Linux环境下C语言编译、运行的底层工作原理(3).doc

资源描述

1、Linux 环境下 C 语言编译、运行的底层工作原理（3 ）借助readelf工具和hexdump工具查看目标文件的详细内容图 1 linux 环境下源代码、汇编代码、目标文件和可执行文件之间的关系图 1 反应的是 linux 环境下源代码（.c）、汇编代码（.s）、目标文件（.o）和可执行文件（.out）之间的关系。本文中，我们将要借助 readelf 工具和 hexdump 工具来查看目标文件的详细内容，因此要通过 gcc-c 命令生成 print_address.o 目标文件。由以上信息不难发现：1. ELF Header 的起始文件地址是 0，大小是 64Bytes。由于文件开头第一字

2、节的地址定义为 0，因此 ELF Header 的文件地址范围是 0x000x3f。2. Section Header Table 在文件中的起始位置是 752，Section Header Table 中有 13 个表项，每个表项占 64bytes，13 个表项共占 832bytes（832=0x340）。因此 Section Header Table对应的文件地址范围是 0x2f00x62f。将上面截取的 13 个表项相关信息进行整理，注意 Offset 项对应起始文件地址，Size 也就是section 的 size。整理后可以得到表 1：表 1 各个 section 及其对应的文件

3、地址范围Section 或 Header 文件地址范围 SizeELF Header 0x000x3f 0x40.text 0x400x12b 0xec.data 0x12c 0.bss 0x12c0x133 0x08.rodata 0x12c0x1e5 0xba.en_frame 0x1e80x25f ment 0x2600x28d 0x2e.note.GNU-stack 0x28e 0.shstrtab 0x28e0x2ee 0x61Section Header Table 0x2f00x62f 0x340.symtab 0x6300x7c7 0x198.strtab 0x7c80x837

4、 0x70.rela.text 0x8380xabf 0x288.rela.en_frame 0xac00xb07 0x48表 1 中有几个相邻的 section 之间首位地址不衔接。例如.rodata 的尾地址是 0x1e5，但临近的下一个 section 即.en_frame 这个 section 的首地址并不是预期的 0x1e6 而是 0x1e8。这里要看表项中的最后一个 Align，有点类似内存对其的概念。.en_frame 的 Align 值是 8，这个section 对应的地址必须是 8 的整数倍。因此.en_frame 的起始文件地址是 0x1e8 而不是0x1e6。接下来我们用

5、 hexdump 工具查看目标文件（.o）的具体内容。lirenjielocalhost $ hexdump -C print_address.o00000000 7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00 |.ELF.|00000010 01 00 3e 00 01 00 00 00 00 00 00 00 00 00 00 00 |.|00000020 00 00 00 00 00 00 00 00 f0 02 00 00 00 00 00 00 |.|00000030 00 00 00 00 40 00 00 00 00 00 40 0

6、0 0d 00 0a 00 |.|00000040 55 48 89 e5 48 83 ec 10 48 8d 75 fc bf 00 00 00 |UH.H.H.u.|00000050 00 b8 00 00 00 00 e8 00 00 00 00 be 00 00 00 00 |.|00000060 bf 00 00 00 00 b8 00 00 00 00 e8 00 00 00 00 c9 |.|00000070 c3 55 48 89 e5 48 83 ec 10 48 8d 75 fc bf 00 00 |.UH.H.H.u.|00000080 00 00 b8 00 00 00

7、 00 e8 00 00 00 00 c9 c3 55 48 |.UH|00000090 89 e5 48 83 ec 10 be 00 00 00 00 bf 00 00 00 00 |.H.|000000a0 b8 00 00 00 00 e8 00 00 00 00 be 00 00 00 00 bf |.|000000b0 00 00 00 00 b8 00 00 00 00 e8 00 00 00 00 be 00 |.|000000c0 00 00 00 bf 00 00 00 00 b8 00 00 00 00 e8 00 00 |.|000000d0 00 00 be 00 0

