SlideShare ist ein Scribd-Unternehmen logo

DWARF Data Representation

Wang Hsiangkai
Wang Hsiangkai

Note about DWARF data format. (32-bit DWARF only)

Software
1 von 20
Downloaden Sie, um offline zu lesen
DWARF Data Representation Kai
.debug_info compilation unit header a series of debugging information entries (DIE) .debug_abbrev length of .debug_info dwarf version offset into .debug_abbrev (size of an address) .section .debug_info,"",@progbits .Ldebug_info0: .long 0x3a8 .value 0x2 // dwarf versino 2 .long .Ldebug_abbrev0 .byte 0x8 // 64 bits addressing .uleb128 0x1 .long .LASF55 .byte 0xc .long .LASF56 .long .LASF57 .quad .Ltext0 .quad .Letext0 .long .Ldebug_line0 a series of abbreviation declarations * DWARFv3 supports 64-bits DWARF format. Initial length = 0xffffffff to indicate 64-bits DWARF. The following 64-bits value is the real initial length. (4-byte unsigned) (2-byte unsigned) (4-byte unsigned)
.debug_info compilation unit header a series of debugging information entries (DIE) .debug_abbrev .section .debug_info,"",@progbits .Ldebug_info0: .long 0x3a8 .value 0x2 .long .Ldebug_abbrev0 .byte 0x8 .uleb128 0x1 .long .LASF55 .byte 0xc .long .LASF56 .long .LASF57 .quad .Ltext0 .quad .Letext0 .long .Ldebug_line0 .uleb128 0x2 .long .LASF7 .byte 0x2 .byte 0xd8 .long 0x38 .uleb128 0x3 .byte 0x8 .byte 0x7 .long .LASF0 .uleb128 0x3 .byte 0x1 .byte 0x8 .long .LASF1 a series of abbreviation declarations abbreviation code attribute values Each abbreviation declaration specifies the tag and attributes for a particular form of debugging information entry.
.section .debug_info,"",@progbits .Ldebug_info0: .long 0x3a8 .value 0x2 .long .Ldebug_abbrev0 .byte 0x8 .uleb128 0x1 .long .LASF55 .byte 0xc .long .LASF56 .long .LASF57 .quad .Ltext0 .quad .Letext0 .long .Ldebug_line0 .uleb128 0x2 .long .LASF7 .byte 0x2 .byte 0xd8 .long 0x38 .uleb128 0x3 .byte 0x8 .byte 0x7 .long .LASF0 .uleb128 0x3 .byte 0x1 .byte 0x8 .long .LASF1 abbreviation code attribute values .section .debug_abbrev,"",@progbits .Ldebug_abbrev0: .uleb128 0x1 .uleb128 0x11 .byte 0x1 .uleb128 0x25 .uleb128 0xe .uleb128 0x13 .uleb128 0xb .uleb128 0x3 .uleb128 0xe .uleb128 0x1b .uleb128 0xe .uleb128 0x11 .uleb128 0x1 .uleb128 0x12 .uleb128 0x1 .uleb128 0x10 .uleb128 0x6 .byte 0 .byte 0 .uleb128 0x2 .uleb128 0x16 .byte 0 .uleb128 0x3 .uleb128 0xe .uleb128 0x3a .uleb128 0xb .uleb128 0x3b .uleb128 0xb .uleb128 0x49 .uleb128 0x13 .byte 0 .byte 0 .uleb128 0x3 abbreviation code tag, 0x11(DW_TAG_compile_unit) has child or not attribute’s name (DW_AT_producer) attribute’s form (DW_FORM_strp) end of attribute spec end of attribute spec .section .debug_str,"MS",@progbits,1 .LASF55: .string "GNU C11 6.2.0 -mtune=generic -march= attribute’s name attribute’s form attribute’s name attribute’s form attribute’s name attribute’s form attribute’s name attribute’s form attribute’s name attribute’s form attribute’s name attribute’s form
unsigned LEB128 encoding 12857 = 0011001000111001 Chop 7 bits as a chunk _0111001_110010000 Place each chunk into a byte Discard zero byte. 1_______0_______ There are other bytes.Last byte. 1011100101100100 First byte.Second byte.
signed LEB128 encoding -2 = 11111111111111111111111111111110 Chop 7 bits as a chunk _1111110_1111111 Place each chunk into a byte If all sign bits, discard. 0_______ Last byte. 01111110 First byte. _1111111_11111111111
signed LEB128 encoding 127 = 00000000000000000000000001111111 Chop 7 bits as a chunk _1111111_0000000 Place each chunk into a byte 11111111 First byte. 1_______0_______ There are other bytes.Last byte. 00000000 Second byte.
.debug_pubnames header entries of global names in the .debug_info length of this set dwarf version offset into .debug_info length of the .debug_info compilation unit compilation unit compilation unit .debug_info .debug_info .debug_info set .debug_pubtypes (DWARFv3)
.debug_aranges header entries of addresses in the .debug_info length of this set dwarf version offset into .debug_info compilation unit compilation unit compilation unit .debug_info .debug_info .debug_info set (size of an address) (size of a segment descriptor) (padding if necessary) First entry is aligned with the size of one entry, 2 x (size of an address).
Activation Record • An activation consists of • A code location that is within the subroutine. • An area of memory that is allocated on a stack called a “call frame.” • A set of registers that are in use by the subroutine at the code location.
