in intel x86 instruction set, "jmp $" means jump to this instruction location, thus falling into an infinite loop.

https://defuse.ca/online-x86-assembler.htm#disassembly

the instruction is "0xfeeb".

Based on this instruction, we can create possibly the shortest C program that can compile and run successfully on x86 platform.

main=0xfeeb;

1, the variable main has no type here, and will be defaulted to integer (int). this reminds us of the good old K&R days. This is still allowed by latest C standards (i.e. C99). therefore it's actually

int main=0xfeeb;

2, the variable main is a global variable, therefore the symbol "main" will be exported in this compilation unit. for example, if the file is named "shortest_c_program.c" and we execute the following commands:

$ gcc -std=c99 shortest_c_program.c -c

shortest_c_program.c::: warning: data definition has no type or storage class [enabled by default]

shortest_c_program.c::: warning: type defaults to ‘int’ in declaration of ‘main’ [enabled by default]

$ objdump --syms shortest_c_program.o

shortest_c_program.o:     file format pe-i386

SYMBOL TABLE:

[  ](sec -)(fl 0x00)(ty   )(scl ) (nx ) 0x00000000 shortest_c_program.c

File

[  ](sec  )(fl 0x00)(ty   )(scl   ) (nx ) 0x00000000 .text

AUX scnlen 0x0 nreloc  nlnno

[  ](sec  )(fl 0x00)(ty   )(scl   ) (nx ) 0x00000000 .data

AUX scnlen 0x4 nreloc  nlnno

[  ](sec  )(fl 0x00)(ty   )(scl   ) (nx ) 0x00000000 .bss

AUX scnlen 0x0 nreloc  nlnno

[  ](sec  )(fl 0x00)(ty   )(scl   ) (nx ) 0x00000000 _main

it's confirmed that the symbol "_main" is exported.

3, when this object file is linked against the compiler attached crt stub (part of the library e.g. glibc), by default the entry point is the symbol "_start". the symbol "_start" points to some code that will call a symbol "_main". typically the symbol _main points to the main function which is the compiled version of C main function. In this case, main actually points to a location where the value of the main variable is stored.

http://ftp.gnu.org/pub/old-gnu/Manuals/ld-2.9.1/html_node/ld_24.html

4, when _start calls _main, the cpu actually takes 0xfeeb as an instruction which is "jmp $" on x86, therefore it executes the instruction again and again.

another point, what's the shortest legitimate C program? i.e. which can compile successfully (but might not run successfully)

Answer:

main;

because main is a global variable, it's initialised to 0, therefore the program will crash on segfault (null pointer dereference).

jmp $的更多相关文章

  1. 汇编指令mov、add、sub、jmp

    mov:寄存器,数据 mov:寄存器,寄存器 mov:寄存器,内存单元 mov:段寄存器,内存单元 mov:内存单元,寄存器 mov:内存单元,段寄存器 mov:段寄存器,寄存器 mov:寄存器,段寄 ...

  2. jmp使用

    jps -l jmap 36429 jmap -heap 36429 jmap -histo:live 36429 jmap -clstats 36429 jmap  -finalizerinfo 3 ...

  3. Hack Programming

    计算机由ROM(instruction memory).RAM(data memory).CPU组成,其关系如下图 在计算中存在3种寄存器:D.A.M.其中D是data register,A是addr ...

随机推荐

  1. ASP.NET动态网站制作(5)-- 标签语义化及知识补充

    前言:这节课主要是讲标签语义化及一些知识点的补充 内容:参考老师的博文:http://www.cnblogs.com/ruanmou/p/4821894.html

  2. grok表达式

    grok表达式 grok其实就是封装了各种常用的正则表达式,屏蔽了直接写正则的复杂性:通过它可以提取日志内容,按照自己指定的格式输出到kibana. http://udn.yyuap.com/doc/ ...

  3. Elasticsearch集群UNASSIGNED

    Elasticsearch集群UNASSIGNED http://shineforever.blog.51cto.com/1429204/1859734 http://www.searchtech.p ...

  4. 九度OJ 1164:旋转矩阵 (矩阵运算)

    时间限制:1 秒 内存限制:32 兆 特殊判题:否 提交:3188 解决:1245 题目描述: 任意输入两个9阶以下矩阵,要求判断第二个是否是第一个的旋转矩阵,如果是,输出旋转角度(0.90.180. ...

  5. RocksDB

    RocksDB RocksDB is a high performance[1][2][3][4][5] embedded database for key-value data. It is a f ...

  6. 《Linux 鸟哥私房菜》 第6章 Linux的文件权限与目录配置

    1.文件的类型与权限. 如图红框.权限与类型共有10个字符组成. (1)第一个字符代表这个文件是“目录.文件或链接文件等”. [d]则是目录 [-]则是文件 [|]则是连接文件 [b]则是设备文件里面 ...

  7. mac下编译FFmpeg-Android

    参考: [史上最傻瓜的]mac下编译FFmpeg-Android http://blog.csdn.net/ashqal/article/details/9381037

  8. Unity中几种简单的相机跟随

    #unity中相机追随 固定相机跟随,这种相机有一个参考对象,它会保持与该参考对象固定的位置,跟随改参考对象发生移动 using UnityEngine; using System.Collectio ...

  9. php下载并安装pear脚本

    下载并安装pear脚本cd /usr/local/php/bin/curl -o go-pear.php http://pear.php.net/go-pear.phar ./php go-pear. ...

  10. Android Weekly Notes Issue #321

    Android Weekly Issue #321 August 5th, 2018. Android Weekly Issue #321 本期内容包括: 开源项目Plaid的改版; 使用Tensor ...