Skip to content

Instantly share code, notes, and snippets.

@knknkn1162

knknkn1162/elf_relocable.txt Secret

Last active June 13, 2018 06:35
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save knknkn1162/58325c37aa9f6554ca73c931012b0f1d to your computer and use it in GitHub Desktop.
Save knknkn1162/58325c37aa9f6554ca73c931012b0f1d to your computer and use it in GitHub Desktop.
Download ZIP
Raw
elf_relocable.txt
# ELF Header:
# readelf -h hello.o
ELF Header:
Magic: 7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00
Class: ELF64
Data: 2's complement, little endian
Version: 1 (current)
OS/ABI: UNIX - System V
ABI Version: 0
Type: REL (Relocatable file)
Machine: Advanced Micro Devices X86-64
Version: 0x1
Entry point address: 0x0
Start of program headers: 0 (bytes into file)
Start of section headers: 64 (bytes into file)
Flags: 0x0
Size of this header: 64 (bytes)
Size of program headers: 0 (bytes)
Number of program headers: 0
Size of section headers: 64 (bytes)
Number of section headers: 7
Section header string table index: 3
+-----------------------------------------------+
| Elf64_Ehdr |
+- - - - - - - - - - - - - - - - - - - - - - - -| <= ELF Header[0x00000000]
| ident[EI_NIDENT] ..Magic |
| | .. Magic number7f 45 4c 46(= 0x7f 'E', 'L', 'F')
|Magic |Cl|Da|Ve|AB| | .. Data.. ELFDATA2LSB[01](Little Endian)
|number |s |ta|r |I | (Padding) | .. See Figure 4-4
+-----------------------------------------------+
0x00000000 |7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00| |.ELF............|
+-----+-----+-----------+-----------------------+
|type |mach |version |entry | .. type: ET_REl[01]: relocatable format
+-----+-----+-----------+-----------------------+
0x00000010 |** 00|3e 00|01 00 00 00|b0 00 40 00 00 00 00 00| |..>.............|
|-----+-----+-----------+-----------------------+
| phoff |e_shoff | .. phoff: Start of program headers(exe: 0x00000040)
+-----------------------+-----------------------
0x00000020 |** ** 00 00 00 00 00 00|40 00 00 00 00 00 00 00| |........@.......|
+-----------+-----+-----+-----+-----+-----+-----+
|e_flags |ehsiz|phesi|phnum|shesi|shnum|shstr|
+-----------+-----+-----+-----+-----+-----+-----+
0x00000030 |00 00 00 00|40 00|00 00|00 00|40 00|00 00|00 00| |....@.....@.....|
+-----------+-----+-----+-----+-----+-----+-----+
## readelf -l hello.o
There are no program headers in this file.
## objdump -p hello.o ## or same expression:
hello.o: file format elf64-x86-64
# Section Header:
# readelf -S hello.o
There are 7 section headers, starting at offset 0x40:
[Nr] Name Type Address Offset
Size EntSize Flags Link Info Align
[ 0] NULL 0000000000000000 00000000
0000000000000000 0000000000000000 0 0 0
+-----------+-----+-----+-----+-----+-----+-----+ <= Index 0(SHT_NULL) section header (magic bytes)
| Elf64_Shdr |
+- - - - - - - - - - - - - - - - - - - - - - - -|
0x00000040 |00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00| |................|
0x00000050 |00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00| |................|
0x00000060 |00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00| |................|
0x00000070 |00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00| |................|
+-----------+-----+-----+-----+-----+-----+-----+
[Nr] Name Type Address Offset
Size EntSize Flags Link Info Align
[ 1] .data PROGBITS 0000000000000000 00000200
000000000000000d 0000000000000000 WA 0 0 4
# objdump -h hello.o
Sections:
Idx Name Size VMA LMA File off Algn
0 .data 0000000d 0000000000000000 0000000000000000 00000200 2**2
CONTENTS, ALLOC, LOAD, DATA
+-----------+-----+-----+-----+-----+-----+-----+ <= .data section header
| Elf64_Shdr |
+- - - - - - - - - - - - - - - - - - - - - - - -|
| name | type | sh_flags | .. sh_flags: SHF_WRITE[0x1] and SHF_ALLOC[0x2]
+-----------+-----------+-----------------------+
0x00000080 |01 00 00 00|01 00 00 00|03 00 00 00 00 00 00 00| |................|
+-----------+-----------+-----------------------+
| addr | offset | .. offset: You can find .data section in 0x00000200.
+-----------+-----------+-----------------------+
0x00000090 |00 00 00 00 00 00 00 00|00 02 00 00 00 00 00 00| |................|
+-----------+-----------+-----------+-----------+
| size | link | info |
+-----------------------+-----------+-----------+
0x000000a0 |0d 00 00 00 00 00 00 00|00 00 00 00|00 00 00 00| |................|
+-----------------------+-----------+-----------+
| addralign | entsize |
+-----------------------+-----------------------+
0x000000b0 |04 00 00 00 00 00 00 00|00 00 00 00 00 00 00 00| |................|
+-----------------------+-----------------------+
[Nr] Name Type Address Offset
Size EntSize Flags Link Info Align
[ 2] .text PROGBITS 0000000000000000 00000210 <= You can find .text section in 0x00000210.
0000000000000027 0000000000000000 AX 0 0 16
# objdump -h hello.o
Idx Name Size VMA LMA File off Algn
1 .text 00000027 0000000000000000 0000000000000000 00000210 2**4
CONTENTS, ALLOC, LOAD, RELOC, READONLY, CODE
+-----------------------+-----------------------+ <= .text section header
| Elf64_Shdr |
+- - - - - - - - - - - - - - - - - - - - - - - -|
0x000000c0 |07 00 00 00 01 00 00 00 06 00 00 00 00 00 00 00| |................|
0x000000d0 |00 00 00 00 00 00 00 00 10 02 00 00 00 00 00 00| |'...............|
0x000000e0 |27 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00| |................|
0x000000f0 |10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00| |................|
+-----------------------+-----------------------+
[Nr] Name Type Address Offset
Size EntSize Flags Link Info Align
[ 3] .shstrtab STRTAB 0000000000000000 00000240
0000000000000032 0000000000000000 0 0 1
+-----------+-----+-----+-----+-----+-----+-----+ <= .shstrtab section header
| Elf64_Shdr |
+- - - - - - - - - - - - - - - - - - - - - - - -|
0x00000100 |0d 00 00 00 03 00 00 00 00 00 00 00 00 00 00 00| |................|
0x00000110 |00 00 00 00 00 00 00 00 40 02 00 00 00 00 00 00| |........@.......|
0x00000120 |32 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00| |2...............|
0x00000130 |01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00| |................|
+-----------------------+-----------------------+
[Nr] Name Type Address Offset
Size EntSize Flags Link Info Align
[ 4] .symtab SYMTAB 0000000000000000 00000280
00000000000000a8 0000000000000018 5 6 8
+-----------+-----+-----+-----+-----+-----+-----+ <= .symtab section header
| Elf64_Shdr |
+- - - - - - - - - - - - - - - - - - - - - - - -|
0x00000140 |17 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00| |................|
0x00000150 |00 00 00 00 00 00 00 00 80 02 00 00 00 00 00 00| |................|
0x00000160 |a8 00 00 00 00 00 00 00 05 00 00 00 06 00 00 00| |................|
0x00000170 |08 00 00 00 00 00 00 00 18 00 00 00 00 00 00 00| |................| .. each EntSize is 0x18
+-----------------------+-----------------------+
[Nr] Name Type Address Offset
Size EntSize Flags Link Info Align
[ 5] .strtab STRTAB 0000000000000000 00000330
000000000000002e 0000000000000000 0 0 1
+-----------+-----+-----+-----+-----+-----+-----+ <= .strtab section header
| Elf64_Shdr |
+- - - - - - - - - - - - - - - - - - - - - - - -|
0x00000180 |1f 00 00 00 03 00 00 00 00 00 00 00 00 00 00 00| |................|
0x00000190 |00 00 00 00 00 00 00 00 30 03 00 00 00 00 00 00| |........0.......|
0x000001a0 |2e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00| |................|
0x000001b0 |01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00| |................|
+-----------------------+-----------------------+
[Nr] Name Type Address Offset
Size EntSize Flags Link Info Align
[ 6] .rela.text RELA 0000000000000000 00000360
0000000000000018 0000000000000018 4 2 8
+-----------+-----+-----+-----+-----+-----+-----+ <= .rela.text section header
| Elf64_Shdr |
+- - - - - - - - - - - - - - - - - - - - - - - -|
0x000001c0 |27 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00| |'...............|
0x000001d0 |00 00 00 00 00 00 00 00 60 03 00 00 00 00 00 00| |........`.......|
0x000001e0 |18 00 00 00 00 00 00 00 04 00 00 00 02 00 00 00| |................|
0x000001f0 |08 00 00 00 00 00 00 00 18 00 00 00 00 00 00 00| |................| .. each EntSize is 0x18
+-----------------------+-----------------------+
# Section:
# readelf -x.data hello.o
Hex dump of section '.data':
0x00000000 48656c6c 6f20776f 726c6421 0a Hello world!.
