2afb479fc2cf39ef70da, 0x0, 0x0}}
zmm22 {v32_bfloat16 = {0x463f, 0x6072, 0x6602, 0xcf41, 0xf7e8, 0x49a0, 0x2e5d, 0x3433, 0xf03a, 0x79c, 0x691a, 0xc996, 0xe698, 0xf781, 0xf9b, 0x81d5, 0x0 <repeats 16 times>}, v32_half = {0x463f, 0x6072, 0x6602, 0xcf41, 0xf7e8, 0x49a0, 0x2e5d, 0x3433, 0xf03a, 0x79c, 0x691a, 0xc996, 0xe698, 0xf781, 0xf9b, 0x81d5, 0x0 <repeats 16 times>}, v16_float = {0x6072463f, 0xcf416602, 0x49a0f7e8, 0x34332e5d, 0x79cf03a, 0xc996691a, 0xf781e698, 0x81d50f9b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_double = {0xcf4166026072463f, 0x34332e5d49a0f7e8, 0xc996691a079cf03a, 0x81d50f9bf781e698, 0x0, 0x0, 0x0, 0x0}, v64_int8 = {0x3f, 0x46, 0x72, 0x60, 0x2, 0x66, 0x41, 0xcf, 0xe8, 0xf7, 0xa0, 0x49, 0x5d, 0x2e, 0x33, 0x34, 0x3a, 0xf0, 0x9c, 0x7, 0x1a, 0x69, 0x96, 0xc9, 0x98, 0xe6, 0x81, 0xf7, 0x9b, 0xf, 0xd5, 0x81, 0x0 <repeats 32 times>}, v32_int16 = {0x463f, 0x6072, 0x6602, 0xcf41, 0xf7e8, 0x49a0, 0x2e5d, 0x3433, 0xf03a, 0x79c, 0x691a, 0xc996, 0xe698, 0xf781, 0xf9b, 0x81d5, 0x0 <repeats 16 times>}, v16_int32 = {0x6072463f, 0xcf416602, 0x49a0f7e8, 0x34332e5d, 0x79cf03a, 0xc996691a, 0xf781e698, 0x81d50f9b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int64 = {0xcf4166026072463f, 0x34332e5d49a0f7e8, 0xc996691a079cf03a, 0x81d50f9bf781e698, 0x0, 0x0, 0x0, 0x0}, v4_int128 = {0x34332e5d49a0f7e8cf4166026072463f, 0x81d50f9bf781e698c996691a079cf03a, 0x0, 0x0}}
zmm23 {v32_bfloat16 = {0x77c3, 0xd45e, 0x3cf9, 0xf61d, 0x8c72, 0xf663, 0xebb, 0xc76c, 0x3e0c, 0x4067, 0x103b, 0x4cec, 0xcda9, 0x6216, 0x80f6, 0xe867, 0x0 <repeats 16 times>}, v32_half = {0x77c3, 0xd45e, 0x3cf9, 0xf61d, 0x8c72, 0xf663, 0xebb, 0xc76c, 0x3e0c, 0x4067, 0x103b, 0x4cec, 0xcda9, 0x6216, 0x80f6, 0xe867, 0x0 <repeats 16 times>}, v16_float = {0xd45e77c3, 0xf61d3cf9, 0xf6638c72, 0xc76c0ebb, 0x40673e0c, 0x4cec103b, 0x6216cda9, 0xe86780f6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_double = {0xf61d3cf9d45e77c3, 0xc76c0ebbf6638c72, 0x4cec103b40673e0c, 0xe86780f66216cda9, 0x0, 0x0, 0x0, 0x0}, v64_int8 = {0xc3, 0x77, 0x5e, 0xd4, 0xf9, 0x3c, 0x1d, 0xf6, 0x72, 0x8c, 0x63, 0xf6, 0xbb, 0xe, 0x6c, 0xc7, 0xc, 0x3e, 0x67, 0x40, 0x3b, 0x10, 0xec, 0x4c, 0xa9, 0xcd, 0x16, 0x62, 0xf6, 0x80, 0x67, 0xe8, 0x0 <repeats 32 times>}, v32_int16 = {0x77c3, 0xd45e, 0x3cf9, 0xf61d, 0x8c72, 0xf663, 0xebb, 0xc76c, 0x3e0c, 0x4067, 0x103b, 0x4cec, 0xcda9, 0x6216, 0x80f6, 0xe867, 0x0 <repeats 16 times>}, v16_int32 = {0xd45e77c3, 0xf61d3cf9, 0xf6638c72, 0xc76c0ebb, 0x40673e0c, 0x4cec103b, 0x6216cda9, 0xe86780f6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int64 = {0xf61d3cf9d45e77c3, 0xc76c0ebbf6638c72, 0x4cec103b40673e0c, 0xe86780f66216cda9, 0x0, 0x0, 0x0, 0x0}, v4_int128 = {0xc76c0ebbf6638c72f61d3cf9d45e77c3, 0xe86780f66216cda94cec103b40673e0c, 0x0, 0x0}}
