Ciro Santilli's definition: softwareengineering.stackexchange.com/questions/151610/what-exactly-is-system-programming/399625#399625
Ciro's tutorial: Linux Kernel Module Cheat.
Ciro's word of caution for 2019 aspiring system programmers: Should you waste your life with systems programming?
This is basically a direct consequence of backward design.
The higher the level you can operate at, the better.
The ideal level to operate at, and one of humankind's greatest ambitions is "AGI, make me money", the highest possible level.
Only go down a level when it seems necessary.
Magic software that allows you to write a single program that runs on a wide range of hardware.
Bibliography:
Bare metal programming is to run a program without an operating system below it.
Or in other words, it is basically implementing an operating system/firmware yourself ad hoc, together with your actual program.
Zephyr is cool. Its installation setup is annoying. But the project is cool.
Real hardware is for newbs. Real hardware is for newbs.
Tested on Ubuntu 23.10 we approximately follow instructions from: docs.zephyrproject.org/3.4.0/develop/getting_started/index.html stopping before the "Flash the sample" section, as we don't flash QEMU. We just run it.
sudo apt install --no-install-recommends git cmake ninja-build gperf \
ccache dfu-util device-tree-compiler wget \
python3-dev python3-pip python3-setuptools python3-tk python3-wheel xz-utils file \
make gcc gcc-multilib g++-multilib libsdl2-dev libmagic1
python3 -m venv ~/zephyrproject/.venv
source ~/zephyrproject/.venv/bin/activate
pip install west
west init ~/zephyrproject
cd ~/zephyrproject
west update
west zephyr-export
cd ~
wget https://github.com/zephyrproject-rtos/sdk-ng/releases/download/v0.16.1/zephyr-sdk-0.16.1_linux-x86_64.tar.xz
tar xvf zephyr-sdk-0.16.1_linux-x86_64.tar.xz
cd zephyr-sdk-0.16.1
./setup.sh
The installation procedure install all compiler toolchains for us, so we can then basically compile for any target. It also fetches the latest Git source code of Zephyr under:
~/zephyrproject/zephyr
The "most default" blinky hello world example which blinks an LED is a bit useless for us because QEMU doesn't have LEDs, so instead we are going to use one of the UART examples which will print characters we can see on QEMU stdout.
Let's start with the hello world example on an x86 target:and it outputs:The
cd ~/zephyrproject/zephyr
west build -b qemu_x86 samples/hello_world -t run
Hello World! qemu_x86
qemu_x64
on the output comes from the CONFIG_BOARD
macro github.com/zephyrproject-rtos/zephyr/blob/c15ff103001899ba0321b2c38013d1008584edc0/samples/hello_world/src/main.c#L11#include <zephyr/kernel.h>
int main(void)
{
printk("Hello World! %s\n", CONFIG_BOARD);
return 0;
}
The
qemu_x86
board is documented at: docs.zephyrproject.org/3.4.0/boards/x86/qemu_x86/doc/index.htmlYou can also first
cd
into the directory that you want to build in to avoid typing samples/hello_world
all the time:cd ~/zephyrproject/zephyr/samples/hello_world
zephyr west build -b qemu_x86 -t run
You can also build and run separately with:
west build -b qemu_x86
west build -t run
Another important option is:But note that it does not modify your
west build -t menuconfig
prj.conf
automatically for you.Let's try on another target:and same output, but on a completely different board! The
rm -rf build
zephyr west build -b qemu_cortex_a53 -t run
qemu_cortex_a53
board is documented at: docs.zephyrproject.org/3.4.0/boards/arm64/qemu_cortex_a53/doc/index.htmlThe list of all examples can be seen under:which for example contains:
ls ~/zephyrproject/zephyr/samples
zephyrproject/zephyr/samples/hello_world
So run another sample simply select it, e.g. to run
zephyrproject/zephyr/samples/synchronization
:west build -b qemu_cortex_a53 samples/synchronization -t run
It ain't perfect, but it's decent enough.
From a technical point of view, it can do anything that Microsoft Windows can. Except being forcefully installed on every non-MacOS 2019 computer you can buy.
