文章目录
前言
这篇文章介绍了Linux .eh_frame section:Linux .eh_frame section以及libunwind
程序在编译期间通过插入 cfi 指令的方式记录,cfi 指令最终会生成可执行 elf 文件中的 .eh_frame 段。
cfi 指令示例:
每当发生栈变量分配和回收时,编译器生成一条 cfi 指令更新如何从栈顶找到栈基址的信息。
每当寄存器压栈时,编译器生成一条 cfi 指令更新如何从栈基址恢复寄存器内容的信息。
.eh_frame段中存储着跟函数入栈相关的关键数据。
当函数执行入栈指令后,在该段会保存跟入栈指令一一对应的编码数据,无论是否有-g选项,gcc默认都会生成.eh_frame和.eh_frame_hdr section。
接下来我们通过 readelf 和 objdump 工具来观察.eh_frame section的内容
一、readelf .eh_frame section
#include <stdio.h>
int add(int a, int b)
{
return a + b ;
}
int main()
{
int a = 1, b = 2;
int c = add(a, b);
printf("c = %d\n", c);
return c;
}
# readelf -S a.out
共有 30 个节头,从偏移量 0x1968 开始:
节头:
[号] 名称 类型 地址 偏移量
大小 全体大小 旗标 链接 信息 对齐
......
[16] .eh_frame_hdr PROGBITS 0000000000400628 00000628
000000000000003c 0000000000000000 A 0 0 4
[17] .eh_frame PROGBITS 0000000000400668 00000668
0000000000000114 0000000000000000 A 0 0 8
......
Key to Flags:
W (write), A (alloc),
NAME
readelf - Displays information about ELF files.
SYNOPSIS
[-x <number or name>|--hex-dump=<number or name>]
[-w[fF]|--debug-dump[=frames,=frames-interp]
1.1 readelf --hex-dump
查看 .eh_frame 节的十六进制数据:
# readelf --hex-dump=16 a.out
“.eh_frame_hdr”节的十六进制输出:
0x00400628 011b033b 3c000000 06000000 d8fdffff ...;<...........
0x00400638 88000000 18feffff 58000000 05ffffff ........X.......
0x00400648 b0000000 19ffffff d0000000 68ffffff ............h...
0x00400658 f0000000 d8ffffff 38010000 ........8...
]# readelf --hex-dump=17 a.out
“.eh_frame”节的十六进制输出:
0x00400668 14000000 00000000 017a5200 01781001 .........zR..x..
0x00400678 1b0c0708 90010710 14000000 1c000000 ................
0x00400688 b8fdffff 2a000000 00000000 00000000 ....*...........
0x00400698 14000000 00000000 017a5200 01781001 .........zR..x..
0x004006a8 1b0c0708 90010000 24000000 1c000000 ........$.......
0x004006b8 48fdffff 40000000 000e1046 0e184a0f H...@......F..J.
0x004006c8 0b770880 003f1a3b 2a332422 00000000 .w...?.;*3$"....
0x004006d8 1c000000 44000000 4dfeffff 14000000 ....D...M.......
0x004006e8 00410e10 8602430d 064f0c07 08000000 .A....C..O......
0x004006f8 1c000000 64000000 41feffff 41000000 ....d...A...A...
0x00400708 00410e10 8602430d 067c0c07 08000000 .A....C..|......
0x00400718 44000000 84000000 70feffff 65000000 D.......p...e...
0x00400728 00420e10 8f02450e 188e0345 0e208d04 .B....E....E. ..
0x00400738 450e288c 05480e30 8606480e 3883074d E.(..H.0..H.8..M
0x00400748 0e406c0e 38410e30 410e2842 0e20420e .@l.8A.0A.(B. B.
0x00400758 18420e10 420e0800 14000000 cc000000 .B..B...........
0x00400768 98feffff 02000000 00000000 00000000 ................
0x00400778 00000000 ....