zmm24 {v32_bfloat16 = {0xe60, 0xdcbd, 0x73ff, 0x7e48, 0x11de, 0xbd63, 0xac86, 0xc5e6, 0xc59d, 0x6c35, 0xacd6, 0x399, 0x7f2d, 0x526c, 0xb334, 0x87c6, 0x0 <repeats 16 times>}, v32_half = {0xe60, 0xdcbd, 0x73ff, 0x7e48, 0x11de, 0xbd63, 0xac86, 0xc5e6, 0xc59d, 0x6c35, 0xacd6, 0x399, 0x7f2d, 0x526c, 0xb334, 0x87c6, 0x0 <repeats 16 times>}, v16_float = {0xdcbd0e60, 0x7e4873ff, 0xbd6311de, 0xc5e6ac86, 0x6c35c59d, 0x399acd6, 0x526c7f2d, 0x87c6b334, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_double = {0x7e4873ffdcbd0e60, 0xc5e6ac86bd6311de, 0x399acd66c35c59d, 0x87c6b334526c7f2d, 0x0, 0x0, 0x0, 0x0}, v64_int8 = {0x60, 0xe, 0xbd, 0xdc, 0xff, 0x73, 0x48, 0x7e, 0xde, 0x11, 0x63, 0xbd, 0x86, 0xac, 0xe6, 0xc5, 0x9d, 0xc5, 0x35, 0x6c, 0xd6, 0xac, 0x99, 0x3, 0x2d, 0x7f, 0x6c, 0x52, 0x34, 0xb3, 0xc6, 0x87, 0x0 <repeats 32 times>}, v32_int16 = {0xe60, 0xdcbd, 0x73ff, 0x7e48, 0x11de, 0xbd63, 0xac86, 0xc5e6, 0xc59d, 0x6c35, 0xacd6, 0x399, 0x7f2d, 0x526c, 0xb334, 0x87c6, 0x0 <repeats 16 times>}, v16_int32 = {0xdcbd0e60, 0x7e4873ff, 0xbd6311de, 0xc5e6ac86, 0x6c35c59d, 0x399acd6, 0x526c7f2d, 0x87c6b334, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int64 = {0x7e4873ffdcbd0e60, 0xc5e6ac86bd6311de, 0x399acd66c35c59d, 0x87c6b334526c7f2d, 0x0, 0x0, 0x0, 0x0}, v4_int128 = {0xc5e6ac86bd6311de7e4873ffdcbd0e60, 0x87c6b334526c7f2d0399acd66c35c59d, 0x0, 0x0}}
zmm25 {v32_bfloat16 = {0xa47, 0x0, 0x0, 0x0, 0x6125, 0x6120, 0x2562, 0x2d2d, 0x6531, 0x2520, 0x32, 0x0, 0x6420, 0x252e, 0x4e33, 0x2f20, 0x0 <repeats 16 times>}, v32_half = {0xa47, 0x0, 0x0, 0x0, 0x6125, 0x6120, 0x2562, 0x2d2d, 0x6531, 0x2520, 0x32, 0x0, 0x6420, 0x252e, 0x4e33, 0x2f20, 0x0 <repeats 16 times>}, v16_float = {0xa47, 0x0, 0x61206125, 0x2d2d2562, 0x25206531, 0x32, 0x252e6420, 0x2f204e33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_double = {0xa47, 0x2d2d256261206125, 0x3225206531, 0x2f204e33252e6420, 0x0, 0x0, 0x0, 0x0}, v64_int8 = {0x47, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25, 0x61, 0x20, 0x61, 0x62, 0x25, 0x2d, 0x2d, 0x31, 0x65, 0x20, 0x25, 0x32, 0x0, 0x0, 0x0, 0x20, 0x64, 0x2e, 0x25, 0x33, 0x4e, 0x20, 0x2f, 0x0 <repeats 32 times>}, v32_int16 = {0xa47, 0x0, 0x0, 0x0, 0x6125, 0x6120, 0x2562, 0x2d2d, 0x6531, 0x2520, 0x32, 0x0, 0x6420, 0x252e, 0x4e33, 0x2f20, 0x0 <repeats 16 times>}, v16_int32 = {0xa47, 0x0, 0x61206125, 0x2d2d2562, 0x25206531, 0x32, 0x252e6420, 0x2f204e33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int64 = {0xa47, 0x2d2d256261206125, 0x3225206531, 0x2f204e33252e6420, 0x0, 0x0, 0x0, 0x0}, v4_int128 = {0x2d2d2562612061250000000000000a47, 0x2f204e33252e64200000003225206531, 0x0, 0x0}}
zmm26 {v32_bfloat16 = {0x0 <repeats 32 times>}, v32_half = {0x0 <repeats 32 times>}, v16_float = {0x0 <repeats 16 times>}, v8_double = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v64_int8 = {0x0 <repeats 64 times>}, v32_int16 = {0x0 <repeats 32 times>}, v16_int32 = {0x0 <repeats 16 times>}, v8_int64 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int128 = {0x0, 0x0, 0x0, 0x0}}
zmm27 {v32_bfloat16 = {0x0 <repeats 32 times>}, v32_half = {0x0 <repeats 32 times>}, v16_float = {0x0 <repeats 16 times>}, v8_double = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v64_int8 = {0x0 <repeats 64 times>}, v32_int16 = {0x0 <repeats 32 times>}, v16_int32 = {0x0 <repeats 16 times>}, v8_int64 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int128 = {0x0, 0x0, 0x0, 0x0}}
