参考:objdump(Linux)反汇编命令使用指南_wang.wenchao的博客-CSDN博客_objdump反汇编命令
1 objdump反汇编示例
源文件main.c:
/* main.c */
#include
void swap(int* first, int* second){
int temp = *first;
*first = *second;
*second = temp;
}
int main(void){
int a = 10;
int b = 20;
printf("a = %d; b = %d;\n", a, b);
swap(&a, &b);
printf("a = %d; b = %d;\n", a, b);
return 0;
}
1.1 显示main.c的汇编代码
aarch64-linux-gnu-gcc -S -o main.s main.c
汇编文件main.s
.arch armv8-a
.file "main.c"
.text
.align 2
.global swap
.type swap, %function
swap:
.LFB0:
.cfi_startproc
sub sp, sp, #32
.cfi_def_cfa_offset 32
str x0, [sp, 8]
str x1, [sp]
ldr x0, [sp, 8]
ldr w0, [x0]
str w0, [sp, 28]
ldr x0, [sp]
ldr w1, [x0]
ldr x0, [sp, 8]
str w1, [x0]
ldr x0, [sp]
ldr w1, [sp, 28]
str w1, [x0]
nop
add sp, sp, 32
.cfi_def_cfa_offset 0
ret
.cfi_endproc
.LFE0:
.size swap, .-swap
.section .rodata
.align 3
.LC0:
.string "a = %d; b = %d;\n"
.text
.align 2
.global main
.type main, %function
main:
.LFB1:
.cfi_startproc
stp x29, x30, [sp, -32]!
.cfi_def_cfa_offset 32
.cfi_offset 29, -32
.cfi_offset 30, -24
mov x29, sp
mov w0, 10
str w0, [sp, 28]
mov w0, 20
str w0, [sp, 24]
ldr w0, [sp, 28]
ldr w1, [sp, 24]
mov w2, w1
mov w1, w0
adrp x0, .LC0
add x0, x0, :lo12:.LC0
bl printf
add x1, sp, 24
add x0, sp, 28
bl swap
ldr w0, [sp, 28]
ldr w1, [sp, 24]
mov w2, w1
mov w1, w0
adrp x0, .LC0
add x0, x0, :lo12:.LC0
bl printf
mov w0, 0
ldp x29, x30, [sp], 32
.cfi_restore 30
.cfi_restore 29
.cfi_def_cfa_offset 0
ret
.cfi_endproc
.LFE1:
.size main, .-main
.ident "GCC: (GNU) 10.2.1 20200907 [ revision ce3001ff1d734e0763a1a5e434272bf89df1fe06]"
.section .note.GNU-stack,"",@progbits
1.2 目标文件反汇编
aarch64-linux-gnu-gcc -c -o main.o main.c
aarch64-linux-gnu-objdump -s -d main.o > main.o.txt
main.o: file format elf64-littleaarch64
Contents of section .text:
0000 ff8300d1 e00700f9 e10300f9 e00740f9 ..............@.
0010 000040b9 e01f00b9 e00340f9 010040b9 ..@.......@...@.
0020 e00740f9 010000b9 e00340f9 e11f40b9 ..@.......@...@.
0030 010000b9 1f2003d5 ff830091 c0035fd6 ..... ........_.
0040 fd7bbea9 fd030091 40018052 e01f00b9 .{[email protected]....
0050 80028052 e01b00b9 e01f40b9 e11b40b9 ...R......@...@.
0060 e203012a e103002a 00000090 00000091 ...*...*........
0070 00000094 e1630091 e0730091 00000094 .....c...s......
0080 e01f40b9 e11b40b9 e203012a e103002a ..@...@....*...*
0090 00000090 00000091 00000094 00008052 ...............R
00a0 fd7bc2a8 c0035fd6 .{...._.
Contents of section .rodata:
0000 61203d20 25643b20 62203d20 25643b0a a = %d; b = %d;.
0010 00 .
Contents of section .comment:
0000 00474343 3a202847 4e552920 31302e32 .GCC: (GNU) 10.2
0010 2e312032 30323030 39303720 5b207265 .1 20200907 [ re
0020 76697369 6f6e2063 65333030 31666631 vision ce3001ff1
0030 64373334 65303736 33613161 35653433 d734e0763a1a5e43
0040 34323732 62663839 64663166 6530365d 4272bf89df1fe06]
0050 00 .
Contents of section .eh_frame:
0000 10000000 00000000 017a5200 04781e01 .........zR..x..
0010 1b0c1f00 14000000 18000000 00000000 ................
0020 40000000 00410e20 4e0e0000 20000000 @....A. N... ...
0030 30000000 00000000 68000000 00410e20 0.......h....A.
0040 9d049e03 58dedd0e 00000000 00000000 ....X...........
Disassembly of section .text:
0000000000000000 :
0: d10083ff sub sp, sp, #0x20
4: f90007e0 str x0, [sp, #8]
8: f90003e1 str x1, [sp]
c: f94007e0 ldr x0, [sp, #8]
10: b9400000 ldr w0, [x0]
14: b9001fe0 str w0, [sp, #28]
18: f94003e0 ldr x0, [sp]
1c: b9400001 ldr w1, [x0]
20: f94007e0 ldr x0, [sp, #8]
24: b9000001 str w1, [x0]
28: f94003e0 ldr x0, [sp]
2c: b9401fe1 ldr w1, [sp, #28]
30: b9000001 str w1, [x0]
34: d503201f nop
38: 910083ff add sp, sp, #0x20
3c: d65f03c0 ret
0000000000000040 :
40: a9be7bfd stp x29, x30, [sp, #-32]!
44: 910003fd mov x29, sp
48: 52800140 mov w0, #0xa // #10
4c: b9001fe0 str w0, [sp, #28]
50: 52800280 mov w0, #0x14 // #20
54: b9001be0 str w0, [sp, #24]
58: b9401fe0 ldr w0, [sp, #28]
5c: b9401be1 ldr w1, [sp, #24]
60: 2a0103e2 mov w2, w1
64: 2a0003e1 mov w1, w0
68: 90000000 adrp x0, 0
6c: 91000000 add x0, x0, #0x0
70: 94000000 bl 0
74: 910063e1 add x1, sp, #0x18
78: 910073e0 add x0, sp, #0x1c
7c: 94000000 bl 0
80: b9401fe0 ldr w0, [sp, #28]
84: b9401be1 ldr w1, [sp, #24]
88: 2a0103e2 mov w2, w1
8c: 2a0003e1 mov w1, w0
90: 90000000 adrp x0, 0
94: 91000000 add x0, x0, #0x0
98: 94000000 bl 0
9c: 52800000 mov w0, #0x0 // #0
a0: a8c27bfd ldp x29, x30, [sp], #32
a4: d65f03c0 ret
目标文件main.o的反汇编结果输出到文件main.o.txt
反汇编同时显示源代码
aarch64-linux-gnu-gcc -g -c -o main.o main.c
aarch64-linux-gnu-objdump -S -d main.o > main.o.txt
main.o: file format elf64-littleaarch64
Disassembly of section .text:
0000000000000000 :
/* main.c */
#include
void swap(int* first, int* second){
0: d10083ff sub sp, sp, #0x20
4: f90007e0 str x0, [sp, #8]
8: f90003e1 str x1, [sp]
int temp = *first;
c: f94007e0 ldr x0, [sp, #8]
10: b9400000 ldr w0, [x0]
14: b9001fe0 str w0, [sp, #28]
*first = *second;
18: f94003e0 ldr x0, [sp]
1c: b9400001 ldr w1, [x0]
20: f94007e0 ldr x0, [sp, #8]
24: b9000001 str w1, [x0]
*second = temp;
28: f94003e0 ldr x0, [sp]
2c: b9401fe1 ldr w1, [sp, #28]
30: b9000001 str w1, [x0]
}
34: d503201f nop
38: 910083ff add sp, sp, #0x20
3c: d65f03c0 ret
0000000000000040 :
int main(void){
40: a9be7bfd stp x29, x30, [sp, #-32]!
