Reposition PC Relative Reference (pc-relative reference relocation)

Reposition PC Relative Reference (pc-relative reference relocation)

The sample code (MAIN.C, SWAP.C) is shown in an earlier article, which is followed by an analysis of the target file.

<pic1 gcc-c main.o, Objdump-rs main.o>

You can see that the call command calling swap in main is at section offset 0x1d, the opcode is E8, the operand is 32bit reference 0XFFFFFFFC, which is -4 (little endian stored), The next line shows the relocation entry,r.offset=0x1e of the swap symbol, R.symbol=swap, R.TYPE=R_386_PC32. This relocation entry is to tell the compiler to modify the 32-bit reference located at the section at an offset of 1e so that the runtime can point to swap.

<pic2, Readelf-a p>

<PIC3, Objdump-s p>

Depending on <PIC2> or <PIC3> you can see the final executable section of the target file. The address of text ADDR (s) = ADDR (. Text) =0x8048320, according to <PIC3> You can see that the last executable target file in swap's instruction address is ADDR (r.symbol) =addr (Swap) =0x804840c. Then reposition a PC relative reference:

Referenced run-time address:
REFADDR = ADDR (s) + R.offset = 0x8048320 + 0x1e = 0x804833e
To modify the value of a reference:
*refptr = (unsigned) (ADDR (R.symbol) + (*REFPTR-REFADDR))
= (unsigned) (0x804840c + ( -4-0x804833e))
= (unsigned) (0XCA) ( question: Why not equal to the following 0x16?? experimented with several times. )
"The meaning of the above is to correct the referenced value according to the actual address of the swap symbol," Pan "
In the final executable target file, when executing to the following instruction:
80483F1: E8 804840c <swap>

The essence of the call instruction is to stack the current EIP (=80483F6) and then load the function entry address into the EIP. To begin executing the SWAP code block instructions.

Reference:

(1) "Csapp"

Reposition PC Relative Reference (pc-relative reference relocation)