Copyright (C) 2011-2017 mailto:[email protected]
gen-callgraph is a script to generate call graph from elf binary.
See sister project for generating c-tags from elf binary: gen-ctags
input: elf binary from below source:
class QWE { public: QWE() {} ~QWE() {} void f() {} }; void A(); void C() {A();} void B() {C(); QWE qwe; qwe.f();} void A() {B(); C();} int main(int argc, char** argv) { A(); return 0; }
output: graphviz dot for below graph:
bash readelf objdump c++filt graphviz
- Only supports statically linked functions within one x86_64 binary.
- Only supports function calls invoked by assembly commands callq/jmpq/jmp and conditional jump variants on literal (non-register) destinations.
- Naive algorithm. Only tested on small binaries.
gen-callgraph <BINARY> [DEBUG={0*/1}] | dot -Tpng -ocallgraph.png
- -g
- -O0
- -fno-function-cse
- -fomit-frame-pointer
- "Disassemble raw x64 machine code"
- http://stackoverflow.com/questions/19071461/disassemble-raw-x64-machine-code
- "Graphviz - Graph Visualization Software"
- http://www.graphviz.org/
- "Trying to understand gcc option -fomit-frame-pointer"
- http://stackoverflow.com/questions/14666665/trying-to-understand-gcc-option-fomit-frame-pointer
- "3.10 Options That Control Optimization"
- https://gcc.gnu.org/onlinedocs/gcc-4.5.2/gcc/Optimize-Options.html
call graph, asm, disassembly, elf, graphviz, name mangling