This is the mail archive of the
gdb@sources.redhat.com
mailing list for the GDB project.
Could SIGSEGV on an MMX2 instruction report the wrong address?
- From: Martin Simmons <qqxnjvamvxwx at spammotel dot com>
- To: gdb at sources dot redhat dot com
- Date: Wed, 25 Aug 2004 23:42:38 +0100 (BST)
- Subject: Could SIGSEGV on an MMX2 instruction report the wrong address?
Hi there,
While trying to debug a problem on the mplayer-users list, gdb has shown
mencoder getting the SIGSEGV below. This has happened in more than one run.
I don't understand how the psadbw instruction could cause a SIGSEGV because it
doesn't access memory. Any ideas?
Could the eip be wrong? Maybe this a gdb or kernel problem or an
architectural limitation?
GNU gdb 5.3.92
CPU: Advanced Micro Devices Athlon 4 /Athlon MP/XP Palomino 1818 MHz (Family: 6, Stepping: 2)
kernel is 2.4.21-144-athlon
Linux distribution is SuSE 9.0
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 16384 (LWP 1980)]
0x082e8fef in sad16_y2_mmx2 (v=0x0,
blk2=0x41506140 " $$\"$%$#'')*))))&&$$\"
\036\035\034\032\031\032\e\e\031\031\e\e\035\035\035\035\035\035\e\e\035\034\032\032\032\030\031\031\030\030\027\027\027\027\027\027\027\027\030\031\032\e\036\036\036
\037\037
!\"$&'(*+.+/1225468;<<>?>@;;:;<9673.*'(**),,+((,/1112444576445333010110.00.--,*+*)***+-,,.)(()*,--++./,--.+,.-,...***)*)(&(('&&'&&"...,
blk1=0x413faaf6 '$' <repeats 18 times>,
"\"!!\036\034\031\027\025\030\e\e\032\e\e\031\031\032\031\030\027\e\e\e\034\035\035\034\e\031\030\027\027\031\031\032\032\e\e\e
!\035\035\036
&'(+-...1345456987888=A@??>;:;<;:::98632.0<AR_cbaa`[SKB:71/44444457863222332/,+++++*))**)(()(%$$$$('%%%&&'*.//023379;>?@@A?>;865555556654"...,
stride=752, h=16) at i386/motion_est_mmx.c:93
93 asm volatile(
(gdb) info all-registers
eax 0xffffe2a0 -7520
ecx 0x41509040 1095798848
edx 0x413fdce6 1094704358
ebx 0x2f00 12032
esp 0xbfffdce0 0xbfffdce0
ebp 0xbfffdcf8 0xbfffdcf8
esi 0x2f0 752
edi 0x413fd9f6 1094703606
eip 0x82e8fef 0x82e8fef
eflags 0x10286 66182
cs 0x23 35
ss 0x2b 43
ds 0x2b 43
es 0x2b 43
fs 0x0 0
gs 0x7 7
st0 -nan(0x2727272727272727) (raw 0xffff2727272727272727)
st1 -nan(0x2525232324212022) (raw 0xffff2525232324212022)
st2 -nan(0x2724232623212122) (raw 0xffff2724232623212122)
st3 -nan(0x000000021) (raw 0xffff0000000000000021)
st4 -nan(0x40000000d) (raw 0xffff000000040000000d)
st5 -nan(0x1000100010001) (raw 0xffff0001000100010001)
st6 -nan(0x00000007d) (raw 0xffff000000000000007d)
st7 -0e+4922 (raw 0xffff0000000000000000)
fctrl 0x37f 895
fstat 0x420 1056
ftag 0xaaaa 43690
fiseg 0x0 0
fioff 0x0 0
foseg 0x0 0
fooff 0x0 0
fop 0x0 0
xmm0 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {
0x8000000000000000, 0x8000000000000000}, v16_int8 = {
0xff <repeats 16 times>}, v8_int16 = {0xffff, 0xffff, 0xffff, 0xffff,
0xffff, 0xffff, 0xffff, 0xffff}, v4_int32 = {0xffffffff, 0xffffffff,
0xffffffff, 0xffffffff}, v2_int64 = {0xffffffffffffffff,
0xffffffffffffffff}, uint128 = 0xffffffffffffffffffffffffffffffff}
xmm1 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {
0x8000000000000000, 0x8000000000000000}, v16_int8 = {
0xff <repeats 16 times>}, v8_int16 = {0xffff, 0xffff, 0xffff, 0xffff,
0xffff, 0xffff, 0xffff, 0xffff}, v4_int32 = {0xffffffff, 0xffffffff,
0xffffffff, 0xffffffff}, v2_int64 = {0xffffffffffffffff,
0xffffffffffffffff}, uint128 = 0xffffffffffffffffffffffffffffffff}
xmm2 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {
0x8000000000000000, 0x8000000000000000}, v16_int8 = {
0xff <repeats 16 times>}, v8_int16 = {0xffff, 0xffff, 0xffff, 0xffff,
0xffff, 0xffff, 0xffff, 0xffff}, v4_int32 = {0xffffffff, 0xffffffff,
0xffffffff, 0xffffffff}, v2_int64 = {0xffffffffffffffff,
0xffffffffffffffff}, uint128 = 0xffffffffffffffffffffffffffffffff}
xmm3 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {
0x8000000000000000, 0x8000000000000000}, v16_int8 = {
0xff <repeats 16 times>}, v8_int16 = {0xffff, 0xffff, 0xffff, 0xffff,
0xffff, 0xffff, 0xffff, 0xffff}, v4_int32 = {0xffffffff, 0xffffffff,
0xffffffff, 0xffffffff}, v2_int64 = {0xffffffffffffffff,
0xffffffffffffffff}, uint128 = 0xffffffffffffffffffffffffffffffff}
xmm4 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {
0x8000000000000000, 0x8000000000000000}, v16_int8 = {
0xff <repeats 16 times>}, v8_int16 = {0xffff, 0xffff, 0xffff, 0xffff,
0xffff, 0xffff, 0xffff, 0xffff}, v4_int32 = {0xffffffff, 0xffffffff,
0xffffffff, 0xffffffff}, v2_int64 = {0xffffffffffffffff,
0xffffffffffffffff}, uint128 = 0xffffffffffffffffffffffffffffffff}
xmm5 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {
0x8000000000000000, 0x8000000000000000}, v16_int8 = {
0xff <repeats 16 times>}, v8_int16 = {0xffff, 0xffff, 0xffff, 0xffff,
0xffff, 0xffff, 0xffff, 0xffff}, v4_int32 = {0xffffffff, 0xffffffff,
0xffffffff, 0xffffffff}, v2_int64 = {0xffffffffffffffff,
0xffffffffffffffff}, uint128 = 0xffffffffffffffffffffffffffffffff}
xmm6 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {
0x8000000000000000, 0x8000000000000000}, v16_int8 = {
0xff <repeats 16 times>}, v8_int16 = {0xffff, 0xffff, 0xffff, 0xffff,
0xffff, 0xffff, 0xffff, 0xffff}, v4_int32 = {0xffffffff, 0xffffffff,
0xffffffff, 0xffffffff}, v2_int64 = {0xffffffffffffffff,
0xffffffffffffffff}, uint128 = 0xffffffffffffffffffffffffffffffff}
xmm7 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {
0x8000000000000000, 0x8000000000000000}, v16_int8 = {
0xff <repeats 16 times>}, v8_int16 = {0xffff, 0xffff, 0xffff, 0xffff,
0xffff, 0xffff, 0xffff, 0xffff}, v4_int32 = {0xffffffff, 0xffffffff,
0xffffffff, 0xffffffff}, v2_int64 = {0xffffffffffffffff,
0xffffffffffffffff}, uint128 = 0xffffffffffffffffffffffffffffffff}
mxcsr 0x1f80 8064
mm0 {uint64 = 0x2727272727272727, v2_int32 = {0x27272727,
0x27272727}, v4_int16 = {0x2727, 0x2727, 0x2727, 0x2727}, v8_int8 =
{0x27,
0x27, 0x27, 0x27, 0x27, 0x27, 0x27, 0x27}}
mm1 {uint64 = 0x2525232324212022, v2_int32 = {0x24212022,
0x25252323}, v4_int16 = {0x2022, 0x2421, 0x2323, 0x2525}, v8_int8 =
{0x22,
0x20, 0x21, 0x24, 0x23, 0x23, 0x25, 0x25}}
mm2 {uint64 = 0x2724232623212122, v2_int32 = {0x23212122,
0x27242326}, v4_int16 = {0x2122, 0x2321, 0x2326, 0x2724}, v8_int8 =
{0x22,
0x21, 0x21, 0x23, 0x26, 0x23, 0x24, 0x27}}
mm3 {uint64 = 0x21, v2_int32 = {0x21, 0x0}, v4_int16 = {0x21,
0x0,
0x0, 0x0}, v8_int8 = {0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}
mm4 {uint64 = 0x40000000d, v2_int32 = {0xd, 0x4}, v4_int16 =
{0xd,
0x0, 0x4, 0x0}, v8_int8 = {0xd, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0}}
mm5 {uint64 = 0x1000100010001, v2_int32 = {0x10001, 0x10001},
v4_int16 = {0x1, 0x1, 0x1, 0x1}, v8_int8 = {0x1, 0x0, 0x1, 0x0, 0x1,
0x0,
0x1, 0x0}}
mm6 {uint64 = 0x7d, v2_int32 = {0x7d, 0x0}, v4_int16 = {0x7d,
0x0,
0x0, 0x0}, v8_int8 = {0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}
mm7 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0, 0x0,
0x0, 0x0}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}
(gdb) disass sad16_y2_mmx2
Dump of assembler code for function sad16_y2_mmx2:
0x082e8f90 <sad16_y2_mmx2+0>: push %ebp
0x082e8f91 <sad16_y2_mmx2+1>: mov %esp,%ebp
0x082e8f93 <sad16_y2_mmx2+3>: sub $0x18,%esp
0x082e8f96 <sad16_y2_mmx2+6>: mov %ebx,0xfffffff4(%ebp)
0x082e8f99 <sad16_y2_mmx2+9>: mov %esi,0xfffffff8(%ebp)
0x082e8f9c <sad16_y2_mmx2+12>: mov %edi,0xfffffffc(%ebp)
0x082e8f9f <sad16_y2_mmx2+15>: pxor %mm7,%mm7
0x082e8fa2 <sad16_y2_mmx2+18>: pxor %mm6,%mm6
0x082e8fa5 <sad16_y2_mmx2+21>: movq 0x83967c0,%mm5
0x082e8fac <sad16_y2_mmx2+28>: mov 0x14(%ebp),%ebx
0x082e8faf <sad16_y2_mmx2+31>: mov 0x10(%ebp),%eax
0x082e8fb2 <sad16_y2_mmx2+34>: imul 0x18(%ebp),%ebx
0x082e8fb6 <sad16_y2_mmx2+38>: add 0x14(%ebp),%eax
0x082e8fb9 <sad16_y2_mmx2+41>: mov 0x10(%ebp),%edi
0x082e8fbc <sad16_y2_mmx2+44>: mov 0xc(%ebp),%ecx
0x082e8fbf <sad16_y2_mmx2+47>: mov 0x14(%ebp),%esi
0x082e8fc2 <sad16_y2_mmx2+50>: mov %eax,0xffffffe8(%ebp)
0x082e8fc5 <sad16_y2_mmx2+53>: mov 0xffffffe8(%ebp),%edx
0x082e8fc8 <sad16_y2_mmx2+56>: mov %ebx,%eax
0x082e8fca <sad16_y2_mmx2+58>: neg %eax