Call Frame Information • Recording how procedures save and restore registers throughout their lifetimes. • Construct a very large table as following: LOC CFA R0 R1 … RN L0 L1 … LM • The table is a mapping between program addresses and architecture registers. • The table is a mapping between program addresses and architecture registers. • The table entries are the rules to find the register values in the previous frame.
The Register Rules • undefined • Has no value in the previous frame. (It is not callee-save register.) • same value • This register has not been modified from the previous frame. (It is callee-save register, but the callee has not modified it.) • offset(N) • The previous value of this register is saved at the address CFA +N. • register(R) • The previous value of this register is stored in another register numbered R. • architectural • Architecture defined.
.debug_frame CIE FDE CIE length of this CIE (uword) CIE_id (uword) augmentation (string) code_alignment_factor (uleb218) FDE FDE FDE FDE FDE FDE FDE FDE FDE version (ubyte) data_alignment_factor (sleb128) return_address_register (ubyte) initial_instructions padding code_alignment_factor: A constant that is factored out of all advance location instructions. data_alignment_factor: A constant that is factored out of all offset instructions. initial_instructions: A sequence of rules that are interpreted to create the initial setting of each column in the table. (uleb128 for DWARFv3)
.debug_frame CIE FDE CIE length of this FDE (uword) CIE_pointer (uword) address_range (addressing unit) instructions FDE FDE FDE FDE FDE FDE FDE FDE FDE initial_location (addressing unit) initial_location: A constant indicates the address of the first location associated with this table entry. address_range: A constant indicates the number of bytes of program instructions described by this entry. instructions: A sequence of table defining instructions. padding
.section .debug_frame,"",@progbits .Lframe0: .long .LECIE0-.LSCIE0 // length of this CIE .LSCIE0: .long 0xffffffff // CIE_id .byte 0x1 // version .string “" // augmentation .uleb128 0x1 // code_alignment_factor .sleb128 -8 // data_alignment_factor .byte 0x10 // return address register, ra = r16 .byte 0xc // instruction (0xc = DW_CFA_def_cfa) .uleb128 0x7 // operand1 (register) .uleb128 0x8 // operand2 (offset) CFA = r7(rsp) + 0x8 .byte 0x90 // instruction (0x90 = DW_CFA_offset, register = 0x10) .uleb128 0x1 // operand1 (offset) r16(ra) = CFA + (0x1 * (-8)) .align 8 // padding .LECIE0: .LSFDE0: .long .LEFDE0-.LASFDE0 .LASFDE0: .long .Lframe0 .quad .LFB0 .quad .LFE0-.LFB0 .byte 0x4 .long .LCFI0-.LFB0 .byte 0xe .uleb128 0x10 .byte 0x86 .uleb128 0x2 .byte 0x4 .long .LCFI1-.LCFI0 .byte 0xd .uleb128 0x6 .byte 0x4 .long .LCFI2-.LCFI1 .byte 0xc .uleb128 0x7 .uleb128 0x8 .align 8 .LEFDE0: instructions 00000000 0000000000000014 ffffffff CIE "" cf=1 df=-8 ra=16 LOC CFA ra 0000000000000000 rsp+8 c-8
.section .debug_frame,"",@progbits .Lframe0: .long .LECIE0-.LSCIE0 // length of this CIE .LSCIE0: .long 0xffffffff .byte 0x1 .string “" .uleb128 0x1 .sleb128 -8 .byte 0x10 .byte 0xc .uleb128 0x7 .uleb128 0x8 .byte 0x90 .uleb128 0x1 .align 8 .LECIE0: .LSFDE0: .long .LEFDE0-.LASFDE0 // length of this FDE .LASFDE0: .long .Lframe0 // CIE_pointer .quad .LFB0 // initial location .quad .LFE0-.LFB0 // address range .byte 0x4 // instruction (0x4 = DW_CFA_advance_loc4) .long .LCFI0-.LFB0 // operand1 (4-byte delta) location = location + (delta * (1)) = 0x40050e .byte 0xe // instruction (0xe = DW_CFA_def_cfa_offset) .uleb128 0x10 // operand1 (offset) CFA = rsp + 0x10 .byte 0x86 // instruction (0x86 = DW_CFA_offset, register = 0x6) .uleb128 0x2 // operand1 (offset) r6(rbp) = CFA + (0x2 * (-8)) .byte 0x4 // instruction (0x4 = DW_CFA_advance_loc4) .long .LCFI1-.LCFI0 // operand1 (4-byte delta) location = location + (delta * (1)) = 0x400511 .byte 0xd // instruction (0xd = DW_CFA_def_cfa_register) .uleb128 0x6 // operand1 (register) CFA = r6(rbp) + 0x10 .byte 0x4 // instruction (0x4 = DW_CFA_advance_loc4) .long .LCFI2-.LCFI1 // operand1 (4-byte delta) location = location + (delta * (1)) = 0x400528 .byte 0xc // instruction (0xc = DW_CFA_def_cfa) .uleb128 0x7 // operand1 (register) .uleb128 0x8 // operand2 (offset) CFA = r7(rsp) + 0x8 .align 8 // padding .LEFDE0: 00000018 0000000000000024 00000000 FDE cie=00000000 pc=000000000040050d..0000000000400529 LOC CFA rbp ra 000000000040050d rsp+8 u c-8 // initial rules, defined by CIE 000000000040050e rsp+16 c-16 c-8 0000000000400511 rbp+16 c-16 c-8 0000000000400528 rsp+8 c-16 c-8 instructions
DWARF Data Representation

