Re: [9fans] validateaddress

[Kenji Arisawa]

Thanks Russ,
ar% ps
...
none        1236297 49979:50   0:00      172K Running  validateaddress
...
ar% acid 1236297
/proc/1236297/text:386 plan 9 executable
/sys/lib/acid/port
/sys/lib/acid/386
acid: bpset(strcmp)
Waiting...
1236297: exception 50   klook+0x7a      MOVL    0x8(DX),DX
acid: loop 1,20 do { cont(); print("strcmp '", *(*strcmp:s1\s), "'  
'",*(*strcmp:s2\s), "'\n"); }
1236297: breakpoint     strcmp  SUBL    $0xc,SP
strcmp 'in' 'prompt'

1236297: breakpoint     strcmp+0x3      MOVL    s1+0x0(FP),BP
1236297: breakpoint     strcmp  SUBL    $0xc,SP
strcmp 'in' 'prompt'

1236297: breakpoint     strcmp+0x3      MOVL    s1+0x0(FP),BP
1236297: breakpoint     strcmp  SUBL    $0xc,SP
strcmp 'in' 'prompt'

1236297: breakpoint     strcmp+0x3      MOVL    s1+0x0(FP),BP
1236297: breakpoint     strcmp  SUBL    $0xc,SP
strcmp 'in' 'prompt'

1236297: breakpoint     strcmp+0x3      MOVL    s1+0x0(FP),BP
1236297: breakpoint     strcmp  SUBL    $0xc,SP
strcmp 'in' 'prompt'

1236297: breakpoint     strcmp+0x3      MOVL    s1+0x0(FP),BP
1236297: breakpoint     strcmp  SUBL    $0xc,SP
strcmp 'in' 'prompt'

1236297: breakpoint     strcmp+0x3      MOVL    s1+0x0(FP),BP
1236297: breakpoint     strcmp  SUBL    $0xc,SP
strcmp 'in' 'prompt'

1236297: breakpoint     strcmp+0x3      MOVL    s1+0x0(FP),BP
1236297: breakpoint     strcmp  SUBL    $0xc,SP
strcmp 'in' 'prompt'

1236297: breakpoint     strcmp+0x3      MOVL    s1+0x0(FP),BP
1236297: breakpoint     strcmp  SUBL    $0xc,SP
strcmp 'in' 'prompt'

1236297: breakpoint     strcmp+0x3      MOVL    s1+0x0(FP),BP
1236297: breakpoint     strcmp  SUBL    $0xc,SP
strcmp 'in' 'prompt'

1236297: breakpoint     strcmp+0x3      MOVL    s1+0x0(FP),BP
1236297: breakpoint     strcmp  SUBL    $0xc,SP
strcmp 'in' 'prompt'

1236297: breakpoint     strcmp+0x3      MOVL    s1+0x0(FP),BP
1236297: breakpoint     strcmp  SUBL    $0xc,SP
strcmp 'in' 'prompt'

1236297: breakpoint     strcmp+0x3      MOVL    s1+0x0(FP),BP
1236297: breakpoint     strcmp  SUBL    $0xc,SP
strcmp 'in' 'prompt'

1236297: breakpoint     strcmp+0x3      MOVL    s1+0x0(FP),BP
1236297: breakpoint     strcmp  SUBL    $0xc,SP
strcmp 'in' 'prompt'

1236297: breakpoint     strcmp+0x3      MOVL    s1+0x0(FP),BP
1236297: breakpoint     strcmp  SUBL    $0xc,SP
strcmp 'in' 'prompt'

1236297: breakpoint     strcmp+0x3      MOVL    s1+0x0(FP),BP
1236297: breakpoint     strcmp  SUBL    $0xc,SP
strcmp 'in' 'prompt'

1236297: breakpoint     strcmp+0x3      MOVL    s1+0x0(FP),BP
1236297: breakpoint     strcmp  SUBL    $0xc,SP
strcmp 'in' 'prompt'

1236297: breakpoint     strcmp+0x3      MOVL    s1+0x0(FP),BP
1236297: breakpoint     strcmp  SUBL    $0xc,SP
strcmp 'in' 'prompt'

1236297: breakpoint     strcmp+0x3      MOVL    s1+0x0(FP),BP
1236297: breakpoint     strcmp  SUBL    $0xc,SP
strcmp 'in' 'prompt'

1236297: breakpoint     strcmp+0x3      MOVL    s1+0x0(FP),BP
1236297: breakpoint     strcmp  SUBL    $0xc,SP
strcmp 'in' 'prompt'

acid: acid: bpdel(strcmp)
acid: bpset(klook)
acid: cont();
<stdin>:5: (error) msg: pid=1236297 startstop: interrupted
acid: bpdel(klook)


Kenji Arisawa


On 2009/08/12, at 0:27, Russ Cox wrote:

acid pid

bpset(strcmp)
loop 1,20 do { cont(); print("strcmp '", *(*strcmp:s1\s), "' '",
*(*strcmp:s2\s), "'\n"); }
bpdel(strcmp)

also

bpset(klook)
cont();
# wait a while, see if you hit the breakpoint, probably not
DEL (to stop acid if it didn't hit the breakpoint)
bpdel(klook)

if you do hit the klook breakpoint then try
the same sequence but with yyparse instead
of klook.

the goal is to find some function that isn't being
repeatedly called.  that helps narrow down the
source of the infinite loop to code inside that
function or the ones it calls.

russ