搜索歷史

清空
搜索熱詞
      0
      • 聊天消息
      • 系統(tǒng)消息
      • 評(píng)論與回復(fù)
      VIP于 到期 續(xù)費(fèi)
      登錄后你可以
      • 下載海量資料
      • 學(xué)習(xí)在線課程
      • 觀看技術(shù)視頻
      • 寫文章/發(fā)帖/加入社區(qū)
      會(huì)員中心
      創(chuàng)作中心
      發(fā)布
      創(chuàng)作活動(dòng)

      完善資料讓更多小伙伴認(rèn)識(shí)你,還能領(lǐng)取20積分哦,立即完善>

      3天內(nèi)不再提示

      【RT-Thread學(xué)習(xí)筆記】使用objdump反匯編

      嵌入式物聯(lián)網(wǎng)開發(fā) ? 來源:嵌入式物聯(lián)網(wǎng)開發(fā) ? 作者:嵌入式物聯(lián)網(wǎng)開發(fā) ? 2022-07-30 14:03 ? 次閱讀

      ?本文將簡(jiǎn)單介紹如何使用objdump工具進(jìn)行反匯編

      本文的前提是你的Linux編程環(huán)境有g(shù)cc工具和objdump工具,沒有請(qǐng)自行安裝。

      先給出一段C代碼作為源文件,很簡(jiǎn)單的功能,就是實(shí)現(xiàn)c=a+b的功能,代碼如下:

      
#include 

static int add_a_and_b(int a, int b)
{
    return a + b;
}

int main(int argc, const char *argv[])
{
    int a = 1;
    int b = 2;
    int c;
	
    c = add_a_and_b(a, b);
    printf(" %d + %d = %d\n", a, b, c);
	
    return c;
}
      poYBAGDYdXCAWkKMAAAAK8RNs4s030.png

      接下來,我們要使用gcc編譯這段C代碼,編程可執(zhí)行程序,執(zhí)行命令如下:

      gcc -o gcc_objdump gcc_objdump.c
      poYBAGDYdXCAWkKMAAAAK8RNs4s030.png

      它將會(huì)生成一個(gè)名字叫g(shù)cc_objdump的elf可執(zhí)行文件,通過運(yùn)行該文件可以得到執(zhí)行結(jié)果,如下圖所示:

      通過file命令,我們可以知道gcc_objdump這個(gè)可執(zhí)行文件是一個(gè)elf文件,而我們要進(jìn)行反匯編操作,就是要以這個(gè)elf文件為輸入,得到匯編代碼,這個(gè)過程,我們就稱之為【反匯編】。

      要進(jìn)行反匯編操作,我們需要用到一個(gè)叫objdump的命令行工具,它的介紹可以自行到網(wǎng)上搜索,簡(jiǎn)單來說,就是一個(gè)可以將elf文件還原成匯編代碼的工具,非常的使用。它的使用方法如下,在命令輸入:

      objdump -l -x -d gcc_objdump > gcc_objdump.dmp
      poYBAGDYdXCAWkKMAAAAK8RNs4s030.png

      我們就可以得到匯編文件gcc_objdump.dmp,我們用文本查看工具,如notepad++打開它,并閱讀它。

      
gcc_objdump:     file format elf64-x86-64
gcc_objdump
architecture: i386:x86-64, flags 0x00000112:
EXEC_P, HAS_SYMS, D_PAGED
start address 0x0000000000400430

Program Header:
    PHDR off    0x0000000000000040 vaddr 0x0000000000400040 paddr 0x0000000000400040 align 2**3
         filesz 0x00000000000001f8 memsz 0x00000000000001f8 flags r-x
  INTERP off    0x0000000000000238 vaddr 0x0000000000400238 paddr 0x0000000000400238 align 2**0
         filesz 0x000000000000001c memsz 0x000000000000001c flags r--
    LOAD off    0x0000000000000000 vaddr 0x0000000000400000 paddr 0x0000000000400000 align 2**21
         filesz 0x0000000000000774 memsz 0x0000000000000774 flags r-x
    LOAD off    0x0000000000000e10 vaddr 0x0000000000600e10 paddr 0x0000000000600e10 align 2**21
         filesz 0x0000000000000228 memsz 0x0000000000000230 flags rw-
 DYNAMIC off    0x0000000000000e28 vaddr 0x0000000000600e28 paddr 0x0000000000600e28 align 2**3
         filesz 0x00000000000001d0 memsz 0x00000000000001d0 flags rw-
    NOTE off    0x0000000000000254 vaddr 0x0000000000400254 paddr 0x0000000000400254 align 2**2
         filesz 0x0000000000000044 memsz 0x0000000000000044 flags r--
EH_FRAME off    0x0000000000000624 vaddr 0x0000000000400624 paddr 0x0000000000400624 align 2**2
         filesz 0x000000000000003c memsz 0x000000000000003c flags r--
   STACK off    0x0000000000000000 vaddr 0x0000000000000000 paddr 0x0000000000000000 align 2**4
         filesz 0x0000000000000000 memsz 0x0000000000000000 flags rw-
   RELRO off    0x0000000000000e10 vaddr 0x0000000000600e10 paddr 0x0000000000600e10 align 2**0
         filesz 0x00000000000001f0 memsz 0x00000000000001f0 flags r--

Dynamic Section:
  NEEDED               libc.so.6
  INIT                 0x00000000004003c8
  FINI                 0x0000000000400604
  INIT_ARRAY           0x0000000000600e10
  INIT_ARRAYSZ         0x0000000000000008
  FINI_ARRAY           0x0000000000600e18
  FINI_ARRAYSZ         0x0000000000000008
  GNU_HASH             0x0000000000400298
  STRTAB               0x0000000000400318
  SYMTAB               0x00000000004002b8
  STRSZ                0x000000000000003f
  SYMENT               0x0000000000000018
  DEBUG                0x0000000000000000
  PLTGOT               0x0000000000601000
  PLTRELSZ             0x0000000000000030
  PLTREL               0x0000000000000007
  JMPREL               0x0000000000400398
  RELA                 0x0000000000400380
  RELASZ               0x0000000000000018
  RELAENT              0x0000000000000018
  VERNEED              0x0000000000400360
  VERNEEDNUM           0x0000000000000001
  VERSYM               0x0000000000400358

Version References:
  required from libc.so.6:
    0x09691a75 0x00 02 GLIBC_2.2.5

Sections:
Idx Name          Size      VMA               LMA               File off  Algn
  0 .interp       0000001c  0000000000400238  0000000000400238  00000238  2**0
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  1 .note.ABI-tag 00000020  0000000000400254  0000000000400254  00000254  2**2
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  2 .note.gnu.build-id 00000024  0000000000400274  0000000000400274  00000274  2**2
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  3 .gnu.hash     0000001c  0000000000400298  0000000000400298  00000298  2**3
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  4 .dynsym       00000060  00000000004002b8  00000000004002b8  000002b8  2**3
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  5 .dynstr       0000003f  0000000000400318  0000000000400318  00000318  2**0
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  6 .gnu.version  00000008  0000000000400358  0000000000400358  00000358  2**1
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  7 .gnu.version_r 00000020  0000000000400360  0000000000400360  00000360  2**3
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  8 .rela.dyn     00000018  0000000000400380  0000000000400380  00000380  2**3
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  9 .rela.plt     00000030  0000000000400398  0000000000400398  00000398  2**3
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
 10 .init         0000001a  00000000004003c8  00000000004003c8  000003c8  2**2
                  CONTENTS, ALLOC, LOAD, READONLY, CODE
 11 .plt          00000030  00000000004003f0  00000000004003f0  000003f0  2**4
                  CONTENTS, ALLOC, LOAD, READONLY, CODE
 12 .plt.got      00000008  0000000000400420  0000000000400420  00000420  2**3
                  CONTENTS, ALLOC, LOAD, READONLY, CODE
 13 .text         000001d2  0000000000400430  0000000000400430  00000430  2**4
                  CONTENTS, ALLOC, LOAD, READONLY, CODE
 14 .fini         00000009  0000000000400604  0000000000400604  00000604  2**2
                  CONTENTS, ALLOC, LOAD, READONLY, CODE
 15 .rodata       00000013  0000000000400610  0000000000400610  00000610  2**2
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
 16 .eh_frame_hdr 0000003c  0000000000400624  0000000000400624  00000624  2**2
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
 17 .eh_frame     00000114  0000000000400660  0000000000400660  00000660  2**3
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
 18 .init_array   00000008  0000000000600e10  0000000000600e10  00000e10  2**3
                  CONTENTS, ALLOC, LOAD, DATA
 19 .fini_array   00000008  0000000000600e18  0000000000600e18  00000e18  2**3
                  CONTENTS, ALLOC, LOAD, DATA
 20 .jcr          00000008  0000000000600e20  0000000000600e20  00000e20  2**3
                  CONTENTS, ALLOC, LOAD, DATA
 21 .dynamic      000001d0  0000000000600e28  0000000000600e28  00000e28  2**3
                  CONTENTS, ALLOC, LOAD, DATA
 22 .got          00000008  0000000000600ff8  0000000000600ff8  00000ff8  2**3
                  CONTENTS, ALLOC, LOAD, DATA
 23 .got.plt      00000028  0000000000601000  0000000000601000  00001000  2**3
                  CONTENTS, ALLOC, LOAD, DATA
 24 .data         00000010  0000000000601028  0000000000601028  00001028  2**3
                  CONTENTS, ALLOC, LOAD, DATA
 25 .bss          00000008  0000000000601038  0000000000601038  00001038  2**0
                  ALLOC
 26 .comment      00000035  0000000000000000  0000000000000000  00001038  2**0
                  CONTENTS, READONLY
SYMBOL TABLE:
0000000000400238 l    d  .interp	0000000000000000              .interp
0000000000400254 l    d  .note.ABI-tag	0000000000000000              .note.ABI-tag
0000000000400274 l    d  .note.gnu.build-id	0000000000000000              .note.gnu.build-id
0000000000400298 l    d  .gnu.hash	0000000000000000              .gnu.hash
00000000004002b8 l    d  .dynsym	0000000000000000              .dynsym
0000000000400318 l    d  .dynstr	0000000000000000              .dynstr
0000000000400358 l    d  .gnu.version	0000000000000000              .gnu.version
0000000000400360 l    d  .gnu.version_r	0000000000000000              .gnu.version_r
0000000000400380 l    d  .rela.dyn	0000000000000000              .rela.dyn
0000000000400398 l    d  .rela.plt	0000000000000000              .rela.plt
00000000004003c8 l    d  .init	0000000000000000              .init
00000000004003f0 l    d  .plt	0000000000000000              .plt
0000000000400420 l    d  .plt.got	0000000000000000              .plt.got
0000000000400430 l    d  .text	0000000000000000              .text
0000000000400604 l    d  .fini	0000000000000000              .fini
0000000000400610 l    d  .rodata	0000000000000000              .rodata
0000000000400624 l    d  .eh_frame_hdr	0000000000000000              .eh_frame_hdr
0000000000400660 l    d  .eh_frame	0000000000000000              .eh_frame
0000000000600e10 l    d  .init_array	0000000000000000              .init_array
0000000000600e18 l    d  .fini_array	0000000000000000              .fini_array
0000000000600e20 l    d  .jcr	0000000000000000              .jcr
0000000000600e28 l    d  .dynamic	0000000000000000              .dynamic
0000000000600ff8 l    d  .got	0000000000000000              .got
0000000000601000 l    d  .got.plt	0000000000000000              .got.plt
0000000000601028 l    d  .data	0000000000000000              .data
0000000000601038 l    d  .bss	0000000000000000              .bss
0000000000000000 l    d  .comment	0000000000000000              .comment
0000000000000000 l    df *ABS*	0000000000000000              crtstuff.c
0000000000600e20 l     O .jcr	0000000000000000              __JCR_LIST__
0000000000400460 l     F .text	0000000000000000              deregister_tm_clones
00000000004004a0 l     F .text	0000000000000000              register_tm_clones
00000000004004e0 l     F .text	0000000000000000              __do_global_dtors_aux
0000000000601038 l     O .bss	0000000000000001              completed.7594
0000000000600e18 l     O .fini_array	0000000000000000              __do_global_dtors_aux_fini_array_entry
0000000000400500 l     F .text	0000000000000000              frame_dummy
0000000000600e10 l     O .init_array	0000000000000000              __frame_dummy_init_array_entry
0000000000000000 l    df *ABS*	0000000000000000              gcc_objdump.c
0000000000400526 l     F .text	0000000000000014              add_a_and_b
0000000000000000 l    df *ABS*	0000000000000000              crtstuff.c
0000000000400770 l     O .eh_frame	0000000000000000              __FRAME_END__
0000000000600e20 l     O .jcr	0000000000000000              __JCR_END__
0000000000000000 l    df *ABS*	0000000000000000              
0000000000600e18 l       .init_array	0000000000000000              __init_array_end
0000000000600e28 l     O .dynamic	0000000000000000              _DYNAMIC
0000000000600e10 l       .init_array	0000000000000000              __init_array_start
0000000000400624 l       .eh_frame_hdr	0000000000000000              __GNU_EH_FRAME_HDR
0000000000601000 l     O .got.plt	0000000000000000              _GLOBAL_OFFSET_TABLE_
0000000000400600 g     F .text	0000000000000002              __libc_csu_fini
0000000000000000  w      *UND*	0000000000000000              _ITM_deregisterTMCloneTable
0000000000601028  w      .data	0000000000000000              data_start
0000000000601038 g       .data	0000000000000000              _edata
0000000000400604 g     F .fini	0000000000000000              _fini
0000000000000000       F *UND*	0000000000000000              printf@@GLIBC_2.2.5
0000000000000000       F *UND*	0000000000000000              __libc_start_main@@GLIBC_2.2.5
0000000000601028 g       .data	0000000000000000              __data_start
0000000000000000  w      *UND*	0000000000000000              __gmon_start__
0000000000601030 g     O .data	0000000000000000              .hidden __dso_handle
0000000000400610 g     O .rodata	0000000000000004              _IO_stdin_used
0000000000400590 g     F .text	0000000000000065              __libc_csu_init
0000000000601040 g       .bss	0000000000000000              _end
0000000000400430 g     F .text	000000000000002a              _start
0000000000601038 g       .bss	0000000000000000              __bss_start
000000000040053a g     F .text	000000000000004e              main
0000000000000000  w      *UND*	0000000000000000              _Jv_RegisterClasses
0000000000601038 g     O .data	0000000000000000              .hidden __TMC_END__
0000000000000000  w      *UND*	0000000000000000              _ITM_registerTMCloneTable
00000000004003c8 g     F .init	0000000000000000              _init



Disassembly of section .init:

00000000004003c8 <_init>:
_init():
  4003c8:	48 83 ec 08          	sub    $0x8,%rsp
  4003cc:	48 8b 05 25 0c 20 00 	mov    0x200c25(%rip),%rax        # 600ff8 <_DYNAMIC+0x1d0>
  4003d3:	48 85 c0             	test   %rax,%rax
  4003d6:	74 05                	je     4003dd <_init+0x15>
  4003d8:	e8 43 00 00 00       	callq  400420 <__libc_start_main@plt+0x10>
  4003dd:	48 83 c4 08          	add    $0x8,%rsp
  4003e1:	c3                   	retq   

