Mail Archives: djgpp/1999/12/02/11:42:57
On Thu, 2 Dec 1999, Fritsch Alexander wrote:
> But the program compiled with -pg always crashes the Virtual DOS Machine.
> It crashes if I run the program from the dos box or from rhide. In rhide I
> can do some steps with F8 but then it crashes too. It crashes every time on
> another line so I doubt it is a big error in my program.
I think this is a limitation/bug of NT: programs that catch signals such
as SIGALRM and SIGFPE crash. And profiling triggers SIGALRM
periodically, to sample the program counter.
The few times where I saw similar problems, the report created by Dr
Watson clearly shows that NT tries to use the application's
stack for something, which is a no-no when the application generates an
exception. So it seems like a bug in NT. Sorry.
> 0f00344a 8b83900b0000 mov eax,[ebx+0xb90]
> ds:0f091250=00000202
> 0f003450 83ef04 sub edi,0x4
> FEHLER ->0f003453 268907 mov es:[edi],eax
> es:000b3324=00000000
> 0f003456 8b838c0b0000 mov eax,[ebx+0xb8c]
> ds:0f09124c=000001cf
> 0f00345c 83ef04 sub edi,0x4
> 0f00345f 268907 mov es:[edi],eax
> es:000b3324=00000000
> 0f003462 8b83880b0000 mov eax,[ebx+0xb88]
> ds:0f091248=0000da8b
> 0f003468 83ef04 sub edi,0x4
> 0f00346b 268907 mov es:[edi],eax
> es:000b3324=00000000
> 0f00346e 83ef04 sub edi,0x4
> 0f003471 8b83840b0000 mov eax,[ebx+0xb84]
> ds:0f091244=000b33d0
> 0f003477 268907 mov es:[edi],eax
> es:000b3324=00000000
> 0f00347a 06 push es
> 0f00347b 57 push edi
Note all the "sub edi,4" that is going on: this probably means that
es:edi points to the stack.
The register dump shows this:
eax=00000202 ebx=0f0906c0 ecx=000001d7 edx=000b3328 esi=fffdffff edi=000b3324
eip=0f003453 esp=0111fe3c ebp=0111fe40 iopl=0 nv up ei pl nz na po nc
cs=001b ss=0023 ds=0023 es=01d7 fs=003b gs=0000 efl=00000206
Note that es is 01d7, which most likely belongs to the DJGPP program
(it's a ring-3 selector).
But now look at the crashed instruction:
> FEHLER ->0f003453 268907 mov es:[edi],eax
This dereferences es:edi. If es:edi is the application stack, it is
*bound* to crash, because the DJGPP's program stack is invalid during the
exception generated by the DJGPP signal-handling machinery. NT should
*never* use application's stack inside exception handler!
And, since the crashed program, is NTVDM, this isn't DJGPP's fault.
To be sure that es is from the DJGPP program, you could try to put the
following line into your program:
abort();
This will abort the program and cause it to print its segment registers;
look at the values loaded into DS, ES, and SS: they should all hold the
same value 1d7.
- Raw text -