Last active
May 17, 2020 01:35
-
-
Save voutilad/9b55e8ed7abfbfec0860a1cf966aa93a to your computer and use it in GitHub Desktop.
investigating a ghost in the machine
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| (gdb) p i8253_channel [22/1216] | |
| $4 = {{ts = {tv_sec = 128267, tv_nsec = 181506930}, start = 32767, olatch = 0, | |
| ilatch = 32767, last_r = 1 '\001', last_w = 0 '\000', mode = 4 '\004', rbs = 0 '\000', | |
| timer = {ev_next = {tqe_next = 0x0, tqe_prev = 0x0}, ev_active_next = {tqe_next = 0x0, | |
| tqe_prev = 0xba9f9cb8810}, ev_signal_next = {tqe_next = 0x0, tqe_prev = 0x0}, | |
| min_heap_idx = 0, ev_base = 0xba9a852d000, ev_fd = -1, ev_events = 0, ev_ncalls = 0, | |
| ev_pncalls = 0xbaa0149b76a, ev_timeout = {tv_sec = 128267, tv_usec = 208213}, | |
| ev_pri = 0, ev_callback = 0xba76e011bc0 <i8253_fire>, | |
| ev_arg = 0xba76e0afe90 <i8253_channel>, ev_res = 1, ev_flags = 129}, vm_id = 41, | |
| in_use = 1, state = 0 '\000'}, {ts = {tv_sec = 0, tv_nsec = 0}, start = 65535, | |
| olatch = 0, ilatch = 0, last_r = 1 '\001', last_w = 0 '\000', mode = 0 '\000', | |
| rbs = 0 '\000', timer = {ev_next = {tqe_next = 0x0, tqe_prev = 0x0}, ev_active_next = { | |
| tqe_next = 0x0, tqe_prev = 0x0}, ev_signal_next = {tqe_next = 0x0, tqe_prev = 0x0}, | |
| min_heap_idx = 18446744073709551615, ev_base = 0xba9a852d000, ev_fd = -1, | |
| ev_events = 0, ev_ncalls = 0, ev_pncalls = 0x0, ev_timeout = {tv_sec = 0, tv_usec = 0}, | |
| ev_pri = 0, ev_callback = 0xba76e011bc0 <i8253_fire>, | |
| ev_arg = 0xba76e0aff40 <i8253_channel+176>, ev_res = 0, ev_flags = 128}, vm_id = 41, | |
| in_use = 0, state = 0 '\000'}, {ts = {tv_sec = 0, tv_nsec = 0}, start = 65535, | |
| olatch = 0, ilatch = 0, last_r = 1 '\001', last_w = 0 '\000', mode = 0 '\000', | |
| rbs = 0 '\000', timer = {ev_next = {tqe_next = 0x0, tqe_prev = 0x0}, ev_active_next = { | |
| tqe_next = 0x0, tqe_prev = 0x0}, ev_signal_next = {tqe_next = 0x0, tqe_prev = 0x0}, | |
| min_heap_idx = 18446744073709551615, ev_base = 0xba9a852d000, ev_fd = -1, | |
| ev_events = 0, ev_ncalls = 0, ev_pncalls = 0x0, ev_timeout = {tv_sec = 0, tv_usec = 0}, | |
| ev_pri = 0, ev_callback = 0xba76e011bc0 <i8253_fire>, | |
| ev_arg = 0xba76e0afff0 <i8253_channel+352>, ev_res = 0, ev_flags = 128}, vm_id = 41, | |
| ---Type <return> to continue, or q <return> to quit--- | |
| in_use = 0, state = 0 '\000'}} | |
| (gdb) bt | |
| #0 event_queue_insert (base=0xba9a852d000, ev=0xba76e0afeb0 <i8253_channel+32>, queue=1) at event.c:879 | |
| #1 0x00000baa0f58667b in event_add (ev=0xba76e0afeb0 <i8253_channel+32>, tv=0xbaa40f79b70) at event.c:729 | |
| #2 0x00000ba76e0128a2 in i8253_reset (chn=0 '\000') at i8253.c:321 | |
| #3 0x00000ba76e0125d1 in vcpu_exit_i8253 (vrp=0xba9a8531560) at i8253.c:274 | |
| #4 0x00000ba76e002b49 in vcpu_exit_inout (vrp=0xba9a8531560) at vm.c:1589 | |
| #5 0x00000ba76e0029a5 in vcpu_exit (vrp=0xba9a8531560) at vm.c:1678 | |
| #6 0x00000ba76e0025e5 in vcpu_run_loop (arg=0xba9a8531560) at vm.c:1500 | |
| #7 0x00000ba9c877da31 in _rthread_start (v=<optimized out>) at /usr/src/lib/librthread/rthread.c:96 | |
| #8 0x00000baa0b829118 in __tfork_thread () at /usr/src/lib/libc/arch/amd64/sys/tfork_thread.S:77 | |
