This is the mail archive of the
binutils@sourceware.org
mailing list for the binutils project.
Re: cflow on binary files?
- From: Mel Gorman <mel at csn dot ul dot ie>
- To: Marty Leisner <leisner at rochester dot rr dot com>
- Cc: binutils at sources dot redhat dot com, gray at gnu dot org
- Date: Tue, 25 Oct 2005 09:40:59 +0100 (IST)
- Subject: Re: cflow on binary files?
- References: <200510250518.j9P5ILXI023008@dell3.home>
On Tue, 25 Oct 2005, Marty Leisner wrote:
> I've been using cflow and other source reverse engineering tools
> for over 20 years...
>
> I've been playing with the new gnu cflow (and dot).
>
> Mel Gorman did a hack on gcc to generate flow graphs to dissect the
> Linux VM (and other parts of the kernel).
>
> I came across the utility called nmdepend (which I couldn't
> get to work).
>
> But it has a wonderful idea -- perform flow analysis on the binary
> file...
>
> It seems with a binary compiled with -g, there's useful information
> which can be extracted to generate call graphs. The BIG advantage,
> is the source code doesn't have to be parsed -- and the actual code being
> compiled is present in the executable.
>
> Comments/opinions?
I am not familiar with cflow, but using CodeViz, try
genfull --g cobjdump -f binaryfile
gengraph -f somefunc -d 5
The -g objdump will geneate a full callgraph based on a binary file. It
only works for x86 binaries and has only been tested with a vmlinux file.
I'm fairly sure if there are naming collisions between multiple binary
files, it will mess up the graphs.
It works in a very simple manner. It disassembles the .text and .init
sections of the file using objdump. It then looks for chunks that look
like this;
c0100000 <startup_32>:
and considers them starts of functions. It then checks any usage of
"call", "jmp" or "bl" for calls to other functions. It dumps anything it
finds out to a file that dot can use.
I doubt it would win any prizes but it got the job done for me.
--
Mel Gorman
Part-time Phd Student Java Applications Developer
University of Limerick IBM Dublin Software Lab