This is the mail archive of the
binutils@sourceware.org
mailing list for the binutils project.
Re: develop a 'customized ld'
- From: "sean yang" <seanatpurdue at hotmail dot com>
- To: ramaseshan dot ravi at gmail dot com
- Cc: binutils at sourceware dot org
- Date: Fri, 30 Sep 2005 16:49:59 +0000
- Subject: Re: develop a 'customized ld'
- Bcc:
From: Ravi Ramaseshan <ramaseshan.ravi@gmail.com>
Reply-To: ramaseshan.ravi@gmail.com
To: sean yang <seanatpurdue@hotmail.com>
Subject: Re: develop a 'customized ld'
Date: Sun, 11 Sep 2005 01:52:23 -0400
Hi,
On 9/11/05, sean yang <seanatpurdue@hotmail.com> wrote:
> I would like to collect the information of call to some libc functions.
I am
> not going to use it in the program itself but I am going to use it in a
> system tool to watch the program's special calls.
So why do you want to do it in the linker ? Why not work on the
disassembly instead ?
~~~~~~~~~~~~~~~Thanks for this comment. Yes, a "perfect" disassembler will
give me what I want. But I think disassemblers such as objdump are not 100%
reliable.
For example, objdump gives wrong interpretation of a piece of code in libc
under redhat.
Location: Mem Contents Disassembly Results
0x809ef45: eb 3c jmp 0x809ef83
0x809ef47: 00 00 add %al, (%eax)
0x809ef49: 00 add %al,
0x809ef4a: 83 ee 04 83 ee 0xee8304ee(%ebx)
0x809ef4f: 04 83 add $0x83, %al
...
0x809efaa: 73 9e jae 0x809ef4a
starting at 0x809ef47, three NUL bytes of data (0x00) were inserted to push
the loop header at address forward, presumably for alignment purposes. The
NUL bytes and subsequent instructions are misinterpreted by the utility
objdump. The error is observable: the add at address 0x809ef49 references an
absolute memory location that does not even appear in the scope of
executable! The instruction sequence is clearly invalid.
My goal is to fully automatically identify these call sites (as opposed to
reverse-engineering other's code, in which case human intelligence will help
to resolve the imprecise results of disassembler).
I understand the analogy of using assembler/linker and using disassembler is
like observing a tree with our eyes and observing a picture of a tree: we
have exact and enough information when using assembler/linker --a 3-D tree
in the analogy case; we have an image which loses a lot useful information
when using disassembler.
--
Ravi Ramaseshan
" Reality is only something we believe in strongly. "
_________________________________________________________________
On the road to retirement? Check out MSN Life Events for advice on how to
get there! http://lifeevents.msn.com/category.aspx?cid=Retirement