0

In my code I tried to print the address of printf() function. 

22834:   ./a.out
00250000   1372K r-x--  /lib/libc-2.12.1.so
003a7000      8K r----  /lib/libc-2.12.1.so
003a9000      4K rw---  /lib/libc-2.12.1.so
003aa000     12K rw---    [ anon ]
00a14000    112K r-x--  /lib/ld-2.12.1.so
00a30000      4K r----  /lib/ld-2.12.1.so
00a31000      4K rw---  /lib/ld-2.12.1.so
00fb9000      4K r-x--    [ anon ]
08048000      4K r-x--  /home/anirudh/Documents/DUMP/a.out
08049000      4K r----  /home/anirudh/Documents/DUMP/a.out
0804a000      4K rw---  /home/anirudh/Documents/DUMP/a.out
08068000    132K rw---    [ anon ]
b7898000      4K rw---    [ anon ]
b78ac000      8K rw---    [ anon ]
bfc9a000    132K rw---    [ stack ]
 total     1808K

Address of the function "printf()" in HEX = 8048408

I was expecting its address to be a part of

00250000 1372K r-x-- /lib/libc-2.12.1.so rather than as shown that its code is in this section 08048000 4K r-x-- /home/anirudh/Documents/DUMP/a.out i.e code segment of my code.

I even tried printing the address of a few more functions like getpid() and scanf() but they were all shown to be part of my program's code segment rather than the libc-2.12.1.so

What is the reason for this ?. Thanks in advance.

Durin
  • 2,070
  • 5
  • 23
  • 37

2 Answers2

1

Look at the code that is at the printf address; it is probably just an indirect jump or call that calls into libc. Typically, calls to shared libraries are turned into references to a dispatch function that is patched with (or looks up) the actual address where printf was loaded. If you run readelf -a on your executable and look for the address where you found printf, it will probably be marked as a relocation to be pointed to the actual address in libc.

Jeremiah Willcock
  • 30,161
  • 7
  • 76
  • 78
  • okay!!! u mean since the libc-2.12.1.so is dynamically linked so at compile time a relocatable address for printf() was present and that is printed here. – Durin Mar 10 '11 at 17:38
  • @Anirudh: Yes; `libc` can be loaded at different addresses when you run your program different times, and so the code needs to handle that using indirection. – Jeremiah Willcock Mar 10 '11 at 17:44
0

Not sure, but it can be that you are printing the chunk that does the actual printf call?

Like, when you call a symbol that has to be resolved at dynamic link time there has to be some code there, like a trampoline or something like that, so when you call it the resolution happens and the actual library call gets called.

Arkaitz Jimenez
  • 22,500
  • 11
  • 75
  • 105