Empfohlen

Symbolic Debugging with DWARF
Symbolic Debugging with DWARFSymbolic Debugging with DWARF
Symbolic Debugging with DWARF
Samy Bahra
 
Design and Implementation of GCC Register Allocation
Design and Implementation of GCC Register AllocationDesign and Implementation of GCC Register Allocation
Design and Implementation of GCC Register Allocation
Kito Cheng
 
What Can Compilers Do for Us?
What Can Compilers Do for Us?What Can Compilers Do for Us?
What Can Compilers Do for Us?
National Cheng Kung University
 
ret2dl resolve
ret2dl resolveret2dl resolve
ret2dl resolve
sounakano
 
LLVM Register Allocation (2nd Version)
LLVM Register Allocation (2nd Version)LLVM Register Allocation (2nd Version)
LLVM Register Allocation (2nd Version)
Wang Hsiangkai
 
A look into the sanitizer family (ASAN & UBSAN) by Akul Pillai
A look into the sanitizer family (ASAN & UBSAN) by Akul PillaiA look into the sanitizer family (ASAN & UBSAN) by Akul Pillai
A look into the sanitizer family (ASAN & UBSAN) by Akul Pillai
Cysinfo Cyber Security Community
 
Return to dlresolve
Return to dlresolveReturn to dlresolve
Return to dlresolve
Angel Boy
 
Heap exploitation
Heap exploitationHeap exploitation
Heap exploitation
Angel Boy
 

Empfohlen

Symbolic Debugging with DWARF
Symbolic Debugging with DWARFSymbolic Debugging with DWARF
Symbolic Debugging with DWARF
Samy Bahra
 
Design and Implementation of GCC Register Allocation
Design and Implementation of GCC Register AllocationDesign and Implementation of GCC Register Allocation
Design and Implementation of GCC Register Allocation
Kito Cheng
 
What Can Compilers Do for Us?
What Can Compilers Do for Us?What Can Compilers Do for Us?
What Can Compilers Do for Us?
National Cheng Kung University
 
ret2dl resolve
ret2dl resolveret2dl resolve
ret2dl resolve
sounakano
 
LLVM Register Allocation (2nd Version)
LLVM Register Allocation (2nd Version)LLVM Register Allocation (2nd Version)
LLVM Register Allocation (2nd Version)
Wang Hsiangkai
 
A look into the sanitizer family (ASAN & UBSAN) by Akul Pillai
A look into the sanitizer family (ASAN & UBSAN) by Akul PillaiA look into the sanitizer family (ASAN & UBSAN) by Akul Pillai
A look into the sanitizer family (ASAN & UBSAN) by Akul Pillai
Cysinfo Cyber Security Community
 
Return to dlresolve
Return to dlresolveReturn to dlresolve
Return to dlresolve
Angel Boy
 
Heap exploitation
Heap exploitationHeap exploitation
Heap exploitation
Angel Boy
 
twlkh-linux-vsyscall-and-vdso
twlkh-linux-vsyscall-and-vdsotwlkh-linux-vsyscall-and-vdso
twlkh-linux-vsyscall-and-vdso
Viller Hsiao
 
Learn C Programming Language by Using GDB
Learn C Programming Language by Using GDBLearn C Programming Language by Using GDB
Learn C Programming Language by Using GDB
National Cheng Kung University
 
GCC LTO
GCC LTOGCC LTO
GCC LTO
Wang Hsiangkai
 
COSCUP2016 - LLVM框架、由淺入淺
COSCUP2016 - LLVM框架、由淺入淺COSCUP2016 - LLVM框架、由淺入淺
COSCUP2016 - LLVM框架、由淺入淺
hydai
 
Kernel Recipes 2017 - Understanding the Linux kernel via ftrace - Steven Rostedt
Kernel Recipes 2017 - Understanding the Linux kernel via ftrace - Steven RostedtKernel Recipes 2017 - Understanding the Linux kernel via ftrace - Steven Rostedt
Kernel Recipes 2017 - Understanding the Linux kernel via ftrace - Steven Rostedt
Anne Nicolas
 
Sigreturn Oriented Programming
Sigreturn Oriented ProgrammingSigreturn Oriented Programming
Sigreturn Oriented Programming
Angel Boy
 
Instruction Combine in LLVM
Instruction Combine in LLVMInstruction Combine in LLVM
Instruction Combine in LLVM
Wang Hsiangkai
 
from Binary to Binary: How Qemu Works
from Binary to Binary: How Qemu Worksfrom Binary to Binary: How Qemu Works
from Binary to Binary: How Qemu Works
Zhen Wei
 
Address/Thread/Memory Sanitizer
Address/Thread/Memory SanitizerAddress/Thread/Memory Sanitizer
Address/Thread/Memory Sanitizer
Platonov Sergey
 
Linux kernel debugging
Linux kernel debuggingLinux kernel debugging
Linux kernel debugging
Hao-Ran Liu
 
