我正在学习Mach-O符号化过程是如何工作的,我写了一个简单的C程序来测试一些假设。我有以下C代码:
#include <stdio.h>
#include <stdlib.h>
int division(int a, int b);
int m;
int main(void)
{
int i,j;
printf("initializing i\n");
i = 10;
printf("initializing j\n");
j=1;
printf("i = %d, j = %d\n", i, j);
m = division(i, j);
printf("m = %d / %d = %d\n", i, j, m);
return 0;
}
int division(int a, int b)
{
return a / b;
}
使用
进行编译clang -Os -Wimplicit -isysroot /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS7.0.sdk/ -arch armv7 -o helloworld helloworld.c
到以下ARM iOS程序集:
EXPORT _main
__text:0000BEFC _main
__text:0000BEFC PUSH {R4,R7,LR}
__text:0000BEFE MOVW R0, #(:lower16:(aInitializingI - 0xBF0C)) ; "initializing i"
__text:0000BF02 ADD R7, SP, #4
__text:0000BF04 MOVT.W R0, #(:upper16:(aInitializingI - 0xBF0C)) ; "initializing i"
__text:0000BF08 ADD R0, PC ; "initializing i"
__text:0000BF0A BLX _puts
__text:0000BF0E MOV R0, #(aInitializingJ - 0xBF1A) ; "initializing j"
__text:0000BF16 ADD R0, PC ; "initializing j"
__text:0000BF18 BLX _puts
__text:0000BF1C MOVW R0, #(:lower16:(aIDJD - 0xBF2C)) ; "i = %d, j = %d\n"
__text:0000BF20 MOVS R1, #0xA
__text:0000BF22 MOVT.W R0, #(:upper16:(aIDJD - 0xBF2C)) ; "i = %d, j = %d\n"
__text:0000BF26 MOVS R2, #1
__text:0000BF28 ADD R0, PC ; "i = %d, j = %d\n"
__text:0000BF2A MOVS R4, #0xA
__text:0000BF2C BLX _printf
__text:0000BF30 MOVW R0, #(:lower16:(_m_ptr - 0xBF40))
__text:0000BF34 MOVS R2, #1
__text:0000BF36 MOVT.W R0, #(:upper16:(_m_ptr - 0xBF40))
__text:0000BF3A MOVS R3, #0xA
__text:0000BF3C ADD R0, PC ; _m_ptr
__text:0000BF3E LDR R1, [R0] ; _m
__text:0000BF40 MOV R0, #(aMDDD - 0xBF4C) ; "m = %d / %d = %d\n"
__text:0000BF48 ADD R0, PC ; "m = %d / %d = %d\n"
__text:0000BF4A STR R4, [R1]
__text:0000BF4C MOVS R1, #0xA
__text:0000BF4E BLX _printf
__text:0000BF52 MOVS R0, #0
__text:0000BF54 POP {R4,R7,PC}
; End of function _main
__text:0000BF54
__text:0000BF54 ; ---------------------------------------------------------------------------
__text:0000BF56 ALIGN 4
__text:0000BF58
__text:0000BF58 ; =============== S U B R O U T I N E =======================================
__text:0000BF58
__text:0000BF58
__text:0000BF58 EXPORT _division
__text:0000BF58 _division
__text:0000BF58 B.W ___divsi3$shim
__text:0000BF58 ; End of function _division
__text:0000BF58
__text:0000BF5C
__text:0000BF5C ; =============== S U B R O U T I N E =======================================
__text:0000BF5C
__text:0000BF5C
__text:0000BF5C ___divsi3$shim ; CODE XREF: _divisionj
__text:0000BF5C LDR.W R12, loc_BF64
__text:0000BF60 ADD R12, PC ; ___divsi3
__text:0000BF62 BX R12
__text:0000BF64 ; ---------------------------------------------------------------------------
__text:0000BF64
__text:0000BF64 loc_BF64 ; DATA XREF: ___divsi3$shimr
__text:0000BF64 LSLS R0, R2, #2
__text:0000BF66 MOVS R0, R0
__text:0000BF66 ; End of function ___divsi3$shim
__text:0000BF66
__text:0000BF66 ; __text ends
__text:0000BF66
__stub_helper:0000BF68 ; ===========================================================================
__stub_helper:0000BF68
__stub_helper:0000BF68 ; Segment type: Pure code
__stub_helper:0000BF68 AREA __stub_helper, CODE, READWRITE
__stub_helper:0000BF68 ; ORG 0xBF68
__stub_helper:0000BF68 CODE32
__stub_helper:0000BF68
__symbolstub1:0000BFF4 ; Attributes: thunk
__symbolstub1:0000BFF4
__symbolstub1:0000BFF4 ___divsi3 ; CODE XREF: ___divsi3$shim+6j
__symbolstub1:0000BFF4 ; DATA XREF: ___divsi3$shim+4o
__symbolstub1:0000BFF4 LDR PC, =__imp____divsi3
__symbolstub1:0000BFF4 ; End of function ___divsi3
__symbolstub1:0000BFF4
__symbolstub1:0000BFF8 ; [00000004 BYTES: COLLAPSED FUNCTION _printf. PRESS KEYPAD CTRL-"+" TO EXPAND]
__symbolstub1:0000BFFC ; [00000004 BYTES: COLLAPSED FUNCTION _puts. PRESS KEYPAD CTRL-"+" TO EXPAND]
__lazy_symbol:0000C000 ; ===========================================================================
__lazy_symbol:0000C000
__lazy_symbol:0000C000 ; Segment type: Pure data
__lazy_symbol:0000C000 AREA __lazy_symbol, DATA
__lazy_symbol:0000C000 ; ORG 0xC000
__lazy_symbol:0000C000 ___divsi3_ptr DCD __imp____divsi3 ; DATA XREF: ___divsi3r
__lazy_symbol:0000C004 _printf_ptr DCD __imp__printf ; DATA XREF: _printfr
__lazy_symbol:0000C008 _puts_ptr DCD __imp__puts ; DATA XREF: _putsr
__lazy_symbol:0000C008 ; __lazy_symbol ends
__lazy_symbol:0000C008
__nl_symbol_ptr:0000C00C ; ===========================================================================
__nl_symbol_ptr:0000C00C
__nl_symbol_ptr:0000C00C ; Segment type: Pure data
__nl_symbol_ptr:0000C00C AREA __nl_symbol_ptr, DATA
__nl_symbol_ptr:0000C00C ; ORG 0xC00C
__nl_symbol_ptr:0000C00C dyld_stub_binder_ptr DCD dyld_stub_binder
__nl_symbol_ptr:0000C00C ; DATA XREF: _stub_helpers+14o
__nl_symbol_ptr:0000C00C ; __stub_helper:off_BF88o
__nl_symbol_ptr:0000C010 off_C010 DCD 0 ; DATA XREF: _stub_helpers+8o
__nl_symbol_ptr:0000C014 _m_ptr DCD _m ; DATA XREF: _main+34o
__nl_symbol_ptr:0000C014 ; _main+3Ao ...
__nl_symbol_ptr:0000C014 ; __nl_symbol_ptr ends
__nl_symbol_ptr:0000C014
__common:0000C018 ; ===========================================================================
__common:0000C018
__common:0000C018 ; Segment type: Uninitialized
__common:0000C018 AREA __common, DATA
__common:0000C018 ; ORG 0xC018
__common:0000C018 EXPORT _m
__common:0000C018 _m % 1 ; DATA XREF: _main+42o
__common:0000C018 ; __nl_symbol_ptr:_m_ptro
__common:0000C019 % 1
__common:0000C01A % 1
__common:0000C01B % 1
__common:0000C01B ; __common ends
__common:0000C01B
虽然我知道clang中的优化将除法函数替换为libsystem.dylib中对divsi3例程的调用,但是我没有看到从主程序到___divsi3例程存根的任何调用,如BLX __division或者同样的东西线。我猜测而不是那个,它现在正在使用_m指针。它是如何工作的?有什么想法吗?
答案 0 :(得分:5)
编译器首先内联'division'函数,这意味着'a / b'变为'i / j'。然后它意识到'i / j'是一个常量表达式,总是求值为'10 / 1',它在编译时评估为'10'(或十六进制为0xA)。
这一行将'10'加载到R4中,以便以后可以写入'm':
__text:0000BF2A MOVS R4, #0xA
此行将“10”加载到R3中,以便将“m”作为第四个printf参数传递:
__text:0000BF3A MOVS R3, #0xA
有时编译器非常聪明(比如内联和编译时常量表达式评估),有时它们真的很愚蠢(比如冗余地将'10'加载到R4和R3中,而不是仅仅将R3存储到'm')
P.S。 _m_ptr只是一个用于存储“m”地址的内存位置。