nasm/ndisasm.txt

ndisasm(1)
==========
:doctype:	manpage
:man source:	NASM
:man manual:	The Netwide Assembler Project

NAME
----
ndisasm - the Netwide Disassembler, an 80x86 binary file disassembler

SYNOPSIS
--------
*ndisasm* [ *-o* origin ] [ *-s* sync-point [...]] [ *-a* | *-i* ]
	[ *-b* bits ] [ *-u* ] [ *-e* hdrlen ] [ *-p* vendor ]
	[ *-k* offset,length [...]] infile

DESCRIPTION
-----------
The *ndisasm* command generates a disassembly listing of the binary file
infile and directs it to stdout.

OPTIONS
-------
*-h*::
	Causes *ndisasm* to exit immediately, after giving a summary
	of its invocation options.

*-r*|*-v*::
	Causes *ndisasm* to exit immediately, after displaying its
	version number.

*-o* 'origin'::
	Specifies the notional load address for the file. This
	option causes *ndisasm* to get the addresses it lists
	down the left hand margin, and the target addresses
	of PC-relative jumps and calls, right.

*-s* 'sync-point'::
	Manually specifies a synchronisation address, such that
	*ndisasm* will not output any machine instruction which
	encompasses bytes on both sides of the address. Hence
	the instruction which starts at that address will be
	correctly disassembled.

*-e* 'hdrlen'::
	Specifies a number of bytes to discard from the beginning
	of the file before starting disassembly. This does not
	count towards the calculation of the disassembly offset:
	the first 'disassembled' instruction will be shown starting
	at the given load address.

*-k* 'offset,length'::
	Specifies that 'length' bytes, starting from disassembly
	offset 'offset', should be skipped over without generating
	any output. The skipped bytes still count towards the
	calculation of the disassembly offset.

*-a*|*-i*::
	Enables automatic (or intelligent) sync mode, in which
	*ndisasm* will attempt to guess where synchronisation should
	be performed, by means of examining the target addresses
	of the relative jumps and calls it disassembles.

*-b* 'bits'::
	Specifies 16-, 32- or 64-bit mode. The default is 16-bit
	mode.

*-u*::
	Specifies 32-bit mode, more compactly than using `-b 32'.

*-p* 'vendor'::
	Prefers instructions as defined by 'vendor' in case of
	a conflict. Known 'vendor' names include *intel*, *amd*,
	*cyrix*, and *idt*. The default is *intel*.

RESTRICTIONS
------------
*ndisasm* only disassembles binary files: it has no understanding of
the header information present in object or executable files.
If you want to disassemble an object file, you should probably
be using *objdump*(1).

Auto-sync mode won't necessarily cure all your synchronisation
problems: a sync marker can only be placed automatically if a
jump or call instruction is found to refer to it 'before'
*ndisasm* actually disassembles that part of the code. Also,
if spurious jumps or calls result from disassembling
non-machine-code data, sync markers may get placed in strange
places. Feel free to turn auto-sync off and go back to doing
it manually if necessary.

SEE ALSO
--------
*objdump*(1)
man: Generate manpages from asciidoc format The asciidoc format is a way more easier to read by a human. Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com> 2013-02-18 02:50:19 +08:00			`ndisasm(1)`
			`==========`
			`:doctype: manpage`
			`:man source: NASM`
			`:man manual: The Netwide Assembler Project`

			`NAME`
			`----`
			`ndisasm - the Netwide Disassembler, an 80x86 binary file disassembler`

			`SYNOPSIS`
			`--------`
			`ndisasm [ -o origin ] [ -s sync-point [...]] [ -a \| -i ]`
ndisasm: man -- Add missing -p option Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com> 2013-04-21 00:18:46 +08:00			`[ -b bits ] [ -u ] [ -e hdrlen ] [ -p vendor ]`
man: Generate manpages from asciidoc format The asciidoc format is a way more easier to read by a human. Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com> 2013-02-18 02:50:19 +08:00			`[ -k offset,length [...]] infile`

			`DESCRIPTION`
			`-----------`
			`The ndisasm command generates a disassembly listing of the binary file`
			`infile and directs it to stdout.`

			`OPTIONS`
			`-------`
BR3392248: Update ndisasm man Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com> 2013-04-21 00:13:51 +08:00			`-h::`
man: Generate manpages from asciidoc format The asciidoc format is a way more easier to read by a human. Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com> 2013-02-18 02:50:19 +08:00			`Causes ndisasm to exit immediately, after giving a summary`
			`of its invocation options.`

BR3392248: Update ndisasm man Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com> 2013-04-21 00:14:45 +08:00			`-r\|-v::`
man: Generate manpages from asciidoc format The asciidoc format is a way more easier to read by a human. Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com> 2013-02-18 02:50:19 +08:00			`Causes ndisasm to exit immediately, after displaying its`
			`version number.`

BR3392248: Update ndisasm man Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com> 2013-04-21 00:13:51 +08:00			`-o 'origin'::`
man: Generate manpages from asciidoc format The asciidoc format is a way more easier to read by a human. Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com> 2013-02-18 02:50:19 +08:00			`Specifies the notional load address for the file. This`
			`option causes ndisasm to get the addresses it lists`
			`down the left hand margin, and the target addresses`
			`of PC-relative jumps and calls, right.`

BR3392248: Update ndisasm man Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com> 2013-04-21 00:13:51 +08:00			`-s 'sync-point'::`
man: Generate manpages from asciidoc format The asciidoc format is a way more easier to read by a human. Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com> 2013-02-18 02:50:19 +08:00			`Manually specifies a synchronisation address, such that`
			`ndisasm will not output any machine instruction which`
			`encompasses bytes on both sides of the address. Hence`
			`the instruction which starts at that address will be`
			`correctly disassembled.`

BR3392248: Update ndisasm man Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com> 2013-04-21 00:13:51 +08:00			`-e 'hdrlen'::`
man: Generate manpages from asciidoc format The asciidoc format is a way more easier to read by a human. Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com> 2013-02-18 02:50:19 +08:00			`Specifies a number of bytes to discard from the beginning`
			`of the file before starting disassembly. This does not`
			`count towards the calculation of the disassembly offset:`
			`the first 'disassembled' instruction will be shown starting`
			`at the given load address.`

BR3392248: Update ndisasm man Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com> 2013-04-21 00:13:51 +08:00			`-k 'offset,length'::`
man: Generate manpages from asciidoc format The asciidoc format is a way more easier to read by a human. Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com> 2013-02-18 02:50:19 +08:00			`Specifies that 'length' bytes, starting from disassembly`
			`offset 'offset', should be skipped over without generating`
			`any output. The skipped bytes still count towards the`
			`calculation of the disassembly offset.`

BR3392248: Update ndisasm man Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com> 2013-04-21 00:13:51 +08:00			`-a\|-i::`
man: Generate manpages from asciidoc format The asciidoc format is a way more easier to read by a human. Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com> 2013-02-18 02:50:19 +08:00			`Enables automatic (or intelligent) sync mode, in which`
			`ndisasm will attempt to guess where synchronisation should`
			`be performed, by means of examining the target addresses`
			`of the relative jumps and calls it disassembles.`

BR3392248: Update ndisasm man Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com> 2013-04-21 00:13:51 +08:00			`-b 'bits'::`
man: Generate manpages from asciidoc format The asciidoc format is a way more easier to read by a human. Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com> 2013-02-18 02:50:19 +08:00			`Specifies 16-, 32- or 64-bit mode. The default is 16-bit`
			`mode.`

BR3392248: Update ndisasm man Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com> 2013-04-21 00:13:51 +08:00			`-u::`
man: Generate manpages from asciidoc format The asciidoc format is a way more easier to read by a human. Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com> 2013-02-18 02:50:19 +08:00			Specifies 32-bit mode, more compactly than using `-b 32'.

BR3392248: Update ndisasm man Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com> 2013-04-21 00:13:51 +08:00			`-p 'vendor'::`
man: Generate manpages from asciidoc format The asciidoc format is a way more easier to read by a human. Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com> 2013-02-18 02:50:19 +08:00			`Prefers instructions as defined by 'vendor' in case of`
			`a conflict. Known 'vendor' names include intel, amd,`
			`cyrix, and idt. The default is intel.`

			`RESTRICTIONS`
			`------------`
			`ndisasm only disassembles binary files: it has no understanding of`
			`the header information present in object or executable files.`
			`If you want to disassemble an object file, you should probably`
			`be using objdump(1).`

			`Auto-sync mode won't necessarily cure all your synchronisation`
			`problems: a sync marker can only be placed automatically if a`
			`jump or call instruction is found to refer to it 'before'`
			`ndisasm actually disassembles that part of the code. Also,`
			`if spurious jumps or calls result from disassembling`
			`non-machine-code data, sync markers may get placed in strange`
			`places. Feel free to turn auto-sync off and go back to doing`
			`it manually if necessary.`

			`SEE ALSO`
			`--------`
			`objdump(1)`