不断获取e8 00 00 00 00作为机器代码来调用汇编中的函数 [英] Keep getting e8 00 00 00 00 as the machine code to call a function in assembly

问题描述

我知道在文件call中使用objdump -dr时，由于尚未链接，因此在机器代码中显示为e8 00 00 00 00.但是我需要找出链接器完成其工作后00 00 00 00会变成什么.我知道它应该计算偏移量，但是对此我有些困惑.

I know when using objdump -dr in my file call shows up in machine code as e8 00 00 00 00 because it has not yet been linked. But I need to find out what the 00 00 00 00 will turn into after the linker has done it's job. I know it should calculate the offset, but I'm a little confused about that.

以下面的代码为例，在完成链接器部分之后，e8 00 00 00 00应该如何?而我如何得到答案呢?

As an example with the code below, after the linker part is done, how should the e8 00 00 00 00 be? And how do I get to that answer?

我正在使用以下示例代码进行测试:(我正试图打电话给moo)

I'm testing out with this sample code: (I'm trying to call moo)

Disassembly of section .text:

0000000000000000 <foo>:
   0:   55                      push   %rbp
   1:   48 89 e5                mov    %rsp,%rbp
   4:   89 7d fc                mov    %edi,-0x4(%rbp)
   7:   8b 45 fc                mov    -0x4(%rbp),%eax
   a:   83 e8 0a                sub    $0xa,%eax
   d:   5d                      pop    %rbp
   e:   c3                      retq   

000000000000000f <moo>:
   f:   55                      push   %rbp
  10:   48 89 e5                mov    %rsp,%rbp
  13:   89 7d fc                mov    %edi,-0x4(%rbp)
  16:   b8 01 00 00 00          mov    $0x1,%eax
  1b:   5d                      pop    %rbp
  1c:   c3                      retq   

000000000000001d <main>:
  1d:   55                      push   %rbp
  1e:   48 89 e5                mov    %rsp,%rbp
  21:   48 83 ec 10             sub    $0x10,%rsp
  25:   c7 45 fc 8e 0c 00 00    movl   $0xc8e,-0x4(%rbp)
  2c:   8b 45 fc                mov    -0x4(%rbp),%eax
  2f:   89 c7                   mov    %eax,%edi
  31:   e8 00 00 00 00          callq  36 <main+0x19>
            32: R_X86_64_PC32   moo-0x4
  36:   89 45 fc                mov    %eax,-0x4(%rbp)
  39:   b8 00 00 00 00          mov    $0x0,%eax
  3e:   c9                      leaveq 
  3f:   c3                      retq

推荐答案

使用objdump -r，您可以使用反汇编的-d打印重定位:

With objdump -r you have Relocations printed with your disassembly -d:

  31:   e8 00 00 00 00          callq  36 <main+0x19>
            32: R_X86_64_PC32   moo-0x4

ld-linux.so.2加载程序将重定位对象(在现代世界中，它甚至会将可执行文件重定位到随机地址)，并用正确的地址填充重定位.

ld-linux.so.2 loader will relocate objects (in modern world it will relocate even executable to random address) and fill the relocations with correct address.

通过在main处添加断点并启动程序来检查gdb(链接器在main函数启动之前起作用):

Check with gdb by adding breakpoint at main and starting program (linker works before main function is started):

gdb ./program
(gdb) start
(gdb) disassemble main

如果要编译代码而不进行重定位，请显示源代码和编译选项.

If you want to compile the code without relocations, show source code and compilation options.

这篇关于不断获取e8 00 00 00 00作为机器代码来调用汇编中的函数的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！