Disassembly of section .plt:

00000000004003f0 :
  4003f0:	ff 35 12 0c 20 00    	pushq  0x200c12(%rip)        # 601008 <_GLOBAL_OFFSET_TABLE_+0x8>
  4003f6:	ff 25 14 0c 20 00    	jmpq   *0x200c14(%rip)        # 601010 <_GLOBAL_OFFSET_TABLE_+0x10>
  4003fc:	0f 1f 40 00          	nopl   0x0(%rax)

0000000000400400 :
  400400:	ff 25 12 0c 20 00    	jmpq   *0x200c12(%rip)        # 601018 <_GLOBAL_OFFSET_TABLE_+0x18>
  400406:	68 00 00 00 00       	pushq  $0x0
  40040b:	e9 e0 ff ff ff       	jmpq   4003f0 <_init+0x28>

0000000000400410 <__libc_start_main@plt>:
  400410:	ff 25 0a 0c 20 00    	jmpq   *0x200c0a(%rip)        # 601020 <_GLOBAL_OFFSET_TABLE_+0x20>
  400416:	68 01 00 00 00       	pushq  $0x1
  40041b:	e9 d0 ff ff ff       	jmpq   4003f0 <_init+0x28>

Disassembly of section .plt.got:

0000000000400420 <.plt.got>:
  400420:	ff 25 d2 0b 20 00    	jmpq   *0x200bd2(%rip)        # 600ff8 <_DYNAMIC+0x1d0>
  400426:	66 90                	xchg   %ax,%ax

Disassembly of section .text:

0000000000400430 <_start>:
_start():
  400430:	31 ed                	xor    %ebp,%ebp
  400432:	49 89 d1             	mov    %rdx,%r9
  400435:	5e                   	pop    %rsi
  400436:	48 89 e2             	mov    %rsp,%rdx
  400439:	48 83 e4 f0          	and    $0xfffffffffffffff0,%rsp
  40043d:	50                   	push   %rax
  40043e:	54                   	push   %rsp
  40043f:	49 c7 c0 00 06 40 00 	mov    $0x400600,%r8
  400446:	48 c7 c1 90 05 40 00 	mov    $0x400590,%rcx
  40044d:	48 c7 c7 3a 05 40 00 	mov    $0x40053a,%rdi
  400454:	e8 b7 ff ff ff       	callq  400410 <__libc_start_main@plt>
  400459:	f4                   	hlt    
  40045a:	66 0f 1f 44 00 00    	nopw   0x0(%rax,%rax,1)

0000000000400460 :
deregister_tm_clones():
  400460:	b8 3f 10 60 00       	mov    $0x60103f,%eax
  400465:	55                   	push   %rbp
  400466:	48 2d 38 10 60 00    	sub    $0x601038,%rax
  40046c:	48 83 f8 0e          	cmp    $0xe,%rax
  400470:	48 89 e5             	mov    %rsp,%rbp
  400473:	76 1b                	jbe    400490 
  400475:	b8 00 00 00 00       	mov    $0x0,%eax
  40047a:	48 85 c0             	test   %rax,%rax
  40047d:	74 11                	je     400490 
  40047f:	5d                   	pop    %rbp
  400480:	bf 38 10 60 00       	mov    $0x601038,%edi
  400485:	ff e0                	jmpq   *%rax
  400487:	66 0f 1f 84 00 00 00 	nopw   0x0(%rax,%rax,1)
  40048e:	00 00 
  400490:	5d                   	pop    %rbp
  400491:	c3                   	retq   
  400492:	0f 1f 40 00          	nopl   0x0(%rax)
  400496:	66 2e 0f 1f 84 00 00 	nopw   %cs:0x0(%rax,%rax,1)
  40049d:	00 00 00 

00000000004004a0 :
register_tm_clones():
  4004a0:	be 38 10 60 00       	mov    $0x601038,%esi
  4004a5:	55                   	push   %rbp
  4004a6:	48 81 ee 38 10 60 00 	sub    $0x601038,%rsi
  4004ad:	48 c1 fe 03          	sar    $0x3,%rsi
  4004b1:	48 89 e5             	mov    %rsp,%rbp
  4004b4:	48 89 f0             	mov    %rsi,%rax
  4004b7:	48 c1 e8 3f          	shr    $0x3f,%rax
  4004bb:	48 01 c6             	add    %rax,%rsi
  4004be:	48 d1 fe             	sar    %rsi
  4004c1:	74 15                	je     4004d8 
  4004c3:	b8 00 00 00 00       	mov    $0x0,%eax
  4004c8:	48 85 c0             	test   %rax,%rax
  4004cb:	74 0b                	je     4004d8 
  4004cd:	5d                   	pop    %rbp
  4004ce:	bf 38 10 60 00       	mov    $0x601038,%edi
  4004d3:	ff e0                	jmpq   *%rax
  4004d5:	0f 1f 00             	nopl   (%rax)
  4004d8:	5d                   	pop    %rbp
  4004d9:	c3                   	retq   
  4004da:	66 0f 1f 44 00 00    	nopw   0x0(%rax,%rax,1)

