在Linux上动态链接到libc时调用`atexit`

Question

如果我有用C编写的以下程序(在Debian 8.7上使用GCC编译),我可以atexit()按照您的预期调用:

#include <stdlib.h>

void exit_handler(void) {
    return;
}

int main () {
    atexit(exit_handler);
    return 0;
}

当我编译并运行它时:

$ gcc test.c
$ ./a.out

输出什么都没有,就像你期望的那样.事实上,当我跑步时ldd,我得到:

$ ldd a.out
    linux-vdso.so.1 (0x00007fffbe592000)
    libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007fe07d3a8000)
    /lib64/ld-linux-x86-64.so.2 (0x00007fe07d753000)

但是,libc似乎没有任何符号atexit,amd只有__cxa_atexit和__cxa_threaded_atexit_impl:

$ nm --dynamic /lib/x86_64-linux-gnu/libc.so.6 | grep 'atexit'
0000000000037d90 T __cxa_atexit
0000000000037fa0 T __cxa_thread_atexit_impl

正如您所期望的那样,如果我尝试libc动态链接,我实际上无法调用atexit(),例如在下面的Racket程序中链接libc并尝试查找atexit:

#lang racket

(require ffi/unsafe)

(get-ffi-obj 'atexit (ffi-lib "libc" '("6")) (_fun (_fun -> _void) -> _int))

给出输出:

$ racket findatexit.rkt
ffi-obj: couldn't get "atexit" from "libc.so.6" (/lib/x86_64-linux-gnu/libc.so.6: undefined symbol: atexit)

我想知道的是:

1. 如果在Linux libc上没有任何符号atexit,为什么我仍然可以从C程序中调用它？
2. 有什么方法可以atexit在Linux上动态调用或类似的功能吗？

(我应该注意,atexit它似乎确实是OS X上的一个符号,所以它只是Linux在这里看起来很不寻常.)

编辑:

在@Jonathan的建议下,我也跑了:

$ gcc -c test.c
$ nm test.o
                 U atexit
0000000000000000 T exit_handler
0000000000000007 T main

这似乎表明atexit符号存在于某处,但它并没有出现在任何库ldd中.

Answer 1

我在Centos 7虚拟机上做了一些探测,我想我找到了它 - 但它不是显而易见的!

找到了!

在/usr/lib64/libc_nonshared.a:

$ nm /usr/lib64/libc_nonshared.a | grep -i atexit
atexit.oS:
0000000000000000 T atexit
                 U __cxa_atexit
$

为什么要看那个图书馆？好问题 - 长话题.你坐得舒服吗？然后我会开始......

到达那里的步骤

1. 使用问题中的test.c代码.

2. 编译它gcc -v test.c:

