DEBUG信息中C结构的ELF文件变量地址
我有.flef文件。我正在尝试学习符号地址。我可以通过多种方式找到主要变量地址。我使用了pyelftools,nm.exe,objdump.exe,readelf.exe。但是所有这些方式我都无法达到结构地址和枚举价值。当我用矮人调试精灵文件时,我可以看到结构和枚举。我可以遵循矮人的特性,但很复杂。我如何能轻松自动找到结构变量地址和枚举值?
编辑: 我将以一个例子来解释我的问题。
Symbol table '.symtab' contains 1350 entries:
Num: Value Size Type Bind Vis Ndx Name
1192: 200005c8 12 OBJECT GLOBAL DEFAULT 10 arm_adc_B
当我们看符号表时,有1350个条目。例如,我想学习“ ARM_ADC_B”符号属性,并且它具有结构参数。对于学习这些东西,我们必须查看.debug_info部分。
<1><414e>: Abbrev Number: 37 (DW_TAG_variable)
<414f> DW_AT_specification: <0x3f45>
<4153> DW_AT_decl_file : 1
<4154> DW_AT_decl_line : 53
<4155> DW_AT_location : 5 byte block: 3 c8 5 0 20 (DW_OP_addr: 200005c8)
首先,我在矮文中搜索了“ 200005c8”地址,并查找dw_op_addr:200005c8。之后遵循dw_at_specification:&lt; 0x3f45&gt;。
<1><3f45>: Abbrev Number: 35 (DW_TAG_variable)
<3f46> DW_AT_name : (indirect string, offset: 0x2b49): arm_adc_B
<3f4a> DW_AT_decl_file : 15
<3f4b> DW_AT_decl_line : 63
<3f4c> DW_AT_type : <0x3efc>
<3f50> DW_AT_external : 1
<3f50> DW_AT_declaration : 1
当我遵循此地址时,我可以收到它的类型。
<1><3eb3>: Abbrev Number: 10 (DW_TAG_structure_type)
<3eb4> DW_AT_byte_size : 12
<3eb5> DW_AT_decl_file : 15
<3eb6> DW_AT_decl_line : 43
<3eb7> DW_AT_sibling : <0x3eec>
<2><3ebb>: Abbrev Number: 11 (DW_TAG_member)
<3ebc> DW_AT_name : (indirect string, offset: 0x26d8): ADC_Start
<3ec0> DW_AT_decl_file : 15
<3ec1> DW_AT_decl_line : 44
<3ec2> DW_AT_type : <0x3782>
<3ec6> DW_AT_data_member_location: 0
<2><3ec7>: Abbrev Number: 11 (DW_TAG_member)
<3ec8> DW_AT_name : (indirect string, offset: 0x26e2): ADC_Start1
<3ecc> DW_AT_decl_file : 15
<3ecd> DW_AT_decl_line : 45
<3ece> DW_AT_type : <0x3782>
<3ed2> DW_AT_data_member_location: 4
<2><3ed3>: Abbrev Number: 11 (DW_TAG_member)
<3ed4> DW_AT_name : (indirect string, offset: 0x285a): MSDI_ChartMode
<3ed8> DW_AT_decl_file : 15
<3ed9> DW_AT_decl_line : 46
<3eda> DW_AT_type : <0x3e84>
<3ede> DW_AT_data_member_location: 8
<2><3edf>: Abbrev Number: 11 (DW_TAG_member)
<3ee0> DW_AT_name : (indirect string, offset: 0x2b2b): msdi_tx_data
<3ee4> DW_AT_decl_file : 15
<3ee5> DW_AT_decl_line : 47
<3ee6> DW_AT_type : <0x3eec>
<3eea> DW_AT_data_member_location: 9
<2><3eeb>: Abbrev Number: 0
“ ARM_ADC_B”变量是一个结构参数。我们可以计算结构成员地址。它是从200005c8开始的,您需要仅添加dw_at_data_member_location。
arm_adc_B 0x200005c8
arm_adc_B.ADC_Start 0x200005c8
arm_adc_B.ADC_Start1 0x200005cc
arm_adc_B.MSDI_ChartMode 0x200005d0
arm_adc_B.msdi_tx_data 0x200005d1
我想找到这个地址。有dw_tag_enumeration_type。我们可以这样学习。我如何轻松地做到这一点?
