［学习过程记录］目标文件内部是什么样子的

1。源程序：

/*
* SimpleSection.c
*
* Linux:
* gcc -c SimpleSection.c
*
* Windows:
* cl SimpleSection.c /c /Za
*/

int printf(const char* format, …);

int global_init_var = 84;
int global_uninit_var;

void func1( int i )
{
printf( "%dn", i );
}

int main( void )
{
static int static_var = 85;
static int static_var2;

int a = 1;
int b;

func1( static_var + static_var2 + a + b);

return a;
}
保存为SimpleSection.c
2。编译：
gcc -c SimpleSection.c
生成SimpleSection.o：
crifan@ubuntu904:~/develop/before_main_func/segment$ ls -la
总用量 16
drwxr-xr-x 2 crifan crifan 4096 2009-09-06 00:55 .
drwxr-xr-x 3 crifan crifan 4096 2009-09-06 00:46 ..
-rw-r–r– 1 crifan crifan 406 2009-09-06 00:52 SimpleSection.c
-rw-r–r– 1 crifan crifan 1100 2009-09-06 00:55 SimpleSection.o

大小为1100字节。

3。用objdump查看详细信息，其中-h显示各个段的基本信息：
crifan@ubuntu904:~/develop/before_main_func/segment$ objdump -h SimpleSection.o

SimpleSection.o: file format elf32-i386

其中，objdump的详细用法：
crifan@ubuntu904:~/develop/before_main_func/segment$ objdump –help
Usage: objdump <option(s)> <file(s)>
Display information from object <file(s)>.
At least one of the following switches must be given:
-a, –archive-headers    Display archive header information
-f, –file-headers       Display the contents of the overall file header
-p, –private-headers    Display object format specific file header contents
-h, –[section-]headers Display the contents of the section headers
-x, –all-headers        Display the contents of all headers
-d, –disassemble        Display assembler contents of executable sections
-D, –disassemble-all    Display assembler contents of all sections
-S, –source             Intermix source code with disassembly
-s, –full-contents      Display the full contents of all sections requested
-g, –debugging          Display debug information in object file
-e, –debugging-tags     Display debug information using ctags style
-G, –stabs              Display (in raw form) any STABS info in the file
-W, –dwarf              Display DWARF info in the file
-t, –syms               Display the contents of the symbol table(s)
-T, –dynamic-syms       Display the contents of the dynamic symbol table
-r, –reloc              Display the relocation entries in the file
-R, –dynamic-reloc      Display the dynamic relocation entries in the file
@<file>                  Read options from <file>
-v, –version            Display this program’s version number
-i, –info               List object formats and architectures supported
-H, –help               Display this information

The following switches are optional:
-b, –target=BFDNAME           Specify the target object format as BFDNAME
-m, –architecture=MACHINE     Specify the target architecture as MACHINE
-j, –section=NAME             Only display information for section NAME
-M, –disassembler-options=OPT Pass text OPT on to the disassembler
-EB –endian=big               Assume big endian format when disassembling
-EL –endian=little            Assume little endian format when disassembling
–file-start-context       Include context from start of file (with -S)
-I, –include=DIR              Add DIR to search list for source files
-l, –line-numbers             Include line numbers and filenames in output
-F, –file-offsets             Include file offsets when displaying information
-C, –demangle[=STYLE]         Decode mangled/processed symbol names
The STYLE, if specified, can be `auto’, `gnu’,
`lucid’, `arm’, `hp’, `edg’, `gnu-v3′, `java’
or `gnat’
-w, –wide                     Format output for more than 80 columns
-z, –disassemble-zeroes       Do not skip blocks of zeroes when disassembling
–start-address=ADDR       Only process data whose address is >= ADDR
–stop-address=ADDR        Only process data whose address is <= ADDR
–prefix-addresses         Print complete address alongside disassembly
–[no-]show-raw-insn       Display hex alongside symbolic disassembly
–adjust-vma=OFFSET        Add OFFSET to all displayed section addresses
–special-syms             Include special symbols in symbol dumps

objdump: supported targets: elf32-i386 a.out-i386-linux efi-app-ia32 efi-bsdrv-ia32 efi-rtdrv-ia32 elf32-little elf32-big elf64-x86-64 efi-app-x86_64 efi-bsdrv-x86_64 efi-rtdrv-x86_64 elf64-little elf64-big srec symbolsrec tekhex binary ihex trad-core
objdump: supported architectures: i386 i386:x86-64 i8086 i386:intel i386:x86-64:intel

The following i386/x86-64 specific disassembler options are supported for use
with the -M switch (multiple options should be separated by commas):
x86-64      Disassemble in 64bit mode
i386        Disassemble in 32bit mode
i8086       Disassemble in 16bit mode
att         Display instruction in AT&T syntax
intel       Display instruction in Intel syntax
att-mnemonic
Display instruction in AT&T mnemonic
intel-mnemonic
Display instruction in Intel mnemonic
addr64      Assume 64bit address size
addr32      Assume 32bit address size
addr16      Assume 16bit address size
data32      Assume 32bit data size
data16      Assume 16bit data size
suffix      Always display instruction suffix in AT&T syntax
Report bugs to <http://www.sourceware.org/bugzilla/>.

比如只显示头信息：
crifan@ubuntu904:~/develop/before_main_func/segment$ objdump -f SimpleSection.o

SimpleSection.o: file format elf32-i386
architecture: i386, flags 0x00000011:
HAS_RELOC, HAS_SYMS
start address 0x00000000

－x是显示所有段的详细信息：
crifan@ubuntu904:~/develop/before_main_func/segment$ objdump -x SimpleSection.o

SimpleSection.o: file format elf32-i386
SimpleSection.o
architecture: i386, flags 0x00000011:
HAS_RELOC, HAS_SYMS
start address 0x00000000

Sections:
Idx Name          Size      VMA       LMA       File off Algn
0 .text         0000005b 00000000 00000000 00000034 2**2
CONTENTS, ALLOC, LOAD, RELOC, READONLY, CODE
1 .data         00000008 00000000 00000000 00000090 2**2
CONTENTS, ALLOC, LOAD, DATA
2 .bss          00000004 00000000 00000000 00000098 2**2
ALLOC
3 .rodata       00000004 00000000 00000000 00000098 2**0
CONTENTS, ALLOC, LOAD, READONLY, DATA
4 .comment      00000024 00000000 00000000 0000009c 2**0
CONTENTS, READONLY
5 .note.GNU-stack 00000000 00000000 00000000 000000c0 2**0
CONTENTS, READONLY
SYMBOL TABLE:
00000000 l    df *ABS*    00000000 SimpleSection.c
00000000 l    d .text    00000000 .text
00000000 l    d .data    00000000 .data
00000000 l    d .bss    00000000 .bss
00000000 l    d .rodata    00000000 .rodata
00000000 l     O .bss    00000004 static_var2.1202
00000004 l     O .data    00000004 static_var.1201
00000000 l    d .note.GNU-stack    00000000 .note.GNU-stack
00000000 l    d .comment    00000000 .comment
00000000 g     O .data    00000004 global_init_var
00000000 g     F .text    0000001b func1
00000000         *UND*    00000000 printf
0000001b g     F .text    00000040 main
00000004       O *COM*    00000004 global_uninit_var

RELOCATION RECORDS FOR [.text]:
OFFSET   TYPE              VALUE
00000010 R_386_32          .rodata
00000015 R_386_PC32        printf
00000035 R_386_32          .data
0000003a R_386_32          .bss
0000004b R_386_PC32        func1

用size工具，查看文件的各个段的大小：
crifan@ubuntu904:~/develop/before_main_func/segment$ size SimpleSection.o
text data bss dec hex filename
95 8 4 107 6b SimpleSection.o

比较常用的工具之一：objdump：
crifan@ubuntu904:~$ objdump –help
Usage: objdump <option(s)> <file(s)>
Display information from object <file(s)>.
At least one of the following switches must be given:
-a, –archive-headers    Display archive header information
-f, –file-headers       Display the contents of the overall file header
-p, –private-headers    Display object format specific file header contents
-h, –[section-]headers Display the contents of the section headers
-x, –all-headers        Display the contents of all headers
-d, –disassemble        Display assembler contents of executable sections
-D, –disassemble-all    Display assembler contents of all sections
-S, –source             Intermix source code with disassembly
-s, –full-contents      Display the full contents of all sections requested
-g, –debugging          Display debug information in object file
-e, –debugging-tags     Display debug information using ctags style
-G, –stabs              Display (in raw form) any STABS info in the file
-W, –dwarf              Display DWARF info in the file
-t, –syms               Display the contents of the symbol table(s)
-T, –dynamic-syms       Display the contents of the dynamic symbol table
-r, –reloc              Display the relocation entries in the file
-R, –dynamic-reloc      Display the dynamic relocation entries in the file
@<file>                  Read options from <file>
-v, –version            Display this program’s version number
-i, –info               List object formats and architectures supported
-H, –help               Display this information

试试，效果如何：
crifan@ubuntu904:segment$ objdump -x -s -d SimpleSection.o

SimpleSection.o: file format elf32-i386
SimpleSection.o
architecture: i386, flags 0x00000011:
HAS_RELOC, HAS_SYMS
start address 0x00000000

Contents of section .text:
0000 5589e583 ec088b45 08894424 04c70424 U……E..D$…$
0010 00000000 e8fcffff ffc9c38d 4c240483 …………L$..
0020 e4f0ff71 fc5589e5 5183ec14 c745f801 …q.U..Q….E..
0030 0000008b 15040000 00a10000 00008d04 …………….
0040 020345f8 0345f489 0424e8fc ffffff8b ..E..E…$……
0050 45f883c4 14595d8d 61fcc3             E….Y].a..
Contents of section .data:
0000 54000000 55000000                    T…U…
Contents of section .rodata:
0000 25640a00                             %d..
Contents of section .comment:
0000 00474343 3a202855 62756e74 7520342e .GCC: (Ubuntu 4.
0010 332e332d 35756275 6e747534 2920342e 3.3-5ubuntu4) 4.
0020 332e3300                             3.3.

Disassembly of section .text:

00000000 <func1>:
0:    55                       push   %ebp
1:    89 e5                    mov    %esp,%ebp
3:    83 ec 08                 sub    $0x8,%esp
6:    8b 45 08                 mov    0x8(%ebp),%eax
9:    89 44 24 04              mov    %eax,0x4(%esp)
d:    c7 04 24 00 00 00 00     movl   $0x0,(%esp)
10: R_386_32    .rodata
14:    e8 fc ff ff ff           call   15 <func1+0x15>
15: R_386_PC32    printf
19:    c9                       leave
1a:    c3                       ret

0000001b <main>:
1b:    8d 4c 24 04              lea    0x4(%esp),%ecx
1f:    83 e4 f0                 and    $0xfffffff0,%esp
22:    ff 71 fc                 pushl -0x4(%ecx)
25:    55                       push   %ebp
26:    89 e5                    mov    %esp,%ebp
28:    51                       push   %ecx
29:    83 ec 14                 sub    $0x14,%esp
2c:    c7 45 f8 01 00 00 00     movl   $0x1,-0x8(%ebp)
33:    8b 15 04 00 00 00        mov    0x4,%edx
35: R_386_32    .data
39:    a1 00 00 00 00           mov    0x0,%eax
3a: R_386_32    .bss
3e:    8d 04 02                 lea    (%edx,%eax,1),%eax
41:    03 45 f8                 add    -0x8(%ebp),%eax
44:    03 45 f4                 add    -0xc(%ebp),%eax
47:    89 04 24                 mov    %eax,(%esp)
4a:    e8 fc ff ff ff           call   4b <main+0x30>
4b: R_386_PC32    func1
4f:    8b 45 f8                 mov    -0x8(%ebp),%eax
52:    83 c4 14                 add    $0x14,%esp
55:    59                       pop    %ecx
56:    5d                       pop    %ebp
57:    8d 61 fc                 lea    -0x4(%ecx),%esp
5a:    c3                       ret

其中-s表示显示所有内容信息，x表示所有头信息，-d表示反汇编。

找了个jpg的图片，然后：
crifan@ubuntu904:pic$ objcopy -I binary -O elf32-i386 -B i386 qqhead.jpg qqhead.o
就把一个图片制作成一个目标文件了。

crifan@ubuntu904:pic$ ls -la
总用量 24
drwxr-xr-x 2 crifan crifan 4096 2009-09-28 23:41 .
drwxr-xr-x 3 crifan crifan 4096 2009-09-28 23:34 ..
-rw-r–r– 1 crifan crifan 5245 2009-09-28 23:34 qqhead.jpg
-rw-r–r– 1 crifan crifan 5685 2009-09-28 23:41 qqhead.o

crifan@ubuntu904:pic$ file qqhead.o
qqhead.o: ELF 32-bit LSB relocatable, Intel 80386, version 1 (SYSV), not stripped

crifan@ubuntu904:pic$ objdump -ht qqhead.o

qqhead.o: file format elf32-i386

Sections:
Idx Name          Size      VMA       LMA       File off Algn
0 .data         0000147d 00000000 00000000 00000034 2**0
CONTENTS, ALLOC, LOAD, DATA
SYMBOL TABLE:
00000000 l    d .data    00000000 .data
00000000 g       .data    00000000 _binary_qqhead_jpg_start
0000147d g       .data    00000000 _binary_qqhead_jpg_end
0000147d g       *ABS*    00000000 _binary_qqhead_jpg_size

其中0x147d=5245，就是
-rw-r–r– 1 crifan crifan 5245 2009-09-28 23:34 qqhead.jpg
中显示出来的，jpg图片文件的大小。

用readelf工具查看elf可执行文件的信息：
crifan@ubuntu904:segment$ readelf -h SimpleSection.o
ELF Header:
Magic:   7f 45 4c 46 01 01 01 00 00 00 00 00 00 00 00 00
Class:                             ELF32
Data:                              2’s complement, little endian
Version:                           1 (current)
OS/ABI:                            UNIX – System V
ABI Version:                       0
Type:                              REL (Relocatable file)
Machine:                           Intel 80386
Version:                           0x1
Entry point address:               0x0
Start of program headers:          0 (bytes into file)
Start of section headers:          276 (bytes into file)
Flags:                             0x0
Size of this header:               52 (bytes)
Size of program headers:           0 (bytes)
Number of program headers:         0
Size of section headers:           40 (bytes)
Number of section headers:         11
Section header string table index: 8

用readelf查看文件里面的段的信息：
crifan@ubuntu904:segment$ readelf -S SimpleSection.o
There are 11 section headers, starting at offset 0x114:

Section Headers:
[Nr] Name              Type            Addr     Off    Size   ES Flg Lk Inf Al
[ 0]                   NULL            00000000 000000 000000 00      0   0 0
[ 1] .text             PROGBITS        00000000 000034 00005b 00 AX 0   0 4
[ 2] .rel.text         REL             00000000 000424 000028 08      9   1 4
[ 3] .data             PROGBITS        00000000 000090 000008 00 WA 0   0 4
[ 4] .bss              NOBITS          00000000 000098 000004 00 WA 0   0 4
[ 5] .rodata           PROGBITS        00000000 000098 000004 00   A 0   0 1
[ 6] .comment          PROGBITS        00000000 00009c 000024 00      0   0 1
[ 7] .note.GNU-stack   PROGBITS        00000000 0000c0 000000 00      0   0 1
[ 8] .shstrtab         STRTAB          00000000 0000c0 000051 00      0   0 1
[ 9] .symtab           SYMTAB          00000000 0002cc 0000f0 10     10 10 4
[10] .strtab           STRTAB          00000000 0003bc 000066 00      0   0 1
Key to Flags:
W (write), A (alloc), X (execute), M (merge), S (strings)
I (info), L (link order), G (group), x (unknown)
O (extra OS processing required) o (OS specific), p (processor specific)

用nm查看目标文件里面所包含的符号（变量）：
crifan@ubuntu904:segment$ nm SimpleSection.o
00000000 T func1
00000000 D global_init_var
00000004 C global_uninit_var
0000001b T main
U printf
00000004 d static_var.1201
00000000 b static_var2.1202

打印出elf里面的符号：
crifan@ubuntu904:segment$ readelf -s SimpleSection.o

Symbol table ‘.symtab’ contains 15 entries:
Num:    Value Size Type    Bind   Vis      Ndx Name
0: 00000000     0 NOTYPE LOCAL DEFAULT UND
1: 00000000     0 FILE    LOCAL DEFAULT ABS SimpleSection.c
2: 00000000     0 SECTION LOCAL DEFAULT    1
3: 00000000     0 SECTION LOCAL DEFAULT    3
4: 00000000     0 SECTION LOCAL DEFAULT    4
5: 00000000     0 SECTION LOCAL DEFAULT    5
6: 00000000     4 OBJECT LOCAL DEFAULT    4 static_var2.1202
7: 00000004     4 OBJECT LOCAL DEFAULT    3 static_var.1201
8: 00000000     0 SECTION LOCAL DEFAULT    7
9: 00000000     0 SECTION LOCAL DEFAULT    6
10: 00000000     4 OBJECT GLOBAL DEFAULT    3 global_init_var
11: 00000000    27 FUNC    GLOBAL DEFAULT    1 func1
12: 00000000     0 NOTYPE GLOBAL DEFAULT UND printf
13: 0000001b    64 FUNC    GLOBAL DEFAULT    1 main
14: 00000004     4 OBJECT GLOBAL DEFAULT COM global_uninit_var

转载请注明：在路上 » ［学习过程记录］目标文件内部是什么样子的

Post Views: 995

［学习过程记录］目标文件内部是什么样子的

与本文相关的文章

Hi，您需要填写昵称和邮箱！