This is the mail archive of the
libc-help@sourceware.org
mailing list for the glibc project.
Re: Find out the system calls statically?
- From: "River Wang" <jwangzju at gmail dot com>
- To: "Carlos O'Donell" <carlos at systemhalted dot org>
- Cc: libc-help at sourceware dot org
- Date: Tue, 19 Aug 2008 10:01:36 -0400
- Subject: Re: Find out the system calls statically?
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:cc:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:references; bh=26l5HPCCWVIl40kDSMe0o//VSRJ687RbG73LL5QBKBc=; b=r+1TSGuM0dQfxLkglRnzwgruKGPnmEVuQuIY3p8HoCPoBTtlHKzcnv9vmBJMDXO/bA oIypK7z0yErgiPNUrzjnkpufY3a4yg3Xy9/zJNnsML70NRq/gCWXE7BYhwHQwfcnw875 w9u7oKYlnl8PwiwplZKp1bg1MnQisS8nJ5fWo=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :references; b=pKf75y5T5c/POtNG/ol1AnMvVZ8pkqoPT2JF/WWB18ZOmGLwFXbVzaVDRzi0RjZ3KC dBl6Btfrx33XKWvSZEC2s3r3ZmFk1yjJZWUuJPQI+wZUVY6fvgYlaZJ6gyeNbFX5+mO0 tAHWFlLcGa+2RlWvHYG20F04DdSZLfzJdlujA=
- References: <77e29ea90808161023t5ef376afla1597488e58f8cae@mail.gmail.com> <119aab440808190613n11537c2s20a7eeca9cfcadf9@mail.gmail.com>
Got it. Many thanks.
Jiang
On Tue, Aug 19, 2008 at 9:13 AM, Carlos O'Donell
<carlos@systemhalted.org> wrote:
> On Sat, Aug 16, 2008 at 1:23 PM, River Wang <jwangzju@gmail.com> wrote:
>> I want to find all the system calls that will be called by a program.
>> Is there any tools to get it? I think normally a program just calls a
>> function call and the glibc actually calls the system call. How can I
>> find all the system calls in glibc? I know there are some dynamic
>> tools like strace, but I need to use static analysis tools because
>> they are more complete.
>
> As far as I know there are no static trace tools.
>
> You can never know which syscalls will be made statically, since the
> user program may call *any* syscall using the syscall function.
>
> The best you could do is this:
> 1. Build pattern matchers against syscall stubs from sysdeps.h
> 2. Run analyzer to look for syscall instruction patterns *and* syscall
> function call
> 3. Decode instructions to determine the syscall made *or* make a note
> that syscall was called and therefore any syscall could have been
> made.
>
> This is going to be target dependent, and not 100% reliable.
>
>> Another question, how can I debug glibc? I want to trace into some
>> function calls like fopen to see how it use actual system calls. My
>> distro is CentOS5, but I cannot find the package for debug info of
>> glibc.
>
> You need a glibc build with debugging information included. Your
> distribution must provide this.
>
> Cheers,
> Carlos.
>