Difference between revisions of "UNIX V6 dump analysis"

From Computer History Wiki
Jump to: navigation, search
m (Jnc moved page Unix V6 dump analysis to UNIX V6 dump analysis: Use consistent caps)
(minor clarifications; mention dumping to disk, ext link to code)
 
(3 intermediate revisions by 2 users not shown)
Line 1: Line 1:
There are two kinds of dump analysis on [[UNIX Sixth Edition|UNIX V6]], with some overlap between the two.
+
There are two kinds of dump analysis on the [[UNIX Sixth Edition|UNIX V6]] [[operating system]], with some overlap between the two.
  
 
The first is of the 'core dump' of an individual [[process]] into a [[file]], created either by a [[user]]'s request (typing '^\' in standard V6), or by any of the error conditions (odd [[address]], etc) which cause a process abort and core dump.
 
The first is of the 'core dump' of an individual [[process]] into a [[file]], created either by a [[user]]'s request (typing '^\' in standard V6), or by any of the error conditions (odd [[address]], etc) which cause a process abort and core dump.
  
The second is of a dump of the complete [[main memory]] of a [[PDP-11]] running Unix; the system as distributed only supports doing such dumps to [[magnetic tape]]. This can be done either after the [[operating system|OS]] does a 'panic', which it does when something happens it can't recover from; or after [[halt]]ing the [[Central Processing Unit|CPU]].
+
The second is of a dump of the complete [[main memory]] of a [[PDP-11]] running Unix; the system as distributed only supports doing such dumps to [[magnetic tape]] (although sites whose machine lacked a [[magnetic tape drive]] often modified the code to dump to a [[disk]] partition). This can be done either after the [[kernel]] does a 'panic', which it does when something happens it can't recover from; or after [[halt]]ing the [[Central Processing Unit|CPU]].
  
 
==Memory layouts==
 
==Memory layouts==
  
Unix stores almost all of the writeable data of a process - both the [[swapping|swappable]] data 'belonging' to the [[kernel]] (consisting of per-process data, kept in a 'user' [[structure]], and the per-process kernel [[stack]]), as well as the user's data (both the data area, and the user stack) in a single contiguous block in main memory, and they are all always moved in and out (by swapping, or in a process core dump) as a unit.
+
Unix stores almost all of the writeable data of a process - both the [[swapping|swappable]] data 'belonging' to the kernel (consisting of per-process data, kept in a 'user' [[structure]], and the per-process kernel [[stack]]), as well as the user's data (both the data area, and the user stack) in a single contiguous block in main memory, and they are all always moved in and out (by swapping, or in a process core dump) as a unit.
  
 
The order of the layout within that is:
 
The order of the layout within that is:
Line 16: Line 16:
 
* user stack
 
* user stack
  
Note that although the user data and stack are contiguous in physical memory (and thus in a core dump, of either kind), they are not contiguous in the process [[virtual address]] space; the [[PDP-11 Memory Management]] separates them there.
+
Note that although the user data and stack are contiguous in physical memory (and thus in a core dump, of either kind), they are not contiguous in the process [[virtual address]] [[address space|space]]; the [[PDP-11 Memory Management]] separates them there.
  
For information about the memory layout of the kernel itself, see [[Unix V6 kernel memory layout]].
+
For information about the physical memory layout of the kernel itself, see [[Unix V6 kernel memory layout]].
  
 
==Kernel stack top==
 
==Kernel stack top==
Line 29: Line 29:
 
| 0 || Old [[Processor Status Word|PS]]
 
| 0 || Old [[Processor Status Word|PS]]
 
|-
 
|-
| 2 || Old [[Program Counter|PC]]
+
| -2 || Old [[Program Counter|PC]]
 
|-
 
|-
| 4 || R0
+
| -4 || R0
 
|-
 
|-
| 6 || New PS
+
| -6 || New PS
 
|-
 
|-
| 10 || R1
+
| -010 || R1
 
|-
 
|-
| 12 || User [[Stack Pointer|SP]]
+
| -012 || User [[Stack Pointer|SP]]
 
|-
 
|-
| 14 || Index (trap type, or device number)
+
| -014 || Index (trap type, or device number)
 
|-
 
|-
| 16 || Return PC from call to trap() (value depends on contents of l.s)
+
| -016 || Return PC from call to trap() (value depends on contents of l.s)
 
|-  
 
|-  
| 20 || R5
+
| -020 || R5
 
|-
 
|-
| 22 || R4
+
| -022 || R4
 
|-
 
|-
| 24 || R3
+
| -024 || R3
 
|-
 
|-
| 26 || R2
+
| -026 || R2
 
|}
 
|}
  
The offset is from the top of the karnel stack, and is negative from there. In a process core dump, this starts at 01776 in the core dump file; in a dump of main memory, it is necessary to know the contents of kernel segment 6's [[PDP-11 Memory Management|address register]], and the kernel stack top is 01776 above the location pointed to by that.
+
The offset is from the top of the kernel stack. In a process core dump, this starts at 01776 in the core dump file; in a dump of main memory, it is necessary to know the contents of kernel segment 6's [[PDP-11 Memory Management|address register]], and the kernel stack top is 01776 above the location pointed to by that.
  
