Hi,
I suspect there is a very nasty bug in cygwin's gcc
port because I'm fighting with
stack corruption in my attempt to get latest kaffe (a
free software virtual machine for
Java, http://www.kaffe.org) from CVS to fully work on
cygwin.
I'm compiling using gcc 2.95.3-10 and -O0, in order to
avoid bugs introduced by
optimization features. Compiling with gcc 3.2 and -O2
makes kaffe crash in about
the same situation (trying to access a jar file)
within an inlined static function.
So I assume the same bug exists in both compiler
versions.
I'm using the latest Cygwin release from last weekend.
I've attached the output of
a typical gdb session. I don't speak i386 assembler so
if anyone can make sense out
of this, I'd be glad to hear from you.
What seems to happen is that a parameter 'name' get
severly corrupted on the stack.
And then the whole program crashes with SIGSEGV.
Depending on whether I pull some
pointer variables in or out of the function, and turn
them into statics, I can even
get a SIGFPE, despite that there is no piece of
floating point data around.
Oh, and kaffe uses threads ;)
$ cd libraries/javalib
$ KAFFE_DEBUG=gdb KAFFE_DEBUG_TEMPFILE=tmp
/usr/local/kaffe/bin/kaffe
kaffe.tools.jar.Jar uvf rt.jar -C . META-INF/
GNU gdb 2003-01-28-cvs (cygwin-special)
Copyright 2003 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General
Public License, and you are
welcome to change it and/or distribute copies of it
under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show
warranty" for details.
This GDB was configured as "i686-pc-cygwin"...
(gdb) b findJarFile
Breakpoint 1 at 0x445dba: file jar.c, line 118.
(gdb) run
Starting program:
/usr/local/kaffe/jre/bin/kaffe-bin.exe -vemdebug
THREAD kaffe.
tools.jar.Jar uvf rt.jar -C . META-INF/
Breakpoint 1, findJarFile (name=0x10032118
"/usr/local/kaffe/jre/lib/rt.jar")
at jar.c:108
108 {
(gdb) bt
#0 findJarFile (name=0x10032118
"/usr/local/kaffe/jre/lib/rt.jar")
at jar.c:108
#1 0x00447473 in openJarFile (
name=0x10032118 "/usr/local/kaffe/jre/lib/rt.jar")
at jar.c:1056
#2 0x004447f2 in findClassInJar (cname=0x1003c538
"java/lang/Object.class",
hand=0x91fae8, einfo=0x91fb38) at findInJar.c:205
#3 0x004445ea in findClass (centry=0x1003c518,
einfo=0x91fb38)
at findInJar.c:121
#4 0x0043343e in loadStaticClass (class=0x463b20,
name=0x42fa1b "java/lang/Object") at
classMethod.c:1251
#5 0x0042fca1 in initBaseClasses () at
baseClasses.c:246
#6 0x0042f885 in initialiseKaffe () at
baseClasses.c:196
#7 0x0041e234 in JNI_CreateJavaVM (vm=0x463890,
env=0x4638a0, args=0x463830)
at jni.c:205
#8 0x00401197 in main (argc=9, argv=0x10031528) at
main.c:143
(gdb) s
findJarFile (name=0x1003c0f8 "\002") at jar.c:118
118 assert(name != NULL);
Et voila, parameter 'name' is suddendly corrupted
after I single step through the code.
