On Wed, 2010-03-10 at 21:15 +0100, Danny Backx wrote:
> Meaning, I think, that it does indeed crash in that statement. The
> double "ldr r3, [r3]" seems odd. Even more odd is that the code in
> a/t.dll.objdump is different : it looks exactly the same except only one
> of these "ldr r3, [r3]" instructions.
>
> Trying to figure out which one is correct, and how to debug at the
> assembler level :-(
It would appear that in this sample program, the crash is legitimate
because - yet again - an invalid pointer is read. The value of 0x16342b8
which is in r3 is not a valid pointer.
In the second debugging session below I dug deeper and fixed the value
of r3 which executing, which made the program work well.
I'll try to find the cause of this now...
Danny
pavilion: {294} arm-mingw32ce-gdb main.exe
GNU gdb 6.8
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show
copying"
and "show warranty" for details.
This GDB was configured as "--host=i686-pc-linux-gnu
--target=arm-mingw32ce"...
(gdb) target remote ipaq:9999
Remote debugging using ipaq:9999
[New Thread 616578450]
Error while mapping shared library sections:
coredll.dll.0409.mui: No such file or directory.
Error while mapping shared library sections:
coredll.dll: No such file or directory.
Reading symbols from /home/danny/simple/wince/t.dll...done.
Loaded symbols for t.dll
Reading symbols from /home/danny/simple/wince/l.dll...done.
Loaded symbols for l.dll
Symbol file not found for coredll.dll.0409.mui
Symbol file not found for coredll.dll
WinMainCRTStartup (hInst=0x254a42f6, hPrevInst=0x0,
lpCmdLine=0x2211fed8, nCmdShow=5)
at /home/danny/src/cegcc/svn.sf.net/cegcc/trunk/cegcc/src/mingw/crt3.c:35
35 {
(gdb) info share
>From To Syms Read Shared Object Library
0x01571000 0x01574064 Yes t.dll
0x01581000 0x01584068 Yes l.dll
No coredll.dll.0409.mui
No coredll.dll
(gdb) l
30 * This function is called from the entry point for all
programs.
31 */
32 void
33 WinMainCRTStartup (HINSTANCE hInst, HINSTANCE hPrevInst,
34 LPWSTR lpCmdLine, int nCmdShow)
35 {
36 int nRet;
37
38 /*
39 * Initialize floating point unit.
(gdb) l WinMain
6
7 extern int fun(void);
8
9 #ifdef __UNDER_CE__
10 int APIENTRY WinMain(HINSTANCE inst, HINSTANCE pi, LPWSTR cmd,
int show)
11 {
12 int x;
13 wchar_t s[32];
14
15 localquery();
(gdb) break localquery
Breakpoint 1 at 0x15810e0: file l.c, line 17.
(gdb) c
Continuing.
Breakpoint 1, localquery () at l.c:17
17 wsprintf(s, L"localquery() -> %d", a[0]);
(gdb) n
18 MessageBoxW(0, s, L"info", 0);
(gdb) p a
$1 = {3, 4, 5, 6, 0}
(gdb) p &a
$2 = (int (*)[5]) 0x1582000
(gdb) x/32xb 0x1582000
0x1582000 <a>: 0x03 0x00 0x00 0x00 0x04 0x00 0x00
0x00
0x1582008 <a+8>: 0x05 0x00 0x00 0x00 0x06 0x00
0x00 0x00
0x1582010 <a+16>: 0x00 0x00 0x00 0x00 0x18 0x18
0x58 0x01
0x1582018 <first_atexit>: 0x60 0x00 0x12 0x00 0x64
0x00 0x12 0x00
(gdb) fin
Run till exit from #0 localquery () at l.c:18
Error while mapping shared library sections:
ole32.dll: No such file or directory.
Error while mapping shared library sections:
ossvcs.dll: No such file or directory.
Error while mapping shared library sections:
commctrl.dll: No such file or directory.
Error while mapping shared library sections:
aygshell.dll: No such file or directory.
Error while mapping shared library sections:
oleaut32.dll: No such file or directory.
Error while mapping shared library sections:
compime.dll: No such file or directory.
Error while mapping shared library sections:
shellres.dll: No such file or directory.
