ELF文件格式详解
var.c
unsigned int testVar1;
unsigned int testVar2;
test.c
void test1(void)
{
int a, b, sum;
a = 0;
b = 1000;
sum = 0;
for(a = 0; a < b; a++)
{
sum += a;
}
return;
}
armmain.c
extern unsigned int testVar1;
extern unsigned int testVar2;
extern char Image$$g_VarTest$$Base[];
extern void test1(void);
int armmain(void)
{
testVar1 = (unsigned int)Image$$g_VarTest$$Base;
return 0;
}
int armmain2(void)
{
int a;
testVar2 = (unsigned int)Image$$g_VarTest$$Base;
test1();
a = armmain();
return 0;
}
test.sct :连接时使用的内存映射文件
TEST1 0x1000 {
TEST1 0x1000 { test1.o(+RO) }
}
ARMMAIN 0x2000 {
ARMMAIN 0x2000 { armmain.o(+RO) }
}
GLOBAL_VAR 0x4000 0x08 {
g_VarTest 0x4000 0x08 {var.o (+ZI)}
}
OTHER 0x5000 {
OTHER 0x5000 { *(+RW +ZI) }
}
Makefile
# nmake all ------ 建立所有文件
# nmake rebuild ------ 重建文件(先删后建)
# nmake clean ------ 清除文件
AS=armasm
CC=armcc
LD=armlink
#CORE=XScale
CORE=ARM920T
ASFLAGS = -g -cpu $(CORE)
CCFLAGS = -O1 -c -g+ -cpu $(CORE)
LDFLAGS = -entry armmain2 -scatter D:\test\test.sct -map -list test.map -symbols
OBJS = armmain.o var.o test1.o
all: test.axf
rebuild: clean all
clean:
del *.o *.axf
test.axf: $(OBJS)
$(LD) $(LDFLAGS) -o test.axf $(OBJS)
armmain.o: armmain.c
$(CC) -c $(CCFLAGS) armmain.c -o armmain.o
var.o: var.c
$(CC) -c $(CCFLAGS) var.c -o var.o
test1.o: test1.c
$(CC) -c $(CCFLAGS) test1.c -o test1.o
编译连接后的文件:
text.axf 和 test.map 为编译连接后产生的文件
test.elf 和 test.txt 为通过fromelf工具从text.axf转换来的文件
ARM ELF Specification.rar 为ELF格式说明
test.axf
test.map
test.txt
test.elf
ARM ELF
Specification.rar
text.elf 文件解析
00000000h: 7F 45 4C 46 01 01 01 00 00 00 00 00 00 00 00 00 ; ELF............
00000010h: 02 00 28 00 01 00 00 00 14 20 00 00 78 10 00 00 ; ..(...... ..x...
00000020h: D8 10 00 00 16 00 00 02 34 00 20 00 03 00 28 00 ; ?......4. ...(.
00000030h: 10 00 0F 00 00 00 A0 E3 FA 1F A0 E3 01 00 50 E1 ; ...... 犮 ? 犮 ..P?
00000040h: 01 00 00 AA 01 00 80 E2 FB FF FF EA 0E F0 A0 E1 ; ...?.€ 恹 ��? 馉 ?
00000050h: 2C 00 9F E5 2C 10 9F E5 00 00 81 E5 00 00 A0 E3 ; ,. 熷 ,. 熷 .. 佸 .. 犮
00000060h: 0E F0 A0 E1 08 40 2D E9 14 00 9F E5 18 10 9F E5 ; . 馉 ?@-?. 熷 .. 熷
00000070h: 00 00 81 E5 F5 FB FF EB F4 FF FF EB 00 00 A0 E3 ; .. 佸觖 � 媵 ��?. 犮
00000080h: 08 80 BD E8 00 40 00 00 00 40 00 00 04 40 00 00 ; .€ 借 .@...@...@..
00000090h: 01 21 00 2F 0F 00 00 02 21 00 00 00 03 01 01 01 ; .!./....!.......
000000a0h: 15 49 16 00 00 04 24 00 0B 0B 3E 0B 03 08 00 00 ; .I....$...>.....
000000b0h: 05 11 01 03 08 25 08 13 0B 11 01 12 01 10 06 00 ; .....%..........
000000c0h: 00 06 11 01 03 08 25 08 13 0B 11 01 12 01 00 00 ; ......%.........
000000d0h: 07 11 01 03 08 25 08 13 0B 10 06 00 00 08 11 01 ; .....%..........
