Lab 5, Inspecting object/load modules
Goals for this lab
By the time you have completed this lab you should be able to:
- Identify and interpret file types with the file command.
- Inspect object and load module contents and structure with command line tools
- Explain key memory concepts for C and C++ programs.
You must work as a pair on the labs. If you were paired up last week, you need to work with the same pair. If you did not get paired up last week, or your pair is no longer in the class, please see the TA.
Change into the cs32 directory, and create a lab directory:
cd cs32 mkdir lab5
Change into the lab4 directory and copy the file you will need for this lab:
cd lab5 cp ~cs32/public_html/code/lab5/* .
Compile, link separately, and begin exploring the binaries
First compile with both -g and -c flags to provide debugging information and write the object module, lab5.o to disk:
clang++ -g -c lab5.cpp
Now create the executable file from this object file:
clang++ -o lab5 lab5.o
Next, read and interpret the output of the file command for the three
file lab5* will produce the following output:
lab5: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.32, not stripped lab5.cpp: ASCII text lab5.o: ELF 32-bit LSB relocatable, Intel 80386, version 1 (GNU/Linux), not stripped
ELF stands for “Executable and Linking Format” as you learned from the Reader and lecture, LSB means “Linux Standard Base” (a collection of APIs meant to be supported by all Linux systems), and SYSV abbreviates “UNIX System V.” What else can you learn from these results? And what do you suppose “not stripped” means?
The strings command can be used to list the strings in a binary file. For example, the relocatable object file (lab5.o) has two strings:
$ strings lab5.o element is
Did you read the source code? If so, then these strings should look
familiar. Meanwhile, the executable file contains many more strings. Try
strings lab5 to see them.
Inspect object module names/sections with
nm lists the “names” (symbols) in an object or load module, and
objdump displays various information about such files. Both commands have
useful options that are worth learning.
Show the names in lab5.o via
00000130 t _GLOBAL__I_a U _ZNSolsEPFRSoS_E U _ZNSolsEi U _ZNSt8ios_base4InitC1Ev U _ZNSt8ios_base4InitD1Ev U _ZSt4cout U _ZSt4endlIcSt11char_traitsIcEERSt13basic_ostreamIT_T0_ES6_ 00000028 b _ZStL8__ioinit U _ZStlsISt11char_traitsIcEERSt13basic_ostreamIcT_ES5_PKc 00000028 d _ZZ4mainE1k U __cxa_atexit 00000000 t __cxx_global_var_init U __dso_handle 00000000 D a 00000000 B b 00000050 T main
The values on the left side are addresses in hexadecimal, and you can show
these values in decimal with the
-td option. The next column shows the class
of each symbol, where
t are functions,
d are data (global
variables), B and b are uninitialized data, and U is undefined.
Notice the names are shown in their
mangled form by default. For example,
_ZZ4mainE1k is really just the static variable
std::ostream::operator<<(int) in more familiar notation. The
-C option will
decode (demangle) such symbols for you. Try it now.
By the way, the default format for nm, “BSD format” is in some cases more
difficult to read than “System V format” which can be achieved with the
sysv option. Try that now too.
Inspect object module names/sections with
objdump can reveal more details about object files. At least one option
must be specified.
Try it first with the
-S option. I recommend piping the results through
less to view one screenful at a time. Hit
q when you want to exit
objdump -S lab5.o | less
-S option will “display source code intermixed with
disassembly, if possible. Implies -d.” The
-d option means disassemble the
man objdump or read the man
learn about more options. You might like the
-l option in particular. Use it
along with the
-d option as follows:
objdump -d -l lab5.o | less
Try some other option switches. Notice for example that
-C serves the same
purpose it did for the
nm command. Do you remember that purpose? The
option lets you specify just particular sections. Interesting sections
.ctors, among others.
Inspect executable module with
Although you could use
objdump to inspect this load module, the
tool gives more information about load modules (so called because they are
ready to be loaded into memory for execution). As with
objdump, at least one
option must be specified.
First learn about
readelf from its man
Did you notice that the
-S option has a different meaning for
it does for
readelf it means “Displays the information
contained in the file’s section headers, if it has any.” Use it now to find out
the names of the sections in lab5:
readelf -S lab5
Answer some questions
Create a file
answers.txt and store your answers the following questions in
it. Place each answer on its own line and separate answers by at least a single
What is the name of the section with the program’s instructions?
In what section is the array named
What happened to the constant
M? In what section is its value storred?
In what section is the static variable
How is the array
bhandled differently than other variables?
iis handled differently too. How?
Please make only one submission per pair; this isn’t essential, it just makes life easier for the TA.
~cs32/submit lab5@cs32 answers.txt
Please check the feedback email to ensure you submitted correctly. For this
lab, you will only receive a verification score (
0 out of 1 or
1 out of 1)
to indicate that your submission was suitable for manual grading. Your actual
scores will be sent out via Piazza either Friday or Saturday following the lab.
Special thanks to Michael Costanzo for allowing me use of his CS32 material. This lab was copied almost verbatim from his Spring 2012 CS32 class.