[Dwarf-discuss] Facing a issue in contents of dwarf debug info section in an ELF file

Rishi Raj rishiraj45035@gmail.com
Mon Sep 25 05:36:20 GMT 2023 

 <https://stackoverflow.com/posts/77169835/timeline>

I am trying to implement a dwarf parser in C++ without using any external
dependencies. As mentioned in dwarf5 standard, debug info first 4 bytes or
12 bytes denotes the unit length Basically this:

unit_length (initial length)
A 4-byte or 12-byte unsigned integer representing the length of the3
.debug_info contribution for that compilation unit, not including the
length field itself. In the 32-bit DWARF format, this is a 4-byte
unsigned integer (which must be less than 0xfffffff0); in the 64-bit
DWARF format, this consists of the 4-byte value 0xffffffff followed by
an 8-byte unsigned integer that gives the actual length (see Section
7.4 on page 196).

When I am dumping the .debug_info section hexadecimally using objdump I am
getting this(see readelf output below).

objdump -s -j .debug_info hello.o

hello.o: file format elf64-x86-64

Contents of section .debug_info:

 0000 01000000 00000000 9a000000 00000000  ................
 0010 01000000 00000000 789c9bc6 c0c0c0ca  ........x.......
 0020 c0c801a4 18984084 2c031a10 42623372  ......@.,...Bb3r
 0030 b0832916 0805d1c6 c804e5b1 4178ac20  ..).........Ax.
 0040 8a998535 33af04a8 8115498e 05aa2002  ...53.....I... .
 0050 8bf18c73 58131918 99394172 4c137318  ...sX....9ArL.s.
 0060 180011e5 0560

So according to this, the length should be 0x01000000, but the actual
length is 0x96.(see readelf output below)
readelf -wi hello.o
Contents of the .debug_info section:

Compilation Unit @ offset 0:
Length: 0x96 (32-bit)
Version: 5 Unit Type: DW_UT_compile (1) Abbrev Offset: 0
Pointer Size: 8

I know I am missing something basic, but even after reading the standards
for many times. I am unable to find my mistake. One more thing, I searched
for some basic dwarf parsers so that I could understand what they are doing
but could not find any. All of the parsers were big libraries, which was
difficult to understand. If any of you can at least provide some readable
and understandable parser code, It will be helpful too.

ELF header dump:

ELF Header:
  Magic:   7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00
  Class:                             ELF64
  Data:                              2's complement, little endian
  Version:                           1 (current)
  OS/ABI:                            UNIX - System V
  ABI Version:                       0
  Type:                              REL (Relocatable file)
  Machine:                           Advanced Micro Devices X86-64
  Version:                           0x1
  Entry point address:               0x0
  Start of program headers:          0 (bytes into file)
  Start of section headers:          3048 (bytes into file)
  Flags:                             0x0
  Size of this header:               64 (bytes)
  Size of program headers:           0 (bytes)
  Number of program headers:         0
  Size of section headers:           64 (bytes)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dwarfstd.org/pipermail/dwarf-discuss/attachments/20230925/887582af/attachment.htm>

More information about the Dwarf-discuss mailing list