[MPlayer-dev-eng] [PATCH] fix to codec memory mapper to prevent segfaults
Martin Simmons
vyslnqaaxytp at spammotel.com
Sun Jul 4 01:07:35 CEST 2004
Hi there,
Sorry for the length of this mail, but the patch is low level so I thought you
might need some evidence.
After recently replacing all my installed codecs with those from
mplayer-codecs-extralite-2.0-2.i386.rpm, the GUI MPlayer regularly segfaults
when playing wmv8 files (debugging output below; the movie is
http://www.chanimal.com/videomaker/Talent_Show_Promo_-_256kbs.wmv).
I've tracked this down to the mapping of the wmvdmod.dll codec (previously I
had wmv8ds32.ax, so this didn't happen). The problem is that the base address
of wmvdmod.dll makes it obliterate the libc heap if this has grown too much
before the codec is loaded. This is more likely to happen in the GUI, but is
a general problem and is possibly exploitable for remote code execution too.
The attached patch fixes the problem on Linux by making VirtualAlloc avoid
already-allocated addresses, something like it does in Win32. I say
"something like" because for efficiency it only records the addresses the
first time, rather than for each allocation request, but that is sufficient in
this case.
Linux cpc5-cmbg1-6-0-cust208.cmbg.cable.ntl.com 2.4.21-0.13mdk #1 Fri Mar 14 15:08:06 EST 2003 i686 unknown unknown GNU/Linux
-rwxr-xr-x 1 root root 1229764 Feb 17 2003 /lib/libc-2.3.1.so
lrwxrwxrwx 1 root root 13 May 3 2003 /lib/libc.so.6 -> libc-2.3.1.so
Reading specs from /usr/lib/gcc-lib/i586-mandrake-linux-gnu/3.2.2/specs
Configured with: ../configure --prefix=/usr --libdir=/usr/lib --with-slibdir=/lib --mandir=/usr/share/man --infodir=/usr/share/info --enable-shared --enable-threads=posix --disable-checking --enable-long-long --enable-__cxa_atexit --enable-languages=c,c++,ada,f77,objc,java --host=i586-mandrake-linux-gnu --with-system-zlib
Thread model: posix
gcc version 3.2.2 (Mandrake Linux 9.1 3.2.2-3mdk)
cpc5-cmbg1-6-0-cust208:/home/martin/tmp 65 % ld -v
GNU ld version 2.13.90.0.18 20030121
GNU assembler 2.13.90.0.18 20030121
Copyright 2002 Free Software Foundation, Inc.
This program is free software; you may redistribute it under the terms of
the GNU General Public License. This program has absolutely no warranty.
This assembler was configured for a target of `i586-mandrake-linux-gnu'.
processor : 0
vendor_id : AuthenticAMD
cpu family : 6
model : 2
model name : AMD Athlon(tm) Processor
stepping : 1
cpu MHz : 604.245
cache size : 512 KB
fdiv_bug : no
hlt_bug : no
f00f_bug : no
coma_bug : no
fpu : yes
fpu_exception : yes
cpuid level : 1
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 mmx fxsr syscall mmxext 3dnowext 3dnow
bogomips : 1205.86
cpc5-cmbg1-6-0-cust208:/home/martin/tmp/mplayer/MPlayer-20040703 118 % gdb ./gmplayer
GNU gdb 5.3-22mdk (Mandrake Linux)
Copyright 2002 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i586-mandrake-linux-gnu"...
gdb> r -v /tmp/Talent_Show_Promo_-_256kbs.wmv
Starting program: /home/martin/tmp/mplayer/MPlayer-20040703/gmplayer -v /tmp/Talent_Show_Promo_-_256kbs.wmv
[New Thread 16384 (LWP 14707)]
Using GNU internationalization
Original domain: messages
Original dirname: /usr/share/locale
Current domain: mplayer
Current dirname: /usr/share/locale
MPlayer dev-CVS-040703-05:00-3.2.2 (C) 2000-2004 MPlayer Team
CPU: Advanced Micro Devices Athlon K75 Pluto,Orion 604.8 MHz (Family: 6, Stepping: 1)
Detected cache-line size is 64 bytes
CPUflags: MMX: 1 MMX2: 1 3DNow: 1 3DNow2: 1 SSE: 0 SSE2: 0
Compiled with runtime CPU detection - WARNING - this is not optimal!
To get best performance, recompile MPlayer with --disable-runtime-cpudetection.