WinMain (inst=0x254a42f6, pi=0x0, cmd=0x2211fed8, show=5) at main.c:16
16 x = fun();
(gdb) si
0x00011794 in fun ()
(gdb) display/x $pc
1: /x $pc = 0x11794
(gdb) si
0x00011798 in fun ()
1: /x $pc = 0x11798
(gdb) display/i $pc
2: x/i $pc
0x11798 <fun+4>: ldr pc, [r12]
(gdb) si
fun () at t.c:6
6 {
2: x/i $pc
0x157108c <fun>: push {r11, lr}
1: /x $pc = 0x157108c
(gdb)
0x01571090 6 {
2: x/i $pc
0x1571090 <fun+4>: add r11, sp, #4 ; 0x4
1: /x $pc = 0x1571090
(gdb)
0x01571094 6 {
2: x/i $pc
0x1571094 <fun+8>: sub sp, sp, #68 ; 0x44
1: /x $pc = 0x1571094
(gdb)
10 r = a[0];
2: x/i $pc
0x1571098 <fun+12>: ldr r3, [pc, #64] ; 0x15710e0 <__fu0_a>
1: /x $pc = 0x1571098
(gdb) info reg
r0 0x1 1
r1 0x2 2
r2 0x10 16
r3 0x0 0
r4 0x254a42f6 625623798
r5 0x2 2
r6 0x11000 69632
r7 0x1ffcc74 33541236
r8 0x1ffc9e0 33540576
r9 0x2211fed8 571604696
r10 0x254a42f6 625623798
r11 0x2211fdd0 571604432
r12 0x131f0 78320
sp 0x2211fd88 0x2211fd88
lr 0x11078 69752
pc 0x1571098 0x1571098 <fun+12>
fps 0x0 0
cpsr 0x60000010 1610612752
(gdb) x/32xb 0x15710e0
0x15710e0 <__fu0_a>: 0xb8 0x42 0x63 0x01 0x00 0x30
0x57 0x01
0x15710e8 <__fu0_a+8>: 0x28 0x30 0x57 0x01 0x04 0x30
0x9f 0xe5
0x15710f0 <__atexit_first+4>: 0x00 0x00 0x93 0xe5 0x0e
0xf0 0xa0 0xe1
0x15710f8 <__atexit_first+12>: 0x04 0x20 0x57 0x01 0x92
0x01 0x00 0xea
(gdb) si
0x0157109c 10 r = a[0];
2: x/i $pc
0x157109c <fun+16>: ldr r3, [r3]
1: /x $pc = 0x157109c
(gdb) info reg
r0 0x1 1
r1 0x2 2
r2 0x10 16
r3 0x16342b8 23282360
r4 0x254a42f6 625623798
r5 0x2 2
r6 0x11000 69632
r7 0x1ffcc74 33541236
r8 0x1ffc9e0 33540576
r9 0x2211fed8 571604696
r10 0x254a42f6 625623798
r11 0x2211fdd0 571604432
r12 0x131f0 78320
sp 0x2211fd88 0x2211fd88
lr 0x11078 69752
pc 0x157109c 0x157109c <fun+16>
fps 0x0 0
cpsr 0x60000010 1610612752
(gdb) x/32xb 0x16342b8
0x16342b8: Cannot access memory at address 0x16342b8
(gdb) si
Data Abort: Thread=8556c640 Proc=8034e160 'main.exe'
AKY=00010001 PC=0157109c(t.dll+0x0000109c) RA=00011078(main.exe
+0x00001078) BVA=236342b8 FSR=00000007
Program received signal SIGSEGV, Segmentation fault.
0x0157109c in fun () at t.c:10
10 r = a[0];
2: x/i $pc
0x157109c <fun+16>: ldr r3, [r3]
1: /x $pc = 0x157109c
(gdb)
pavilion: {405} arm-mingw32ce-gdb main.exe
GNU gdb 6.8
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show
copying"
and "show warranty" for details.
This GDB was configured as "--host=i686-pc-linux-gnu
--target=arm-mingw32ce"...
(gdb) target remote ipaq:9999
Remote debugging using ipaq:9999
[New Thread -434447242]
Error while mapping shared library sections:
coredll.dll.0409.mui: No such file or directory.
Error while mapping shared library sections:
coredll.dll: No such file or directory.
Reading symbols from /home/danny/simple/wince/array/t.dll...done.
Loaded symbols for t.dll
Reading symbols from /home/danny/simple/wince/array/l.dll...done.
