port-i386: Further examination of the problem...loader broken ?

Subject: Further examination of the problem...loader broken ?
To: None <port-i386@netbsd.org>
From: Darren Reed <darrenr@reed.wattle.id.au>
List: port-i386
Date: 10/01/2000 15:44:44
Stepping through it makes it panic elsewhere but this sort of makes more
sense but the stupid thing is, it is like it has forgotten to load eax
with a sane value after leaving 0x4 in eax, it then does "addl 0x4, 0(eax)"
the c code looks like this:
...
        if (fin->fin_v == 4) {
                fr = (frentry_t *)&rule_1024;
                if (src == 0x1000000) {
                        if (dst == 0x1000000) {
                                fr = (frentry_t *)&rule_1025;
...

The .s file looks something like this:
        movl 8(%ebp),%eax
        movzbl 4(%eax),%edx
        movl %edx,%eax
        andl $15,%eax
        cmpl $4,%eax
        jne .L2108
.stabn 68,0,13704,.LM3154-ipfrule_match_out
.LM3154:
        movl $rule_1024,-4(%ebp)
.stabn 68,0,13705,.LM3155-ipfrule_match_out
.LM3155:
        cmpl $16777216,-8(%ebp)
        jne .L2109
.stabn 68,0,13706,.LM3156-ipfrule_match_out
.LM3156:
        cmpl $16777216,-12(%ebp)
        jne .L2109
.stabn 68,0,13707,.LM3157-ipfrule_match_out
...

stepping with ddb, I see:
+0x2a movl %edx, %eax
+0x2c andl $0xf,%eax
+0x2f cmpl $0x4,%eax
+0x32 jnz +0x6426
+0x38 movl 0xc02ce260,0xfffffffc(%ebp)
+0x3f addl $0x4, 0(%eax)

0xc02ce260 == rule_1024

objdump on the .o file shows:

    67bb:       8b 45 08        movl   0x8(%ebp),%eax
    67be:       0f b6 50 04     movzbl 0x4(%eax),%edx
    67c2:       89 d0           movl   %edx,%eax
    67c4:       83 e0 0f        andl   $0xf,%eax
    67c7:       83 f8 04        cmpl   $0x4,%eax
    67ca:       0f 85 ee 63 00  jne    cbbe <ipfrule_match_out+0x6426>
    67cf:       00 
    67d0:       c7 45 fc 00 40  movl   $0x34000,0xfffffffc(%ebp)
    67d5:       03 00 
    67d7:       81 7d f8 00 00  cmpl   $0x1000000,0xfffffff8(%ebp)
    67dc:       00 01 
    67de:       75 10           jne    67f0 <ipfrule_match_out+0x58>
    67e0:       81 7d f4 00 00  cmpl   $0x1000000,0xfffffff4(%ebp)
    67e5:       00 01 

gdb'ing the kernel and doing "disassemble iprule_match_out" shows the
code is the same as generated in the .s file BUT...

If I boot this kernel, and then do "disassemble 0xc0199630" (which is
where ipfrule_match_out is), I see:

...
+35 movl 0x8(%ebp),%eax
+38 movzbl 0x4(%eax),%edx
+42 movl %edx,%eax
+44 andl $0xf,%eax
+47 cmpl $0x4,%eax
+50 jne 0xc019fa56 <ipfrule_match_out+25638>
+56 movl $0xc02ce260,0xfffffffc(%ebp)
+63 addl $0x4,(%eax)
+69 addl %esi,0x10(%ebp)
+72 cmpl $0x1000000,0xfffffff4(%ebp)
...

FYI, gcc is:
gcc version egcs-2.91.66 19990314 (egcs-1.1.2 release)

Darren