用xx-objdump来查看binary的信息，尤其是调试信息

这几天，一直在研究mips仿真器为什么不能源码级别调试汇编代码，

一直再看 vmlinux的debug symbol的相关的东西 ，特此做一些备忘录。

尤其是 一些objdump的选项。

又深入研究了下ELF的东西。

ELF太重要了。

以下都是vmlinux和head.o为例的。

1，看起来，每个版本的objdump的支持都不一样的。

至少输出的选项也是不一样的。

当然最有用就是：

-D :反汇编所有的sections

-d :反汇编executable sections

-S :混合显示汇编代码和原始代码，太有用了******

-t :显示调试信息，尤其是可以显示出行号和文件名和路径(配合-l)

-l, --line-numbersInclude line numbers and filenames in output

下面就是endian的选择了

-EB --endian=bigAssume big endian format when disassembling

-EL --endian=littleAssume little endian format when disassembling

下面输出的elf32-tradbigmips是支持的平台

[bob@localhost linux-2.6.20.9]$ /home/bob/gcc-3.2.2-uClibc-0.9.19/mips-linux/bin/mips-linux-objdump

-b

/home/bob/gcc-3.2.2-uClibc-0.9.19/mips-linux/bin/mips-linux-objdump: option requires an argument --

b

Usage: /home/bob/gcc-3.2.2-uClibc-0.9.19/mips-linux/bin/mips-linux-objdump

Display information from object .

At least one of the following switches must be given:

-a, --archive-headersDisplay archive header information

-f, --file-headersDisplay the contents of the overall file header

-p, --private-headersDisplay object format specific file header contents

-h, --[section-]headersDisplay the contents of the section headers

-x, --all-headersDisplay the contents of all headers

-d, --disassembleDisplay assembler contents of executable sections

-D, --disassemble-allDisplay assembler contents of all sections

-S, --sourceIntermix source code with disassembly

-s, --full-contentsDisplay the full contents of all sections requested

-g, --debuggingDisplay debug information in object file

-G, --stabsDisplay (in raw form) any STABS info in the file

-t, --symsDisplay the contents of the symbol table(s)

-T, --dynamic-symsDisplay the contents of the dynamic symbol table

-r, --relocDisplay the relocation entries in the file

-R, --dynamic-relocDisplay the dynamic relocation entries in the file

-v, --versionDisplay this program's version number

-i, --infoList object formats and architectures supported

-H, --helpDisplay this information

The following switches are optional:

-b, --target=BFDNAMESpecify the target object format as BFDNAME

-m, --architecture=MACHINESpecify the target architecture as MACHINE

-j, --section=NAMEOnly display information for section NAME

-M, --disassembler-options=OPT Pass text OPT on to the disassembler

-EB --endian=bigAssume big endian format when disassembling

-EL --endian=littleAssume little endian format when disassembling

--file-start-contextInclude context from start of file (with -S)

-l, --line-numbersInclude line numbers and filenames in output

-C, --demangle[=STYLE]Decode mangled/processed symbol names

The STYLE, if specified, can be `auto', 'gnu',

'lucid', 'arm', 'hp', 'edg', or 'gnu-new-abi'

-w, --wideFormat output for more than 80 columns

-z, --disassemble-zeroesDo not skip blocks of zeroes when disassembling

--start-address=ADDROnly process data whoes address is >= ADDR

--stop-address=ADDROnly process data whoes address is <= ADDR

--prefix-addressesPrint complete address alongside disassembly

--[no-]show-raw-insnDisplay hex alongside symbolic disassembly

--adjust-vma=OFFSETAdd OFFSET to all displayed section addresses

/home/bob/gcc-3.2.2-uClibc-0.9.19/mips-linux/bin/mips-linux-objdump: supported targets:elf32-

tradbigmipself32-tradlittlemips elf64-tradbigmips elf64-tradlittlemips ecoff-bigmips ecoff-

littlemips elf64-little elf64-big elf32-little elf32-big srec symbolsrec tekhex binary ihex

/home/bob/gcc-3.2.2-uClibc-0.9.19/mips-linux/bin/mips-linux-objdump: supported architectures: mips

mips:3000 mips:3900 mips:4000 mips:4010 mips:4100 mips:4111 mips:4300 mips:4400 mips:4600 mips:4650

mips:5000 mips:6000 mips:8000 mips:10000 mips:12000 mips:16 mips:mips5 mips:isa32 mips:isa64

mips:sb1

2，用法：比如

#mips-linux-objdump -D -l -t -x -S arch/mips/kernel/head.o

可以看到类似：

/home/work/data3/standby/dv_kernel_suspend2/linux/arch/mips/kernel/head.S:245

lit1, 0xFFFFFFF8这个上面文件的245 line

44:3c09ffffluit1,0xffff

48:3529fff8orit1,t1,0xfff8这两个是反汇编后的指令

这样我们可以很轻松的看出lit1, 0xFFFFFFF8在汇编后，实际上是两条指令。

还有对应的行号和文件路径

其实这样，我我们就可以知道代码实际上是如何执行的。

3，readelf也可以显示symbol信息：

/home/bob/gcc-3.2.2-uClibc-0.9.19/mips-linux/bin/mips-linux-readelf -s arch/mips/kernel/head.o

4，readelf -h最有用的就是可以显示kernel的入口点了。

[bob@localhost linux]$ /home/bob/gcc-3.2.2-uClibc-0.9.19/mips-linux/bin/mips-linux-readelf -h vmlinux

ELF Header:

Magic:7f 45 4c 46 01 02 01 00 00 00 00 00 00 00 00 00

Class:ELF32

Data:2's complement, big endian

Version:1 (current)

OS/ABI:UNIX - System V

ABI Version:0

Type:EXEC (Executable file)

Machine:MIPS R3000

Version:0x1

Entry point address:0x8025e040

Start of program headers:52 (bytes into file)

Start of section headers:31477732 (bytes into file)

Flags:0x10001001, noreorder, o32, mips2

Size of this header:52 (bytes)

Size of program headers:32 (bytes)

Number of program headers:3

Size of section headers:40 (bytes)

Number of section headers:31

Section header string table index: 28

5，xx-ld –M非常有用，可以到很多重要的信息

Xx-ld可以跟其他的选项，man ld

比如编译kernel，最后的连接的过程：

/home/bob/gcc-3.2.2-uClibc-0.9.19/mips-linux/bin/mips-linux-ld -G 0 -static-T arch/mips/ld.script arch/mips/kernel/head.o arch/mips/kernel/init_task.o init/main.o init/version.o init/do_mounts.o --start-group arch/mips/kernel/kernel.o arch/mips/mm/mm.o kernel/kernel.o mm/mm.o fs/fs.o ipc/ipc.o arch/mips/math-emu/fpu_emulator.o arch/mips/emma2_se/emma2.odrivers/char/char.o drivers/block/block.o drivers/misc/misc.o drivers/net/net.o drivers/ide/idedriver.o drivers/pci/driver.o drivers/mtd/mtdlink.o drivers/net/wireless/wireless_net.o drivers/usb/usbdrv.o drivers/media/media.o drivers/md/mddev.o net/network.o arch/mips/lib/lib.a /home/work/data3/standby/dv_kernel_suspend2/linux/lib/lib.a --end-group-o vmlinux–M

你可以在后面加一个–M参数。

`-M'

`--print-map'

打印一个连接位图到标准输出.一个连接位图提供的关于连接的信息有如下一些:

*目标文件和符号被映射到内存的哪些地方.

*普通符号如何被分配空间.

*所有被连接进来的档案文件,还有导致档案文件被包含进来的那个符号.

非常之详细。

比如：

.text.init0x000000008025e0000xb0 arch/mips/kernel/head.o

0x000000008025e000except_vec2_generic

0x000000008025e038except_vec_nmi

0x000000008025e040kernel_entry

0x000000008025e028except_vec4

0x000000008025e030except_vec_ejtag_debug

.text.init0x000000008025e0b00x758 init/main.o

0x000000008025e1a4calibrate_delay

0x000000008025e564start_kernel

。。。。

显示由谁连接来的。

LOAD arch/mips/kernel/head.o

LOAD arch/mips/kernel/init_task.o

LOAD init/main.o

LOAD init/version.o

LOAD init/do_mounts.o

START GROUP

LOAD arch/mips/kernel/kernel.o

LOAD arch/mips/mm/mm.o

LOAD kernel/kernel.o

LOAD mm/mm.o

LOAD fs/fs.o

LOAD ipc/ipc.o

LOAD arch/mips/math-emu/fpu_emulator.o

LOAD arch/mips/emma2_se/emma2.o

LOAD drivers/char/char.o

LOAD drivers/block/block.o

LOAD drivers/misc/misc.o

LOAD drivers/net/net.o

LOAD drivers/ide/idedriver.o

LOAD drivers/pci/driver.o

LOAD drivers/mtd/mtdlink.o

LOAD drivers/net/wireless/wireless_net.o

LOAD drivers/usb/usbdrv.o

LOAD drivers/media/media.o

LOAD drivers/md/mddev.o

LOAD net/network.o

LOAD arch/mips/lib/lib.a

LOAD /home/work/data3/standby/dv_kernel_suspend2/linux/lib/lib.a

END GROUP

OUTPUT(vmlinux elf32-tradbigmips)

还可以看出一些段上的详细内容，不过，一些东西，我也不知道：

。。。

.debug_line0x00000000000000000x3b913a

.debug_line0x00000000000000000x93 arch/mips/kernel/head.o

.debug_line0x00000000000000930x299d arch/mips/kernel/init_task.o

.debug_line0x0000000000002a300x313e init/main.o

.debug_line0x0000000000005b6e0x79 init/version.o

.debug_line0x0000000000005be70x39cd init/do_mounts.o

.debug_line0x00000000000095b40x32291 arch/mips/kernel/kernel.o

。。。

其他的选项：

`-s'

`--strip-all'

忽略输出文件中所有的符号信息.

`-S'

`--strip-debug'

忽略输出文件中所有的调试符号信息(但不是所有符号).

`-t'

`--trace'

打印'ld'处理的所有输入文件的名字.

命令例子1：-y function_name:可以显示哪些.o调用这个function

#mips-linux/bin/mips-linux-ld -G 0 -static-T arch/mips/ld.script arch/mips/kernel/head.o arch/mips/kernel/init_task.o init/main.o init/version.o init/do_mounts.o --start-group arch/mips/kernel/kernel.o arch/mips/mm/mm.o kernel/kernel.o mm/mm.o fs/fs.o ipc/ipc.o arch/mips/math-emu/fpu_emulator.o arch/mips/emma2_se/emma2.odrivers/char/char.o drivers/block/block.o drivers/misc/misc.o drivers/net/net.o drivers/ide/idedriver.o drivers/pci/driver.o drivers/mtd/mtdlink.o drivers/net/wireless/wireless_net.o drivers/usb/usbdrv.o drivers/media/media.o drivers/md/mddev.o net/network.o arch/mips/lib/lib.a /home/work/data3/standby/dv_kernel_suspend2/linux/lib/lib.a --end-group-o vmlinux-y printk

===输出===可以看出都有那些文件调用了printk，不过好像不全

init/main.o: reference to printk

init/do_mounts.o: reference to printk

arch/mips/kernel/kernel.o: reference to printk

arch/mips/mm/mm.o: reference to printk

kernel/kernel.o: definition of printk

mm/mm.o: reference to printk

fs/fs.o: reference to printk

ipc/ipc.o: reference to printk

arch/mips/math-emu/fpu_emulator.o: reference to printk

arch/mips/emma2_se/emma2.o: reference to printk

drivers/char/char.o: reference to printk

drivers/block/block.o: reference to printk

drivers/net/net.o: reference to printk

drivers/ide/idedriver.o: reference to printk

drivers/pci/driver.o: reference to printk

drivers/mtd/mtdlink.o: reference to printk

drivers/usb/usbdrv.o: reference to printk

drivers/media/media.o: reference to printk

net/network.o: reference to printk

arch/mips/lib/lib.a(rtc-no.o): reference to printk

arch/mips/lib/lib.a(dump_tlb.o): reference to printk

/home/work/data3/standby/dv_kernel_suspend2/linux/lib/lib.a(dump_stack.o): reference to printk

命令例子2：你可以加–t选项，知道哪些文件构成了vmlinux.

