Search code examples
c++cunixcall-graphcall-flow

Tool for generating a call flow graph [C C++ solaris linux]


I'm quite fond of IDA, but I'm working in Solaris on this project. I do have a linux machine, and if nothing is in the same league as IDA then I'll convince management to purchase a license for it.

Barring that, I'm looking for alternative suggestions. Some of the other features in IDA would be handy, but the main thing I need at the moment is a call flow graph generator not based on source code. If it needs extra output from the build step, that's fine, but some of the libraries I need to look at I don't have source for.

So far, it looks like my best choices are Valgrind's Callgrind, lida, and gprof. Any further suggestions are welcome.

re: gprof, the GNU compiler set provided to us by Windriver is missing some libraries that would normally be supplied with a GNU compiler to provide (among other things) facilities for profiling. It's a good solution to the more general problem, but for now I'm opting to try other solutions first.

edit Some of the Rational tools (Purify, Quantify, etc) might also work well for this. I'm in the same boat as with IDA with that, but I figure someone googling might find the suggestion helpful.

edit2 Valgrind hasn't been ported to solaris/sparc ;p


Solution

  • Take a look at the ERESI Project. It's a reverse engineering framework and it has a tool, called ELFsh, with capabilities of generating CFG from machine code. It doesn't have a stable/final yet, but it's worth a shot.

    If you want to try it:

    • download and install (apt-get on Ubuntu)
    • run elfsh32. You'll enter a shell.
    • load your binary: load /bin/bash
    • analyse it: analyse
    • generate the graph: graph

    You'll get a graph in .dot format and a rendered PNG (this one was too large to post here).