Reading config file /etc/mplayer/mplayer.conf
Reading config file /home/martin/.mplayer/config
[cfg] read config file: /home/martin/.mplayer/gui.conf
Reading config file /home/martin/.mplayer/gui.conf
vo: X11 running at 1600x1200 with depth 24 and 32 bpp (":0" => local display)
Reading /home/martin/.mplayer/codecs.conf: Can't open '/home/martin/.mplayer/codecs.conf': No such file or directory
Reading /etc/mplayer/codecs.conf: 66 audio & 176 video codecs
CommandLine: '-v' '/tmp/Talent_Show_Promo_-_256kbs.wmv'
init_freetype
get_path('font/font.desc') -> '/home/martin/.mplayer/font/font.desc'
font: can't open file: /home/martin/.mplayer/font/font.desc
Font /usr/share/mplayer/font/font.desc loaded successfully! (206 chars)
Using MMX (with tiny bit MMX2) Optimized OnScreenDisplay
Failed to open /dev/rtc: Permission denied (it should be readable by the user.)
Using usleep() timing
get_path('input.conf') -> '/home/martin/.mplayer/input.conf'
Can't open input config file /home/martin/.mplayer/input.conf: No such file or directory
Parsing input config file /etc/mplayer/input.conf
Input config file /etc/mplayer/input.conf parsed: 53 binds
vo: X11 truecolor visual 0x23, depth 24, R:FF0000 G:FF00 B:FF
vo: X11 truecolor visual 0x24, depth 24, R:FF0000 G:FF00 B:FF
vo: X11 truecolor visual 0x25, depth 24, R:FF0000 G:FF00 B:FF
vo: X11 truecolor visual 0x26, depth 24, R:FF0000 G:FF00 B:FF
get_path('Skin') -> '/home/martin/.mplayer/Skin'
SKIN dir 1: '/home/martin/.mplayer/Skin'
SKIN dir 2: '/usr/share/mplayer/Skin'
vo: X11 truecolor visual 0x23, depth 24, R:FF0000 G:FF00 B:FF
vo: X11 truecolor visual 0x24, depth 24, R:FF0000 G:FF00 B:FF
vo: X11 truecolor visual 0x25, depth 24, R:FF0000 G:FF00 B:FF
vo: X11 truecolor visual 0x26, depth 24, R:FF0000 G:FF00 B:FF
vo: X11 truecolor visual 0x23, depth 24, R:FF0000 G:FF00 B:FF
vo: X11 truecolor visual 0x24, depth 24, R:FF0000 G:FF00 B:FF
vo: X11 truecolor visual 0x25, depth 24, R:FF0000 G:FF00 B:FF
vo: X11 truecolor visual 0x26, depth 24, R:FF0000 G:FF00 B:FF
vo: X11 truecolor visual 0x23, depth 24, R:FF0000 G:FF00 B:FF
vo: X11 truecolor visual 0x24, depth 24, R:FF0000 G:FF00 B:FF
vo: X11 truecolor visual 0x25, depth 24, R:FF0000 G:FF00 B:FF
vo: X11 truecolor visual 0x26, depth 24, R:FF0000 G:FF00 B:FF
get_path('Talent_Show_Promo_-_256kbs.wmv.conf') -> '/home/martin/.mplayer/Talent_Show_Promo_-_256kbs.wmv.conf'
Playing /tmp/Talent_Show_Promo_-_256kbs.wmv.
[file] File size is 1390153 bytes
STREAM: [file] /tmp/Talent_Show_Promo_-_256kbs.wmv
STREAM: Description: File
STREAM: Author: Albeu
STREAM: Comment: based on the code from ??? (probably Arpi)
CACHE_PRE_INIT: 0 [0] 0 pre:0 eof:0
Cache fill: 16.57% (1390153 bytes) Checking for YUV4MPEG2
DEMUXER: freeing demuxer at 0x8739ab0
ASF file format detected.
ASF: packets: 961 flags: 2 max_packet_size: 1444 min_packet_size: 1444 max_bitrate: 310951 preroll: 3000
stream type: guid_audio_stream
stream concealment: guid_audio_conceal_interleave
type: 28 bytes, stream: 8 bytes ID: 1
unk1: 0 unk2: 1F8F990
FILEPOS=0x776
==> Found audio stream: 1
======= WAVE Format =======
Format Tag: 353 (0x161)
Channels: 2
Samplerate: 22050
avg byte/sec: 4006
Block align: 744
bits/sample: 16
cbSize: 10
Unknown extra header dump: [0] [44] [0] [0] [17] [0] [41] [17] [0] [0]
===========================
ASF: audio scrambling: 1 x 1 x 744
stream type: guid_video_stream
stream concealment: unknown guid 0057fb20-555b-cf11-a8fd00805f5c442b
type: 55 bytes, stream: 0 bytes ID: 2
unk1: 0 unk2: 130ECD0
FILEPOS=0x7E8
==> Found video stream: 2
======= VIDEO Format ======
biSize 44
biWidth 320
biHeight 240
biPlanes 1
biBitCount 24
biCompression 844516695='WMV2'
biSizeImage 0
Unknown extra header dump: [f0] [df] [fc] [80]
===========================
============ ASF Stream group == START ===
object size = 38
stream count=[0x2][2]
stream id=[0x1][1]
max bitrate=[0x80ec][33004]
stream id=[0x2][2]
max bitrate=[0x43dba][277946]
============ ASF Stream group == END ===
Found movie at 0x877 - 0x15351B
ASF: 1 audio and 1 video streams found
Auto-selected ASF video ID = 2
Auto-selected ASF audio ID = 1
VIDEO: [WMV2] 320x240 24bpp
ASF: Searching for audio stream (id:1).
