Questions tagged [disassembly]

Involves turning "compiled" code (such as machine code, byte code or IR code) back in higher-level assembly mnemonics.

Disassembly is the process for turning a binary form back into its higher-level counterpart so that it can be inspected or altered in a human-readable form.

This is normally done with the aid of a disassembler, some notable examples being:

IDA
Ollydbg

1640 questions

523

votes

17 answers

How do you get assembler output from C/C++ source in GCC?

How does one do this? If I want to analyze how something is getting compiled, how would I get the emitted assembly code?

asked Sep 26 '08 at 00:10

Doug T.

64,223
27
138
202

170

votes

8 answers

How to decompile an APK or DEX file on Android platform?

Is it possible to decompile an APK package or DEX file on Android platform? Are there any tools that can decompile an APK file?

android disassembly decompiling malware-detection

asked Jan 09 '14 at 02:03

user3151261

1,947
2
13
12

157

votes

14 answers

How can I see the assembly code for a C++ program?

How can I see the assembly code for a C++ program? What are the popular tools to do this?

c++ assembly disassembly

asked May 08 '09 at 15:15

Geek

23,089
20
71
85

133

votes

10 answers

How to disassemble a binary executable in Linux to get the assembly code?

I was told to use a disassembler. Does gcc have anything built in? What is the easiest way to do this?

c++ linux assembly executable disassembly

asked Feb 26 '11 at 08:38

Syntax_Error

5,964
15
53
73

114

votes

11 answers

How to disassemble one single function using objdump?

I've got a binary installed on my system, and would like to look at the disassembly of a given function. Preferrably using objdump, but other solutions would be acceptable as well. From this questions I've learned that I might be able to disassemble…

elf debug-symbols disassembly objdump dwarf

asked Mar 31 '14 at 18:22

MvG

57,380
22
148
276

100

votes

2 answers

What does @plt mean here?

0x00000000004004b6 : callq 0x400398 Anyone knows? UPDATE Why two disas printf give me different result? (gdb) disas printf Dump of assembler code for function printf@plt: 0x0000000000400398 : jmpq …

linux assembly x86-64 disassembly dynamic-linking

asked Mar 29 '11 at 07:34

gdb

7,189
12
38
36

votes

5 answers

How to write a disassembler?

I'm interested in writing an x86 dissembler as an educational project. The only real resource I have found is Spiral Space's, "How to write a disassembler". While this gives a nice high level description of the various components of a…

x86 disassembly

asked May 29 '09 at 03:50

mmcdole

91,488
60
186
222

votes

11 answers

How to disassemble a memory range with GDB?

I'm trying to disassemble a program to see a syscall assembly instruction (the INT instruction, I believe) and the handler with GDB and have written a little program (see below) for it that opens and closes a file. I was able to follow the call to…

gdb disassembly

asked Aug 06 '09 at 07:54

Patrick

4,720
4
41
71

votes

8 answers

How to disassemble, modify and then reassemble a Linux executable?

Is there anyway this can be done? I've used objdump but that doesn't produce assembly output that will be accepted by any assembler that I know of. I'd like to be able to change instructions within an executable and then test it afterwards.

linux x86 disassembly objdump

asked Nov 30 '10 at 01:31

FlagCapper

votes

2 answers

How does GCC optimize out an unused variable incremented inside a loop?

I wrote this simple C program: int main() { int i; int count = 0; for(i = 0; i < 2000000000; i++){ count = count + 1; } } I wanted to see how the gcc compiler optimizes this loop (clearly add 1 2000000000 times should be…

c gcc compiler-optimization disassembly

asked Jan 12 '12 at 20:31

Haile

3,120
3
24
40

votes

2 answers

What is your favorite disassembler tool in Mac OS X?

I am using the otool, nm and Fraise text editor to disassemble the Mach-o binaries. My workflow at this point is pretty straightforward: 1. List the existed symbols. nm -g 2. Get the disasm code. otool -vt 3. Copy and paste this output to a…

macos assembly disassembly nm otool

asked Feb 29 '12 at 06:24

user663896

votes

2 answers

Disassembling A Flat Binary File Using objdump

Can I disassemble a flat binary file using objdump? I'm familiar with disassembling a structured binary executable such as an ELF file using: objdump -d file.elf But if I have a flat binary file that I know is supposed to be loaded at, e.g.,…

reverse-engineering disassembly objdump

asked Jan 12 '13 at 06:21

Multimedia Mike

12,660
5
46
62

votes

3 answers

Why does this memory address %fs:0x28 ( fs[0x28] ) have a random value?

I've written a piece of C code and I've disassembled it as well as read the registers to understand how the program works in assembly. int test(char *this){ char sum_buf[6]; strncpy(sum_buf,this,32); return 0; } The piece of my code…

c gcc x86-64 buffer-overflow disassembly

asked Apr 26 '12 at 00:30

Dr.Knowitall

10,080
23
82
133

votes

1 answer

Long multi-byte NOPs: commonly understood macros or other notation

It's not a big secret that x86 (and x86_64) processors have not only the single-byte NOP instruction, but also various types of multi-byte NOP-like instructions. These are the ones I've managed to find: Recommended by AMD, ref. AMD Software…

assembly x86-64 naming-conventions disassembly no-op

asked Aug 28 '14 at 09:35

GreyCat

16,622
18
74
112

votes

2 answers

Find out what functions a static C library has

I have a static C library (say mylib.a) and I was wondering if it's possible to find out what functions are implemented inside that file. I don't have a corresponding header file. what I need is like the equivalent of javap for Java.

c static-libraries dump disassembly

asked Mar 29 '10 at 18:22

cd1

15,908
12
46
47

2 3

…

99 100 Next