   $ gcc -v test.c
   Using built-in specs.
   COLLECT_GCC=gcc
   COLLECT_LTO_WRAPPER=/usr/libexec/gcc/x86_64-redhat-linux/4.8.5/lto-wrapper
   Target: x86_64-redhat-linux
   Configured with: ../configure --prefix=/usr --mandir=/usr/share/man --infodir=/usr/share/info --with-bugurl=http://bugzilla.redhat.com/bugzilla --enable-bootstrap --enable-shared --enable-threads=posix --enable-checking=release --with-system-zlib --enable-__cxa_atexit --disable-libunwind-exceptions --enable-gnu-unique-object --enable-linker-build-id --with-linker-hash-style=gnu --enable-languages=c,c++,objc,obj-c++,java,fortran,ada,go,lto --enable-plugin --enable-initfini-array --disable-libgcj --with-isl=/builddir/build/BUILD/gcc-4.8.5-20150702/obj-x86_64-redhat-linux/isl-install --with-cloog=/builddir/build/BUILD/gcc-4.8.5-20150702/obj-x86_64-redhat-linux/cloog-install --enable-gnu-indirect-function --with-tune=generic --with-arch_32=x86-64 --build=x86_64-redhat-linux
   Thread model: posix
   gcc version 4.8.5 20150623 (Red Hat 4.8.5-11) (GCC) 
   COLLECT_GCC_OPTIONS='-v' '-mtune=generic' '-march=x86-64'
    /usr/libexec/gcc/x86_64-redhat-linux/4.8.5/cc1 -quiet -v test.c -quiet -dumpbase test.c -mtune=generic -march=x86-64 -auxbase test -version -o /tmp/ccPHTer7.s
   GNU C (GCC) version 4.8.5 20150623 (Red Hat 4.8.5-11) (x86_64-redhat-linux)
       compiled by GNU C version 4.8.5 20150623 (Red Hat 4.8.5-11), GMP version 6.0.0, MPFR version 3.1.1, MPC version 1.0.1
   GGC heuristics: --param ggc-min-expand=96 --param ggc-min-heapsize=124992
   ignoring nonexistent directory "/usr/lib/gcc/x86_64-redhat-linux/4.8.5/include-fixed"
   ignoring nonexistent directory "/usr/lib/gcc/x86_64-redhat-linux/4.8.5/../../../../x86_64-redhat-linux/include"
   #include "..." search starts here:
   #include <...> search starts here:
    /usr/lib/gcc/x86_64-redhat-linux/4.8.5/include
    /usr/local/include
    /usr/include
   End of search list.
   GNU C (GCC) version 4.8.5 20150623 (Red Hat 4.8.5-11) (x86_64-redhat-linux)
       compiled by GNU C version 4.8.5 20150623 (Red Hat 4.8.5-11), GMP version 6.0.0, MPFR version 3.1.1, MPC version 1.0.1
   GGC heuristics: --param ggc-min-expand=96 --param ggc-min-heapsize=124992
   Compiler executable checksum: 356f86e67978d665416e07d560c8ba0d
   COLLECT_GCC_OPTIONS='-v' '-mtune=generic' '-march=x86-64'
    as -v --64 -o /tmp/cc5WHEA4.o /tmp/ccPHTer7.s
   GNU assembler version 2.25.1 (x86_64-redhat-linux) using BFD version version 2.25.1-22.base.el7 
   COMPILER_PATH=/usr/libexec/gcc/x86_64-redhat-linux/4.8.5/:/usr/libexec/gcc/x86_64-redhat-linux/4.8.5/:/usr/libexec/gcc/x86_64-redhat-linux/:/usr/lib/gcc/x86_64-redhat-linux/4.8.5/:/usr/lib/gcc/x86_64-redhat-linux/
   LIBRARY_PATH=/usr/lib/gcc/x86_64-redhat-linux/4.8.5/:/usr/lib/gcc/x86_64-redhat-linux/4.8.5/../../../../lib64/:/lib/../lib64/:/usr/lib/../lib64/:/usr/lib/gcc/x86_64-redhat-linux/4.8.5/../../../:/lib/:/usr/lib/
   COLLECT_GCC_OPTIONS='-v' '-mtune=generic' '-march=x86-64'
    /usr/libexec/gcc/x86_64-redhat-linux/4.8.5/collect2 --build-id --no-add-needed --eh-frame-hdr --hash-style=gnu -m elf_x86_64 -dynamic-linker /lib64/ld-linux-x86-64.so.2 /usr/lib/gcc/x86_64-redhat-linux/4.8.5/../../../../lib64/crt1.o /usr/lib/gcc/x86_64-redhat-linux/4.8.5/../../../../lib64/crti.o /usr/lib/gcc/x86_64-redhat-linux/4.8.5/crtbegin.o -L/usr/lib/gcc/x86_64-redhat-linux/4.8.5 -L/usr/lib/gcc/x86_64-redhat-linux/4.8.5/../../../../lib64 -L/lib/../lib64 -L/usr/lib/../lib64 -L/usr/lib/gcc/x86_64-redhat-linux/4.8.5/../../.. /tmp/cc5WHEA4.o -lgcc --as-needed -lgcc_s --no-as-needed -lc -lgcc --as-needed -lgcc_s --no-as-needed /usr/lib/gcc/x86_64-redhat-linux/4.8.5/crtend.o /usr/lib/gcc/x86_64-redhat-linux/4.8.5/../../../../lib64/crtn.o
   $
   

3. 有趣的是最后的collect2命令行.每行写一个参数,即:

   /usr/libexec/gcc/x86_64-redhat-linux/4.8.5/collect2
   --build-id
   --no-add-needed
   --eh-frame-hdr
   --hash-style=gnu
   -m
   elf_x86_64
   -dynamic-linker
   /lib64/ld-linux-x86-64.so.2
   /usr/lib/gcc/x86_64-redhat-linux/4.8.5/../../../../lib64/crt1.o
   /usr/lib/gcc/x86_64-redhat-linux/4.8.5/../../../../lib64/crti.o
   /usr/lib/gcc/x86_64-redhat-linux/4.8.5/crtbegin.o
   -L/usr/lib/gcc/x86_64-redhat-linux/4.8.5
   -L/usr/lib/gcc/x86_64-redhat-linux/4.8.5/../../../../lib64
   -L/lib/../lib64
   -L/usr/lib/../lib64
   -L/usr/lib/gcc/x86_64-redhat-linux/4.8.5/../../..
   /tmp/cc5WHEA4.o
   -lgcc
   --as-needed
   -lgcc_s
   --no-as-needed
   -lc
   -lgcc
   --as-needed
   -lgcc_s
   --no-as-needed
   /usr/lib/gcc/x86_64-redhat-linux/4.8.5/crtend.o
   /usr/lib/gcc/x86_64-redhat-linux/4.8.5/../../../../lib64/crtn.o
   

4. 因此,有一堆的cr*.o文件,再加上三个库:-lc,-lgcc并-lgcc_s寻找和一堆目录看在: -L/usr/lib/gcc/x86_64-redhat-linux/4.8.5,-L/usr/lib/gcc/x86_64-redhat-linux/4.8.5/../../../../lib64,-L/lib/../lib64,-L/usr/lib/../lib64,-L/usr/lib/gcc/x86_64-redhat-linux/4.8.5/../../...这/tmp/cc5WHEA4.o是从中创建的目标文件test.c.

