- Objdump - Displays information from object files. Ranlib - Generates an index to the contents of an archive. Readelf - Displays information from any ELF format object file. Size - Lists the section sizes of an object or archive file. Strings - Lists printable strings from files. Strip - Discards symbols.
- The main purpose of the objdump command is to help in debugging the object file. It is used for the following listed purposes: To retrieve archive header To get the offset of the file.
And disassemble it with objdump d You should be able to get the exact byte from CSCI UA 201 at New York University. Objdump is a command-line program for displaying various information about object files on Unix-like operating systems.For instance, it can be used as a disassembler to view an executable in assembly form. Objdumpdisplays information about one or more object files. The options control what particular information to display. Information is mostly useful to programmers who are working on the compilation tools, as opposed to programmers who just want their.
GNU Binutils
The GNU Binutils are a collection of binary tools. The main ones are:
- ld - the GNU linker.
- as - the GNU assembler.
But they also include:
- addr2line - Converts addresses into filenames and line numbers.
- ar - A utility for creating, modifying and extracting from archives.
- c++filt - Filter to demangle encoded C++ symbols.
- dlltool - Creates files for building and using DLLs.
- gold - A new, faster, ELF only linker, still in beta test.
- gprof - Displays profiling information.
- nlmconv - Converts object code into an NLM.
- nm - Lists symbols from object files.
- objcopy - Copies and translates object files.
- objdump - Displays information from object files.
- ranlib - Generates an index to the contents of an archive.
- readelf - Displays information from any ELF format object file.
- size - Lists the section sizes of an object or archive file.
- strings - Lists printable strings from files.
- strip - Discards symbols.
- windmc - A Windows compatible message compiler.
- windres - A compiler for Windows resource files.
Most of these programs use BFD, the Binary File Descriptor library, to do low-level manipulation. Many of them also use the opcodes library to assemble and disassemble machine instructions.
The binutils have been ported to most major Unix variants as well as Wintel systems, and their main reason for existence is to give the GNU system (and GNU/Linux) the facility to compile and link programs.
Obtaining binutils
The latest release of GNU binutils is 2.36.1. The various NEWS files (binutils, gas, and ld) have details of what has changed in this release.
See the SOFTWARE page for information on obtaining releases of GNU binutils and other GNU software. The current release can be downloaded from https://ftp.gnu.org/gnu/binutils or, preferably, from a nearby mirror through the generic URL https://ftpmirror.gnu.org/binutils.
If you plan to do active work on GNU binutils, you can access the development source tree by anonymous git:
git clone git://sourceware.org/git/binutils-gdb.git
Alternatively, you can use the gitweb interface, or the source snapshots, available as bzipped tar files via anonymous FTP from ftp://sourceware.org/pub/binutils/snapshots.
Bug reports
There is a bug-tracking system at https://sourceware.org/bugzilla/.
Mailing lists
There are three binutils mailing lists:
- <bug-binutils@gnu.org> (archives)
- For reporting bugs.
- <binutils@sourceware.org> (archives)
- For discussing binutils issues.
- binutils-cvs (archives)
- A read-only mailing list containing the notes from checkins to the binutils git repository. (This list has an odd name for historical reasons.)
You can use this form to subscribe to the binutils@sourceware.org or binutils-cvs@sourceware.org mailing lists:
To subscribe to the bug-binutils@gnu.org mailing list, see the bug-binutils info page.
You may wish to browse the old mail archives of the gas2 and bfd mailing lists. These were the discussion lists for binutils until May 1999. Please do not send mail to them any longer.
Documentation
The documentation for binutils 2.36.1 is available.
A guide to porting the binutils to a new target has been contributed.
12 Jan 2015In today’s post, I want to present a dead-simple C program that we’ll compile into an object file and then use objdump to give us some assembly code. I’ll then take you through the generated assembly.
Using objdump
According to its manpage, objdump is used to dsplay information from object files. It has a whole host of different switches that you can supply to interrogate object files, but we’ll only have a very simple usage for it in this post.
I prefer Intel assembly syntax, so I’ll specify -M intel. We want to disassemble the object file, so we’ll use -d. It’s really helpful to also have the original source code intermixed with the assembly code, so we’ll turn that on with -S.
Your command should look something like this
Simple example
The most basic program to look at is one that does nothing but return 0 back to the operating system.
Compiling this unit (ensuring to specify -g to gcc for debug symbols) and then disassembling with objdump, we’re given back the following:
Whilst the whole block that gets dumped out is important, we’re really only worried about the inner implementation of the main function call. The translation of this code is equally pretty simple.
Dissecting this code, we can see that the program first sets up the stack frame for the two parameters passed into main, argc and argv.
Objdump -b
So, we save the previous rbp to preserve its state.
And in accordance with the calling conventions for System V AMD64
Objdump Disassemble
The first six integer or pointer arguments are passed in registers RDI, RSI, RDX, RCX, R8, and R9, while XMM0, XMM1, XMM2, XMM3, XMM4, XMM5, XMM6 and XMM7 are used for floating point arguments.
Therefore, argc being of type int is therefore a DWORD and is passed via edi. argv is a pointer and is a QWORD; therefore it is passed using the 64 bit register rsi.
Upon entry, we’re just filling up those spots in the stack.
Objdump
Exiting we’re just setting our return value (which is always in the accumulator), restoring the pre-entry value that was in rbp and returning to the caller.
Write another, more complex C program; disassemble it and see if you can follow along with the results.