Thread (16 messages) 16 messages, 9 authors, 2013-08-14

Understanding disassembly x86 + understanding function call + parameter pass and stack frame

From: neha naik <hidden>
Date: 2013-08-09 21:40:43 

Hi,
  Pick up a global variable eg : In case of filesystem stack the vfs
structure available through built in gdb command or in case of
 device driver the gendisk structure.
  Then try to find this in the stack. When you get it,  look at the
register where it was showed and try to follow this with assembly code and
the
  source code.
  If you do this exercise you will start understanding assembly code better.
  Sometimes the global variable itself can point you to other structures
which you can find in your stack. And from that you can get a better
  idea about what is happening.

  I personally feel analysing dumps is more about practice.
Regards,
Neha

On Fri, Aug 9, 2013 at 1:19 PM, Tayade, Nilesh
[off-list ref]wrote:
quoted
-----Original Message-----
From: kernelnewbies-bounces at kernelnewbies.org [mailto:kernelnewbies-
bounces at kernelnewbies.org] On Behalf Of Matthias Brugger
Sent: Tuesday, August 06, 2013 7:14 PM
To: nidhi mittal hada
Cc: kernelnewbies at kernelnewbies.org
Subject: Re: Understanding disassembly x86 + understanding function call
+
quoted
parameter pass and stack frame

2013/8/6 nidhi mittal hada [off-list ref]:
[...]
quoted
quoted
Hi All,

I am using crash tool to analyze core dump obtained from red hat linux
on
x86_64 platform.
[...]
quoted
quoted
Putting some of the doubts..

a)like which sequence the parameters, return address, etc are pushed
on stack?
May be you would like to take a look at below link:
http://www.cs.virginia.edu/~evans/cs216/guides/x86.html [Section: Calling
Convention] has the exact answer to your question.
quoted
quoted
b)Which registers are used, if some registers play some spl. role ?
You also might want to read the tutorials:

http://cocoafactory.com/blog/2012/11/23/x86-64-assembly-language-tutorial-part-1
This tutorial is in four parts. Part-2 has information on all the
registers and their roles.
quoted
quoted
c)lets say for a program a.c i use gcc -S a.c ...do we have some other
command to generate somewhat more clear assembly code, may be with
some comments in English
Take a look at information on objdump command. You can compile the debug
binary of the code and use objdump with certain options on that binary-
this will dump the assembly code along with inline C code.

[...]
quoted
quoted
Any kind of help in understanding this will be appreciated ..

Thanks
Nidhi
Hope it helps.

--
Thanks,
Nilesh



_______________________________________________
Kernelnewbies mailing list
Kernelnewbies at kernelnewbies.org
http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.kernelnewbies.org/pipermail/kernelnewbies/attachments/20130809/2170028e/attachment.html 
  



    
  

  
    

      

        Keyboard shortcuts
      

      

        
          
hback out one level

          
jnext message in thread

          
kprevious message in thread

          
ldrill in

          
Escclose help / fold thread tree

          
?toggle this help