Hi,<br> Pick up a global variable eg : In case of filesystem stack the vfs structure available through built in gdb command or in case of<br> device driver the gendisk structure.<br> Then try to find this in the stack. When you get it, look at the register where it was showed and try to follow this with assembly code and the <br>
source code. <br> If you do this exercise you will start understanding assembly code better.<br> Sometimes the global variable itself can point you to other structures which you can find in your stack. And from that you can get a better<br>
idea about what is happening.<br><br> I personally feel analysing dumps is more about practice.<br>Regards,<br>Neha<br><br><div class="gmail_quote">On Fri, Aug 9, 2013 at 1:19 PM, Tayade, Nilesh <span dir="ltr"><<a href="mailto:Nilesh.Tayade@netscout.com" target="_blank">Nilesh.Tayade@netscout.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="im">> -----Original Message-----<br>
> From: <a href="mailto:kernelnewbies-bounces@kernelnewbies.org">kernelnewbies-bounces@kernelnewbies.org</a> [mailto:<a href="mailto:kernelnewbies-">kernelnewbies-</a><br>
> <a href="mailto:bounces@kernelnewbies.org">bounces@kernelnewbies.org</a>] On Behalf Of Matthias Brugger<br>
> Sent: Tuesday, August 06, 2013 7:14 PM<br>
> To: nidhi mittal hada<br>
> Cc: <a href="mailto:kernelnewbies@kernelnewbies.org">kernelnewbies@kernelnewbies.org</a><br>
> Subject: Re: Understanding disassembly x86 + understanding function call +<br>
> parameter pass and stack frame<br>
><br>
</div><div class="im">> 2013/8/6 nidhi mittal hada <<a href="mailto:nidhimittal19@gmail.com">nidhimittal19@gmail.com</a>>:<br>
</div>[...]<br>
<div class="im">> > Hi All,<br>
> ><br>
> > I am using crash tool to analyze core dump obtained from red hat linux<br>
> > on<br>
> > x86_64 platform.<br>
</div>[...]<br>
<div class="im">> ><br>
> > Putting some of the doubts..<br>
> ><br>
> > a)like which sequence the parameters, return address, etc are pushed<br>
> > on stack?<br>
</div>May be you would like to take a look at below link:<br>
<a href="http://www.cs.virginia.edu/~evans/cs216/guides/x86.html" target="_blank">http://www.cs.virginia.edu/~evans/cs216/guides/x86.html</a> [Section: Calling Convention] has the exact answer to your question.<br>
<div class="im"><br>
> > b)Which registers are used, if some registers play some spl. role ?<br>
</div>You also might want to read the tutorials:<br>
<a href="http://cocoafactory.com/blog/2012/11/23/x86-64-assembly-language-tutorial-part-1" target="_blank">http://cocoafactory.com/blog/2012/11/23/x86-64-assembly-language-tutorial-part-1</a><br>
This tutorial is in four parts. Part-2 has information on all the registers and their roles.<br>
<div class="im"><br>
> > c)lets say for a program a.c i use gcc -S a.c ...do we have some other<br>
> > command to generate somewhat more clear assembly code, may be with<br>
</div>> > some comments in English<br>
Take a look at information on objdump command. You can compile the debug binary of the code and use objdump with certain options on that binary- this will dump the assembly code along with inline C code.<br>
<br>
[...]<br>
<div class="im">><br>
> ><br>
> > Any kind of help in understanding this will be appreciated ..<br>
> ><br>
> > Thanks<br>
> > Nidhi<br>
<br>
</div>Hope it helps.<br>
<br>
--<br>
Thanks,<br>
Nilesh<br>
<div class="HOEnZb"><div class="h5"><br>
<br>
<br>
_______________________________________________<br>
Kernelnewbies mailing list<br>
<a href="mailto:Kernelnewbies@kernelnewbies.org">Kernelnewbies@kernelnewbies.org</a><br>
<a href="http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies" target="_blank">http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies</a><br>
</div></div></blockquote></div><br>