工具

command-line tools

• lipo /usr/bin/lipo

能夠分析二進制文件的架構，可以拆分和合并二進制文件

• otool /usr/bin/otool

列出Mach-O文件的sections和segments信息，具體使用可以參考otool --help

• pagestuff /usr/bin/pagestuff

展示每一個組成反射(image)的每個邏輯頁面的內容，其中包含了sections的名字和每個page里的符號。這個工具不能在有多個架構的包含映射的二進制文件中運行。

• symbol table的展示工具 /usr/bin/nm

允許你查看對象文件符號表的內容

工具的使用

lipo

The lipo command creates or operates on ``universal'' (multi-architec-
ture) files. It only ever produces one output file, and never alters
the input file. The operations that lipo performs are: listing the
architecture types in a universal file; creating a single universal
file from one or more input files; thinning out a single universal file
to one specified architecture type; and extracting, replacing, and/or
removing architectures types from the input file to create a single new
universal output file.
lipo 命令 是用來創建或者是操作一般含有多個結構體的文件。能輸出一個文件，但不改變原文件。該命令能查詢結構體類型，合并多個結構體文件，或者從多個結構體文件中剝離出來單個結構體。

Only one option can be specified, with the exception of -arch,
-arch_blank, -output, and -segalign, which are used in combination with
other options. The input_file argument is required, and only the -cre-
ate option allows more than one input_file to be specified. The -out-
put flag must be used, except with the -info and -detailed_info flags.

假設我們的moch-0二進制文件名字叫 test .結構體類型是armv7 和 arm64
lipo -info test

Architectures in the fat file: ETCP are: armv7 arm64 

lipo -detailed_info test

Fat header in: test
fat_magic 0xcafebabe
nfat_arch 2
architecture armv7
    cputype CPU_TYPE_ARM
    cpusubtype CPU_SUBTYPE_ARM_V7
    offset 16384
    size 37933760
    align 2^14 (16384)
architecture arm64
    cputype CPU_TYPE_ARM64
    cpusubtype CPU_SUBTYPE_ARM64_ALL
    offset 37961728
    size 43561328
    align 2^14 (16384)

lipo -thin armv7 test -output test.armv7

會在當前目錄生成一個 test.armv7 結構體類型是 armv7

lipo -create test.arm64 test.armv7 -output test.all

將test.arm64和 test.armv7結構體 合并在一起輸出到 test.all 文件中。

lipo -remove armv7 test.all -output test.arm64-1

將test.all 結構體中的armv7 移除掉

lipo -extract arm64 -output test.arm64-2 test.all

將test.all 結構體中的arm64 結構體輸出到 test.arm64-2

lipo -create -arch armv7 test.armv7 -arch arm64 test.arm64 -output test.all

這里是把test.armv7 和 test.arm64 合并到test.all 文件中，-arch 只是用來修飾文件的，并且給文件做限制，必須是not-fat 結構體

otool /usr/bin/otool

The otool command displays specified parts of object files or libraries. If the -m option is not used the file arguments may be of the form libx.a(foo.o), to request information about only that object file and not the entire library. (Typically this argument must be quoted, ``libx.a(foo.o)'', to get it past the shell.) Otool understands both Mach-O (Mach object) files and universal file formats.Otool can display the specified information in either its raw (numeric)form (without the -v flag), or in a symbolic form using macro names of costants, etc. (with the -v or -V flag).

這個工具展示文件或者庫的一部分。這個命令明白mach-o 文件和結構體文件。

    -f print the fat headers
    -a print the archive header
    -h print the mach header
    -l print the load commands
    -L print shared libraries used
    -D print shared library id name
    -t print the text section (disassemble with -v)
    -p <routine name>  start dissassemble from routine name
    -s <segname> <sectname> print contents of section
    -d print the data section
    -o print the Objective-C segment
    -r print the relocation entries
    -S print the table of contents of a library
    -T print the table of contents of a dynamic shared library
    -M print the module table of a dynamic shared library
    -R print the reference table of a dynamic shared library
    -I print the indirect symbol table
    -H print the two-level hints table
    -G print the data in code table
    -v print verbosely (symbolically) when possible
    -V print disassembled operands symbolically
    -c print argument strings of a core file
    -X print no leading addresses or headers
    -m don't use archive(member) syntax
    -B force Thumb disassembly (ARM objects only)
    -q use llvm's disassembler (the default)
    -Q use otool(1)'s disassembler
    -mcpu=arg use `arg' as the cpu for disassembly
    -j print opcode bytes
    -P print the info plist section as strings
    -C print linker optimization hints

pagestuff

mach-o 分析工具

pagestuff displays information about the specified logical pages of a file conforming to the Mach-O executable format. For each specified page of code, symbols (function and static data structure names) are displayed

命令舉例

pagestuff test.arm64 -arch arm64 -a 

symbol table的展示工具

Nm displays the name list (symbol table) of each object file in the argument list. If an argument is an archive, a listing for each object file in the archive will be produced. File can be of the form libx.a(x.o), in which case only symbols from that member of the object file are listed. (The parentheses have to be quoted to get by the shell.) If no file is given, the symbols in a.out are listed.
nm 命令能展示每個文件的信號表

Each  symbol  name  is preceded by its value (blanks if undefined).  Unless the -m option is specified, this value is followed by one of the following characters, representing the  symbol  type:  U (undefined), A (absolute), T (text section symbol), D (data section symbol), B(bss section symbol), C (common symbol), -  (for  debugger  symbol  table  entries;  see  -a below), S (symbol in a section other than those above), or I (indirect symbol).  If the symbol is local (non-external), the symbol's type is instead represented by  the  corresponding lowercase  letter.   A lower case u in a dynamic shared library indicates a undefined reference to a private external in another module in the same library.

If the symbol is a Objective C method, the symbol name is +-[Class_name(category_name) method:name:], where +' is for class methods,-' is for instance methods, and (cate-
gory_name) is present only when the method is in a category.
這個是category 的標示方法

       -t format
              For the -P output, write the numeric value in the specified format. The format  shall
              be dependent on the single character used as the format option-argument:

       d      The value shall be written in decimal (default).

       o      The value shall be written in octal.

       x      The value shall be written in hexadecimal.

       -L     Display  the symbols in the bitcode files in the (__LLVM,__bundle) section if present
              instead of the object's symbol table.  This is the default if the object has no  sym-
              bol table and there is an (__LLVM,__bundle) section.

參數不少

這些工具暫時具體怎么使用還不太懂。只是略作記錄，防止忘記。