objdump

This question already has answers here : Closed 6 years ago . Possible Duplicate: Disassembling, modifying and then reassembling a Linux executable I've been told that assembly and dissassembly are not inverses. Apparently, you can't dissassemble a program, put that output directly into an assembler, and expect it to run correctly because information is lost. My question is, why is information lost? Also, what information is lost? One important thing that disassemblers (or their users) routinely do not preserve is the instruction encoding. Some instructions can be encoded in multiple different

I have not been successful in finding an answer on this question. Using GDB, I can use the command "call" to get the prototype of a function. Example: (gdb) call fn $1 = {void (int, int)} 0x8048414 <fn> So, GDB is able to figure out, only from the elf-file, that fn() returns void and takes two integers as arguments. However, I need to use some other tool to extract the function prototypes from an elf file. Preferably, I want to use objdump / readelf. Does anyone know if this is possible? If it is not possible, how does GDB do it? In which section of the elf file is the function prototypes

I'm trying to disassemble an object built for ARM with gcc. Unfortunately, objdump is trying to guess whether the code is ARM and Thumb, and is getting it wrong: it thinks my code is Thumb when it's actually ARM. I see that objdump has an option to force it to interpret all instructions as Thumb ( -Mforce-thumb ), but it doesn't have one to force ARM mode! This seems like a really weird omission to me, and it's seriously hampering my ability to get work done (I'm on an embedded device and my only means of debugging is to look at the disassembly). I've tried various approaches, including trying

I am using objdump to analyze a shared object's memory usage. Along with the .data and .rodata sections I see a .data.rel.ro section. Anyone know what this used for? I found the answer here : gcc, the GNU linker, and the glibc dynamic linker cooperate to implement an idea called read-only relocations, or relro. This permits the linker to designate a part of an executable or (more commonly) a shared library as being read-only after dynamic relocations have been applied. This may be used for read-only global variables which are initialized to something which requires a relocation, such as the

There is this output of objdump on some object file: $ objdump -h main.o main.o: file format elf32-i386 Sections: Idx Name Size VMA LMA File off Algn 0 .text 0000000b 00000000 00000000 00000034 2**2 CONTENTS, ALLOC, LOAD, READONLY, CODE 1 .data 00000000 00000000 00000000 00000040 2**2 CONTENTS, ALLOC, LOAD, DATA 2 .bss 00000000 00000000 00000000 00000040 2**2 ALLOC 3 .note.GNU-stack 00000000 00000000 00000000 00000040 2**0 CONTENTS, READONLY, CODE What do these flags CONTENTS, ALLOC, LOAD and so on mean? What you see is the interpretation of the combination of ELF segment flags, section type

I have an object file and am trying to disassemble it. When I use: objdump -d example.o I get an assembly in code in the file format of elf64-x86-64 . I am trying to disassemble this into ARM, how do I go about doing this? If you want to do disassemble of ARM code, you'd better have an ARM tool chain, this is what I got: http://bb.osmocom.org/trac/wiki/toolchain After you have this, you can use arm-elf-objdump instead of objdump. The command I used is arm-elf-objdump -D -b binary -marm binaryfile.dat If you look the manpage, you will find "-b" is followed by the file type. Sorry I don't know