00000000004004e0 <__do_global_dtors_aux>:
__do_global_dtors_aux():
  4004e0:	80 3d 51 0b 20 00 00 	cmpb   $0x0,0x200b51(%rip)        # 601038 <__TMC_END__>
  4004e7:	75 11                	jne    4004fa <__do_global_dtors_aux+0x1a>
  4004e9:	55                   	push   %rbp
  4004ea:	48 89 e5             	mov    %rsp,%rbp
  4004ed:	e8 6e ff ff ff       	callq  400460 
  4004f2:	5d                   	pop    %rbp
  4004f3:	c6 05 3e 0b 20 00 01 	movb   $0x1,0x200b3e(%rip)        # 601038 <__TMC_END__>
  4004fa:	f3 c3                	repz retq 
  4004fc:	0f 1f 40 00          	nopl   0x0(%rax)

0000000000400500 :
frame_dummy():
  400500:	bf 20 0e 60 00       	mov    $0x600e20,%edi
  400505:	48 83 3f 00          	cmpq   $0x0,(%rdi)
  400509:	75 05                	jne    400510 
  40050b:	eb 93                	jmp    4004a0 
  40050d:	0f 1f 00             	nopl   (%rax)
  400510:	b8 00 00 00 00       	mov    $0x0,%eax
  400515:	48 85 c0             	test   %rax,%rax
  400518:	74 f1                	je     40050b 
  40051a:	55                   	push   %rbp
  40051b:	48 89 e5             	mov    %rsp,%rbp
  40051e:	ff d0                	callq  *%rax
  400520:	5d                   	pop    %rbp
  400521:	e9 7a ff ff ff       	jmpq   4004a0 

0000000000400526 :
add_a_and_b():
  400526:	55                   	push   %rbp
  400527:	48 89 e5             	mov    %rsp,%rbp
  40052a:	89 7d fc             	mov    %edi,-0x4(%rbp)
  40052d:	89 75 f8             	mov    %esi,-0x8(%rbp)
  400530:	8b 55 fc             	mov    -0x4(%rbp),%edx
  400533:	8b 45 f8             	mov    -0x8(%rbp),%eax
  400536:	01 d0                	add    %edx,%eax
  400538:	5d                   	pop    %rbp
  400539:	c3                   	retq   

000000000040053a +0xb>+0x10>+0x38>+0x38>+0x30>+0x30>@plt>@plt-0x10>:
main():
  40053a:	55                   	push   %rbp
  40053b:	48 89 e5             	mov    %rsp,%rbp
  40053e:	48 83 ec 20          	sub    $0x20,%rsp
  400542:	89 7d ec             	mov    %edi,-0x14(%rbp)
  400545:	48 89 75 e0          	mov    %rsi,-0x20(%rbp)
  400549:	c7 45 f4 01 00 00 00 	movl   $0x1,-0xc(%rbp)
  400550:	c7 45 f8 02 00 00 00 	movl   $0x2,-0x8(%rbp)
  400557:	8b 55 f8             	mov    -0x8(%rbp),%edx
  40055a:	8b 45 f4             	mov    -0xc(%rbp),%eax
  40055d:	89 d6                	mov    %edx,%esi
  40055f:	89 c7                	mov    %eax,%edi
  400561:	e8 c0 ff ff ff       	callq  400526 
  400566:	89 45 fc             	mov    %eax,-0x4(%rbp)
  400569:	8b 4d fc             	mov    -0x4(%rbp),%ecx
  40056c:	8b 55 f8             	mov    -0x8(%rbp),%edx
  40056f:	8b 45 f4             	mov    -0xc(%rbp),%eax
  400572:	89 c6                	mov    %eax,%esi
  400574:	bf 14 06 40 00       	mov    $0x400614,%edi
  400579:	b8 00 00 00 00       	mov    $0x0,%eax
  40057e:	e8 7d fe ff ff       	callq  400400 
  400583:	8b 45 fc             	mov    -0x4(%rbp),%eax
  400586:	c9                   	leaveq 
  400587:	c3                   	retq   
  400588:	0f 1f 84 00 00 00 00 	nopl   0x0(%rax,%rax,1)
  40058f:	00 

