Hi, Your article is really nice and informative. Thanks for that. I do not understand one thing in your explanation, you said that stack pointer register i.e. r1 gives the address of the previous stack. but the content of r1 is: 0xffffdee0 not 0xffffdeb0. Can you please clear this point to me as starting from 0xffffdee0 does not give us a long stack. How did you calcualate this new value for the stack pointer.

Thanks in advance idirs

  • I think it's because I probably mixed the output of two different runs in my example. The register dump should indicate 0xffffdeb0 in r1. I'll update it. I'll rewrite the tutorial next time I run into a case where I need to reconstruct a backtrace. - RandomTask 09:45, 15 May 2008 (CDT)