Loaded symbols for l.dll
Symbol file not found for coredll.dll.0409.mui
Symbol file not found for coredll.dll
WinMainCRTStartup (hInst=0xe5d68efa, hPrevInst=0x0,
lpCmdLine=0x1c11fed8, nCmdShow=5)
at /home/danny/src/cegcc/svn.sf.net/cegcc/trunk/cegcc/src/mingw/crt3.c:35
35 {
(gdb) l WinMain
6
7 extern int fun(void);
8
9 #ifdef __UNDER_CE__
10 int APIENTRY WinMain(HINSTANCE inst, HINSTANCE pi, LPWSTR cmd,
int show)
11 {
12 int x;
13 wchar_t s[32];
14
15 localquery();
(gdb) break 16
Breakpoint 1 at 0x11074: file main.c, line 16.
(gdb) c
Continuing.
Error while mapping shared library sections:
ole32.dll: No such file or directory.
Error while mapping shared library sections:
ossvcs.dll: No such file or directory.
Error while mapping shared library sections:
commctrl.dll: No such file or directory.
Error while mapping shared library sections:
aygshell.dll: No such file or directory.
Error while mapping shared library sections:
oleaut32.dll: No such file or directory.
Error while mapping shared library sections:
compime.dll: No such file or directory.
Error while mapping shared library sections:
shellres.dll: No such file or directory.
Breakpoint 1, WinMain (inst=0xe5d68efa, pi=0x0, cmd=0x1c11fed8, show=5)
at main.c:16
16 x = fun();
(gdb) display/i $pc
1: x/i $pc
0x11074 <WinMain+32>: bl 0x11794 <fun>
(gdb) si
0x00011794 in fun ()
1: x/i $pc
0x11794 <fun>: ldr r12, [pc, #0] ; 0x1179c <fun+8>
(gdb)
0x00011798 in fun ()
1: x/i $pc
0x11798 <fun+4>: ldr pc, [r12]
(gdb)
fun () at t.c:6
6 {
1: x/i $pc
0x14e108c <fun>: push {r11, lr}
(gdb)
0x014e1090 6 {
1: x/i $pc
0x14e1090 <fun+4>: add r11, sp, #4 ; 0x4
(gdb)
0x014e1094 6 {
1: x/i $pc
0x14e1094 <fun+8>: sub sp, sp, #68 ; 0x44
(gdb)
10 r = a[0];
1: x/i $pc
0x14e1098 <fun+12>: ldr r3, [pc, #64] ; 0x14e10e0 <__fu0_a>
(gdb) info reg
r0 0x1 1
r1 0x2 2
r2 0x10 16
r3 0x0 0
r4 0xe5d68efa 3856043770
r5 0x2 2
r6 0x11000 69632
r7 0x1ffcc74 33541236
r8 0x1ffc9e0 33540576
r9 0x1c11fed8 470941400
r10 0xe5d68efa 3856043770
r11 0x1c11fdd0 470941136
r12 0x131f0 78320
sp 0x1c11fd88 0x1c11fd88
lr 0x11078 69752
pc 0x14e1098 0x14e1098 <fun+12>
fps 0x0 0
cpsr 0x60000010 1610612752
(gdb) x/32bx 0x14e10e0
0x14e10e0 <__fu0_a>: 0xf8 0x1f 0x4f 0x01 0x00 0x30
0x4e 0x01
0x14e10e8 <__fu0_a+8>: 0x28 0x30 0x4e 0x01 0x04 0x30
0x9f 0xe5
0x14e10f0 <__atexit_first+4>: 0x00 0x00 0x93 0xe5 0x0e
0xf0 0xa0 0xe1
0x14e10f8 <__atexit_first+12>: 0x04 0x20 0x4e 0x01 0x92
0x01 0x00 0xea
(gdb) si
0x014e109c 10 r = a[0];
1: x/i $pc
0x14e109c <fun+16>: ldr r3, [r3]
(gdb) l fun
1 #include <windows.h>
2
3 extern int a[];
4
5 int fun(void)
6 {
7 wchar_t s[32];
8 int r;
9
10 r = a[0];
(gdb) p &fun