0x082e8fcc <sad16_y2_mmx2+60>: sub %eax,%edi
0x082e8fce <sad16_y2_mmx2+62>: sub %eax,%edx
0x082e8fd0 <sad16_y2_mmx2+64>: sub %eax,%ecx
0x082e8fd2 <sad16_y2_mmx2+66>: lea 0x0(%esi,1),%esi
0x082e8fd9 <sad16_y2_mmx2+73>: lea 0x0(%edi,1),%edi
0x082e8fe0 <sad16_y2_mmx2+80>: movq (%edi,%eax,1),%mm0
0x082e8fe4 <sad16_y2_mmx2+84>: movq (%edx,%eax,1),%mm2
0x082e8fe8 <sad16_y2_mmx2+88>: pavgb %mm2,%mm0
0x082e8feb <sad16_y2_mmx2+91>: movq (%ecx,%eax,1),%mm2
0x082e8fef <sad16_y2_mmx2+95>: psadbw %mm2,%mm0
0x082e8ff2 <sad16_y2_mmx2+98>: add %esi,%eax
0x082e8ff4 <sad16_y2_mmx2+100>: movq (%edi,%eax,1),%mm1
0x082e8ff8 <sad16_y2_mmx2+104>: movq (%edx,%eax,1),%mm3
0x082e8ffc <sad16_y2_mmx2+108>: pavgb %mm1,%mm3
0x082e8fff <sad16_y2_mmx2+111>: movq (%ecx,%eax,1),%mm1
0x082e9003 <sad16_y2_mmx2+115>: psadbw %mm1,%mm3
0x082e9006 <sad16_y2_mmx2+118>: paddw %mm3,%mm0
0x082e9009 <sad16_y2_mmx2+121>: paddw %mm0,%mm6
0x082e900c <sad16_y2_mmx2+124>: add %esi,%eax
0x082e900e <sad16_y2_mmx2+126>: js 0x82e8fe0 <sad16_y2_mmx2+80>
0x082e9010 <sad16_y2_mmx2+128>: mov 0x10(%ebp),%edi
0x082e9013 <sad16_y2_mmx2+131>: mov 0xffffffe8(%ebp),%edx
0x082e9016 <sad16_y2_mmx2+134>: mov %ebx,%eax
0x082e9018 <sad16_y2_mmx2+136>: neg %eax
0x082e901a <sad16_y2_mmx2+138>: lea 0x8(%edi,%ebx,1),%ecx
0x082e901e <sad16_y2_mmx2+142>: mov 0xc(%ebp),%edi
0x082e9021 <sad16_y2_mmx2+145>: lea 0x8(%edx,%ebx,1),%esi
0x082e9025 <sad16_y2_mmx2+149>: lea 0x8(%edi,%ebx,1),%edx
0x082e9029 <sad16_y2_mmx2+153>: mov 0x14(%ebp),%ebx
0x082e902c <sad16_y2_mmx2+156>: lea 0x0(%esi,1),%esi
0x082e9030 <sad16_y2_mmx2+160>: movq (%ecx,%eax,1),%mm0
0x082e9034 <sad16_y2_mmx2+164>: movq (%esi,%eax,1),%mm2
0x082e9038 <sad16_y2_mmx2+168>: pavgb %mm2,%mm0
0x082e903b <sad16_y2_mmx2+171>: movq (%edx,%eax,1),%mm2
0x082e903f <sad16_y2_mmx2+175>: psadbw %mm2,%mm0
0x082e9042 <sad16_y2_mmx2+178>: add %ebx,%eax
0x082e9044 <sad16_y2_mmx2+180>: movq (%ecx,%eax,1),%mm1
0x082e9048 <sad16_y2_mmx2+184>: movq (%esi,%eax,1),%mm3
0x082e904c <sad16_y2_mmx2+188>: pavgb %mm1,%mm3
0x082e904f <sad16_y2_mmx2+191>: movq (%edx,%eax,1),%mm1
0x082e9053 <sad16_y2_mmx2+195>: psadbw %mm1,%mm3
0x082e9056 <sad16_y2_mmx2+198>: paddw %mm3,%mm0
0x082e9059 <sad16_y2_mmx2+201>: paddw %mm0,%mm6
0x082e905c <sad16_y2_mmx2+204>: add %ebx,%eax
0x082e905e <sad16_y2_mmx2+206>: js 0x82e9030 <sad16_y2_mmx2+160>
0x082e9060 <sad16_y2_mmx2+208>: movd %mm6,%eax
0x082e9063 <sad16_y2_mmx2+211>: mov 0xfffffff4(%ebp),%ebx
0x082e9066 <sad16_y2_mmx2+214>: mov 0xfffffff8(%ebp),%esi
0x082e9069 <sad16_y2_mmx2+217>: mov 0xfffffffc(%ebp),%edi
0x082e906c <sad16_y2_mmx2+220>: leave
0x082e906d <sad16_y2_mmx2+221>: ret
End of assembler dump.
