http://bugzilla.xensource.com/bugzilla/show_bug.cgi?id=1365
------- Comment #3 from zhigang.x.wang@xxxxxxxxxx 2008-10-07 20:05 -------
Please ignore my Comment #2 . I'm using a different qemu-dm to debug the core.
sorry about that ;-).
here is the real problem:
# gdb -q qemu-dm /share/pkg/debug/core.27323
Using host libthread_db library "/lib/libthread_db.so.1".
Core was generated by `/usr/lib/xen/bin/qemu-dm -d 30 -domain-name
OVM_EL5U1_X86_PVM_4GB -k en-us -vnc'.
Program terminated with signal 11, Segmentation fault.
#0 xenfb_update (opaque=0x83375d0) at
/share/tmp/repos/xen-3.3-testing/tools/ioemu-dir/hw/xenfb.c:1285
1285 if (xenfb_queue_full(xenfb))
(gdb) bt
#0 xenfb_update (opaque=0x83375d0) at
/share/tmp/repos/xen-3.3-testing/tools/ioemu-dir/hw/xenfb.c:1285
#1 0x080ba58e in vga_hw_update () at console.c:151
#2 0x080d1fcf in vnc_update_client (opaque=0x82f19f0) at vnc.c:837
#3 0x0804cfec in qemu_run_timers (ptimer_head=0x811f4c0,
current_time=149381604)
at /share/tmp/repos/xen-3.3-testing/tools/ioemu-dir/vl.c:1115
#4 0x0805171b in main_loop_wait (timeout=10) at
/share/tmp/repos/xen-3.3-testing/tools/ioemu-dir/vl.c:7168
#5 0x080e91a6 in main_loop () at helper2.c:567
#6 0x08056a43 in main (argc=14, argv=0xbfcc02c4) at
/share/tmp/repos/xen-3.3-testing/tools/ioemu-dir/vl.c:8895
(gdb) info frame
Stack level 0, frame at 0xbfcbf830:
eip = 0x80b12f4 in xenfb_update
(/share/tmp/repos/xen-3.3-testing/tools/ioemu-dir/hw/xenfb.c:1285); saved eip
0x80ba58e
called by frame at 0xbfcbf840
source language c.
Arglist at 0xbfcbf828, args: opaque=0x83375d0
Locals at 0xbfcbf828, Previous frame's sp is 0xbfcbf830
Saved registers:
ebx at 0xbfcbf81c, ebp at 0xbfcbf828, esi at 0xbfcbf820, edi at 0xbfcbf824,
eip at 0xbfcbf82c
(gdb) info reg
eax 0x83375d0 137590224
ecx 0x0 0
edx 0x0 0
ebx 0x8e761e4 149381604
esp 0xbfcbf7e0 0xbfcbf7e0
ebp 0xbfcbf828 0xbfcbf828
esi 0x83375d0 137590224
edi 0x811f4c0 135394496
eip 0x80b12f4 0x80b12f4 <xenfb_update+24>
eflags 0x210282 [ SF IF RF ID ]
cs 0x73 115
ss 0x7b 123
ds 0xc010007b -1072693125
es 0xc010007b -1072693125
fs 0x0 0
gs 0x33 51
(gdb) p xenfb_queue_full
No symbol "xenfb_queue_full" in current context.
(gdb) disassemble xenfb_update
Dump of assembler code for function xenfb_update:
0x080b12dc <xenfb_update+0>: push %ebp
0x080b12dd <xenfb_update+1>: mov %esp,%ebp
0x080b12df <xenfb_update+3>: sub $0x48,%esp
0x080b12e2 <xenfb_update+6>: mov %ebx,0xfffffff4(%ebp)
0x080b12e5 <xenfb_update+9>: mov %esi,0xfffffff8(%ebp)
0x080b12e8 <xenfb_update+12>: mov %edi,0xfffffffc(%ebp)
0x080b12eb <xenfb_update+15>: mov 0x8(%ebp),%esi
0x080b12ee <xenfb_update+18>: mov 0x9c(%esi),%edx
0x080b12f4 <xenfb_update+24>: mov 0x4(%edx),%eax
0x080b12f7 <xenfb_update+27>: sub $0x19,%eax
0x080b12fa <xenfb_update+30>: cmp (%edx),%eax
0x080b12fc <xenfb_update+32>: je 0x80b13e1 <xenfb_update+261>
0x080b1302 <xenfb_update+38>: mov (%esi),%eax
0x080b1304 <xenfb_update+40>: movl $0x0,0xffffffc0(%ebp)
0x080b130b <xenfb_update+47>: cmpl $0x0,0x2c(%eax)
0x080b130f <xenfb_update+51>: jne 0x80b1325 <xenfb_update+73>
0x080b1311 <xenfb_update+53>: mov 0x24(%eax),%eax
0x080b1314 <xenfb_update+56>: mov %eax,0xffffffc0(%ebp)
0x080b1317 <xenfb_update+59>: test %eax,%eax
0x080b1319 <xenfb_update+61>: mov $0x1e,%eax
0x080b131e <xenfb_update+66>: cmovne 0xffffffc0(%ebp),%eax
0x080b1322 <xenfb_update+70>: mov %eax,0xffffffc0(%ebp)
0x080b1325 <xenfb_update+73>: mov 0xffffffc0(%ebp),%eax
0x080b1328 <xenfb_update+76>: cmp %eax,0x164(%esi)
0x080b132e <xenfb_update+82>: je 0x80b13e1 <xenfb_update+261>
0x080b1334 <xenfb_update+88>: lea 0xffffffcc(%ebp),%edi
0x080b1337 <xenfb_update+91>: cld
0x080b1338 <xenfb_update+92>: mov $0xa,%ecx
0x080b133d <xenfb_update+97>: mov $0x0,%eax
0x080b1342 <xenfb_update+102>: rep stos %eax,%es:(%edi)
0x080b1344 <xenfb_update+104>: movb $0x1,0xffffffcc(%ebp)
0x080b1348 <xenfb_update+108>: mov 0xffffffc0(%ebp),%eax
0x080b134b <xenfb_update+111>: mov %eax,0xffffffd0(%ebp)
0x080b134e <xenfb_update+114>: mov 0x9c(%esi),%edi
0x080b1354 <xenfb_update+120>: mov 0x4(%edi),%ebx
0x080b1357 <xenfb_update+123>: lock addl $0x0,(%esp)
0x080b135c <xenfb_update+128>: mov $0x51eb851f,%edx
0x080b1361 <xenfb_update+133>: mov %ebx,%eax
0x080b1363 <xenfb_update+135>: mul %edx
0x080b1365 <xenfb_update+137>: shr $0x3,%edx
0x080b1368 <xenfb_update+140>: lea (%edx,%edx,4),%edx
0x080b136b <xenfb_update+143>: lea (%edx,%edx,4),%edx
0x080b136e <xenfb_update+146>: mov %ebx,%eax
0x080b1370 <xenfb_update+148>: sub %edx,%eax
0x080b1372 <xenfb_update+150>: lea (%eax,%eax,4),%eax
0x080b1375 <xenfb_update+153>: lea (%edi,%eax,8),%eax
0x080b1378 <xenfb_update+156>: lea 0x400(%eax),%ecx
0x080b137e <xenfb_update+162>: mov 0xffffffcc(%ebp),%edx
0x080b1381 <xenfb_update+165>: mov %edx,0x400(%eax)
0x080b1387 <xenfb_update+171>: mov 0xffffffd0(%ebp),%eax
0x080b138a <xenfb_update+174>: mov %eax,0x4(%ecx)
0x080b138d <xenfb_update+177>: mov 0xffffffd4(%ebp),%eax
0x080b1390 <xenfb_update+180>: mov %eax,0x8(%ecx)
0x080b1393 <xenfb_update+183>: mov 0xffffffd8(%ebp),%eax
0x080b1396 <xenfb_update+186>: mov %eax,0xc(%ecx)
0x080b1399 <xenfb_update+189>: mov 0xffffffdc(%ebp),%eax
0x080b139c <xenfb_update+192>: mov %eax,0x10(%ecx)
0x080b139f <xenfb_update+195>: mov 0xffffffe0(%ebp),%eax
0x080b13a2 <xenfb_update+198>: mov %eax,0x14(%ecx)
---Type <return> to continue, or q <return> to quit---
0x080b13a5 <xenfb_update+201>: mov 0xffffffe4(%ebp),%eax
0x080b13a8 <xenfb_update+204>: mov %eax,0x18(%ecx)
0x080b13ab <xenfb_update+207>: mov 0xffffffe8(%ebp),%eax
0x080b13ae <xenfb_update+210>: mov %eax,0x1c(%ecx)
0x080b13b1 <xenfb_update+213>: mov 0xffffffec(%ebp),%eax
0x080b13b4 <xenfb_update+216>: mov %eax,0x20(%ecx)
0x080b13b7 <xenfb_update+219>: mov 0xfffffff0(%ebp),%eax
0x080b13ba <xenfb_update+222>: mov %eax,0x24(%ecx)
0x080b13bd <xenfb_update+225>: add $0x1,%ebx
0x080b13c0 <xenfb_update+228>: mov %ebx,0x4(%edi)
0x080b13c3 <xenfb_update+231>: mov 0xa0(%esi),%eax
0x080b13c9 <xenfb_update+237>: mov %eax,0x4(%esp)
0x080b13cd <xenfb_update+241>: mov 0x4(%esi),%eax
0x080b13d0 <xenfb_update+244>: mov %eax,(%esp)
0x080b13d3 <xenfb_update+247>: call 0x804c658 <xc_evtchn_notify@plt>
0x080b13d8 <xenfb_update+252>: mov 0xffffffc0(%ebp),%eax
0x080b13db <xenfb_update+255>: mov %eax,0x164(%esi)
0x080b13e1 <xenfb_update+261>: mov 0xfffffff4(%ebp),%ebx
0x080b13e4 <xenfb_update+264>: mov 0xfffffff8(%ebp),%esi
0x080b13e7 <xenfb_update+267>: mov 0xfffffffc(%ebp),%edi
0x080b13ea <xenfb_update+270>: mov %ebp,%esp
0x080b13ec <xenfb_update+272>: pop %ebp
0x080b13ed <xenfb_update+273>: ret
End of assembler dump.
(gdb)
============
why there's no symbol "xenfb_queue_full"?
--
Configure bugmail:
http://bugzilla.xensource.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
_______________________________________________
Xen-bugs mailing list
Xen-bugs@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-bugs
|
Home