| #9 0x0000000000000000 in ?? () | |
| (gdb) p *((*base).timeheap.p) | |
| $5 = (struct event *) 0xba76e0afeb0 <i8253_channel+32> | |
| (gdb) p *((*base).timeheap.p)[0] | |
| $6 = {ev_next = {tqe_next = 0x0, tqe_prev = 0x0}, ev_active_next = {tqe_next = 0x0, tqe_prev = 0xba9f9cb8810}, ev_signal_next = {tqe_next = 0x0, tqe_prev = 0x0}, min_heap_idx = 0, | |
| ev_base = 0xba9a852d000, ev_fd = -1, ev_events = 0, ev_ncalls = 0, ev_pncalls = 0xbaa0149b76a, ev_timeout = {tv_sec = 128267, tv_usec = 208213}, ev_pri = 0, | |
| ev_callback = 0xba76e011bc0 <i8253_fire>, ev_arg = 0xba76e0afe90 <i8253_channel>, ev_res = 1, ev_flags = 129} | |
| (gdb) p *((*base).timeheap.p)[1] | |
| $7 = {ev_next = {tqe_next = 0x0, tqe_prev = 0x0}, ev_active_next = {tqe_next = 0x0, tqe_prev = 0xba9f9cb8810}, ev_signal_next = {tqe_next = 0x0, tqe_prev = 0x0}, min_heap_idx = 1, | |
| ev_base = 0xba9a852d000, ev_fd = -1, ev_events = 0, ev_ncalls = 0, ev_pncalls = 0xbaa0149b76a, ev_timeout = {tv_sec = 128267, tv_usec = 820773}, ev_pri = 0, | |
| ev_callback = 0xba76e00ff20 <rtc_fire1>, ev_arg = 0x0, ev_res = 1, ev_flags = 129} | |
| (gdb) p *((*base).timeheap.p)[2] | |
| $8 = {ev_next = {tqe_next = 0x0, tqe_prev = 0x0}, ev_active_next = {tqe_next = 0x0, tqe_prev = 0xba9f9cb8810}, ev_signal_next = {tqe_next = 0x0, tqe_prev = 0x0}, min_heap_idx = 0, | |
| ev_base = 0xba9a852d000, ev_fd = -1, ev_events = 0, ev_ncalls = 0, ev_pncalls = 0xbaa0149b76a, ev_timeout = {tv_sec = 128267, tv_usec = 208213}, ev_pri = 0, | |
| ev_callback = 0xba76e011bc0 <i8253_fire>, ev_arg = 0xba76e0afe90 <i8253_channel>, ev_res = 1, ev_flags = 129} |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Thread 3 hit Breakpoint 1, event_queue_insert (base=0xba9a8534800, | |
| ev=0xba76e0afeb0 <i8253_channel+32>, queue=1) at event.c:879 | |
| 879 event_errx(1, "%s: %p(fd %d) already on queue %x", __func__, | |
| (gdb) l | |
| 874 if (ev->ev_flags & queue) { | |
| 875 /* Double insertion is possible for active events */ | |
| 876 if (queue & EVLIST_ACTIVE) | |
| 877 return; | |
| 878 | |
| 879 event_errx(1, "%s: %p(fd %d) already on queue %x", __func__, | |
| 880 ev, ev->ev_fd, queue); | |
| 881 } | |
| 882 | |
| 883 if (~ev->ev_flags & EVLIST_INTERNAL) | |
| (gdb) p ev | |
| $1 = (struct event *) 0xba76e0afeb0 <i8253_channel+32> | |
| (gdb) p *ev | |
| $2 = {ev_next = {tqe_next = 0x0, tqe_prev = 0x0}, ev_active_next = {tqe_next = 0x0, tqe_prev = 0xba9a852e590}, ev_signal_next = {tqe_next = 0x0, tqe_prev = 0x0}, min_heap_idx = 0, | |
| ev_base = 0xba9a8534800, ev_fd = -1, ev_events = 0, ev_ncalls = 0, ev_pncalls = 0xbaa47693f2a, ev_timeout = {tv_sec = 123701, tv_usec = 532558}, ev_pri = 0, | |
| ev_callback = 0xba76e011bc0 <i8253_fire>, ev_arg = 0xba76e0afe90 <i8253_channel>, ev_res = 1, ev_flags = 129} | |
| [Current thread is 3 (thread 159966)] | |
| (gdb) bt | |
| #0 event_queue_insert (base=0xba9a8534800, ev=0xba76e0afeb0 <i8253_channel+32>, queue=1) at event.c:879 | |
| #1 0x00000baa0f58667b in event_add (ev=0xba76e0afeb0 <i8253_channel+32>, tv=0xbaa47693ee8) at event.c:729 | |
| #2 0x00000ba76e011c6f in i8253_fire (fd=-1, type=1, arg=0xba76e0afe90 <i8253_channel>) at i8253.c:347 | |