[V] filefmt:6 fourcc:0x32564D57 size:320x240 fps:1000.00 ftime:=0.0010
get_path('sub/') -> '/home/martin/.mplayer/sub/'
get_path('default.sub') -> '/home/martin/.mplayer/default.sub'
==========================================================================
Opening audio decoder: [ffmpeg] FFmpeg/libavcodec audio decoders
dec_audio: Allocating 131072 + 65536 = 196608 bytes for output buffer.
FFmpeg's libavcodec audio codec
INFO: libavcodec init OK!
AUDIO: 22050 Hz, 2 ch, 16 bit (0x10), ratio: 4006->88200 (32.0 kbit)
Selected audio codec: [ffwmav2] afm:ffmpeg (DivX audio v2 (ffmpeg))
==========================================================================
==========================================================================
Opening video decoder: [dshow] DirectShow video codecs
Win32 LoadLibrary failed to load: wmv8ds32.ax, /usr/lib/codecs/wmv8ds32.ax, /usr/lib/win32/wmv8ds32.ax, /usr/local/lib/win32/wmv8ds32.ax
Warning: DS_Filter() could not open DirectShow DLL. (DLL=wmv8ds32.ax, r=0x876e29c)
Failed to create DirectShow filter
[x11] NET style stay on top (layer 0). Using state _NET_WM_STATE_STAYS_ON_TOP.
ERROR: Could not open required DirectShow codec wmv8ds32.ax.
Maybe you forget to upgrade your win32 codecs?? It's time to download the new
package from: ftp://mplayerhq.hu/MPlayer/releases/w32codec.tar.bz2!
VDecoder init failed :(
Opening video decoder: [dmo] DMO video codecs
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 16384 (LWP 14707)]
0x4088b3fe in mallopt () from /lib/i686/libc.so.6
gdb> bt
#0 0x4088b3fe in mallopt () from /lib/i686/libc.so.6
#1 0x4088acbc in mallopt () from /lib/i686/libc.so.6
#2 0x40889c61 in malloc () from /lib/i686/libc.so.6
#3 0x0816bf58 in VirtualAlloc (address=0x8779710, size=0x0, type=0x3000, protection=0x40) at ext.c:513
#4 0x08177226 in PE_LoadImage (handle=0xf, filename=0xbfffc430 "/usr/lib/codecs/wmvdmod.dll", version=0x0) at pe_image.c:566
#5 0x08177697 in PE_LoadLibraryExA (name=0x0, flags=0x0) at pe_image.c:842
#6 0x0816abc4 in MODULE_LoadLibraryExA (libname=0x0, hfile=0x0, flags=0x0) at module.c:302
#7 0x0816b1f4 in LoadLibraryExA (libname=0x8647848 "wmvdmod.dll", hfile=0x0, flags=0x0) at module.c:399
#8 0x0816b2b1 in LoadLibraryA (libname=0x0) at module.c:542
#9 0x0817e5e5 in DMO_FilterCreate (dllname=0x0, id=0x0, in_fmt=0x0, out_fmt=0x0) at dmo.c:54
#10 0x0817d80b in DMO_VideoDecoder_Open (dllname=0x0, guid=0x0, format=0x0, flip=0x0, maxauto=0x0) at DMO_VideoDecoder.c:187
#11 0x08113cff in init (sh=0x0) at vd_dmo.c:33
#12 0x0810f1ba in init_video (sh_video=0x0, codecname=0x0, vfm=0x0, status=0x1) at dec_video.c:237
#13 0x0810f43f in init_best_video_codec (sh_video=0x873ab28, video_codec_list=0xbfffd124, video_fm_list=0x0) at dec_video.c:283
#14 0x0809a1d7 in main (argc=0x3, argv=0xbffff4e4) at mplayer.c:1751
#15 0x4082c7f7 in __libc_start_main () from /lib/i686/libc.so.6
gdb> disass $pc-32 $pc+32
Dump of assembler code from 0x4088b3cc to 0x4088b430:
0x4088b3cc <mallopt+2636>: lea 0x0(%esi,1),%esi
0x4088b3d0 <mallopt+2640>: mov 0x4(%ecx),%eax
0x4088b3d3 <mallopt+2643>: mov 0x8(%ecx),%edi
0x4088b3d6 <mallopt+2646>: mov %eax,%esi
0x4088b3d8 <mallopt+2648>: mov %edi,0xffffffe8(%ebp)
0x4088b3db <mallopt+2651>: and $0xfffffffa,%esi
