Identifying the UNIX release hardware architecture


Identifying the UNIX release & hardware architecture

You've now got a set of system crash files. Maybe they are from your own system; maybe someone else forwarded them to you for analysis. If they are from your own system, you might opt to jump right into adb . However, if they were forwarded to you with little or no information, you may first need to figure out what type of system the files originated from. Doing this is surprisingly easy by using the UNIX strings command.

The strings command is a simple UNIX utility that searches sequentially through any type of file, looking for a sequence of four or more ASCII characters . The matches are displayed to the standard output device. When using strings as a system crash dump analysis tool, it is important to remember that an image of memory both on a live system and in a postmortem file contains pieces of user files, email messages, data packets being shipped between systems, and other, nonkernel- related data. When the strings command is used on an image of memory, some of this data will be seen, along with the strings and messages built into all the loaded device drivers and kernel routines.

So, while strings is very handy for looking at core files, be aware that it is also going to generate a lot of output! The bigger the image of memory, the more output you can expect to see. A simple forced crash on a lightly used SPARCstation 1+ generated over 40,000 lines of strings output! On a heavily used SPARCcenter 2000, over 100,000 lines is not unusual at all. Printed, that's well over three reams of paper!

Tucked away in the heart of the kernel are ASCII strings that describe the release of the operating system. These strings can be found by running strings on the vmcore file and using the UNIX grep command to search for key words. For example:

Figure 6-1 Using the strings command on a vmcore file
 Hiya...  strings vmcore.0  grep SunOS  (#)SunOS 5.3 Generic September 1  @(#)SunOS 5.3 Generic September 1993  >@SunOS  SunOS Release %s Version %s [UNIX(R) System V Release 4.0]  @(#)SunOS 5.3 Generic September 1993  @(#)SunOS 5  @(#)SunOS 5.3 Generic September 1993  *0SunOS  @(#)SunOS 5.3 Generic September 1993  @(#)SunOS 5.3 Generic September 1993  @(#)SunOS 5.3 Generic September 1993  Hiya... 

We now know what operating system was in use. What hardware architecture is the system based on? Grep 'ing about, we find a nice string that tells us which system architecture was in use. In this case, it was a Sun SPARCstation 1+, which is a sun4c/65, a revved-up version of the sun4c/60.

 Hiya...  strings vmcore.1  grep machine  Using default machine type Sun4c/60  setaudit:machine  xdr_bp_machine_name_t  Hiya... 

This is enough information to get us started. We now know that we can use any sun4c system running Solaris 2.3 to do further analysis by using adb , that is, once we are done with the strings utility and other UNIX commands. If grep 'ing for "machine" didn't prove helpful, we could grep for "Sun" instead. By the end of the long output, we would have no doubt which hardware architecture was in use!



PANIC. UNIX System Crash Dump Analysis Handbook
PANIC! UNIX System Crash Dump Analysis Handbook (Bk/CD-ROM)
ISBN: 0131493868
EAN: 2147483647
Year: 1994
Pages: 289
Authors: Chris Drake

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net