This question is about reverse engineering and the Microsoft Standard C Library.
When a C program terimates gracefully, i.e. does a return 0;
at the end of main()
. What all happens (generalize please). Specifically, what is the last function called by the C library?
You can find the sources of the Microsoft CRT in "%Program Files%\Microsoft Visual Studio x.0\VC\crt\src".
The entrypoint for executables (mainCRTStartup
) is in crt0.c, or, in case the runtime DLL is used, in crtexe.c. You can see that after calling main()
it calls exit()
. The source code of exit()
is in crt0dat.c. It calls C and C++ termination handlers (closing stdio handles etc), calls atexit()
functions, and finally calls __crtExitProcess() which calls kernel32's ExitProcess().
If you have strace
on your machine, you can use that (invoke it via strace ./program
) - on my machine, with the following code, it gives exit_group(0)
as the last function:
int main() {
return 0;
}
As for what happens (warning: sweeping generalisations ahead), the operating system (theoretically) should attempt to start reclaiming memory from your process by deleting all memory you've left new'd.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With