(gdb) i threads
3 thread -353117.0xfffa8c1b 0xbff7a280 in
UnregisterDeviceNotification ()
2 thread -353117.0xfffaa98b 0x610755d7 in
siginterrupt ()
* 1 thread -353117.0xfffafd2f findJarFile (
name=0x10032118 "/usr/local/kaffe/jre/lib/rt.jar")
at jar.c:108
(gdb) disas
Dump of assembler code for function findJarFile:
0x00445db0 <findJarFile+0>: pop %ecx
0x00445db1 <findJarFile+1>: and
$0xffffff83,%ebp
0x00445db4 <findJarFile+4>: in (%dx),%al
0x00445db5 <findJarFile+5>: adc $0x53,%al
0x00445db7 <findJarFile+7>: mov 0x8(%ebp),%ebx
0x00445dba <findJarFile+10>: test %ebx,%ebx
0x00445dbc <findJarFile+12>: jne 0x445dd5
<findJarFile+37>
0x00445dbe <findJarFile+14>: add
$0xfffffffc,%esp
0x00445dc1 <findJarFile+17>: push $0x445d6a
0x00445dc6 <findJarFile+22>: push $0x76
0x00445dc8 <findJarFile+24>: push $0x5982f81e
0x00445dcd <findJarFile+29>: sbbl
$0xffffff83,0x8000161(%esi)
0x00445dd4 <findJarFile+36>: pop %ecx
0x00445dd5 <findJarFile+37>: addl $0x0,0x463290
0x00445ddc <findJarFile+44>: add %al,(%eax)
0x00445dde <findJarFile+46>: add %ch,%al
0x00445de0 <findJarFile+48>: xorb
$0xff,0xffffffff(%edx)
0x00445de4 <findJarFile+52>: add
$0xfffffff8,%esp
0x00445de7 <findJarFile+55>: push $0x4632c0
0x00445dec <findJarFile+60>: push $0x463280
0x00445df1 <findJarFile+65>: call 0x4400f0
<_lockMutex>
0x00445df6 <findJarFile+70>: mov 0x463284,%eax
0x00445dfb <findJarFile+75>: movl
$0x463284,0x4632b0
0x00445e05 <findJarFile+85>: mov %eax,0x4632a0
0x00445e0a <findJarFile+90>: add $0x10,%esp
0x00445e0d <findJarFile+93>: jmp 0x445ed3
<findJarFile+291>
0x00445e12 <findJarFile+98>: mov %esi,%esi
0x00445e14 <findJarFile+100>: cmpl $0x0,0x4632a0
0x00445e1b <findJarFile+107>: jne 0x445e34
<findJarFile+132>
0x00445e1d <findJarFile+109>: add
$0xfffffffc,%esp
0x00445e20 <findJarFile+112>: push $0x445d77
0x00445e25 <findJarFile+117>: push $0x7f
0x00445e27 <findJarFile+119>: push $0x445d1e
0x00445e2c <findJarFile+124>: call 0x45bf70
<__assert>
0x00445e31 <findJarFile+129>: add $0x10,%esp
0x00445e34 <findJarFile+132>: mov 0x4632a0,%eax
0x00445e39 <findJarFile+137>: cmpl $0x0,0x8(%eax)
0x00445e3d <findJarFile+141>: jne 0x445e59
<findJarFile+169>
0x00445e3f <findJarFile+143>: add
$0xfffffffc,%esp
0x00445e42 <findJarFile+146>: push $0x445d84
0x00445e47 <findJarFile+151>: push $0x80
0x00445e4c <findJarFile+156>: push $0x445d1e
0x00445e51 <findJarFile+161>: call 0x45bf70
<__assert>
0x00445e56 <findJarFile+166>: add $0x10,%esp
0x00445e59 <findJarFile+169>: add
$0xfffffff8,%esp
0x00445e5c <findJarFile+172>: push %ebx
0x00445e5d <findJarFile+173>: mov 0x4632a0,%eax
0x00445e62 <findJarFile+178>: mov 0x8(%eax),%eax
0x00445e65 <findJarFile+181>: push %eax
0x00445e66 <findJarFile+182>: call 0x45c130
<strcmp>
