Back to Details

binutils

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

GNU Binutils

GNU Binutils

Purpose

用途

Guide agents through the binutils toolset for binary manipulation: static libraries, stripping, address-to-source mapping, and symbol demangling.
引导使用者使用binutils工具集进行二进制文件操作:包括静态库处理、符号剥离、地址到源码的映射以及符号还原。

Triggers

触发场景

  • "How do I create a static library?"
  • "How do I strip a binary but keep a debug file?"
  • "I have an address from a crash — how do I find the source line?"
  • "How do I demangle a C++ symbol name?"
  • "How do I extract/replace sections in a binary?"
  • "如何创建静态库?"
  • "如何剥离二进制文件的符号但保留调试文件?"
  • "我有一个崩溃时的地址,如何找到对应的源码行?"
  • "如何还原C++符号名称?"
  • "如何提取/替换二进制文件中的段?"

Workflow

工作流程

1. 
ar
— static library management

1. 
ar
— 静态库管理

bash
undefined
bash
undefined

Create static library

创建静态库

ar rcs libfoo.a foo.o bar.o baz.o
ar rcs libfoo.a foo.o bar.o baz.o

List contents

列出内容

ar t libfoo.a
ar t libfoo.a

Extract an object

提取目标文件

ar x libfoo.a foo.o
ar x libfoo.a foo.o

Add/replace an object

添加/替换目标文件

ar r libfoo.a newbar.o
ar r libfoo.a newbar.o

Delete an object

删除目标文件

ar d libfoo.a oldbar.o
ar d libfoo.a oldbar.o

Show symbol index

显示符号索引

nm libfoo.a
nm libfoo.a

Rebuild symbol index (after modifying archive externally)

重建符号索引(外部修改归档文件后)

ranlib libfoo.a

For LTO archives: use `gcc-ar`/`gcc-ranlib` or `llvm-ar` instead of plain `ar`.
ranlib libfoo.a

对于LTO归档文件:请使用`gcc-ar`/`gcc-ranlib`或`llvm-ar`替代普通的`ar`。

2. 
strip
— remove debug info

2. 
strip
— 移除调试信息

bash
undefined
bash
undefined

Strip all debug info (reduce binary size)

剥离所有调试信息(减小二进制文件体积)

strip --strip-all prog
strip --strip-all prog

Strip only debug sections (keep symbol table)

仅剥离调试段(保留符号表)

strip --strip-debug prog
strip --strip-debug prog

Strip unneeded symbols (keep needed for linking)

剥离不需要的符号(保留链接所需的符号)

strip --strip-unneeded prog
strip --strip-unneeded prog

In-place

原地修改

strip prog
strip prog

To a new file

输出到新文件

strip -o prog.stripped prog
undefined
strip -o prog.stripped prog
undefined

3. 
objcopy
— binary section manipulation

3. 
objcopy
— 二进制段操作

bash
undefined
bash
undefined

Separate debug info from binary

分离二进制文件的调试信息

objcopy --only-keep-debug prog prog.debug objcopy --strip-debug prog
objcopy --only-keep-debug prog prog.debug objcopy --strip-debug prog

Add debuglink (GDB finds prog.debug automatically)

添加调试链接(GDB会自动找到prog.debug)

objcopy --add-gnu-debuglink=prog.debug prog
objcopy --add-gnu-debuglink=prog.debug prog

Convert binary to another format

将二进制文件转换为其他格式

objcopy -O binary prog prog.bin # raw binary (embedded) objcopy -O srec prog prog.srec # Motorola S-record
objcopy -O binary prog prog.bin # 原始二进制文件(用于嵌入式场景) objcopy -O srec prog prog.srec # Motorola S-record格式

Add a section from a file

从文件中添加段

objcopy --add-section .resources=data.bin prog
objcopy --add-section .resources=data.bin prog

Remove a section

删除段

objcopy --remove-section .comment prog
objcopy --remove-section .comment prog

Change section flags

修改段标志

objcopy --set-section-flags .data=alloc,contents,load,readonly prog
objcopy --set-section-flags .data=alloc,contents,load,readonly prog

Embed a binary file as a symbol

将二进制文件作为符号嵌入

objcopy -I binary -O elf64-x86-64
--rename-section .data=.rodata,alloc,load,readonly,data,contents
data.bin data.o
objcopy -I binary -O elf64-x86-64
--rename-section .data=.rodata,alloc,load,readonly,data,contents
data.bin data.o

Then link data.o; access via _binary_data_bin_start / _binary_data_bin_end

然后链接data.o;通过_binary_data_bin_start / _binary_data_bin_end访问

undefined
undefined

4. 
addr2line
— address to source

4. 
addr2line
— 地址转源码

bash
undefined
bash
undefined

Convert a crash address to source:line

将崩溃地址转换为源码:行号

addr2line -e prog -f 0x400a12
addr2line -e prog -f 0x400a12

Output:

