objdump

I need to learn about the ELF file layout for a project I am working on and I noticed the existence of these tools. Why do all Linux distributions include both readelf and objdump? Do these tools complement one another? When would i prefer to use one over another? from binutils/readelf.c: /* The difference between readelf and objdump: Both programs are capabale of displaying the contents of ELF format files, so why does the binutils project have two file dumpers ? The reason is that objdump sees an ELF file through a BFD filter of the world; if BFD has a bug where, say, it disagrees about a

SYMBOL TABLE: 0000000000000000 w *UND* 0000000000000000 __gmon_start__ I've man objdump but there's no such info. Anyone know what the 5 columns mean? red-E COLUMN ONE: the symbol's value COLUMN TWO: a set of characters and spaces indicating the flag bits that are set on the symbol. There are seven groupings which are listed below: group one: (l,g,,!) local, global, neither, both. group two: (w,) weak or strong symbol. group three: (C,) symbol denotes a constructor or an ordinary symbol. group four: (W,) symbol is warning or normal symbol. group five: (I,) indirect reference to another symbol

How do I find out which functions of a shared object are used by a program or an other library? In this specific case, I would like to see which functions in /lib/libgcc1_s.so.1 are used by an other dynamic library. Since they are dynamically linked, objdump -d doesn't resolve the function call addresses. Is there a way short of running the program in a debugger or relinking statically? Thanks, Luca Edit: nm and readelf won't do, I don't need to see which symbols are present in a shared object, but which are actually used in an other object that links to it. nm will only work if the library

$ objdump -f ./a.out ./a.out: file format elf32-i386 architecture: i386, flags 0x00000112: EXEC_P, HAS_SYMS, D_PAGED start address 0x080484e0 $ objdump -f function.o function.o: file format elf32-i386 architecture: i386, flags 0x00000011: HAS_RELOC, HAS_SYMS start address 0x00000000 What is the meaning of flags (flags 0x00000011: OR flags 0x00000112:) ? Nothin in the ELF header file has this flag. e_flag contain 0. Someone have an idea about his meaning ? Thanks They are BFD-specific bitmasks. In the binutils source tree, see bfd/bfd-in2.h: /* BFD contains relocation entries. */ #define HAS

If I run objdump -d on a (linux amd64) .o file, function calls show up without the link time resolution done. Example: 90: 66 89 44 24 1c mov %ax,0x1c(%rsp) 95: 44 89 74 24 10 mov %r14d,0x10(%rsp) 9a: e8 00 00 00 00 callq 9f <foo+0x9f> 9f: 83 f8 ff cmp $0xffffffffffffffff,%eax a2: 74 5e je 102 <foo+0x102> A branch within the function shows up properly, but the callq is just the stub put in for the linker (with four bytes of zeros available for the linker to put a proper address into). Is there a way, without actually linking, to get an assembly listing that has the function names resolved? I

I wrote the simple C program (test.c) below:- #include<stdio.h> int main() { return 0; } and executed the follwing to understand size changes in .bss segment. gcc test.c -o test size test The output came out as:- text data bss dec hex filename 1115 552 8 1675 68b test I didn't declare anything globally or of static scope. So please explain why the bss segment size is of 8 bytes. I made the following change:- #include<stdio.h> int x; //declared global variable int main() { return 0; } But to my surprise, the output was same as previous:- text data bss dec hex filename 1115 552 8 1675 68b test

How to compile library with source code ? I am developing the native library with android ndk. Sometimes I got the crash dump messages from logcat. 06-18 15:24:58.545: INFO/DEBUG(24667): *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** 06-18 15:24:58.545: INFO/DEBUG(24667): Build fingerprint: 'nvidia/harmony/harmony/harmony:2.2/FRF91/20110304.134348:eng/test-keys' 06-18 15:24:58.545: INFO/DEBUG(24667): pid: 25870, tid: 26261 >>> com.andtv <<< 06-18 15:24:58.545: INFO/DEBUG(24667): signal 11 (SIGSEGV), fault addr 4a7b041c 06-18 15:24:58.545: INFO/DEBUG(24667): r0 4a7b041c r1

[root@xxx memcached-1.4.5]# objdump -R memcached-debug |grep freeaddrinfo 0000000000629e10 R_X86_64_JUMP_SLOT freeaddrinfo ... (gdb) disas freeaddrinfo Dump of assembler code for function freeaddrinfo: 0x00000037aa4baf10 <freeaddrinfo+0>: push %rbp 0x00000037aa4baf11 <freeaddrinfo+1>: push %rbx 0x00000037aa4baf12 <freeaddrinfo+2>: mov %rdi,%rbx So I know freeaddrinfo is a dynamically linked function,but how to know which .so it's defined in? Employed Russian See this answer . The info symbol freeadrinfo is one way to find out. On Linux and Solaris you can also use ldd and LD_DEBUG=symbols .