0x00445e6b <findJarFile+187>: add $0x10,%esp
0x00445e6e <findJarFile+190>: test %eax,%eax
0x00445e70 <findJarFile+192>: jne 0x445ec2
<findJarFile+274>
0x00445e72 <findJarFile+194>: mov 0x4632a0,%eax
0x00445e77 <findJarFile+199>: mov 0x4632b0,%edx
0x00445e7d <findJarFile+205>: mov (%eax),%eax
0x00445e7f <findJarFile+207>: mov %eax,(%edx)
0x00445e81 <findJarFile+209>: mov 0x4632a0,%edx
0x00445e87 <findJarFile+215>: mov 0x463284,%eax
0x00445e8c <findJarFile+220>: mov %eax,(%edx)
0x00445e8e <findJarFile+222>: mov %edx,0x463284
0x00445e94 <findJarFile+228>: mov 0x10(%edx),%eax
0x00445e97 <findJarFile+231>: mov %edx,0x463290
0x00445e9d <findJarFile+237>: lea 0x1(%eax),%ecx
0x00445ea0 <findJarFile+240>: mov %ecx,0x10(%edx)
0x00445ea3 <findJarFile+243>: cmp
$0xffffffff,%eax
0x00445ea6 <findJarFile+246>: jne 0x445ec2
<findJarFile+274>
0x00445ea8 <findJarFile+248>: add
$0xfffffffc,%esp
0x00445eab <findJarFile+251>: push $0x445d98
0x00445eb0 <findJarFile+256>: push $0x8d
0x00445eb5 <findJarFile+261>: push $0x445d1e
0x00445eba <findJarFile+266>: call 0x45bf70
<__assert>
0x00445ebf <findJarFile+271>: add $0x10,%esp
0x00445ec2 <findJarFile+274>: mov 0x4632a0,%eax
0x00445ec7 <findJarFile+279>: mov %eax,0x4632b0
0x00445ecc <findJarFile+284>: mov (%eax),%eax
0x00445ece <findJarFile+286>: mov %eax,0x4632a0
0x00445ed3 <findJarFile+291>: test %eax,%eax
0x00445ed5 <findJarFile+293>: je 0x445ee4
<findJarFile+308>
0x00445ed7 <findJarFile+295>: cmpl $0x0,0x463290
0x00445ede <findJarFile+302>: je 0x445e14
<findJarFile+100>
0x00445ee4 <findJarFile+308>: add
$0xfffffff8,%esp
0x00445ee7 <findJarFile+311>: push $0x4632c0
0x00445eec <findJarFile+316>: push $0x463280
0x00445ef1 <findJarFile+321>: call 0x440134
<_unlockMutex>
0x00445ef6 <findJarFile+326>: call 0x43d1a4
<jthread_enable_stop>
0x00445efb <findJarFile+331>: mov 0x463290,%eax
0x00445f00 <findJarFile+336>: mov
0xffffffe8(%ebp),%ebx
0x00445f03 <findJarFile+339>: mov %ebp,%esp
0x00445f05 <findJarFile+341>: pop %ebp
0x00445f06 <findJarFile+342>: ret
End of assembler dump.
If I use stepi to get through the function, it is the
and instruction at
0x00445db1 which corrupts the name variable on the
stack. Funny enough, then
I can manage to execute most of the function up to the
return statement,
which gives me a SIGSEGV because of the corrupted
stack, I guess.
Here are the last stepis before the SIGSEGV:
0x00445f03 147 return( return_val );
(gdb)
0x00445f05 147 return( return_val );
(gdb)
0x00445f06 in findJarFile (name=0x6b2f6c61 <Address
0x6b2f6c61 out of bounds>)
at jar.c:147
147 return( return_val );
(gdb)
0x100381c0 in ?? ()
(gdb)
0x100381c2 in ?? ()
(gdb)
0x100381c4 in ?? ()
(gdb)
0x10038227 in ?? ()
(gdb)
Program received signal SIGSEGV, Segmentation fault.
0x10038227 in ?? ()
(gdb)
The C code of the function:
static jarFile *return_val;
static jarFile *curr;
static jarFile **prev;
#if !defined(KAFFEH)
static int iLockRoot;
#endif
static jarFile * findJarFile(char *name)
{
/*
#if !defined(KAFFEH)
int iLockRoot;
#endif
jarFile *return_val;
jarFile *curr;
jarFile **prev;
*/
assert(name != NULL);
return_val = NULL;
lockStaticMutex(&jarCache.lock);
curr = jarCache.files;
prev = &jarCache.files;
while( curr && !return_val )
{
assert(curr != NULL);
assert(curr->fileName != 0);
if( !strcmp(curr->fileName, name) )
{
/* unlink it... */
*prev = curr->next;
/* and move it to the front */
curr->next = jarCache.files;
jarCache.files = curr;
/* Return this node and increment the user count */
return_val = curr;
return_val->users++;
assert(return_val->users >= 1);
}
prev = &curr->next;
curr = curr->next;
}
unlockStaticMutex(&jarCache.lock);
return( return_val );
}
I've browsed the list archives, but I couldn't find a
similar case.
I've attached a copy of the output of cygcheck -s.
best regards,
dalibor topic
__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com
Cygwin Win95/NT Configuration Diagnostics
Current System Time: Mon Feb 10 12:41:05 2003
Windows 98 SE Ver 4.10 Build 2222
Path: C:\cygwin\usr\local\bin
C:\cygwin\bin
C:\cygwin\bin
c:\WINDOWS
c:\WINDOWS\COMMAND
SysDir: C:\WINDOWS\SYSTEM
WinDir: C:\WINDOWS
HOME = `C:\cygwin\home\Dalibor Topic'
MAKE_MODE = `unix'
PWD = `/cygdrive/c/kaffe/libraries/javalib'
USER = `Dalibor Topic'
Use `-r' to scan registry
a: fd N/A N/A
c: hd FAT32 3714Mb 77% CP UN
d: cd CDFS 637Mb 100% UN CDROM
C:\cygwin / system binmode
C:\cygwin/bin /usr/bin system binmode
C:\cygwin/lib /usr/lib system binmode
. /cygdrive user binmode,cygdrive
Found: C:\cygwin\bin\bash.exe
Found: C:\cygwin\bin\cat.exe
Found: C:\cygwin\bin\cpp.exe
Found: C:\cygwin\bin\find.exe
Found: c:\WINDOWS\COMMAND\find.exe
Found: C:\cygwin\bin\gcc.exe
Found: C:\cygwin\bin\gdb.exe
Found: C:\cygwin\bin\ld.exe
Found: C:\cygwin\bin\ls.exe
Found: C:\cygwin\bin\make.exe
Found: C:\cygwin\bin\sh.exe
306k 2002/04/27 C:\cygwin\bin\cyghttpd.dll
19k 2002/02/20 C:\cygwin\bin\cyggdbm.dll
58k 2002/05/07 C:\cygwin\bin\cygbz2-1.dll
929k 2002/06/24 C:\cygwin\bin\cygiconv-2.dll
35k 2002/01/09 C:\cygwin\bin\cygform6.dll
20k 2002/01/09 C:\cygwin\bin\cygmenu6.dll
175k 2002/01/09 C:\cygwin\bin\cygncurses++6.dll
202k 2002/01/09 C:\cygwin\bin\cygncurses6.dll
12k 2002/01/09 C:\cygwin\bin\cygpanel6.dll
21k 2001/06/20 C:\cygwin\bin\cygintl.dll
22k 2001/12/13 C:\cygwin\bin\cygintl-1.dll
28k 2002/09/20 C:\cygwin\bin\cygintl-2.dll
32k 2003/01/04 C:\cygwin\bin\cygltdl-3.dll
45k 2001/04/25 C:\cygwin\bin\cygform5.dll
26k 2001/04/25 C:\cygwin\bin\cygmenu5.dll