$1 = (int (*)(void)) 0x14e108c <fun>
(gdb) disas &fun
Dump of assembler code for function fun:
0x014e108c <fun+0>: push {r11, lr}
0x014e1090 <fun+4>: add r11, sp, #4 ; 0x4
0x014e1094 <fun+8>: sub sp, sp, #68 ; 0x44
0x014e1098 <fun+12>: ldr r3, [pc, #64] ; 0x14e10e0 <__fu0_a>
0x014e109c <fun+16>: ldr r3, [r3]
0x014e10a0 <fun+20>: str r3, [r11, #-8]
0x014e10a4 <fun+24>: sub r3, r11, #72 ; 0x48
0x014e10a8 <fun+28>: mov r0, r3
0x014e10ac <fun+32>: ldr r1, [pc, #48] ; 0x14e10e4 <__fu0_a+4>
0x014e10b0 <fun+36>: ldr r2, [r11, #-8]
0x014e10b4 <fun+40>: bl 0x14e1710 <wsprintfW>
0x014e10b8 <fun+44>: sub r3, r11, #72 ; 0x48
0x014e10bc <fun+48>: mov r0, #0 ; 0x0
0x014e10c0 <fun+52>: mov r1, r3
0x014e10c4 <fun+56>: ldr r2, [pc, #28] ; 0x14e10e8 <__fu0_a+8>
0x014e10c8 <fun+60>: mov r3, #0 ; 0x0
0x014e10cc <fun+64>: bl 0x14e171c <MessageBoxW>
0x014e10d0 <fun+68>: ldr r3, [r11, #-8]
0x014e10d4 <fun+72>: mov r0, r3
0x014e10d8 <fun+76>: sub sp, r11, #4 ; 0x4
0x014e10dc <fun+80>: pop {r11, pc}
0x014e10e0 <__fu0_a+0>: strdeq r1, [pc, #-248] ; 0x14e0ff0
0x014e10e4 <__fu0_a+4>: cmpeq lr, r0
0x014e10e8 <__fu0_a+8>: cmpeq lr, r8, lsr #32
End of assembler dump.
(gdb) bt
#0 0x014e109c in fun () at t.c:10
#1 0x00011078 in WinMain (inst=0xe5d68efa, pi=0x0, cmd=0x1c11fed8,
show=5) at main.c:16
#2 0x0001103c in WinMainCRTStartup (hInst=0xe5d68efa, hPrevInst=<value
optimized out>,
lpCmdLine=<value optimized out>, nCmdShow=<value optimized out>)
at /home/danny/src/cegcc/svn.sf.net/cegcc/trunk/cegcc/src/mingw/crt3.c:62
(gdb) disass localquery
Dump of assembler code for function localquery:
0x014f10d4 <localquery+0>: push {r11, lr}
0x014f10d8 <localquery+4>: add r11, sp, #4 ; 0x4
0x014f10dc <localquery+8>: sub sp, sp, #64 ; 0x40
0x014f10e0 <localquery+12>: ldr r3, [pc, #52] ; 0x14f111c
<localquery+72>
0x014f10e4 <localquery+16>: ldr r3, [r3]
0x014f10e8 <localquery+20>: sub r2, r11, #68 ; 0x44
0x014f10ec <localquery+24>: mov r0, r2
0x014f10f0 <localquery+28>: ldr r1, [pc, #40] ; 0x14f1120
<localquery+76>
0x014f10f4 <localquery+32>: mov r2, r3
0x014f10f8 <localquery+36>: bl 0x14f174c <wsprintfW>
0x014f10fc <localquery+40>: sub r3, r11, #68 ; 0x44
0x014f1100 <localquery+44>: mov r0, #0 ; 0x0
0x014f1104 <localquery+48>: mov r1, r3
0x014f1108 <localquery+52>: ldr r2, [pc, #20] ; 0x14f1124
<localquery+80>
0x014f110c <localquery+56>: mov r3, #0 ; 0x0
0x014f1110 <localquery+60>: bl 0x14f1758 <MessageBoxW>
0x014f1114 <localquery+64>: sub sp, r11, #4 ; 0x4
0x014f1118 <localquery+68>: pop {r11, pc}
0x014f111c <localquery+72>: mrseq r2, SPSR
0x014f1120 <localquery+76>: mrseq r3, SPSR
0x014f1124 <localquery+80>: cmpeq pc, r8, lsr #32
End of assembler dump.
