0

I think nm is the tool, but none of the tutorials has helped me solve my problem. Let's say I have a debug built binary and a stack trace where it crashes. The stack trace says something like foo() + 1500.

I assume the number is bytes of offset in the binary. Correct?

However! There is nothing with precisely this address. The addresses of the symbols are NOT monotonically incrementing in default ,sysv nor posix format.

How can I determine where did the crash happen (before the end of which symbol)?

Vorac
  • 8,726
  • 11
  • 58
  • 101
  • 1
    The number is offset from the start of the function `foo`. If you set the source path in gdb it should point you to actual code. – Botje Mar 31 '20 at 11:17
  • @Botje it's not a configuration issue. We are debugging from client logs. And currently handwaving away the fact that the provided offset is in the release version. – Vorac Mar 31 '20 at 11:49
  • 1
    That is crucial information. Debug binaries differ from release binaries. Do you still have an un`strip`ed release binary that matches what you shipped or did you set aside debug symbols? Otherwise you get to reverse engineer your own released binary. – Botje Mar 31 '20 at 12:00

0 Answers0