Difference between revisions of "UNIX V6 dump analysis"

From Computer History Wiki
Jump to: navigation, search
(A start, more to come)
 
(Add swappable per-process data layout)
Line 36: Line 36:
  
 
The offset is from the top of the karnel stack, and is negative. In a process core dump, this starts at 01776 in the core dump file; in a dump of main memory, it is necessary to know the contents of kernel segment 6's [[PDP-11 Memory Management|address register]], and the kernel stack top is 01776 above that.
 
The offset is from the top of the karnel stack, and is negative. In a process core dump, this starts at 01776 in the core dump file; in a dump of main memory, it is necessary to know the contents of kernel segment 6's [[PDP-11 Memory Management|address register]], and the kernel stack top is 01776 above that.
 +
 +
==Swappable per-process data==
 +
 +
The [[swapping|swappable]] per-process data is kept in a 'user' [[structure]], along with the per-process kernel stack. In a process core dump (where it is found at the start of the 'core' file), as well as a system dump (where runnable processes can be located via their entries in the process table), the data in this structure may be of relevance and interest.
 +
 +
The offsets of the various fields in the structure are:
 +
 +
{| class="wikitable"
 +
! Offset !! Contents
 +
|-
 +
| 0000 || rsav
 +
|-
 +
| 0004 || fsav
 +
|-
 +
| 0066 || segflg
 +
|-
 +
| 0067 || error
 +
|-
 +
| 0070 || uid
 +
|-
 +
| 0071 || gid
 +
|-
 +
| 0072 || ruid
 +
|-
 +
| 0073 || rgid
 +
|-
 +
| 0074 || procp
 +
|-
 +
| 0076 || base
 +
|-
 +
| 0100 || count
 +
|-
 +
| 0102 || offset
 +
|-
 +
| 0106 || cdir
 +
|-
 +
| 0110 || dbuf
 +
|-
 +
| 0126 || dirp
 +
|-
 +
| 0130 || ino
 +
|-
 +
| 0132 || name
 +
|-
 +
| 0150 || pdir
 +
|-
 +
| 0152 || uisa
 +
|-
 +
| 0212 || uisd
 +
|-
 +
| 0252 || ofile
 +
|-
 +
| 0310 || arg
 +
|-
 +
| 0322 || tsize
 +
|-
 +
| 0324 || dsize
 +
|-
 +
| 0326 || ssize
 +
|-
 +
| 0330 || sep
 +
|-
 +
| 0332 || qsav
 +
|-
 +
| 0336 || ssav
 +
|-
 +
| 0342 || signal
 +
|-
 +
| 0412 || utime
 +
|-
 +
| 0414 || stime
 +
|-
 +
| 0416 || cutime
 +
|-
 +
| 0422 || cstime
 +
|-
 +
| 0426 || ar0
 +
|-
 +
| 0430 || prof
 +
|-
 +
| 0440 || intflg
 +
|}
 +
 +
(See the file 'user.h' for the meanings/contents of the various fields.)
  
 
[[Category: UNIX Practical Guides]]
 
[[Category: UNIX Practical Guides]]

Revision as of 14:17, 30 January 2019

There are two kinds of dump analysis on UNIX V6, with some overlap between the two.

The first is of the core dump of an individual process into a file, created either by a user's request (typing '^\' in standard V6), or by any of the error conditions (odd address, etc) which cause a process abort.

The second is of a dump of the complete main memory of a PDP-11 running Unix; the system as distributed only supports doing such dumps to magnetic tape. This can be done either after the OS does a 'panic', which it does when something happens it can't recover from; or after halting the CPU.

Kernel stack top

For both process core dumps, and for system dumps after a panic, since all traps and interrupts come in through basically the same code, the base of the kernel stack will have the same format:

Offset Contents
0 Old PS
2 Old PC
4 R0
6 New PS
10 R1
12 User SP
14 Index (trap type, device number)
16 R5
20 R4
22 R3
24 R2

The offset is from the top of the karnel stack, and is negative. In a process core dump, this starts at 01776 in the core dump file; in a dump of main memory, it is necessary to know the contents of kernel segment 6's address register, and the kernel stack top is 01776 above that.

Swappable per-process data

The swappable per-process data is kept in a 'user' structure, along with the per-process kernel stack. In a process core dump (where it is found at the start of the 'core' file), as well as a system dump (where runnable processes can be located via their entries in the process table), the data in this structure may be of relevance and interest.

The offsets of the various fields in the structure are:

Offset Contents
0000 rsav
0004 fsav
0066 segflg
0067 error
0070 uid
0071 gid
0072 ruid
0073 rgid
0074 procp
0076 base
0100 count
0102 offset
0106 cdir
0110 dbuf
0126 dirp
0130 ino
0132 name
0150 pdir
0152 uisa
0212 uisd
0252 ofile
0310 arg
0322 tsize
0324 dsize
0326 ssize
0330 sep
0332 qsav
0336 ssav
0342 signal
0412 utime
0414 stime
0416 cutime
0422 cstime
0426 ar0
0430 prof
0440 intflg

(See the file 'user.h' for the meanings/contents of the various fields.)