(gdb) x/32xb 0x014f111c
0x14f111c <localquery+72>: 0x00 0x20 0x4f 0x01 0x00
0x30 0x4f 0x01
0x14f1124 <localquery+80>: 0x28 0x30 0x4f 0x01 0x04
0x30 0x9f 0xe5
0x14f112c <__atexit_first+4>: 0x00 0x00 0x93 0xe5 0x0e
0xf0 0xa0 0xe1
0x14f1134 <__atexit_first+12>: 0x18 0x20 0x4f 0x01 0x92
0x01 0x00 0xea
(gdb) x/32xb 0x014f2000
0x14f2000 <a>: 0x03 0x00 0x00 0x00 0x04 0x00 0x00
0x00
0x14f2008 <a+8>: 0x05 0x00 0x00 0x00 0x06 0x00
0x00 0x00
0x14f2010 <a+16>: 0x00 0x00 0x00 0x00 0x18 0x18
0x4f 0x01
0x14f2018 <first_atexit>: 0x60 0x00 0x12 0x00 0x64
0x00 0x12 0x00
(gdb) info reg
r0 0x1 1
r1 0x2 2
r2 0x10 16
r3 0x14f1ff8 21962744
r4 0xe5d68efa 3856043770
r5 0x2 2
r6 0x11000 69632
r7 0x1ffcc74 33541236
r8 0x1ffc9e0 33540576
r9 0x1c11fed8 470941400
r10 0xe5d68efa 3856043770
r11 0x1c11fdd0 470941136
r12 0x131f0 78320
sp 0x1c11fd88 0x1c11fd88
lr 0x11078 69752
pc 0x14e109c 0x14e109c <fun+16>
fps 0x0 0
cpsr 0x60000010 1610612752
(gdb) set $r3 0x14f2000
A syntax error in expression, near `0x14f2000'.
(gdb) set $r3 x14f2000
A syntax error in expression, near `x14f2000'.
(gdb) set $r3 0
A syntax error in expression, near `0'.
(gdb) set $r3=0
(gdb) info reg
r0 0x1 1
r1 0x2 2
r2 0x10 16
r3 0x0 0
r4 0xe5d68efa 3856043770
r5 0x2 2
r6 0x11000 69632
r7 0x1ffcc74 33541236
r8 0x1ffc9e0 33540576
r9 0x1c11fed8 470941400
r10 0xe5d68efa 3856043770
r11 0x1c11fdd0 470941136
r12 0x131f0 78320
sp 0x1c11fd88 0x1c11fd88
lr 0x11078 69752
pc 0x14e109c 0x14e109c <fun+16>
fps 0x0 0
cpsr 0x60000010 1610612752
(gdb) set $r3=0x14f2000
(gdb) info reg
r0 0x1 1
r1 0x2 2
r2 0x10 16
r3 0x14f2000 21962752
r4 0xe5d68efa 3856043770
r5 0x2 2
r6 0x11000 69632
r7 0x1ffcc74 33541236
r8 0x1ffc9e0 33540576
r9 0x1c11fed8 470941400
r10 0xe5d68efa 3856043770
r11 0x1c11fdd0 470941136
r12 0x131f0 78320
sp 0x1c11fd88 0x1c11fd88
lr 0x11078 69752
pc 0x14e109c 0x14e109c <fun+16>
fps 0x0 0
cpsr 0x60000010 1610612752
(gdb) si
0x014e10a0 10 r = a[0];
1: x/i $pc
0x14e10a0 <fun+20>: str r3, [r11, #-8]
(gdb) info reg
r0 0x1 1
r1 0x2 2
r2 0x10 16
r3 0x3 3
r4 0xe5d68efa 3856043770
r5 0x2 2
r6 0x11000 69632
r7 0x1ffcc74 33541236
r8 0x1ffc9e0 33540576
r9 0x1c11fed8 470941400
r10 0xe5d68efa 3856043770
r11 0x1c11fdd0 470941136
r12 0x131f0 78320
sp 0x1c11fd88 0x1c11fd88
lr 0x11078 69752
pc 0x14e10a0 0x14e10a0 <fun+20>
fps 0x0 0
cpsr 0x60000010 1610612752
(gdb) si
12 wsprintf(s, L"remote query -> %d", r);
1: x/i $pc
0x14e10a4 <fun+24>: sub r3, r11, #72 ; 0x48
(gdb) c
Continuing.
Program exited normally.
(gdb) q
--
Danny Backx ; danny.backx - at - scarlet.be ; http://danny.backx.info
------------------------------------------------------------------------------
Download Intel® Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev
_______________________________________________
Cegcc-devel mailing list
Cegcc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/cegcc-devel
