X-Authentication-Warning: delorie.com: mail set sender to djgpp-bounces using -f Lines: 525 X-Admin: news AT aol DOT com From: sterten AT aol DOT com (Sterten) Newsgroups: comp.os.msdos.djgpp Date: 27 Jul 2004 08:14:13 GMT Organization: AOL Bertelsmann Online GmbH & Co. KG http://www.germany.aol.com Subject: assembly code of the "strange error" - program Message-ID: <20040727041413.21318.00000463@mb-m18.aol.com> To: djgpp AT delorie DOT com DJ-Gateway: from newsgroup comp.os.msdos.djgpp Reply-To: djgpp AT delorie DOT com OK, here is the assembly listing (excerts) for the "strange error" program. I haven't yet figured out, what exactly went wrong and why small program changes cause to program to terminate without error. here is, what was printed with gcc -c -g -Wa,-a,-ad -O2 qser3.c I removed some lines (...) which appeared nonimportant to me to reduce this posting. The output is rather ugly, because many instructions require more than line and because of the the ATT-assembly-code. BTW. why is it used ? Is it easier for the disassembler or for historical reasons or ? The critical section, where it crashed starts below at 81:qser3.c **** m55:r--;if(R[r]!=1)goto m55; 542 .loc 1 81 0 apparantly R is the variable with smallest address, so what stands before R and why is it affected by small changes in the program ? -------------------------------------------------------------------------- GAS LISTING c:/djgpp/tmp/ccKJ0PeS.s page 1 1 .file "qser3.c" 2 .file 1 "qser3.c" 3 .section .debug_abbrev,"" 4 Ldebug_abbrev0: 5 .section .debug_info,"" 6 Ldebug_info0: 7 .section .debug_line,"" 8 Ldebug_line0: 9 0000 37010000 .section .text 9 02005400 9 00000101 9 FB0E0A00 9 01010101 10 Ltext0: 11 .file 2 "c:/djgpp/include/stdio.h" 12 .file 3 "c:/djgpp/include/stdlib.h" 13 .globl _R 14 .section .data 15 .p2align 5 16 _R: 17 0000 00000000 .long 0 18 0004 00000000 .space 392 18 00000000 18 00000000 18 00000000 18 00000000 19 .globl _C 20 018c 00000000 .p2align 5 20 00000000 20 00000000 20 00000000 20 00000000 21 _C: 22 01a0 00000000 .long 0 23 01a4 00000000 .space 392 23 00000000 23 00000000 23 00000000 23 00000000 24 .globl _solutions 25 .p2align 2 26 _solutions: ... 539 06eb E90BFEFF jmp L38 539 FF 540 .p2align 4,,7 541 L44: 75:qser3.c **** m50:solutions++; 76:qser3.c **** for(x=0;x<=syms;x++)s2[x]=0; 77:qser3.c **** for(x=1;x<=n;x++)s2[Sym[x][C[x]]]=1; 78:qser3.c **** q=0;for(x=1;x<=syms;x++)q+=s2[x]; 79:qser3.c **** // if(q==n/2+1){for(x=1;x<=syms;x++)if(s2[x])printf("%c",64+x);printf("\n");} 80:qser3.c **** if(p){for(i=1;i<=n;i++)printf("%i ",C[i]);printf(" *\n");} 81:qser3.c **** m55:r--;if(R[r]!