elf

I'm not sure what a good subject line for this question is, but here we go ... In order to force code locality / compactness for a critical section of code, I'm looking for a way to call a function in an external (dynamically-loaded) library through a "jump slot" (an ELF R_X86_64_JUMP_SLOT relocation) directly at the call site - what the linker ordinarily puts into PLT / GOT, but have these inlined right at the call site. If I emulate the call like: #include <stdio.h> int main(int argc, char **argv) { asm ("push $1f\n\t" "jmp *0f\n\t" "0: .quad %P0\n" "1:\n\t" : : "i"(printf), "D"("Hello,

I'm looking for a fast way to check if a ELF binary is a shared object or a position independent executable. I think a can do that by checking the contained symbols / functions. I'm looking for a more efficient way of not having to read the complete file. I have to perform the check on different platforms, at least Android, Linux (32 and 64 bit). I'm looking for a fast way to check if a ELF binary is a shared object or a position independend executable. There is no way to check: a PIE executable is a shared object. I think a can do that by checking the contained symbols / functions. Symbols

I'm currently doing my own objdump implementation in C. For my -s option, I have to show the full contents of the section of an ELF file. I'm doing it well, but i'm showing more sections than the "real" objdump. In fact, it does not output the .bss, .shstrtab, .symtab and .strtab sections. I'm looking around the sh_flags value on the Shdr struct but I can't find any logic... Why objdump -s does not shows these sections ? Why objdump -s does not shows these sections ? Objdump is based on libbfd , which abstracts away many complexities of ELF, and was written when objects tended to only have

I wrote a small program to add to integers and on using "readelf -a executable_name" it showed the entry point address in elf header as : Entry point address: 0x8048330 How my executable knows this address beforehand even before loader loads it in memory ? elf_format.pdf says this member gives the virtual address to which the system first transfers control, thus starting the process. Can anyone please explain what is the meaning of this statement and what is the meaning of virtual address here ? Also let me know, from where the executable file gets the value of 0x8048330 as entry point address

===系统内存=== 系统内存的使用情况可以用以下公式表示： MemTotal = MemFree +【Slab+ VmallocUsed + PageTables + KernelStack + HardwareCorrupted + Bounce + X】+【Active + Inactive + Unevictable + (HugePages_Total * Hugepagesize)】 MemTotal = MemFree +【Slab+ VmallocUsed + PageTables + KernelStack + HardwareCorrupted + Bounce + X】+【Cached + AnonPages + Buffers + (HugePages_Total * Hugepagesize)】 MemTotal = MemFree +【Slab+ VmallocUsed + PageTables + KernelStack + HardwareCorrupted + Bounce + X】+【ΣPss + (Cached – mapped) + Buffers + (HugePages_Total * Hugepagesize)】 File-backed内存,anon匿名内存，Shmem是tmpfs所使用的内存

There comes a time in life of a developer when one gets this error valgrind: failed to start tool 'memcheck' for platform 'x86-linux' I do not see myself as an expert Valgrind user, but I understand output of Valgrind enough to catch memory leaks in my C programs. The other day I launched a personal project in assembly language and used standard C memory routines (calloc, realloc, free) for its memory requirements. The program grew complex and I wanted to be sure I am not leaking any memory (and also to be sure I am leaking memory where I know I am leaking at that stage - amid development),

With some background in assemble instructions and C programs, I can visualize how a compiled function would look like, but it's funny I have never so carefully thought about how a compiled C++ class would look like. bash$ cat class.cpp #include<iostream> class Base { int i; float f; }; bash$ g++ -c class.cpp I ran: bash$objdump -d class.o bash$readelf -a class.o but what I get is hard for me to understand. Could somebody please explain me or suggest some good starting points. The classes are (more or less) constructed as regular structs. The methods are (more or less...) converted into

Following up Why is the ELF execution entry point virtual address of the form 0x80xxxxx and not zero 0x0? and Why do virtual memory addresses for linux binaries start at 0x8048000? , why cannot I make ld use a different entry point than the default with ld -e ? If I do so, I either get a segmentation fault with return code 139, even for addresses close by the default entry point. Why? EDIT: I will make the question more specific: .text .globl _start _start: movl $0x4,%eax # eax = code for 'write' system call movl $1,%ebx # ebx = file descriptor to standard output movl $message,%ecx # ecx =