44: 910003fd mov x29, sp
int a = 10;
48: 52800140 mov w0, #0xa // #10
4c: b9001fe0 str w0, [sp, #28]
int b = 20;
50: 52800280 mov w0, #0x14 // #20
54: b9001be0 str w0, [sp, #24]
printf("a = %d; b = %d;\n", a, b);
58: b9401fe0 ldr w0, [sp, #28]
5c: b9401be1 ldr w1, [sp, #24]
60: 2a0103e2 mov w2, w1
64: 2a0003e1 mov w1, w0
68: 90000000 adrp x0, 0
6c: 91000000 add x0, x0, #0x0
70: 94000000 bl 0
swap(&a, &b);
74: 910063e1 add x1, sp, #0x18
78: 910073e0 add x0, sp, #0x1c
7c: 94000000 bl 0
printf("a = %d; b = %d;\n", a, b);
80: b9401fe0 ldr w0, [sp, #28]
84: b9401be1 ldr w1, [sp, #24]
88: 2a0103e2 mov w2, w1
8c: 2a0003e1 mov w1, w0
90: 90000000 adrp x0, 0
94: 91000000 add x0, x0, #0x0
98: 94000000 bl 0
return 0;
9c: 52800000 mov w0, #0x0 // #0
}
a0: a8c27bfd ldp x29, x30, [sp], #32
a4: d65f03c0 ret
显示源代码同时显示行号
objdump -j .text -ld -C -S main.o > main.o.txt
1.3 可执行文件反汇编
gcc -o main main.c
objdump -s -d main > main.txt
反汇编同时显示源代码
gcc -g -o main main.c
objdump -S -d main > main.txt
1.4 objdump反汇编常用参数
objdump -d : 将代码段反汇编;
objdump -S : 将代码段反汇编的同时,将反汇编代码与源代码交替显示,编译时需要使用-g参数,即需要调试信息;
objdump -C : 将C++符号名逆向解析
objdump -l : 反汇编代码中插入文件名和行号
objdump -j section : 仅反汇编指定的section
2 objdump帮助信息
aarch64-linux-gnu-objdump
Display information from object .
At least one of the following switches must be given:
-a, --archive-headers Display archive header information
-f, --file-headers Display the contents of the overall file header
-p, --private-headers Display object format specific file header contents
-P, --private=OPT,OPT... Display object format specific contents
-h, --[section-]headers Display the contents of the section headers
-x, --all-headers Display the contents of all headers
-d, --disassemble Display assembler contents of executable sections
-D, --disassemble-all Display assembler contents of all sections
--disassemble= Display assembler contents from
-S, --source Intermix source code with disassembly
--source-comment[=] Prefix lines of source code with
-s, --full-contents Display the full contents of all sections requested
-g, --debugging Display debug information in object file
-e, --debugging-tags Display debug information using ctags style
-G, --stabs Display (in raw form) any STABS info in the file
-W[lLiaprmfFsoORtUuTgAckK] or
--dwarf[=rawline,=decodedline,=info,=abbrev,=pubnames,=aranges,=macro,=frames,
=frames-interp,=str,=str-offsets,=loc,=Ranges,=pubtypes,
=gdb_index,=trace_info,=trace_abbrev,=trace_aranges,
=addr,=cu_index,=links,=follow-links]
Display DWARF info in the file
--ctf=SECTION Display CTF info from SECTION
-t, --syms Display the contents of the symbol table(s)
-T, --dynamic-syms Display the contents of the dynamic symbol table
-r, --reloc Display the relocation entries in the file
-R, --dynamic-reloc Display the dynamic relocation entries in the file
@ Read options from
-v, --version Display this program's version number
-i, --info List object formats and architectures supported
-H, --help Display this information
