>>> On 19.11.15 at 00:17, <andrew.coop...@citrix.com> wrote: > The disassembly of do_IRQ now looks like a plausible function, but the > consistently faulting address has no plausible way of generating a > double fault. I suspect therefore that something has caused memory > corruption in Xen .text section.
Dump of assembler code for function do_IRQ: 0xffff82d080176577 <+0>: push %rbp 0xffff82d080176578 <+1>: mov %rsp,%rbp 0xffff82d08017657b <+4>: push %r15 0xffff82d08017657d <+6>: push %r14 0xffff82d08017657f <+8>: push %r13 0xffff82d080176581 <+10>: push %r12 0xffff82d080176583 <+12>: push %rbx 0xffff82d080176584 <+13>: lea -0x1058(%rsp),%rsp 0xffff82d08017658c <+21>: orq $0x0,(%rsp) 0xffff82d080176591 <+26>: lea 0x1020(%rsp),%rsp The orq surely has potential for causing a double fault, if %rsp is near the stack limit. The two LEAs look suspect, presumably a result of some non-standard option passed to gcc. Removing that option might already be a step forward. Jan _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel
