First load your core
dbx exefile corefile
This will get you basic stack demunging.
(dbx) where
This outputs
[5] __sighndlr(0xb, 0xffffffff6eff8a10, 0xffffffff6eff8730, 0xffffffff7c804c20, 0x0, 0xa), at 0xffffffff752d65b4 ---- called from signal handler with signal 11 (SIGSEGV) ------ =>[6] function1(0x0, 0x4, 0x1f, 0xffffffff6eff9518, 0x1029feaf0, 0x2), at 0x100139548 [7] function1(0x1029feab0, 0x1f, 0x1003a1, 0x100381000, 0x9000, 0x100000), at 0x1000de2a8Dbx will guess and print the input params input in the () but keep in mind that the real params maybe passed in the regs so take care.
Jump to the frame you want in my case it was 6, this loads the $sp (stack pointer) and $fp(frame pointer) regs to the correct values. Then dump memory at the $fp
(dbx) frame 6 (dbx) print -F"%lx" $fp ffffffff6eff8a51 (dbx) examine 0xffffffff6eff8a50 / 100 X
This produces out like the follow. Now you need to know that the Stack bias is 2047 for 64bit sun machines. Your data starts down the mem dump a bit. For me its down at 0xffffffff6eff8b50-ish:
0xffffffff6eff8a50: 0x00000000 0x00000000 0x00000000 0x00000000 0xffffffff6eff8a60: 0x00000000 0x00000000 0x00000000 0x00000000 0xffffffff6eff8a70: 0x00000000 0x00000000 0x00000000 0x00000000 0xffffffff6eff8a80: 0x00000000 0x00000000 0x00000000 0x00000000 0xffffffff6eff8a90: 0x00000000 0x00000000 0x00000000 0x00000000 0xffffffff6eff8aa0: 0x00000000 0x00000000 0x00000000 0x00000000 0xffffffff6eff8ab0: 0x00000000 0x00000000 0x00000000 0x00000000 0xffffffff6eff8ac0: 0x00000000 0x00000000 0x00000000 0x00000000 0xffffffff6eff8ad0: 0x00000000 0x00000000 0x00000000 0x00000000 0xffffffff6eff8ae0: 0x00000000 0x00000000 0x00000000 0x00000000 0xffffffff6eff8af0: 0x00000000 0x00000000 0x00000000 0x00000000 0xffffffff6eff8b00: 0x00000000 0x00000000 0x00000000 0x00000000 0xffffffff6eff8b10: 0x00000001 0x00263000 0x00000000 0x00000000 0xffffffff6eff8b20: 0x00000000 0x00100263 0x00000000 0x00100000 0xffffffff6eff8b30: 0x00000000 0x0003ea86 0x00000000 0x00000000 0xffffffff6eff8b40: 0x00000000 0x00000000 0x00000000 0x0000001f 0xffffffff6eff8b50: 0x00000000 0x00000000 0x00000000 0x00000004 0xffffffff6eff8b60: 0x00000000 0x0000001f 0xffffffff 0x6eff9518 0xffffffff6eff8b70: 0x00000001 0x029feaf0 0x00000000 0x00000002 0xffffffff6eff8b80: 0xffffffff 0x6eff8a51 0x00000001 0x000de2a8 0xffffffff6eff8b90: 0x00000000 0x00000000 0x00000000 0x00000000 0xffffffff6eff8ba0: 0x00000000 0x07db0301 0x00000000 0x00000000 0xffffffff6eff8bb0: 0x00000000 0x00000000 0x00000000 0x00000000 0xffffffff6eff8bc0: 0x00000000 0x00000000 0x00000000 0x00000000 0xffffffff6eff8bd0: 0x00000000 0x00000000 0x00000000 0x00000000
Then read out the raw mem data and map it to you mem layout the local vars. What a headache right...
For the general stack layout: http://en.wikipedia.org/wiki/Call_stack
For "Stack Bias" Refer to: http://www.shrubbery.net/solaris9ab/SUNWdev/SOL64TRANS/p13.html
No comments:
Post a Comment