[bob@localhost linux]$ /home/bob/gcc-3.2.2-uClibc-0.9.19/mips-linux/bin/mips-linux-ld -G 0 -static-T arch/mips/ld.script arch/mips/kernel/head.o arch/mips/kernel/init_task.o init/main.o init/version.o init/do_mounts.o --start-group arch/mips/kernel/kernel.o arch/mips/mm/mm.o kernel/kernel.o mm/mm.o fs/fs.o ipc/ipc.o arch/mips/math-emu/fpu_emulator.o arch/mips/emma2_se/emma2.odrivers/char/char.o drivers/block/block.o drivers/misc/misc.o drivers/net/net.o drivers/ide/idedriver.o drivers/pci/driver.o drivers/mtd/mtdlink.o drivers/net/wireless/wireless_net.o drivers/usb/usbdrv.o drivers/media/media.o drivers/md/mddev.o net/network.o arch/mips/lib/lib.a /home/work/data3/standby/dv_kernel_suspend2/linux/lib/lib.a --end-group-o vmlinux-t

======命令输出=========

/home/bob/gcc-3.2.2-uClibc-0.9.19/mips-linux/bin/mips-linux-ld: mode elf32btsmip

arch/mips/kernel/head.o

arch/mips/kernel/init_task.o

init/main.o

init/version.o

init/do_mounts.o

arch/mips/kernel/kernel.o

arch/mips/mm/mm.o

kernel/kernel.o

mm/mm.o

fs/fs.o

ipc/ipc.o

arch/mips/math-emu/fpu_emulator.o

arch/mips/emma2_se/emma2.o

drivers/char/char.o

drivers/block/block.o

drivers/net/net.o

drivers/ide/idedriver.o

drivers/pci/driver.o

drivers/mtd/mtdlink.o

drivers/usb/usbdrv.o

drivers/media/media.o

net/network.o

(arch/mips/lib/lib.a)csum_partial.o

(arch/mips/lib/lib.a)csum_partial_copy.o

(arch/mips/lib/lib.a)rtc-no.o

(arch/mips/lib/lib.a)memcpy.o

(arch/mips/lib/lib.a)memset.o

(arch/mips/lib/lib.a)strlen_user.o

(arch/mips/lib/lib.a)strncpy_user.o

(arch/mips/lib/lib.a)strnlen_user.o

(arch/mips/lib/lib.a)dump_tlb.o

(arch/mips/lib/lib.a)ide-no.o

(/home/work/data3/standby/dv_kernel_suspend2/linux/lib/lib.a)errno.o

(/home/work/data3/standby/dv_kernel_suspend2/linux/lib/lib.a)ctype.o

(/home/work/data3/standby/dv_kernel_suspend2/linux/lib/lib.a)string.o

(/home/work/data3/standby/dv_kernel_suspend2/linux/lib/lib.a)vsprintf.o

(/home/work/data3/standby/dv_kernel_suspend2/linux/lib/lib.a)cmdline.o

(/home/work/data3/standby/dv_kernel_suspend2/linux/lib/lib.a)rbtree.o

(/home/work/data3/standby/dv_kernel_suspend2/linux/lib/lib.a)dump_stack.o

(/home/work/data3/standby/dv_kernel_suspend2/linux/lib/lib.a)rwsem-spinlock.o

(/home/work/data3/standby/dv_kernel_suspend2/linux/lib/lib.a)zlib_inflate.o

ELF的加载过程：