objdump命令-CFANZ编程社区

参考：objdump(Linux)反汇编命令使用指南_wang.wenchao的博客-CSDN博客_objdump反汇编命令

1 objdump反汇编示例

源文件main.c：

/* main.c */
#include <stdio.h>

void swap(int* first, int* second){
    int temp = *first;
    *first = *second;
    *second = temp;
}

int main(void){
int a = 10;
int b = 20;

    printf("a = %d; b = %d;\n", a, b);
    swap(&a, &b);
    printf("a = %d; b = %d;\n", a, b);

return 0;
}

1.1 显示main.c的汇编代码

aarch64-linux-gnu-gcc -S -o main.s main.c

汇编文件main.s

      .arch armv8-a
   .file   "main.c"
   .text
   .align   2
   .global   swap
   .type   swap, %function
swap:
.LFB0:
   .cfi_startproc
   sub   sp, sp, #32
   .cfi_def_cfa_offset 32
   str   x0, [sp, 8]
   str   x1, [sp]
   ldr   x0, [sp, 8]
   ldr   w0, [x0]
   str   w0, [sp, 28]
   ldr   x0, [sp]
   ldr   w1, [x0]
   ldr   x0, [sp, 8]
   str   w1, [x0]
   ldr   x0, [sp]
   ldr   w1, [sp, 28]
   str   w1, [x0]
   nop
   add   sp, sp, 32
   .cfi_def_cfa_offset 0
   ret
   .cfi_endproc
.LFE0:
   .size   swap, .-swap
   .section   .rodata
   .align   3
.LC0:
   .string   "a = %d; b = %d;\n"
   .text
   .align   2
   .global   main
   .type   main, %function
main:
.LFB1:
   .cfi_startproc
   stp   x29, x30, [sp, -32]!
   .cfi_def_cfa_offset 32
   .cfi_offset 29, -32
   .cfi_offset 30, -24
   mov   x29, sp
   mov   w0, 10
   str   w0, [sp, 28]
   mov   w0, 20
   str   w0, [sp, 24]
   ldr   w0, [sp, 28]
   ldr   w1, [sp, 24]
   mov   w2, w1
   mov   w1, w0
   adrp   x0, .LC0
   add   x0, x0, :lo12:.LC0
   bl   printf
   add   x1, sp, 24
   add   x0, sp, 28
   bl   swap
   ldr   w0, [sp, 28]
   ldr   w1, [sp, 24]
   mov   w2, w1
   mov   w1, w0
   adrp   x0, .LC0
   add   x0, x0, :lo12:.LC0
   bl   printf
   mov   w0, 0
   ldp   x29, x30, [sp], 32
   .cfi_restore 30
   .cfi_restore 29
   .cfi_def_cfa_offset 0
   ret
   .cfi_endproc
.LFE1:
   .size   main, .-main
   .ident   "GCC: (GNU) 10.2.1 20200907 [ revision ce3001ff1d734e0763a1a5e434272bf89df1fe06]"
   .section   .note.GNU-stack,"",@progbits

1.2 目标文件反汇编

aarch64-linux-gnu-gcc -c -o main.o main.c
aarch64-linux-gnu-objdump -s -d main.o > main.o.txt

main.o: file format elf64-littleaarch64

Contents of section .text:
0000 ff8300d1 e00700f9 e10300f9 e00740f9 ..............@.
0010 000040b9 e01f00b9 e00340f9 010040b9 ..@.......@...@.
0020 e00740f9 010000b9 e00340f9 e11f40b9 ..@.......@...@.
0030 010000b9 1f2003d5 ff830091 c0035fd6 ..... ........_.
0040 fd7bbea9 fd030091 40018052 e01f00b9 .{......@..R....
0050 80028052 e01b00b9 e01f40b9 e11b40b9 ...R......@...@.
0060 e203012a e103002a 00000090 00000091 ...*...*........
0070 00000094 e1630091 e0730091 00000094 .....c...s......
0080 e01f40b9 e11b40b9 e203012a e103002a ..@...@....*...*
0090 00000090 00000091 00000094 00008052 ...............R
00a0 fd7bc2a8 c0035fd6                    .{...._.
Contents of section .rodata:
0000 61203d20 25643b20 62203d20 25643b0a a = %d; b = %d;.
0010 00                                   .
Contents of section .comment:
0000 00474343 3a202847 4e552920 31302e32 .GCC: (GNU) 10.2
0010 2e312032 30323030 39303720 5b207265 .1 20200907 [ re
0020 76697369 6f6e2063 65333030 31666631 vision ce3001ff1
0030 64373334 65303736 33613161 35653433 d734e0763a1a5e43
0040 34323732 62663839 64663166 6530365d 4272bf89df1fe06]
0050 00                                   .
Contents of section .eh_frame:
0000 10000000 00000000 017a5200 04781e01 .........zR..x..
0010 1b0c1f00 14000000 18000000 00000000 ................
0020 40000000 00410e20 4e0e0000 20000000 @....A. N... ...
0030 30000000 00000000 68000000 00410e20 0.......h....A.
0040 9d049e03 58dedd0e 00000000 00000000 ....X...........

Disassembly of section .text:

0000000000000000 <swap>:
   0:   d10083ff    sub   sp, sp, #0x20
   4:   f90007e0    str   x0, [sp, #8]
   8:   f90003e1    str   x1, [sp]
   c:   f94007e0    ldr   x0, [sp, #8]
10:   b9400000    ldr   w0, [x0]
14:   b9001fe0    str   w0, [sp, #28]
18:   f94003e0    ldr   x0, [sp]
1c:   b9400001    ldr   w1, [x0]
20:   f94007e0    ldr   x0, [sp, #8]
24:   b9000001    str   w1, [x0]
28:   f94003e0    ldr   x0, [sp]
2c:   b9401fe1    ldr   w1, [sp, #28]
30:   b9000001    str   w1, [x0]
34:   d503201f    nop
38:   910083ff    add   sp, sp, #0x20
3c:   d65f03c0    ret

0000000000000040 <main>:
40:   a9be7bfd    stp   x29, x30, [sp, #-32]!
44:   910003fd    mov   x29, sp
48:   52800140    mov   w0, #0xa                      // #10
4c:   b9001fe0    str   w0, [sp, #28]
50:   52800280    mov   w0, #0x14                     // #20
54:   b9001be0    str   w0, [sp, #24]
58:   b9401fe0    ldr   w0, [sp, #28]
5c:   b9401be1    ldr   w1, [sp, #24]
60:   2a0103e2    mov   w2, w1
64:   2a0003e1    mov   w1, w0
68:   90000000    adrp   x0, 0 <swap>
6c:   91000000    add   x0, x0, #0x0
70:   94000000    bl   0 <printf>
74:   910063e1    add   x1, sp, #0x18
78:   910073e0    add   x0, sp, #0x1c
7c:   94000000    bl   0 <swap>
80:   b9401fe0    ldr   w0, [sp, #28]
84:   b9401be1    ldr   w1, [sp, #24]
88:   2a0103e2    mov   w2, w1
8c:   2a0003e1    mov   w1, w0
90:   90000000    adrp   x0, 0 <swap>
94:   91000000    add   x0, x0, #0x0
98:   94000000    bl   0 <printf>
9c:   52800000    mov   w0, #0x0                      // #0
a0:   a8c27bfd    ldp   x29, x30, [sp], #32
a4:   d65f03c0    ret

目标文件main.o的反汇编结果输出到文件main.o.txt
反汇编同时显示源代码

aarch64-linux-gnu-gcc -g -c -o main.o main.c
aarch64-linux-gnu-objdump -S -d main.o > main.o.txt

main.o: file format elf64-littleaarch64

Disassembly of section .text:

0000000000000000 <swap>:
/* main.c */
#include <stdio.h>

void swap(int* first, int* second){
   0:   d10083ff    sub   sp, sp, #0x20
   4:   f90007e0    str   x0, [sp, #8]
   8:   f90003e1    str   x1, [sp]
    int temp = *first;
   c:   f94007e0    ldr   x0, [sp, #8]
10:   b9400000    ldr   w0, [x0]
14:   b9001fe0    str   w0, [sp, #28]
    *first = *second;
18:   f94003e0    ldr   x0, [sp]
1c:   b9400001    ldr   w1, [x0]
20:   f94007e0    ldr   x0, [sp, #8]
24:   b9000001    str   w1, [x0]
    *second = temp;
28:   f94003e0    ldr   x0, [sp]
2c:   b9401fe1    ldr   w1, [sp, #28]
30:   b9000001    str   w1, [x0]
}
34:   d503201f    nop
38:   910083ff    add   sp, sp, #0x20
3c:   d65f03c0    ret