 
==Swappable per-process data==
 
==Swappable per-process data==
Line 136: Line 136:
 
|}
 
|}
  
(See the file 'user.h' for the meanings/contents of the various fields.)
+
(See the file 'user.h' for the meanings/contents of the various fields. Also, many V6 instances are modified; these offsets will not be applicable if the user structure has been modified.)
 +
 
 +
==See also==
 +
 
 +
* [[UNIX V6 internals]]
 +
* [[Unix V6 kernel memory layout]]
 +
* [[Upgrading UNIX Sixth Edition‎]]
 +
* [[Installing UNIX Sixth Edition]]
 +
** [[Setting up UNIX Sixth Edition]]
 +
* [[Running UNIX V6 on an -11/23]]
 +
* [[Installing Unix v6 (PDP-11) on SIMH]]
 +
** [[Running Unix v6 in SIMH]]
 +
* [[Installing UNIX Sixth Edition on Ersatz-11]]
 +
 
 +
==External links==
 +
 
 +
* [http://ana-3.lcs.mit.edu/~jnc/tech/unix/sys/m45.s m45.s] - m45.s modified to do core dump to disk
  
 
[[Category: UNIX Practical Guides]]
 
[[Category: UNIX Practical Guides]]

Latest revision as of 11:07, 2 July 2022

There are two kinds of dump analysis on the UNIX V6 operating system, with some overlap between the two.

The first is of the 'core dump' of an individual process into a file, created either by a user's request (typing '^\' in standard V6), or by any of the error conditions (odd address, etc) which cause a process abort and core dump.

The second is of a dump of the complete main memory of a PDP-11 running Unix; the system as distributed only supports doing such dumps to magnetic tape (although sites whose machine lacked a magnetic tape drive often modified the code to dump to a disk partition). This can be done either after the kernel does a 'panic', which it does when something happens it can't recover from; or after halting the CPU.

Memory layouts

Unix stores almost all of the writeable data of a process - both the swappable data 'belonging' to the kernel (consisting of per-process data, kept in a 'user' structure, and the per-process kernel stack), as well as the user's data (both the data area, and the user stack) in a single contiguous block in main memory, and they are all always moved in and out (by swapping, or in a process core dump) as a unit.

The order of the layout within that is:

  • 'user' structure
  • kernel stack
  • user data
  • user stack

Note that although the user data and stack are contiguous in physical memory (and thus in a core dump, of either kind), they are not contiguous in the process virtual address space; the PDP-11 Memory Management separates them there.

For information about the physical memory layout of the kernel itself, see Unix V6 kernel memory layout.

Kernel stack top

For both process core dumps, and for system dumps after a panic, since all traps and interrupts come in through basically the same code, the base of the kernel stack will have the same format:

Offset Contents
0 Old PS
-2 Old PC
-4 R0
-6 New PS
-010 R1
-012 User SP
-014 Index (trap type, or device number)
-016 Return PC from call to trap() (value depends on contents of l.s)
-020 R5
-022 R4
-024 R3
-026 R2

The offset is from the top of the kernel stack. In a process core dump, this starts at 01776 in the core dump file; in a dump of main memory, it is necessary to know the contents of kernel segment 6's address register, and the kernel stack top is 01776 above the location pointed to by that.

Swappable per-process data

The per-process data kept in the 'user' structure are included in both a process core dump (where they are found at the start of the 'core' file), as well as a system dump (where runnable processes loaded into main memory can be located via their entries in the process table); the data in this structure may be of relevance and interest.

The offsets of the various fields in the structure are:

Offset Contents
0000 rsav
0004 fsav
0066 segflg
0067 error
0070 uid
0071 gid
0072 ruid
0073 rgid
0074 procp
0076 base
0100 count
0102 offset
0106 cdir
0110 dbuf
0126 dirp
0130 ino
0132 name
0150 pdir
0152 uisa
0212 uisd
0252 ofile
0310 arg
0322 tsize
0324 dsize
0326 ssize
0330 sep
0332 qsav
0336 ssav
0342 signal
0412 utime
0414 stime
0416 cutime
0422 cstime
0426 ar0
0430 prof
0440 intflg

(See the file 'user.h' for the meanings/contents of the various fields. Also, many V6 instances are modified; these offsets will not be applicable if the user structure has been modified.)

See also

External links

  • m45.s - m45.s modified to do core dump to disk