8、0 00 00 bf 00 00 00 00 b8 00 00 00 |.|000000e0 00 e8 00 00 00 00 be 00 00 00 00 bf 00 00 00 00 |.|000000f0 b8 00 00 00 00 e8 00 00 00 00 e8 00 00 00 00 e8 |.|00000100 00 00 00 00 bf 04 00 00 00 e8 00 00 00 00 48 89 |.H.|ELF Header，可以与 readelf 工具反馈的 ELF Header 信息对照着看。.text00000110 45 f8 48 8b 75 f8 b

9、f 00 00 00 00 b8 00 00 00 00 |E.H.u.|00000120 e8 00 00 00 00 b8 00 00 00 00 c9 c3 26 66 75 6e |.&fun|00000130 63 31 5f 76 61 72 69 61 62 6c 65 09 09 25 70 0a |c1_variable.%p.|00000140 00 26 66 75 6e 63 31 5f 73 74 61 74 69 63 5f 76 |.&func1_static_v|00000150 61 72 69 61 62 6c 65 09 25 70 0a 00 26 66

10、 75 6e |ariable.%p.&fun|00000160 63 32 5f 76 61 72 69 61 62 6c 65 09 09 25 70 0a |c2_variable.%p.|00000170 00 26 66 75 6e 63 31 09 09 09 25 70 0a 00 26 66 |.&func1.%p.&f|00000180 75 6e 63 32 09 09 09 25 70 0a 00 61 62 63 00 53 |unc2.%p.abc.S|00000190 74 72 69 6e 67 20 6c 69 74 65 72 61 6c 09 09 25 |

12、lloc address|000001e0 09 09 25 70 0a 00 00 00 14 00 00 00 00 00 00 00 |.%p.|000001f0 01 7a 52 00 01 78 10 01 03 0c 07 08 90 01 00 00 |.zR.x.|00000200 1c 00 00 00 1c 00 00 00 00 00 00 00 31 00 00 00 |.1.|00000210 00 41 0e 10 86 02 43 0d 06 00 00 00 00 00 00 00 |.A.C.|00000220 1c 00 00 00 3c 00 00 00

13、00 00 00 00 1d 00 00 00 |.|00000480 00 00 00 00 00 00 00 00 e8 01 00 00 00 00 00 00 |.|00000490 78 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |x.|000004a0 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |.|000004b0 39 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 |9.|000004c0 00 00 00 00 00 00 00 0

14、0 c0 0a 00 00 00 00 00 00 |.|000004d0 48 00 00 00 00 00 00 00 0b 00 00 00 06 00 00 00 |H.|000004e0 08 00 00 00 00 00 00 00 18 00 00 00 00 00 00 00 |.|000004f0 48 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 |H.|00000500 00 00 00 00 00 00 00 00 60 02 00 00 00 00 00 00 |.|00000510 2e 00 00 00 00 00 00

15、 00 00 00 00 00 00 00 00 00 |.|00000520 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |.|00000530 51 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 |Q.|00000540 00 00 00 00 00 00 00 00 8e 02 00 00 00 00 00 00 |.|00000550 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |.|00000560 01 00 00 00 00 00 0

16、0 00 00 00 00 00 00 00 00 00 |.|00000570 11 00 00 00 03 00 00 00 00 00 00 00 00 00 00 00 |.|00000580 00 00 00 00 00 00 00 00 8e 02 00 00 00 00 00 00 |.|00000590 61 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |a.|000005a0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |.|000005b0 01 00 00 00 02 00

17、00 00 00 00 00 00 00 00 00 00 |.|000005c0 00 00 00 00 00 00 00 00 30 06 00 00 00 00 00 00 |.0.|000005d0 98 01 00 00 00 00 00 00 0c 00 00 00 0b 00 00 00 |.|000005e0 08 00 00 00 00 00 00 00 18 00 00 00 00 00 00 00 |.|000005f0 09 00 00 00 03 00 00 00 00 00 00 00 00 00 00 00 |.|00000600 00 00 00 00 00 0