0x4088b3de <mallopt+2654>: lea (%esi,%ecx,1),%edi
0x4088b3e1 <mallopt+2657>: mov 0x4(%edi),%edx
0x4088b3e4 <mallopt+2660>: mov %edx,0xffffffdc(%ebp)
0x4088b3e7 <mallopt+2663>: and $0xfffffff8,%edx
0x4088b3ea <mallopt+2666>: and $0x1,%eax
0x4088b3ed <mallopt+2669>: mov %edx,0xffffffe0(%ebp)
0x4088b3f0 <mallopt+2672>: jne 0x4088b404 <mallopt+2692>
0x4088b3f2 <mallopt+2674>: mov (%ecx),%eax
0x4088b3f4 <mallopt+2676>: sub %eax,%ecx
0x4088b3f6 <mallopt+2678>: mov 0x8(%ecx),%edx
0x4088b3f9 <mallopt+2681>: add %eax,%esi
0x4088b3fb <mallopt+2683>: mov 0xc(%ecx),%eax
0x4088b3fe <mallopt+2686>: mov %eax,0xc(%edx)
0x4088b401 <mallopt+2689>: mov %edx,0x8(%eax)
0x4088b404 <mallopt+2692>: mov 0x8(%ebp),%eax
0x4088b407 <mallopt+2695>: cmp 0x54(%eax),%edi
0x4088b40a <mallopt+2698>: je 0x4088b46f <mallopt+2799>
0x4088b40c <mallopt+2700>: mov 0xffffffe0(%ebp),%edx
0x4088b40f <mallopt+2703>: testb $0x1,0x4(%edx,%edi,1)
0x4088b414 <mallopt+2708>: jne 0x4088b463 <mallopt+2787>
0x4088b416 <mallopt+2710>: mov 0xc(%edi),%eax
0x4088b419 <mallopt+2713>: add %edx,%esi
0x4088b41b <mallopt+2715>: mov 0x8(%edi),%edx
0x4088b41e <mallopt+2718>: mov %eax,0xc(%edx)
0x4088b421 <mallopt+2721>: mov %edx,0x8(%eax)
0x4088b424 <mallopt+2724>: mov %esi,(%esi,%ecx,1)
0x4088b427 <mallopt+2727>: mov 0xffffffe4(%ebp),%eax
0x4088b42a <mallopt+2730>: mov %esi,%edx
0x4088b42c <mallopt+2732>: or $0x1,%edx
0x4088b42f <mallopt+2735>: mov 0x8(%eax),%edi
End of assembler dump.
gdb> info all-registers
eax 0x0 0x0
ecx 0x8779710 0x8779710
edx 0x0 0x0
ebx 0x40946f50 0x40946f50
esp 0xbfffc294 0xbfffc294
ebp 0xbfffc2b8 0xbfffc2b8
esi 0x0 0x0
edi 0x8779710 0x8779710
eip 0x4088b3fe 0x4088b3fe
eflags 0x210246 0x210246
cs 0x23 0x23
ss 0x2b 0x2b
ds 0x2b 0x2b
es 0x2b 0x2b
fs 0x8f 0x8f
gs 0x7 0x7
st0 0 (raw 0x00000000000000000000)
st1 0 (raw 0x00000000000000000000)
st2 0 (raw 0x00000000000000000000)
st3 0 (raw 0x00000000000000000000)
st4 0 (raw 0x00000000000000000000)
st5 0 (raw 0x00000000000000000000)
st6 0.0061349693251533742332301665182298089 (raw 0x3ff7c907da4e871146ad)
st7 0.78527607361963190185346131433341554 (raw 0x3ffec907da4e871146ad)
fctrl 0x37f 0x37f
fstat 0x120 0x120
ftag 0xffff 0xffff
fiseg 0x0 0x0
fioff 0x0 0x0
foseg 0x0 0x0
fooff 0x0 0x0
fop 0x0 0x0
xmm0 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x8000000000000000, 0x8000000000000000}, v16_int8 = {0xff <repeats 16 times>}, v8_int16 = {0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff}, v4_int32 = {0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff}, v2_int64 = {0xffffffffffffffff, 0xffffffffffffffff}, uint128 = 0xffffffffffffffffffffffffffffffff}
xmm1 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x8000000000000000, 0x8000000000000000}, v16_int8 = {0xff <repeats 16 times>}, v8_int16 = {0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff}, v4_int32 = {0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff}, v2_int64 = {0xffffffffffffffff, 0xffffffffffffffff}, uint128 = 0xffffffffffffffffffffffffffffffff}
xmm2 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x8000000000000000, 0x8000000000000000}, v16_int8 = {0xff <repeats 16 times>}, v8_int16 = {0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff}, v4_int32 = {0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff}, v2_int64 = {0xffffffffffffffff, 0xffffffffffffffff}, uint128 = 0xffffffffffffffffffffffffffffffff}
