ARM ELF 对象内的函数大小不正确 [英] Incorrect function size inside ARM ELF object

问题描述

目标文件的readelf输出:

readelf output of the object file:

Symbol table '.symtab' contains 15 entries:
   Num:    Value  Size Type    Bind   Vis      Ndx Name
     0: 00000000     0 NOTYPE  LOCAL  DEFAULT  UND 
     1: 00000000     0 FILE    LOCAL  DEFAULT  ABS fp16.c
     2: 00000000     0 SECTION LOCAL  DEFAULT    1 
     3: 00000000     0 SECTION LOCAL  DEFAULT    3 
     4: 00000000     0 SECTION LOCAL  DEFAULT    4 
     5: 00000000     0 NOTYPE  LOCAL  DEFAULT    1 $t
     6: 00000001   194 FUNC    LOCAL  DEFAULT    1 __gnu_f2h_internal
     7: 00000010     0 NOTYPE  LOCAL  DEFAULT    5 $d
     8: 00000000     0 SECTION LOCAL  DEFAULT    5 
     9: 00000000     0 SECTION LOCAL  DEFAULT    7 
    10: 000000c5    78 FUNC    GLOBAL HIDDEN     1 __gnu_h2f_internal
    11: 00000115     4 FUNC    GLOBAL HIDDEN     1 __gnu_f2h_ieee
    12: 00000119     4 FUNC    GLOBAL HIDDEN     1 __gnu_h2f_ieee
    13: 0000011d     4 FUNC    GLOBAL HIDDEN     1 __gnu_f2h_alternative
    14: 00000121     4 FUNC    GLOBAL HIDDEN     1 __gnu_h2f_alternative

Section Headers:
  [Nr] Name              Type            Addr     Off    Size   ES Flg Lk Inf Al
  [ 0]                   NULL            00000000 000000 000000 00      0   0  0
  [ 1] .text             PROGBITS        00000000 000034 000124 00  AX  0   0  4
  [ 2] .rel.text         REL             00000000 00058c 000010 08      9   1  4
  [ 3] .data             PROGBITS        00000000 000158 000000 00  WA  0   0  1
  [ 4] .bss              NOBITS          00000000 000158 000000 00  WA  0   0  1
  [ 5] .debug_frame      PROGBITS        00000000 000158 00008c 00      0   0  4
  [ 6] .rel.debug_frame  REL             00000000 00059c 000060 08      9   5  4
  [ 7] .ARM.attributes   ARM_ATTRIBUTES  00000000 0001e4 00002f 00      0   0  1
  [ 8] .shstrtab         STRTAB          00000000 000213 000051 00      0   0  1
  [ 9] .symtab           SYMTAB          00000000 00041c 0000f0 10     10  10  4
  [10] .strtab           STRTAB          00000000 00050c 00007e 00      0   0  1

Relocation section '.rel.text' at offset 0x58c contains 2 entries:
 Offset     Info    Type            Sym.Value  Sym. Name
0000011a  00000a66 R_ARM_THM_JUMP11  000000c5   __gnu_h2f_internal
00000122  00000a66 R_ARM_THM_JUMP11  000000c5   __gnu_h2f_internal

Relocation section '.rel.debug_frame' at offset 0x59c contains 12 entries:
 Offset     Info    Type            Sym.Value  Sym. Name
00000014  00000802 R_ARM_ABS32       00000000   .debug_frame
00000018  00000202 R_ARM_ABS32       00000000   .text
00000040  00000802 R_ARM_ABS32       00000000   .debug_frame
00000044  00000202 R_ARM_ABS32       00000000   .text
00000050  00000802 R_ARM_ABS32       00000000   .debug_frame
00000054  00000202 R_ARM_ABS32       00000000   .text
00000060  00000802 R_ARM_ABS32       00000000   .debug_frame
00000064  00000202 R_ARM_ABS32       00000000   .text
00000070  00000802 R_ARM_ABS32       00000000   .debug_frame
00000074  00000202 R_ARM_ABS32       00000000   .text
00000080  00000802 R_ARM_ABS32       00000000   .debug_frame
00000084  00000202 R_ARM_ABS32       00000000   .text

.text 部分结构，据我所知:

.text 部分的大小为 0x124

.text section has size of 0x124

0x0: unknown byte
0x1-0xC3: __gnu_f2h_internal
0xC3-0xC5: two unknown bytes between those functions (btw what are those?)
0xC5-0x113: __gnu_h2f_internal
0x113-0x115: two unknown bytes between those functions
0x115-0x119: __gnu_f2h_ieee
0x119-0x11D: __gnu_h2f_ieee
0x11D-0x121: __gnu_f2h_alternative
0x121-0x125: __gnu_h2f_alternative // section is only 0x124, what happened to the missing byte?

注意到节大小是 0x124，最后一个函数以 0x125 结束，丢失的字节是怎么回事?

Notice that the section size is 0x124 and the last function end in 0x125, what happend to the missing byte?

谢谢.

推荐答案

从技术上讲，您的缺失字节"就是 0x0 处的那个.

Technically, your "missing byte" is the one right there at 0x0.

请注意，您正在查看符号的 值，即运行时函数地址(如果您的 .text 部分 VMA 不是 0，这将更加清晰).由于它们是 Thumb 函数，因此地址设置了位 0，以便处理器在调用它们时切换到 Thumb 模式；这些指令的实际位置仍然是半字对齐的，即 0x0、0xc4、0x114 等，因为它们不能以其他方式执行(如果 PC 未对齐，您会认为这是错误的).根据ARMELF 规范 说到 STT_FUNC 符号以获得与该符号对应的指令的实际 VMA，然后减去该部分的开头，您应该具有与目标文件本身相同的相对偏移量.

Note that you're looking at the value of the symbol, i.e. the runtime function address (this would be a lot clearer if your .text section VMA wasn't 0). Since they're Thumb functions, the addresses have bit 0 set such that the processor will switch to Thumb mode when calling them; the actual locations of those instructions are still halfword-aligned, i.e. 0x0, 0xc4, 0x114, etc. since they couldn't be executed otherwise (you'd take a fault for a misaligned PC). Strip off bit 0 as per what the ARM ELF spec says about STT_FUNC symbols to get the actual VMA of the instruction corresponding to that symbol, then subtract the start of the section and you should have the same relative offset as within the object file itself.

<offset in section> = (<symbol value> & ~1) - <section VMA>

某些函数后的额外半字填充只是确保每个符号都是字对齐的 - 这可能有多种原因，但第一个想到的是 adr 指令不会如果他们不正常工作.

The extra halfword padding after some functions just ensures each symbol is word-aligned - there are probably various reasons for this, but the first one that comes to mind is that the adr instruction wouldn't work properly if they weren't.

这篇关于ARM ELF 对象内的函数大小不正确的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！