0 directory
Article directory
01. Overview of commands
The objdump command is a gcc tool consisting of viewing the target file or executable target file.
objdump is a bit like a Quick-View tool, which allows you to learn more about the additional information that binaries may carry in a readable format.
02. Command format
Usage: objdump < Options > File >
03. Common Options
-l --line-numbers Tagging the corresponding object code with file name and line number does not make much difference between using - ld and using - d only with - d, - D or - r. It is useful for source-level debugging, requiring debugging and compiling options such as - g to be used during compilation. -m machine --architecture=machine It is useful to specify the architecture to be used when disassembling the object file, when the disassembly file itself does not describe the architecture information (such as S-records). You can use the - i option to list the architectures you can specify here. --reloc -r Display file relocation entries. If used with - D or - D, the relocation section is displayed in disassembled format. --dynamic-reloc -R The dynamic relocation entry for displaying files is only meaningful for dynamic object files, such as some shared libraries. -s --full-contents Displays the complete contents of the specified section. By default, all non-empty sections will be displayed. -S --source Disassemble the source code as much as possible, especially when the debugging parameter - g is specified during compilation, the effect is obvious. The - d parameter is implied. --show-raw-insn When disassembling, displaying the machine code corresponding to each assembly instruction, if prefix-addresses is not specified, will be the default option. --no-show-raw-insn When disassembling, the machine code of the assembly instruction is not displayed, and if prefix-addresses is not specified, this will be the default option. --start-address=address Display data from the specified address, which affects the output of the - d, - r, and - s options. --stop-address=address Displays data until an address is specified, which affects the output of the - d, - r, and - s options. -t --syms Display the entry of the symbol table for the file. Information similar to that provided by nano-s -T --dynamic-syms The dynamic symbol table entry for displaying files is only meaningful for dynamic object files, such as some shared libraries. It displays information similar to that displayed by nm-D | - dynamic. -V --version Version information --all-headers -x Displays available header information, including symbol tables, relocation entries. - x is equivalent to - a -f -h -r -t specified at the same time. -z --disassemble-zeroes The general disassembly output omits large blocks of zeros. This option enables these zeros to be disassembled as well. @ File can centralize options into a file and then load them using the @file option.
04. Reference examples
4.1 View the version number of objdump currently in use
[deng@localhost 5share_lib]$ objdump -V GNU objdump version 2.27-27.base.el7 Copyright (C) 2016 Free Software Foundation, Inc. This program is free software; you can follow GNU General Public License Version 3 or Release it later (as you choose). This procedure does not contain any guarantees. [deng@localhost 5share_lib]$
4.2 Viewing Information in Archives
[deng@localhost 3static_lib]$ objdump -a libtest.a //In the archive file libtest.a: add.o: file format elf64-x86-64 rw-r--r-- 0/0 1232 Jan 1 08:00 1970 add.o sub.o: file format elf64-x86-64 rw-r--r-- 0/0 1224 Jan 1 08:00 1970 sub.o mul.o: file format elf64-x86-64 rw-r--r-- 0/0 1224 Jan 1 08:00 1970 mul.o [deng@localhost 3static_lib]$
[deng@localhost 3static_lib]$ ar -tv libtest.a rw-r--r-- 0/0 1232 Jan 1 08:00 1970 add.o rw-r--r-- 0/0 1224 Jan 1 08:00 1970 sub.o rw-r--r-- 0/0 1224 Jan 1 08:00 1970 mul.o [deng@localhost 3static_lib]$
4.3 Displays a list of available architectures and target structures