1.2 readelf --debug-dump=frames
查看 .eh_frame 节的原始数据:
# readelf --debug-dump=frames a.out
Contents of the .eh_frame section:
00000000 0000000000000014 00000000 CIE
Version: 1
Augmentation: "zR"
Code alignment factor: 1
Data alignment factor: -8
Return address column: 16
Augmentation data: 1b
DW_CFA_def_cfa: r7 (rsp) ofs 8
DW_CFA_offset: r16 (rip) at cfa-8
DW_CFA_undefined: r16 (rip)
00000018 0000000000000014 0000001c FDE cie=00000000 pc=0000000000400440..000000000040046a
DW_CFA_nop
DW_CFA_nop
DW_CFA_nop
DW_CFA_nop
DW_CFA_nop
DW_CFA_nop
DW_CFA_nop
00000030 0000000000000014 00000000 CIE
Version: 1
Augmentation: "zR"
Code alignment factor: 1
Data alignment factor: -8
Return address column: 16
Augmentation data: 1b
DW_CFA_def_cfa: r7 (rsp) ofs 8
DW_CFA_offset: r16 (rip) at cfa-8
DW_CFA_nop
DW_CFA_nop
00000048 0000000000000024 0000001c FDE cie=00000030 pc=0000000000400400..0000000000400440
DW_CFA_def_cfa_offset: 16
DW_CFA_advance_loc: 6 to 0000000000400406
DW_CFA_def_cfa_offset: 24
DW_CFA_advance_loc: 10 to 0000000000400410
DW_CFA_def_cfa_expression (DW_OP_breg7 (rsp): 8; DW_OP_breg16 (rip): 0; DW_OP_lit15; DW_OP_and; DW_OP_lit11; DW_OP_ge; DW_OP_lit3; DW_OP_shl; DW_OP_plus)
DW_CFA_nop
DW_CFA_nop
DW_CFA_nop
DW_CFA_nop
00000070 000000000000001c 00000044 FDE cie=00000030 pc=000000000040052d..0000000000400541
DW_CFA_advance_loc: 1 to 000000000040052e
DW_CFA_def_cfa_offset: 16
DW_CFA_offset: r6 (rbp) at cfa-16
DW_CFA_advance_loc: 3 to 0000000000400531
DW_CFA_def_cfa_register: r6 (rbp)
DW_CFA_advance_loc: 15 to 0000000000400540
DW_CFA_def_cfa: r7 (rsp) ofs 8
DW_CFA_nop
DW_CFA_nop
DW_CFA_nop
00000090 000000000000001c 00000064 FDE cie=00000030 pc=0000000000400541..0000000000400582
DW_CFA_advance_loc: 1 to 0000000000400542
DW_CFA_def_cfa_offset: 16
DW_CFA_offset: r6 (rbp) at cfa-16
DW_CFA_advance_loc: 3 to 0000000000400545
DW_CFA_def_cfa_register: r6 (rbp)
DW_CFA_advance_loc: 60 to 0000000000400581
DW_CFA_def_cfa: r7 (rsp) ofs 8
DW_CFA_nop
DW_CFA_nop
DW_CFA_nop
000000b0 0000000000000044 00000084 FDE cie=00000030 pc=0000000000400590..00000000004005f5
DW_CFA_advance_loc: 2 to 0000000000400592
DW_CFA_def_cfa_offset: 16
DW_CFA_offset: r15 (r15) at cfa-16
DW_CFA_advance_loc: 5 to 0000000000400597
DW_CFA_def_cfa_offset: 24
DW_CFA_offset: r14 (r14) at cfa-24
DW_CFA_advance_loc: 5 to 000000000040059c
DW_CFA_def_cfa_offset: 32
DW_CFA_offset: r13 (r13) at cfa-32
DW_CFA_advance_loc: 5 to 00000000004005a1
DW_CFA_def_cfa_offset: 40
DW_CFA_offset: r12 (r12) at cfa-40
DW_CFA_advance_loc: 8 to 00000000004005a9
DW_CFA_def_cfa_offset: 48
DW_CFA_offset: r6 (rbp) at cfa-48
DW_CFA_advance_loc: 8 to 00000000004005b1
DW_CFA_def_cfa_offset: 56
DW_CFA_offset: r3 (rbx) at cfa-56
DW_CFA_advance_loc: 13 to 00000000004005be
DW_CFA_def_cfa_offset: 64
DW_CFA_advance_loc: 44 to 00000000004005ea
DW_CFA_def_cfa_offset: 56
DW_CFA_advance_loc: 1 to 00000000004005eb
DW_CFA_def_cfa_offset: 48
DW_CFA_advance_loc: 1 to 00000000004005ec
DW_CFA_def_cfa_offset: 40
