Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I am running some benchmarks in Linux, and I am looking for some indication that the program has completed loading and started running. Is it reasonable to expect that main() would always be at the same EIP?
Is the EIP of main() dependent on the language? Is it dependent on the compiler?
Is there any EIP that a program can always be expected to start at?
Nope. In C, the entry point is actually
_start, which comes fromlibc;_startdoes somelibcinitialization, then callsmain.mainis just a regular function. The linker can choose to rearrange it anyway it likes in the process image. Furthermore, with things like relocation tables at the start of the executable, the start of the.textsection might not even be constant. Heck, if you’re writing the program in assembly,mainmight not even exist.A program, however, can always be trusted to start at the entry point address declared in its ELF header (assuming it’s an ELF executable). So, use that.
readelfcan tell you the value.