LLVM Register Allocation
LLVM Register AllocationLLVM Register Allocation
LLVM Register Allocation
Wang Hsiangkai
 
Qemu Introduction
Qemu IntroductionQemu Introduction
Qemu Introduction
Chiawei Wang
 
Something About Dynamic Linking
Something About Dynamic LinkingSomething About Dynamic Linking
Something About Dynamic Linking
Wang Hsiangkai
 
LLVM Instruction Selection
LLVM Instruction SelectionLLVM Instruction Selection
LLVM Instruction Selection
Shiva Chen
 
Virtual Machine Constructions for Dummies
Virtual Machine Constructions for DummiesVirtual Machine Constructions for Dummies
Virtual Machine Constructions for Dummies
National Cheng Kung University
 
Making Linux do Hard Real-time
Making Linux do Hard Real-timeMaking Linux do Hard Real-time
Making Linux do Hard Real-time
National Cheng Kung University
 
LLVM 總是打開你的心:從電玩模擬器看編譯器應用實例
LLVM 總是打開你的心:從電玩模擬器看編譯器應用實例LLVM 總是打開你的心:從電玩模擬器看編譯器應用實例
LLVM 總是打開你的心:從電玩模擬器看編譯器應用實例
National Cheng Kung University
 
Advanced heap exploitaion
Advanced heap exploitaionAdvanced heap exploitaion
Advanced heap exploitaion
Angel Boy
 
Unix v6 Internals
Unix v6 InternalsUnix v6 Internals
Unix v6 Internals
National Cheng Kung University
 
Execution
ExecutionExecution
Execution
Angel Boy
 
Effective Modern C++
Effective Modern C++Effective Modern C++
Effective Modern C++
Wang Hsiangkai
 
Evdokimov python arsenal for re
Evdokimov python arsenal for reEvdokimov python arsenal for re
Evdokimov python arsenal for re
DefconRussia
 

Weitere ähnliche Inhalte

Was ist angesagt?

Kernel Recipes 2017 - Understanding the Linux kernel via ftrace - Steven Rostedt
Kernel Recipes 2017 - Understanding the Linux kernel via ftrace - Steven RostedtKernel Recipes 2017 - Understanding the Linux kernel via ftrace - Steven Rostedt
Kernel Recipes 2017 - Understanding the Linux kernel via ftrace - Steven Rostedt
Anne Nicolas
 

Was ist angesagt? (20)

twlkh-linux-vsyscall-and-vdso
twlkh-linux-vsyscall-and-vdsotwlkh-linux-vsyscall-and-vdso
twlkh-linux-vsyscall-and-vdso
 
Learn C Programming Language by Using GDB
Learn C Programming Language by Using GDBLearn C Programming Language by Using GDB
Learn C Programming Language by Using GDB
 
GCC LTO
GCC LTOGCC LTO
GCC LTO
 
COSCUP2016 - LLVM框架、由淺入淺
COSCUP2016 - LLVM框架、由淺入淺COSCUP2016 - LLVM框架、由淺入淺
COSCUP2016 - LLVM框架、由淺入淺
 
Kernel Recipes 2017 - Understanding the Linux kernel via ftrace - Steven Rostedt
Kernel Recipes 2017 - Understanding the Linux kernel via ftrace - Steven RostedtKernel Recipes 2017 - Understanding the Linux kernel via ftrace - Steven Rostedt
Kernel Recipes 2017 - Understanding the Linux kernel via ftrace - Steven Rostedt
 
Sigreturn Oriented Programming
Sigreturn Oriented ProgrammingSigreturn Oriented Programming
Sigreturn Oriented Programming
 
Instruction Combine in LLVM
Instruction Combine in LLVMInstruction Combine in LLVM
Instruction Combine in LLVM
 
from Binary to Binary: How Qemu Works
from Binary to Binary: How Qemu Worksfrom Binary to Binary: How Qemu Works
from Binary to Binary: How Qemu Works
 
Address/Thread/Memory Sanitizer
Address/Thread/Memory SanitizerAddress/Thread/Memory Sanitizer
Address/Thread/Memory Sanitizer
 
Linux kernel debugging
Linux kernel debuggingLinux kernel debugging
Linux kernel debugging
 
LLVM Register Allocation
LLVM Register AllocationLLVM Register Allocation
LLVM Register Allocation
 
Qemu Introduction
Qemu IntroductionQemu Introduction
Qemu Introduction
 
Something About Dynamic Linking
Something About Dynamic LinkingSomething About Dynamic Linking
Something About Dynamic Linking
 
LLVM Instruction Selection
LLVM Instruction SelectionLLVM Instruction Selection
LLVM Instruction Selection
 
Virtual Machine Constructions for Dummies
Virtual Machine Constructions for DummiesVirtual Machine Constructions for Dummies
Virtual Machine Constructions for Dummies
 
Making Linux do Hard Real-time
Making Linux do Hard Real-timeMaking Linux do Hard Real-time
Making Linux do Hard Real-time
 
LLVM 總是打開你的心:從電玩模擬器看編譯器應用實例
LLVM 總是打開你的心:從電玩模擬器看編譯器應用實例LLVM 總是打開你的心:從電玩模擬器看編譯器應用實例
LLVM 總是打開你的心:從電玩模擬器看編譯器應用實例
 
Advanced heap exploitaion
Advanced heap exploitaionAdvanced heap exploitaion
Advanced heap exploitaion
 