DW_CFA_advance_loc: 2 to 00000000004005ee
DW_CFA_def_cfa_offset: 32
DW_CFA_advance_loc: 2 to 00000000004005f0
DW_CFA_def_cfa_offset: 24
DW_CFA_advance_loc: 2 to 00000000004005f2
DW_CFA_def_cfa_offset: 16
DW_CFA_advance_loc: 2 to 00000000004005f4
DW_CFA_def_cfa_offset: 8
DW_CFA_nop
000000f8 0000000000000014 000000cc FDE cie=00000030 pc=0000000000400600..0000000000400602
DW_CFA_nop
DW_CFA_nop
DW_CFA_nop
DW_CFA_nop
DW_CFA_nop
DW_CFA_nop
DW_CFA_nop
00000110 ZERO terminator
这些信息就是.eh_frame的原始格式,是GAS(GCC Assembler)汇编编译器搜集汇编代码中所有的CFI伪指令汇总而成。
DW_CFA_*开头的这些指令,这些指令的具体含义可以查看DWARF4:6.4.2 Call Frame Instructions 相关解释。
1.3 readelf --debug-dump=frames-inter
查看 .eh_frame 节的解释后的数据:
# readelf --debug-dump=frames-interp a.out
Contents of the .eh_frame section:
00000000 0000000000000014 00000000 CIE "zR" cf=1 df=-8 ra=16
LOC CFA ra
0000000000000000 rsp+8 u
00000018 0000000000000014 0000001c FDE cie=00000000 pc=0000000000400440..000000000040046a
00000030 0000000000000014 00000000 CIE "zR" cf=1 df=-8 ra=16
LOC CFA ra
0000000000000000 rsp+8 c-8
00000048 0000000000000024 0000001c FDE cie=00000030 pc=0000000000400400..0000000000400440
LOC CFA ra
0000000000400400 rsp+16 c-8
0000000000400406 rsp+24 c-8
0000000000400410 exp c-8
00000070 000000000000001c 00000044 FDE cie=00000030 pc=000000000040052d..0000000000400541
LOC CFA rbp ra
000000000040052d rsp+8 u c-8
000000000040052e rsp+16 c-16 c-8
0000000000400531 rbp+16 c-16 c-8
0000000000400540 rsp+8 c-16 c-8
00000090 000000000000001c 00000064 FDE cie=00000030 pc=0000000000400541..0000000000400582
LOC CFA rbp ra
0000000000400541 rsp+8 u c-8
0000000000400542 rsp+16 c-16 c-8
0000000000400545 rbp+16 c-16 c-8
0000000000400581 rsp+8 c-16 c-8
000000b0 0000000000000044 00000084 FDE cie=00000030 pc=0000000000400590..00000000004005f5
LOC CFA rbx rbp r12 r13 r14 r15 ra
0000000000400590 rsp+8 u u u u u u c-8
0000000000400592 rsp+16 u u u u u c-16 c-8
0000000000400597 rsp+24 u u u u c-24 c-16 c-8
000000000040059c rsp+32 u u u c-32 c-24 c-16 c-8
00000000004005a1 rsp+40 u u c-40 c-32 c-24 c-16 c-8
00000000004005a9 rsp+48 u c-48 c-40 c-32 c-24 c-16 c-8
00000000004005b1 rsp+56 c-56 c-48 c-40 c-32 c-24 c-16 c-8
00000000004005be rsp+64 c-56 c-48 c-40 c-32 c-24 c-16 c-8
00000000004005ea rsp+56 c-56 c-48 c-40 c-32 c-24 c-16 c-8
00000000004005eb rsp+48 c-56 c-48 c-40 c-32 c-24 c-16 c-8
00000000004005ec rsp+40 c-56 c-48 c-40 c-32 c-24 c-16 c-8
00000000004005ee rsp+32 c-56 c-48 c-40 c-32 c-24 c-16 c-8
00000000004005f0 rsp+24 c-56 c-48 c-40 c-32 c-24 c-16 c-8
00000000004005f2 rsp+16 c-56 c-48 c-40 c-32 c-24 c-16 c-8
00000000004005f4 rsp+8 c-56 c-48 c-40 c-32 c-24 c-16 c-8
000000f8 0000000000000014 000000cc FDE cie=00000030 pc=0000000000400600..0000000000400602
00000110 ZERO terminator
可以看到.eh_frame总体架构就是由CIE和FDE组成的。其中最核心的就是FDE的组织。
CFA (Canonical Frame Address, which is the address of %rsp in the caller frame),CFA就是上一级调用者的堆栈指针。
二、objdump .eh_frame section
NAME
objdump - display information from object files.
