This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug libc/12123] SIGBUS on strstr_sse42 due to bad alignment
- From: "throctukes at gmail dot com" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sources dot redhat dot com
- Date: Thu, 28 Oct 2010 15:42:25 +0000
- Subject: [Bug libc/12123] SIGBUS on strstr_sse42 due to bad alignment
- Auto-submitted: auto-generated
- References: <bug-12123-131@http.sourceware.org/bugzilla/>
http://sourceware.org/bugzilla/show_bug.cgi?id=12123
throctukes at gmail dot com changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |throctukes at gmail dot com
--- Comment #17 from throctukes at gmail dot com 2010-10-28 15:42:10 UTC ---
This looks very similar to a problem I've been seeing which manifests in the
Mono soft debugger - although interestingly I've seen this on 64bit
architecture. Discussion of the problem has been going on here:
http://ubuntuforums.org/showthread.php?t=1602295 - Here's a summary:
On machines using the sse4.2 instruction set there seems to be an issue with
the use of the optimised strstr function in glibc which causes a segfault
whenever the mono soft debugger is used. A VMWare image run on a machine
without an sse4.2 capable processor will behave normally (i.e., no segfault),
but if transferred onto a machine with an sse4.2 capable processor will
segfault in the same way as the host would (i.e., will segfault during
debugging), which suggests that when this issue occurs it's not due to a
misconfigured system.
If glibc is built without the sse4.2 optimised version of strstr enabled, this
issue is not apparent.
Inside strstr, the segfault traces to line 286 in x86_64/multiarch/strstr.c
inside glibc:
280 /* p1 > 1 byte long. Load up to 16 bytes of fragment. */
281 __m128i frag1 = strloadu (p1);
282
283 __m128i frag2;
284 if (p2[1] != '\0')
285 /* p2 is > 1 byte long. */
286 frag2 = strloadu (p2);
287 else
288 frag2 = _mm_insert_epi8 (_mm_setzero_si128 (), LOADBYTE (p2[0]), 0);
Checking the disassembly at this point:
Program received signal SIGSEGV, Segmentation fault.
0x00007f85b165ee6b in __strstr_sse42 (s1=0x6d5280
"mono_create_corlib_exception_1", s2=0x6d3f05 "ves_array_new_va_") at
../sysdeps/x86_64/multiarch/strstr.c:286
...
(gdb) disassemble
...
0x00007f85b165ee60 <+880>: mov %rbx,%rax
0x00007f85b165ee63 <+883>: jmpq 0x7f85b165eb22 <__strstr_sse42+50>
0x00007f85b165ee68 <+888>: mov %r13,%rdi
=> 0x00007f85b165ee6b <+891>: movdqa %xmm0,(%rsp)
0x00007f85b165ee70 <+896>: callq 0x7f85b165e9b0 <__m128i_strloadu>
0x00007f85b165ee75 <+901>: movdqa %xmm0,0x10(%rsp)
0x00007f85b165ee7b <+907>: movdqa (%rsp),%xmm1
0x00007f85b165ee80 <+912>: jmpq 0x7f85b165eb98 <__strstr_sse42+168>
...
(gdb) p $rsp
$1 = (void *) 0x7fff829769e8
Bug report on the Mono bugzilla:
https://bugzilla.novell.com/show_bug.cgi?id=647464
A similar problem to this has been reported on the NVidia Developer Zone forum
affecting the NVPerfKit tool (again a debugging tool as far as I can tell)
http://developer.nvidia.com/forums/index.php?showtopic=4926
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.