3

I'm trying to create an x86-64 Windows COFF object file, but I don't entirely understand the different types of relocations described at https://learn.microsoft.com/en-us/windows/win32/debug/pe-format#x64-processors. Specifically, I'm not sure what do IMAGE_REL_AMD64_REL32 (including _* variants), IMAGE_REL_AMD64_SREL32, IMAGE_REL_AMD64_PAIR and IMAGE_REL_AMD64_SSPAN32 do. There is some documentation for them, but it isn't descriptive enough, and I couldn't find any external resources referencing these. To be more precise, I'm not aware what does 'span-dependent value' mean, and also what exactly REL32 ones are relative to. I'd greatly appreciate any information on this.

EDIT: Okay, after some thought I understood that REL32 ones are for RIP-relative addressing, and the variants are for when the address is relative to a position offset from the start of an instruction, and the symbols points to its start. I still wonder what SREL32, PAIR and SSPAN32 are for...

abel1502
  • 955
  • 4
  • 14
  • 1
    `_x` variants of `IMAGE_REL_AMD64_REL32` are used when the relocated dword object is **not** the last field in encoded instruction body, for instance when the relative displacement is followed by immediate value encoded in 1 or 4 bytes. I have never seen other relocation types than `REL32*` and `ADDR*` in COFF modules. Perhaps we can ignore them as a product of exuberant imagination of software architects? – vitsoft Apr 27 '21 at 17:14
  • Thanks! I guess we could, but I'm still curious, to be honest) – abel1502 Apr 27 '21 at 21:32
  • 1
    By the way, I have checked that currently nothing on github uses the SREL32 one. (After filtering the numerous forks of popular repositories, where it is only mentioned or defined as an enumeration member, there were only 51 occurences left, and none of those actually employed it. This even includes Ghidra not knowing how to handle it). I intend to conduct a small manual test for those as soon as I get a bit of spare time. – abel1502 May 15 '21 at 18:20
  • 1
    Perhaps you might also check **GNU ld** sources. This Linux linker knows how to link COFF format, so it should cope with SREL32 somehow. – vitsoft May 15 '21 at 18:39
  • 1
    Thanks for the advice. I've tried, but it seems to ignore those. It has a 14 (0xe) relocation for X86_64, but uses it for a pseudo-reloc ("Pseude PC64 relocation - Note: not specified by MS/AMD but need for gas pc-relative 64bit wide relocation generated by ELF."), so that's not SREL32 by any means. And for higher numbers, corresponding to PAIR and SSPAN32, there are no definitions whatsoever – abel1502 May 16 '21 at 20:11

0 Answers0