From owner-freebsd-questions  Fri Nov 26 11:25:32 1999
Delivered-To: freebsd-questions@freebsd.org
Received: from fw.wintelcom.net (ns1.wintelcom.net [209.1.153.20])
	by hub.freebsd.org (Postfix) with ESMTP id 57B79153F2
	for <questions@FreeBSD.ORG>; Fri, 26 Nov 1999 11:25:28 -0800 (PST)
	(envelope-from bright@wintelcom.net)
Received: from localhost (bright@localhost)
	by fw.wintelcom.net (8.9.3/8.9.3) with ESMTP id LAA15470;
	Fri, 26 Nov 1999 11:53:01 -0800 (PST)
Date: Fri, 26 Nov 1999 11:53:01 -0800 (PST)
From: Alfred Perlstein <bright@wintelcom.net>
To: Marc Tardif <intmktg@CAM.ORG>
Cc: questions@FreeBSD.ORG
Subject: Re: disassembling syscalls
In-Reply-To: <Pine.LNX.4.10.9911261346300.13332-100000@Gloria.CAM.ORG>
Message-ID: <Pine.BSF.4.21.9911261133060.4557-100000@fw.wintelcom.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Fri, 26 Nov 1999, Marc Tardif wrote:

> How can syscalls be disassembled on BSD?
> 
> So far, I tried using ktrace -tc on compiled code using the syscall I
> wanted, but the output from kdump doesn't look like asm. I also tried
> using gdb directly, compiling the source with the -g and -static flags,
> but I couldn't use the disassemble command on the syscall which appeared
> in the output of 'disassemble main'.
> 
> Any suggestions would be greatly appreciated,

1) don't cross post.

2)

Almost all syscalls are C stubs with traps to the OS in them
try this:


Script started on Fri Nov 26 15:18:41 1999
$ cat t.c
#include <unistd.h>
#include <signal.h>

#define S_SIZE(a)	a, (sizeof(a) - 1)

int main(void) {

	write(STDOUT_FILENO, S_SIZE("waz\n")); 

}

$ gcc -g -static t.c
$ ./a.out
waz
$ gdb a.out
GNU gdb 4.18
Copyright 1998 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-unknown-freebsd"...
(gdb) disassemble write
Dump of assembler code for function write:
0x80481cc <write>:	leal   0x4,%eax
0x80481d2 <write+6>:	int    $0x80
0x80481d4 <write+8>:	jb     0x80481c4 <atexit+92>
0x80481d6 <write+10>:	ret    
0x80481d7 <write+11>:	nop    
End of assembler dump.
(gdb) $ ^D

Script done on Fri Nov 26 15:19:18 1999

The syscalls aren't C macros, but rather C stubs that are generated
for the most part by the build process of libc.

You can find some exeptions to this by looking around src/lib/libc/
and example would be src/lib/libc/sys/mmap.c

hope this helps,
-Alfred



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message