ELF 部分未按预期映射到段

Question

我正在编写一个编译器，并且刚刚开始从头开始生成 ELF 可执行文件。我正在创建一个.text 部分（尽管它没有名称，因为我还没有创建字符串表），并试图将它放在PT_LOAD 段中。但是，readelf 没有报告该部分已映射到该段中，并且objdump 拒绝反汇编.text 部分中的代码。这是readelf的读数，为简洁起见省略了一些位：

ELF Header:
  Magic:   7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00 
  Class:                             ELF64
  Data:                              2's complement, little endian
  Version:                           1 (current)
  OS/ABI:                            UNIX - System V
  ABI Version:                       0
  Type:                              EXEC (Executable file)
  Machine:                           Advanced Micro Devices X86-64
  Version:                           0x1
  Entry point address:               0x0
  Start of program headers:          64 (bytes into file)
  Start of section headers:          122 (bytes into file)
  Flags:                             0x0
  Size of this header:               64 (bytes)
  Size of program headers:           56 (bytes)
  Number of program headers:         1
  Size of section headers:           64 (bytes)
  Number of section headers:         2
  Section header string table index: 0

Section Headers:
  [Nr] Name              Type             Address           Offset
       Size              EntSize          Flags  Link  Info  Align
  [ 0] <no-name>         NULL             0000000000000000  00000000
       0000000000000000  0000000000000000           0     0     0
  [ 1] <no-name>         PROGBITS         0000000008048000  00000078
       0000000000000002  0000000000000000  AX       0     0     16
Key to Flags:
  W (write), A (alloc), X (execute), M (merge), S (strings), l (large)
  I (info), L (link order), G (group), T (TLS), E (exclude), x (unknown)
  O (extra OS processing required) o (OS specific), p (processor specific)

There are no section groups in this file.

Program Headers:
  Type           Offset             VirtAddr           PhysAddr
                 FileSiz            MemSiz              Flags  Align
  LOAD           0x0000000000000078 0x0000000008048000 0x0000000008048000
                 0x0000000000000002 0x0000000000000002  R E    1000

在偏移量0x78，我只是发出两个push ebxs（操作码0x53）进行测试。这是十六进制转储：

00000000  7f 45 4c 46 02 01 01 00  00 00 00 00 00 00 00 00  |.ELF............|
00000010  02 00 3e 00 01 00 00 00  00 00 00 00 00 00 00 00  |..>.............|
00000020  40 00 00 00 00 00 00 00  7a 00 00 00 00 00 00 00  |@.......z.......|
00000030  00 00 00 00 40 00 38 00  01 00 40 00 02 00 00 00  |....@.8...@.....|
00000040  01 00 00 00 05 00 00 00  78 00 00 00 00 00 00 00  |........x.......|
00000050  00 80 04 08 00 00 00 00  00 80 04 08 00 00 00 00  |................|
00000060  02 00 00 00 00 00 00 00  02 00 00 00 00 00 00 00  |................|
00000070  00 10 00 00 00 00 00 00  53 53 00 00 00 00 00 00  |........SS......|
00000080  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
000000b0  00 00 00 00 00 00 00 00  00 00 00 00 00 00 01 00  |................|
000000c0  00 00 06 00 00 00 00 00  00 00 00 80 04 08 00 00  |................|
000000d0  00 00 78 00 00 00 00 00  00 00 02 00 00 00 00 00  |..x.............|
000000e0  00 00 00 00 00 00 00 00  00 00 10 00 00 00 00 00  |................|
*
000000fa

编辑：问题 - 为什么两者之间没有显示段到段的映射，为什么objdump 没有显示反汇编？

Answer 1

为什么两者之间没有显示节到分段的映射

因为没有有效的部分（据readelf 所知）。

为什么objdump没有显示反汇编？

objdump 也使用 sections。

尽管ELF 生命周期的可执行部分不需要部分，但很多工具都依赖于存在的部分。例如，可执行文件中的单独段包含代码和ELF 标头以及程序标头。通常你不想要反汇编标题。没有部分，objdump 不知道从哪里开始反汇编。