Wednesday, March 9, 2011

_START - the very first C routine

"_start" is the first routine in the .text section (glibc), it calls "main" - the entry point in the executable.

Here is a piece of code for explanation:

[weqaar@sensorflock c]$ more pid.c
#include
#include
#include

void main (void) {

    printf ("PID = %d\n", getpid());
    printf ("PPID = %d\n", getppid());
    execit();
}

void execit (void) {
    int ret;
    ret = execl ("/home/weqaar/c/pid2", "pid2", NULL);
}

[weqaar@sensorflock c]$ more pid2.c
#include
#include
#include

void main (void) {

    printf ("PID pid2 = %d\n", getpid());
    printf ("PPID pid2 = %d\n", getppid());

}


[weqaar@sensorflock c]$ gcc pid2.c -o pid2
[weqaar@sensorflock c]$ gcc pid.c -o pid


[weqaar@sensorflock c]$ objdump --disassemble pid

Disassembly of section .text:

080483a0 <_start>:
 80483a0:    31 ed                    xor    %ebp,%ebp
 80483a2:    5e                       pop    %esi
 80483a3:    89 e1                    mov    %esp,%ecx
 80483a5:    83 e4 f0                 and    $0xfffffff0,%esp
 80483a8:    50                       push   %eax
 80483a9:    54                       push   %esp
 80483aa:    52                       push   %edx
 80483ab:    68 c0 84 04 08           push   $0x80484c0
 80483b0:    68 d0 84 04 08           push   $0x80484d0
 80483b5:    51                       push   %ecx
 80483b6:    56                       push   %esi
 80483b7:    68 54 84 04 08           push   $0x8048454
 80483bc:    e8 97 ff ff ff           call   8048358 <__libc_start_main@plt>

"The .text section contains the actual machine instructions which make up your program." Notice the second last line above " 80483b7:    68 54 84 04 08           push   $0x8048454", 0x8048454 is the address of "
" routine:

08048454
:

 8048454:    55                       push   %ebp


[weqaar@sensorflock c]$ nm pid
08049668 d _DYNAMIC
08049734 d _GLOBAL_OFFSET_TABLE_
0804857c R _IO_stdin_used
         w _Jv_RegisterClasses
08049658 d __CTOR_END__
08049654 d __CTOR_LIST__
08049660 D __DTOR_END__
0804965c d __DTOR_LIST__
08048650 r __FRAME_END__
08049664 d __JCR_END__
08049664 d __JCR_LIST__
0804975c A __bss_start
08049758 D __data_start
08048530 t __do_global_ctors_aux
080483d0 t __do_global_dtors_aux
08048580 R __dso_handle
         w __gmon_start__
0804852a T __i686.get_pc_thunk.bx
08049654 d __init_array_end
08049654 d __init_array_start
080484c0 T __libc_csu_fini
080484d0 T __libc_csu_init
         U __libc_start_main@@GLIBC_2.0
0804975c A _edata
08049764 A _end
0804855c T _fini
08048578 R _fp_hw
080482f8 T _init
080483a0 T _start
0804975c b completed.5963
08049758 W data_start
08049760 b dtor_idx.5965
08048490 T execit
         U execl@@GLIBC_2.0
08048430 t frame_dummy
         U getpid@@GLIBC_2.0
         U getppid@@GLIBC_2.0
08048454 T main
         U printf@@GLIBC_2.0
Posted by Weqaar A. Janjua at 12:45 PM

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)