ELF文件认知(一)可执行文件的生成
0x00:预处理
以下两条指令可以均可以使源文件(.c)预处理,得到一个源文件(.i)~$ cat hello.c
#include"stdio.h"
int main()
{
printf("hello world\n");
}
cpp hello.c >hello.i
gcc -E hello.c -o hello.i
~$ cat hello.i
typedef unsigned char __u_char;
typedef unsigned short int __u_short;
typedef unsigned int __u_int;
typedef unsigned long int __u_long;
extern int fprintf (FILE *__restrict __stream,
const char *__restrict __format, ...);
extern int printf (const char *__restrict __format, ...);
extern int sprintf (char *__restrict __s,
const char *__restrict __format, ...) __attribute__ ((__nothrow__));
0x01:编译
编译过程就是将预处理后得到的预处理文件(如 hello.i)进行 词法分析、语法分析、语义分析、优化后,生成汇编代码文件。 由编译器(Compiler)对编译程序处理 从hello.i->hello.s 汇编语言的出现,但CPU认识0和1gcc -S hello.i -o hello.s
gcc -S hello.c -o hello.s
/usr/lib/gcc/x86_64-linux-gnu/5/cc1 hello.c //可以用gcc -v来查看gcc的路径及具体问题具体分析。
/usr/lib/gcc/x86_64-linux-gnu/5/cc1 hello.c
main
Analyzing compilation unit
Performing interprocedural optimizations
<*free_lang_data> <visibility> <build_ssa_passes> <opt_local_passes> <free-inline-summary> <whole-program> <inline>Assembling functions:
main
Execution times (seconds)
phase setup : 0.00 ( 0%) usr 0.00 ( 0%) sys 0.03 (16%) wall 1093 kB (65%) ggc
phase parsing : 0.01 (100%) usr 0.01 (33%) sys 0.05 (26%) wall 520 kB (31%) ggc
phase opt and generate : 0.00 ( 0%) usr 0.02 (67%) sys 0.10 (53%) wall 56 kB ( 3%) ggc
ipa inlining heuristics : 0.00 ( 0%) usr 0.00 ( 0%) sys 0.01 ( 5%) wall 0 kB ( 0%) ggc
preprocessing : 0.00 ( 0%) usr 0.01 (33%) sys 0.03 (16%) wall 218 kB (13%) ggc
parser (global) : 0.01 (100%) usr 0.00 ( 0%) sys 0.00 ( 0%) wall 286 kB (17%) ggc
parser struct body : 0.00 ( 0%) usr 0.00 ( 0%) sys 0.01 ( 5%) wall 12 kB ( 1%) ggc
parser function body : 0.00 ( 0%) usr 0.00 ( 0%) sys 0.01 ( 5%) wall 2 kB ( 0%) ggc
tree gimplify : 0.00 ( 0%) usr 0.01 (33%) sys 0.01 ( 5%) wall 2 kB ( 0%) ggc
tree CFG construction : 0.00 ( 0%) usr 0.00 ( 0%) sys 0.01 ( 5%) wall 1 kB ( 0%) ggc
expand : 0.00 ( 0%) usr 0.00 ( 0%) sys 0.01 ( 5%) wall 2 kB ( 0%) ggc
integrated RA : 0.00 ( 0%) usr 0.00 ( 0%) sys 0.01 ( 5%) wall 24 kB ( 1%) ggc
LRA non-specific : 0.00 ( 0%) usr 0.00 ( 0%) sys 0.01 ( 5%) wall 0 kB ( 0%) ggc
shorten branches : 0.00 ( 0%) usr 0.00 ( 0%) sys 0.01 ( 5%) wall 0 kB ( 0%) ggc
rest of compilation : 0.00 ( 0%) usr 0.00 ( 0%) sys 0.01 ( 5%) wall 14 kB ( 1%) ggc
unaccounted todo : 0.00 ( 0%) usr 0.01 (33%) sys 0.01 ( 5%) wall 0 kB ( 0%) ggc
TOTAL : 0.01 0.03 0.19 1686 kB
chen@ubuntu:~$ cat hello.s
.file "hello.c"
.section .rodata
.LC0:
.string "hello world"
.text
.globl main
.type main, @function
main:
.LFB0:
.cfi_startproc
pushq %rbp
.cfi_def_cfa_offset 16
.cfi_offset 6, -16
movq %rsp, %rbp
.cfi_def_cfa_register 6
movl $.LC0, %edi
call puts
movl $0, %eax
popq %rbp
.cfi_def_cfa 7, 8
ret
.cfi_endproc
.LFE0:
.size main, .-main
.ident "GCC: (Ubuntu 5.4.0-6ubuntu1~16.04.12) 5.4.0 20160609"
.section .note.GNU-stack,"",@progbits
0x03:汇编
汇编语言-->机器指令 此处产生的hello.o是二进制文件,可重定位目标文件as hello.s -o hello.o
gcc –c hello.s –o hello.o
gcc –c hello.c –o hello.o
0x04:链接
多个.o文件链接产生可执行文件 将a.0与b.o链接成可执行文件gcc -static -o proc a.o b.o
ld -static -o proc a.o b.o
从磁盘映射到虚拟空间
参考:
https://www.cnblogs.com/chenxuming/p/9695614.html#_label0
https://www.icourse163.org/learn/NJU-1001625001?tid=1450235471#/learn/content?type=detail&id=1214459041&cid=1218123927
zer0_1s