I'm compiling a program on windows using cmake and clang-cl with flags /Zi and /DEBUG:FULL. I can step through the program using VS code and it shows function names in the call stack.
However, when I try to disassemble with llvm-objdump, I get the whole .txt as a single block, no function names whatsoever. I want to check the disassembly of a single function but llvm-objdump says failed to disassemble missing function <name>. How can I make llvm-objdump recognize the exe symbols.
P.S. I'm familiar with linux and ELF but not really with EXE format, that's why I'm using clang instead of msvc.
Related
I'm trying to create helloworld C program for windows. I need target executable to be COFF file for some security-related project. Do I use cl.exe? Do I use fasm?
Edit: not necessirily compile on windows, anything goes as long as I can run binary on windows.
Edit2: anything goes as long as I can run binary on windows or load as dynamic library.
You would use nasm.
period#D5DZ5WT2 ~/src/metasploit-framework $ nasm -f coff -o obj-intel.o dlexec.asm
period#D5DZ5WT2 ~/src/metasploit-framework $ file -s obj-intel.o
obj-intel.o: Intel 80386 COFF object file, no line number info, not stripped, 1 section, symbol offset=0x16f, 26 symbols
(That was done on WSL the windows subsystem for linux, but you should be able to do the same with cygwin or a native win binary for nasm).
https://www.nasm.us/pub/nasm/releasebuilds/2.14.02/
We want to use the preprocessor output file (.i file ) for further use, especially the comments.
For that, we use the /PREPRINT (or /PP) command line switch.
The problem is that the KEIL compiler (C166) deletes any comments.
Q: Is it possible to keep comments in the .i file?
Additional research:
The Microsoft compiler does this with the /P command line switch.
But they has /C to keep comments.
You can use
gcc -E -CC file.c
It keeps all the comments, including the ones in the .h files that may have been included by C file.
I turns out that the C166 Keil compiler supports also the /C compiler switch. This switch is not available through the IDE and is not documented.
To use it, we had to write a batch file that contains the /C switch and run the compiler a second time to create the .i file.
It also turns out that all of the compilers we use has this switch (Mircosoft, and as Arun Taylor mentioned, the GCC compiler). So we are able to use the commented .i file from every compiler.
I've tried
gdb --write --nx file
Whatever I do and even if I let the program exit normally it just won't write the 64-bit binary changes!
32-bit works and I use the exact same commands and order/sequence and "set {int} 0x0xxxxxx = 0xffffffff"
Then type quit (supposed to save with --write flag)
Permissions: rwx-r-x-r-x / 755
I've started to wonder if the BFD (Binary File Descriptor) or another internal component disallows it.
as stated (here):
Also, if the underlying BFD functionality supports it, you could use
gdb -write to patch object files using this technique. Note that gdb
can neither interpret nor modify relocations in this case, so branches
and some initialized variables will appear to go to the wrong place.
But this feature is still handy from time to time.
I wrote a little Python script wrapcl.py script which wraps our compiler binary (cl.exe, the Microsoft Visual Studio C++ compiler). I then created a new batch file cl.bat which makes that Python script accessible so that I can run cl as before and it will silently call my wrapper script instead of the real program. For what it's worth, here is my cl.bat batch file:
#python %~dp0\wrapcl.py %*
This works quite well - except in one case:
We have existing scripts which do something like
cl >NUL 2>&1 && GOTO CL
to determine whether the Microsoft Visual Studio C++ compiler is available. This breaks if cl actually calls my cl.bat batch file since the call to cl.bat never returns. We'd have to use call cl >NUL ... for that.
Is there any way I can make my wrapcl.py Python script look just like cl.exe for callers so that I can avoid touching our existing scripts which expect cl && foo to work?
One possibility is to compile your python code as an executable using py2exe. Here's a link:
py2exe
I use the MS compiler from the command line (VS 2008), and whenever it compiles one source file, it prints the compiled source file. Is there a way to avoid this useless print ?
There's no way to suppress that message with a switch (see also this thread).
It sounds like you're using the /E switch which prints the source to the std output after it's run through the preprocessor.