I have .elf file. I am trying to learn symbol address. I could find main variable addresses with many ways. I used pyelftools, nm.exe, objdump.exe, readelf.exe. But all of these ways i can't reach structure addresses and enum values. When I debug elf file with dwarf i can see structure and enum. I can follow dwarf properties but is complicated. How can i find structure variable addresses and enum values easily and automatically?
Edit:
I will explain my question with an example.
Symbol table '.symtab' contains 1350 entries:
Num: Value Size Type Bind Vis Ndx Name
1192: 200005c8 12 OBJECT GLOBAL DEFAULT 10 arm_adc_B
When we look symbol table, there are 1350 entries. For example i want to learn "arm_adc_B" symbol properties and it has structure parameter or not. For learnig these things we must look .debug_info section.
<1><414e>: Abbrev Number: 37 (DW_TAG_variable)
<414f> DW_AT_specification: <0x3f45>
<4153> DW_AT_decl_file : 1
<4154> DW_AT_decl_line : 53
<4155> DW_AT_location : 5 byte block: 3 c8 5 0 20 (DW_OP_addr: 200005c8)
Firstly I searched address "200005c8" in dwarf text and find DW_OP_addr: 200005c8. After that followed DW_AT_specification:<0x3f45>.
<1><3f45>: Abbrev Number: 35 (DW_TAG_variable)
<3f46> DW_AT_name : (indirect string, offset: 0x2b49): arm_adc_B
<3f4a> DW_AT_decl_file : 15
<3f4b> DW_AT_decl_line : 63
<3f4c> DW_AT_type : <0x3efc>
<3f50> DW_AT_external : 1
<3f50> DW_AT_declaration : 1
When I follow this address, i can receive its type.
<1><3eb3>: Abbrev Number: 10 (DW_TAG_structure_type)
<3eb4> DW_AT_byte_size : 12
<3eb5> DW_AT_decl_file : 15
<3eb6> DW_AT_decl_line : 43
<3eb7> DW_AT_sibling : <0x3eec>
<2><3ebb>: Abbrev Number: 11 (DW_TAG_member)
<3ebc> DW_AT_name : (indirect string, offset: 0x26d8): ADC_Start
<3ec0> DW_AT_decl_file : 15
<3ec1> DW_AT_decl_line : 44
<3ec2> DW_AT_type : <0x3782>
<3ec6> DW_AT_data_member_location: 0
<2><3ec7>: Abbrev Number: 11 (DW_TAG_member)
<3ec8> DW_AT_name : (indirect string, offset: 0x26e2): ADC_Start1
<3ecc> DW_AT_decl_file : 15
<3ecd> DW_AT_decl_line : 45
<3ece> DW_AT_type : <0x3782>
<3ed2> DW_AT_data_member_location: 4
<2><3ed3>: Abbrev Number: 11 (DW_TAG_member)
<3ed4> DW_AT_name : (indirect string, offset: 0x285a): MSDI_ChartMode
<3ed8> DW_AT_decl_file : 15
<3ed9> DW_AT_decl_line : 46
<3eda> DW_AT_type : <0x3e84>
<3ede> DW_AT_data_member_location: 8
<2><3edf>: Abbrev Number: 11 (DW_TAG_member)
<3ee0> DW_AT_name : (indirect string, offset: 0x2b2b): msdi_tx_data
<3ee4> DW_AT_decl_file : 15
<3ee5> DW_AT_decl_line : 47
<3ee6> DW_AT_type : <0x3eec>
<3eea> DW_AT_data_member_location: 9
<2><3eeb>: Abbrev Number: 0
"arm_adc_B" variable is a structure parameter. We can calculate structure members address. It is starting from 200005c8 you need to add DW_AT_data_member_location only.
arm_adc_B 0x200005c8
arm_adc_B.ADC_Start 0x200005c8
arm_adc_B.ADC_Start1 0x200005cc
arm_adc_B.MSDI_ChartMode 0x200005d0
arm_adc_B.msdi_tx_data 0x200005d1
I want to find this addresses. There are DW_TAG_enumeration_type. We can learn like this way. How i can do that easily?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您寻求的信息仅是Debug Info(矮人)的一部分可用的 。没有快捷方式 - 您必须以一种或另一种方式解码矮人。
但是,您可以利用旨在简化与矮人合作的库。 libdwarf 就是一个这样的库。 gimli 是另一个。
The info you seek is only available as part of debug info (DWARF). There is no shortcut -- you must decode DWARF one way or another.
You can however leverage libraries intended to simplify working with DWARF. libdwarf is one such library. gimli is another.