xmm3 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x8000000000000000, 0x8000000000000000}, v16_int8 = {0xff <repeats 16 times>}, v8_int16 = {0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff}, v4_int32 = {0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff}, v2_int64 = {0xffffffffffffffff, 0xffffffffffffffff}, uint128 = 0xffffffffffffffffffffffffffffffff}
xmm4 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x8000000000000000, 0x8000000000000000}, v16_int8 = {0xff <repeats 16 times>}, v8_int16 = {0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff}, v4_int32 = {0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff}, v2_int64 = {0xffffffffffffffff, 0xffffffffffffffff}, uint128 = 0xffffffffffffffffffffffffffffffff}
xmm5 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x8000000000000000, 0x8000000000000000}, v16_int8 = {0xff <repeats 16 times>}, v8_int16 = {0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff}, v4_int32 = {0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff}, v2_int64 = {0xffffffffffffffff, 0xffffffffffffffff}, uint128 = 0xffffffffffffffffffffffffffffffff}
xmm6 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x8000000000000000, 0x8000000000000000}, v16_int8 = {0xff <repeats 16 times>}, v8_int16 = {0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff}, v4_int32 = {0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff}, v2_int64 = {0xffffffffffffffff, 0xffffffffffffffff}, uint128 = 0xffffffffffffffffffffffffffffffff}
xmm7 {v4_float = {0x0, 0x0, 0x0, 0x0}, v2_double = {0x8000000000000000, 0x8000000000000000}, v16_int8 = {0xff <repeats 16 times>}, v8_int16 = {0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff}, v4_int32 = {0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff}, v2_int64 = {0xffffffffffffffff, 0xffffffffffffffff}, uint128 = 0xffffffffffffffffffffffffffffffff}
mxcsr 0x1f80 0x1f80
orig_eax 0xffffffff 0xffffffff
mm0 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0, 0x0, 0x0, 0x0}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}
mm1 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0, 0x0, 0x0, 0x0}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}
mm2 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0, 0x0, 0x0, 0x0}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}
mm3 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0, 0x0, 0x0, 0x0}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}
mm4 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0, 0x0, 0x0, 0x0}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}
mm5 {uint64 = 0x0, v2_int32 = {0x0, 0x0}, v4_int16 = {0x0, 0x0, 0x0, 0x0}, v8_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}
mm6 {uint64 = 0xc907da4e871146ad, v2_int32 = {0x871146ad, 0xc907da4e}, v4_int16 = {0x46ad, 0x8711, 0xda4e, 0xc907}, v8_int8 = {0xad, 0x46, 0x11, 0x87, 0x4e, 0xda, 0x7, 0xc9}}
mm7 {uint64 = 0xc907da4e871146ad, v2_int32 = {0x871146ad, 0xc907da4e}, v4_int16 = {0x46ad, 0x8711, 0xda4e, 0xc907}, v8_int8 = {0xad, 0x46, 0x11, 0x87, 0x4e, 0xda, 0x7, 0xc9}}
