[Qemu-devel] debugging weirdness

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] debugging weirdness

From:	Tom Musgrove
Subject:	[Qemu-devel] debugging weirdness
Date:	Wed, 25 Feb 2004 21:40:07 +0000

I've continued to try to find the cause of my bug,

I get a bt of

#0 0x00020b0c in cpu_x86_exec (env1=0x1f) at/Users/tom/darwine/related/qemu/exec-all.h:284#1 0x00006dc0 in main_loop (opaque=0x1f) at/Users/tom/darwine/related/qemu/vl.c:3090#2 0x00006dc0 in main_loop (opaque=0x1f) at/Users/tom/darwine/related/qemu/vl.c:3090#3 0x00007944 in main (argc=983236, argv=0x20b060) at/Users/tom/darwine/related/qemu/vl.c:3722


note the duplicate?

I also get a bt of

#1 0x00020c10 in cpu_x86_exec (env1=0xffe0) at/Users/tom/darwine/related/qemu/cpu-exec.c:477#2 0x00006dc0 in main_loop (opaque=0xffe0) at/Users/tom/darwine/related/qemu/vl.c:3090#3 0x00007944 in main (argc=983040, argv=0x20b320) at/Users/tom/darwine/related/qemu/vl.c:3722


without the duplicate -usually it is the first case.

So I set a break point at vl.c:3090

It enters this loop a number of times, so I do continue at differentsteppings

the weirdness comes in, in that the number passed to continue effects whenit crashes,


for instance

continue 18 and above usually instantly gives BAD_ACCESS

continue 17 doesn't usually give a BAD_ACCESS immediately nor does itfollowed by single continueshowever followed by larger continues (ie continue 5) it does result in aBAD_ACCESS


continue 5 it crashed on the 6th time
continue 2 it crashed on the 53rd time
continue 1 it never crashes

This makes no sense

Here is the complete loop of the code when it is not giving a BAD_ACCESS

****Begin****

3090            ret = cpu_exec(env);
(gdb)

cpu_x86_exec (env1=0x1004000) at/Users/tom/darwine/related/qemu/cpu-exec.c:125125 env->eflags &= ~(DF_MASK | CC_O | CC_S | CC_Z | CC_A | CC_P |CC_C);

(gdb)
40      {
(gdb)

cpu_x86_exec (env1=0x1004000) at/Users/tom/darwine/related/qemu/cpu-exec.c:80

80          saved_env = env;
(gdb)
40      {
(gdb)
123         DF = 1 - (2 * ((env->eflags >> 10) & 1));
(gdb)
81          env = env1;
(gdb)

122 CC_SRC = env->eflags & (CC_O | CC_S | CC_Z | CC_A | CC_P |CC_C);

(gdb)
123         DF = 1 - (2 * ((env->eflags >> 10) & 1));
(gdb)

125 env->eflags &= ~(DF_MASK | CC_O | CC_S | CC_Z | CC_A | CC_P |CC_C);

(gdb)
124         CC_OP = CC_OP_EFLAGS;
(gdb)

122 CC_SRC = env->eflags & (CC_O | CC_S | CC_Z | CC_A | CC_P |CC_C);

(gdb)
123         DF = 1 - (2 * ((env->eflags >> 10) & 1));
(gdb)
140         env->exception_index = -1;
(gdb)

122 CC_SRC = env->eflags & (CC_O | CC_S | CC_Z | CC_A | CC_P |CC_C);

(gdb)
123         DF = 1 - (2 * ((env->eflags >> 10) & 1));
(gdb)

125 env->eflags &= ~(DF_MASK | CC_O | CC_S | CC_Z | CC_A | CC_P |CC_C);

(gdb)
140         env->exception_index = -1;
(gdb)
77          saved_T0 = T0;
(gdb)
78          saved_T1 = T1;
(gdb)
79          saved_T2 = T2;
(gdb)
144             if (setjmp(env->jmp_env) == 0) {
(gdb)
147                 if (env->exception_index >= 0) {
(gdb)
145                 env->current_tb = NULL;
(gdb)
147                 if (env->exception_index >= 0) {
(gdb)
180                 for(;;) {
(gdb)
179                 T0 = 0; /* force lookup of first TB */
(gdb)
180                 for(;;) {
(gdb)
185                     interrupt_request = env->interrupt_request;
(gdb)
186                     if (__builtin_expect(interrupt_request, 0)) {
(gdb)
189                         if ((interrupt_request & CPU_INTERRUPT_HARD) &&
(gdb)
215                         if (interrupt_request & CPU_INTERRUPT_EXITTB) {
(gdb)
225                         if (interrupt_request & CPU_INTERRUPT_EXIT) {
(gdb)

226 env->interrupt_request &=~CPU_INTERRUPT_EXIT;

(gdb)
227                             env->exception_index = EXCP_INTERRUPT;
(gdb)

226 env->interrupt_request &=~CPU_INTERRUPT_EXIT;

(gdb)
228                             cpu_loop_exit();
(gdb)
cpu_loop_exit () at /Users/tom/darwine/related/qemu/target-i386/helper.c:109
109     {
(gdb)
136         longjmp(env->jmp_env, 1);
(gdb)
109     {
(gdb)
136         longjmp(env->jmp_env, 1);
(gdb)
109     {
(gdb)
cpu_loop_exit () at /Users/tom/darwine/related/qemu/target-i386/helper.c:136
136         longjmp(env->jmp_env, 1);
(gdb)
pic_set_irq: irq=0 level=1
pic0: imr=0 irr=1 padd=0
pic1: imr=0 irr=0 padd=0
pic: cpu_interrupt req=0
pic_set_irq: irq=0 level=0
pic0: imr=0 irr=1 padd=0
pic1: imr=0 irr=0 padd=0
pic: cpu_interrupt req=0

****End****

_________________________________________________________________

Say good-bye to spam, viruses and pop-ups with MSN Premium -- free trialoffer! http://click.atdmt.com/AVE/go/onm00200359ave/direct/01/

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] debugging weirdness, Tom Musgrove <=
- Re: [Qemu-devel] debugging weirdness, dguinan, 2004/02/25

Prev by Date: [Qemu-devel] Debugging
Next by Date: Re: [Qemu-devel] debugging weirdness
Previous by thread: [Qemu-devel] Re: Debugging
Next by thread: Re: [Qemu-devel] debugging weirdness
Index(es):
- Date
- Thread