From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 20283 invoked by alias); 12 Apr 2002 12:05:48 -0000 Mailing-List: contact gdb-help@sources.redhat.com; run by ezmlm Precedence: bulk List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-owner@sources.redhat.com Received: (qmail 20268 invoked from network); 12 Apr 2002 12:05:44 -0000 Received: from unknown (HELO mirapoint.inter.net.il) (192.114.186.20) by sources.redhat.com with SMTP; 12 Apr 2002 12:05:44 -0000 Received: from zaretsky (diup-217-24.inter.net.il [213.8.217.24]) by mirapoint.inter.net.il (Mirapoint Messaging Server MOS 2.9.3.2) with ESMTP id AAZ27960; Fri, 12 Apr 2002 15:05:34 +0300 (IDT) Date: Fri, 12 Apr 2002 05:05:00 -0000 From: "Eli Zaretskii" To: mludvig@suse.cz Message-Id: <4331-Fri12Apr2002150053+0300-eliz@is.elta.co.il> CC: gdb@sources.redhat.com In-reply-to: <3CB6C492.80108@suse.cz> (message from Michal Ludvig on Fri, 12 Apr 2002 13:27:14 +0200) Subject: Re: Strange segfaults of gdb Reply-to: Eli Zaretskii References: <3CB5B5F1.7010809@suse.cz> <9743-Fri12Apr2002120839+0300-eliz@is.elta.co.il> <3CB6C492.80108@suse.cz> X-SW-Source: 2002-04/txt/msg00207.txt.bz2 > Date: Fri, 12 Apr 2002 13:27:14 +0200 > From: Michal Ludvig > > > What if you run GDB under another GDB--can you see where does the > > subordinate GDB crash then? > > (gdb) p 1 > $1 = 1 > (gdb) r > Starting program: /root/mludvig/tst/xmmtest > > Program received signal SIGSEGV, Segmentation fault. > 0x2a95ae759c in wait4 () at soinit.c:76 > 76 } > (top-gdb) disassemble 0x2a95ae759c It's more useful to type "bt" at this point. Then you will know what kind of code in GDB called wait4. > Dump of assembler code for function wait4: > 0x2a95ae7590 : mov %rcx,%r10 > 0x2a95ae7593 : mov $0x3d,%rax > 0x2a95ae759a : syscall > 0x2a95ae759c : cmp $0xfffffffffffff001,%rax > 0x2a95ae75a2 : jae 0x2a95ae75a5 > 0x2a95ae75a4 : retq > 0x2a95ae75a5 : xor %rdx,%rdx > 0x2a95ae75a8 : sub %rax,%rdx > 0x2a95ae75ab : push %rdx > 0x2a95ae75ac : callq 0x2a95a6fa30 > 0x2a95ae75b1 : pop %rdx > 0x2a95ae75b2 : mov %rdx,(%rax) > 0x2a95ae75b5 : or $0xffffffffffffffff,%rax > 0x2a95ae75b9 : jmp 0x2a95ae75a4 > 0x2a95ae75bb : nop > 0x2a95ae75bc : nop > 0x2a95ae75bd : nop > 0x2a95ae75be : nop > 0x2a95ae75bf : nop > End of assembler dump. > > So it appears like the segfault happend on 'cmp ,' > instruction, which shouldn't be able to generate any exception at all. I suspect that what crashed is the syscall instruction before that: > Dump of assembler code for function wait4: > 0x2a95ae7590 : mov %rcx,%r10 > 0x2a95ae7593 : mov $0x3d,%rax > 0x2a95ae759a : syscall > 0x2a95ae759c : cmp $0xfffffffffffff001,%rax It is also possible that the stack is somehow blown up, which would explain why the first instruction after a syscall return crashes.