Pick up a global variable eg : In case of filesystem stack the vfs structure available through built in gdb command or in case of
device driver the gendisk structure.
Then try to find this in the stack. When you get it, look at the register where it was showed and try to follow this with assembly code and the
source code.
If you do this exercise you will start understanding assembly code better.
Sometimes the global variable itself can point you to other structures which you can find in your stack. And from that you can get a better
idea about what is happening.
I personally feel analysing dumps is more about practice.
Regards,
Neha
On Fri, Aug 9, 2013 at 1:19 PM, Tayade, Nilesh <Nilesh.Tayade@xxxxxxxxxxxx> wrote:
> -----Original Message-----
> From: kernelnewbies-bounces@xxxxxxxxxxxxxxxxx [mailto:kernelnewbies-
> bounces@xxxxxxxxxxxxxxxxx] On Behalf Of Matthias Brugger
> Sent: Tuesday, August 06, 2013 7:14 PM
> To: nidhi mittal hada
> Cc: kernelnewbies@xxxxxxxxxxxxxxxxx
> Subject: Re: Understanding disassembly x86 + understanding function call +
> parameter pass and stack frame
>
> 2013/8/6 nidhi mittal hada <nidhimittal19@xxxxxxxxx>:[...]
> > Hi All,[...]
> >
> > I am using crash tool to analyze core dump obtained from red hat linux
> > on
> > x86_64 platform.
> >May be you would like to take a look at below link:
> > Putting some of the doubts..
> >
> > a)like which sequence the parameters, return address, etc are pushed
> > on stack?
http://www.cs.virginia.edu/~evans/cs216/guides/x86.html [Section: Calling Convention] has the exact answer to your question.
You also might want to read the tutorials:
> > b)Which registers are used, if some registers play some spl. role ?
http://cocoafactory.com/blog/2012/11/23/x86-64-assembly-language-tutorial-part-1
This tutorial is in four parts. Part-2 has information on all the registers and their roles.
> > some comments in English
> > c)lets say for a program a.c i use gcc -S a.c ...do we have some other
> > command to generate somewhat more clear assembly code, may be with
Take a look at information on objdump command. You can compile the debug binary of the code and use objdump with certain options on that binary- this will dump the assembly code along with inline C code.
[...]
>Hope it helps.
> >
> > Any kind of help in understanding this will be appreciated ..
> >
> > Thanks
> > Nidhi
--
Thanks,
Nilesh
_______________________________________________
Kernelnewbies mailing list
Kernelnewbies@xxxxxxxxxxxxxxxxx
http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
_______________________________________________ Kernelnewbies mailing list Kernelnewbies@xxxxxxxxxxxxxxxxx http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
