Da Feng <jvfengda@xxxxxxxxx> writes: > A core file is generated by a tomcat server running JNI code. > Almost every 9 days it crashes at the same place. The $eip does not > point to .text section, but @plt section. The code breaks at writen@plt, so I don't have $ebp+0x4 point to the caller. I don't have clue as to > which line caused the crash. Is it a problem related with GCC compiler? We don't know. A compiler bug is certainly possible, but it's not the place to look first. It is normal for the PC to be in the .plt section. That is what happens when the executable calls a function defined in a shared library, or when a shared library calls a function defined in the executable or in another shared library. The PLT contains very short instruction sequences which are designed to jump to the actual code for the function running in some other shared library. Your code seems to run on the 386. On the 386 the PLT works by loading the address of the function call from the GOT. So the first thing I would suspect is some sort of memory corruption changing the values in the GOT. Unfortunately a test case which only crashes every 9 days is going to be exceedingly difficult to debug. Ian
