=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/ddb.html,v retrieving revision 1.16 retrieving revision 1.17 diff -u -r1.16 -r1.17 --- www/ddb.html 2016/11/19 13:15:10 1.16 +++ www/ddb.html 2017/02/06 17:24:32 1.17 @@ -123,7 +123,6 @@
A typical kernel crash on OpenBSD might look like this: -(things to watch for are marked with bold font)
-The first command to run from the ddb> prompt is trace -(see ddb(4) for details): +This crash happened at offset 0x263 in the function _pf_route. +kernel: page fault trap, code=0 @@ -131,9 +130,12 @@ ddb>
+The first command to run from the +ddb(4) prompt is trace: +
ddb> trace _pf_route(e28cb7e4,e28bc978,2,1fad,d0b8b120) at _pf_route+0x263 @@ -157,40 +159,37 @@ do the following:-Find the source file where the crashing function is defined in. -In this example, that would be pf_route() in sys/net/pf.c. -Recompile that source file with debug information: - -
- -Then use objdump(1) to get the +Find the source file where the crashing function is defined. +In this example, that would be pf_route() in /sys/net/pf.c. +Use objdump(1) to get the disassembly:-# cd /usr/src/sys/arch/$(uname -m)/compile/GENERIC -# rm obj/pf.o -# DEBUG=-g make pf.o -In the output, grep for the function name:-# objdump --line --disassemble --reloc obj/pf.o >pf.dis +$ cd /sys/arch/$(uname -m)/compile/GENERIC +$ objdump -dlr obj/pf.o >/tmp/pf.dis-Take this first hex number and add the offset from the Stopped at line: -0x7d88 + 0x263 == 0x7feb. +Take this first hex number 7d88 and add the offset 0x263 from +the Stopped at line: --# grep "<_pf_route>:" pf.dis +$ grep "<_pf_route>:" /tmp/pf.dis 00007d88 <_pf_route>:+
+ Scroll down to that line (the assembler instruction should match the one quoted in the Stopped at line), then up to the nearest C line number:+$ printf '%x\n' $((0x7d88 + 0x263)) +7feb +-# more pf.dis -/usr/src/sys/arch/i386/compile/GENERIC/../../../../net/pf.c:3872 +$ more /tmp/pf.dis +/sys/net/pf.c:3872 7fe7: 0f b7 43 02 movzwl 0x2(%ebx),%eax 7feb: 8b 57 40 mov 0x40(%edi),%edx 7fee: 39 d0 cmp %edx,%eax @@ -200,13 +199,12 @@ So, it's precisely line 3872 of pf.c that crashes:-Note that the kernel that produced the crash output and the object file -for objdump must be compiled from the exact same source file, otherwise -the offsets won't match. +The kernel that produced the crash output and the object file for objdump must +be compiled from the exact same source file, otherwise the offsets won't match.-# cat -n pf.c | head -n 3872 | tail -n 1 -3872 if ((u_int16_t)ip->ip_len <= ifp->if_mtu) { +$ nl -ba /sys/net/pf.c | sed -n 3872p + 3872 if ((u_int16_t)ip->ip_len <= ifp->if_mtu) {If you provide both the ddb trace output and the relevant objdump section,