Stack frame format
This topic describes viewing and manipulating stack frame formats.
To learn how to view and manipulate stack frame formats, perform the following steps:
- Load the demokext kernel extension program. For directions, see Loading the kernel extension.
- Display the stack for the current process, by typing
stackand pressing Enter.The stack trace back displays the routines called and traces back through system calls. The displayed data should be similar to the following:
thread+001800 STACK: [013042C0]write_log+00001C (10002040, 2FF3B258, 2FF3B2BC) [013040B0]demokext+000070 (00000001, 2FF3B338) [001E3BF4]config_kmod+0000F0 (??, ??, ??) [001E3FA8]sysconfig+000140 (??, ??, ??) [000039D8].sys_call+000000 () [10000570]main+000280 (??, ??) [10000188]__start+000088 () - To step forward four instructions, type
s 4and press Enter. - Reexamine the stack by typing
stackand pressing Enter.It should now include the strlen call and should look similar to the following:
thread+001800 STACK: [01304500]strlen+000000 () [013042CC]write_log+000028 (10002040, 2FF3B258, 2FF3B2BC) [013040B0]demokext+000070 (00000001, 2FF3B338) [001E3BF4]config_kmod+0000F0 (??, ??, ??) [001E3FA8]sysconfig+000140 (??, ??, ??) [000039D8].sys_call+000000 () [10000570]main+000280 (??, ??) [10000188]__start+000088 () - If you do not see the strlen function call, continue stepping until it is displayed.
- Toggle the KDB kernel debugger option to display the top
64 bytes for each stack frame by typing
set display_stack_framesand pressing Enter. - Display the stack again with the display_stack_frames option turned on by typing
stackand pressing Enter.The output should be similar to the following:
thread+001800 STACK: [01304510]strlen+000000 () ======================================================================= 2FF3B1C0: 2FF3 B210 2FF3 B380 0130 4364 0000 0000 /.../....0Cd.... 2FF3B1D0: 2FF3 B230 0130 4754 0023 AD5C 2222 2082 /..0.0GT.#.\"" . 2FF3B1E0: 0012 0000 2FF3 B400 0000 0480 0000 510C ..../.........Q. 2FF3B1F0: 2FF3 B260 4A22 2860 001D CEC8 0000 153C /..`J"(`.......< ======================================================================= [013042CC]write_log+000028 (10002040, 2FF3B258, 2FF3B2BC) ======================================================================= 2FF3B210: 2FF3 B2E0 0000 0003 0130 40B4 0000 0000 /........0@..... 2FF3B220: 0000 0000 2FF3 B380 1000 2040 2FF3 B258 ..../..... @/..X 2FF3B230: 2FF3 B2BC 0000 0000 001E 5968 0000 0000 /.........Yh.... 2FF3B240: 0000 0000 0027 83E8 0048 5358 007F FFFF .....'...HSX.... ======================================================================= [013040B0]demokext+000070 (00000001, 2FF3B338) ======================================================================= 2FF3B2E0: 2FF3 B370 2233 4484 001E 3BF8 0000 0000 /..p"3D...;..... 2FF3B2F0: 0000 0000 0027 83E8 0000 0001 2FF3 B338 .....'....../..8 2FF3B300: E300 1E30 0000 0020 2FF1 F9F8 2FF1 F9FC ...0... /.../... 2FF3B310: 8000 0000 0000 0001 2FF1 F780 0000 3D20 ......../.....= [001E3BF4]config_kmod+0000F0 (??, ??, ??) ======================================================================= 2FF3B370: 2FF3 B3C0 0027 83E8 001E 3FAC 2FF2 2FF8 /....'....?././. 2FF3B380: 0000 0002 2FF3 B400 F014 8912 0000 0FFE ..../........... 2FF3B390: 2FF3 B388 0000 153C 0000 0001 2000 7758 /......<.... .wX 2FF3B3A0: 0000 0000 0000 09B4 0000 0FFE 0000 0000 ................ ======================================================================= [001E3FA8]sysconfig+000140 (??, ??, ??) ======================================================================= 2FF3B3C0: 2FF2 1AA0 0002 D0B0 0000 39DC 2222 2022 /.........9."" " 2FF3B3D0: 0000 3E7C 0000 0000 2000 9CF8 2000 9D08 ..>|.... ... ... 2FF3B3E0: 2000 A1D8 0000 0000 0000 0000 0000 0000 ............... 2FF3B3F0: 0000 0000 0024 FA90 0000 0000 0000 0000 .....$.......... ======================================================================= [000039D8].sys_call+000000 () ======================================================================= 2FF21AA0: 2FF2 2D30 0000 0000 1000 0574 0000 0000 /.-0.......t.... 2FF21AB0: 0000 0000 2000 0B14 2000 08AC 2FF2 1AE0 .... ... .../... 2FF21AC0: 0000 000E F014 992D 6F69 6365 3A20 0000 .......-oice: .. 2FF21AD0: FFFF FFFF D012 D1C0 0000 0000 0000 0000 ................ ======================================================================= [10000570]main+000280 (??, ??) ======================================================================= 2FF22D30: 0000 0000 0000 0000 1000 018C 0000 0000 ................ 2FF22D40: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 2FF22D50: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 2FF22D60: 0000 0000 0000 0000 0000 0000 0000 0000 ................ ======================================================================= [10000188]__start+000088 ()The displayed data can be interpreted using the diagram displayed in the Subroutine Linkage Conventions section of the Assembler Language Reference book.
- Toggle the display_stack_frames option
off by typing
set display_stack_framesand pressing Enter. - Toggle the KDB kernel debugger option to display the registers
saved in each stack frame by typing
set display_stacked_regsand pressing Enter. - Display the stack again with the display_stacked_regs option activated by typing
stackand pressing Enter.The display should be similar to the following:
thread+001800 STACK: [01304510]strlen+000010 () [013042CC]write_log+000028 (10002040, 2FF3B258, 2FF3B2BC) r30 : 00000000 r31 : 01304648 [013040B0]demokext+000070 (00000001, 2FF3B338) r30 : 00000000 r31 : 00000000 [001E3BF4]config_kmod+0000F0 (??, ??, ??) r30 : 00000005 r31 : 2FF21AF8 [001E3FA8]sysconfig+000140 (??, ??, ??) r30 : 04DAE000 r31 : 00000000 [000039D8].sys_call+000000 () [10000570]main+000280 (??, ??) r25 : DEADBEEF r26 : DEADBEEF r27 : DEADBEEF r28 : DEADBEEF r29 : DEADBEEF r30 : DEADBEEF r31 : DEADBEEF [10000188]__start+000088 () - Toggle the display_stacked_regs option
off by typing
set display_stacked_regsand pressing Enter.