5. 将一些清理代码应用于路径名,然后使用ls以帮助查找库会生成要进一步检查的文件列表:

   /lib64/ld-linux-x86-64.so.2
   /usr/lib64/crt1.o
   /usr/lib64/crti.o
   /usr/lib/gcc/x86_64-redhat-linux/4.8.5/crtbegin.o
   /usr/lib/gcc/x86_64-redhat-linux/4.8.5/crtend.o
   /usr/lib64/crtn.o
   /usr/lib/gcc/x86_64-redhat-linux/4.8.5/libgcc.a
   /usr/lib/gcc/x86_64-redhat-linux/4.8.5/libgcc_s.so
   /usr/lib64/libgcc_s.so.1
   /lib64/libgcc_s.so.1
   /usr/lib64/libgcc_s.so.1
   /usr/lib64/libc.so
   /usr/lib64/libc.so.6
   /lib64/libc.so
   /lib64/libc.so.6
   /usr/lib64/libc.so
   /usr/lib64/libc.so.6
   

6. 该文件列表保存在一个文件yy(缺乏想象力的名称)中,然后用于:

   $ nm -o $(<yy) | tee nm.log | grep -i atexit
   nm: _trampoline.o: no symbols
   nm: __main.o: no symbols
   nm: _ctors.o: no symbols
   nm: /usr/lib/gcc/x86_64-redhat-linux/4.8.5/libgcc_s.so: no symbols
   nm: /usr/lib64/libgcc_s.so.1: no symbols
   nm: /lib64/libgcc_s.so.1: no symbols
   nm: /usr/lib64/libgcc_s.so.1: no symbols
   nm: /usr/lib64/libc.so: File format not recognized
   /usr/lib64/libc.so.6:00000000003bcc00 b added_atexit_handler.9157
   /usr/lib64/libc.so.6:0000000000038c90 T __cxa_atexit
   /usr/lib64/libc.so.6:0000000000038c90 t __cxa_atexit_internal
   /usr/lib64/libc.so.6:00000000003b6838 d __elf_set___libc_atexit_element__IO_cleanup__
   /usr/lib64/libc.so.6:0000000000038c40 t __internal_atexit
   /usr/lib64/libc.so.6:00000000003b6838 d __start___libc_atexit
   /usr/lib64/libc.so.6:00000000003b6840 d __stop___libc_atexit
   nm: /lib64/libc.so: File format not recognized
   /lib64/libc.so.6:00000000003bcc00 b added_atexit_handler.9157
   /lib64/libc.so.6:0000000000038c90 T __cxa_atexit
   /lib64/libc.so.6:0000000000038c90 t __cxa_atexit_internal
   /lib64/libc.so.6:00000000003b6838 d __elf_set___libc_atexit_element__IO_cleanup__
   /lib64/libc.so.6:0000000000038c40 t __internal_atexit
   nm: /usr/lib64/libc.so: File format not recognized
   /lib64/libc.so.6:00000000003b6838 d __start___libc_atexit
   /lib64/libc.so.6:00000000003b6840 d __stop___libc_atexit
   /usr/lib64/libc.so.6:00000000003bcc00 b added_atexit_handler.9157
   /usr/lib64/libc.so.6:0000000000038c90 T __cxa_atexit
   /usr/lib64/libc.so.6:0000000000038c90 t __cxa_atexit_internal
   /usr/lib64/libc.so.6:00000000003b6838 d __elf_set___libc_atexit_element__IO_cleanup__
   /usr/lib64/libc.so.6:0000000000038c40 t __internal_atexit
   /usr/lib64/libc.so.6:00000000003b6838 d __start___libc_atexit
   /usr/lib64/libc.so.6:00000000003b6840 d __stop___libc_atexit
   $
   

7. 那里没有明显的atexit功能证据.隐藏在哪里,以及那些"文件格式无法识别"的消息是什么？

   $ file /usr/lib64/libc.so
   /usr/lib64/libc.so: ASCII text
   $
   

8. ASCII文字？什么？

   $ cat /usr/lib64/libc.so
   /* GNU ld script
      Use the shared library, but some functions are only in
      the static library, so try that secondarily.  */
   OUTPUT_FORMAT(elf64-x86-64)
   GROUP ( /lib64/libc.so.6 /usr/lib64/libc_nonshared.a  AS_NEEDED ( /lib64/ld-linux-x86-64.so.2 ) )
   $
   

9. 好; 什么在/usr/lib64/libc_nonshared.a？

   $  nm /usr/lib64/libc_nonshared.a | grep -i atexit
   atexit.oS:
   0000000000000000 T atexit
                    U __cxa_atexit
   $
   

   答对了!找到了!

因此,似乎collect2GCC使用的链接器能够加载未在命令行中列出的文件,并且其中一个文件是/usr/lib64/libc_nonshared.a,并且该库中包含atexit()该文件.因此,你应该可以调用atexit()它,因为它静态地链接到可执行文件中...除非在这里隐藏了一些我没有怀疑过的黑魔法.