SYNOPSIS
[-h|--section-headers|--headers]
[-s|--full-contents]
[-W[fF]|--dwarf[=frames,=frames-interp]
# objdump -h a.out
a.out: 文件格式 elf64-x86-64
节:
Idx Name Size VMA LMA File off Algn
......
15 .eh_frame_hdr 0000003c 0000000000400628 0000000000400628 00000628 2**2
CONTENTS, ALLOC, LOAD, READONLY, DATA
16 .eh_frame 00000114 0000000000400668 0000000000400668 00000668 2**3
CONTENTS, ALLOC, LOAD, READONLY, DATA
......
2.1 objdump -s
# objdump -s a.out | grep .eh_frame
Contents of section .eh_frame_hdr:
Contents of section .eh_frame:
# objdump -s --section=.eh_frame a.out
a.out: 文件格式 elf64-x86-64
Contents of section .eh_frame:
400668 14000000 00000000 017a5200 01781001 .........zR..x..
400678 1b0c0708 90010710 14000000 1c000000 ................
400688 b8fdffff 2a000000 00000000 00000000 ....*...........
400698 14000000 00000000 017a5200 01781001 .........zR..x..
4006a8 1b0c0708 90010000 24000000 1c000000 ........$.......
4006b8 48fdffff 40000000 000e1046 0e184a0f H...@......F..J.
4006c8 0b770880 003f1a3b 2a332422 00000000 .w...?.;*3$"....
4006d8 1c000000 44000000 4dfeffff 14000000 ....D...M.......
4006e8 00410e10 8602430d 064f0c07 08000000 .A....C..O......
4006f8 1c000000 64000000 41feffff 41000000 ....d...A...A...
400708 00410e10 8602430d 067c0c07 08000000 .A....C..|......
400718 44000000 84000000 70feffff 65000000 D.......p...e...
400728 00420e10 8f02450e 188e0345 0e208d04 .B....E....E. ..
400738 450e288c 05480e30 8606480e 3883074d E.(..H.0..H.8..M
400748 0e406c0e 38410e30 410e2842 0e20420e .@l.8A.0A.(B. B.
400758 18420e10 420e0800 14000000 cc000000 .B..B...........
400768 98feffff 02000000 00000000 00000000 ................
400778 00000000
# objdump -s a.out | grep .eh_frame -A 20
Contents of section .eh_frame_hdr:
400628 011b033b 3c000000 06000000 d8fdffff ...;<...........
400638 88000000 18feffff 58000000 05ffffff ........X.......
400648 b0000000 19ffffff d0000000 68ffffff ............h...
400658 f0000000 d8ffffff 38010000 ........8...
Contents of section .eh_frame:
400668 14000000 00000000 017a5200 01781001 .........zR..x..
400678 1b0c0708 90010710 14000000 1c000000 ................
400688 b8fdffff 2a000000 00000000 00000000 ....*...........
400698 14000000 00000000 017a5200 01781001 .........zR..x..
4006a8 1b0c0708 90010000 24000000 1c000000 ........$.......
4006b8 48fdffff 40000000 000e1046 0e184a0f H...@......F..J.
4006c8 0b770880 003f1a3b 2a332422 00000000 .w...?.;*3$"....
4006d8 1c000000 44000000 4dfeffff 14000000 ....D...M.......
4006e8 00410e10 8602430d 064f0c07 08000000 .A....C..O......
4006f8 1c000000 64000000 41feffff 41000000 ....d...A...A...
400708 00410e10 8602430d 067c0c07 08000000 .A....C..|......
400718 44000000 84000000 70feffff 65000000 D.......p...e...
400728 00420e10 8f02450e 188e0345 0e208d04 .B....E....E. ..
400738 450e288c 05480e30 8606480e 3883074d E.(..H.0..H.8..M
400748 0e406c0e 38410e30 410e2842 0e20420e .@l.8A.0A.(B. B.
400758 18420e10 420e0800 14000000 cc000000 .B..B...........
400768 98feffff 02000000 00000000 00000000 ................
400778 00000000 ....
Contents of section .init_array:
600e10 00054000 00000000 ..@.....
2.2 objdump --dwarf=frames
# objdump --dwarf=frames a.out
a.out: 文件格式 elf64-x86-64
Contents of the .eh_frame section:
00000000 0000000000000014 00000000 CIE
Version: 1
Augmentation: "zR"
Code alignment factor: 1
Data alignment factor: -8
Return address column: 16
Augmentation data: 1b
DW_CFA_def_cfa: r7 (rsp) ofs 8
DW_CFA_offset: r16 (rip) at cfa-8
DW_CFA_undefined: r16 (rip)
00000018 0000000000000014 0000001c FDE cie=00000000 pc=0000000000400440..000000000040046a
DW_CFA_nop
DW_CFA_nop
DW_CFA_nop
DW_CFA_nop
DW_CFA_nop
DW_CFA_nop
DW_CFA_nop
00000030 0000000000000014 00000000 CIE
Version: 1
Augmentation: "zR"
Code alignment factor: 1
Data alignment factor: -8
Return address column: 16
Augmentation data: 1b
DW_CFA_def_cfa: r7 (rsp) ofs 8
DW_CFA_offset: r16 (rip) at cfa-8
DW_CFA_nop
DW_CFA_nop
00000048 0000000000000024 0000001c FDE cie=00000030 pc=0000000000400400..0000000000400440
DW_CFA_def_cfa_offset: 16
DW_CFA_advance_loc: 6 to 0000000000400406
DW_CFA_def_cfa_offset: 24
DW_CFA_advance_loc: 10 to 0000000000400410
DW_CFA_def_cfa_expression (DW_OP_breg7 (rsp): 8; DW_OP_breg16 (rip): 0; DW_OP_lit15; DW_OP_and; DW_OP_lit11; DW_OP_ge; DW_OP_lit3; DW_OP_shl; DW_OP_plus)
DW_CFA_nop
DW_CFA_nop
DW_CFA_nop
DW_CFA_nop
00000070 000000000000001c 00000044 FDE cie=00000030 pc=000000000040052d..0000000000400541
DW_CFA_advance_loc: 1 to 000000000040052e
DW_CFA_def_cfa_offset: 16
DW_CFA_offset: r6 (rbp) at cfa-16
DW_CFA_advance_loc: 3 to 0000000000400531
DW_CFA_def_cfa_register: r6 (rbp)
DW_CFA_advance_loc: 15 to 0000000000400540
DW_CFA_def_cfa: r7 (rsp) ofs 8
DW_CFA_nop
DW_CFA_nop
DW_CFA_nop
00000090 000000000000001c 00000064 FDE cie=00000030 pc=0000000000400541..0000000000400582
DW_CFA_advance_loc: 1 to 0000000000400542
DW_CFA_def_cfa_offset: 16
DW_CFA_offset: r6 (rbp) at cfa-16
DW_CFA_advance_loc: 3 to 0000000000400545
DW_CFA_def_cfa_register: r6 (rbp)
DW_CFA_advance_loc: 60 to 0000000000400581
DW_CFA_def_cfa: r7 (rsp) ofs 8
DW_CFA_nop
DW_CFA_nop
DW_CFA_nop
000000b0 0000000000000044 00000084 FDE cie=00000030 pc=0000000000400590..00000000004005f5
DW_CFA_advance_loc: 2 to 0000000000400592
DW_CFA_def_cfa_offset: 16
DW_CFA_offset: r15 (r15) at cfa-16
DW_CFA_advance_loc: 5 to 0000000000400597
DW_CFA_def_cfa_offset: 24
DW_CFA_offset: r14 (r14) at cfa-24
DW_CFA_advance_loc: 5 to 000000000040059c
DW_CFA_def_cfa_offset: 32
DW_CFA_offset: r13 (r13) at cfa-32
DW_CFA_advance_loc: 5 to 00000000004005a1
DW_CFA_def_cfa_offset: 40
DW_CFA_offset: r12 (r12) at cfa-40
DW_CFA_advance_loc: 8 to 00000000004005a9
DW_CFA_def_cfa_offset: 48
DW_CFA_offset: r6 (rbp) at cfa-48
DW_CFA_advance_loc: 8 to 00000000004005b1
DW_CFA_def_cfa_offset: 56
DW_CFA_offset: r3 (rbx) at cfa-56
DW_CFA_advance_loc: 13 to 00000000004005be
DW_CFA_def_cfa_offset: 64
DW_CFA_advance_loc: 44 to 00000000004005ea
DW_CFA_def_cfa_offset: 56
DW_CFA_advance_loc: 1 to 00000000004005eb
DW_CFA_def_cfa_offset: 48
DW_CFA_advance_loc: 1 to 00000000004005ec
DW_CFA_def_cfa_offset: 40
DW_CFA_advance_loc: 2 to 00000000004005ee
DW_CFA_def_cfa_offset: 32
DW_CFA_advance_loc: 2 to 00000000004005f0
DW_CFA_def_cfa_offset: 24
DW_CFA_advance_loc: 2 to 00000000004005f2
DW_CFA_def_cfa_offset: 16
DW_CFA_advance_loc: 2 to 00000000004005f4
DW_CFA_def_cfa_offset: 8
DW_CFA_nop
000000f8 0000000000000014 000000cc FDE cie=00000030 pc=0000000000400600..0000000000400602
DW_CFA_nop
DW_CFA_nop
DW_CFA_nop
DW_CFA_nop
DW_CFA_nop
DW_CFA_nop
DW_CFA_nop
00000110 ZERO terminato
2.3 objdump --dwarf=frames-interp
# objdump --dwarf=frames-interp a.out
a.out: 文件格式 elf64-x86-64
Contents of the .eh_frame section:
00000000 0000000000000014 00000000 CIE "zR" cf=1 df=-8 ra=16
LOC CFA ra
0000000000000000 rsp+8 u
00000018 0000000000000014 0000001c FDE cie=00000000 pc=0000000000400440..000000000040046a
00000030 0000000000000014 00000000 CIE "zR" cf=1 df=-8 ra=16
LOC CFA ra
0000000000000000 rsp+8 c-8
00000048 0000000000000024 0000001c FDE cie=00000030 pc=0000000000400400..0000000000400440
LOC CFA ra
0000000000400400 rsp+16 c-8
0000000000400406 rsp+24 c-8
0000000000400410 exp c-8
00000070 000000000000001c 00000044 FDE cie=00000030 pc=000000000040052d..0000000000400541
LOC CFA rbp ra
000000000040052d rsp+8 u c-8
000000000040052e rsp+16 c-16 c-8
0000000000400531 rbp+16 c-16 c-8
0000000000400540 rsp+8 c-16 c-8
00000090 000000000000001c 00000064 FDE cie=00000030 pc=0000000000400541..0000000000400582
LOC CFA rbp ra
0000000000400541 rsp+8 u c-8
0000000000400542 rsp+16 c-16 c-8
0000000000400545 rbp+16 c-16 c-8
0000000000400581 rsp+8 c-16 c-8
000000b0 0000000000000044 00000084 FDE cie=00000030 pc=0000000000400590..00000000004005f5
LOC CFA rbx rbp r12 r13 r14 r15 ra
0000000000400590 rsp+8 u u u u u u c-8
0000000000400592 rsp+16 u u u u u c-16 c-8
0000000000400597 rsp+24 u u u u c-24 c-16 c-8
000000000040059c rsp+32 u u u c-32 c-24 c-16 c-8
00000000004005a1 rsp+40 u u c-40 c-32 c-24 c-16 c-8
00000000004005a9 rsp+48 u c-48 c-40 c-32 c-24 c-16 c-8
00000000004005b1 rsp+56 c-56 c-48 c-40 c-32 c-24 c-16 c-8
00000000004005be rsp+64 c-56 c-48 c-40 c-32 c-24 c-16 c-8
00000000004005ea rsp+56 c-56 c-48 c-40 c-32 c-24 c-16 c-8
00000000004005eb rsp+48 c-56 c-48 c-40 c-32 c-24 c-16 c-8
00000000004005ec rsp+40 c-56 c-48 c-40 c-32 c-24 c-16 c-8
00000000004005ee rsp+32 c-56 c-48 c-40 c-32 c-24 c-16 c-8
00000000004005f0 rsp+24 c-56 c-48 c-40 c-32 c-24 c-16 c-8
00000000004005f2 rsp+16 c-56 c-48 c-40 c-32 c-24 c-16 c-8
00000000004005f4 rsp+8 c-56 c-48 c-40 c-32 c-24 c-16 c-8
000000f8 0000000000000014 000000cc FDE cie=00000030 pc=0000000000400600..0000000000400602
00000110 ZERO terminator
参考资料
https://blog.csdn.net/pwl999/article/details/107569603
https://cloud.tencent.com/developer/article/1832287
https://mp.weixin.qq.com/s/GNof-dxU7BDdv0OOsa_sFw