in intel x86 instruction set, "jmp $" means jump to this instruction location, thus falling into an infinite loop.

https://defuse.ca/online-x86-assembler.htm#disassembly

the instruction is "0xfeeb".

Based on this instruction, we can create possibly the shortest C program that can compile and run successfully on x86 platform.

main=0xfeeb;

1, the variable main has no type here, and will be defaulted to integer (int). this reminds us of the good old K&R days. This is still allowed by latest C standards (i.e. C99). therefore it's actually

int main=0xfeeb;

2, the variable main is a global variable, therefore the symbol "main" will be exported in this compilation unit. for example, if the file is named "shortest_c_program.c" and we execute the following commands:

$ gcc -std=c99 shortest_c_program.c -c
shortest_c_program.c::: warning: data definition has no type or storage class [enabled by default]
shortest_c_program.c::: warning: type defaults to ‘int’ in declaration of ‘main’ [enabled by default] $ objdump --syms shortest_c_program.o shortest_c_program.o: file format pe-i386 SYMBOL TABLE:
[ ](sec -)(fl 0x00)(ty )(scl ) (nx ) 0x00000000 shortest_c_program.c
File
[ ](sec )(fl 0x00)(ty )(scl ) (nx ) 0x00000000 .text
AUX scnlen 0x0 nreloc nlnno
[ ](sec )(fl 0x00)(ty )(scl ) (nx ) 0x00000000 .data
AUX scnlen 0x4 nreloc nlnno
[ ](sec )(fl 0x00)(ty )(scl ) (nx ) 0x00000000 .bss
AUX scnlen 0x0 nreloc nlnno
[ ](sec )(fl 0x00)(ty )(scl ) (nx ) 0x00000000 _main

it's confirmed that the symbol "_main" is exported.

3, when this object file is linked against the compiler attached crt stub (part of the library e.g. glibc), by default the entry point is the symbol "_start". the symbol "_start" points to some code that will call a symbol "_main". typically the symbol _main points to the main function which is the compiled version of C main function. In this case, main actually points to a location where the value of the main variable is stored.

http://ftp.gnu.org/pub/old-gnu/Manuals/ld-2.9.1/html_node/ld_24.html

4, when _start calls _main, the cpu actually takes 0xfeeb as an instruction which is "jmp $" on x86, therefore it executes the instruction again and again.

another point, what's the shortest legitimate C program? i.e. which can compile successfully (but might not run successfully)

Answer:

main;

because main is a global variable, it's initialised to 0, therefore the program will crash on segfault (null pointer dereference).

jmp $的更多相关文章

  1. 汇编指令mov、add、sub、jmp

    mov:寄存器,数据 mov:寄存器,寄存器 mov:寄存器,内存单元 mov:段寄存器,内存单元 mov:内存单元,寄存器 mov:内存单元,段寄存器 mov:段寄存器,寄存器 mov:寄存器,段寄 ...

  2. jmp使用

    jps -l jmap 36429 jmap -heap 36429 jmap -histo:live 36429 jmap -clstats 36429 jmap  -finalizerinfo 3 ...

  3. Hack Programming

    计算机由ROM(instruction memory).RAM(data memory).CPU组成,其关系如下图 在计算中存在3种寄存器:D.A.M.其中D是data register,A是addr ...

随机推荐

  1. android -volley-请求数据

    private List<gson.DataBean>arrGson;//请求的数据 //请求数据的方法 public void initData() { RequestQueue mQu ...

  2. C#多线程学习(六) 互斥对象

    如何控制好多个线程相互之间的联系,不产生冲突和重复,这需要用到互斥对象,即:System.Threading 命名空间中的 Mutex 类. 我们可以把Mutex看作一个出租车,乘客看作线程.乘客首先 ...

  3. 九度OJ 1005:Graduate Admission (排序)

    时间限制:1 秒 内存限制:32 兆 特殊判题:否 提交:5646 解决:1632 题目描述: It is said that in 2011, there are about 100 graduat ...

  4. 一起来学linux:ACL

    传统的 权限设置只有user,group,other三种,并没有办法针对某一个用户或者某一个组来设定权限.ACL就是用于这个目的的 那 ACL 主要可以针对哪些方面来控制权限呢?他主要可以针对几个项目 ...

  5. Java语言基础(回头复习)

    /* 使用变量的时候要注意的问题: A:作用域 变量定义在哪个大括号内,它就在这个大括号内有效. 并且,在同一个大括号内不能同时定义同名的变量. B:初始化值 没有初始化值的变量不能直接使用. 你只要 ...

  6. .idea文件夹是干嘛的

    question python为什么每次创建的文件目录下都含有.idea/文件夹,该文件夹又是用来干嘛的 answer 当使用pycharm作为IDE时,会自动生成.idea/文件夹来存放项目的配置信 ...

  7. socketserver源码解读

       在看源码之前我们先来看看有关继承的知识(看源码就是在找继承关系----个人理解) 继承 : 我们先看上面的代码,这是一个简单的类继承,我们可以看到父类Base和子类Son,它们中各有一个Test ...

  8. AppStore App申请审核加速

    容芳志大牛一直是我学习的榜样 分类: iOS开发经验技巧2014-11-12 09:40 409人阅读 评论(0) 收藏 举报 有没有遇到上线后发现很严重的bug这种情况,修复bug后提交审核又是漫长 ...

  9. jzyz集训 0611

    今天jjh和mzx搞的互测题目有必要记录一下. T1:序列上可以放012三种颜色,有m个限制表示[l,r]区间的颜色数目必须是c,求方案数. 显然的DP,但关键是状态怎么设置,连续设置了n个状态都被自 ...

  10. android 内存泄漏问题【转】

    本文转载自:http://www.voidcn.com/article/p-hbnuyfwz-ee.html 内存泄露问题在一些压力测试的场景很容易暴露,例如一些常用应用场景反复操作(eg:反复切换前 ...