18、0 00 00 c8 07 00 00 00 00 00 00 |.|00000610 70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |p.|00000620 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |.|00000630 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |.|00000640 00 00 00 00 00 00 00 00 01 00 00 00 04 00 f1 ff |.|00000650 00 00 00 00 00

19、00 00 00 00 00 00 00 00 00 00 00 |.|00000660 00 00 00 00 03 00 01 00 00 00 00 00 00 00 00 00 |.|00000670 00 00 00 00 00 00 00 00 00 00 00 00 03 00 03 00 |.|00000680 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |.|00000690 00 00 00 00 03 00 04 00 00 00 00 00 00 00 00 00 |.|000006a0 00 00 00 00 00

20、00 00 00 11 00 00 00 01 00 04 00 |.|Section Header Table000006b0 00 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 |.|000006c0 00 00 00 00 03 00 05 00 00 00 00 00 00 00 00 00 |.|000006d0 00 00 00 00 00 00 00 00 2c 00 00 00 01 00 04 00 |.,.|000006e0 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 |.|00

21、0006f0 00 00 00 00 03 00 06 00 00 00 00 00 00 00 00 00 |.|00000700 00 00 00 00 00 00 00 00 00 00 00 00 03 00 09 00 |.|00000710 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |.|00000720 00 00 00 00 03 00 08 00 00 00 00 00 00 00 00 00 |.|00000730 00 00 00 00 00 00 00 00 41 00 00 00 12 00 01 00 |.A.|

22、00000740 00 00 00 00 00 00 00 00 31 00 00 00 00 00 00 00 |.1.|00000750 47 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 |G.|00000760 00 00 00 00 00 00 00 00 4e 00 00 00 12 00 01 00 |.N.|00000770 31 00 00 00 00 00 00 00 1d 00 00 00 00 00 00 00 |1.|00000780 54 00 00 00 12 00 01 00 4e 00 00 00 00 00 00

23、00 |T.N.|00000790 9e 00 00 00 00 00 00 00 59 00 00 00 11 00 f2 ff |.Y.|000007a0 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 |.|000007b0 69 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 |i.|000007c0 00 00 00 00 00 00 00 00 00 70 72 69 6e 74 5f 61 |.print_a|000007d0 64 64 72 65 73 73 2e 63 00 66 75

25、 00 6d 61 69 6e |rintf.func2.main|00000820 00 67 6c 6f 62 61 6c 5f 76 61 72 69 61 62 6c 65 |.global_variable|00000830 00 6d 61 6c 6c 6f 63 00 0d 00 00 00 00 00 00 00 |.malloc.|00000840 0a 00 00 00 06 00 00 00 00 00 00 00 00 00 00 00 |.|00000850 17 00 00 00 00 00 00 00 02 00 00 00 0c 00 00 00 |.|0000

26、0860 fc ff ff ff ff ff ff ff 1c 00 00 00 00 00 00 00 |.|00000870 0a 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 |.|00000880 21 00 00 00 00 00 00 00 0a 00 00 00 06 00 00 00 |!.|00000890 15 00 00 00 00 00 00 00 2b 00 00 00 00 00 00 00 |.+.|000008a0 02 00 00 00 0c 00 00 00 fc ff ff ff ff ff ff ff |.|0

27、00008b0 3e 00 00 00 00 00 00 00 0a 00 00 00 06 00 00 00 |.|000008c0 30 00 00 00 00 00 00 00 48 00 00 00 00 00 00 00 |0.H.|000008d0 02 00 00 00 0c 00 00 00 fc ff ff ff ff ff ff ff |.|000008e0 57 00 00 00 00 00 00 00 0a 00 00 00 0b 00 00 00 |W.|000008f0 00 00 00 00 00 00 00 00 5c 00 00 00 00 00 00 00

28、|.|00000900 0a 00 00 00 06 00 00 00 45 00 00 00 00 00 00 00 |.E.|00000910 66 00 00 00 00 00 00 00 02 00 00 00 0c 00 00 00 |f.|00000920 fc ff ff ff ff ff ff ff 6b 00 00 00 00 00 00 00 |.k.|00000930 0a 00 00 00 0d 00 00 00 00 00 00 00 00 00 00 00 |.|00000940 70 00 00 00 00 00 00 00 0a 00 00 00 06 00 0

29、0 00 |p.|00000950 52 00 00 00 00 00 00 00 7a 00 00 00 00 00 00 00 |R.z.|00000960 02 00 00 00 0c 00 00 00 fc ff ff ff ff ff ff ff |.|.symtab.strtab00000970 7f 00 00 00 00 00 00 00 0a 00 00 00 06 00 00 00 |.|00000980 5f 00 00 00 00 00 00 00 84 00 00 00 00 00 00 00 |_.|00000990 0a 00 00 00 06 00 00 00

30、63 00 00 00 00 00 00 00 |.c.|000009a0 8e 00 00 00 00 00 00 00 02 00 00 00 0c 00 00 00 |.|000009b0 fc ff ff ff ff ff ff ff 93 00 00 00 00 00 00 00 |.|000009c0 0a 00 00 00 0f 00 00 00 00 00 00 00 00 00 00 00 |.|000009d0 98 00 00 00 00 00 00 00 0a 00 00 00 06 00 00 00 |.|000009e0 77 00 00 00 00 00 00 0

31、0 a2 00 00 00 00 00 00 00 |w.|000009f0 02 00 00 00 0c 00 00 00 fc ff ff ff ff ff ff ff |.|00000a00 a7 00 00 00 00 00 00 00 0a 00 00 00 04 00 00 00 |.|00000a10 04 00 00 00 00 00 00 00 ac 00 00 00 00 00 00 00 |.|00000a20 0a 00 00 00 06 00 00 00 8c 00 00 00 00 00 00 00 |.|00000a30 b6 00 00 00 00 00 00

32、00 02 00 00 00 0c 00 00 00 |.|00000a40 fc ff ff ff ff ff ff ff bb 00 00 00 00 00 00 00 |.|00000a50 02 00 00 00 0b 00 00 00 fc ff ff ff ff ff ff ff |.|00000a60 c0 00 00 00 00 00 00 00 02 00 00 00 0d 00 00 00 |.|00000a70 fc ff ff ff ff ff ff ff ca 00 00 00 00 00 00 00 |.|00000a80 02 00 00 00 10 00 00

33、00 fc ff ff ff ff ff ff ff |.|00000a90 d7 00 00 00 00 00 00 00 0a 00 00 00 06 00 00 00 |.|00000aa0 a6 00 00 00 00 00 00 00 e1 00 00 00 00 00 00 00 |.|00000ab0 02 00 00 00 0c 00 00 00 fc ff ff ff ff ff ff ff |.|00000ac0 20 00 00 00 00 00 00 00 0a 00 00 00 02 00 00 00 | .|00000ad0 00 00 00 00 00 00 00

34、 00 40 00 00 00 00 00 00 00 |.|00000ae0 0a 00 00 00 02 00 00 00 31 00 00 00 00 00 00 00 |.1.|00000af0 60 00 00 00 00 00 00 00 0a 00 00 00 02 00 00 00 |.|00000b00 4e 00 00 00 00 00 00 00 |N.|00000b08我们根据表 1 中各个 section 的文件地址范围，对照着 hexdump 所反馈的信息来查看各个section 中的具体内容。如上面标记所示。可以重点关注的 section 包括：.rodata.shstrtab.strtab另，linux 下的 hexdump 工具有些类似于 windows 下的 TDump 工具，二者的功能是一样的。.rela.text.rela.en_frame

展开阅读全文