本文详细解读了glibc2.3中.crt1.o文件的组成与功能,包括start.o、abi-note.o、init.o等源文件的作用,以及它们如何共同构建启动代码并调用用户自定义的main函数。
glibc 2.3 之crt1.o分析
1.crt1.o文件的组成
crt1.o在csu目录下(C StartUp code的缩写)
crt1.o是由以下命令生成的
gcc -nostdlib -nostartfiles -r -o crt1.o start.o abi-note.o init.o
start.o对应的源文件是sysdeps/i386/elf/start.S
abi-note.o对应的源文件是csu/abi-note.S
init.o对应的源文件是csu/init.c
2.start.S
/* Startup code compliant to the ELF i386 ABI.
Copyright (C) 1995,1996,1997,1998,2000,2001 Free Software Foundation, Inc.
This file is part of the GNU C Library.
The GNU C Library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.
The GNU C Library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
License along with the GNU C Library; if not, write to the Free
Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
02111-1307 USA. */
/* This is the canonical entry point, usually the first thing in the text
segment. The SVR4/i386 ABI (pages 3-31, 3-32) says that when the entry
point runs, most registers' values are unspecified, except for:
%edx Contains a function pointer to be registered with `atexit'.
This is how the dynamic linker arranges to have DT_FINI
functions called for shared libraries that have been loaded
before this code runs.
%esp The stack contains the arguments and environment:
0(%esp) argc
4(%esp) argv[0]
...
(4*argc)(%esp) NULL
(4*(argc+1))(%esp) envp[0]
...
NULL
*/
#include "bp-sym.h"//提供宏 # define _BP_SYM(name) name
.text
.globl _start
.type _start,@function
_start:
/* Clear the frame pointer. The ABI suggests this be done, to mark
the outermost frame obviously. 按规定清除%ebp */
xorl %ebp, %ebp
/* Extract the arguments as encoded on the stack and set up
the arguments for `main': argc, argv. 解析argc和argv参数 envp will be determined
later in __libc_start_main. envp由__libc_start_main准备 */
popl %esi /* Pop the argument count. 取argc */
movl %esp, %ecx /* argv starts just at the current stack top.取argv */
/* Before pushing the arguments align the stack to a 16-byte
(SSE needs 16-byte alignment) boundary to avoid penalties from
misaligned accesses. Thanks to Edward Seidl <seidl@janed.com>
for pointing this out. */
andl $0xfffffff0, %esp//向下对齐到16字节边界
pushl %eax /* Push garbage because we allocate
28 more bytes. 后面总共7个push指令,28字节,补上4字节,凑成32字节,组成一个cache line?*/
/* Provide the highest stack address to the user code (for stacks
which grow downwards). 最高栈址*/
pushl %esp
pushl %edx /* Push address of the shared library
termination function. 共享库结束函数*/
/* Push address of our own entry points to .fini and .init. */
pushl $_fini
pushl $_init
pushl %ecx /* Push second argument: argv. */
pushl %esi /* Push first argument: argc. */
pushl $BP_SYM (main)//main函数地址入栈
/* Call the user's main function, and exit with its value.
But let the libc call main. */
call BP_SYM (__libc_start_main)
hlt /* Crash if somehow `exit' does return. __libc_start_main不会返回*/
/* To fulfill the System V/i386 ABI we need this symbol.规定需要这个符号 Yuck, it's so
meaningless since we don't support machines < 80386. */
.section .rodata
.globl _fp_hw
_fp_hw: .long 3
.size _fp_hw, 4
.type _fp_hw,@object
/* Define a symbol for the first piece of initialized data.数据段开始 */
.data
.globl __data_start
__data_start:
.long 0
.weak data_start
data_start = __data_start
3.__libc_start_main函数
在sysdeps/generic/libc-start.c中
函数原型是
extern int BP_SYM (__libc_start_main) (int (*main) (int, char **, char **),
int argc,
char *__unbounded *__unbounded ubp_av,
void (*init) (void),
void (*fini) (void),
void (*rtld_fini) (void),
void *__unbounded stack_end)
__attribute__ ((noreturn));
c语言函数调用使用从后向前的方式入栈,如果要调用__libc_start_main,则
形参入栈顺序是
|<-高地址
stack_end
rtld_fini
fini
init
ubp_av
argc
main
|<-低地址
和前面的push指令正好可以对上
__libc_start_main的执行流程是
如果init不空,调用init
调用main
如果fini不空,调用fini
4.abi-note.S
/* Define an ELF note identifying the operating-system ABI that the
executable was created for.定义一个ELF note用来标识可执行文件使用的操作系统ABI
(Application Binary Interface)
. The ELF note information identifies a
particular OS or coordinated development effort within which the
ELF header's e_machine value plus (for dynamically linked programs)
the PT_INTERP dynamic linker name and DT_NEEDED shared library
names fully identify the runtime environment required by an
executable.ELF note信息标识特定OS或相应的开发工具,在遵从这个ABI的OS或开发工具中,
ELF头部e_machine值加上PT_INTERP动态
连接器名和DT_NEEDED共享库名完全标志可执行文件需要的运行时环境。
The general format of ELF notes is as follows.一般的ELF notes格式如下
Offsets and lengths are bytes or (parenthetical references) to the
values in other fields.偏移和长度是字节为单位,对于括号中的值,他们代表引用其他字段的值
offset length contents
0 4 length of name
4 4 length of data
8 4 note type
12 (0) vendor name
- null-terminated ASCII string, padded to 4-byte alignment
12+(0) (4) note data,
The GNU project and cooperating development efforts (including the
Linux community) use note type 1 and a vendor name string of "GNU"
for a note descriptor that indicates ABI requirements. The note data
GNU项目和相应的开发工具使用note类型1和和生成商名字串"GNU"指示ABI需求.
is four 32-bit words. The first of these is an operating system
note data是4个32位字。
number (0=Linux, 1=Hurd, 2=Solaris, ...) and the remaining three
identify the earliest release of that OS that supports this ABI.
第一个字代表操作系统(0为linux,1为hurd,2为solaris....),剩下的三字代表
支持该ABI的最早操作系统版本.
See abi-tags (top level) for details. */
#include <config.h>
#include <abi-tag.h> /* OS-specific ABI tag value */
/* The linker (GNU ld 2.8 and later) recognizes an allocated section whose
name begins with `.note' and creates a PT_NOTE program header entry
pointing at it. */
.section ".note.ABI-tag", "a"
.align 4
.long 1f - 0f /* name length */
.long 3f - 2f /* data length */
.long 1 /* note type */
0: .asciz "GNU" /* vendor name */
1: .align 4
2: .long __ABI_TAG_OS /* note data: the ABI tag */
.long __ABI_TAG_VERSION
3: .align 4 /* pad out section */
这些ABI_TAG值是
[root@mail /var/root/glibc-2.3/csu]# cat abi-tag.h
#define __ABI_TAG_OS 0
#ifndef __ABI_TAG_VERSION
# define __ABI_TAG_VERSION 2,0,0
#endif
5.init.c
#if defined USE_IN_LIBIO && defined __GNUC__ && __GNUC__ >= 2
#include <_G_config.h>
/* This records which stdio is linked against in the application.
记录哪个stdio被连接
*/
const int _IO_stdin_used = _G_IO_IO_FILE_VERSION;//0x20001
#endif
1.crt1.o文件的组成
crt1.o在csu目录下(C StartUp code的缩写)
crt1.o是由以下命令生成的
gcc -nostdlib -nostartfiles -r -o crt1.o start.o abi-note.o init.o
start.o对应的源文件是sysdeps/i386/elf/start.S
abi-note.o对应的源文件是csu/abi-note.S
init.o对应的源文件是csu/init.c
2.start.S
/* Startup code compliant to the ELF i386 ABI.
Copyright (C) 1995,1996,1997,1998,2000,2001 Free Software Foundation, Inc.
This file is part of the GNU C Library.
The GNU C Library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.
The GNU C Library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
License along with the GNU C Library; if not, write to the Free
Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
02111-1307 USA. */
/* This is the canonical entry point, usually the first thing in the text
segment. The SVR4/i386 ABI (pages 3-31, 3-32) says that when the entry
point runs, most registers' values are unspecified, except for:
%edx Contains a function pointer to be registered with `atexit'.
This is how the dynamic linker arranges to have DT_FINI
functions called for shared libraries that have been loaded
before this code runs.
%esp The stack contains the arguments and environment:
0(%esp) argc
4(%esp) argv[0]
...
(4*argc)(%esp) NULL
(4*(argc+1))(%esp) envp[0]
...
NULL
*/
#include "bp-sym.h"//提供宏 # define _BP_SYM(name) name
.text
.globl _start
.type _start,@function
_start:
/* Clear the frame pointer. The ABI suggests this be done, to mark
the outermost frame obviously. 按规定清除%ebp */
xorl %ebp, %ebp
/* Extract the arguments as encoded on the stack and set up
the arguments for `main': argc, argv. 解析argc和argv参数 envp will be determined
later in __libc_start_main. envp由__libc_start_main准备 */
popl %esi /* Pop the argument count. 取argc */
movl %esp, %ecx /* argv starts just at the current stack top.取argv */
/* Before pushing the arguments align the stack to a 16-byte
(SSE needs 16-byte alignment) boundary to avoid penalties from
misaligned accesses. Thanks to Edward Seidl <seidl@janed.com>
for pointing this out. */
andl $0xfffffff0, %esp//向下对齐到16字节边界
pushl %eax /* Push garbage because we allocate
28 more bytes. 后面总共7个push指令,28字节,补上4字节,凑成32字节,组成一个cache line?*/
/* Provide the highest stack address to the user code (for stacks
which grow downwards). 最高栈址*/
pushl %esp
pushl %edx /* Push address of the shared library
termination function. 共享库结束函数*/
/* Push address of our own entry points to .fini and .init. */
pushl $_fini
pushl $_init
pushl %ecx /* Push second argument: argv. */
pushl %esi /* Push first argument: argc. */
pushl $BP_SYM (main)//main函数地址入栈
/* Call the user's main function, and exit with its value.
But let the libc call main. */
call BP_SYM (__libc_start_main)
hlt /* Crash if somehow `exit' does return. __libc_start_main不会返回*/
/* To fulfill the System V/i386 ABI we need this symbol.规定需要这个符号 Yuck, it's so
meaningless since we don't support machines < 80386. */
.section .rodata
.globl _fp_hw
_fp_hw: .long 3
.size _fp_hw, 4
.type _fp_hw,@object
/* Define a symbol for the first piece of initialized data.数据段开始 */
.data
.globl __data_start
__data_start:
.long 0
.weak data_start
data_start = __data_start
3.__libc_start_main函数
在sysdeps/generic/libc-start.c中
函数原型是
extern int BP_SYM (__libc_start_main) (int (*main) (int, char **, char **),
int argc,
char *__unbounded *__unbounded ubp_av,
void (*init) (void),
void (*fini) (void),
void (*rtld_fini) (void),
void *__unbounded stack_end)
__attribute__ ((noreturn));
c语言函数调用使用从后向前的方式入栈,如果要调用__libc_start_main,则
形参入栈顺序是
|<-高地址
stack_end
rtld_fini
fini
init
ubp_av
argc
main
|<-低地址
和前面的push指令正好可以对上
__libc_start_main的执行流程是
如果init不空,调用init
调用main
如果fini不空,调用fini
4.abi-note.S
/* Define an ELF note identifying the operating-system ABI that the
executable was created for.定义一个ELF note用来标识可执行文件使用的操作系统ABI
(Application Binary Interface)
. The ELF note information identifies a
particular OS or coordinated development effort within which the
ELF header's e_machine value plus (for dynamically linked programs)
the PT_INTERP dynamic linker name and DT_NEEDED shared library
names fully identify the runtime environment required by an
executable.ELF note信息标识特定OS或相应的开发工具,在遵从这个ABI的OS或开发工具中,
ELF头部e_machine值加上PT_INTERP动态
连接器名和DT_NEEDED共享库名完全标志可执行文件需要的运行时环境。
The general format of ELF notes is as follows.一般的ELF notes格式如下
Offsets and lengths are bytes or (parenthetical references) to the
values in other fields.偏移和长度是字节为单位,对于括号中的值,他们代表引用其他字段的值
offset length contents
0 4 length of name
4 4 length of data
8 4 note type
12 (0) vendor name
- null-terminated ASCII string, padded to 4-byte alignment
12+(0) (4) note data,
The GNU project and cooperating development efforts (including the
Linux community) use note type 1 and a vendor name string of "GNU"
for a note descriptor that indicates ABI requirements. The note data
GNU项目和相应的开发工具使用note类型1和和生成商名字串"GNU"指示ABI需求.
is four 32-bit words. The first of these is an operating system
note data是4个32位字。
number (0=Linux, 1=Hurd, 2=Solaris, ...) and the remaining three
identify the earliest release of that OS that supports this ABI.
第一个字代表操作系统(0为linux,1为hurd,2为solaris....),剩下的三字代表
支持该ABI的最早操作系统版本.
See abi-tags (top level) for details. */
#include <config.h>
#include <abi-tag.h> /* OS-specific ABI tag value */
/* The linker (GNU ld 2.8 and later) recognizes an allocated section whose
name begins with `.note' and creates a PT_NOTE program header entry
pointing at it. */
.section ".note.ABI-tag", "a"
.align 4
.long 1f - 0f /* name length */
.long 3f - 2f /* data length */
.long 1 /* note type */
0: .asciz "GNU" /* vendor name */
1: .align 4
2: .long __ABI_TAG_OS /* note data: the ABI tag */
.long __ABI_TAG_VERSION
3: .align 4 /* pad out section */
这些ABI_TAG值是
[root@mail /var/root/glibc-2.3/csu]# cat abi-tag.h
#define __ABI_TAG_OS 0
#ifndef __ABI_TAG_VERSION
# define __ABI_TAG_VERSION 2,0,0
#endif
5.init.c
#if defined USE_IN_LIBIO && defined __GNUC__ && __GNUC__ >= 2
#include <_G_config.h>
/* This records which stdio is linked against in the application.
记录哪个stdio被连接
*/
const int _IO_stdin_used = _G_IO_IO_FILE_VERSION;//0x20001
#endif
扫一扫
2280
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