输出:

my_function

my_function

/home/user/src/main.c:42

/home/user/src/main.c:42

Multiple addresses

转换多个地址

addr2line -e prog -f 0x400a12 0x400b34 0x400c56
addr2line -e prog -f 0x400a12 0x400b34 0x400c56

Inline frames (-i)

内联帧(-i参数)

addr2line -e prog -f -i 0x400a12
addr2line -e prog -f -i 0x400a12

Common use: pipe from backtrace output

常见用法:从回溯输出中管道输入

cat crash.log | grep '0x[0-9a-f]' | grep -o '0x[0-9a-f]*' |
addr2line -e prog -f -i

Requires the binary to have debug info (compiled with `-g`). For stripped binaries, use the unstripped version or a `.debug` file.
cat crash.log | grep '0x[0-9a-f]' | grep -o '0x[0-9a-f]*' |
addr2line -e prog -f -i

此功能要求二进制文件包含调试信息(编译时需添加`-g`参数)。对于已剥离符号的二进制文件,请使用未剥离的版本或`.debug`文件。

5. 
c++filt
— demangle C++ symbols

5. 
c++filt
— 还原C++符号

bash
undefined
bash
undefined

Demangle a single symbol

还原单个符号

c++filt _ZN3foo3barEv
c++filt _ZN3foo3barEv

Output: foo::bar()

输出: foo::bar()

Demangle from nm output

还原nm命令的输出

nm prog | c++filt
nm prog | c++filt

Demangle from crash log

还原崩溃日志中的符号

cat crash.log | c++filt

Alternative: `nm -C prog` (demangle directly in nm).
cat crash.log | c++filt

替代方案:`nm -C prog`(直接在nm命令中还原符号)。

6. 
strings
— extract printable strings

6. 
strings
— 提取可打印字符串

bash
strings prog                    # all strings >= 4 chars
strings -n 8 prog               # minimum length 8
strings -t x prog               # with offset (hex)
strings -t d prog               # with offset (decimal)
bash
strings prog                    # 提取所有长度≥4的字符串
strings -n 8 prog               # 提取最小长度为8的字符串
strings -t x prog               # 显示字符串的十六进制偏移量
strings -t d prog               # 显示字符串的十进制偏移量

Search for specific strings

搜索特定字符串

strings prog | grep "version" strings prog | grep "Copyright"
undefined
strings prog | grep "version" strings prog | grep "Copyright"
undefined

7. 
readelf
and 
objdump
quick reference

7. 
readelf
objdump
速查

(Full coverage in 
skills/binaries/elf-inspection
)
bash
undefined
(完整内容请参考
skills/binaries/elf-inspection
bash
undefined

Symbol lookup for crash address (alternative to addr2line)

通过崩溃地址查找符号(addr2line的替代方案)

objdump -d -M intel prog | grep -A5 "400a12:"
objdump -d -M intel prog | grep -A5 "400a12:"

Find which object file defines a symbol

查找定义某个符号的目标文件

objdump -t prog | grep my_function
undefined
objdump -t prog | grep my_function
undefined

8. Cross-binutils

8. 交叉binutils

For cross-compilation, use the target-prefixed versions:
bash
aarch64-linux-gnu-strip prog
aarch64-linux-gnu-objcopy --only-keep-debug prog prog.debug
aarch64-linux-gnu-addr2line -e prog 0x400a12
arm-none-eabi-nm libfirmware.a
For a complete command cheatsheet covering all tools (ar, strip, objcopy, addr2line, strings, c++filt), see references/cheatsheet.md.
对于交叉编译场景,请使用带目标前缀的版本:
bash
aarch64-linux-gnu-strip prog
aarch64-linux-gnu-objcopy --only-keep-debug prog prog.debug
aarch64-linux-gnu-addr2line -e prog 0x400a12
arm-none-eabi-nm libfirmware.a
如需包含所有工具(ar、strip、objcopy、addr2line、strings、c++filt)的完整命令速查表,请查看references/cheatsheet.md

Related skills

相关技能

  • Use 
    skills/binaries/elf-inspection
    for 
    readelf
    , 
    nm
    , 
    ldd
    , 
    objdump
    inspection
  • Use 
    skills/binaries/linkers-lto
    for linker flags and LTO
  • Use 
    skills/debuggers/core-dumps
    for debug file management with 
    objcopy --add-gnu-debuglink
  • 如需使用
    readelf
    nm
    ldd
    objdump
    进行检查,请使用
    skills/binaries/elf-inspection
  • 如需了解链接器标志和LTO,请使用
    skills/binaries/linkers-lto
  • 如需使用
    objcopy --add-gnu-debuglink
    进行调试文件管理,请使用
    skills/debuggers/core-dumps