操作系统:ubuntu10.04
前言:
在偏底层的开发中,需要了解程序的是如何存储的。
一,架构
一个典型的Linux C程序内存空间由如下几部分组成:
代码段(.text):这里存放的是CPU要执行的指令。代码段是可共享的,相同的代码在内存中只会有一个拷贝,同时这个段是只读的,防止程序由于错误而修改自身的指令。
初始化数据段(.data):这里存放的是程序中需要明确赋初始值的变量,例如位于所有函数之外的全局变量:int val=100。需要强调的是,以上两段都是位于程序的可执行文件中,内核在调用exec函数启动该程序时从源程序文件中读入。
未初始化数据段(.bss):位于这一段中的数据,内核在执行该程序前,将其初始化为0或者null。例如出现在任何函数之外的全局变量:int sum;
堆(Heap):这个段用于在程序中进行动态内存申请,例如经常用到的malloc,new系列函数就是从这个段中申请内存。
栈(Stack):函数中的局部变量以及在函数调用过程中产生的临时变量都保存在此段中。
二,实例
-
#include <stdio.h>
-
#include <stdlib.h>
-
-
-
int global_init_var = 84; //已初始化的全局变量
-
int global_uninit_var; //未初始化的全局变量
-
char *str1 = "hello world!"; //字符串常量
-
-
void func1(int i)
-
{
-
printf("%d\n", i);
-
}
-
-
int main(void)
-
{
-
static int static_var = 85; //已初始化的静态局部变量
-
static int static_var2; //未初始化的静态局部变量
-
char *str2 = "22222"; //字符串常量
-
-
int a = 1;
-
int b;
-
-
char *ptr_stack = NULL;
-
char *ptr_heap = NULL;
-
-
ptr_stack = alloca(100);
-
printf("ptr_stack : %p\n",ptr_stack);
-
printf("a : %p\n",&a);
-
printf("b : %p\n",&b);
-
-
ptr_heap = malloc(100);
-
printf("ptr_heap : %p\n",ptr_heap);
-
free(ptr_heap);
-
-
printf("static_var : %p\n",&static_var);
-
printf("global_init_var : %p\n",&global_init_var);
-
printf("global_uninit_var : %p\n",&global_uninit_var);
-
printf("static_var2 : %p\n",&static_var2);
-
printf("str2 : %p\n",str2);
-
printf("str1 : %p\n",str1);
-
-
-
func1(static_var+static_var2+a+b);
-
-
return a;
-
}
#gcc memory.c -o m
#objdump -d m > m.dis
-
m: file format elf32-i386
-
-
-
Disassembly of section .init:
-
-
0804834c <_init>:
-
804834c: 55 push %ebp
-
804834d: 89 e5 mov %esp,%ebp
-
804834f: 53 push %ebx
-
8048350: 83 ec 04 sub $0x4,%esp
-
8048353: e8 00 00 00 00 call 8048358 <_init+0xc>
-
8048358: 5b pop %ebx
-
8048359: 81 c3 9c 1c 00 00 add $0x1c9c,%ebx
-
804835f: 8b 93 fc ff ff ff mov -0x4(%ebx),%edx
-
8048365: 85 d2 test %edx,%edx
-
8048367: 74 05 je 804836e <_init+0x22>
-
8048369: e8 1e 00 00 00 call 804838c <__gmon_start__@plt>
-
804836e: e8 0d 01 00 00 call 8048480 <frame_dummy>
-
8048373: e8 88 02 00 00 call 8048600 <__do_global_ctors_aux>
-
8048378: 58 pop %eax
-
8048379: 5b pop %ebx
-
804837a: c9 leave
-
804837b: c3 ret
-
-
Disassembly of section .plt:
-
-
0804837c <__gmon_start__@plt-0x10>:
-
804837c: ff 35 f8 9f 04 08 pushl 0x8049ff8
-
8048382: ff 25 fc 9f 04 08 jmp *0x8049ffc
-
8048388: 00 00 add %al,(%eax)
-
...
-
-
0804838c <__gmon_start__@plt>:
-
804838c: ff 25 00 a0 04 08 jmp *0x804a000
-
8048392: 68 00 00 00 00 push $0x0
-
8048397: e9 e0 ff ff ff jmp 804837c <_init+0x30>
-
-
0804839c <__libc_start_main@plt>:
-
804839c: ff 25 04 a0 04 08 jmp *0x804a004
-
80483a2: 68 08 00 00 00 push $0x8
-
80483a7: e9 d0 ff ff ff jmp 804837c <_init+0x30>
-
-
080483ac <free@plt>:
-
80483ac: ff 25 08 a0 04 08 jmp *0x804a008
-
80483b2: 68 10 00 00 00 push $0x10
-
80483b7: e9 c0 ff ff ff jmp 804837c <_init+0x30>
-
-
080483bc <printf@plt>:
-
80483bc: ff 25 0c a0 04 08 jmp *0x804a00c
-
80483c2: 68 18 00 00 00 push $0x18
-
80483c7: e9 b0 ff ff ff jmp 804837c <_init+0x30>
-
-
080483cc <malloc@plt>:
-
80483cc: ff 25 10 a0 04 08 jmp *0x804a010
-
80483d2: 68 20 00 00 00 push $0x20
-
80483d7: e9 a0 ff ff ff jmp 804837c <_init+0x30>
-
-
080483dc <__stack_chk_fail@plt>:
-
80483dc: ff 25 14 a0 04 08 jmp *0x804a014
-
80483e2: 68 28 00 00 00 push $0x28
-
80483e7: e9 90 ff ff ff jmp 804837c <_init+0x30>
-
-
Disassembly of section .text:
-
-
080483f0 <_start>:
-
80483f0: 31 ed xor %ebp,%ebp
-
80483f2: 5e pop %esi
-
80483f3: 89 e1 mov %esp,%ecx
-
80483f5: 83 e4 f0 and $0xfffffff0,%esp
-
80483f8: 50 push %eax
-
80483f9: 54 push %esp
-
80483fa: 52 push %edx
-
80483fb: 68 90 85 04 08 push $0x8048590
-
8048400: 68 a0 85 04 08 push $0x80485a0
-
8048405: 51 push %ecx
-
8048406: 56 push %esi
-
8048407: 68 c0 84 04 08 push $0x80484c0
-
804840c: e8 8b ff ff ff call 804839c <__libc_start_main@plt>
-
8048411: f4 hlt
-
8048412: 90 nop
-
8048413: 90 nop
-
8048414: 90 nop
-
8048415: 90 nop
-
8048416: 90 nop
-
8048417: 90 nop
-
8048418: 90 nop
-
8048419: 90 nop
-
804841a: 90 nop
-
804841b: 90 nop
-
804841c: 90 nop
-
804841d: 90 nop
-
804841e: 90 nop
-
804841f: 90 nop
-
-
08048420 <__do_global_dtors_aux>:
-
8048420: 55 push %ebp
-
8048421: 89 e5 mov %esp,%ebp
-
8048423: 53 push %ebx
-
8048424: 83 ec 04 sub $0x4,%esp
-
8048427: 80 3d 2c a0 04 08 00 cmpb $0x0,0x804a02c
-
804842e: 75 3f jne 804846f <__do_global_dtors_aux+0x4f>
-
8048430: a1 30 a0 04 08 mov 0x804a030,%eax
-
8048435: bb 18 9f 04 08 mov $0x8049f18,%ebx
-
804843a: 81 eb 14 9f 04 08 sub $0x8049f14,%ebx
-
8048440: c1 fb 02 sar $0x2,%ebx
-
8048443: 83 eb 01 sub $0x1,%ebx
-
8048446: 39 d8 cmp %ebx,%eax
-
8048448: 73 1e jae 8048468 <__do_global_dtors_aux+0x48>
-
804844a: 8d b6 00 00 00 00 lea 0x0(%esi),%esi
-
8048450: 83 c0 01 add $0x1,%eax
-
8048453: a3 30 a0 04 08 mov %eax,0x804a030
-
8048458: ff 14 85 14 9f 04 08 call *0x8049f14(,%eax,4)
-
804845f: a1 30 a0 04 08 mov 0x804a030,%eax
-
8048464: 39 d8 cmp %ebx,%eax
-
8048466: 72 e8 jb 8048450 <__do_global_dtors_aux+0x30>
-
8048468: c6 05 2c a0 04 08 01 movb $0x1,0x804a02c
-
804846f: 83 c4 04 add $0x4,%esp
-
8048472: 5b pop %ebx
-
8048473: 5d pop %ebp
-
8048474: c3 ret
-
8048475: 8d 74 26 00 lea 0x0(%esi,%eiz,1),%esi
-
8048479: 8d bc 27 00 00 00 00 lea 0x0(%edi,%eiz,1),%edi
-
-
08048480 <frame_dummy>:
-
8048480: 55 push %ebp
-
8048481: 89 e5 mov %esp,%ebp
-
8048483: 83 ec 18 sub $0x18,%esp
-
8048486: a1 1c 9f 04 08 mov 0x8049f1c,%eax
-
804848b: 85 c0 test %eax,%eax
-
804848d: 74 12 je 80484a1 <frame_dummy+0x21>
-
804848f: b8 00 00 00 00 mov $0x0,%eax
-
8048494: 85 c0 test %eax,%eax
-
8048496: 74 09 je 80484a1 <frame_dummy+0x21>
-
8048498: c7 04 24 1c 9f 04 08 movl $0x8049f1c,(%esp)
-
804849f: ff d0 call *%eax
-
80484a1: c9 leave
-
80484a2: c3 ret
-
80484a3: 90 nop
-
-
080484a4 <func1>:
-
80484a4: 55 push %ebp
-
80484a5: 89 e5 mov %esp,%ebp
-
80484a7: 83 ec 18 sub $0x18,%esp
-
80484aa: b8 5d 86 04 08 mov $0x804865d,%eax
-
80484af: 8b 55 08 mov 0x8(%ebp),%edx
-
80484b2: 89 54 24 04 mov %edx,0x4(%esp)
-
80484b6: 89 04 24 mov %eax,(%esp)
-
80484b9: e8 fe fe ff ff call 80483bc <printf@plt>
-
80484be: c9 leave
-
80484bf: c3 ret
-
-
080484c0 <main>:
-
80484c0: 8d 4c 24 04 lea 0x4(%esp),%ecx
-
80484c4: 83 e4 f0 and $0xfffffff0,%esp
-
80484c7: ff 71 fc pushl -0x4(%ecx)
-
80484ca: 55 push %ebp
-
80484cb: 89 e5 mov %esp,%ebp
-
80484cd: 51 push %ecx
-
80484ce: 83 ec 34 sub $0x34,%esp
-
80484d1: 65 a1 14 00 00 00 mov %gs:0x14,%eax
-
80484d7: 89 45 f4 mov %eax,-0xc(%ebp)
-
80484da: 31 c0 xor %eax,%eax
-
80484dc: c7 45 f0 61 86 04 08 movl $0x8048661,-0x10(%ebp)
-
80484e3: c7 45 ec 01 00 00 00 movl $0x1,-0x14(%ebp)
-
80484ea: c7 45 e4 00 00 00 00 movl $0x0,-0x1c(%ebp)
-
80484f1: c7 45 e0 00 00 00 00 movl $0x0,-0x20(%ebp)
-
80484f8: 83 c4 80 add $0xffffff80,%esp
-
80484fb: 8d 44 24 08 lea 0x8(%esp),%eax
-
80484ff: 83 c0 0f add $0xf,%eax
-
8048502: c1 e8 04 shr $0x4,%eax
-
8048505: c1 e0 04 shl $0x4,%eax
-
8048508: 89 45 e4 mov %eax,-0x1c(%ebp)
-
804850b: b8 67 86 04 08 mov $0x8048667,%eax
-
8048510: 8b 55 e4 mov -0x1c(%ebp),%edx
-
8048513: 89 54 24 04 mov %edx,0x4(%esp)
-
8048517: 89 04 24 mov %eax,(%esp)
-
804851a: e8 9d fe ff ff call 80483bc <printf@plt>
-
804851f: c7 04 24 64 00 00 00 movl $0x64,(%esp)
-
8048526: e8 a1 fe ff ff call 80483cc <malloc@plt>
-
804852b: 89 45 e0 mov %eax,-0x20(%ebp)
-
804852e: b8 77 86 04 08 mov $0x8048677,%eax
-
8048533: 8b 55 e0 mov -0x20(%ebp),%edx
-
8048536: 89 54 24 04 mov %edx,0x4(%esp)
-
804853a: 89 04 24 mov %eax,(%esp)
-
804853d: e8 7a fe ff ff call 80483bc <printf@plt>
-
8048542: 8b 45 e0 mov -0x20(%ebp),%eax
-
8048545: 89 04 24 mov %eax,(%esp)
-
8048548: e8 5f fe ff ff call 80483ac <free@plt>
-
804854d: 8b 15 28 a0 04 08 mov 0x804a028,%edx
-
8048553: a1 34 a0 04 08 mov 0x804a034,%eax
-
8048558: 8d 04 02 lea (%edx,%eax,1),%eax
-
804855b: 03 45 ec add -0x14(%ebp),%eax
-
804855e: 03 45 e8 add -0x18(%ebp),%eax
-
8048561: 89 04 24 mov %eax,(%esp)
-
8048564: e8 3b ff ff ff call 80484a4 <func1>
-
8048569: 8b 45 ec mov -0x14(%ebp),%eax
-
804856c: 8b 55 f4 mov -0xc(%ebp),%edx
-
804856f: 65 33 15 14 00 00 00 xor %gs:0x14,%edx
-
8048576: 74 05 je 804857d <main+0xbd>
-
8048578: e8 5f fe ff ff call 80483dc <__stack_chk_fail@plt>
-
804857d: 8b 4d fc mov -0x4(%ebp),%ecx
-
8048580: c9 leave
-
8048581: 8d 61 fc lea -0x4(%ecx),%esp
-
8048584: c3 ret
-
8048585: 90 nop
-
8048586: 90 nop
-
8048587: 90 nop
-
8048588: 90 nop
-
8048589: 90 nop
-
804858a: 90 nop
-
804858b: 90 nop
-
804858c: 90 nop
-
804858d: 90 nop
-
804858e: 90 nop
-
804858f: 90 nop
-
-
08048590 <__libc_csu_fini>:
-
8048590: 55 push %ebp
-
8048591: 89 e5 mov %esp,%ebp
-
8048593: 5d pop %ebp
-
8048594: c3 ret
-
8048595: 8d 74 26 00 lea 0x0(%esi,%eiz,1),%esi
-
8048599: 8d bc 27 00 00 00 00 lea 0x0(%edi,%eiz,1),%edi
-
-
080485a0 <__libc_csu_init>:
-
80485a0: 55 push %ebp
-
80485a1: 89 e5 mov %esp,%ebp
-
80485a3: 57 push %edi
-
80485a4: 56 push %esi
-
80485a5: 53 push %ebx
-
80485a6: e8 4f 00 00 00 call 80485fa <__i686.get_pc_thunk.bx>
-
80485ab: 81 c3 49 1a 00 00 add $0x1a49,%ebx
-
80485b1: 83 ec 1c sub $0x1c,%esp
-
80485b4: e8 93 fd ff ff call 804834c <_init>
-
80485b9: 8d bb 18 ff ff ff lea -0xe8(%ebx),%edi
-
80485bf: 8d 83 18 ff ff ff lea -0xe8(%ebx),%eax
-
80485c5: 29 c7 sub %eax,%edi
-
80485c7: c1 ff 02 sar $0x2,%edi
-
80485ca: 85 ff test %edi,%edi
-
80485cc: 74 24 je 80485f2 <__libc_csu_init+0x52>
-
80485ce: 31 f6 xor %esi,%esi
-
80485d0: 8b 45 10 mov 0x10(%ebp),%eax
-
80485d3: 89 44 24 08 mov %eax,0x8(%esp)
-
80485d7: 8b 45 0c mov 0xc(%ebp),%eax
-
80485da: 89 44 24 04 mov %eax,0x4(%esp)
-
80485de: 8b 45 08 mov 0x8(%ebp),%eax
-
80485e1: 89 04 24 mov %eax,(%esp)
-
80485e4: ff 94 b3 18 ff ff ff call *-0xe8(%ebx,%esi,4)
-
80485eb: 83 c6 01 add $0x1,%esi
-
80485ee: 39 fe cmp %edi,%esi
-
80485f0: 72 de jb 80485d0 <__libc_csu_init+0x30>
-
80485f2: 83 c4 1c add $0x1c,%esp
-
80485f5: 5b pop %ebx
-
80485f6: 5e pop %esi
-
80485f7: 5f pop %edi
-
80485f8: 5d pop %ebp
-
80485f9: c3 ret
-
-
080485fa <__i686.get_pc_thunk.bx>:
-
80485fa: 8b 1c 24 mov (%esp),%ebx
-
80485fd: c3 ret
-
80485fe: 90 nop
-
80485ff: 90 nop
-
-
08048600 <__do_global_ctors_aux>:
-
8048600: 55 push %ebp
-
8048601: 89 e5 mov %esp,%ebp
-
8048603: 53 push %ebx
-
8048604: 83 ec 04 sub $0x4,%esp
-
8048607: a1 0c 9f 04 08 mov 0x8049f0c,%eax
-
804860c: 83 f8 ff cmp $0xffffffff,%eax
-
804860f: 74 13 je 8048624 <__do_global_ctors_aux+0x24>
-
8048611: bb 0c 9f 04 08 mov $0x8049f0c,%ebx
-
8048616: 66 90 xchg %ax,%ax
-
8048618: 83 eb 04 sub $0x4,%ebx
-
804861b: ff d0 call *%eax
-
804861d: 8b 03 mov (%ebx),%eax
-
804861f: 83 f8 ff cmp $0xffffffff,%eax
-
8048622: 75 f4 jne 8048618 <__do_global_ctors_aux+0x18>
-
8048624: 83 c4 04 add $0x4,%esp
-
8048627: 5b pop %ebx
-
8048628: 5d pop %ebp
-
8048629: c3 ret
-
804862a: 90 nop
-
804862b: 90 nop
-
-
Disassembly of section .fini:
-
-
0804862c <_fini>:
-
804862c: 55 push %ebp
-
804862d: 89 e5 mov %esp,%ebp
-
804862f: 53 push %ebx
-
8048630: 83 ec 04 sub $0x4,%esp
-
8048633: e8 00 00 00 00 call 8048638 <_fini+0xc>
-
8048638: 5b pop %ebx
-
8048639: 81 c3 bc 19 00 00 add $0x19bc,%ebx
-
804863f: e8 dc fd ff ff call 8048420 <__do_global_dtors_aux>
-
8048644: 59 pop %ecx
-
8048645: 5b pop %ebx
-
8048646: c9 leave
-
8048647: c3 ret
执行结果:
三,参考文件
1,http://blog.chinaunix.net/uid-27018250-id-3867588.html
2,http://www.ibm.com/developerworks/cn/linux/l-cn-valgrind/
阅读(1432) | 评论(0) | 转发(0) |