[deng@localhost 3static_lib]$ objdump -i BFD Header file version version 2.27-27.base.el7 elf64-x86-64 (header Small end sequence, data Small end sequence) i386 elf32-i386 (header Small end sequence, data Small end sequence) i386 elf32-iamcu (header Small end sequence, data Small end sequence) iamcu elf32-x86-64 (header Small end sequence, data Small end sequence) i386 a.out-i386-linux (header Small end sequence, data Small end sequence) i386 pei-i386 (header Small end sequence, data Small end sequence) i386 pei-x86-64 (header Small end sequence, data Small end sequence) i386 elf64-l1om (header Small end sequence, data Small end sequence) l1om elf64-k1om (header Small end sequence, data Small end sequence) k1om elf64-little (header Small end sequence, data Small end sequence) i386 l1om k1om iamcu plugin elf64-big (header big-endian, data big-endian) i386 l1om k1om iamcu plugin elf32-little (header Small end sequence, data Small end sequence) i386 l1om k1om iamcu plugin elf32-big (header big-endian, data big-endian) i386 l1om k1om iamcu plugin plugin (header Small end sequence, data Small end sequence) srec (header Unknown End Sequence, data Unknown End Sequence) i386 l1om k1om iamcu plugin symbolsrec (header Unknown End Sequence, data Unknown End Sequence) i386 l1om k1om iamcu plugin verilog (header Unknown End Sequence, data Unknown End Sequence) i386 l1om k1om iamcu plugin tekhex (header Unknown End Sequence, data Unknown End Sequence) i386 l1om k1om iamcu plugin binary (header Unknown End Sequence, data Unknown End Sequence) i386 l1om k1om iamcu plugin ihex (header Unknown End Sequence, data Unknown End Sequence) i386 l1om k1om iamcu plugin elf64-x86-64 elf32-i386 elf32-iamcu elf32-x86-64 i386 elf64-x86-64 elf32-i386 ----------- elf32-x86-64 l1om ------------ ---------- ----------- ------------ k1om ------------ ---------- ----------- ------------ iamcu ------------ ---------- elf32-iamcu ------------ plugin ------------ ---------- ----------- ------------ a.out-i386-linux pei-i386 pei-x86-64 elf64-l1om elf64-k1om i386 a.out-i386-linux pei-i386 pei-x86-64 ---------- ---------- l1om ---------------- -------- ---------- elf64-l1om ---------- k1om ---------------- -------- ---------- ---------- elf64-k1om iamcu ---------------- -------- ---------- ---------- ---------- plugin ---------------- -------- ---------- ---------- ---------- elf64-little elf64-big elf32-little elf32-big plugin srec i386 elf64-little elf64-big elf32-little elf32-big ------ srec l1om elf64-little elf64-big elf32-little elf32-big ------ srec k1om elf64-little elf64-big elf32-little elf32-big ------ srec iamcu elf64-little elf64-big elf32-little elf32-big ------ srec plugin elf64-little elf64-big elf32-little elf32-big ------ srec symbolsrec verilog tekhex binary ihex i386 symbolsrec verilog tekhex binary ihex l1om symbolsrec verilog tekhex binary ihex k1om symbolsrec verilog tekhex binary ihex iamcu symbolsrec verilog tekhex binary ihex plugin symbolsrec verilog tekhex binary ihex [deng@localhost 3static_lib]$
Here, the information displayed is a list of architectures and target formats available relative to the - b or - m options.
4.4 shows the content of the text section in the test.o file
[deng@localhost 1gcc]$ objdump --section=.text -s test.o test.o: file format elf64-x86-64 Contents of section .text: 0000 554889e5 bf000000 00e80000 0000b800 UH.............. 0010 0000005d c3 ...]. [deng@localhost 1gcc]$
Note here that you can't use - j or - section alone, such as objdump --section=.text mytest.o, to run successfully.
4.5 Disassemble the text section in test.o and express it in source code as much as possible
[deng@localhost 1gcc]$ objdump -j .text -S test.o test.o: file format elf64-x86-64 Disassembly of section .text: 0000000000000000 <main>: 0: 55 push %rbp 1: 48 89 e5 mov %rsp,%rbp 4: bf 00 00 00 00 mov $0x0,%edi 9: e8 00 00 00 00 callq e <main+0xe> e: b8 00 00 00 00 mov $0x0,%eax 13: 5d pop %rbp 14: c3 retq [deng@localhost 1gcc]$
Note here that you cannot use - j or - section alone, such as objdump - j. text test. o, to run successfully. In addition, the - S command shows better results for the target file containing debugging information. If the - G option of g++ is not specified at compile time, then the target file does not contain debugging information, and the display effect is much worse.