zmm28 {v32_bfloat16 = {0x0 <repeats 32 times>}, v32_half = {0x0 <repeats 32 times>}, v16_float = {0x0 <repeats 16 times>}, v8_double = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v64_int8 = {0x0 <repeats 64 times>}, v32_int16 = {0x0 <repeats 32 times>}, v16_int32 = {0x0 <repeats 16 times>}, v8_int64 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int128 = {0x0, 0x0, 0x0, 0x0}}
--Type <RET> for more, q to quit, c to continue without paging--
zmm29 {v32_bfloat16 = {0x0 <repeats 32 times>}, v32_half = {0x0 <repeats 32 times>}, v16_float = {0x0 <repeats 16 times>}, v8_double = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v64_int8 = {0x0 <repeats 64 times>}, v32_int16 = {0x0 <repeats 32 times>}, v16_int32 = {0x0 <repeats 16 times>}, v8_int64 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int128 = {0x0, 0x0, 0x0, 0x0}}
zmm30 {v32_bfloat16 = {0x0 <repeats 32 times>}, v32_half = {0x0 <repeats 32 times>}, v16_float = {0x0 <repeats 16 times>}, v8_double = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v64_int8 = {0x0 <repeats 64 times>}, v32_int16 = {0x0 <repeats 32 times>}, v16_int32 = {0x0 <repeats 16 times>}, v8_int64 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int128 = {0x0, 0x0, 0x0, 0x0}}
zmm31 {v32_bfloat16 = {0x0 <repeats 32 times>}, v32_half = {0x0 <repeats 32 times>}, v16_float = {0x0 <repeats 16 times>}, v8_double = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v64_int8 = {0x0 <repeats 64 times>}, v32_int16 = {0x0 <repeats 32 times>}, v16_int32 = {0x0 <repeats 16 times>}, v8_int64 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int128 = {0x0, 0x0, 0x0, 0x0}}
bnd0 {lbound = 0x0, ubound = 0xffffffffffffffff} : size -1 {lbound = 0x0, ubound = 0xffffffffffffffff} : size -1
bnd1 {lbound = 0x0, ubound = 0xffffffffffffffff} : size -1 {lbound = 0x0, ubound = 0xffffffffffffffff} : size -1
bnd2 {lbound = 0x0, ubound = 0xffffffffffffffff} : size -1 {lbound = 0x0, ubound = 0xffffffffffffffff} : size -1
bnd3 {lbound = 0x0, ubound = 0xffffffffffffffff} : size -1 {lbound = 0x0, ubound = 0xffffffffffffffff} : size -1
(gdb) x/10xg $r11
0x55555821d000: Cannot access memory at address 0x55555821d000
(gdb) x/10xg $r11-0x20
0x55555821cfe0: 0x0000000000000000 0x0000000000000000
0x55555821cff0: 0x0000000000000000 0x0000000000000000
0x55555821d000: Cannot access memory at address 0x55555821d000
From the output, we found the program tried to access memory 0x55555821d000, which was an invalid memory. However, the memory space near 0x55555821d000 was valid.
Attachments (1)
Change History (2)
by , 3 months ago
| Attachment: | overflow_bug added |
|---|
comment:1 by , 2 months ago
| Priority: | critical → important |
|---|---|
| Resolution: | → fixed |
| Status: | new → closed |
Should have been fixed by 2b349f2d73f54b73e4f3b5b3223fff8558e1ab70
Note:
See TracTickets
for help on using tickets.
Poc to trigger this bug