gdb> shell cat /proc/14707/maps
08048000-084fb000 r-xp 00000000 03:08 805996 /home/martin/tmp/mplayer/MPlayer-20040703/mplayer
084fb000-0855b000 rw-p 004b2000 03:08 805996 /home/martin/tmp/mplayer/MPlayer-20040703/mplayer
0855b000-08730000 rwxp 00000000 00:00 0
08730000-08810000 rwxp 00000000 00:06 12 /dev/zero
40000000-40012000 r-xp 00000000 03:05 239528 /lib/ld-2.3.1.so
40012000-40013000 rw-p 00011000 03:05 239528 /lib/ld-2.3.1.so
40013000-40015000 rw-p 00000000 00:00 0
40015000-40016000 r--p 00000000 03:05 287479 /usr/share/locale/en_GB/LC_IDENTIFICATION
40016000-40017000 r--p 00000000 03:05 79898 /usr/share/locale/en_GB/LC_MEASUREMENT
40017000-40018000 r--p 00000000 03:05 287477 /usr/share/locale/en_GB/LC_TELEPHONE
40018000-40019000 r--p 00000000 03:05 79899 /usr/share/locale/en_GB/LC_ADDRESS
40019000-4001a000 r--p 00000000 03:05 79897 /usr/share/locale/en_GB/LC_NAME
4001a000-4001b000 r--p 00000000 03:05 79896 /usr/share/locale/en_GB/LC_PAPER
4001b000-4001c000 r--p 00000000 03:05 32001 /usr/share/locale/en_GB/LC_MESSAGES/SYS_LC_MESSAGES
4001c000-4001d000 r--p 00000000 03:05 287478 /usr/share/locale/en_GB/LC_MONETARY
4001d000-40023000 r--p 00000000 03:05 175658 /usr/share/locale/ISO-8859-1/LC_COLLATE
40023000-40024000 r--p 00000000 03:05 79895 /usr/share/locale/en_GB/LC_TIME
40024000-4003e000 r-xp 00000000 03:05 255907 /usr/lib/libvorbis.so.0.2.0
4003e000-40045000 rw-p 0001a000 03:05 255907 /usr/lib/libvorbis.so.0.2.0
40045000-40048000 r-xp 00000000 03:05 255888 /usr/lib/libogg.so.0.4.0
40048000-40049000 rw-p 00003000 03:05 255888 /usr/lib/libogg.so.0.4.0
40049000-4009c000 r-xp 00000000 03:05 260094 /usr/lib/libdivxdecore.so.0
4009c000-400ac000 rw-p 00052000 03:05 260094 /usr/lib/libdivxdecore.so.0
400ac000-400ae000 rw-p 00000000 00:00 0
400ae000-400e9000 r-xp 00000000 03:05 260161 /usr/lib/libmp3lame.so.0.0.0
400e9000-400ef000 rw-p 0003a000 03:05 260161 /usr/lib/libmp3lame.so.0.0.0
400ef000-4014b000 rw-p 00000000 00:00 0
4014b000-4016f000 r-xp 00000000 03:05 255799 /usr/lib/libpng.so.3.1.2.5
4016f000-40170000 rw-p 00023000 03:05 255799 /usr/lib/libpng.so.3.1.2.5
40170000-40171000 rw-p 00000000 00:00 0
40171000-4017d000 r-xp 00000000 03:05 239576 /lib/libz.so.1.1.4
4017d000-4017f000 rw-p 0000b000 03:05 239576 /lib/libz.so.1.1.4
4017f000-4019f000 r-xp 00000000 03:05 255795 /usr/lib/libjpeg.so.62.0.0
4019f000-401a0000 rw-p 0001f000 03:05 255795 /usr/lib/libjpeg.so.62.0.0
401a0000-40229000 r-xp 00000000 03:05 255886 /usr/lib/libasound.so.2.0.0
40229000-4022c000 rw-p 00089000 03:05 255886 /usr/lib/libasound.so.2.0.0
4022c000-4022e000 r-xp 00000000 03:05 239539 /lib/libdl-2.3.1.so
4022e000-4022f000 rw-p 00001000 03:05 239539 /lib/libdl-2.3.1.so
4022f000-4023c000 r-xp 00000000 03:05 191627 /lib/i686/libpthread-0.10.so
4023c000-4023f000 rw-p 0000d000 03:05 191627 /lib/i686/libpthread-0.10.so
4023f000-4027f000 rw-p 00000000 00:00 0
4027f000-402c9000 r-xp 00000000 03:05 255788 /usr/lib/libfreetype.so.6.3.2
402c9000-402cd000 rw-p 0004a000 03:05 255788 /usr/lib/libfreetype.so.6.3.2
402cd000-402ce000 rw-p 00000000 00:00 0
402ce000-402d1000 r-xp 00000000 03:05 239527 /lib/libtermcap.so.2.0.8
402d1000-402d2000 rw-p 00002000 03:05 239527 /lib/libtermcap.so.2.0.8
402d2000-4037a000 r-xp 00000000 03:05 255786 /usr/lib/libstdc++.so.5.0.3
4037a000-4037f000 rw-p 000a7000 03:05 255786 /usr/lib/libstdc++.so.5.0.3
4037f000-40384000 rw-p 00000000 00:00 0
40384000-40395000 r-xp 00000000 03:05 239543 /lib/libnsl-2.3.1.so
40395000-40396000 rw-p 00010000 03:05 239543 /lib/libnsl-2.3.1.so
40396000-40398000 rw-p 00000000 00:00 0
40398000-403a0000 r-xp 00000000 03:05 255905 /usr/lib/libungif.so.4.1.0
403a0000-403a1000 rw-p 00007000 03:05 255905 /usr/lib/libungif.so.4.1.0
403a1000-403c3000 r-xp 00000000 03:05 255803 /usr/lib/libfontconfig.so.1.0
403c3000-403c6000 rw-p 00021000 03:05 255803 /usr/lib/libfontconfig.so.1.0
403c6000-403c7000 rw-p 00000000 00:00 0
403c7000-4050b000 r-xp 00000000 03:05 255823 /usr/lib/libgtk-1.2.so.0.9.1
4050b000-40513000 rw-p 00143000 03:05 255823 /usr/lib/libgtk-1.2.so.0.9.1
40513000-40514000 rw-p 00000000 00:00 0
40514000-4054c000 r-xp 00000000 03:05 255821 /usr/lib/libgdk-1.2.so.0.9.1
4054c000-4054d000 rw-p 00038000 03:05 255821 /usr/lib/libgdk-1.2.so.0.9.1
4054d000-4054f000 r-xp 00000000 03:05 255724 /usr/lib/libgmodule-1.2.so.0.0.10
4054f000-40550000 rw-p 00001000 03:05 255724 /usr/lib/libgmodule-1.2.so.0.0.10
40550000-40577000 r-xp 00000000 03:05 255722 /usr/lib/libglib-1.2.so.0.0.10
40577000-40578000 rw-p 00026000 03:05 255722 /usr/lib/libglib-1.2.so.0.0.10
40578000-4057f000 r-xp 00000000 03:05 96060 /usr/X11R6/lib/libXi.so.6.0
4057f000-40580000 rw-p 00006000 03:05 96060 /usr/X11R6/lib/libXi.so.6.0
40580000-4058d000 r-xp 00000000 03:05 96052 /usr/X11R6/lib/libXext.so.6.4
4058d000-4058e000 rw-p 0000c000 03:05 96052 /usr/X11R6/lib/libXext.so.6.4
4058e000-4066a000 r-xp 00000000 03:05 96042 /usr/X11R6/lib/libX11.so.6.2
4066a000-4066d000 rw-p 000db000 03:05 96042 /usr/X11R6/lib/libX11.so.6.2
4066d000-4066e000 rw-p 00000000 00:00 0
4066e000-4068f000 r-xp 00000000 03:05 191625 /lib/i686/libm-2.3.1.so
4068f000-40690000 rw-p 00020000 03:05 191625 /lib/i686/libm-2.3.1.so
40690000-406fb000 r-xp 00000000 03:05 96034 /usr/X11R6/lib/libGL.so.1.2
406fb000-40700000 rw-p 0006b000 03:05 96034 /usr/X11R6/lib/libGL.so.1.2
40700000-40703000 rw-p 00000000 00:00 0
40703000-40761000 r-xp 00000000 03:05 256233 /usr/lib/libSDL-1.2.so.0.0.5
40761000-40764000 rw-p 0005d000 03:05 256233 /usr/lib/libSDL-1.2.so.0.0.5
40764000-4077e000 rw-p 00000000 00:00 0
4077e000-40785000 r-xp 00000000 03:05 255919 /usr/lib/libesd.so.0.2.29
40785000-40786000 rw-p 00006000 03:05 255919 /usr/lib/libesd.so.0.2.29
40786000-407ab000 r-xp 00000000 03:05 255873 /usr/lib/libaudiofile.so.0.0.2
407ab000-407ae000 rw-p 00024000 03:05 255873 /usr/lib/libaudiofile.so.0.0.2
407ae000-407c3000 r-xp 00000000 03:05 96430 /usr/X11R6/lib/libaudio.so.2.3
407c3000-407c4000 rw-p 00015000 03:05 96430 /usr/X11R6/lib/libaudio.so.2.3
407c4000-407c5000 rw-p 00000000 00:00 0
407c5000-40813000 r-xp 00000000 03:05 96072 /usr/X11R6/lib/libXt.so.6.0
40813000-40817000 rw-p 0004d000 03:05 96072 /usr/X11R6/lib/libXt.so.6.0
40817000-40944000 r-xp 00000000 03:05 191623 /lib/i686/libc-2.3.1.so
40944000-40948000 rw-p 0012c000 03:05 191623 /lib/i686/libc-2.3.1.so
40948000-4094a000 rw-p 00000000 00:00 0
4094a000-40952000 r-xp 00000000 03:05 239641 /lib/libgcc_s-3.2.2.so.1
40952000-40953000 rw-p 00007000 03:05 239641 /lib/libgcc_s-3.2.2.so.1