4.6 Disassemble the source code of test.o
[deng@localhost 1gcc]$ objdump -S test.o test.o: file format elf64-x86-64 Disassembly of section .text: 0000000000000000 <main>: 0: 55 push %rbp 1: 48 89 e5 mov %rsp,%rbp 4: bf 00 00 00 00 mov $0x0,%edi 9: e8 00 00 00 00 callq e <main+0xe> e: b8 00 00 00 00 mov $0x0,%eax 13: 5d pop %rbp 14: c3 retq [deng@localhost 1gcc]$
Especially when the debugging parameter - g is specified during compilation, the disassembly effect is obvious. The - d parameter is implied.
4.7 Symbol Table Entry to Display Files
[deng@localhost 1gcc]$ objdump -t test.o test.o: file format elf64-x86-64 SYMBOL TABLE: 0000000000000000 l df *ABS* 0000000000000000 test.c 0000000000000000 l d .text 0000000000000000 .text 0000000000000000 l d .data 0000000000000000 .data 0000000000000000 l d .bss 0000000000000000 .bss 0000000000000000 l d .rodata 0000000000000000 .rodata 0000000000000000 l d .note.GNU-stack 0000000000000000 .note.GNU-stack 0000000000000000 l d .eh_frame 0000000000000000 .eh_frame 0000000000000000 l d .comment 0000000000000000 .comment 0000000000000000 g F .text 0000000000000015 main 0000000000000000 *UND* 0000000000000000 puts [deng@localhost 1gcc]$
The output information is similar to the output of the nm s command. In contrast, the output of the NMS command is as follows:
[deng@localhost 1gcc]$ nm -s test.o 0000000000000000 T main U puts [deng@localhost 1gcc]$
4.8 Displays the entry to the symbol table of the file, decodes the underlying symbols and represents them at the user level
[deng@localhost 1gcc]$ objdump -t -C test.o test.o: file format elf64-x86-64 SYMBOL TABLE: 0000000000000000 l df *ABS* 0000000000000000 test.c 0000000000000000 l d .text 0000000000000000 .text 0000000000000000 l d .data 0000000000000000 .data 0000000000000000 l d .bss 0000000000000000 .bss 0000000000000000 l d .rodata 0000000000000000 .rodata 0000000000000000 l d .note.GNU-stack 0000000000000000 .note.GNU-stack 0000000000000000 l d .eh_frame 0000000000000000 .eh_frame 0000000000000000 l d .comment 0000000000000000 .comment 0000000000000000 g F .text 0000000000000015 main 0000000000000000 *UND* 0000000000000000 puts [deng@localhost 1gcc]$
4.9 disassembly of target documents
[deng@localhost 1gcc]$ objdump -d test.o test.o: file format elf64-x86-64 Disassembly of section .text: 0000000000000000 <main>: 0: 55 push %rbp 1: 48 89 e5 mov %rsp,%rbp 4: bf 00 00 00 00 mov $0x0,%edi 9: e8 00 00 00 00 callq e <main+0xe> e: b8 00 00 00 00 mov $0x0,%eax 13: 5d pop %rbp 14: c3 retq [deng@localhost 1gcc]$
The content of text segment is disassembled.
4.10 Disassemble specific segments and match file names and line numbers corresponding to assembly code
[deng@localhost 1gcc]$ objdump -d -l test.o test.o: file format elf64-x86-64 Disassembly of section .text: 0000000000000000 <main>: main(): 0: 55 push %rbp 1: 48 89 e5 mov %rsp,%rbp 4: bf 00 00 00 00 mov $0x0,%edi 9: e8 00 00 00 00 callq e <main+0xe> e: b8 00 00 00 00 mov $0x0,%eax 13: 5d pop %rbp 14: c3 retq [deng@localhost 1gcc]$
Here, item "-d" disassembles section s of specific instruction machine codes from objfile, and uses "-l" to specify object codes labeled with file names and line numbers. It is only used with - d, - D or - r. The difference between using - ld and using - D is not very big. It is useful in source-level debugging, requiring the use of - g and the like in compiling. Debug compilation options.
