#!/usr/bin/env python

# addr2sym.py - resolve addresses to symbols, using a map file

# Reads a log file, and map file, and substitutes function

# names and offsets for numeric values in the log.

# The re-written log file is sent to standard out.

#

# A normal usage looks like:

# cat boot.log | addr2sym -m linux-2.6.7/System.map >boot.lst

#

import sys

import fileinput

import string

import re

def startswith(str, pattern):

	if string.find(str, pattern)==0:

		return 1

	else:

		return 0

def print_error(str):

	sys.stderr.write(str+"\n");

	sys.stderr.flush()

# returns function map (key=addr, value=funcname) and

# a list of function tuples (addr, funcname)

def read_map(filename):

	funcmap = {}

	funclist = []

	try:

		f = open(filename)

	except:

		print_error("Error: Cannot read map file: %s" % filename)

		usage()

	for line in f.readlines():

		#print("debug " + line)

		(addr_str, symtype, funcname) = string.split(line, None, 2)

		#print(addr_str + "," + symtype + "," + funcname)

		#yzg remove "\n\t"

		funcname=funcname.strip()

		funcmap[addr_str] = funcname.strip()

		addr = eval("0x" + addr_str + "L")

		funclist.append((addr, funcname))


          #sort the list, since moudule address not in seq.
                funclist.sort(key=lambda x:x[0])

	return (funcmap, funclist)

callsite_cache = {}

# return string with function and offset for a given address

def lookup_sym(funcmap, funclist, addr_str):

	global callsite_cache

	try:

		return funcmap[addr_str]

	except:

		pass

	# no exact match found, now do binary search for closest function

	# convert address from string to number

	addr = eval(addr_str)

	# if address is outside range of addresses in the

	# map file, just return the address without converting it

	if addr < funclist[0][0] or addr > funclist[-1][0]:

		return addr_str

	if callsite_cache.has_key(addr):

		return callsite_cache[addr]

	# do a binary search in funclist for the function

	# use a collapsing range to find the closest addr

	lower = 0

	upper = len(funclist)-1

	while (lower != upper-1):

		guess_index = lower + (upper-lower)/2

		guess_addr = funclist[guess_index][0]

		if addr < guess_addr:

			upper = guess_index

		if addr >= guess_addr:

			lower = guess_index

	offset = addr-funclist[lower][0]

	name = funclist[lower][1]

	if startswith(name, "."):

		name = name[1:]

	func_str = "%s+0x%x" % (name, offset)

	callsite_cache[addr] = func_str

	return func_str

def usage():

	print "Usage: addr2sym <infile -m mapfile >outfile"

	print "\nexample:"

	print "addr2sym <boot.log -m linux-2.6.7/System.map >boot.lst"

	sys.exit(1)

def main():

	# user must have "-m mapfile" at a minimum

	# TODO: You can also try to read /proc/kallsym (perhaps with in-situ option)

	if len(sys.argv)<3:

		print_error("Error: no map file specified")

		usage()

	mapfilename = ""

	i = 0

	while i < len(sys.argv):

		if sys.argv[i]=="-m":

			try:

				mapfilename = sys.argv[i+1]

				# remove the args from the argument list

				sys.argv[i:i+2]=[]

			except:

				pass

		i = i+1

	if not mapfilename:

		print_error("Error: missing map file name")

		usage()

	# read function names and addresses from map file

	(funcmap, funclist) = read_map(mapfilename)

	for line in fileinput.input():

		# strip trailing \n, if present

		if line[-1]=='\n':

			line = line[:-1]

		# convert all hex numbers to symbols plus offsets

		# try to preserve column spacing in the output

		tmp = line

		new_line = ""

		#m = re.match(r".*?call_site=([0-9abcdef]+)(\s*)", tmp)

		m = 1

		if m:

			# addr is match for re group 1, look it up

			#addr_str = "0x" + tmp[m.start(1): m.end(1)]

			addr_str = "0x" + tmp

			#print 'lookup ' + addr_str

			func = lookup_sym(funcmap, funclist, addr_str)

			if func[0] != '0':

				print func

			# replace call_site address with call_site symbol name

			#new_line = new_line + tmp[:m.start(1)] + func + tmp[m.end(1):]

			#end = m.end(1)

			# pad line to keep columns the same

			# whitespace might match or not.  If it does, it's

			# group 2 from the regex above.

			#if len(m.groups())>1: # if we also matched whitespace

			#	end = m.end(2)

			#	pad_count = (m.end(2)-m.start(1))-len(func)

			#	if pad_count < 1: pad_count=1

			#	new_line = new_line + " "*pad_count

		#if new_line:

		#	line = new_line

		#print line

if __name__=="__main__":

	main()

将要解析的地址保存到文件:

grep --binary-files=text "NMI Watchdog" -A 30 vmcore_1.7-20151012_ra2xx_2015-10-13_09_28.10

#cat addr3.txt
8000000041246000
ffffffffc0fb4a0c
8000000041246000

#translate the addr to function name:
#./addr2sym.py  < addr3.txt -m vmcore_kallsyms_1.7-20151012_ra2xx_2015-10-13_09_26.29

0x8000000041246000
_ieee80211_free_node    [umac]+0x25c
0x8000000041246000
0x80000000360c5480
0x80000000392e0000
0x800000003934f590
0x8000000038330680
0x0000000000000000
_raw_spin_lock_irqsave+0x0
_raw_spin_unlock_irqrestore+0x0
0x8000000038660000
ieee80211_complete_wbuf    [umac]+0xec
0x0000000000000000
0x0000000000000000
0x0000000000000043
0x000000000000001f
0x0000000000000009
ath_hal_reg_read    [ath_hal]+0x0

kallsyms , addr to symbol的更多相关文章

  1. linux内核钩子--khook

    简介 本文介绍github上的一个项目khook,一个可以在内核中增加钩子函数的框架,支持x86.项目地址在这里:https://github.com/milabs/khook 本文先简单介绍钩子函数 ...

  2. ELF静态链接

    一直对ELF目标文件是怎样链接成可执行文件感到比较的疑惑,ELF文件里面的重定位段是怎样解决符号引用问题的?前几天偶然看了<深入理解计算机系统>里面讲了这个问题,看了之后对里面的实现机制终 ...

  3. CSAPP读书随笔之一:为什么汇编器会将call指令中的引用的初始值设置为-4

    CSAPP,即<深入理解计算机系统:程序员视角>第三版,是一本好书,但读起来确需要具备相当的基本功.而且,有的表述(中译文)还不太直白. 比如,第463页提到,(对于32位系统)为什么汇编 ...

  4. crash部分命令用法

    Set set [pid | taskp | [-c cpu] | -p] | [crash_variable [setting]] | -v 1.设置要显示的内容,内容一般以进程为单位. Set p ...

  5. 六星经典CSAPP-笔记(7)加载与链接(上)

    六星经典CSAPP-笔记(7)加载与链接 1.对象文件(Object File) 1.1 文件类型 对象文件有三种形式: 可重定位对象文件(Relocatable object file):包含二进制 ...

  6. Linux Debugging(四): 使用GDB来理解C++ 对象的内存布局(多重继承,虚继承)

    前一段时间再次拜读<Inside the C++ Object Model> 深入探索C++对象模型,有了进一步的理解,因此我也写了四篇博文算是读书笔记: Program Transfor ...

  7. CSAPP HITICS 大作业 hello's P2P by zsz

    摘 要 摘要是论文内容的高度概括,应具有独立性和自含性,即不阅读论文的全文,就能获得必要的信息.摘要应包括本论文的目的.主要内容.方法.成果及其理论与实际意义.摘要中不宜使用公式.结构式.图表和非公知 ...

  8. 系统级编程(csapp)

    系统级编程漫游 系统级编程提供学生从用户级.程序员的视角认识处理器.网络和操作系统,通过对汇编器和汇编代码.程序性能评测和优化.内存组织层次.网络协议和操作以及并行编程的学习,理解底层计算机系统对应用 ...

  9. 内核中dump_stack的实现原理(2) —— symbol

    环境 Linux-4.14 Aarch64   正文 在前面的分析中调用print_symbol("PC is at %s\n", instruction_pointer(regs ...

随机推荐

  1. 9、Dubbo-配置(4)

    本地存根 远程服务后,客户端通常只剩下接口,而实现全在服务器端,但提供方有些时候想在客户端 也执行部分逻辑,比如:做 ThreadLocal 缓存,提前验证参数,调用失败后伪造容错数据等 等,此时就需 ...

  2. spring boot +druid数据库连接池配置

    1.启动应用入口修改 增加servlet注解 import javax.sql.DataSource; import org.apache.ibatis.session.SqlSessionFacto ...

  3. throws、throw和try catch

    在学习代理模式的时候,编写动态生成代理类.java文件时,用try{}catch(){}捕获异常发现catch(Exception e)报错,得换成catch(Throwable e),然后又查了查两 ...

  4. jQuery笔记: 基本概念与jQuery核心

    目录 初识jQuery 为什么要使用jQuery? 如何使用jQuery? jQuery与js加载模式不同 jQuery入口函数的四种写法 jQuery的访问符冲突问题 jQuery核心函数和jQue ...

  5. Promise 的应用

    Promise 有三种状态,进行中(pending),已成功(fulfilled),已失败(rejected): 一旦状态改变,就不会再变,任何时候都可以得到这个结果.Promise对象的状态改变,只 ...

  6. Python-逻辑运算

    1 or 3>2 and 4<5 or 6 and 2<7

  7. Dynamics CRM plugin调试方法之Profiler

    https://blog.csdn.net/vic0228/article/details/72903815

  8. ARM开发---Keil注册+JLink维修详解

    在ARM开发中,经常使用的开发环境就是Keil uVision集成开发环境+JLink仿真器,本文就是就是介绍.总结使用该开发环境中遇到的问题,并在问题后方附上亲测可行的解决方法.如果各位看官在开发过 ...

  9. 关于STM32 DMA相关总结[概述知识点]

    关于DMA相关知识的总结,写给未来的自己,希望有帮助.立个Flag[坚持写博客总结自己工作或学习记录自己的生活] ------------------------------------------- ...

  10. python 文件读取方法详解

    话不多说直接码 # 绝对路径 # f = open('/Users/fangxiang/Downloads/我的古诗.text', mode='r', encoding='utf-8') # cont ...