Unix v6 Internals
Unix v6 InternalsUnix v6 Internals
Unix v6 Internals
 
Execution
ExecutionExecution
Execution
 

Andere mochten auch

Evdokimov python arsenal for re
Evdokimov python arsenal for reEvdokimov python arsenal for re
Evdokimov python arsenal for re
DefconRussia
 
HES2011 - James Oakley and Sergey bratus-Exploiting-the-Hard-Working-DWARF
HES2011 - James Oakley and Sergey bratus-Exploiting-the-Hard-Working-DWARFHES2011 - James Oakley and Sergey bratus-Exploiting-the-Hard-Working-DWARF
HES2011 - James Oakley and Sergey bratus-Exploiting-the-Hard-Working-DWARF
Hackito Ergo Sum
 
LD_PRELOAD Exploitation - DC9723
LD_PRELOAD Exploitation - DC9723LD_PRELOAD Exploitation - DC9723
LD_PRELOAD Exploitation - DC9723
Iftach Ian Amit
 
Program Structure in GNU/Linux (ELF Format)
Program Structure in GNU/Linux (ELF Format)Program Structure in GNU/Linux (ELF Format)
Program Structure in GNU/Linux (ELF Format)
Varun Mahajan
 
SECR'13 Lightweight linux shared libraries profiling
SECR'13 Lightweight linux shared libraries profilingSECR'13 Lightweight linux shared libraries profiling
SECR'13 Lightweight linux shared libraries profiling
OSLL
 

Andere mochten auch (20)

Effective Modern C++
Effective Modern C++Effective Modern C++
Effective Modern C++
 
Evdokimov python arsenal for re
Evdokimov python arsenal for reEvdokimov python arsenal for re
Evdokimov python arsenal for re
 
ELF 101
ELF 101ELF 101
ELF 101
 
HES2011 - James Oakley and Sergey bratus-Exploiting-the-Hard-Working-DWARF
HES2011 - James Oakley and Sergey bratus-Exploiting-the-Hard-Working-DWARFHES2011 - James Oakley and Sergey bratus-Exploiting-the-Hard-Working-DWARF
HES2011 - James Oakley and Sergey bratus-Exploiting-the-Hard-Working-DWARF
 
Intro reverse engineering
Intro reverse engineeringIntro reverse engineering
Intro reverse engineering
 
A hands-on introduction to the ELF Object file format
A hands-on introduction to the ELF Object file formatA hands-on introduction to the ELF Object file format
A hands-on introduction to the ELF Object file format
 
LD_PRELOAD Exploitation - DC9723
LD_PRELOAD Exploitation - DC9723LD_PRELOAD Exploitation - DC9723
LD_PRELOAD Exploitation - DC9723
 
06 - ELF format, knowing your friend
06 - ELF format, knowing your friend06 - ELF format, knowing your friend
06 - ELF format, knowing your friend
 
Linker and loader upload
Linker and loader uploadLinker and loader upload
Linker and loader upload
 
FISL XIV - The ELF File Format and the Linux Loader
FISL XIV - The ELF File Format and the Linux LoaderFISL XIV - The ELF File Format and the Linux Loader
FISL XIV - The ELF File Format and the Linux Loader
 
Program Structure in GNU/Linux (ELF Format)
Program Structure in GNU/Linux (ELF Format)Program Structure in GNU/Linux (ELF Format)
Program Structure in GNU/Linux (ELF Format)
 
Ch 4 linker loader
Ch 4 linker loaderCh 4 linker loader
Ch 4 linker loader
 
Compilation and Execution
Compilation and ExecutionCompilation and Execution
Compilation and Execution
 
Sp chap2
Sp chap2Sp chap2
Sp chap2
 
Embedded Systems: Lecture 14: Introduction to GNU Toolchain (Binary Utilities)
Embedded Systems: Lecture 14: Introduction to GNU Toolchain (Binary Utilities)Embedded Systems: Lecture 14: Introduction to GNU Toolchain (Binary Utilities)
Embedded Systems: Lecture 14: Introduction to GNU Toolchain (Binary Utilities)
 
SECR'13 Lightweight linux shared libraries profiling
SECR'13 Lightweight linux shared libraries profilingSECR'13 Lightweight linux shared libraries profiling
SECR'13 Lightweight linux shared libraries profiling
 
Linkers in compiler
Linkers in compilerLinkers in compiler
Linkers in compiler
 
Linkers And Loaders
Linkers And LoadersLinkers And Loaders
Linkers And Loaders
 
Dynamic Linker
Dynamic LinkerDynamic Linker
Dynamic Linker
 
Linkers
LinkersLinkers
Linkers
 

Ähnlich wie DWARF Data Representation

EMBEDDED SYSTEMS 4&5
EMBEDDED SYSTEMS 4&5EMBEDDED SYSTEMS 4&5
EMBEDDED SYSTEMS 4&5
PRADEEP
 
General Purpose Computing using Graphics Hardware
General Purpose Computing using Graphics HardwareGeneral Purpose Computing using Graphics Hardware
General Purpose Computing using Graphics Hardware
Daniel Blezek
 
6_2018_11_23!09_24_56_PM (1).pptx
6_2018_11_23!09_24_56_PM (1).pptx6_2018_11_23!09_24_56_PM (1).pptx
6_2018_11_23!09_24_56_PM (1).pptx
HebaEng
 