4.11 Displays header summary information for each segment of the target file
[deng@localhost 1gcc]$ objdump -h test.o test.o: file format elf64-x86-64 //Section: Idx Name Size VMA LMA File off Algn 0 .text 00000015 0000000000000000 0000000000000000 00000040 2**0 CONTENTS, ALLOC, LOAD, RELOC, READONLY, CODE 1 .data 00000000 0000000000000000 0000000000000000 00000055 2**0 CONTENTS, ALLOC, LOAD, DATA 2 .bss 00000000 0000000000000000 0000000000000000 00000055 2**0 ALLOC 3 .rodata 0000000d 0000000000000000 0000000000000000 00000055 2**0 CONTENTS, ALLOC, LOAD, READONLY, DATA 4 .comment 0000002e 0000000000000000 0000000000000000 00000062 2**0 CONTENTS, READONLY 5 .note.GNU-stack 00000000 0000000000000000 0000000000000000 00000090 2**0 CONTENTS, READONLY 6 .eh_frame 00000038 0000000000000000 0000000000000000 00000090 2**3 CONTENTS, ALLOC, LOAD, RELOC, READONLY, DATA [deng@localhost 1gcc]$
4.12 Disassemble All
[deng@localhost 1gcc]$ objdump -D test.o test.o: file format elf64-x86-64 Disassembly of section .text: 0000000000000000 <main>: 0: 55 push %rbp 1: 48 89 e5 mov %rsp,%rbp 4: bf 00 00 00 00 mov $0x0,%edi 9: e8 00 00 00 00 callq e <main+0xe> e: b8 00 00 00 00 mov $0x0,%eax 13: 5d pop %rbp 14: c3 retq Disassembly of section .rodata: 0000000000000000 <.rodata>: 0: 68 65 6c 6c 6f pushq $0x6f6c6c65 5: 20 69 74 and %ch,0x74(%rcx) 8: 63 61 73 movslq 0x73(%rcx),%esp b: 74 00 je d <main+0xd> Disassembly of section .comment: 0000000000000000 <.comment>: 0: 00 47 43 add %al,0x43(%rdi) 3: 43 3a 20 rex.XB cmp (%r8),%spl 6: 28 47 4e sub %al,0x4e(%rdi) 9: 55 push %rbp a: 29 20 sub %esp,(%rax) c: 34 2e xor $0x2e,%al e: 38 2e cmp %ch,(%rsi) 10: 35 20 32 30 31 xor $0x31303220,%eax 15: 35 30 36 32 33 xor $0x33323630,%eax 1a: 20 28 and %ch,(%rax) 1c: 52 push %rdx 1d: 65 64 20 48 61 gs and %cl,%fs:0x61(%rax) 22: 74 20 je 44 <main+0x44> 24: 34 2e xor $0x2e,%al 26: 38 2e cmp %ch,(%rsi) 28: 35 2d 32 38 29 xor $0x2938322d,%eax ... Disassembly of section .eh_frame: 0000000000000000 <.eh_frame>: 0: 14 00 adc $0x0,%al 2: 00 00 add %al,(%rax) 4: 00 00 add %al,(%rax) 6: 00 00 add %al,(%rax) 8: 01 7a 52 add %edi,0x52(%rdx) b: 00 01 add %al,(%rcx) d: 78 10 js 1f <.eh_frame+0x1f> f: 01 1b add %ebx,(%rbx) 11: 0c 07 or $0x7,%al 13: 08 90 01 00 00 1c or %dl,0x1c000001(%rax) 19: 00 00 add %al,(%rax) 1b: 00 1c 00 add %bl,(%rax,%rax,1) 1e: 00 00 add %al,(%rax) 20: 00 00 add %al,(%rax) 22: 00 00 add %al,(%rax) 24: 15 00 00 00 00 adc $0x0,%eax 29: 41 0e rex.B (bad) 2b: 10 86 02 43 0d 06 adc %al,0x60d4302(%rsi) 31: 50 push %rax 32: 0c 07 or $0x7,%al 34: 08 00 or %al,(%rax) ... [deng@localhost 1gcc]$
5 appendix
Reference resources: [Linux] A step-by-step summary of the series of Linux tutorials