Durga Prasad wrote:
Hi,
I am going through the crash dump of a kernel module, and from the
disassembly, i find that the function parameters are passed in registers.
Is there a way I could 'discover' what those values were?
Sure, but not automatically. You're going to have to track where the register
argument came from in the stack frames above the one you're looking at.
Somewhere along the line the argument was either stored in a stack frame
of a previous function, or perhaps read from memory. If you "dis -r" each
function's return address that you see in the backtrace, you'll see how it
generated the arguments to the next function, and perhaps where it got the
data that it put in the argument register. "bt -f" will dump the stack frame
data of each call frame. (and FWIW, on an ia64 architecture, "bt -f" does
display function arguments because of its rotating register design and
because the "unwind" info for kernel functions are stored in kernel memory).
Dave