40953000-40972000 r-xp 00000000 03:05 255783 /usr/lib/libexpat.so.0.4.0
40972000-40974000 rw-p 0001e000 03:05 255783 /usr/lib/libexpat.so.0.4.0
40974000-40975000 rw-p 00000000 00:00 0
40975000-4097d000 r-xp 00000000 03:05 96040 /usr/X11R6/lib/libSM.so.6.0
4097d000-4097e000 rw-p 00007000 03:05 96040 /usr/X11R6/lib/libSM.so.6.0
4097e000-40992000 r-xp 00000000 03:05 96036 /usr/X11R6/lib/libICE.so.6.3
40992000-40993000 rw-p 00013000 03:05 96036 /usr/X11R6/lib/libICE.so.6.3
40993000-40996000 rw-p 00000000 00:00 0
40996000-40997000 r--p 00000000 03:05 79900 /usr/share/locale/en_GB/LC_NUMERIC
40997000-409c3000 r--p 00000000 03:05 175659 /usr/share/locale/ISO-8859-1/LC_CTYPE
409c3000-40b45000 rw-p 00000000 00:00 0
40b45000-40b47000 r-xp 00000000 03:05 64663 /usr/X11R6/lib/X11/locale/lib/common/xlcDef.so.2
40b47000-40b48000 rw-p 00001000 03:05 64663 /usr/X11R6/lib/X11/locale/lib/common/xlcDef.so.2
40b48000-40b64000 r-xp 00000000 03:05 64662 /usr/X11R6/lib/X11/locale/lib/common/ximcp.so.2
40b64000-40b66000 rw-p 0001c000 03:05 64662 /usr/X11R6/lib/X11/locale/lib/common/ximcp.so.2
40b66000-40b67000 rw-p 00000000 00:00 0
40b67000-40b68000 r-xp 00000000 03:05 255633 /usr/lib/gconv/ISO8859-1.so
40b68000-40b69000 rw-p 00001000 03:05 255633 /usr/lib/gconv/ISO8859-1.so
40b69000-40b76000 r-xp 00000000 03:05 36670 /usr/lib/gtk/themes/engines/libgalaxy.so
40b76000-40b77000 rw-p 0000d000 03:05 36670 /usr/lib/gtk/themes/engines/libgalaxy.so
40b77000-40b78000 rw-p 00000000 00:00 0
40b78000-40b79000 rw-s 00000000 00:04 240910 /dev/zero (deleted)
40b79000-40b84000 r-xp 00000000 03:05 239549 /lib/libnss_files-2.3.1.so
40b84000-40b85000 rw-p 0000a000 03:05 239549 /lib/libnss_files-2.3.1.so
40b85000-40b86000 rw-p 00000000 00:06 12 /dev/zero
40b86000-40b87000 rw-p 00000000 00:06 12 /dev/zero
40b95000-40ba8000 r-xp 00000000 03:05 256163 /usr/lib/libgdk_pixbuf.so.2.0.0
40ba8000-40bab000 rw-p 00012000 03:05 256163 /usr/lib/libgdk_pixbuf.so.2.0.0
40bab000-40c0b000 rw-s 00000000 00:04 1343491 /SYSV00000000 (deleted)
40c0b000-40c13000 r-xp 00000000 03:05 96050 /usr/X11R6/lib/libXcursor.so.1.0
40c13000-40c14000 rw-p 00007000 03:05 96050 /usr/X11R6/lib/libXcursor.so.1.0
40c14000-40c1b000 r-xp 00000000 03:05 96070 /usr/X11R6/lib/libXrender.so.1.2
40c1b000-40c1c000 rw-p 00006000 03:05 96070 /usr/X11R6/lib/libXrender.so.1.2
40c1c000-40c3e000 rw-p 00000000 00:00 0
40c45000-40d4b000 rw-p 00029000 00:00 0
40d4b000-40dc1000 rw-s 00000000 00:04 1441797 /SYSV00000000 (deleted)
40dc1000-40de3000 rw-p 00000000 00:00 0
40de3000-40e04000 rw-s 00000000 00:04 1474566 /SYSV00000000 (deleted)
40e04000-40e3b000 rw-s 00000000 00:04 1507335 /SYSV00000000 (deleted)
40e3b000-4163b000 rw-s 00000000 00:04 240911 /dev/zero (deleted)
4163b000-4166c000 rw-p 00000000 00:00 0
4166c000-41732000 r--p 00000000 03:05 150462 /usr/lib/codecs/wmvdmod.dll
bfff4000-c0000000 rwxp ffff5000 00:00 0
gdb>
__Martin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: mplayer-virtualalloc.patch
Type: application/octet-stream
Size: 2445 bytes
Desc: not available
URL: <http://lists.mplayerhq.hu/pipermail/mplayer-dev-eng/attachments/20040704/bc3c23ea/attachment.obj>
More information about the MPlayer-dev-eng
mailing list