]>
Commit | Line | Data |
---|---|---|
1 | .TH NDISASM 1 "The Netwide Assembler Project" | |
2 | .SH NAME | |
3 | ndisasm \- the Netwide Disassembler \- 80x86 binary file disassembler | |
4 | .SH SYNOPSIS | |
5 | .B ndisasm | |
6 | [ | |
7 | .B \-o | |
8 | origin | |
9 | ] [ | |
10 | .B \-s | |
11 | sync-point [...]] | |
12 | [ | |
13 | .B \-a | |
14 | | | |
15 | .B \-i | |
16 | ] [ | |
17 | .B \-b | |
18 | bits | |
19 | ] [ | |
20 | .B -u | |
21 | ] [ | |
22 | .B \-e | |
23 | hdrlen | |
24 | ] [ | |
25 | .B \-k | |
26 | offset,length [...]] | |
27 | infile | |
28 | .br | |
29 | .B ndisasm \-h | |
30 | .br | |
31 | .B ndisasm \-r | |
32 | .SH DESCRIPTION | |
33 | The | |
34 | .B ndisasm | |
35 | command generates a disassembly listing of the binary file | |
36 | .I infile | |
37 | and directs it to stdout. | |
38 | .SS OPTIONS | |
39 | .TP | |
40 | .B \-h | |
41 | Causes | |
42 | .B ndisasm | |
43 | to exit immediately, after giving a summary of its invocation | |
44 | options. | |
45 | .TP | |
46 | .BI \-r | |
47 | Causes | |
48 | .B ndisasm | |
49 | to exit immediately, after displaying its version number. | |
50 | .TP | |
51 | .BI \-o " origin" | |
52 | Specifies the notional load address for the file. This option causes | |
53 | .B ndisasm | |
54 | to get the addresses it lists down the left hand margin, and the | |
55 | target addresses of PC-relative jumps and calls, right. | |
56 | .TP | |
57 | .BI \-s " sync-point" | |
58 | Manually specifies a synchronisation address, such that | |
59 | .B ndisasm | |
60 | will not output any machine instruction which encompasses bytes on | |
61 | both sides of the address. Hence the instruction which | |
62 | .I starts | |
63 | at that address will be correctly disassembled. | |
64 | .TP | |
65 | .BI \-e " hdrlen" | |
66 | Specifies a number of bytes to discard from the beginning of the | |
67 | file before starting disassembly. This does not count towards the | |
68 | calculation of the disassembly offset: the first | |
69 | .I disassembled | |
70 | instruction will be shown starting at the given load address. | |
71 | .TP | |
72 | .BI \-k " offset,length" | |
73 | Specifies that | |
74 | .I length | |
75 | bytes, starting from disassembly offset | |
76 | .IR offset , | |
77 | should be skipped over without generating any output. The skipped | |
78 | bytes still count towards the calculation of the disassembly offset. | |
79 | .TP | |
80 | .BR \-a " or " \-i | |
81 | Enables automatic (or intelligent) sync mode, in which | |
82 | .B ndisasm | |
83 | will attempt to guess where synchronisation should be performed, by | |
84 | means of examining the target addresses of the relative jumps and | |
85 | calls it disassembles. | |
86 | .TP | |
87 | .BI \-b " bits" | |
88 | Specifies either 16-bit or 32-bit mode. The default is 16-bit mode. | |
89 | .TP | |
90 | .B \-u | |
91 | Specifies 32-bit mode, more compactly than using `-b 32'. | |
92 | .PP | |
93 | .RE | |
94 | .SH RESTRICTIONS | |
95 | .B ndisasm | |
96 | only disassembles binary files: it has no understanding of the | |
97 | header information present in object or executable files. If you | |
98 | want to disassemble an object file, you should probably be using | |
99 | .BR objdump "(" 1 ")." | |
100 | .PP | |
101 | Auto-sync mode won't necessarily cure all your synchronisation | |
102 | problems: a sync marker can only be placed automatically if a jump | |
103 | or call instruction is found to refer to it | |
104 | .I before | |
105 | .B ndisasm | |
106 | actually disassembles that part of the code. Also, if spurious jumps | |
107 | or calls result from disassembling non-machine-code data, sync | |
108 | markers may get placed in strange places. Feel free to turn | |
109 | auto-sync off and go back to doing it manually if necessary. | |
110 | .PP | |
111 | .B ndisasm | |
112 | can only keep track of 8192 sync markers internally at once: this is | |
113 | to do with portability, since DOS machines don't take kindly to more | |
114 | than 64K being allocated at a time. | |
115 | .PP | |
116 | .SH SEE ALSO | |
117 | .BR objdump "(" 1 ")." |