Re: Analyzing a 4.0/amd64 panic

To: tech-kern%netbsd.org@localhost, port-amd64%netbsd.org@localhost
Subject: Re: Analyzing a 4.0/amd64 panic
From: Edgar Fuß <ef%math.uni-bonn.de@localhost>
Date: Tue, 25 Nov 2008 12:44:40 +0100

> Except that it got changed after 4.0 was branched :-(
Hm.

> That isn't the correct interpretation of the saved registers.
> In particular eflags cannot be zero - which is a very good hint,
> r14 looks more like a possible eflags value.
Oops. So the entire analysis may be wrong?

> What are labelled as rbp and r15 look like code addresses, rsp might be valid.
"might be"? Looks like I'm going to have lots of fun.

> The stack will look much like an i386 one
The stacks I used to know are 6502 and ARM2.

> Finding where it is called from in the source ...
Ah, I understand, thanks.

References:
- Analyzing a 4.0/amd64 panic
  - From: Edgar Fuß
- Re: Analyzing a 4.0/amd64 panic
  - From: David Laight
- Re: Analyzing a 4.0/amd64 panic
  - From: Edgar Fuß
- Re: Analyzing a 4.0/amd64 panic
  - From: David Laight

Prev by Date: Re: Analyzing a 4.0/amd64 panic
Next by Date: sigaction(2) broken in -current
Previous by Thread: Re: Analyzing a 4.0/amd64 panic
Next by Thread: Re: Analyzing a 4.0/amd64 panic
Indexes:

Home | Main Index | Thread Index | Old Index