Tuesday, March 1, 2011

Using dbx to get the contents of the stack on sun machines

Dealing with a coredump created by a transient error. The core is 19GB+. So reproducing it isnt possible. To get the job done i need to get the local vars, param passed in an return value out. To do that I actually have to go to the raw memory dump of the stack and back track it. Here is how

First load your core
dbx exefile corefile

This will get you basic stack demunging. 
(dbx) where

This outputs 
  [5] __sighndlr(0xb, 0xffffffff6eff8a10, 0xffffffff6eff8730, 0xffffffff7c804c20, 0x0, 0xa), at 0xffffffff752d65b4 
  ---- called from signal handler with signal 11 (SIGSEGV) ------
=>[6] function1(0x0, 0x4, 0x1f, 0xffffffff6eff9518, 0x1029feaf0, 0x2), at 0x100139548 
  [7] function1(0x1029feab0, 0x1f, 0x1003a1, 0x100381000, 0x9000, 0x100000), at 0x1000de2a8
Dbx will guess and print the input params input in the () but keep in mind that the real params maybe passed in the regs so take care.

Jump to the frame you want in my case it was 6, this loads the $sp (stack pointer) and $fp(frame pointer) regs to the correct values. Then dump memory at the $fp
(dbx) frame 6  
(dbx) print -F"%lx" $fp 
  ffffffff6eff8a51
(dbx) examine 0xffffffff6eff8a50  / 100 X

This produces out like the follow. Now you need to know that the Stack bias is 2047 for 64bit sun machines. Your data starts down the mem dump a bit. For me its down at 0xffffffff6eff8b50-ish:
0xffffffff6eff8a50:      0x00000000 0x00000000 0x00000000 0x00000000
0xffffffff6eff8a60:      0x00000000 0x00000000 0x00000000 0x00000000
0xffffffff6eff8a70:      0x00000000 0x00000000 0x00000000 0x00000000
0xffffffff6eff8a80:      0x00000000 0x00000000 0x00000000 0x00000000
0xffffffff6eff8a90:      0x00000000 0x00000000 0x00000000 0x00000000
0xffffffff6eff8aa0:      0x00000000 0x00000000 0x00000000 0x00000000
0xffffffff6eff8ab0:      0x00000000 0x00000000 0x00000000 0x00000000
0xffffffff6eff8ac0:      0x00000000 0x00000000 0x00000000 0x00000000
0xffffffff6eff8ad0:      0x00000000 0x00000000 0x00000000 0x00000000
0xffffffff6eff8ae0:      0x00000000 0x00000000 0x00000000 0x00000000
0xffffffff6eff8af0:      0x00000000 0x00000000 0x00000000 0x00000000
0xffffffff6eff8b00:      0x00000000 0x00000000 0x00000000 0x00000000
0xffffffff6eff8b10:      0x00000001 0x00263000 0x00000000 0x00000000
0xffffffff6eff8b20:      0x00000000 0x00100263 0x00000000 0x00100000
0xffffffff6eff8b30:      0x00000000 0x0003ea86 0x00000000 0x00000000
0xffffffff6eff8b40:      0x00000000 0x00000000 0x00000000 0x0000001f
0xffffffff6eff8b50:      0x00000000 0x00000000 0x00000000 0x00000004
0xffffffff6eff8b60:      0x00000000 0x0000001f 0xffffffff 0x6eff9518
0xffffffff6eff8b70:      0x00000001 0x029feaf0 0x00000000 0x00000002
0xffffffff6eff8b80:      0xffffffff 0x6eff8a51 0x00000001 0x000de2a8
0xffffffff6eff8b90:      0x00000000 0x00000000 0x00000000 0x00000000
0xffffffff6eff8ba0:      0x00000000 0x07db0301 0x00000000 0x00000000
0xffffffff6eff8bb0:      0x00000000 0x00000000 0x00000000 0x00000000
0xffffffff6eff8bc0:      0x00000000 0x00000000 0x00000000 0x00000000
0xffffffff6eff8bd0:      0x00000000 0x00000000 0x00000000 0x00000000

Then read out the raw mem data and map it to you mem layout the local vars. What a headache right...

For the general stack layout: http://en.wikipedia.org/wiki/Call_stack

For "Stack Bias" Refer to: http://www.shrubbery.net/solaris9ab/SUNWdev/SOL64TRANS/p13.html
Posted by Ashley Smart at 5:56 PM
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)