=1)goto m55; 542 .loc 1 81 0 543 06f0 4F decl %edi 544 06f1 897DD8 movl %edi, -40(%ebp) 545 06f4 893D1000 movl %edi, _r 545 0000 546 06fa 89FE movl %edi, %esi 547 06fc 833CBD80 cmpl $1, _R(,%edi,4) 547 09000001 548 0704 75EA jne L44 82:qser3.c **** c=C[r];r2=n+1-r;c2=n+1-c; 549 .loc 1 82 0 550 L82: GAS LISTING c:/djgpp/tmp/ccKJ0PeS.s page 16 551 0706 B8200B00 movl $_C, %eax 551 00 552 070b 8B4DC8 movl -56(%ebp), %ecx 553 070e 8B55C8 movl -56(%ebp), %edx 554 0711 29F9 subl %edi, %ecx 555 0713 8B1CB8 movl (%eax,%edi,4), %ebx 556 0716 41 incl %ecx 557 0717 29DA subl %ebx, %edx 83:qser3.c **** R[r]=0;R[r2]=0;R[c]=0;R[c2]=0; 84:qser3.c **** C[c]=0;C[c2]=0;C[r2]=0;//C[r]=0; 85:qser3.c **** Col[c]=0;Col[c2]=0;Col[r]=0;Col[r2]=0; 86:qser3.c **** Di1[r+c]=0;Di1[r2+c2]=0;Di1[c+r2]=0;Di1[r2+c]=0; ---------------------------------------------------- this is the critical part. r became negative some lines above but that didn't already cause the program to crash. here the corresponding lines from GDB : 0x1cf9 : add %ebx,%esi 0x1cfb : inc %edx 0x1cfc : movl $0x0,(%eax,%ebx,4) crashing line, address 0x1cfc I assume, it corresponds to the command : C[c]=0; 0x1d03 : movl $0x0,0xd0d0(,%edi,4) 0x1d0e : movl $0x0,(%eax,%edx,4) 0x1d15 : mov %esi,0xffffffd4(%ebp) -------------------------------------------------------- here some values and addresses from the running c-program, (adding the line to print these values makes the program to terminate without error) r=-216 c=0 &R=53968 &C=54384 &s2=65252 &Sym=69252 &xm=64356 &r=108484 ------------------------------------------------------------ and here the registers from the error message: C:\DJGPP>qser3 16 1 5 Exiting due to signal SIGSEGV General Protection Fault at eip=00001cfc eax=0000d270 ebx=a00f0706 ecx=00000099 edx=5ff0f90b esi=a00f067e edi=ffffff78 ebp=0009cd60 esp=0009cd10 program=C:\DJGPP\QSER3.EXE cs: sel=00a7 base=10000000 limit=0009ffff ds: sel=00af base=10000000 limit=0009ffff es: sel=00af base=10000000 limit=0009ffff fs: sel=008f base=00026df0 limit=0000ffff gs: sel=00bf base=00000000 limit=0010ffff ss: sel=00af base=10000000 limit=0009ffff App stack: [0009cd80..0001cd80] Exceptn stack: [0001cce0..0001ada0] Call frame traceback EIPs: 0x00001cfc 0x000037a8 --------------------------------------------------------- 558 .loc 1 86 0 559 0719 01DE addl %ebx, %esi 560 .loc 1 82 0 561 071b 42 incl %edx 562 .loc 1 84 0 563 071c C7049800 movl $0, (%eax,%ebx,4) 563 000000 564 .loc 1 83 0 565 0723 C704BD80 movl $0, _R(,%edi,4) 565 09000000 565 000000 566 .loc 1 84 0 567 072e C7049000 movl $0, (%eax,%edx,4) 567 000000 568 .loc 1 86 0 569 0735 8975D4 movl %esi, -44(%ebp) 570 .loc 1 84 0 571 0738 C7048800 movl $0, (%eax,%ecx,4) 571 000000 572 .loc 1 82 0 573 073f 891D1000 movl %ebx, _c 573 0000 574 .loc 1 85 0 575 0745 B8900100 movl $_Col, %eax 575 00 576 .loc 1 82 0 577 074a 89151000 movl %edx, _c2 577 0000 578 .loc 1 83 0 579 0750 C7048D80 movl $0, _R(,%ecx,4) ... 94:qser3.c **** 95:qser3.c **** // return 17; 96:qser3.c **** 97:qser3.c **** } 622 .loc 1 97 0 623 07f2 8D65F4 leal -12(%ebp), %esp 624 07f5 5B popl %ebx 625 07f6 5E popl %esi 626 07f7 5F popl %edi 627 07f8 5D popl %ebp 628 07f9 C3 ret 629 L41: 630 .loc 1 75 0 631 07fa A1AC0C00 movl _solutions, %eax 631 00 632 .loc 1 76 0 633 07ff 8B1D1000 movl _syms, %ebx 633 0000 634 .loc 1 75 0 ... 