From: sandmann AT clio DOT rice DOT edu (Charles Sandmann)
Message-Id: <9906231601.AA14056@clio.rice.edu>
Subject: Re: Re: gcc-crash - and a possible solution
To: eliz AT is DOT elta DOT co DOT il (Eli Zaretskii)
Date: Wed, 23 Jun 1999 11:01:56 -0600 (CDT)
Cc: erik2 DOT berglund AT telia DOT com, pavenis AT lanet DOT lv, djgpp-workers AT delorie DOT com
In-Reply-To: <Pine.SUN.3.91.990623112553.13893I-100000@is> from "Eli Zaretskii" at Jun 23, 99 11:27:59 am
X-Mailer: ELM [version 2.4 PL20]
Content-Type: text
Reply-To: djgpp-workers AT delorie DOT com
X-Mailing-List: djgpp-workers AT delorie DOT com
X-Unsubscribes-To: listserv AT delorie DOT com
Precedence: bulk

> On Tue, 22 Jun 1999, Erik Berglund wrote:
> 
> > Normally, when all goes well, I will consistently get:
> > 
> > &p = 0x0015a630
> > 
> > which is a very reasonable location for beginning of the stack.
> > 
> > However, when I've run my special 3-program sequence,
> > to trig the gcc-crash, I get:
> > 
> > &p = 0xfff7ffd0
> > 
> > which is a totally wrong place for the stack, IMHO.

What has happened is that that your DPMI provider has for some
bizzare reason chosen to return memory blocks in non-increasing
order.  So the second memory request from DPMI gets stuffed in
some memory area virtually right below "0", which we access
via adress wrap.  While this is bizzare, it's completely
legal.

This theoretically should work, but there are problems with
signed/unsigned arithmetic in our libc and applications which
really don't work with a 4Gb address space.  This is not 
tested under any other environemnts!

> > Important notice: Once I get the (&p = 0xfff7ffd0) value,
> > I will consistanly get that value for CC1.EXE, and my own little 
> > DJGPP-programs will also start to get strange
> > stack pointer values, for instance it may jump up
> > to a new value, approximately 0x70000 higher.
> 
> But we still need to understand whether the crash happens because of
> Windows, or because cc1 or the library does something that breaks
> under these curcumstances.

I'm pretty sure it's because of signed/unsigned problems in the
applications (like gcc and/or malloc).

> Charles, I think you sent me a program that printed the memory handles
> in use.  I cannot find that program now.  Could you tell me where to
> look, or how to write it?  Perhaps if we look at the memory layout we
> could get a hint on what's going on?

It's actually stored in crt0 in some structure - some of the libc
routines use it