The Xinu Post-Mortem Debugger

Desmond Liu and Barry Brachman

Created Summer, 1991
Converted to HTML, January 1995

Introduction

The Xinu Post-Mortem Debugger (PMD) is a utility for examining a Xinu core image. PMD is not a true debugger--it cannot set breakpoints, single step through code, or do anything that the more sophisticated debuggers do. Instead, PMD analyzes the state of Xinu after your Xinu program has completed, crashed, or has been interrupted by a break signal. In fact, a better name for PMD would be ``Post-Mortem Analyzer''.

Specifically, PMD allows you to:

In addition, other useful information is provided, such as a stack traceback of processes.

Entering and Exiting PMD

PMD is run from within the getxinu program. You may enter PMD by typing \d at the monitor prompt. You should see the prompt PMD> to show that you are in debug mode. PMD now waits for you to issue a command. Any keyboard input at this point is intercepted by PMD and not sent to the Sun monitor.

PMD should only be used after you have executed your Xinu program at least once. PMD analyzes the Sun's memory based on symbol table information within the executable residing in your current directory. If you have not executed your Xinu program at least once, then PMD's analysis will be meaningless. You must make certain that the core image in memory corresponds to what PMD expects to be in memory (see the set command.) To exit PMD, type q at the monitor prompt and hit RETURN. You will see the Sun monitor prompt. All keyboard input is now sent to the Sun monitor. Sending a break signal (\b) will also leave PMD.

Commands

The commands provided by PMD are as follows:

The Check Command

The check command can have one of two arguments: either current or text. Typing check current at the PMD prompt will display information about the current status of Xinu, based on currpid. Stack information, the value of the registers, and a stack traceback of the process is shown. If your Xinu program exited normally, then the current process running should be the null process.

The check text command downloads the text segment of the Xinu core image from the Sun and compares it with the original text that was uploaded to the Sun. Any differences between the two are printed to the screen. Differences between the text segments indicate a severe error. Possibilities include:

Because the text segment is rather large, it takes a fair bit of time to download. The check text command, along with many of the other commands in PMD, will inform the user when it is downloading memory from the Sun machine. A period (.) will be printed for every kilobyte of Sun memory transferred. In any operation that involves downloading memory, you may type q in the middle of the download procedure to abort it.

The Dump Command

The dump command allows you to dump one of three Xinu tables: the process, semaphore, or tty table. By typing dump process, dump semaphore, or dump tty, information about each table will be printed. PMD will inform you when it downloads any of the tables. To save time, the downloaded information is saved for subsequent use. Thus, if you issue two dump process commands, the process table is downloaded only the first time. An exception to this is with stack traceback; stack information is not saved and is always downloaded.

The process table dump includes a stack traceback of all processes in the process table. The stack traceback will print the symbolic name of the function that was called along with the parameters (in parentheses) that were pushed on the stack upon invocation of the function. PMD prints the pushed stack data as a series of integers up to the next return address. Since PMD has no type information of the stack data, the parameters printed in parentheses will likely not correspond to what you intended to pass as a parameter. In other words, the information printed in parentheses is to be taken lightly. PMD also allows the dumping of arbitrary tables. To do so, you will need a file named config in the current directory. The config file must specify the name of the table, the number of entries in the table, and a list of fields that you wish to print.

It is probably best to give an example to show how the config file must be set up: 

_semaph 50
{
	2 state %C;
	4 count %d;
	4 head  %d;
	4 tail  %d;
}

_proctab 30
{
	2  pstate %C;
	4  pprio %d;
	60 dummy %z;
	4  SSP %x;
	4  SR %x;
	4  PC %x;
	14 dummy %z;
	4  pbase %x;
	4  pstklen %x;
	4  plimit %x;
	16 pname %s;
	96 dummy %z;
}

Any number of tables may be present within the config file. Note that the curly braces and semicolons are necessary, since PMD uses these symbols to parse your config file. The first item must be the name of the table which must have the underscore prefix. This must be the same name that is used in the Xinu source code. The next item is the number of entries in the table. In the previous example, these correspond to the NSEM and NPROC macros in the Xinu source code. Between the parentheses is a list of the fields which are to be printed. Each field contains a number, a name and a format specification. The number indicates the number of bytes that this field occupies. The name is a character string which will be printed before the value of the field is printed. Finally, the format specification is used to tell PMD how to print the field. This string must begin with a percent sign. This string is simply passed to a printf() function, so the format specification works exactly the same as it does for printf() (so you can use %08.3s for floating point, for example.)

There are some important things to note:

You may have to play around with the config file to get the data output correctly. A ``standard'' config file will be made available for you to use. Ordinarily, PMD reads the config file once, and uses that to interpret the downloaded core. You can force PMD to re-read your config file by use of the reload command. Simply type r and PMD will re-read your config file.

To output the table, you simply have to use the dump command. In the previous example, you would dump the semaphore table by typing dump _semaph. PMD distinguishes between a normal table dump and a custom table dump by looking at the underscore character, so you must include it in the dump command.

The Help Command

A short list of PMD commands is available by typing help. In addition, to this short list, PMD also prints the current state of verbosity and the name of the current executable file which PMD expects to be in Sun memory. As stated previously, this information is important to PMD, and you must make sure that the current executable file corresponds to what is actually in Sun memory.

The Print Command

This command allows you to dump Xinu memory given a symbol table name. For example, typing print _currpid will print the value of the global variable currpid. Note that this only works for global symbols. Remember that C prepends an underscore to all global variable names and functions.

Since you may dump the value of any global symbol, there is no reason why you cannot dump the memory contents of a function. Typing print _main will actually print a hex dump of the function main(). Future versions of PMD may implement disassembly the hex dump.

The Set Command

The set command allows you to set the name of the executable. This is needed because PMD has no way of knowing exactly which executable is in Sun memory. If you type getxinu prog1 prog2 prog3 from the shell prompt, PMD has no idea which program you will execute first, though PMD defaults to the first file (prog1 in this case.)

If you decide to execute a different program such as prog3, be sure to use the set command to tell PMD of the new file that is in memory. You can find the name of the current file that PMD expects to be in memory by issuing the help command.

The Verbose Command

The verbosity switch is normally OFF. If you turn verbosity on, PMD will print more information about what it is doing. This feature is of little use, but was necessary during the development of PMD.

Limitations and Bugs

PMD may fault if given garbage files. PMD references symbols in the core image based on values obtained from the executable file specified in the set command without checking their validity. PMD extracts symbol table information from the executable file residing in your current directory, so the executable must be present for PMD to work.

PMD's implementation is extremely hardware specific. PMD issues monitor commands to obtain the core image of Sun memory. The routines are quite sensitive to how the Sun monitor responds to these commands.

PMD is able to download various parts of the Xinu kernel such as the process table. Because PMD downloads a raw Xinu core image, it extracts information from the image in a compiler specific way. Changing the cross compiler will mean editing the source code to adjust to the new compiler.

PMD will not work entirely for some CPSC 415 assignments involving editing of the Xinu kernel. When PMD downloads tables from the Sun, it expects the data within to be exactly as that found in the Sun version of Xinu 7.0. If any changes are made to the semaphore, process, or tty table, then PMD cannot be used to dump that particular table. Doing so will result in unpredictable behaviour.