+-----------+-----+-----+-----+-----+-----+-----+ <= .data section
0x00000200 |48 65 6c 6c 6f 20 77 6f 72 6c 64 21 0a 00 00 00| |Hello world!....|
+-----------+-----+-----+-----+-----+--^--+-----+
|
.data section end -+
## -d, --disassemble Display assembler contents of executable sections
# objdump -d hello.o
hello.o: file format elf64-x86-64
Disassembly of section .text:
0000000000000000 <_start>:
0: b8 01 00 00 00 mov $0x1,%eax
5: bf 01 00 00 00 mov $0x1,%edi
a: 48 be 00 00 00 00 00 movabs $0x0,%rsi <= address NOT assigned yet
11: 00 00 00
14: ba 0d 00 00 00 mov $0xd,%edx
19: 0f 05 syscall
1b: b8 3c 00 00 00 mov $0x3c,%eax
20: bf 00 00 00 00 mov $0x0,%edi
25: 0f 05 syscall
+-----------+-----+-----+-----+-----+-----+-----+ <= .text section (check `readelf -x.text hello.o`)
0x00000210 |b8 01 00 00 00 bf 01 00 00 00 48 be 00 00 00 00| |..........H.....|
+-----------+-----+-----+-----+------^^---+-----+
relocate(See .rela.text section)
+-----------------------------------------------+
0x00000220 |00 00 00 00 ba 0d 00 00 00 0f 05 b8 3c 00 00 00| |............<...|
0x00000230 |bf 00 00 00 00 0f 05 00 00 00 00 00 00 00 00 00| |................|
+-----------+-----+--^--+-----+-----+-----+-----+
|
.text section end -+
+-----------+-----+-----+-----+-----+-----+-----+ <= .shstrtab section
0x00000240 |00 2e 64 61 74 61 00 2e 74 65 78 74 00 2e 73 68| |..data..text..sh|
0x00000250 |73 74 72 74 61 62 00 2e 73 79 6d 74 61 62 00 2e| |strtab..symtab..|
0x00000260 |73 74 72 74 61 62 00 2e 72 65 6c 61 2e 74 65 78| |strtab..rela.tex|
0x00000270 |74 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00| |t...............|
+-----------+-----+-----+-----+-----+-----+-----+
# .symtab section
# nm hello.o # briefly
0000000000000000 T _start
0000000000000000 d hello_world
000000000000000d a hello_world_len
# readelf -s hello.o
Num: Value Size Type Bind Vis Ndx Name
0: 0000000000000000 0 NOTYPE LOCAL DEFAULT UND .. the first entry is magical and set to a fixed meaningless values.
