土曜のRHG読書会ふつぱいら編で、mputさんからlibcは実行できるという話が出た。

手元のLinuxで実行可能ビットが立っているsoを起動すると以下となった。

$ ls -l /lib/*.so|grep rwx -rwxr-xr-x 1 root root 72800 2008-08-04 16:14 /lib/klibc-oHYcLOsqK031xhhY6ecG96fp_1A.so -rwxr-xr-x 1 root root 131584 2009-01-30 02:56 /lib/ld-2.8.90.so -rwxr-xr-x 1 root root 1502520 2009-01-30 02:56 /lib/libc-2.8.90.so -rwxr-xr-x 1 root root 130214 2009-01-30 02:56 /lib/libpthread-2.8.90.so $ /lib/klibc-oHYcLOsqK031xhhY6ecG96fp_1A.so Segmentation fault $ /lib/ld-2.8.90.so Usage: ld.so [OPTION]... EXECUTABLE-FILE [ARGS-FOR-PROGRAM...] You have invoked `ld.so', the helper program for shared library executables. This program usually lives in the file `/lib/ld.so', and special directives in executable files using ELF shared libraries tell the system's program loader to load the helper program from this file. This helper program loads the shared libraries needed by the program executable, prepares the program to run, and runs it. You may invoke this helper program directly from the command line to load and run an ELF executable file; this is like executing that file itself, but always uses this helper program from the file you specified, instead of the helper program file specified in the executable file you run. This is mostly of use for maintainers to test new versions of this helper program; chances are you did not intend to run this program. --list list all dependencies and how they are resolved --verify verify that given object really is a dynamically linked object we can handle --library-path PATH use given PATH instead of content of the environment variable LD_LIBRARY_PATH --inhibit-rpath LIST ignore RUNPATH and RPATH information in object names in LIST $ /lib/libc-2.8.90.so GNU C Library development release version 2.8.90, by Roland McGrath et al. Copyright (C) 2008 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Compiled by GNU CC version 4.3.2. Compiled on a Linux >>2.6.24-16-server<< system on 2009-01-29. Available extensions: crypt add-on version 2.1 by Michael Glad and others GNU Libidn by Simon Josefsson Native POSIX Threads Library by Ulrich Drepper et al BIND-8.2.3-T5B For bug reporting instructions, please see: . $ /lib/libpthread-2.8.90.so Native POSIX Threads Library by Ulrich Drepper et al Copyright (C) 2006 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Forced unwind support included.

いきなりSEGVするklibcはともかく、他のsoは少なくとも著作権表示はする。

ldはusage表示までするので実際に引数を与えてみる。

$ /lib/ld-2.8.90.so --list /usr/local/bin/ruby linux-vdso.so.1 => (0x00007fff237ff000) librt.so.1 => /lib/librt.so.1 (0x00007fe91b3ff000) libdl.so.2 => /lib/libdl.so.2 (0x00007fe91b1fb000) libcrypt.so.1 => /lib/libcrypt.so.1 (0x00007fe91afc2000) libm.so.6 => /lib/libm.so.6 (0x00007fe91ad3d000) libc.so.6 => /lib/libc.so.6 (0x00007fe91a9cb000) libpthread.so.0 => /lib/libpthread.so.0 (0x00007fe91a7ae000) /lib64/ld-linux-x86-64.so.2 => /lib/ld-2.8.90.so (0x00007fe91b620000)

lddの出力に似ている。

$ ldd /usr/local/bin/ruby linux-vdso.so.1 => (0x00007fff0c9fe000) librt.so.1 => /lib/librt.so.1 (0x00007fc40442e000) libdl.so.2 => /lib/libdl.so.2 (0x00007fc40422a000) libcrypt.so.1 => /lib/libcrypt.so.1 (0x00007fc403ff2000) libm.so.6 => /lib/libm.so.6 (0x00007fc403d6d000) libc.so.6 => /lib/libc.so.6 (0x00007fc4039fb000) libpthread.so.0 => /lib/libpthread.so.0 (0x00007fc4037df000) /lib64/ld-linux-x86-64.so.2 (0x00007fc404637000)

というよりも全く同じだ。

$ file /usr/bin/ldd /usr/bin/ldd: Bourne-Again shell script text executable

lddは中でld.soを呼び出しているのだった。