ds9:~ # cat /proc/1980/maps
08048000-083a9000 r-xp 00000000 03:03 37304 /usr/local/bin/mencoder
083a9000-083f7000 rw-p 00360000 03:03 37304 /usr/local/bin/mencoder
083f7000-0868a000 rwxp 00000000 00:00 0
40000000-40018000 r-xp 00000000 03:42 6843 /lib/ld-2.3.2.so
40018000-40019000 rw-p 00017000 03:42 6843 /lib/ld-2.3.2.so
40019000-4001d000 rw-p 00000000 00:00 0
4002b000-40078000 r-xp 00000000 03:03 37312 /usr/local/lib/libmp3lame.so.0.0.0
40078000-4007d000 rw-p 0004c000 03:03 37312 /usr/local/lib/libmp3lame.so.0.0.0
4007d000-400d9000 rw-p 00000000 00:00 0
400d9000-400f2000 r-xp 00000000 03:03 26365 /usr/lib/libdv.so.2.1.0
400f2000-400f4000 rw-p 00019000 03:03 26365 /usr/lib/libdv.so.2.1.0
400f4000-40102000 rw-p 00000000 00:00 0
40102000-4012f000 r-xp 00000000 03:03 31764 /usr/lib/libpng.so.3.1.2.5
4012f000-40130000 rw-p 0002d000 03:03 31764 /usr/lib/libpng.so.3.1.2.5
40130000-4013d000 r-xp 00000000 03:42 4799 /lib/libz.so.1.1.4
4013d000-4013f000 rw-p 0000d000 03:42 4799 /lib/libz.so.1.1.4
4013f000-40140000 rw-p 00000000 00:00 0
40140000-4015f000 r-xp 00000000 03:03 28739 /usr/lib/libjpeg.so.62.0.0
4015f000-40160000 rw-p 0001e000 03:03 28739 /usr/lib/libjpeg.so.62.0.0
40160000-401b1000 r-xp 00000000 03:03 31644 /usr/lib/libfreetype.so.6.3.3
401b1000-401b5000 rw-p 00050000 03:03 31644 /usr/lib/libfreetype.so.6.3.3
401b5000-401b6000 rw-p 00000000 00:00 0
401b6000-401c7000 r-xp 00000000 03:03 26035 /usr/lib/libcdda_interface.so.0.9.8
401c7000-401c8000 rw-p 00011000 03:03 26035 /usr/lib/libcdda_interface.so.0.9.8
401c8000-401cf000 r-xp 00000000 03:03 21166 /usr/lib/libcdda_paranoia.so.0.9.8
401cf000-401d0000 rw-p 00007000 03:03 21166 /usr/lib/libcdda_paranoia.so.0.9.8
401d0000-401e2000 r-xp 00000000 03:42 3829 /lib/libnsl.so.1
401e2000-401e3000 rw-p 00011000 03:42 3829 /lib/libnsl.so.1
401e3000-401e5000 rw-p 00000000 00:00 0
401e5000-401ec000 r-xp 00000000 03:03 25977 /usr/lib/libungif.so.4.1.0
401ec000-401ed000 rw-p 00006000 03:03 25977 /usr/lib/libungif.so.4.1.0
401ed000-401ee000 rw-p 00000000 00:00 0
401ee000-40212000 r-xp 00000000 03:03 26122 /usr/lib/libfontconfig.so.1.0.4
40212000-40215000 rw-p 00023000 03:03 26122 /usr/lib/libfontconfig.so.1.0.4
40215000-40216000 rw-p 00000000 00:00 0
40216000-4021a000 r-xp 00000000 03:03 26317 /usr/lib/liblirc_client.so.0.0.0
4021a000-4021b000 rw-p 00003000 03:03 26317 /usr/lib/liblirc_client.so.0.0.0
4021b000-40229000 r-xp 00000000 03:42 6837 /lib/i686/libpthread.so.0
40229000-4022a000 rw-p 0000d000 03:42 6837 /lib/i686/libpthread.so.0
4022a000-4026c000 rw-p 00000000 00:00 0
4026c000-4026e000 r-xp 00000000 03:42 3825 /lib/libdl.so.2
4026e000-4026f000 rw-p 00002000 03:42 3825 /lib/libdl.so.2
4026f000-40291000 r-xp 00000000 03:42 6810 /lib/i686/libm.so.6
40291000-40292000 rw-p 00021000 03:42 6810 /lib/i686/libm.so.6
40292000-403be000 r-xp 00000000 03:42 6809 /lib/i686/libc.so.6
403be000-403c3000 rw-p 0012c000 03:42 6809 /lib/i686/libc.so.6
403c3000-403c6000 rw-p 00000000 00:00 0
403c6000-403c9000 r-xp 00000000 03:42 4544 /lib/libresmgr.so.0.1
403c9000-403ca000 rw-p 00002000 03:42 4544 /lib/libresmgr.so.0.1
403ca000-404c2000 r-xp 00000000 03:03 7206 /usr/X11R6/lib/libX11.so.6.2
404c2000-404c6000 rw-p 000f8000 03:03 7206 /usr/X11R6/lib/libX11.so.6.2
404c6000-404e3000 r-xp 00000000 03:03 25527 /usr/lib/libexpat.so.0.4.0
404e3000-404e6000 rw-p 0001c000 03:03 25527 /usr/lib/libexpat.so.0.4.0
404e6000-404e7000 rw-p 00000000 00:00 0
404e7000-4051a000 r--p 00000000 03:03 27541 /usr/lib/locale/de_DE@euro/LC_CTYPE
4051a000-40807000 rw-p 00000000 00:00 0
40839000-41609000 rw-p 0031f000 00:00 0
41623000-41678000 rw-p 01109000 00:00 0
bff87000-c0000000 rwxp fff88000 00:00 0
__Martin