1: 0000000000000000 0 FILE LOCAL DEFAULT ABS hello.asm
+-----------+-----+-----+-----+-----+-----+-----+ <= .symtab section (check `readelf -x.symtab hello.o`)
| Elf64_Sym |
+- - - - - - - - - - - - - - - - - - - - - - - -|
| name |in|oth|sh | value |
| |fo|er| ndx | |
+-----------+--+--+-----+-----+-----+-----+-----+
0x00000280 |00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00| |................|
+-----------+--+--+-----+-----+-----+-----+-----+
| Elf64_Sym | Elf64_Sym |
+- - - - - - - - - - - - - - - - - - - - - - - -|
| size | name |in|oth| sh |
| | |fo|er| ndx |
+-----------+--+--+-----+-----+-----+--+--+-----+
# name: character #1 in the .strtab, which is `68 65 6c 6c 6f 2e 61 73 6d 00`("hello.asm\0")
0x00000290 |00 00 00 00 00 00 00 00 01 00 00 00 04 00 f1 ff| |................|
+-----------+-----+-----^-----+-----+-----+-----+
|
symbol #0 end -+- symbol #1 start
+-----------+--+--+-----+-----+-----+-----+-----+
| Elf64_Sym |
+- - - - - - - - - - - - - - - - - - - - - - - -|
| value | size |
+-----------+--+--+-----+-----+-----+--+--+-----+
0x000002a0 |00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00| |................|
+-----------+-----+-----------+-----+-----+-----^
|
symbol #1 end -+
# readelf -s hello.o
Num: Value Size Type Bind Vis Ndx Name
2: 0000000000000000 0 SECTION LOCAL DEFAULT 1
3: 0000000000000000 0 SECTION LOCAL DEFAULT 2
+-----------+-----+-----------+-----+-----+-----+ <= symbol #2,3 start
0x000002b0 |00 00 00 00 03 00 01 00 00 00 00 00 00 00 00 00| |................|
0x000002c0 |00 00 00 00 00 00 00 00 00 00 00 00 03 00 02 00| |................|
0x000002d0 |00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00| |................|
+-----------+-----+-----------+-----+-----+-----+
# readelf -s hello.o
Num: Value Size Type Bind Vis Ndx Name
4: 0000000000000000 0 NOTYPE LOCAL DEFAULT 1 hello_world
5: 000000000000000d 0 NOTYPE LOCAL DEFAULT ABS hello_world_len
+-----------+-----+-----------+-----+-----+-----+ <= symbol #4,5 start
0x000002e0 |0b 00 00 00 00 00 01 00 00 00 00 00 00 00 00 00| |................|
0x000002f0 |00 00 00 00 00 00 00 00 17 00 00 00 00 00 f1 ff| |................|
0x00000300 |0d 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00| |................|
+-----------+-----+-----------+-----+-----+-----+
# readelf -s hello.o
Num: Value Size Type Bind Vis Ndx Name
6: 0000000000000000 0 NOTYPE GLOBAL DEFAULT 2 _start
+-----------+-----+-----------+-----+-----+-----+ <= symbol #6 start
0x00000310 |27 00 00 00 10 00 02 00 00 00 00 00 00 00 00 00| |'...............|
0x00000320 |00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00| |................|
+-----------+-----+-----^-----+-----+-----+-----+
|
.symtab section(symbol #6) end -+
+-----------+-----+-----+-----+-----+-----+-----+ <= .strtab section ( check `readelf -x.strtab hello.o`)
0x00000330 |00 68 65 6c 6c 6f 2e 61 73 6d 00 68 65 6c 6c 6f| |.hello.asm.hello|
0x00000340 |5f 77 6f 72 6c 64 00 68 65 6c 6c 6f 5f 77 6f 72| |_world.hello_wor|
0x00000350 |6c 64 5f 6c 65 6e 00 5f 73 74 61 72 74 00 00 00| |ld_len._start...|
+-----------+-----+-----+-----+-----+-----^-----+
|
.strtab section end -+
# readelf -r hello.o
Relocation section '.rela.text' at offset 0x360 contains 1 entry:
Offset Info Type Sym. Value Sym. Name + Addend
00000000000c 000200000001 R_X86_64_64 0000000000000000 .data + 0
# <= Address at the position 0x00000000000c in the .data section is relocated
+-----------+--+--+-----+-----+-----+-----+-----+
| Elf64_Rela |
+- - - - - - - - - - - - - - - - - - - - - - - -|
| r_offset | r_info | |
| r_offset |ELF64_R_TYP|ELF64_R_SYM|
+-----------+-----+-----+-----------+-----+-----+ <= .rela.text section
0x00000360 |0c 00 00 00 00 00 00 00 01 00 00 00 02 00 00 00| |................|
+-----------+--+--+-----+-----------+-----+-----+
| r_addend | |
+-----------+--+--+-----+-----------+-----+-----+
0x00000370 |00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00| |................|
+-----------+-----+-----^-----+-----+-----+-----+
|
.rela.text section end -+
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment