This is the mail archive of the binutils@sourceware.org mailing list for the binutils project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: develop a 'customized ld'





From: Ravi Ramaseshan <ramaseshan.ravi@gmail.com>
Reply-To: ramaseshan.ravi@gmail.com
To: sean yang <seanatpurdue@hotmail.com>
Subject: Re: develop a 'customized ld'
Date: Sun, 11 Sep 2005 01:52:23 -0400

Hi,

On 9/11/05, sean yang <seanatpurdue@hotmail.com> wrote:
> I would like to collect the information of call to some libc functions. I am
> not going to use it in the program itself but I am going to use it in a
> system tool to watch the program's special calls.


So why do you want to do it in the linker ? Why not work on the
disassembly instead ?
~~~~~~~~~~~~~~~Thanks for this comment. Yes, a "perfect" disassembler will give me what I want. But I think disassemblers such as objdump are not 100% reliable.
For example, objdump gives wrong interpretation of a piece of code in libc under redhat.
Location: Mem Contents Disassembly Results


0x809ef45: eb 3c                          jmp 0x809ef83
0x809ef47: 00 00                         add %al, (%eax)
0x809ef49: 00                              add %al,
0x809ef4a: 83 ee 04 83 ee            0xee8304ee(%ebx)
0x809ef4f: 04 83                          add $0x83, %al
...
0x809efaa: 73 9e                          jae 0x809ef4a

starting at 0x809ef47, three NUL bytes of data (0x00) were inserted to push the loop header at address forward, presumably for alignment purposes. The NUL bytes and subsequent instructions are misinterpreted by the utility objdump. The error is observable: the add at address 0x809ef49 references an absolute memory location that does not even appear in the scope of executable! The instruction sequence is clearly invalid.

My goal is to fully automatically identify these call sites (as opposed to reverse-engineering other's code, in which case human intelligence will help to resolve the imprecise results of disassembler).
I understand the analogy of using assembler/linker and using disassembler is like observing a tree with our eyes and observing a picture of a tree: we have exact and enough information when using assembler/linker --a 3-D tree in the analogy case; we have an image which loses a lot useful information when using disassembler.



--
Ravi Ramaseshan

" Reality is only something we believe in strongly. "

_________________________________________________________________
On the road to retirement? Check out MSN Life Events for advice on how to get there! http://lifeevents.msn.com/category.aspx?cid=Retirement



Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]