[root@localhost log]# cat -n /root/xx.c
     3  #include 
     5  void func(char *p)
     6  {
     7  *p = 'p';
     8  }
    10  int main(int argc, char *argv[])
    11  {
    12  char *p=null;
    13  func(p);
    15  return 0;
    16  }

[root@localhost log]# /root/xx
[root@localhost log]# dmesg 
xx[8226]: segfault at 0 ip 0000000000400454 sp 00007fffcb8b6360 error 6 in xx[400000 1000]
[root@localhost log]# objdump -d /root/xx
/root/xx:     file format elf64-x86-64
disassembly of section .init:
0000000000400338 <_init>:
  400338:       48 83 ec 08             sub    $0x8,%rsp
  40033c:       e8 5b 00 00 00          callq  40039c 
  400341:       e8 da 00 00 00          callq  400420 
  400346:       e8 d5 01 00 00          callq  400520 <__do_global_ctors_aux>
  40034b:       48 83 c4 08             add    $0x8,%rsp
  40034f:       c3                      retq   
disassembly of section .plt:
0000000000400350 <__libc_start_main@plt-0x10>:
  400350:       ff 35 d2 04 20 00       pushq  2098386(%rip)        # 600828 <_global_offset_table_ 0x8>
  400356:       ff 25 d4 04 20 00       jmpq   *2098388(%rip)        # 600830 <_global_offset_table_ 0x10>
  40035c:       0f 1f 40 00             nopl   0x0(%rax)
0000000000400360 <__libc_start_main@plt>:
  400360:       ff 25 d2 04 20 00       jmpq   *2098386(%rip)        # 600838 <_global_offset_table_ 0x18>
  400366:       68 00 00 00 00          pushq  $0x0
  40036b:       e9 e0 ff ff ff          jmpq   400350 <_init 0x18>
disassembly of section .text:
0000000000400370 <_start>:
  400370:       31 ed                   xor    �p,�p
  400372:       49 89 d1                mov    %rdx,%r9
  400375:       5e                      pop    %rsi
  400376:       48 89 e2                mov    %rsp,%rdx
  400379:       48 83 e4 f0             and    $0xfffffffffffffff0,%rsp
  40037d:       50                      push   %rax
  40037e:       54                      push   %rsp
  40037f:       49 c7 c0 80 04 40 00    mov    $0x400480,%r8
  400386:       48 c7 c1 90 04 40 00    mov    $0x400490,%rcx
  40038d:       48 c7 c7 59 04 40 00    mov    $0x400459,%rdi
  400394:       e8 c7 ff ff ff          callq  400360 <__libc_start_main@plt>
  400399:       f4                      hlt    
  40039a:       90                      nop    
  40039b:       90                      nop    
000000000040039c :
  40039c:       48 83 ec 08             sub    $0x8,%rsp
  4003a0:       48 8b 05 71 04 20 00    mov    2098289(%rip),%rax        # 600818 <_dynamic 0x190>
  4003a7:       48 85 c0                test   %rax,%rax
  4003aa:       74 02                   je     4003ae 
  4003ac:       ff d0                   callq  *%rax
  4003ae:       48 83 c4 08             add    $0x8,%rsp
  4003b2:       c3                      retq   
  4003b3:       90                      nop    
  4003b4:       90                      nop    
  4003b5:       90                      nop    
  4003b6:       90                      nop    
  4003b7:       90                      nop    
  4003b8:       90                      nop    
  4003b9:       90                      nop    
  4003ba:       90                      nop    
  4003bb:       90                      nop    
  4003bc:       90                      nop    
  4003bd:       90                      nop    
  4003be:       90                      nop    
  4003bf:       90                      nop    
00000000004003c0 <__do_global_dtors_aux>:
  4003c0:       55                      push   %rbp
  4003c1:       48 89 e5                mov    %rsp,%rbp
  4003c4:       53                      push   %rbx
  4003c5:       48 83 ec 08             sub    $0x8,%rsp
  4003c9:       80 3d 80 04 20 00 00    cmpb   $0x0,2098304(%rip)        # 600850 
  4003d0:       75 44                   jne    400416 <__do_global_dtors_aux 0x56>
  4003d2:       b8 78 06 60 00          mov    $0x600678,�x
  4003d7:       48 2d 70 06 60 00       sub    $0x600670,%rax
  4003dd:       48 c1 f8 03             sar    $0x3,%rax
  4003e1:       48 8d 58 ff             lea    0xffffffffffffffff(%rax),%rbx
  4003e5:       48 8b 05 5c 04 20 00    mov    2098268(%rip),%rax        # 600848 
  4003ec:       48 39 c3                cmp    %rax,%rbx
  4003ef:       76 1e                   jbe    40040f <__do_global_dtors_aux 0x4f>
  4003f1:       48 83 c0 01             add    $0x1,%rax
  4003f5:       48 89 05 4c 04 20 00    mov    %rax,2098252(%rip)        # 600848 
  4003fc:       ff 14 c5 70 06 60 00    callq  *0x600670(,%rax,8)
  400403:       48 8b 05 3e 04 20 00    mov    2098238(%rip),%rax        # 600848 
  40040a:       48 39 c3                cmp    %rax,%rbx
  40040d:       77 e2                   ja     4003f1 <__do_global_dtors_aux 0x31>
  40040f:       c6 05 3a 04 20 00 01    movb   $0x1,2098234(%rip)        # 600850 
  400416:       48 83 c4 08             add    $0x8,%rsp
  40041a:       5b                      pop    %rbx
  40041b:       c9                      leaveq 
  40041c:       c3                      retq   
  40041d:       0f 1f 00                nopl   (%rax)
0000000000400420 :
  400420:       55                      push   %rbp
  400421:       48 83 3d 57 02 20 00    cmpq   $0x0,2097751(%rip)        # 600680 <__jcr_end__>
  400428:       00 
  400429:       48 89 e5                mov    %rsp,%rbp
  40042c:       74 16                   je     400444 
  40042e:       b8 00 00 00 00          mov    $0x0,�x
  400433:       48 85 c0                test   %rax,%rax
  400436:       74 0c                   je     400444 
  400438:       bf 80 06 60 00          mov    $0x600680,�i
  40043d:       49 89 c3                mov    %rax,%r11
  400440:       c9                      leaveq 
  400441:       41 ff e3                jmpq   *%r11
  400444:       c9                      leaveq 
  400445:       c3                      retq   
  400446:       90                      nop    
  400447:       90                      nop    
0000000000400448 :
  400448:       55                      push   %rbp
  400449:       48 89 e5                mov    %rsp,%rbp
  40044c:       48 89 7d f8             mov    %rdi,0xfffffffffffffff8(%rbp)
  400450:       48 8b 45 f8             mov    0xfffffffffffffff8(%rbp),%rax
  400454:       c6 00 70                movb   $0x70,(%rax)
  400457:       c9                      leaveq 
  400458:       c3                      retq   
0000000000400459 <main>:
  400459:       55                      push   %rbp
  40045a:       48 89 e5                mov    %rsp,%rbp
  40045d:       48 83 ec 20             sub    $0x20,%rsp
  400461:       89 7d ec                mov    %edi,0xffffffffffffffec(%rbp)
  400464:       48 89 75 e0             mov    %rsi,0xffffffffffffffe0(%rbp)
  400468:       48 c7 45 f8 00 00 00    movq   $0x0,0xfffffffffffffff8(%rbp)
  40046f:       00 
  400470:       48 8b 7d f8             mov    0xfffffffffffffff8(%rbp),%rdi
  400474:       e8 cf ff ff ff          callq  400448 <func>
  400479:       b8 00 00 00 00          mov    $0x0,%eax
  40047e:       c9                      leaveq 
  40047f:       c3                      retq