1652 00e1 6F00 .ascii "o\0" 1653 00e3 00000000 .long 0x0 1654 .section .debug_aranges,"" 1655 0000 1C000000 .long 0x1c GAS LISTING c:/djgpp/tmp/ccKJ0PeS.s page 38 1656 0004 0200 .word 0x2 1657 0006 00000000 .long Ldebug_info0 1658 000a 04 .byte 0x4 1659 000b 00 .byte 0x0 1660 000c 0000 .word 0x0 1661 000e 0000 .word 0x0 1662 0010 00000000 .long Ltext0 1663 0014 7C090000 .long Letext0-Ltext0 1664 0018 00000000 .long 0x0 1665 001c 00000000 .long 0x0 1666 .section .debug_str,"" 1667 LC5: 1668 0000 6C6F6E67 .ascii "long unsigned int\0" 1668 20756E73 1668 69676E65 1668 6420696E 1668 7400 1669 .ident "GCC: (GNU) 3.2" GAS LISTING c:/djgpp/tmp/ccKJ0PeS.s page 39 DEFINED SYMBOLS *ABS*:00000000 qser3.c c:/djgpp/tmp/ccKJ0PeS.s:16 .data:00000000 _R c:/djgpp/tmp/ccKJ0PeS.s:21 .data:000001a0 _C c:/djgpp/tmp/ccKJ0PeS.s:26 .data:0000032c _solutions c:/djgpp/tmp/ccKJ0PeS.s:30 .data:00000330 _p c:/djgpp/tmp/ccKJ0PeS.s:47 .text:000000a0 _main *COM*:00000010 _i *COM*:00000010 _n *COM*:00000010 _x *COM*:00009930 _Sym *COM*:00000010 _y *COM*:00000010 _w *COM*:00000010 _v *COM*:00000010 _u *COM*:00000010 _q *COM*:00000010 _r *COM*:00000010 _syms *COM*:00000010 _x2 *COM*:00000010 _y2 *COM*:00000380 _Di2 *COM*:00000190 _Col *COM*:00000380 _Di1 *COM*:00000010 _c *COM*:00000010 _r2 *COM*:00000010 _c2 *COM*:00000190 _Node *COM*:00000fa0 _s2 *COM*:00000010 _xm *COM*:00000010 _ym *COM*:00000010 _sy *COM*:00000010 _o .text:00000000 .text .data:00000000 .data .bss:00000000 .bss .debug_abbrev:00000000 .debug_abbrev .debug_info:00000000 .debug_info .debug_line:00000000 .debug_line .debug_frame:00000000 .debug_frame .debug_pubnames:00000000 .debug_pubnames .debug_aranges:00000000 .debug_aranges .debug_str:00000000 .debug_str .comment:00000000 .comment UNDEFINED SYMBOLS _sscanf _printf _puts _exit --------------------------------------------------------------- ------------------------------------------------------------- here comes a version, which didn't crash because one dummy line was included GAS LISTING c:/djgpp/tmp/ccWbY5Xe.s page 1 1 .file "qser3.c" 2 .file 1 "qser3.c" 3 .section .debug_abbrev,"" 4 Ldebug_abbrev0: 5 .section .debug_info,"" 6 Ldebug_info0: 7 .section .debug_line,"" 8 Ldebug_line0: 9 0000 39010000 .section .text 9 02005400 9 00000101 9 FB0E0A00 9 01010101 10 Ltext0: 11 .file 2 "c:/djgpp/include/stdio.h" 12 .file 3 "c:/djgpp/include/stdlib.h" 13 .globl _R 14 .section .data 15 .p2align 5 16 _R: 17 0000 00000000 .long 0 18 0004 00000000 .space 392 18 00000000 18 00000000 18 00000000 18 00000000 19 .globl _C 20 018c 00000000 .p2align 5 20 00000000 20 00000000 20 00000000 20 00000000 21 _C: 22 01a0 00000000 .long 0 23 01a4 00000000 .space 392 23 00000000 23 00000000 23 00000000 23 00000000 24 .globl _solutions 25 .p2align 2 26 _solutions: ... 81:qser3.c **** m55:r--;if(R[r]!=1)goto m55; 546 .loc 1 81 0 547 0700 4F decl %edi 548 0701 897DD8 movl %edi, -40(%ebp) 549 0704 893D1000 movl %edi, _r 549 0000 550 070a 89FE movl %edi, %esi GAS LISTING c:/djgpp/tmp/ccWbY5Xe.s page 16 551 070c 833CBDA0 cmpl $1, _R(,%edi,4) 551 09000001 552 0714 75EA jne L44 82:qser3.c **** c=C[r];r2=n+1-r;c2=n+1-c; 553 .loc 1 82 0 554 L82: 555 0716 B8400B00 movl $_C, %eax 555 00 556 071b 8B4DC8 movl -56(%ebp), %ecx 557 071e 8B55C8 movl -56(%ebp), %edx 558 0721 29F9 subl %edi, %ecx 559 0723 8B1CB8 movl (%eax,%edi,4), %ebx 560 0726 41 incl %ecx 561 0727 29DA subl %ebx, %edx 83:qser3.c **** R[r]=0;R[r2]=0;R[c]=0;R[c2]=0; 84:qser3.c **** C[c]=0;C[c2]=0;C[r2]=0;//C[r]=0; 85:qser3.c **** Col[c]=0;Col[c2]=0;Col[r]=0;Col[r2]=0; 86:qser3.c **** Di1[r+c]=0;Di1[r2+c2]=0;Di1[c+r2]=0;Di1[r2+c]=0; 562 .loc 1 86 0 563 0729 01DE addl %ebx, %esi 564 .loc 1 82 0 565 072b 42 incl %edx 566 .loc 1 84 0 567 072c C7049800 movl $0, (%eax,%ebx,4) 567 000000 568 .loc 1 83 0 569 0733 C704BDA0 movl $0, _R(,%edi,4) 569 09000000 569 000000 570 .loc 1 84 0 571 073e C7049000 movl $0, (%eax,%edx,4) 571 000000 572 .loc 1 86 0 573 0745 8975D4 movl %esi, -44(%ebp) 574 .loc 1 84 0 575 0748 C7048800 movl $0, (%eax,%ecx,4) 575 000000 576 .loc 1 82 0 577 074f 891D1000 movl %ebx, _c 577 0000 578 .loc 1 85 0 579 0755 B8900100 movl $_Col, %eax 579 00 580 .loc 1 82 0 581 075a 89151000 movl %edx, _c2 581 0000 582 .loc 1 83 0 583 0760 C7048DA0 movl $0, _R(,%ecx,4) 583 09000000 583 000000 584 .loc 1 85 0 585 076b C7049800 movl $0, (%eax,%ebx,4) 585 000000 586 .loc 1 82 0 587 0772 890D1000 movl %ecx, _r2 587 0000 588 .loc 1 85 0 GAS LISTING c:/djgpp/tmp/ccWbY5Xe.s page 17 589 0778 C7049000 movl $0, (%eax,%edx,4) 589 000000 590 077f C704B800 movl $0, (%eax,%edi,4) 590 000000 591 0786 C7048800 movl $0, (%eax,%ecx,4) 591 000000 592 .loc 1 86 0 593 078d B8800300 movl $_Di1, %eax 593 00 594 .loc 1 83 0 595 0792 C7049DA0 movl $0, _R(,%ebx,4) 595 09000000 595 000000 596 .loc 1 86 0 597 079d C704B000 movl $0, (%eax,%esi,4) 597 000000 96:qser3.c **** 97:qser3.c **** } 626 .loc 1 97 0 627 0802 8D65F4 leal -12(%ebp), %esp 628 0805 5B popl %ebx 629 0806 5E popl %esi 630 0807 5F popl %edi 631 0808 5D popl %ebp 632 0809 C3 ret 633 L41: 634 .loc 1 75 0 635 080a A1CC0C00 movl _solutions, %eax ... 1672 6420696E 1672 7400 1673 .ident "GCC: (GNU) 3.2" GAS LISTING c:/djgpp/tmp/ccWbY5Xe.s page 39 DEFINED SYMBOLS *ABS*:00000000 qser3.c c:/djgpp/tmp/ccWbY5Xe.s:16 .data:00000000 _R c:/djgpp/tmp/ccWbY5Xe.s:21 .data:000001a0 _C c:/djgpp/tmp/ccWbY5Xe.s:26 .data:0000032c _solutions c:/djgpp/tmp/ccWbY5Xe.s:30 .data:00000330 _p c:/djgpp/tmp/ccWbY5Xe.s:47 .text:000000a0 _main *COM*:00000010 _i *COM*:00000010 _n *COM*:00000010 _x *COM*:00009930 _Sym *COM*:00000010 _y *COM*:00000010 _w *COM*:00000010 _v *COM*:00000010 _u *COM*:00000010 _q *COM*:00000010 _r *COM*:00000010 _syms *COM*:00000010 _x2 *COM*:00000010 _y2 *COM*:00000010 _ym *COM*:00000380 _Di2 *COM*:00000190 _Col *COM*:00000380 _Di1 *COM*:00000010 _xm *COM*:00000010 _c *COM*:00000010 _r2 *COM*:00000010 _c2 *COM*:00000190 _Node *COM*:00000fa0 _s2 *COM*:00000010 _sy *COM*:00000010 _o .text:00000000 .text .data:00000000 .data .bss:00000000 .bss .debug_abbrev:00000000 .debug_abbrev .debug_info:00000000 .debug_info .debug_line:00000000 .debug_line .debug_frame:00000000 .debug_frame .debug_pubnames:00000000 .debug_pubnames .debug_aranges:00000000 .debug_aranges .debug_str:00000000 .debug_str .comment:00000000 .comment UNDEFINED SYMBOLS _sscanf _printf _puts _exit