Mail Archives: djgpp/2000/01/06/15:44:28
According to Eli Zaretskii:
> On Wed, 5 Jan 100, Martin Str|mberg wrote:
> > I've
> > tried pushing things to be able to restore them, but then I've got
> > some _really_ strange crashes (Invalid opcode, Stack fault, EIP
> > pointing into the middle of an instruction)!
>
> I don't think it's because of the pushing, but please show the code
> which did that.
Ok, here's a strange one:
F:\HACKERY\DPMI_SEL>simple7.exe
cs = a7, ds = af, ss= af.
got interrupt vector
Page Fault cr2=10000004 at eip=ff63; flags=3086
eax=000000af ebx=00000014 ecx=00000012 edx=00000000 esi=000065c4 edi=000142d4
ebp=0000000e esp=0000ff88 cs=2b ds=af es=1 fs=8f gs=bf ss=af error=0004
This is so bad it hangs the computer (C-A-D did reboot it).
Disassembling gives:
ff4d: 50 pushl %eax
ff4e: 84 c9 testb %cl,%cl
ff50: 0f 94 c0 sete %al
ff53: 88 85 98 fd ff movb %al,0xfffffd98(%ebp)
ff58: ff
ff59: 0f b6 85 98 fd movzbl 0xfffffd98(%ebp),%eax
ff5e: ff ff
ff60: 50 pushl %eax
ff61: 52 pushl %edx
ff62: 8b b5 b0 fd ff movl 0xfffffdb0(%ebp),%esi
ff67: ff
ff68: 46 incl %esi
ff69: 56 pushl %esi
ff6a: e8 25 fa ff ff call f994 <_glob2>
ff6f: 89 c2 movl %eax,%edx
ff71: 83 c4 10 addl $0x10,%esp
ff74: 83 fa 03 cmpl $0x3,%edx
ff77: 0f 84 de fc ff je fc5b <L116>
ff7c: ff
ff7d: ff 0d 9c 6d 01 decl 0x16d9c
ff82: 00
ff83: eb 68 jmp ffed <L94>
ff85: 8d 76 00 leal 0x0(%esi),%esi
0000ff88 <L106>:
ff88: f6 85 f1 fe ff testb $0x10,0xfffffef1(%ebp)
ff8d: ff 10
This seems to be in glob2.
It sure looks like I destroy the stack severly. But I don't see (in my
code) that I do.
----- Start of simple7.c. -----
#include <dpmi.h>
#include <go32.h>
#include <stdio.h>
#include <stdlib.h>
#include <conio.h>
#include <crt0.h>
int _crt0_startup_flags = _CRT0_FLAG_LOCK_MEMORY;
__dpmi_paddr old_addr, new_addr;
void handler (void);
void handler_end (void);
char chain_str[] = "Chaining.\n\r";
unsigned short my_ds, org_ss;
unsigned int org_eax;
__asm__ (".globl _handler
_handler:
/* Save registers. */
pushl %eax
pushl %ds
pushl %es
/* Restore segments to valid DJGPP state. */
pushl %eax
movw %cs:_my_ds, %ax
movw %ax, %ds
popl %eax
movl %eax, _org_eax
movw %ss, %ax
movw %ax, _org_ss
movw _my_ds, %ax
movw %ax, %es
movw %ax, %ss
movl _org_eax, %eax
/* Jump to previous handler. */
chain:
pusha
pushf
pushl $_chain_str
call _cputs
addl $4, %esp
popf
popa
movw _org_ss, %ax
movw %ax, %ss
popl %es
popl %ds
popl %eax
ljmp %cs:_old_addr
.globl _handler_end
_handler_end:
nop");
int
main (void)
{
int selector;
__dpmi_paddr tmp_addr;
my_ds = _my_ds();
printf("cs = %hx, ds = %hx, ss= %hx.\n", _my_cs(), _my_ds(), _my_ss());
if (__dpmi_get_protected_mode_interrupt_vector (0x31, &old_addr))
{
fprintf (stderr, "can not get interrupt\n");
exit (EXIT_FAILURE);
}
printf ("got interrupt vector\n");
new_addr.selector = _my_cs ();
new_addr.offset32 = (unsigned long) handler;
if (__dpmi_set_protected_mode_interrupt_vector (0x31, &new_addr))
{
fprintf (stderr, "can not set interrupt\n");
exit (EXIT_FAILURE);
}
printf ("set interrupt vector\n");
selector = __dpmi_allocate_ldt_descriptors (1);
if (selector == -1)
fprintf (stderr, "can not allocate selector\n");
else
__dpmi_free_ldt_descriptor (selector);
printf ("allocated LDT descriptor?\n");
while (__dpmi_get_protected_mode_interrupt_vector (0x31, &tmp_addr)
|| (tmp_addr.selector != new_addr.selector)
|| (tmp_addr.offset32 != new_addr.offset32)
|| __dpmi_set_protected_mode_interrupt_vector (0x31, &old_addr))
{
fprintf (stderr, "can not restore interrupt\n");
system ("");
}
printf ("restored interrupt vector\n");
return EXIT_SUCCESS;
}
/*
Local Variables:
compile-command: "gcc -g -O2 -Wall -o simple7 simple7.c"
End:
*/
----- End of simple7.c. -----
- Raw text -