Re: [Crash-utility] User-land backtrace?
----- "Gallus" <gall.cwpl(a)gmail.com> wrote:
On 24 February 2010 13:45, Dave Anderson <anderson(a)redhat.com>
wrote:
> Right -- you should see the user-space return-address values starting
> from the point shown in the ESP (386) or RSP (x86_64) value shown
> in the kernel entry-point exception frame. Although the first few
> frames will typically be in a user library instead of the binary.
>
> Dave
Here is the bt:
#0 [f672de20] schedule at c0616008
#1 [f672de98] schedule_timeout at c061675c
#2 [f672debc] do_futex at c0438ea7
#3 [f672df80] sys_futex at c0439942
#4 [f672dfb8] system_call at c0404f10
EAX: 000000f0 EBX: 0a50db84 ECX: 00000000 EDX: 00000b73
DS: 007b ESI: bfd90dd8 ES: 007b EDI: 00000b73
SS: 007b ESP: bfd90dd0 EBP: bfd90e24
CS: 0073 EIP: 00f14402 ERR: 000000f0 EFLAGS: 00200206
I then do "rd -u bfd90dd0 16" and search for the addresses in the
binary, but they're not found. Is ESP's value the one that I should be
reading from?
That's right. That is the stack value that will be restored upon
return to user-space, and the EIP will be restored to 00f14402.
One thing to make sure of is that when you do the "rd -u", you
have set the crash utility to the context of the task whose "bt"
output you're showing. "rd -u" will read the user space of the
current task (i.e., the task shown if you do a "set" command).
Dave