Commented [h1]: 0x0002
e_type : 2 表示 ET_EXEC(Executable file)
Commented [h2]: 0x0028
e_machine : 40 表示 EM_ARM
(ARM/Thumb Arch)
Commented [h3]: 0x00000001
e_version
Commented [h4]: 0x00002014
e_entry : 0x2014, 从 test.map 文件中可以知道 0x2014 正是
链接选项“-entry armmain2”中指定的中 armmain2 函数
的起始地址
Commented [h5]: 0x00001078
e_phoff :program header table 在本文件内的偏移
Commented [h6]: 0x000010D8
e_shoff :表示第一个 section 在本文件中的偏移位置
Commented [h7]: 0x02000016
e_flags :
Commented [h8]: 0x0034
e_ehsize :elf 文件头大小
Commented [h9]: 0x0020
e_phentsize :program header 大小
Commented [h10]: 0x0003
e_phnum :program segment 个数
Commented [h11]: 0x0028
e_shentsize :senction 头大小
Commented [h12]: 0x0010
e_shnum :senction 段个数
Commented [h13]: 0x000F
e_shstrndx :string table section 的索引。(索引从 0 开始编号)
000000e0h: 03 08 25 08 13 0B 00 00 09 11 01 03 08 25 08 13 ; ..%..........%..
000000f0h: 0B 43 06 11 01 12 01 10 06 00 00 0A 11 01 03 08 ; .C..............
00000100h: 25 08 13 0B 43 06 11 01 12 01 00 00 0B 11 01 03 ; %...C...........
00000110h: 08 25 08 13 0B 43 06 10 06 00 00 0C 11 01 03 08 ; .%...C..........
00000120h: 25 08 13 0B 43 06 00 00 0D 26 00 49 16 00 00 0E ; %...C....&.I....
00000130h: 04 01 01 15 03 08 0B 0B 00 00 0F 04 01 01 15 0B ; ................
00000140h: 0B 00 00 10 28 00 03 08 1C 0F 00 00 11 28 00 03 ; ....(........(..
00000150h: 08 1C 0D 00 00 12 0B 01 01 15 11 01 12 01 00 00 ; ................
00000160h: 13 0B 00 11 01 12 01 00 00 14 0B 01 01 15 00 00 ; ................
00000170h: 15 0B 00 00 00 16 0D 00 03 08 49 16 38 09 00 00 ; ..........I.8...
00000180h: 17 0D 00 03 08 49 16 38 09 0B 0B 0D 0B 0C 0B 00 ; .....I.8........
00000190h: 00 18 0F 00 49 16 00 00 19 05 00 49 16 03 08 00 ; ....I......I....
000001a0h: 00 1A 05 00 49 16 00 00 1B 10 00 49 16 00 00 1C ; ....I......I....
000001b0h: 13 01 01 15 03 08 0B 0F 00 00 1D 13 01 01 15 0B ; ................
000001c0h: 0F 00 00 1E 13 01 01 15 03 08 00 00 1F 13 01 00 ; ................
000001d0h: 00 20 13 00 03 08 00 00 21 13 00 00 00 22 13 00 ; . ......!...."..
000001e0h: 03 08 00 00 23 2E 01 01 15 3A 0F 3B 0F 39 0F 03 ; ....#....:.;.9..
000001f0h: 08 3F 0C 49 16 11 01 12 01 00 00 24 2E 01 01 15 ; .?.I.......$....
00000200h: 3A 0F 3B 0F 39 0F 03 08 3F 0C 11 01 12 01 00 00 ; :.;.9...?.......
00000210h: 25 2E 01 01 15 3A 0F 3B 0F 39 0F 47 16 11 01 12 ; %....:.;.9.G....
00000220h: 01 00 00 26 2E 01 01 15 3A 0F 3B 0F 39 0F 03 08 ; ...&....:.;.9...
00000230h: 3F 0C 49 16 20 0F 00 00 27 2E 01 01 15 3A 0F 3B ; ?.I. ...'....:.;
00000240h: 0F 39 0F 03 08 3F 0C 20 0F 00 00 28 2E 01 01 15 ; .9...?. ...(....
00000250h: 3A 0F 3B 0F 39 0F 47 16 20 0F 00 00 29 2E 01 01 ; :.;.9.G. ...)...
00000260h: 15 3A 0F 3B 0F 39 0F 03 08 3F 0C 49 16 00 00 2A ; .:.;.9...?.I...*
00000270h: 2E 01 01 15 3A 0F 3B 0F 39 0F 03 08 3F 0C 00 00 ; ....:.;.9...?...
00000280h: 2B 2E 01 01 15 3A 0F 3B 0F 39 0F 47 16 00 00 2C ; +....:.;.9.G...,
00000290h: 2E 01 01 15 3A 0F 3B 0F 39 0F 03 08 3F 0C 49 16 ; ....:.;.9...?.I.
000002a0h: 11 01 12 01 40 06 00 00 2D 2E 01 01 15 3A 0F 3B ; ....@...-....:.;
000002b0h: 0F 39 0F 03 08 3F 0C 11 01 12 01 40 06 00 00 2E ; .9...?.....@....
评论0