site_archiver@lists.apple.com Delivered-To: darwin-dev@lists.apple.com On 02/09/2008, at 11:38 PM, Jean-Daniel Dupas wrote: Le 2 sept. 08 à 14:58, Luke Daley a écrit : On 02/09/2008, at 10:18 PM, Jean-Daniel Dupas wrote: » nm /usr/lib/libSystem.dylib | grep __syscall 000441d0 t ___syscall #include <libc.h> #include <mach-o/nlist.h> typedef int (*__syscall_t)(quad_t number, ...); return 0; } Wow, scary :) Looking at nlist.h… struct nlist { union { #ifndef __LP64__ char *n_name; /* for use when in-core */ #endif int32_t n_strx; /* index into the string table */ } n_un; uint8_t n_type; /* type flag, see below */ uint8_t n_sect; /* section number or NO_SECT */ int16_t n_desc; /* see <mach-o/stab.h> */ uint32_t n_value; /* value of this symbol (or stab offset) */ }; Does that mean that n_name doesn't exist on 64 bit architectures? -- LD. _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-dev mailing list (Darwin-dev@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-dev/site_archiver%40lists.appl... It's very clearly there, why can't my code find it? Because it is an internal symbol and it is not exported (note the lower case 't' in front of the symbol name). Hrm. I have to call it, what do I do? As you are already using interposition, another feature that should be avoid will not hurt ;-) int main(int argc, const char * argv[]) { struct nlist nl[1]; bzero(&nl, sizeof(struct nlist) * 2); nl[0].n_un.n_name = (char *)"___syscall"; if (nlist("/usr/lib/libSystem.dylib", nl) < 0 || nl[0].n_type == N_UNDF) { fprintf(stderr, "nlist(%s, %s) failed\n", "/usr/lib/libSystem.dylib", nl[0].n_un.n_name); return -1; } __syscall_t fcn = (__syscall_t)nl[0].n_value; See man nlist(3) for details. I think there might be a problem with it though. I get "error: ‘union <anonymous>’ has no member named ‘n_name’" This email sent to site_archiver@lists.apple.com