我需要学习有关ELF文件布局的知识,因为我正在开展一个项目。我注意到这些工具的存在。 为什么所有Linux发行版都包括readelf和objdump?这些工具互补吗?在什么情况下我更倾向于使用其中之一?
来自binutils/readelf.c:
/* The difference between readelf and objdump:
Both programs are capabale of displaying the contents of ELF format files,
so why does the binutils project have two file dumpers ?
The reason is that objdump sees an ELF file through a BFD filter of the
world; if BFD has a bug where, say, it disagrees about a machine constant
in e_flags, then the odds are good that it will remain internally
consistent. The linker sees it the BFD way, objdump sees it the BFD way,
GAS sees it the BFD way. There was need for a tool to go find out what
the file actually says.
This is why the readelf program does not link against the BFD library - it
exists as an independent program to help verify the correct working of BFD.
There is also the case that readelf can provide more information about an
ELF file than is provided by objdump. In particular it can display DWARF
debugging information which (at the moment) objdump cannot. */
objdump
无法转储DWARF
调试信息的评论曾经是正确的,但自从大约2005年以来就不再正确了。 - Employed Russianreadelf
是与架构无关的。要正确地使用objdump
对您的应用程序进行反汇编,您需要使用来自相关工具链的适当objdump
,例如 ARM 二进制文件需要 ARMobjdump
,X86 二进制文件需要 X86objdump
,以此类推。 - Piotr Zierhoffer