[root@localhost log]# objdump -d /root/xx |grep -c5 400454 0000000000400448 : 400448: 55 push %rbp 400449: 48 89 e5 mov %rsp,%rbp 40044c: 48 89 7d f8 mov %rdi,0xfffffffffffffff8(%rbp) 400450: 48 8b 45 f8 mov 0xfffffffffffffff8(%rbp),%rax 400454: c6 00 70 movb $0x70,(%rax) 400457: c9 leaveq 400458: c3 retq 0000000000400459
: 400459: 55 push %rbp


usage: addr2line [option(s)] [addr(s)]
 convert addresses into line number/file name pairs.
 if no addresses are specified on the command line, they will be read from stdin
 the options are:
  @                read options from 
  -b --target=  set the binary file format
  -e --exe=  set the input file name (default is a.out)
  -i --inlines           unwind inlined functions
  -j --section=    read section-relative offsets instead of addresses
  -s --basenames         strip directory names
  -f --functions         show function names
  -c --demangle[=style]  demangle function names
  -h --help              display this information
  -v --version           display the program's version
[root@localhost log]# addr2line -e /root/xx 0x400454




[root@localhost ~]# gdb ./xx gnu gdb (gdb) 7.7 ag真人试玩娱乐 copyright (c) 2014 free software foundation, inc. license gplv3 : gnu gpl version 3 or later this is free software: you are free to change and redistribute it. there is no warranty, to the extent permitted by law. type "show copying" and "show warranty" for details. this gdb was configured as "x86_64-unknown-linux-gnu". type "show configuration" for configuration details. for bug reporting instructions, please see: . find the gdb manual and other documentation resources online at: . for help, type "help". type "apropos word" to search for commands related to "word"... reading symbols from ./xx...done. (gdb) disas 0x400454 dump of assembler code for function func: 0x0000000000400448 < 0>: push %rbp 0x0000000000400449 < 1>: mov %rsp,%rbp 0x000000000040044c < 4>: mov %rdi,-0x8(%rbp) 0x0000000000400450 < 8>: mov -0x8(%rbp),%rax 0x0000000000400454 < 12>: movb $0x70,(%rax) 0x0000000000400457 < 15>: leaveq 0x0000000000400458 < 16>: retq end of assembler dump.

(gdb) list func
3       #include 
5       void func(char *p)
6       {
7       *p = 'p';
8       }
10      int main(int argc, char *argv[])