ELF文件认知(一)可执行文件的生成

0x00:预处理

以下两条指令可以均可以使源文件(.c)预处理,得到一个源文件(.i)
~$ cat hello.c
#include"stdio.h"
int main()
{
	printf("hello world\n");
}
cpp hello.c >hello.i
gcc -E hello.c -o hello.i
~$ cat hello.i

typedef unsigned char __u_char;
typedef unsigned short int __u_short;
typedef unsigned int __u_int;
typedef unsigned long int __u_long;

extern int fprintf (FILE *__restrict __stream,
      const char *__restrict __format, ...);




extern int printf (const char *__restrict __format, ...);

extern int sprintf (char *__restrict __s,
      const char *__restrict __format, ...) __attribute__ ((__nothrow__));


0x01:编译

编译过程就是将预处理后得到的预处理文件(如 hello.i)进行 词法分析、语法分析、语义分析、优化后,生成汇编代码文件。 由编译器(Compiler)对编译程序处理 从hello.i->hello.s 汇编语言的出现,但CPU认识0和1
gcc -S hello.i -o hello.s
gcc -S hello.c -o hello.s
/usr/lib/gcc/x86_64-linux-gnu/5/cc1 hello.c    //可以用gcc -v来查看gcc的路径及具体问题具体分析。

/usr/lib/gcc/x86_64-linux-gnu/5/cc1 hello.c
 main
Analyzing compilation unit
Performing interprocedural optimizations
 <*free_lang_data> <visibility> <build_ssa_passes> <opt_local_passes> <free-inline-summary> <whole-program> <inline>Assembling functions:
 main
Execution times (seconds)
 phase setup             :   0.00 ( 0%) usr   0.00 ( 0%) sys   0.03 (16%) wall    1093 kB (65%) ggc
 phase parsing           :   0.01 (100%) usr   0.01 (33%) sys   0.05 (26%) wall     520 kB (31%) ggc
 phase opt and generate  :   0.00 ( 0%) usr   0.02 (67%) sys   0.10 (53%) wall      56 kB ( 3%) ggc
 ipa inlining heuristics :   0.00 ( 0%) usr   0.00 ( 0%) sys   0.01 ( 5%) wall       0 kB ( 0%) ggc
 preprocessing           :   0.00 ( 0%) usr   0.01 (33%) sys   0.03 (16%) wall     218 kB (13%) ggc
 parser (global)         :   0.01 (100%) usr   0.00 ( 0%) sys   0.00 ( 0%) wall     286 kB (17%) ggc
 parser struct body      :   0.00 ( 0%) usr   0.00 ( 0%) sys   0.01 ( 5%) wall      12 kB ( 1%) ggc
 parser function body    :   0.00 ( 0%) usr   0.00 ( 0%) sys   0.01 ( 5%) wall       2 kB ( 0%) ggc
 tree gimplify           :   0.00 ( 0%) usr   0.01 (33%) sys   0.01 ( 5%) wall       2 kB ( 0%) ggc
 tree CFG construction   :   0.00 ( 0%) usr   0.00 ( 0%) sys   0.01 ( 5%) wall       1 kB ( 0%) ggc
 expand                  :   0.00 ( 0%) usr   0.00 ( 0%) sys   0.01 ( 5%) wall       2 kB ( 0%) ggc
 integrated RA           :   0.00 ( 0%) usr   0.00 ( 0%) sys   0.01 ( 5%) wall      24 kB ( 1%) ggc
 LRA non-specific        :   0.00 ( 0%) usr   0.00 ( 0%) sys   0.01 ( 5%) wall       0 kB ( 0%) ggc
 shorten branches        :   0.00 ( 0%) usr   0.00 ( 0%) sys   0.01 ( 5%) wall       0 kB ( 0%) ggc
 rest of compilation     :   0.00 ( 0%) usr   0.00 ( 0%) sys   0.01 ( 5%) wall      14 kB ( 1%) ggc
 unaccounted todo        :   0.00 ( 0%) usr   0.01 (33%) sys   0.01 ( 5%) wall       0 kB ( 0%) ggc
 TOTAL                 :   0.01             0.03             0.19               1686 kB
chen@ubuntu:~$ cat hello.s
	.file	"hello.c"
	.section	.rodata
.LC0:
	.string	"hello world"
	.text
	.globl	main
	.type	main, @function
main:
.LFB0:
	.cfi_startproc
	pushq	%rbp
	.cfi_def_cfa_offset 16
	.cfi_offset 6, -16
	movq	%rsp, %rbp
	.cfi_def_cfa_register 6
	movl	$.LC0, %edi
	call	puts
	movl	$0, %eax
	popq	%rbp
	.cfi_def_cfa 7, 8
	ret
	.cfi_endproc
.LFE0:
	.size	main, .-main
	.ident	"GCC: (Ubuntu 5.4.0-6ubuntu1~16.04.12) 5.4.0 20160609"
	.section	.note.GNU-stack,"",@progbits

0x03:汇编

汇编语言-->机器指令 此处产生的hello.o是二进制文件,可重定位目标文件
as hello.s -o hello.o
gcc –c hello.s –o hello.o
gcc –c hello.c –o hello.o

0x04:链接

多个.o文件链接产生可执行文件 将a.0与b.o链接成可执行文件
gcc -static -o proc  a.o b.o
ld  -static -o proc  a.o b.o

从磁盘映射到虚拟空间

参考:
https://www.cnblogs.com/chenxuming/p/9695614.html#_label0
https://www.icourse163.org/learn/NJU-1001625001?tid=1450235471#/learn/content?type=detail&id=1214459041&cid=1218123927

posted @ 2020-04-06 22:30  zer0_1s  阅读(1099)  评论(0编辑  收藏  举报