[Dwarf-Discuss] doubt parsing CIE in eh_frame

David Anderson davea42 at linuxmail.org
Mon May 23 16:34:01 PDT 2016


On 05/23/2016 02:10 PM, Francesco Zappa Nardelli wrote:
> Dear DWARF-discuss
>
> I am writing a parser of eh-frame informations and I have a doubt about
> a behaviour of readelf.
>
> On a (statically linked) binary readelf reports the following eh-frame
> CIE entry:
>
> 00006f38 0000000000000014 00000000 CIE
>  Version:               1
>  Augmentation:          "zRS"
>  Code alignment factor: 1
>  Data alignment factor: -8
>  Return address column: 16
>  Augmentation data:     1b
>
>  DW_CFA_nop
>  DW_CFA_nop
>  DW_CFA_nop
>  DW_CFA_nop
>  DW_CFA_nop
>  DW_CFA_nop
>
> and readelf interprets this bytecode as:
>
> 00006f38 0000000000000014 00000000 CIE "zRS" cf=1 df=-8 ra=16
>   LOC           CFA
> 0000000000000000 rax+0
>
> My doubt is: where does the rax+0 come from?  Is rax some kind of a

Register names are not specified by the DWARF std.
Nor are the DWARF numbers that identify registers.
Implementations turn the DWARF register numbers (ABI specified) into
strings (names specified by the ABI)..

Note that .eh_frame is a GNU invention so not formally part of DWARF
at all.  Though .eh_frame is mostly identical to .debug_frame.

Hope this makes sense.  Does not answer your question (sorry).

If you could produce a small object file which
has the above and that can be made public
I would love to have it in my libdwarf regression test suite :-)
Email it (or the location of the file
on the web) to libdwarf-list   'at'   linuxmail =dot= org
David Anderson


More information about the Dwarf-Discuss mailing list