------- Comment #7 from dick_guertin at yahoo dot com 2006-01-17 08:33 ------- Response to: "ebotcazou at gcc dot gnu dot org" <[EMAIL PROTECTED]>
> Program received signal SIGILL, Illegal instruction. > 0x00297064 in hex_to_character () > Could you post an excerpt of the assembly code around 0x00297064? It really doesn't do any good. You're assuming hex_to_chararacter is 'entered' normally. It is NOT. The corrupt stack causes a branch into the middle of that routine, which is why the system reports an illegal instruction. Below is a NEXT-by-NEXT trace leading to the failure. This was accomplished with a -O2 and -g combination when compiling the source. Note several 'backups' and 'repeated' statements, ending in the failure. Starting program: /afs/ir.stanford.edu/users/g/u/guertin/wylsrc/wylbur.ge Breakpoint 1, EDTBASE () at comm.c:3613 3613 NSCAN (); (gdb) next 3614 L_00ECA: I_L(R14,(R11+0x08C)); (gdb) next 3615 L_00ECE: I_SH(R13,(DATA+0x020A)); (gdb) next 3614 L_00ECA: I_L(R14,(R11+0x08C)); (gdb) next 3615 L_00ECE: I_SH(R13,(DATA+0x020A)); (gdb) next 3616 L_00ED2: I_MVC(4,(R14+0x028),(R13)); (gdb) next 3615 L_00ECE: I_SH(R13,(DATA+0x020A)); (gdb) next 3616 L_00ED2: I_MVC(4,(R14+0x028),(R13)); (gdb) next 3615 L_00ECE: I_SH(R13,(DATA+0x020A)); (gdb) next 3616 L_00ED2: I_MVC(4,(R14+0x028),(R13)); (gdb) next 3616 L_00ED2: I_MVC(4,(R14+0x028),(R13)); (gdb) next 3616 L_00ED2: I_MVC(4,(R14+0x028),(R13)); (gdb) next 3616 L_00ED2: I_MVC(4,(R14+0x028),(R13)); (gdb) next 3617 L_00ED8: I_MVC(4,(R14+0x024),(R13+0x04)); (gdb) next 3618 L_00EDE: I_MVC(4,(R14+0x020),(R13+0x08)); (gdb) next 3619 L_00EE4: I_LTR(R15,R15); (gdb) next 3620 L_00EE6: I_L(R14,(R11+0x08C)); (gdb) next 3619 L_00EE4: I_LTR(R15,R15); (gdb) next 3620 L_00EE6: I_L(R14,(R11+0x08C)); (gdb) next 3621 L_00EEA: I_L(R1,(R14)); (gdb) next 3622 L_00EEE: I_L(R0,(R14+0x04)); (gdb) next 3623 L_00EF2: I_SR(R14,R14); (gdb) next 3625 SCINIT (); (gdb) next 3626 L_00EF6: I_L(R14,(R11+0x08C)); (gdb) next 3627 L_00EFA: I_SH(R13,(DATA+0x020C)); (gdb) next 3626 L_00EF6: I_L(R14,(R11+0x08C)); (gdb) next 3627 L_00EFA: I_SH(R13,(DATA+0x020C)); (gdb) next 3628 L_00EFE: I_MVC(176,(R14),(R13)); (gdb) next 3627 L_00EFA: I_SH(R13,(DATA+0x020C)); (gdb) next 3628 L_00EFE: I_MVC(176,(R14),(R13)); (gdb) next 3627 L_00EFA: I_SH(R13,(DATA+0x020C)); (gdb) next 3628 L_00EFE: I_MVC(176,(R14),(R13)); (gdb) next 3627 L_00EFA: I_SH(R13,(DATA+0x020C)); (gdb) next 3628 L_00EFE: I_MVC(176,(R14),(R13)); (gdb) next 3629 L_00F04: I_L(R14,(R11+0x08C)); (gdb) next 3630 L_00F08: I_XC(176,(R14),(R14)); (gdb) next 3631 L_00F0E: I_SR(R14,R14); (gdb) next 3632 L_00F10: I_LA(R1,(R11+0x0242)); (gdb) next 3633 L_00F14: I_LH(R0,(R11+0x0240)); (gdb) next 3631 L_00F0E: I_SR(R14,R14); (gdb) next 3633 L_00F14: I_LH(R0,(R11+0x0240)); (gdb) next 3631 L_00F0E: I_SR(R14,R14); (gdb) next 3632 L_00F10: I_LA(R1,(R11+0x0242)); (gdb) next 3633 L_00F14: I_LH(R0,(R11+0x0240)); (gdb) next 3634 L_00F18: I_L(R14,(R11+0x08C)); (gdb) next 3635 L_00F1C: I_ST(R1,(R14)); (gdb) next 3636 L_00F20: I_ST(R0,(R14+0x04)); (gdb) next 3637 L_00F24: I_SR(R14,R14); (gdb) next 3638 L_00F26: I_L(R1,(R11+0x08C)); (gdb) next 3637 L_00F24: I_SR(R14,R14); (gdb) next 3638 L_00F26: I_L(R1,(R11+0x08C)); (gdb) next 3639 L_00F2A: I_SR(R0,R0); (gdb) next 3640 L_00F2C: I_L(R14,(R11+0x08C)); (gdb) next 3639 L_00F2A: I_SR(R0,R0); (gdb) next 3640 L_00F2C: I_L(R14,(R11+0x08C)); (gdb) next 3641 L_00F30: I_MVC(4,(R13),(R14+0x028)); (gdb) next 3642 L_00F36: I_MVC(4,(R13+0x04),(R14+0x024)); (gdb) next 3643 L_00F3C: I_MVC(4,(R13+0x08),(R14+0x020)); (gdb) next 3644 L_00F42: I_LA(R13,(R13+0x0C)); (gdb) next 3645 L_00F46: I_ST(R0,(R1+0x024)); (gdb) next 3646 L_00F4A: I_ST(R0,(R1+0x020)); (gdb) next 3647 R14 = (long int)((char *)( & PRT )); (gdb) next 3646 L_00F4A: I_ST(R0,(R1+0x020)); (gdb) next 3647 R14 = (long int)((char *)( & PRT )); (gdb) next 3648 L_00F4E: I_ST(R14,(R1+0x028)); (gdb) next 3650 NSCAN (); (gdb) next Program received signal SIGILL, Illegal instruction. 0x00296fec in hex_to_character () (gdb) ======================= > We need a preprocessed testcase, preferably a runnable testcase but a > compilable one is sufficient if you can pinpoint the miscompilation. This program is too big for me to create a testcase. I have no idea where execution is going, only the final failure, which doesn't even allow 'gdb' to know 'where' we are. The stack is corrupted. I was able to determine EDTBASE was the last function in control, but have no idea what clobbers the stack. As you can see from the code, it is pseudo-assembler from an IBM/360 being done in C using macros that create c-equivalent code. In order to run on both Big-endian and Little-endian, almost all memory reference instructions use a complex shift/or process to combine four bytes into a long. That's because this code must always be treated as Big endian, even on Little endian machines. There's a lot of 'ntohl' or 'htonl'. I created 'wylsrc.tgz' that you can download and extract. Since all of this is Open-Source, you are permitted to have it, especially if -O2 can be fixed. http://lindy.stanford.edu/~guertin/wylsrc.tgz -- http://gcc.gnu.org/bugzilla/show_bug.cgi?id=25791
