Mail Archives: djgpp/1999/04/04/03:37:32
On 3 Apr 1999, Martin Str|mberg wrote:
> I wonder what you people out there knowledgable in crash dumps have to
> say about this one.
Too many things went wrong there, so it's difficult to tell without
spending a nice long debugging session with your program (which I
cannot afford currently).
> After hooking INT31, the program simply spawnl()s
> bash.
Why did you need to spawn Bash? I suggest to try COMMAND.COM first,
since Bash does some very complex tricks with DPMI functions. It's
better to begin at the first grade...
> General Protection Fault at eip=000003c0, error=fffc
Mystery no.1: the EIP is *way* too low.
Mystery no.2: the error code in GPF, if not zero, is the descriptor
that a program was trying to load and which caused the GPF. But what
kind of a descriptor is FFFCh?
> eax=00000300 ebx=00020021 ecx=00003c00 edx=000001df esi=00000000
> edi=00001000
> ebp=00160912 esp=0000075a program=F:\hackery\ds\apams
Mystery no.3: the EBP value is not inside stack limits of any of the
two stacks. And neither is ESP, but note that ESP is very low and too
far from EBP.
> cs: sel=01c7 base=0001f3c0 limit=0000ffff
> ds: sel=01bf base=0001f3c0 limit=0000ffff
> es: sel=01bf base=0001f3c0 limit=0000ffff
> ss: sel=01bf base=0001f3c0 limit=0000ffff
These all have a limit of 64K. How can this be? Mystery no.4.
> fs: sel=0000
> gs: sel=0000
And these are invalid: mystery no.5.
- Raw text -