| #3 0x00000baa0f58614f in event_process_active (base=0xba9a8534800) at event.c:333 | |
| #4 0x00000baa0f58587a in event_base_loop (base=0xba9a8534800, flags=0) at event.c:483 | |
| #5 0x00000baa0f5855d7 in event_loop (flags=0) at event.c:409 | |
| #6 0x00000baa0f585589 in event_dispatch () at event.c:347 | |
| #7 0x00000ba76e002696 in event_thread (arg=0x7f7ffffee5df) at vm.c:1363 | |
| #8 0x00000ba9c877da31 in _rthread_start (v=<optimized out>) at /usr/src/lib/librthread/rthread.c:96 | |
| #9 0x00000baa0b829118 in __tfork_thread () at /usr/src/lib/libc/arch/amd64/sys/tfork_thread.S:77 | |
| #10 0x0000000000000000 in ?? () | |
| (gdb) p *((*base).timeheap.p)[0] | |
| $7 = {ev_next = {tqe_next = 0x0, tqe_prev = 0x0}, ev_active_next = {tqe_next = 0x0, | |
| tqe_prev = 0xba9f9cbd5e0}, ev_signal_next = {tqe_next = 0x0, tqe_prev = 0x0}, | |
| min_heap_idx = 0, ev_base = 0xba9a852b800, ev_fd = -1, ev_events = 0, ev_ncalls = 0, | |
| ev_pncalls = 0xba9bada581a, ev_timeout = {tv_sec = 124428, tv_usec = 468479}, ev_pri = 0, | |
| ev_callback = 0xba76e011bc0 <i8253_fire>, ev_arg = 0xba76e0afe90 <i8253_channel>, | |
| ev_res = 1, ev_flags = 129} | |
| (gdb) p *((*base).timeheap.p)[1] | |
| $8 = {ev_next = {tqe_next = 0x0, tqe_prev = 0x0}, ev_active_next = { | |
| tqe_next = 0xba76e0afeb0 <i8253_channel+32>, tqe_prev = 0xba9f9cbd5e0}, ev_signal_next = { | |
| tqe_next = 0x0, tqe_prev = 0x0}, min_heap_idx = 1, ev_base = 0xba9a852b800, ev_fd = -1, | |
| ev_events = 0, ev_ncalls = 0, ev_pncalls = 0xba9bada581a, ev_timeout = {tv_sec = 124429, | |
| tv_usec = 120989}, ev_pri = 0, ev_callback = 0xba76e00ff20 <rtc_fire1>, ev_arg = 0x0, | |
| ev_res = 1, ev_flags = 129} | |
| (gdb) p *((*base).timeheap.p)[2] | |
| $9 = {ev_next = {tqe_next = 0x0, tqe_prev = 0x0}, ev_active_next = {tqe_next = 0x0, | |
| tqe_prev = 0xba9f9cbd5e0}, ev_signal_next = {tqe_next = 0x0, tqe_prev = 0x0}, | |
| min_heap_idx = 0, ev_base = 0xba9a852b800, ev_fd = -1, ev_events = 0, ev_ncalls = 0, | |
| ev_pncalls = 0xba9bada581a, ev_timeout = {tv_sec = 124428, tv_usec = 468479}, ev_pri = 0, | |
| ev_callback = 0xba76e011bc0 <i8253_fire>, ev_arg = 0xba76e0afe90 <i8253_channel>, | |
| ev_res = 1, ev_flags = 129} | |
| (gdb) p *((*base).timeheap.p)[3] | |
| Cannot access memory at address 0x0 | |
| (gdb) p ((*base).timeheap.p)[2] | |
| $10 = (struct event *) 0xba76e0afeb0 <i8253_channel+32> | |
| (gdb) p ((*base).timeheap.p)[0] | |
| $11 = (struct event *) 0xba76e0afeb0 <i8253_channel+32> | |
| (gdb) p ((*base).timeheap.p)[1] | |
| $12 = (struct event *) 0xba76e0afba0 <rtc+112> | |
| (gdb) l | |
| 874 if (ev->ev_flags & queue) { | |
| 875 /* Double insertion is possible for active events */ | |
| 876 if (queue & EVLIST_ACTIVE) | |
| 877 return; | |
| 878 | |
| 879 event_errx(1, "%s: %p(fd %d) already on queue %x", __func__, | |
| 880 ev, ev->ev_fd, queue); | |
| 881 } | |
| 882 | |
| 883 if (~ev->ev_flags & EVLIST_INTERNAL) | |
| (gdb) p ev | |
| $13 = (struct event *) 0xba76e0afeb0 <i8253_channel+32> | |
| (gdb) p ev == ((*base).timeheap.p)[0] | |
| $14 = 1 | |
| (gdb) p ev == ((*base).timeheap.p)[1] | |
| $15 = 0 | |
| (gdb) p ev == ((*base).timeheap.p)[2] | |
| $16 = 1 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment