Segfault when call kernel32 function

Jamie Guinan guinan@bluebutton.com
Thu Jan 6 17:05:00 GMT 2000


I tried the same program with Mumit's gcc-2.95.2 distribution
native on Win98.  Same problem, "BuildCommDCB()" just keeps
crashing.  Both CRTDLL and MSVCRT versions. 

I think I can work around it with a combination of GetCommState()
and SetCommState(), but I just find it weird that BuildCommDCB
fails.  Oh, well.  :/

On Wed, 5 Jan 2000, Jamie Guinan wrote:

> 
> Hi all,
> 
> I'm using a Linux->Win32 cross-development environment (see below).
> I made a simple test program that calls BuildCommDCB(), and
> it segfaults when it hits that call (running under Win98).
> 
> The weird thing is, an earlier call to MessageBox() works fine,
> and if I run the app under GDB and set a breakpoint before the
> call to BuildCommDCB(), then 'cont' after the breakpoint, 
> it does not segfault.
> 
> Here is the app in its entirety (w3.c),
> 
> #include <windows.h>
> 
> int STDCALL
> WinMain (HINSTANCE hInst, HINSTANCE hPrev, LPSTR lpCmd, int nShow)
> {
>   DCB dcb;
> 
>   MessageBox (NULL, "Test message", "Test", MB_OK);
> 
>   FillMemory(&dcb, sizeof(dcb), 0);
>   dcb.DCBlength = sizeof(dcb);
>   puts("->BuildCommDCB");
>   if (!BuildCommDCB("9600,n,8,1", &dcb)) 
>     {   
>   	puts("error");
>     }
>   puts("<-BuildCommDCB");
>   return 0;
> }
> 
> I compile it with,
> 
> $ i386-mingw32-gcc -g w3.c -o w3.exe 
> 
> And run it on a Win98 laptop.  The message box appears as expected,
> but after the "->BuildCommDCB" string is printed, Windows reports
> an error.   Here are the error details from Windows,
> 
>   W3 caused an invalid page fault in
>   module KERNEL32.DLL at 0167:bffa7764.
>   Registers:
>   EAX=0256fcec CS=0167 EIP=bffa7764 EFLGS=00010246
>   EBX=8166ac2c SS=016f ESP=0256fc8c EBP=0256fd04
>   ECX=0256fd48 DS=016f ESI=0256fcec FS=0eef
>   EDX=00000000 ES=016f EDI=00401216 GS=0000
>   Bytes at CS:EIP:
>   c6 47 ff 00 ff 36 e8 93 87 fd ff 85 c0 74 3a 89 
>   Stack dump:
>   0256fd48 00000000 8166ac08 bffa6cb4 0256fcec 
>   00000000 81665e28 8166ac08 8167253c bff7b9c5 
>   8166dfd4 00000000 00000000 8167253c 00000000 
>   8167253c 
> 
> 
> I'm running the program from the Cygwin b20.1 BASH under Win98,
> so I have GDB handy.  GDB's version of the error,
> 
>   BASH.EXE-2.02$ gdb ./w3.exe
>   ...
>   (gdb) run
>   Starting program: //gemini/guinan/projects/...//nchost/./w3.exe
>   
>   bfe80000:/WINDOWS/SYSTEM/ADVAPI32.DLL
>   bff20000:/WINDOWS/SYSTEM/GDI32.DLL
>   bff50000:/WINDOWS/SYSTEM/USER32.DLL
>   bff70000:/WINDOWS/SYSTEM/KERNEL32.DLL
>   7fc00000:/WINDOWS/SYSTEM/CRTDLL.DLL
>   25d0000:/WINDOWS/SYSTEM/VXDIF.DLL
>   bfe70000:/WINDOWS/SYSTEM/VERSION.DLL
>   7ff20000:/WINDOWS/SYSTEM/OLE32.DLL
>   7fcb0000:/WINDOWS/SYSTEM/SHELL32.DLL
>   bfe90000:/WINDOWS/SYSTEM/COMCTL32.DLL
>   70bd0000:/WINDOWS/SYSTEM/SHLWAPI.DLL
>   7fe10000:/WINDOWS/SYSTEM/COMDLG32.DLL
>   10000000:/PROGRAM FILES/APOINT/APOINT.DLL
>   2580000:/PROGRAM FILES/APOINT/EZAUTO.DLL
>   2590000:/PROGRAM FILES/APOINT/APWHEEL.DLL
>   3000000:/WINDOWS/SYSTEM/PELCOMM.DLL
>   25a0000:/WINDOWS/SYSTEM/PELSCRLL.DLL
>   ->BuildCommDCB
> 
>   Program received signal SIGSEGV, Segmentation fault.
>   0xbffa7764 in $SG37486 ()
>   (gdb)
> 
> 
> Now, if I do the following,
> 
>   BASH.EXE-2.02$ gdb ./w3.exe
>   ...
>   (gdb) b 8
>   (gdb) run
>   (gdb) cont
> 
> It works fine!  
> 
> >>> Any clues? <<<
> 
> Bear with me, I haven't worked this close to Windows before, but
> what I've learned so far is that BuildCommDCB() is handled as 
> follows,
> 
> 1) #define'd to BuildCommDCBA() in winbase.h
> 2) Magically transformed to "BuildCommDBCA@8" in object code.
> 3) Calls "__imp_BuildCommDCBA@8" which looks like some sort of
>    "thunk" to be filled in by the Windows loader (???)
> 
> I had a look at "i386-mingw32-objdump --disassemble-all w3.exe"
> and found the following,
> 
>   401283:       e8 ec 01 00 00  call   401474 <_BuildCommDCBA@8>
>   ...
> 00401474 <_BuildCommDCBA@8>:
>   401474:       ff 25 f4 30 40  jmp    *0x4030f4
>   401479:       00 
>   40147a:       90              nop    
>   40147b:       90              nop  
>   ...
> 004030f4 <___imp_BuildCommDCBA@8>:
>   4030f4:       bc 31 00 00 cc  movl   $0xcc000031,%esp
> 
> What is the "bc 31" here?  And when/how does/should Windows
> replace it with a call to the kernel32.dll code?
> 
> (I realize that "movl" there isn't a real instruction, just
>  --disassmble-all's best interpretation...)
> 
> Why would breaking under GDB fix things?
> 
> 
> FYI, my environment is as follows:
> 
> Host: 
> Linux x86, egcs-2.91.66 (Red Hat)
> 
> Binutils: 
> Version 2.9.1,
> $ configure --target=i386-mingw32 --prefix=/usr/local/crossdev
> 
> GCC:      
> Version 2.9.5,
> $ configure --target=i386-mingw32 --prefix=/usr/local/crossdev
>   --with-headers=/usr/local/crossdev/i386-mingw32/include
>   --enable-languages=c,c++
> 
> Runtime libs and headers for host-side compilation:
>   ftp://ftp.xraylith.wisc.edu/pub/khan/gnu-win32/mingw32/runtime/
>   bin-crtdll-1999-11-18.tar.gz
> 
>   ftp://ftp.xraylith.wisc.edu/pub/khan/gnu-win32/mingw32/runtime/
>   bin-msvcrt-1999-11-18.tar.gz
> 
> Thanks for any advice...
> -Jamie
> 
> 
> --
> Want to unsubscribe from this list?
> Send a message to cygwin-unsubscribe@sourceware.cygnus.com
> 
> 


--
Want to unsubscribe from this list?
Send a message to cygwin-unsubscribe@sourceware.cygnus.com



More information about the Cygwin mailing list