Message-Id: <m0xPn4H-000S1yC@inti.gov.ar>
Comments: Authenticated sender is <salvador AT natacha DOT inti DOT gov DOT ar>
From: "Salvador Eduardo Tropea (SET)" <salvador AT inti DOT edu DOT ar>
Organization: INTI
To: ao950 AT FreeNet DOT Carleton DOT CA (Paul Derbyshire), djgpp AT delorie DOT com
Date: Fri, 24 Oct 1997 16:10:08 +0000
MIME-Version: 1.0
Content-type: text/plain; charset=US-ASCII
Content-transfer-encoding: 7BIT
Subject: Re: Mystery bug!
Precedence: bulk

ao950 AT FreeNet DOT Carleton DOT CA (Paul Derbyshire)'wrote:

> My code is crashing. :P
> 
> Specifically it segs out. This is usually not hard to fix. Find the line
> it crashes at with symify, then look at variables and pointer arithmetic
> there with a breakpoint. Problem is, this one shifts around when
> breakpoints are set or reset, sometimes crashes RHIDE or even Win 95, and
> cannot be found by either Fortify or MSS. (Both insist everything is
> perfectly okay right up until the end.)

Is normal that under gdb the problem seems to be shifted. That's because the 
memory corruption happends before.
You must track it by binary divisions of your code. I mean, skip half of it and 
see if it persist, no?, then is more probable in the commented part, yes, then 
isn't there, etc.
If you write out-of bounds in a very bad way (not by a few bytes) MSS won't 
detext it).
 
> What's more, in sticking a breakpoint in one suspect area, I obtained
> something startling. There are four parameters to this function, and it
> performs just a function call. If I put a breakpoint on the function call
> and run to there, it gets there without crashing. If I inspect the
> variables I get 8, 0, 0, and 0. If I hit F8, thereby running the function
> it calls, which is make_col_depth in Allegro, and then reinspect the
> arguments, the 8 and final 0 are unchanged but the other two have become
> weird large integers around 800,000! This suggests my stack is being
> trashed. So, is it the stack? If so, how to identify the exact point where
> it gets corrupted?
Are you sure that ALL the optimizing flags are off in your code?, what you say 
is normal in optimized code. And yes can be an out-of bounds write but in a 
local variable.

SET 
------------------------------------ 0 --------------------------------
Visit my home page: http://www.geocities.com/SiliconValley/Vista/6552/
Salvador Eduardo Tropea (SET). (Electronics Engineer)
Alternative e-mail: set-sot AT usa DOT net - ICQ: 2951574
Address: Curapaligue 2124, Caseros, 3 de Febrero
Buenos Aires, (1678), ARGENTINA
TE: +(541) 759 0013