Mailing-List: contact cygwin-help AT sourceware DOT cygnus DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT sourceware DOT cygnus DOT com>
List-Archive: <http://sourceware.cygnus.com/ml/cygwin/>
List-Post: <mailto:cygwin AT sourceware DOT cygnus DOT com>
List-Help: <mailto:cygwin-help AT sourceware DOT cygnus DOT com>, <http://sourceware.cygnus.com/ml/#faqs>
Sender: cygwin-owner AT sourceware DOT cygnus DOT com
Delivered-To: mailing list cygwin AT sourceware DOT cygnus DOT com
Date: Wed, 5 Jan 2000 04:12:57 -0500 (EST)
From: Jamie Guinan <guinan AT bluebutton DOT com>
X-Sender: guinan AT gemini DOT home DOT net
Reply-To: guinan AT bluebutton DOT com
To: Cygwin Mailing List <cygwin AT sourceware DOT cygnus DOT com>
Subject: Segfault when call kernel32 function
Message-ID: <Pine.LNX.4.10.10001050328050.3996-100000@gemini.home.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII


Hi all,

I'm using a Linux->Win32 cross-development environment (see below).
I made a simple test program that calls BuildCommDCB(), and
it segfaults when it hits that call (running under Win98).

The weird thing is, an earlier call to MessageBox() works fine,
and if I run the app under GDB and set a breakpoint before the
call to BuildCommDCB(), then 'cont' after the breakpoint, 
it does not segfault.

Here is the app in its entirety (w3.c),

#include <windows.h>

int STDCALL
WinMain (HINSTANCE hInst, HINSTANCE hPrev, LPSTR lpCmd, int nShow)
{
  DCB dcb;

  MessageBox (NULL, "Test message", "Test", MB_OK);

  FillMemory(&dcb, sizeof(dcb), 0);
  dcb.DCBlength = sizeof(dcb);
  puts("->BuildCommDCB");
  if (!BuildCommDCB("9600,n,8,1", &dcb)) 
    {   
  	puts("error");
    }
  puts("<-BuildCommDCB");
  return 0;
}

I compile it with,

$ i386-mingw32-gcc -g w3.c -o w3.exe 

And run it on a Win98 laptop.  The message box appears as expected,
but after the "->BuildCommDCB" string is printed, Windows reports
an error.   Here are the error details from Windows,

  W3 caused an invalid page fault in
  module KERNEL32.DLL at 0167:bffa7764.
  Registers:
  EAX=0256fcec CS=0167 EIP=bffa7764 EFLGS=00010246
  EBX=8166ac2c SS=016f ESP=0256fc8c EBP=0256fd04
  ECX=0256fd48 DS=016f ESI=0256fcec FS=0eef
  EDX=00000000 ES=016f EDI=00401216 GS=0000
  Bytes at CS:EIP:
  c6 47 ff 00 ff 36 e8 93 87 fd ff 85 c0 74 3a 89 
  Stack dump:
  0256fd48 00000000 8166ac08 bffa6cb4 0256fcec 
  00000000 81665e28 8166ac08 8167253c bff7b9c5 
  8166dfd4 00000000 00000000 8167253c 00000000 
  8167253c 


I'm running the program from the Cygwin b20.1 BASH under Win98,
so I have GDB handy.  GDB's version of the error,

  BASH.EXE-2.02$ gdb ./w3.exe
  ...
  (gdb) run
  Starting program: //gemini/guinan/projects/...//nchost/./w3.exe
  
  bfe80000:/WINDOWS/SYSTEM/ADVAPI32.DLL
  bff20000:/WINDOWS/SYSTEM/GDI32.DLL
  bff50000:/WINDOWS/SYSTEM/USER32.DLL
  bff70000:/WINDOWS/SYSTEM/KERNEL32.DLL
  7fc00000:/WINDOWS/SYSTEM/CRTDLL.DLL
  25d0000:/WINDOWS/SYSTEM/VXDIF.DLL
  bfe70000:/WINDOWS/SYSTEM/VERSION.DLL
  7ff20000:/WINDOWS/SYSTEM/OLE32.DLL
  7fcb0000:/WINDOWS/SYSTEM/SHELL32.DLL
  bfe90000:/WINDOWS/SYSTEM/COMCTL32.DLL
  70bd0000:/WINDOWS/SYSTEM/SHLWAPI.DLL
  7fe10000:/WINDOWS/SYSTEM/COMDLG32.DLL
  10000000:/PROGRAM FILES/APOINT/APOINT.DLL
  2580000:/PROGRAM FILES/APOINT/EZAUTO.DLL
  2590000:/PROGRAM FILES/APOINT/APWHEEL.DLL
  3000000:/WINDOWS/SYSTEM/PELCOMM.DLL
  25a0000:/WINDOWS/SYSTEM/PELSCRLL.DLL
  ->BuildCommDCB

  Program received signal SIGSEGV, Segmentation fault.
  0xbffa7764 in $SG37486 ()
  (gdb)


Now, if I do the following,

  BASH.EXE-2.02$ gdb ./w3.exe
  ...
  (gdb) b 8
  (gdb) run
  (gdb) cont

It works fine!  

>>> Any clues? <<<

Bear with me, I haven't worked this close to Windows before, but
what I've learned so far is that BuildCommDCB() is handled as 
follows,

1) #define'd to BuildCommDCBA() in winbase.h
2) Magically transformed to "BuildCommDBCA AT 8" in object code.
3) Calls "__imp_BuildCommDCBA AT 8" which looks like some sort of
   "thunk" to be filled in by the Windows loader (???)

I had a look at "i386-mingw32-objdump --disassemble-all w3.exe"
and found the following,

  401283:       e8 ec 01 00 00  call   401474 <_BuildCommDCBA AT 8>
  ...
00401474 <_BuildCommDCBA AT 8>:
  401474:       ff 25 f4 30 40  jmp    *0x4030f4
  401479:       00 
  40147a:       90              nop    
  40147b:       90              nop  
  ...
004030f4 <___imp_BuildCommDCBA AT 8>:
  4030f4:       bc 31 00 00 cc  movl   $0xcc000031,%esp

What is the "bc 31" here?  And when/how does/should Windows
replace it with a call to the kernel32.dll code?

(I realize that "movl" there isn't a real instruction, just
 --disassmble-all's best interpretation...)

Why would breaking under GDB fix things?


FYI, my environment is as follows:

Host: 
Linux x86, egcs-2.91.66 (Red Hat)

Binutils: 
Version 2.9.1,
$ configure --target=i386-mingw32 --prefix=/usr/local/crossdev

GCC:      
Version 2.9.5,
$ configure --target=i386-mingw32 --prefix=/usr/local/crossdev
  --with-headers=/usr/local/crossdev/i386-mingw32/include
  --enable-languages=c,c++

Runtime libs and headers for host-side compilation:
  ftp://ftp.xraylith.wisc.edu/pub/khan/gnu-win32/mingw32/runtime/
  bin-crtdll-1999-11-18.tar.gz

  ftp://ftp.xraylith.wisc.edu/pub/khan/gnu-win32/mingw32/runtime/
  bin-msvcrt-1999-11-18.tar.gz

Thanks for any advice...
-Jamie


--
Want to unsubscribe from this list?
Send a message to cygwin-unsubscribe AT sourceware DOT cygnus DOT com