Ciro Santilli's conversion to Linux happened around 2012, and was a central part of Ciro Santilli's Open Source Enlightenment, since it fundamentally enables the discovery and contribution to open source software. Because what awesome open source person would waste time porting their amazing projects to closed source OSes?
Ciro's modest nature can be seen as he likes to compare this event Buddha's Great Renunciation.
Linux should track glibc and POSIX command line utilities in-tree like BSD Operating System, otherwise people have no way to get the thing running in the first place without blobs or large out-of-tree scripts! Another enlightened soul who agrees.
Particularly interesting in the history of Linux is how it won out over the open competitors that were coming up in the time: MINIX (see the chat) and BSD Operating System that got legally bogged down at the critical growth moment.
You must watch this: truth Happens advertisement by Red Hat.
Ciro Santilli has a tutorial at Linux Kernel Module Cheat.
The fact that this foundation has a bunch of paid, closed, certification courses makes Ciro Santilli not respect them at all. They should be making open access content instead!
Documents the Linux kernel. Somewhat of a competitor to Linux Kernel Module Cheat, but more wordy and less automated.
- stackoverflow.com/questions/11408041/how-to-debug-the-linux-kernel-with-gdb-and-qemu/33203642#33203642 How to debug the Linux kernel with GDB and QEMU?
- cirosantilli.com/linux-kernel-module-cheat/gdb
As of 2020, no one knows how to build the major desktop distros fully from source into the ISO, and especially so in a reproducible build way. Everything is done in build servers somewhere with complicated layers of prebuilds. It's crap.
No:
merlijn.sebrechts.be/blog/2020-08-02-why-one-snap-store/ has some very good comments on how
snap
is more closed than Flatpak.Snap's permission system is extremely annoying, notably restricting access to home files. They need a popup that says "permission required by app, accept?" urgently!!!
- the best full featured free OS we have today, since POSIX gave up short of any UI specification, and Chrome OS is not there yet
- usable and likely efficient Java API for apps if Oracle doesn't manage to destroy it with its lawsuit
However, many, many, many terrible horrors come with it:
- it hasn't made the move to desktop for too many years. It could destroy Microsoft Windows and replace it with open source, but they just won't budge towards an unified mobile/desktop setup.
- vendors litter it with uninstallable bloatware that should be illegal. European Union to the rescue!!! www.cnbc.com/2020/12/15/digital-markets-act-eus-new-rules-on-big-tech.html
- vendors lock down devices so it is very hard to get sudo, let alone to modify their images!
- there isn't enough hardware standardization for open source distros to thrive like on desktop
- code drops mean that "master" is useless and trying to contribute from outside vendors' closed walls is a waste of time: stackoverflow.com/questions/1809774/how-to-compile-the-android-aosp-kernel-and-test-it-with-the-android-emulator/48310014#48310014
- if you ever go below the Java API, e.g. to C++ or AOSP build, everything is horrendous and undocumented
- Google doesn't care about the CLI, even the hello world requires creating infinite out-of-control boilerplate from a GUI: stackoverflow.com/questions/20801042/how-to-create-android-project-with-gradle-from-command-line/46994747#46994747
- the boot is uber bloated and takes forever in cycle simulators
The video folder is
DCIM/Camera
.Respect. Big respect. Those people are hardcore from scratch hackers, and their wiki is amazing: wiki.archlinux.org/
It's just that Buildroot is more hardcore ;-)
But can you build the ISO full from source: Linux distribution buildable from source
The basis for Linux Kernel Module Cheat.
Buildroot is good.
This thing is sexy.
Ciro Santilli's Linux distro of choice as of 2019.
It ain't perfect, but it's decent enough.
The greatest advantage of it being that it has the likely largest desktop user base, and therefore the highest likelihood that your problems are solved on Ask Ubuntu, and goes together with Ciro's philosophy that "people should do everything in the same way to factor stuff out", especially the open source losers.
Ciro considers that the killer flaw of Ubuntu, and most desktop distros of 2020, is that no one under the Sun knows how to build them fully from source: Linux distribution buildable from source. This is why Ciro based the Linux Kernel Module Cheat on Buildroot, see also: Linux distribution buildable from source.
