Similarly to How do I disassemble raw x86 code?, but then for the MIPS architecture: how do I disassemble raw MIPS code with objdump? I want to check the instructions in a vmlinux image, but to do so I now have to:
类似地,我如何分解原始的x86代码?但是对于MIPS体系结构:我如何通过objdump分解原始MIPS代码?我想要检查vmlinux映像中的说明,但要这样做,我现在必须:
: > x.c
mipsel-linux-gnu-gcc -c -o x.o x.c
mipsel-linux-gnu-objcopy --add-section raw=vmlinux x.o
mipsel-linux-gnu-objcopy --remove-section .comment x.o
mipsel-linux-gnu-objdump -D x.o | less
Is there an easier way to do it? I've tried the below to no avail:
有没有更简单的方法?我试过下面的方法:
mipsel-linux-gnu-objdump -b elf32-tradlittlemips -mmips -Mgpr-names=O32,cp0-names=mips1,cp0-names=mips1,hwr-names=mips1,reg-names=mips1 -D vmlinux | less
It just spits out:
它只是出来:
mipsel-linux-gnu-objdump: vmlinux: File format not recognized
If it helps, here is the output of some commands:
如果有用,下面是一些命令的输出:
$ file x.o
x.o: ELF 32-bit LSB relocatable, MIPS, MIPS-I version 1 (SYSV), with unknown capability 0xf41 = 0x756e6700, with unknown capability 0x70100 = 0x1040000, not stripped
$ mipsel-linux-gnu-objdump -p x.o
x.o: file format elf32-tradlittlemips
private flags = 1006: [abi=O32] [mips1] [not 32bitmode] [PIC] [CPIC]
The target is an AR7 CPU.
目标是一个AR7 CPU。
3 个解决方案
#1
4
Hmm, it seems easier than that. -b elf32-tradlittlemips does not work because the file is not an ELF executable, but binary. So, the correct option to be used is -b binary. The other option, -mmips makes objdump recognize the file as binary for MIPS. Since the target machine is little endian, I also had to add -EL to make the output match the output for x.o.
嗯,似乎比那容易。-b elf32-tradlittlemips不工作,因为文件不是ELF可执行文件,而是二进制文件。所以,正确的选项是-b二进制。另一个选项-mmips使objdump将文件识别为MIPS的二进制文件。由于目标机器是小的endian,所以我还需要添加-EL使输出与x.o的输出匹配。
-mmips only includes the basic instruction set. The AR7 has a MIPS32 processor which has more instructions than just mips. To decode these newer MIPS32 instructions, use -mmips:isa32. A list of available ISAs can be listed with objdump -i -m.
-mmips只包含基本指令集。AR7有一个MIPS32处理器,它的指令比mips多。为了解码这些新的MIPS32指令,使用-mmips:isa32。可用的ISAs列表可以在objdump -i -m中列出。
The final command becomes:
最后一个命令就变成:
mipsel-linux-gnu-objdump -b binary -mmips:isa32 -EL -D vmlinux
This would show registers like $3 instead of their names. To adjust that, I used the next additional options which are mentioned in mipsel-linux-gnu-objdump --help:
这将显示像$3这样的寄存器而不是它们的名称。为了调整这一点,我使用了在mipsel-linux- gnuobjdump中提到的下一个额外选项——help:
-Mgpr-names=32,cp0-names=mips32,cp0-names=mips32,hwr-names=mips32,reg-names=mips32
I chose for mips32 after reading:
我在阅读后选择了mips32:
- http://www.linux-mips.org/wiki/AR7
- http://www.linux-mips.org/wiki/AR7
- http://www.linux-mips.org/wiki/Instruction_Set_Architecture
- http://www.linux-mips.org/wiki/Instruction_Set_Architecture
#2
0
??? What's wrong with just:
? ? ?只是怎么了:
mipsel-linux-gnu-gcc -c -o x.o x.c
mipsel-linux-gnu-objdump -D x.o
Is the problem that -D diassembles all the sections, code or not? Use -d then. Or -S to show assembly interleaved with source (implies -d).
问题是-D diassembles所有的部分,代码还是没有?使用- d。或-S显示装配与源(暗指-d)交叉。
or how about getting the assembly code from gcc:
或者如何从gcc获得汇编代码:
mipsel-linux-gnu-gcc -S x.c
#3
0
Use ODA, the online disassembler:
使用ODA,在线反汇编程序:
http://www.onlinedisassembler.com
http://www.onlinedisassembler.com
#1
4
Hmm, it seems easier than that. -b elf32-tradlittlemips does not work because the file is not an ELF executable, but binary. So, the correct option to be used is -b binary. The other option, -mmips makes objdump recognize the file as binary for MIPS. Since the target machine is little endian, I also had to add -EL to make the output match the output for x.o.
嗯,似乎比那容易。-b elf32-tradlittlemips不工作,因为文件不是ELF可执行文件,而是二进制文件。所以,正确的选项是-b二进制。另一个选项-mmips使objdump将文件识别为MIPS的二进制文件。由于目标机器是小的endian,所以我还需要添加-EL使输出与x.o的输出匹配。
-mmips only includes the basic instruction set. The AR7 has a MIPS32 processor which has more instructions than just mips. To decode these newer MIPS32 instructions, use -mmips:isa32. A list of available ISAs can be listed with objdump -i -m.
-mmips只包含基本指令集。AR7有一个MIPS32处理器,它的指令比mips多。为了解码这些新的MIPS32指令,使用-mmips:isa32。可用的ISAs列表可以在objdump -i -m中列出。
The final command becomes:
最后一个命令就变成:
mipsel-linux-gnu-objdump -b binary -mmips:isa32 -EL -D vmlinux
This would show registers like $3 instead of their names. To adjust that, I used the next additional options which are mentioned in mipsel-linux-gnu-objdump --help:
这将显示像$3这样的寄存器而不是它们的名称。为了调整这一点,我使用了在mipsel-linux- gnuobjdump中提到的下一个额外选项——help:
-Mgpr-names=32,cp0-names=mips32,cp0-names=mips32,hwr-names=mips32,reg-names=mips32
I chose for mips32 after reading:
我在阅读后选择了mips32:
- http://www.linux-mips.org/wiki/AR7
- http://www.linux-mips.org/wiki/AR7
- http://www.linux-mips.org/wiki/Instruction_Set_Architecture
- http://www.linux-mips.org/wiki/Instruction_Set_Architecture
#2
0
??? What's wrong with just:
? ? ?只是怎么了:
mipsel-linux-gnu-gcc -c -o x.o x.c
mipsel-linux-gnu-objdump -D x.o
Is the problem that -D diassembles all the sections, code or not? Use -d then. Or -S to show assembly interleaved with source (implies -d).
问题是-D diassembles所有的部分,代码还是没有?使用- d。或-S显示装配与源(暗指-d)交叉。
or how about getting the assembly code from gcc:
或者如何从gcc获得汇编代码:
mipsel-linux-gnu-gcc -S x.c
#3
0
Use ODA, the online disassembler:
使用ODA,在线反汇编程序:
http://www.onlinedisassembler.com
http://www.onlinedisassembler.com