Lecture 2 coal sping12
Lecture 2 coal sping12Lecture 2 coal sping12
Lecture 2 coal sping12
Rabia Khalid
 
Chap 3_2.ppt
Chap 3_2.pptChap 3_2.ppt
Chap 3_2.ppt
inian2
 

Ähnlich wie DWARF Data Representation (20)

Redo internals ppt
Redo internals pptRedo internals ppt
Redo internals ppt
 
Reverse Engineering Dojo: Enhancing Assembly Reading Skills
Reverse Engineering Dojo: Enhancing Assembly Reading SkillsReverse Engineering Dojo: Enhancing Assembly Reading Skills
Reverse Engineering Dojo: Enhancing Assembly Reading Skills
 
DFiant HDL
DFiant HDLDFiant HDL
DFiant HDL
 
EMBEDDED SYSTEMS 4&5
EMBEDDED SYSTEMS 4&5EMBEDDED SYSTEMS 4&5
EMBEDDED SYSTEMS 4&5
 
embedded C.pptx
embedded C.pptxembedded C.pptx
embedded C.pptx
 
Low-level Shader Optimization for Next-Gen and DX11 by Emil Persson
Low-level Shader Optimization for Next-Gen and DX11 by Emil PerssonLow-level Shader Optimization for Next-Gen and DX11 by Emil Persson
Low-level Shader Optimization for Next-Gen and DX11 by Emil Persson
 
The forgotten art of assembly
The forgotten art of assemblyThe forgotten art of assembly
The forgotten art of assembly
 
General Purpose Computing using Graphics Hardware
General Purpose Computing using Graphics HardwareGeneral Purpose Computing using Graphics Hardware
General Purpose Computing using Graphics Hardware
 
Class2
Class2Class2
Class2
 
N_Asm Assembly arithmetic instructions (sol)
N_Asm Assembly arithmetic instructions (sol)N_Asm Assembly arithmetic instructions (sol)
N_Asm Assembly arithmetic instructions (sol)
 
6_2018_11_23!09_24_56_PM (1).pptx
6_2018_11_23!09_24_56_PM (1).pptx6_2018_11_23!09_24_56_PM (1).pptx
6_2018_11_23!09_24_56_PM (1).pptx
 
How the stack works(1)
How the stack works(1)How the stack works(1)
How the stack works(1)
 
DFiant HDL CIRCT Presentation
DFiant HDL CIRCT PresentationDFiant HDL CIRCT Presentation
DFiant HDL CIRCT Presentation
 
X86 assembly & GDB
X86 assembly & GDBX86 assembly & GDB
X86 assembly & GDB
 
Lecture 2 coal sping12
Lecture 2 coal sping12Lecture 2 coal sping12
Lecture 2 coal sping12
 
Chap 3_2.ppt
Chap 3_2.pptChap 3_2.ppt
Chap 3_2.ppt
 
0.my book draft chap 1
0.my book draft chap 10.my book draft chap 1
0.my book draft chap 1
 
Computer Architecture Assignment Help
Computer Architecture Assignment HelpComputer Architecture Assignment Help
Computer Architecture Assignment Help
 
Debunking myths about_redo_ppt
Debunking myths about_redo_pptDebunking myths about_redo_ppt
Debunking myths about_redo_ppt
 
Instruction set of 8086 Microprocessor
Instruction set of 8086 Microprocessor Instruction set of 8086 Microprocessor
Instruction set of 8086 Microprocessor
 

Mehr von Wang Hsiangkai

Mehr von Wang Hsiangkai (7)

Debug Line Issues After Relaxation.
Debug Line Issues After Relaxation.Debug Line Issues After Relaxation.
Debug Line Issues After Relaxation.
 
Machine Trace Metrics
Machine Trace MetricsMachine Trace Metrics
Machine Trace Metrics
 
LTO plugin
LTO pluginLTO plugin
LTO plugin
 
GCC GENERIC
GCC GENERICGCC GENERIC
GCC GENERIC
 
Perf File Format
Perf File FormatPerf File Format
Perf File Format
 
Introduction to Perf
Introduction to PerfIntroduction to Perf
Introduction to Perf
 
SSA - PHI-functions Placements
SSA - PHI-functions PlacementsSSA - PHI-functions Placements
SSA - PHI-functions Placements
 

Kürzlich hochgeladen

%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
masabamasaba
 
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Medical / Health Care (+971588192166) Mifepristone and Misoprostol tablets 200mg
 
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
chiefasafspells
 
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
VictoriaMetrics
 
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
masabamasaba
 
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
masabamasaba
 

Kürzlich hochgeladen (20)

Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
 
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
 
%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand
 
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
 
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
 
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
 
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open SourceWSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
 
WSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With SimplicityWSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
 
tonesoftg
tonesoftgtonesoftg
tonesoftg
 
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
 
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
 
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
 
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
 
Announcing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK SoftwareAnnouncing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK Software
 
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
 
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
 
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
 
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
 

DWARF Data Representation

  • 2. .debug_info compilation unit header a series of debugging information entries (DIE) .debug_abbrev length of .debug_info dwarf version offset into .debug_abbrev (size of an address) .section .debug_info,"",@progbits .Ldebug_info0: .long 0x3a8 .value 0x2 // dwarf versino 2 .long .Ldebug_abbrev0 .byte 0x8 // 64 bits addressing .uleb128 0x1 .long .LASF55 .byte 0xc .long .LASF56 .long .LASF57 .quad .Ltext0 .quad .Letext0 .long .Ldebug_line0 a series of abbreviation declarations * DWARFv3 supports 64-bits DWARF format. Initial length = 0xffffffff to indicate 64-bits DWARF. The following 64-bits value is the real initial length. (4-byte unsigned) (2-byte unsigned) (4-byte unsigned)
  • 3. .debug_info compilation unit header a series of debugging information entries (DIE) .debug_abbrev .section .debug_info,"",@progbits .Ldebug_info0: .long 0x3a8 .value 0x2 .long .Ldebug_abbrev0 .byte 0x8 .uleb128 0x1 .long .LASF55 .byte 0xc .long .LASF56 .long .LASF57 .quad .Ltext0 .quad .Letext0 .long .Ldebug_line0 .uleb128 0x2 .long .LASF7 .byte 0x2 .byte 0xd8 .long 0x38 .uleb128 0x3 .byte 0x8 .byte 0x7 .long .LASF0 .uleb128 0x3 .byte 0x1 .byte 0x8 .long .LASF1 a series of abbreviation declarations abbreviation code attribute values Each abbreviation declaration specifies the tag and attributes for a particular form of debugging information entry.
  • 4. .section .debug_info,"",@progbits .Ldebug_info0: .long 0x3a8 .value 0x2 .long .Ldebug_abbrev0 .byte 0x8 .uleb128 0x1 .long .LASF55 .byte 0xc .long .LASF56 .long .LASF57 .quad .Ltext0 .quad .Letext0 .long .Ldebug_line0 .uleb128 0x2 .long .LASF7 .byte 0x2 .byte 0xd8 .long 0x38 .uleb128 0x3 .byte 0x8 .byte 0x7 .long .LASF0 .uleb128 0x3 .byte 0x1 .byte 0x8 .long .LASF1 abbreviation code attribute values .section .debug_abbrev,"",@progbits .Ldebug_abbrev0: .uleb128 0x1 .uleb128 0x11 .byte 0x1 .uleb128 0x25 .uleb128 0xe .uleb128 0x13 .uleb128 0xb .uleb128 0x3 .uleb128 0xe .uleb128 0x1b .uleb128 0xe .uleb128 0x11 .uleb128 0x1 .uleb128 0x12 .uleb128 0x1 .uleb128 0x10 .uleb128 0x6 .byte 0 .byte 0 .uleb128 0x2 .uleb128 0x16 .byte 0 .uleb128 0x3 .uleb128 0xe .uleb128 0x3a .uleb128 0xb .uleb128 0x3b .uleb128 0xb .uleb128 0x49 .uleb128 0x13 .byte 0 .byte 0 .uleb128 0x3 abbreviation code tag, 0x11(DW_TAG_compile_unit) has child or not attribute’s name (DW_AT_producer) attribute’s form (DW_FORM_strp) end of attribute spec end of attribute spec .section .debug_str,"MS",@progbits,1 .LASF55: .string "GNU C11 6.2.0 -mtune=generic -march= attribute’s name attribute’s form attribute’s name attribute’s form attribute’s name attribute’s form attribute’s name attribute’s form attribute’s name attribute’s form attribute’s name attribute’s form
  • 5.
  • 6.
  • 7.
  • 8. unsigned LEB128 encoding 12857 = 0011001000111001 Chop 7 bits as a chunk _0111001_110010000 Place each chunk into a byte Discard zero byte. 1_______0_______ There are other bytes.Last byte. 1011100101100100 First byte.Second byte.
  • 9. signed LEB128 encoding -2 = 11111111111111111111111111111110 Chop 7 bits as a chunk _1111110_1111111 Place each chunk into a byte If all sign bits, discard. 0_______ Last byte. 01111110 First byte. _1111111_11111111111
  • 10. signed LEB128 encoding 127 = 00000000000000000000000001111111 Chop 7 bits as a chunk _1111111_0000000 Place each chunk into a byte 11111111 First byte. 1_______0_______ There are other bytes.Last byte. 00000000 Second byte.
  • 11. .debug_pubnames header entries of global names in the .debug_info length of this set dwarf version offset into .debug_info length of the .debug_info compilation unit compilation unit compilation unit .debug_info .debug_info .debug_info set .debug_pubtypes (DWARFv3)
  • 12. .debug_aranges header entries of addresses in the .debug_info length of this set dwarf version offset into .debug_info compilation unit compilation unit compilation unit .debug_info .debug_info .debug_info set (size of an address) (size of a segment descriptor) (padding if necessary) First entry is aligned with the size of one entry, 2 x (size of an address).
  • 13. Activation Record • An activation consists of • A code location that is within the subroutine. • An area of memory that is allocated on a stack called a “call frame.” • A set of registers that are in use by the subroutine at the code location.