156k 2001/04/25 C:\cygwin\bin\cygncurses++5.dll
15k 2001/04/25 C:\cygwin\bin\cygpanel5.dll
226k 2001/04/25 C:\cygwin\bin\cygncurses5.dll
22k 2002/06/09 C:\cygwin\bin\cygpopt-0.dll
17k 2001/06/28 C:\cygwin\bin\cyghistory4.dll
108k 2001/06/28 C:\cygwin\bin\cygreadline4.dll
20k 2002/10/10 C:\cygwin\bin\cyghistory5.dll
127k 2002/10/10 C:\cygwin\bin\cygreadline5.dll
847k 2003/01/09 C:\cygwin\bin\cygcrypto-0.9.7.dll
177k 2003/01/09 C:\cygwin\bin\cygssl-0.9.7.dll
644k 2002/12/08 C:\cygwin\bin\cygcrypto.dll
165k 2002/12/08 C:\cygwin\bin\cygssl.dll
40k 2001/11/21 C:\cygwin\bin\cygpcre.dll
39k 2001/11/21 C:\cygwin\bin\cygpcreposix.dll
50k 2002/03/12 C:\cygwin\bin\cygz.dll
885k 2003/01/24 C:\cygwin\bin\cygwin1.dll
Cygwin DLL version info:
DLL version: 1.3.19
DLL epoch: 19
DLL bad signal mask: 19005
DLL old termios: 5
DLL malloc env: 28
API major: 0
API minor: 71
Shared data: 3
DLL identifier: cygwin1
Mount registry: 2
Cygnus registry name: Cygnus Solutions
Cygwin registry name: Cygwin
Program options name: Program Options
Cygwin mount registry name: mounts v2
Cygdrive flags: cygdrive flags
Cygdrive prefix: cygdrive prefix
Cygdrive default prefix:
Build date: Thu Jan 23 21:31:48 EST 2003
CVS tag: cygwin-1-3-19-1
Shared id: cygwin1S3
Cygwin Package Information
Package Version
_update-info-dir 00130-1
ash 20020731-1
autoconf 2.54-1
autoconf-devel 2.57-1
autoconf-stable 2.13-4
automake 1.7.1-1
automake-devel 1.7.2-1
automake-stable 1.4p5-5
base-files 1.1-1
base-passwd 1.0-1
bash 2.05b-8
binutils 20021117-1
bison 1.875-1
bzip2 1.0.2-2
chkconfig 1.2.24h-1
cvs 1.11.0-1
cygrunsrv 0.95-1
cygutils 1.1.3-1
cygwin 1.3.19-1
cygwin-doc 1.3-2
diff 1.0-1
diffutils 2.8.1-1
file 3.37-1
fileutils 4.1-1
findutils 4.1.7-4
gawk 3.1.1-5
gcc 3.2-3
gcc-mingw 20020817-5
gcc2 2.95.3-10
gdb 20030128-1
gdbm 1.8.0-4
grep 2.5-1
groff 1.18.1-2
gzip 1.3.3-4
less 378-1
libbz2_1 1.0.2-2
libiconv2 1.8-2
libintl 0.10.38-3
libintl1 0.10.40-1
libintl2 0.11.5-1
libltdl3 20030103-1
libncurses5 5.2-1
libncurses6 5.2-8
libpopt0 1.6.4-4
libreadline4 4.1-2
libreadline5 4.3-2
libtool 20020705-1
libtool-devel 20030103-1
libtool-stable 1.4.3-1
login 1.7-1
m4 1.4-1
make 3.79.1-7
man 1.5j-1
mingw-runtime 2.3-1
mktemp 1.4-1
nano 1.1.10-1
ncurses 5.2-8
newlib-man 20020801
openssh 3.5p1-3
openssl 0.9.7-1
openssl096 0.9.6h-1
patch 2.5.8-2
pcre 3.7-1
perl 5.6.1-2
pkgconfig 0.14.0-1
readline 4.3-2
sed 4.0.5-1
sh-utils 2.0.15-3
sharutils 4.2.1-2
shutdown 1.2-2
sysvinit 2.84-3
tar 1.13.25-1
tcltk 20030128-3
tcp_wrappers 7.6-1
termcap 20020930-1
terminfo 5.2-3
texinfo 4.2-4
textutils 2.0.21-1
time 1.7-1
unzip 5.50-1
w32api 2.1-1
which 1.5-1
zip 2.3-2
zlib 1.1.4-1
Use -h to see help about each section
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