On Ubuntu 23.10, a crash led to the creation of:After that simply running apport-cli as: led to the creation of: bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/2049368 a bug on the
/var/crash/_usr_bin_gnome-shell.1000.crash
apport-cli gnome-shell
gnome-shell
package.Their crash system does not have an amazing user interface.
Tested on Ubuntu 21.10.
After something crashes, look under
/var/crash
for a crash file, which helps to determine which package to report under on Launchpad.E.g. a file
/var/crash/_usr_sbin_gdm3.0.crash
makes you want to file the bug under gdm at: bugs.launchpad.net/ubuntu/+source/gdm/+filebugThen, while reporting the bug, you want to give the developpers access to that Ubuntu's crash report system has already uploaded the
.crash
file. But you can't publicly upload it because it contains memory dumps and could contain secret information. The way to do it is to look at the ID under:sudo cat /var/crash/_usr_sbin_gdm3.0.uploaded
.crash
for you, so you just have to confirm it and give the ID on the ticket.You can view a list of all your uploaded errors at:and each of those contain a link to:which you yourself cannot see.
xdg-open https://errors.ubuntu.com/user/$(sudo cat /var/lib/whoopsie/whoopsie-id)
https://errors.ubuntu.com/oops/<.uloaded error id>
askubuntu.com/questions/434431/how-can-i-read-a-crash-file-from-var-crash asks how to read the
.crash
files.Running:splits it up into a few files, but does not make any major improvements.
sudo apport-unpack /var/crash/_usr_sbin_gdm3.0.crash /tmp/app
apport-retrace
sudo apt install apport-retrace
sudo chmod 666 /var/crash/_usr_sbin_gdm3.0.crash
apport-retrace -g /var/crash/_usr_sbin_gdm3.0.crash
Tried:but then
echo "deb http://ddebs.ubuntu.com $(lsb_release -cs) main restricted universe multiverse" | sudo tee -a /etc/apt/sources.list.d/ddebs.list
echo -e "deb http://ddebs.ubuntu.com $(lsb_release -cs)-updates main restricted universe multiverse\ndeb http://ddebs.ubuntu.com $(lsb_release -cs)-proposed main restricted universe multiverse" | sudo tee -a /etc/apt/sources.list.d/ddebs.list
sudo apt install ubuntu-dbgsym-keyring
sudo apt update
fails with:E: The repository 'http://ddebs.ubuntu.com impish-security Release' does not have a Release file.
Ciro Santilli reproduced on Dell Inspiron 15 3520 with factory defaults. This bug prevents "wipe windows" installation without workarounds, one of which is to disable encryption in Windows.
Happens at startup without doing anything, and then keeps happening randomly infinitely many times... on a almost clean 24.04 ISO install on Dell Inspiron 15 3520... God how can it be so bad.
Viewing the apport issue a bit further shows title:
nautilus crashed with sigabrt in g_assertion_message_expr
Possibly related:
- www.reddit.com/r/Ubuntu/comments/1ce1027/2404_is_a_terrible_release/
- bugs.launchpad.net/ubuntu/+source/nautilus/+bug/1795210
- bugs.launchpad.net/ubuntu/+source/nautilus/+bug/1823529
- askubuntu.com/questions/1406294/nautilus-keeps-crashing-in-22-04
- superuser.com/questions/42068/application-are-closed-down-unexpectedly-under-ubuntu
- ubuntuforums.org/showthread.php?t=2466502
- x.com/cirosantilli/status/1792792620323967227
Had this happen on P14s on Ubuntu 23.10 while causally using Chromium. The screen went blank for a few seconds, but it apparently managed to reboot itself, and things started working again, except that and most windows were killed:It appears to be a bug in the AMDGPU open source driver.
[drm:gfx_v11_0_priv_reg_irq [amdgpu]] *ERROR* Illegal register access in command stream
[drm:amdgpu_job_timedout [amdgpu]] *ERROR* ring gfx_0.0.0 timeout, signaled seq=5774109, emitted seq=5774111
[drm:amdgpu_job_timedout [amdgpu]] *ERROR* Process information: process chrome pid 14023 thread chrome:cs0 pid 14087
amdgpu 0000:64:00.0: amdgpu: GPU reset begin!