  • 14. Call Frame Information • Recording how procedures save and restore registers throughout their lifetimes. • Construct a very large table as following: LOC CFA R0 R1 … RN L0 L1 … LM • The table is a mapping between program addresses and architecture registers. • The table is a mapping between program addresses and architecture registers. • The table entries are the rules to find the register values in the previous frame.
  • 15. The Register Rules • undefined • Has no value in the previous frame. (It is not callee-save register.) • same value • This register has not been modified from the previous frame. (It is callee-save register, but the callee has not modified it.) • offset(N) • The previous value of this register is saved at the address CFA +N. • register(R) • The previous value of this register is stored in another register numbered R. • architectural • Architecture defined.
  • 16. .debug_frame CIE FDE CIE length of this CIE (uword) CIE_id (uword) augmentation (string) code_alignment_factor (uleb218) FDE FDE FDE FDE FDE FDE FDE FDE FDE version (ubyte) data_alignment_factor (sleb128) return_address_register (ubyte) initial_instructions padding code_alignment_factor: A constant that is factored out of all advance location instructions. data_alignment_factor: A constant that is factored out of all offset instructions. initial_instructions: A sequence of rules that are interpreted to create the initial setting of each column in the table. (uleb128 for DWARFv3)
  • 17. .debug_frame CIE FDE CIE length of this FDE (uword) CIE_pointer (uword) address_range (addressing unit) instructions FDE FDE FDE FDE FDE FDE FDE FDE FDE initial_location (addressing unit) initial_location: A constant indicates the address of the first location associated with this table entry. address_range: A constant indicates the number of bytes of program instructions described by this entry. instructions: A sequence of table defining instructions. padding
  • 18. .section .debug_frame,"",@progbits .Lframe0: .long .LECIE0-.LSCIE0 // length of this CIE .LSCIE0: .long 0xffffffff // CIE_id .byte 0x1 // version .string “" // augmentation .uleb128 0x1 // code_alignment_factor .sleb128 -8 // data_alignment_factor .byte 0x10 // return address register, ra = r16 .byte 0xc // instruction (0xc = DW_CFA_def_cfa) .uleb128 0x7 // operand1 (register) .uleb128 0x8 // operand2 (offset) CFA = r7(rsp) + 0x8 .byte 0x90 // instruction (0x90 = DW_CFA_offset, register = 0x10) .uleb128 0x1 // operand1 (offset) r16(ra) = CFA + (0x1 * (-8)) .align 8 // padding .LECIE0: .LSFDE0: .long .LEFDE0-.LASFDE0 .LASFDE0: .long .Lframe0 .quad .LFB0 .quad .LFE0-.LFB0 .byte 0x4 .long .LCFI0-.LFB0 .byte 0xe .uleb128 0x10 .byte 0x86 .uleb128 0x2 .byte 0x4 .long .LCFI1-.LCFI0 .byte 0xd .uleb128 0x6 .byte 0x4 .long .LCFI2-.LCFI1 .byte 0xc .uleb128 0x7 .uleb128 0x8 .align 8 .LEFDE0: instructions 00000000 0000000000000014 ffffffff CIE "" cf=1 df=-8 ra=16 LOC CFA ra 0000000000000000 rsp+8 c-8
  • 19. .section .debug_frame,"",@progbits .Lframe0: .long .LECIE0-.LSCIE0 // length of this CIE .LSCIE0: .long 0xffffffff .byte 0x1 .string “" .uleb128 0x1 .sleb128 -8 .byte 0x10 .byte 0xc .uleb128 0x7 .uleb128 0x8 .byte 0x90 .uleb128 0x1 .align 8 .LECIE0: .LSFDE0: .long .LEFDE0-.LASFDE0 // length of this FDE .LASFDE0: .long .Lframe0 // CIE_pointer .quad .LFB0 // initial location .quad .LFE0-.LFB0 // address range .byte 0x4 // instruction (0x4 = DW_CFA_advance_loc4) .long .LCFI0-.LFB0 // operand1 (4-byte delta) location = location + (delta * (1)) = 0x40050e .byte 0xe // instruction (0xe = DW_CFA_def_cfa_offset) .uleb128 0x10 // operand1 (offset) CFA = rsp + 0x10 .byte 0x86 // instruction (0x86 = DW_CFA_offset, register = 0x6) .uleb128 0x2 // operand1 (offset) r6(rbp) = CFA + (0x2 * (-8)) .byte 0x4 // instruction (0x4 = DW_CFA_advance_loc4) .long .LCFI1-.LCFI0 // operand1 (4-byte delta) location = location + (delta * (1)) = 0x400511 .byte 0xd // instruction (0xd = DW_CFA_def_cfa_register) .uleb128 0x6 // operand1 (register) CFA = r6(rbp) + 0x10 .byte 0x4 // instruction (0x4 = DW_CFA_advance_loc4) .long .LCFI2-.LCFI1 // operand1 (4-byte delta) location = location + (delta * (1)) = 0x400528 .byte 0xc // instruction (0xc = DW_CFA_def_cfa) .uleb128 0x7 // operand1 (register) .uleb128 0x8 // operand2 (offset) CFA = r7(rsp) + 0x8 .align 8 // padding .LEFDE0: 00000018 0000000000000024 00000000 FDE cie=00000000 pc=000000000040050d..0000000000400529 LOC CFA rbp ra 000000000040050d rsp+8 u c-8 // initial rules, defined by CIE 000000000040050e rsp+16 c-16 c-8 0000000000400511 rbp+16 c-16 c-8 0000000000400528 rsp+8 c-16 c-8 instructions