[Crash-utility] crash version 4.0-3.9 is available

Dave Anderson anderson at redhat.com
Wed Nov 8 19:00:34 UTC 2006 

Rachita Kothiyal wrote:

> On Wed, Nov 08, 2006 at 10:51:00AM -0500, Dave Anderson wrote:
> > Rachita Kothiyal wrote:
> >
> > >
> > > > If "crash --machdep irq_eframe_link=40 ..." works, then
> > > > something in x86_64_irq_eframe_link_init() needs to be
> > > > looked at.
> > >
> > > Hi Dave
> > >
> > > The dis common_interrupt looks exactly like above and with the
> > > --machdep irq_eframe_link=40 in the commandline I dont see the bogus
> > > frames in the bt.
> > >
> > > Thanks
> > > Rachita
> > >
> >
> > Right -- so you'll have to debug x86_64_irq_eframe_link_init().
> > and figure out why it's failing to make it to the bottom, where
> > the link gets initialized.
>
> Hi Dave
>
> It turns out that the column width of the window I was running crash on was the problem! With a width of 80, the instruction at <common_interrupt+49> seems to
> be wrapped around. This was causing incomplete instruction getting read into
> the buffer on a fgets in x86_64_irq_eframe_link_init(). It wasnt reaching
> till the 'push rbp' instruction at all and this left the irq_eframe_link
> uninitialised. On increasing the column size it worked fine.
>
> crash> dis common_interrupt
> 0xffffffff80109b34 <common_interrupt>:  cld
> 0xffffffff80109b35 <common_interrupt+1>:        sub    $0x48,%rsp
> 0xffffffff80109b39 <common_interrupt+5>:        mov    %rdi,0x40(%rsp)
> 0xffffffff80109b3e <common_interrupt+10>:       mov    %rsi,0x38(%rsp)
> 0xffffffff80109b43 <common_interrupt+15>:       mov    %rdx,0x30(%rsp)
> 0xffffffff80109b48 <common_interrupt+20>:       mov    %rcx,0x28(%rsp)
> 0xffffffff80109b4d <common_interrupt+25>:       mov    %rax,0x20(%rsp)
> 0xffffffff80109b52 <common_interrupt+30>:       mov    %r8,0x18(%rsp)
> 0xffffffff80109b57 <common_interrupt+35>:       mov    %r9,0x10(%rsp)
> 0xffffffff80109b5c <common_interrupt+40>:       mov    %r10,0x8(%rsp)
> 0xffffffff80109b61 <common_interrupt+45>:       mov    %r11,(%rsp)
> 0xffffffff80109b65 <common_interrupt+49>:
>     lea    0xffffffffffffffd0(%rsp),%rdi
> 0xffffffff80109b6a <common_interrupt+54>:       push   %rbp
> 0xffffffff80109b6b <common_interrupt+55>:       mov    %rsp,%rbp
>
> Thanks
> Rachita

Unbelievable -- nice catch!

I would have thought since the output of the disassembly
was changed to a temporary file instead of stdout, that there
wouldn't be any line-wrap applied by gdb behind the scenes.

And as luck would have it, I did my testing in a window
larger than 80-columns...

Back to the drawing board.

Thanks again for finding this.
  Dave

More information about the Crash-utility mailing list