[drm:mes_v11_0_submit_pkt_and_poll_completion.constprop.0 [amdgpu]] *ERROR* MES failed to response msg=3
[drm:amdgpu_mes_unmap_legacy_queue [amdgpu]] *ERROR* failed to unmap legacy queue
[drm:mes_v11_0_submit_pkt_and_poll_completion.constprop.0 [amdgpu]] *ERROR* MES failed to response msg=3
[drm:amdgpu_mes_unmap_legacy_queue [amdgpu]] *ERROR* failed to unmap legacy queue
[drm:mes_v11_0_submit_pkt_and_poll_completion.constprop.0 [amdgpu]] *ERROR* MES failed to response msg=3
[drm:amdgpu_mes_unmap_legacy_queue [amdgpu]] *ERROR* failed to unmap legacy queue
[drm:mes_v11_0_submit_pkt_and_poll_completion.constprop.0 [amdgpu]] *ERROR* MES failed to response msg=3
[drm:amdgpu_mes_unmap_legacy_queue [amdgpu]] *ERROR* failed to unmap legacy queue
[drm:mes_v11_0_submit_pkt_and_poll_completion.constprop.0 [amdgpu]] *ERROR* MES failed to response msg=3
[drm:amdgpu_mes_unmap_legacy_queue [amdgpu]] *ERROR* failed to unmap legacy queue
[drm:mes_v11_0_submit_pkt_and_poll_completion.constprop.0 [amdgpu]] *ERROR* MES failed to response msg=3
[drm:amdgpu_mes_unmap_legacy_queue [amdgpu]] *ERROR* failed to unmap legacy queue
[drm:mes_v11_0_submit_pkt_and_poll_completion.constprop.0 [amdgpu]] *ERROR* MES failed to response msg=3
[drm:amdgpu_mes_unmap_legacy_queue [amdgpu]] *ERROR* failed to unmap legacy queue
[drm:mes_v11_0_submit_pkt_and_poll_completion.constprop.0 [amdgpu]] *ERROR* MES failed to response msg=3
[drm:amdgpu_mes_unmap_legacy_queue [amdgpu]] *ERROR* failed to unmap legacy queue
[drm:mes_v11_0_submit_pkt_and_poll_completion.constprop.0 [amdgpu]] *ERROR* MES failed to response msg=3
[drm:amdgpu_mes_unmap_legacy_queue [amdgpu]] *ERROR* failed to unmap legacy queue
[drm:gfx_v11_0_cp_gfx_enable.isra.0 [amdgpu]] *ERROR* failed to halt cp gfx
Dec 27 15:03:38 ciro-p14s kernel: amdgpu 0000:64:00.0: amdgpu: MODE2 reset
Dec 27 15:03:38 ciro-p14s kernel: amdgpu 0000:64:00.0: amdgpu: GPU reset succeeded, trying to resume
Dec 27 15:03:38 ciro-p14s kernel: [drm] PCIE GART of 512M enabled (table at 0x0000008000900
Related reports:
I think this was on Wayland. Possibly relatd but on X Window System, crashed the UI, showed message "oh no! Something has gone wrong."
2024-01-13_21-55-07@ciro@ciro-p14s$ cat /var/log/apport.log
ERROR: apport (pid 975172) 2024-01-13 21:41:02,087: host pid 3528 crashed in a separate mount namespace, ignoring
INFO: apport (pid 975227) 2024-01-13 21:41:02,398: called for pid 2728, signal 5, core limit 0, dump mode 1
INFO: apport (pid 975227) 2024-01-13 21:41:02,401: executable: /usr/bin/gnome-shell (command line "/usr/bin/gnome-shell")
INFO: apport (pid 975227) 2024-01-13 21:41:12,667: wrote report /var/crash/_usr_bin_gnome-shell.1000.crash
Happened on P14s on Ubuntu 23.10, which started with fresh Ubuntu 23.10 install.
