函数调用反汇编

//h.c
#include
static int print_hello()
{
    printf("hello/n");
    return 0;
}
extern int print_hello2()
{
    printf("hello2/n");
    return 0;
}
int main()
{
    getchar();
    print_hello();
    print_hello2();
    printf("Hello world!/n");
    return 0;   
}
gcc h.c  -c 
objdump  h.o  -d
00000000 :
   0:    55                       push   %ebp
   1:    89 e5                    mov    %esp,%ebp
   3:    83 ec 08                 sub    $0x8,%esp
   6:    c7 04 24 00 00 00 00     movl   $0x0,(%esp)
   d:    e8 fc ff ff ff           call   e
  12:    b8 00 00 00 00           mov    $0x0,%eax
  17:    c9                       leave 
  18:    c3                       ret   
00000019 :
  19:    55                       push   %ebp
  1a:    89 e5                    mov    %esp,%ebp
  1c:    83 ec 08                 sub    $0x8,%esp
  1f:    c7 04 24 06 00 00 00     movl   $0x6,(%esp)
  26:    e8 fc ff ff ff           call   27
  2b:    b8 00 00 00 00           mov    $0x0,%eax
  30:    c9                       leave 
  31:    c3                       ret   
00000032

:
  32:    8d 4c 24 04              lea    0x4(%esp),%ecx
  36:    83 e4 f0                 and    $0xfffffff0,%esp
  39:    ff 71 fc                 pushl  0xfffffffc(%ecx)
  3c:    55                       push   %ebp
  3d:    89 e5                    mov    %esp,%ebp
  3f:    51                       push   %ecx
  40:    83 ec 04                 sub    $0x4,%esp
  43:    e8 fc ff ff ff           call   44
  48:    e8 b3 ff ff ff           call   0
  4d:    e8 fc ff ff ff           call   4e
  52:    c7 04 24 0d 00 00 00     movl   $0xd,(%esp)
  59:    e8 fc ff ff ff           call   5a
  5e:    b8 00 00 00 00           mov    $0x0,%eax
  63:    83 c4 04                 add    $0x4,%esp
  66:    59                       pop    %ecx
  67:    5d                       pop    %ebp
  68:    8d 61 fc                 lea    0xfffffffc(%ecx),%esp
  6b:    c3                       ret   
printf_hello2, getchar,printf,为全局符号，所以编译的时候用 fc ff ff ff填充
而 printf_hello 为 static，不是全局符号，所以用 b3 ff ff ff 填充
在 link 的时候采用确切的 函数地址代替
那么 这么多的 fc ff ff ff 及 b3 ff ff ff 那个对应那个呢？
根据出现的先后顺序，到符号表里查
readelf h.o –a  
ELF Header:
  Magic:   7f 45 4c 46 01 01 01 00 00 00 00 00 00 00 00 00
  Class:                             ELF32
  Data:                              2's complement, little endian
  Version:                           1 (current)
  OS/ABI:                            UNIX - System V
  ABI Version:                       0
  Type:                              REL (Relocatable file)
  Machine:                           Intel 80386
  Version:                           0x1
  Entry point address:               0x0
  Start of program headers:          0 (bytes into file)
  Start of section headers:          316 (bytes into file)
  Flags:                             0x0
  Size of this header:               52 (bytes)
  Size of program headers:           0 (bytes)
  Number of program headers:         0
  Size of section headers:           40 (bytes)
  Number of section headers:         11
  Section header string table index: 8
Section Headers:
  [Nr] Name              Type            Addr     Off    Size   ES Flg Lk Inf Al
  [ 0]                   NULL            00000000 000000 000000 00      0   0  0
  [ 1] .text             PROGBITS        00000000 000034 00006c 00  AX  0   0  4
  [ 2] .rel.text         REL             00000000 0003f4 000040 08      9   1  4
  [ 3] .data             PROGBITS        00000000 0000a0 000000 00  WA  0   0  4
  [ 4] .bss              NOBITS          00000000 0000a0 000000 00  WA  0   0  4
  [ 5] .rodata           PROGBITS        00000000 0000a0 00001a 00   A  0   0  1
  [ 6] .comment          PROGBITS        00000000 0000ba 00002e 00      0   0  1
  [ 7] .note.GNU-stack   PROGBITS        00000000 0000e8 000000 00      0   0  1
  [ 8] .shstrtab         STRTAB          00000000 0000e8 000051 00      0   0  1
  [ 9] .symtab           SYMTAB          00000000 0002f4 0000d0 10     10   9  4
  [10] .strtab           STRTAB          00000000 0003c4 000030 00      0   0  1
Key to Flags:
  W (write), A (alloc), X (execute), M (merge), S (strings)
  I (info), L (link order), G (group), x (unknown)
  O (extra OS processing required) o (OS specific), p (processor specific)
There are no section groups in this file.
There are no program headers in this file.
Relocation section '.rel.text' at offset 0x3f4 contains 8 entries:
Offset     Info    Type            Sym.Value  Sym. Name
00000009  00000501 R_386_32          00000000   .rodata
0000000e  00000902 R_386_PC32        00000000   puts
00000022  00000501 R_386_32          00000000   .rodata
00000027  00000902 R_386_PC32        00000000   puts
00000044  00000c02 R_386_PC32        00000000   getchar
0000004e  00000a02 R_386_PC32        00000019   print_hello2
00000055  00000501 R_386_32          00000000   .rodata
0000005a  00000902 R_386_PC32        00000000   puts
There are no unwind sections in this file.
Symbol table '.symtab' contains 13 entries:
   Num:    Value  Size Type    Bind   Vis      Ndx Name
     0: 00000000     0 NOTYPE  LOCAL  DEFAULT  UND
     1: 00000000     0 FILE    LOCAL  DEFAULT  ABS h.c
     2: 00000000     0 SECTION LOCAL  DEFAULT    1
     3: 00000000     0 SECTION LOCAL  DEFAULT    3
     4: 00000000     0 SECTION LOCAL  DEFAULT    4
     5: 00000000     0 SECTION LOCAL  DEFAULT    5
     6: 00000000    25 FUNC    LOCAL  DEFAULT    1 print_hello
     7: 00000000     0 SECTION LOCAL  DEFAULT    7
     8: 00000000     0 SECTION LOCAL  DEFAULT    6
     9: 00000000     0 NOTYPE  GLOBAL DEFAULT  UND puts
    10: 00000019    25 FUNC    GLOBAL DEFAULT    1 print_hello2
    11: 00000032    58 FUNC    GLOBAL DEFAULT    1 main
    12: 00000000     0 NOTYPE  GLOBAL DEFAULT  UND getchar
No version information found in this file.

最后

以上就是温婉摩托为你收集整理的函数调用反汇编的全部内容，希望文章能够帮你解决函数调用反汇编所遇到的程序开发问题。

如果觉得靠谱客网站的内容还不错，欢迎将靠谱客网站推荐给程序员好友。