On Wed, Apr 21, 2021 at 12:38 AM Peng Yu via Gcc-help <gcc-help@xxxxxxxxxxx> wrote: > > >> I understand what it means. But my question is what raw-data fields in > >> the ELF file is used to figure this out the address is 0xec4 relative > >> to the current instruction? My question is not about how to interpret > >> what `0xec4(%rip)` means. > > > > Nothing is figured out. The linker computes the offset and hard-codes > > it into the instruction. This offset does not change after the linking > > step. > > The question is how 0xec4 is computed from the object file. The object file has a relocation entry, quoting your previous e-mail: > Relocation section '.rela.text' at offset 0x210 contains 2 entries: > Offset Info Type Sym. Value Sym. Name + Addend > 000000000007 000500000002 R_X86_64_PC32 0000000000000000 .rodata - 4 That relocation entry points to offset 0x7 into your function main, quoting your previous e-mail: > $ objdump --disassemble=main a.o > ... > 0000000000000000 <main>: > 0: 55 push %rbp > 1: 48 89 e5 mov %rsp,%rbp > 4: 48 8d 3d 00 00 00 00 lea 0x0(%rip),%rdi # b <main+0xb> Offset 0x7 into your function main is the byte `00' just right after `48 8d 3d'. The relocation entry then shows that the four `00' bytes (the relocation entry's type tells the number of bytes to be replaced) starting at the offset 0x7 are to be replaced by the address of `.rodata - 4' (the address of section .rodata minus four bytes). You can see that the object file has the hello-world string at offset zero of the .rodata section, but since lea loads a relative address by computing from the end of the instruction, which starts at offset 0x4 into your function main and ends at offset 0xA, while the linker computes the relative offset to the .rodata section starting at the offset 0x7, at runtime the lea will skip the first 4 bytes of the hello-world string, which is the difference between 0xB used by lea and 0x7 used by the linker. Hence, to get the correct address of the hello-world string, the relocation entry says `.rodata - 4' instead of just `.rodata'. Hence, when you perform the final link to produce the executable by running `gcc -o a.out a.o', the linker after adding further data into the .rodata section that comes from at least the C library (e.g., the four-byte datum named _IO_stdin_used that is inserted at the start of .rodata and immediately before the hello-world string) can correctly install the correct 4-byte address at the location pointed by the relocation entry, which starts at offset 0x7 into your function main. In other words, 0xec4 is computed from the object file given to the linker executed by `gcc -o a.out a.o' by the relocation entry found in the object file. > -- > Regards, > Peng -- Best regards, Tadeus