However it did not happen on Lenovo ThinkPad P51 (2017) also on Ubuntu 23.10 which had been upgraded several times from God knows what starting point... At first one had X11 (forced by Nvidia drivers) and the other Wayland, but moving to p14s X11 changed nothing.
Both were running GNOME Display Manager.
Same happens with Super + L, but also CLI commands: askubuntu.com/questions/7776/how-do-i-lock-the-desktop-screen-via-command-line
Bibliography:
- askubuntu.com/questions/1242110/after-upgrading-to-ubuntu-20-04-lockscreen-not-working canon
- askubuntu.com/questions/1246622/ubuntu-20-04-unable-to-lock-screen
- askubuntu.com/questions/1245071/cant-lock-screen-with-shortcut-on-ubuntu-20-04-gnome
- askubuntu.com/questions/1248756/super-l-not-working-on-ubuntu-20-04
Switching to the other installed kernel, 5.9 made boot work.
The solution on kernel 6.2 was:as per comments under: bugs.launchpad.net/ubuntu/+source/linux/+bug/2012559. This also made the nvidia driver work: Find GPU information in Ubuntu.
sudo apt instal nvidia-driver-515
Previously I had:and it blew up before reaching disk decryption.
nvidia-driver-510
I also tried:but that broke in a different way:
nvidia-driver-525
Finished apport-autoreport.service - Process error reports when automatic reporting is enabled.
nvidia-modeset: ERROR: GPU:0: Idling display engine timed out: 0x0000947d:0:0:407
(1 of 2) Job systemd-backlight@backlight: nvidia_e.service/start running (32s no limit)
Some threads:
Happening multiple times a day on Ubuntu 22.04 for Chromium, even though I turn computer on and off daily, unbearable:
- askubuntu.com/questions/1412575/pending-update-of-snap-store
- askubuntu.com/questions/1412140/pending-update-of-firefox-snap-close-the-app-to-avoid-disruptions
- forum.snapcraft.io/t/how-to-disable-snapd-update-notifications-permanently/31117 Settings > Notifications > Snapd User Session Agent
- www.reddit.com/r/Ubuntu/comments/v1s919/disable_pending_update_of_snap_message_kiosk/
- forum.snapcraft.io/t/refresh-app-awareness-call-for-testing/29123
GDM crashes sometimes when switching windows right after opening a new window: bugs.launchpad.net/ubuntu/+source/gdm/+bug/1956299
Please refer to Video "Linus Torvalds saying "Nvidia Fuck You" (2012)".
Does not happen every time, only some times. Can't figure out why. Usually happens when has suspended for a longer time.
bugs.launchpad.net/ubuntu/+source/nvidia-graphics-drivers-470/+bug/1946303 sounds like a likely report, Nvidia driver version 470, but can't find those error messages anywhere. The last line of:once was:which is when sleep starts.
journalctl -o short-precise -k -b -1
PM: suspend entry (deep)
This suggests that it is not a video bug then, seems that it is not waking up at all? Gotta try to SSH into it. OK. I did SSH into it, and that was fine, so it is just the video that won't start.
PM: suspend exit
bugs.launchpad.net/ubuntu/+source/linux/+bug/1949977 is another possible bug, based on kernel version. I'm running 5.13, which is one of the failing versions on the report. Can't find any interesting dmesg though.
In another crash:had the following interesting lines:and there was a corresponding
journalctl -o short-precise -k -b -1
nvidia-modeset: WARNING: GPU:0: Lost display notification (0:0x00000000); continuing.
[24307.640014] NVRM: GPU at PCI:0000:01:00: GPU-18af74bb-7c72-ff70-e447-87d48378ea20
[24307.640018] NVRM: Xid (PCI:0000:01:00): 79, pid=8828, GPU has fallen off the bus.
[24307.640021] NVRM: GPU 0000:01:00.0: GPU has fallen off the bus.
[24328.054022] nvidia-modeset: ERROR: GPU:0: The requested configuration of display devices (LGD (DP-4)) is not supported on this GPU.
[repeats several more times]
[24328.056767] nvidia-modeset: ERROR: GPU:0: The requested configuration of display devices (LGD (DP-4)) is not supported on this GPU.
[24328.056951] nvidia-modeset: ERROR: GPU:0: Failed to query display engine channel state: 0x0000927c:0:0:0x0000000f
[24328.056955] nvidia-modeset: ERROR: GPU:0: Failed to query display engine channel state: 0x0000927c:1:0:0x0000000f
[24328.056959] nvidia-modeset: ERROR: GPU:0: Failed to query display engine channel state: 0x0000927c:2:0:0x0000000f
[24328.056962] nvidia-modeset: ERROR: GPU:0: Failed to query display engine channel state: 0x0000927c:3:0:0x0000000f
[24328.056983] nvidia-modeset: ERROR: GPU:0: DP-4: Failed to disable DisplayPort audio stream-0
[24328.056992] nvidia-modeset: ERROR: GPU:0: Failed to query display engine channel state: 0x0000947d:0:0:0x0000000f
/var/crash/_usr_sbin_gdm3.0.crash
.Related "GPU has fallen off the bus": askubuntu.com/questions/868321/gpu-has-fallen-off-the-bus-nvidia
Sometimes it just feels like Ubuntu devs don't actually use Ubuntu as a desktop.
Some extremelly anoying problems are introduced and just never get fixed, even though they feel so obvious!
Would never happen on Mac...
This BS started after the move to ZFS. The temporary solution appears to be: askubuntu.com/questions/1293685/out-of-space-on-boot-zpool-and-cant-run-updates-anymore/1374204#1374204
And then this to disable automatic snapshots in the future: askubuntu.com/questions/1233049/disable-automatic-zsys-snapshots-zfs-on-root/1279593#1279593
sudo mv /etc/apt/apt.conf.d/90_zsys_system_autosnapshot /etc/apt/apt.conf.d/90_zsys_system_autosnapshot.disabled
God, this is so annoying:
This has annoyed Ciro Santilli for many years, it is just too wasteful of screen space on laptops!
Or likely more generally, on GNOME desktop, which is the default desktop environment as of Ubuntu 22.10.
Issues:
Legal issues stalled them at the turning point of the Internet, and Linux won. Can't change history.
Did Apple just fork it and made Mac OS X without giving anything back?
The real explanation: stackoverflow.com/questions/1780599/what-is-the-meaning-of-posix/31865755#31865755
Overview by Ciro Santilli at: superuser.com/questions/284342/what-are-path-and-other-environment-variables-and-how-can-i-set-or-use-them/1864687#1864687
This section is about POSIX environment variable that have special effects.
They are documented by POSIX at: pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap08.html#tag_08
Some mentions by Ciro Santilli at: superuser.com/questions/284342/what-are-path-and-other-environment-variables-and-how-can-i-set-or-use-them/1864687#1864687
Non-POSIX only here.
If you are a programmer,
grep
becomes a verb: "to grep" means "to search text files", much like "to Google" means "to search random stuff online".This is a weak point of grep, it can't handle large lines that don't fit fully into memory:
- superuser.com/questions/1703029/is-there-a-limit-for-a-line-length-for-grep-command-to-process-correctly what is the grep line limit?
- unix.stackexchange.com/questions/223078/best-way-to-grep-big-binary-file/758528#758528 Ciro's
bgrep
canon - large not required but mentioning bgrep anyways:
- superuser.com/questions/1368263/use-grep-for-a-long-line-to-get-the-part-of-the-line/1811969#1811969
- unix.stackexchange.com/questions/217936/equivalent-command-to-grep-binary-files/758544#758544
- stackoverflow.com/questions/2034799/how-to-truncate-long-matching-lines-returned-by-grep-or-ack/77263826#77263826
- stackoverflow.com/questions/9988379/how-to-grep-a-text-file-which-contains-some-binary-data leaving this one alone for now
- stackoverflow.com/questions/65674717/how-to-check-if-a-binary-file-is-contained-inside-another-binary-from-the-linux search pattern from file
Getting started tutorial: unix.stackexchange.com/questions/223078/best-way-to-grep-a-big-binary-file/758528#758528
The OS that the Gods ordered be made.
One is reminded of Ulillillia, see also: www.youtube.com/watch?v=9-79yOZ13qg The Story of Ulillillia by Atrocity Guide (2019)
We are all somewhere in the spectrum.
For a quick and dirty introduction to the format, see: ELF Hello World Tutorial.
Introductory analysis of a simple example of the executable and Linkable Format.
Extracted from this Stack Overflow answer.
ELF is the dominating file format for Linux. It competes with Mach-O for OS X and PE for Windows.
ELF supersedes
.coff
, which supersedes a.out
.ELF is specified by the LSB:
The LSB basically links to other standards with minor extensions, in particular:
- Generic (both by SCO):
- System V ABI 4.1 (1997) www.sco.com/developers/devspecs/gabi41.pdf, no 64 bit, although a magic number is reserved for it. Same for core files. This is the first document you should look at when searching for information.
- System V ABI Update DRAFT 17 (2003) www.sco.com/developers/gabi/2003-12-17/contents.html, adds 64 bit. Only updates chapters 4 and 5 of the previous document: the others remain valid and are still referenced.
- Architecture specific (by the processor vendor):
A handy summary can be found at:
man elf
Spin like mad between:
- standards
- high level generators. We use the assembler
as
and linkerld
. - hexdumps
- file decompilers. We use
readelf
. It makes it faster to read the ELF file by turning it into human readable output. But you must have seen one byte-by-byte example first, and think howreadelf
output maps to the standard. - low-level generators: stand-alone libraries that let you control every field of the ELF files you generated. github.com/BR903/ELFkickers, github.com/sqall01/ZwoELF and many more on GitHub.
- consumer: the
exec
system call of the Linux kernel can parse ELF files to starts processes: github.com/torvalds/linux/blob/v4.11/fs/binfmt_elf.c, stackoverflow.com/questions/8352535/how-does-kernel-get-an-executable-binary-file-running-under-linux/31394861#31394861
The ELF standard specifies multiple file formats:
- Object files (
.o
).Intermediate step to generating executables and other formats:Source code | | Compilation | v Object file | | Linking | v Executable
Object files exist to make compilation faster: withmake
, we only have to recompile the modified source files based on timestamps.We have to do the linking step every time, but it is much less expensive.
- Executable files (no standard Linux extension).This is what the Linux kernel can actually run.
- Archive files (
.a
).Libraries meant to be embedded into executables during the Linking step.
- Shared object files (
.so
).Libraries meant to be loaded when the executable starts running.
- Core dumps.Such files may be generated by the Linux kernel when the program does naughty things, e.g. segfault.They exist to help debugging the program.
In this tutorial, we consider only object and executable files.
- Compiler toolchains generate and read ELF files.Sane compilers should use a separate standalone library to do the dirty work. E.g., Binutils uses BFD (in-tree and canonical source).
- Operating systems read and run ELF files.Kernels cannot link to a library nor use the C stlib, so they are more likely to implement it themselves.This is the case of the Linux kernel 4.2 which implements it in th file
fs/binfmt_elf.c
.
- Specialized libraries. Examples:
It is non-trivial to determine what is the smallest legal ELF file, or the smaller one that will do something trivial in Linux.
Some impressive attempts:
In this example we will consider a saner
hello world
example that will better capture real life cases.Let's break down a minimal runnable Linux x86-64 example:
hello_world.asm
section .data
hello_world db "Hello world!", 10
hello_world_len equ $ - hello_world
section .text
global _start
_start:
mov rax, 1
mov rdi, 1
mov rsi, hello_world
mov rdx, hello_world_len
syscall
mov rax, 60
mov rdi, 0
syscall
Compiled with:
nasm -w+all -f elf64 -o 'hello_world.o' 'hello_world.asm'
ld -o 'hello_world.out' 'hello_world.o'
TODO: use a minimal linker script with
-T
to be more precise and minimal.Versions:
- NASM 2.10.09
- Binutils version 2.24 (contains
ld
) - Ubuntu 14.04
We don't use a C program as that would complicate the analysis, that will be level 2 :-)
Articles were limited to the first 100 out of 148 total. Click here to view all children of Systems programming.
Articles by others on the same topic
There are currently no matching articles.