0000000000400590 <__libc_csu_init>:
__libc_csu_init():
  400590:	41 57                	push   %r15
  400592:	41 56                	push   %r14
  400594:	41 89 ff             	mov    %edi,%r15d
  400597:	41 55                	push   %r13
  400599:	41 54                	push   %r12
  40059b:	4c 8d 25 6e 08 20 00 	lea    0x20086e(%rip),%r12        # 600e10 <__frame_dummy_init_array_entry>
  4005a2:	55                   	push   %rbp
  4005a3:	48 8d 2d 6e 08 20 00 	lea    0x20086e(%rip),%rbp        # 600e18 <__init_array_end>
  4005aa:	53                   	push   %rbx
  4005ab:	49 89 f6             	mov    %rsi,%r14
  4005ae:	49 89 d5             	mov    %rdx,%r13
  4005b1:	4c 29 e5             	sub    %r12,%rbp
  4005b4:	48 83 ec 08          	sub    $0x8,%rsp
  4005b8:	48 c1 fd 03          	sar    $0x3,%rbp
  4005bc:	e8 07 fe ff ff       	callq  4003c8 <_init>
  4005c1:	48 85 ed             	test   %rbp,%rbp
  4005c4:	74 20                	je     4005e6 <__libc_csu_init+0x56>
  4005c6:	31 db                	xor    %ebx,%ebx
  4005c8:	0f 1f 84 00 00 00 00 	nopl   0x0(%rax,%rax,1)
  4005cf:	00 
  4005d0:	4c 89 ea             	mov    %r13,%rdx
  4005d3:	4c 89 f6             	mov    %r14,%rsi
  4005d6:	44 89 ff             	mov    %r15d,%edi
  4005d9:	41 ff 14 dc          	callq  *(%r12,%rbx,8)
  4005dd:	48 83 c3 01          	add    $0x1,%rbx
  4005e1:	48 39 eb             	cmp    %rbp,%rbx
  4005e4:	75 ea                	jne    4005d0 <__libc_csu_init+0x40>
  4005e6:	48 83 c4 08          	add    $0x8,%rsp
  4005ea:	5b                   	pop    %rbx
  4005eb:	5d                   	pop    %rbp
  4005ec:	41 5c                	pop    %r12
  4005ee:	41 5d                	pop    %r13
  4005f0:	41 5e                	pop    %r14
  4005f2:	41 5f                	pop    %r15
  4005f4:	c3                   	retq   
  4005f5:	90                   	nop
  4005f6:	66 2e 0f 1f 84 00 00 	nopw   %cs:0x0(%rax,%rax,1)
  4005fd:	00 00 00 

0000000000400600 <__libc_csu_fini>:
__libc_csu_fini():
  400600:	f3 c3                	repz retq 

Disassembly of section .fini:

0000000000400604 <_fini>:
_fini():
  400604:	48 83 ec 08          	sub    $0x8,%rsp
  400608:	48 83 c4 08          	add    $0x8,%rsp
  40060c:	c3                   	retq   
@plt>
      poYBAGDYdXCAWkKMAAAAK8RNs4s030.png

      我們可以發(fā)現(xiàn),它很清晰地指出每個(gè)C函數(shù)對(duì)應(yīng)的匯編代碼,當(dāng)然也有些函數(shù)看似不是我們寫的,但是是編譯鏈接時(shí),鏈接到的系統(tǒng)函數(shù)代碼。

      我們截取出add_a_and_b函數(shù)和main函數(shù)的匯編代碼來分析下:

      main函數(shù)對(duì)應(yīng)的匯編代碼分析如下:

      000000000040053a :
main():
  40053a:	55                   	push   %rbp         //入?yún)簵?  40053b:	48 89 e5             	mov    %rsp,%rbp
  40053e:	48 83 ec 20          	sub    $0x20,%rsp
  400542:	89 7d ec             	mov    %edi,-0x14(%rbp)
  400545:	48 89 75 e0          	mov    %rsi,-0x20(%rbp)
  400549:	c7 45 f4 01 00 00 00 	movl   $0x1,-0xc(%rbp)  //a變量賦值為1
  400550:	c7 45 f8 02 00 00 00 	movl   $0x2,-0x8(%rbp)  //b變量賦值為2
  400557:	8b 55 f8             	mov    -0x8(%rbp),%edx
  40055a:	8b 45 f4             	mov    -0xc(%rbp),%eax
  40055d:	89 d6                	mov    %edx,%esi
  40055f:	89 c7                	mov    %eax,%edi
  400561:	e8 c0 ff ff ff       	callq  400526  //調(diào)用add_a_and_b函數(shù)
  400566:	89 45 fc             	mov    %eax,-0x4(%rbp) //將add_a_and_b的返回值賦值給c
  400569:	8b 4d fc             	mov    -0x4(%rbp),%ecx
  40056c:	8b 55 f8             	mov    -0x8(%rbp),%edx
  40056f:	8b 45 f4             	mov    -0xc(%rbp),%eax
  400572:	89 c6                	mov    %eax,%esi
  400574:	bf 14 06 40 00       	mov    $0x400614,%edi
  400579:	b8 00 00 00 00       	mov    $0x0,%eax
  40057e:	e8 7d fe ff ff       	callq  400400  //調(diào)用printf輸出運(yùn)行結(jié)果
  400583:	8b 45 fc             	mov    -0x4(%rbp),%eax
  400586:	c9                   	leaveq 
  400587:	c3                   	retq   //main函數(shù)退出
  400588:	0f 1f 84 00 00 00 00 	nopl   0x0(%rax,%rax,1) 
  40058f:	00 @plt>
      poYBAGDYdXCAWkKMAAAAK8RNs4s030.png

      add_a_and_b函數(shù)對(duì)應(yīng)的匯編代碼分析如下:

      0000000000400526 :
add_a_and_b():
  400526:	55                   	push   %rbp  //入?yún)簵?  400527:	48 89 e5             	mov    %rsp,%rbp
  40052a:	89 7d fc             	mov    %edi,-0x4(%rbp)
  40052d:	89 75 f8             	mov    %esi,-0x8(%rbp)
  400530:	8b 55 fc             	mov    -0x4(%rbp),%edx
  400533:	8b 45 f8             	mov    -0x8(%rbp),%eax
  400536:	01 d0                	add    %edx,%eax  //將參數(shù)a和參數(shù)b相加
  400538:	5d                   	pop    %rbp //入?yún)⒊鰲?  400539:	c3                   	retq  //返回a+b的值
      poYBAGDYdXCAWkKMAAAAK8RNs4s030.png

      以上就是對(duì)C文件的反匯編的簡(jiǎn)單過程。雖然給出的例程比較簡(jiǎn)單,但是這已經(jīng)涵蓋反匯編操作的主要內(nèi)容。我們應(yīng)該清晰地認(rèn)識(shí)到,任何復(fù)雜的代碼功能都是由小段小段的代碼片段組成,而再簡(jiǎn)單的C代碼最終也是一條條匯編指令執(zhí)行才能得到正確的結(jié)果,這是因?yàn)?a href="http://www.ttokpm.com/v/tag/132/" target="_blank">CPU壓根就不懂什么【代碼】,在它的眼里,只有【指令】,你叫它執(zhí)行什么指令,它就執(zhí)行什么指令。

      反匯編的教程就介紹到這里,如果你還有疑問,歡迎在評(píng)論席提出你的問題。 @_@

      ?審核編輯:湯梓紅

      聲明:本文內(nèi)容及配圖由入駐作者撰寫或者入駐合作網(wǎng)站授權(quán)轉(zhuǎn)載。文章觀點(diǎn)僅代表作者本人,不代表電子發(fā)燒友網(wǎng)立場(chǎng)。文章及其配圖僅供工程師學(xué)習(xí)之用,如有內(nèi)容侵權(quán)或者其他違規(guī)問題,請(qǐng)聯(lián)系本站處理。 舉報(bào)投訴
      • 匯編語言
        +關(guān)注

        關(guān)注

        14

        文章

        406

        瀏覽量

        35567
      • 匯編
        +關(guān)注

        關(guān)注

        2

        文章

        214

        瀏覽量

        25834
      • C代碼
        +關(guān)注

        關(guān)注

        1

        文章

        89

        瀏覽量

        14237
      • RT-Thread
        +關(guān)注

        關(guān)注

        31

        文章

        1239

        瀏覽量

        39427
      收藏 人收藏

        評(píng)論

        相關(guān)推薦

        RT-Thread學(xué)習(xí)筆記】使用scons命令生成靜態(tài)庫(kù)

        RT-Thread學(xué)習(xí)筆記】如何使用scons 命令中buildlib的生成靜態(tài)庫(kù)?
        的頭像 發(fā)表于 07-27 09:13 ?5581次閱讀
        【<b class='flag-5'>RT-Thread</b><b class='flag-5'>學(xué)習(xí)</b><b class='flag-5'>筆記</b>】使用scons命令生成靜態(tài)庫(kù)

        RT-Thread學(xué)習(xí)筆記】80x86匯編基礎(chǔ)的三大塊知識(shí)

        RT-Thread學(xué)習(xí)筆記】80x86匯編基礎(chǔ)的三大塊知識(shí)
        的頭像 發(fā)表于 07-30 10:57 ?1822次閱讀
        【<b class='flag-5'>RT-Thread</b><b class='flag-5'>學(xué)習(xí)</b><b class='flag-5'>筆記</b>】80x86<b class='flag-5'>匯編</b>基礎(chǔ)的三大塊知識(shí)

        RT-Thread學(xué)習(xí)筆記】ARM匯編基礎(chǔ)的三大塊知識(shí)

        RT-Thread學(xué)習(xí)筆記】ARM匯編基礎(chǔ)的三大塊知識(shí)
        的頭像 發(fā)表于 07-30 10:59 ?1794次閱讀
        【<b class='flag-5'>RT-Thread</b><b class='flag-5'>學(xué)習(xí)</b><b class='flag-5'>筆記</b>】ARM<b class='flag-5'>匯編</b>基礎(chǔ)的三大塊知識(shí)

        RT-Thread學(xué)習(xí)筆記】RISC-V匯編基礎(chǔ)三大塊知識(shí)

        RT-Thread學(xué)習(xí)筆記】RISC-V匯編基礎(chǔ)的三大塊知識(shí)
        的頭像 發(fā)表于 07-30 11:01 ?2617次閱讀
        【<b class='flag-5'>RT-Thread</b><b class='flag-5'>學(xué)習(xí)</b><b class='flag-5'>筆記</b>】RISC-V<b class='flag-5'>匯編</b>基礎(chǔ)三大塊知識(shí)

        RT-Thread Nano入門學(xué)習(xí)筆記

        RT-Thread Nano入門學(xué)習(xí)筆記
        發(fā)表于 11-26 12:36 ?20次下載
        <b class='flag-5'>RT-Thread</b> Nano入門<b class='flag-5'>學(xué)習(xí)</b><b class='flag-5'>筆記</b>

        RT-Thread 內(nèi)核學(xué)習(xí)筆記 - 理解defunct僵尸線程

        RT-Thread 內(nèi)核學(xué)習(xí)筆記 - 內(nèi)核對(duì)象rt_objectRT-Thread 內(nèi)核學(xué)習(xí)筆記
        發(fā)表于 01-25 18:19 ?8次下載
        <b class='flag-5'>RT-Thread</b> 內(nèi)核<b class='flag-5'>學(xué)習(xí)</b><b class='flag-5'>筆記</b> - 理解defunct僵尸線程

        RT-Thread 內(nèi)核學(xué)習(xí)筆記 - 設(shè)備模型rt_device的理解

        RT-Thread 內(nèi)核學(xué)習(xí)筆記 - 內(nèi)核對(duì)象rt_objectRT-Thread 內(nèi)核學(xué)習(xí)筆記
        發(fā)表于 01-25 18:19 ?8次下載
        <b class='flag-5'>RT-Thread</b> 內(nèi)核<b class='flag-5'>學(xué)習(xí)</b><b class='flag-5'>筆記</b> - 設(shè)備模型<b class='flag-5'>rt</b>_device的理解

        RT-Thread 內(nèi)核學(xué)習(xí)筆記 - 內(nèi)核對(duì)象鏈表結(jié)構(gòu)深入理解

        RT-Thread 內(nèi)核學(xué)習(xí)筆記 - 內(nèi)核對(duì)象rt_objectRT-Thread 內(nèi)核學(xué)習(xí)筆記
        發(fā)表于 01-25 18:23 ?6次下載
        <b class='flag-5'>RT-Thread</b> 內(nèi)核<b class='flag-5'>學(xué)習(xí)</b><b class='flag-5'>筆記</b> - 內(nèi)核對(duì)象鏈表結(jié)構(gòu)深入理解

        RT-Thread 內(nèi)核學(xué)習(xí)筆記 - 內(nèi)核對(duì)象初始化鏈表組織方式

        RT-Thread 內(nèi)核學(xué)習(xí)筆記 - 內(nèi)核對(duì)象rt_objectRT-Thread 內(nèi)核學(xué)習(xí)筆記
        發(fā)表于 01-25 18:24 ?3次下載
        <b class='flag-5'>RT-Thread</b> 內(nèi)核<b class='flag-5'>學(xué)習(xí)</b><b class='flag-5'>筆記</b> - 內(nèi)核對(duì)象初始化鏈表組織方式

        RT-Thread 內(nèi)核學(xué)習(xí)筆記 - 內(nèi)核對(duì)象操作API

        RT-Thread 內(nèi)核學(xué)習(xí)筆記 - 內(nèi)核對(duì)象rt_objectRT-Thread 內(nèi)核學(xué)習(xí)筆記
        發(fā)表于 01-25 18:26 ?7次下載
        <b class='flag-5'>RT-Thread</b> 內(nèi)核<b class='flag-5'>學(xué)習(xí)</b><b class='flag-5'>筆記</b> - 內(nèi)核對(duì)象操作API

        RT-Thread學(xué)習(xí)筆記】基于Linux的反匯編和棧追溯

        【經(jīng)驗(yàn)分享】基于Linux命令行編程環(huán)境的棧追溯和反匯編技術(shù)實(shí)踐分享
        的頭像 發(fā)表于 07-30 13:44 ?1280次閱讀
        【<b class='flag-5'>RT-Thread</b><b class='flag-5'>學(xué)習(xí)</b><b class='flag-5'>筆記</b>】基于Linux的<b class='flag-5'>反匯編</b>和棧追溯

        RT-Thread學(xué)習(xí)筆記】Makefile的FORCE

        RT-Thread學(xué)習(xí)筆記】十分鐘學(xué)會(huì)Makefile的FORCE
        的頭像 發(fā)表于 07-30 13:55 ?2158次閱讀
        【<b class='flag-5'>RT-Thread</b><b class='flag-5'>學(xué)習(xí)</b><b class='flag-5'>筆記</b>】Makefile的FORCE

        RT-Thread學(xué)習(xí)筆記】如何抓取終端的網(wǎng)絡(luò)報(bào)文

        RT-Thread學(xué)習(xí)筆記】如何抓取終端的網(wǎng)絡(luò)報(bào)文?
        的頭像 發(fā)表于 07-30 13:57 ?2554次閱讀
        【<b class='flag-5'>RT-Thread</b><b class='flag-5'>學(xué)習(xí)</b><b class='flag-5'>筆記</b>】如何抓取終端的網(wǎng)絡(luò)報(bào)文

        RT-Thread學(xué)習(xí)筆記】用memwatch排除內(nèi)存泄露

        RT-Thread學(xué)習(xí)筆記】使用memwatch排除內(nèi)存泄露
        的頭像 發(fā)表于 07-30 14:01 ?2052次閱讀
        【<b class='flag-5'>RT-Thread</b><b class='flag-5'>學(xué)習(xí)</b><b class='flag-5'>筆記</b>】用memwatch排除內(nèi)存泄露

        基于RT-Thread Studio學(xué)習(xí)

        前期準(zhǔn)備:從官網(wǎng)下載 RT-Thread Studio,弄個(gè)賬號(hào)登陸,開啟rt-thread學(xué)習(xí)之旅。
        的頭像 發(fā)表于 05-15 11:00 ?3492次閱讀
        基于<b class='flag-5'>RT-Thread</b> Studio<b class='flag-5'>學(xué)習(xí)</b>