I'm finding it really annoying to have to disassemble large swathes of library code just to get enough context to see what is causing a crash. Is there any way that I can just hand objdump an address, and have it find the boundaries of the containing function for me?
EDIT: Better yet, can I have it disassemble an entire stack trace for me?
Disassembling an ELF-formatted fileUse the --disassemble option to display a disassembled version of the image to stdout . If you use this option with the --output destination option, you can reassemble the output file with armasm. You can use this option to disassemble either an ELF image or an ELF object file.
objdump displays information about one or more object files. The options control what particular information to display. This information is mostly useful to programmers who are working on the compilation tools, as opposed to programmers who just want their program to compile and work.
objdump is a command-line program for displaying various information about object files on Unix-like operating systems. For instance, it can be used as a disassembler to view an executable in assembly form. It is part of the GNU Binutils for fine-grained control over executables and other binary data.
Something like this perhaps?
$ objdump -S --start-address=0x42 foo.o | awk '{print $0} $3~/retq?/{exit}'
It prints the dis-assembly listing starting from 0x42
till it finds a ret(q)
, assuming the boundary is marked by ret(q)
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With