Re: ksymoops w. new objdump

Kevin Lentin (kevinl@cs.monash.edu.au)
Fri, 28 Mar 1997 23:53:24 +1100 (EST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: J. Sean Connell: "Re: Now, why didn't we think of this before?"
Previous message: Alexander Maria Damisch: "Re: Linux Kernel 2.0.30 Released"

Michael L. Galbraith Wrote ...
>
> I was wondrering why ksymoops didn't disassemble, and found that
> changing line 170 of ksymoops.cc to..
>
> char const* objdump_command = "objdump -d --prefix-addresses oops_decode.o";

Not even close with my objdump.
I had to add -b a.out-i386-linux because objdump can't tell it from the
sparc version.

You also have to change the following line which says where the filename is
in that string.

Add to that ksymoops is completely out of date for the current objdump.
ksymoops expects EIP tags on each line but objdump doesn't output it. My
objdump output looks something like this and ksymoops has no chance at all
of reading it...

oops_decode.o: file format a.out-i386-linux

Disassembly of section .text:

0000000000000000 <_EIP>:
0: 8b 40 04 movl 0x4(%eax),%eax
3: 85 c0 testl %eax,%eax
5: 74 0d je 14 <_EIP+14>
7: ff 40 10 incl 0x10(%eax)
a: 8b 43 40 movl 0x40(%ebx),%eax
d: 8b 40 04 movl 0x4(%eax),%eax
10: 80 48 14 18 orb $0x18,0x14(%eax)
14:

So here is a modified ksymoops which will read that and produce proper
output (except for the 14: silliness). I don't have an original
ksymoops.cc so no patch. This is the relevant portion of the file from the
first instance of the word 'objdump'. Shouldn't be too hard to work out
where it fits in. The last line has not changed so use that to sync the end
of the code block.

char const* objdump_command = "objdump -b a.out-i386-linux -d oops_decode.o";
char const* objfile_name = &objdump_command[31];
ofstream objfile_stream(objfile_name);

objfile_stream.write(objfile_head, sizeof(objfile_head));
objfile_stream.write(code, code_size);
objfile_stream.write(objfile_tail, sizeof(objfile_tail));
objfile_stream.close();

FILE* objdump_FILE = popen(objdump_command, "r");
if (objdump_FILE == 0) {
clog << "Sorry, without " << objdump_command << ", I can't disassemble the `Code' section." << endl;
return;
}

char buf[1024];
int lines = 0;
int start = 0;
while (fgets(buf, sizeof(buf), objdump_FILE)) {
if (strnequ(&buf[17], "<_EIP", 5)) {
start=1;
continue;
}
if (!start) continue;
if (strstr(buf, " is out of bounds"))
break;
lines++;
cout << "Code: ";
if (!valid()) {
cout << buf;
continue;
}
long offset = strtol(buf, 0, 16);
char* bp_0 = strchr(buf, ':') + 2;
KSym* ksym = find(eip_addr + offset);

-- 
[======================================================================]
[     Kevin Lentin               Email: K.Lentin@cs.monash.edu.au      ]
[   finger kevinl@fangorn.cs.monash.edu.au for PGP public key block.   ]
[  KeyId: 06808EED    FingerPrint: 6024308DE1F84314  811B511DBA6FD596  ]
[======================================================================]

Next message: J. Sean Connell: "Re: Now, why didn't we think of this before?"
Previous message: Alexander Maria Damisch: "Re: Linux Kernel 2.0.30 Released"