0000000000000040 <main>:

int main(void){
40:   a9be7bfd    stp   x29, x30, [sp, #-32]!
44:   910003fd    mov   x29, sp
    int a = 10;
48:   52800140    mov   w0, #0xa                      // #10
4c:   b9001fe0    str   w0, [sp, #28]
    int b = 20;
50:   52800280    mov   w0, #0x14                     // #20
54:   b9001be0    str   w0, [sp, #24]

    printf("a = %d; b = %d;\n", a, b);
58:   b9401fe0    ldr   w0, [sp, #28]
5c:   b9401be1    ldr   w1, [sp, #24]
60:   2a0103e2    mov   w2, w1
64:   2a0003e1    mov   w1, w0
68:   90000000    adrp   x0, 0 <swap>
6c:   91000000    add   x0, x0, #0x0
70:   94000000    bl   0 <printf>
    swap(&a, &b);
74:   910063e1    add   x1, sp, #0x18
78:   910073e0    add   x0, sp, #0x1c
7c:   94000000    bl   0 <swap>
    printf("a = %d; b = %d;\n", a, b);
80:   b9401fe0    ldr   w0, [sp, #28]
84:   b9401be1    ldr   w1, [sp, #24]
88:   2a0103e2    mov   w2, w1
8c:   2a0003e1    mov   w1, w0
90:   90000000    adrp   x0, 0 <swap>
94:   91000000    add   x0, x0, #0x0
98:   94000000    bl   0 <printf>

    return 0;
9c:   52800000    mov   w0, #0x0                      // #0
}
a0:   a8c27bfd    ldp   x29, x30, [sp], #32
a4:   d65f03c0    ret

显示源代码同时显示行号

objdump -j .text -ld -C -S main.o > main.o.txt

1.3 可执行文件反汇编

gcc -o main main.c
objdump -s -d main > main.txt

反汇编同时显示源代码

gcc -g -o main main.c
objdump -S -d main > main.txt

1.4 objdump反汇编常用参数

    objdump -d <file(s)>: 将代码段反汇编；
    objdump -S <file(s)>: 将代码段反汇编的同时，将反汇编代码与源代码交替显示，编译时需要使用-g参数，即需要调试信息；
    objdump -C <file(s)>: 将C++符号名逆向解析
    objdump -l <file(s)>: 反汇编代码中插入文件名和行号
    objdump -j section <file(s)>: 仅反汇编指定的section

2 objdump帮助信息

aarch64-linux-gnu-objdump <option(s)> <file(s)>
Display information from object <file(s)>.
At least one of the following switches must be given:
-a, --archive-headers    Display archive header information
-f, --file-headers       Display the contents of the overall file header
-p, --private-headers    Display object format specific file header contents
-P, --private=OPT,OPT... Display object format specific contents
-h, --[section-]headers Display the contents of the section headers
-x, --all-headers        Display the contents of all headers
-d, --disassemble        Display assembler contents of executable sections
-D, --disassemble-all    Display assembler contents of all sections
      --disassemble=<sym> Display assembler contents from <sym>
-S, --source             Intermix source code with disassembly
      --source-comment[=<txt>] Prefix lines of source code with <txt>
-s, --full-contents      Display the full contents of all sections requested
-g, --debugging          Display debug information in object file
-e, --debugging-tags     Display debug information using ctags style
-G, --stabs              Display (in raw form) any STABS info in the file
-W[lLiaprmfFsoORtUuTgAckK] or
--dwarf[=rawline,=decodedline,=info,=abbrev,=pubnames,=aranges,=macro,=frames,
          =frames-interp,=str,=str-offsets,=loc,=Ranges,=pubtypes,
          =gdb_index,=trace_info,=trace_abbrev,=trace_aranges,
          =addr,=cu_index,=links,=follow-links]
                           Display DWARF info in the file
--ctf=SECTION            Display CTF info from SECTION
-t, --syms               Display the contents of the symbol table(s)
-T, --dynamic-syms       Display the contents of the dynamic symbol table
-r, --reloc              Display the relocation entries in the file
-R, --dynamic-reloc      Display the dynamic relocation entries in the file
@<file>                  Read options from <file>
-v, --version            Display this program's version number
-i, --info               List object formats and architectures supported
-H, --help               Display this information