如何填写全局偏移表?
[英]how to fill off global offset table?
问题描述
Motivation: 
动机:
I want to test gcc's limition size of global offset table on my arch(x86). 我想在arch(x86)上测试gcc的全局偏移表的限制大小。
What I have done: 我做了什么:
use multiple undeclared functions in a shared library ( gcc -nostdlib -shared -o got.so ./got.c ) 在共享库中使用多个未声明函数( gcc -nostdlib -shared -o got.so ./got.c )
// got.c
extern int itestvariable1;
extern int testvariable2;
void test(void)
{
fun1();
...
fun8();
}
and readelf --relocs ./got.so : 和readelf --relocs ./got.so :
Relocation section '.rela.plt' at offset 0x3a8 contains 8 entries:
Offset Info Type Sym. Value Sym. Name + Addend
000000004018 000100000007 R_X86_64_JUMP_SLO 0000000000000000 fun7 + 0
000000004020 000200000007 R_X86_64_JUMP_SLO 0000000000000000 fun3 + 0
000000004028 000300000007 R_X86_64_JUMP_SLO 0000000000000000 fun4 + 0
000000004030 000400000007 R_X86_64_JUMP_SLO 0000000000000000 fun8 + 0
000000004038 000500000007 R_X86_64_JUMP_SLO 0000000000000000 fun2 + 0
000000004040 000600000007 R_X86_64_JUMP_SLO 0000000000000000 fun6 + 0
000000004048 000700000007 R_X86_64_JUMP_SLO 0000000000000000 fun1 + 0
000000004050 000800000007 R_X86_64_JUMP_SLO 0000000000000000 fun5 + 0
......
As above shows, the global offset table filled by fun1-8 , but to fill reach the limition size, it is far from enough. 如上所示, fun1-8填充了全局偏移表,但是要填充达到限制大小,还远远不够。 I can think of two ways: 我可以想到两种方式:
- use a decent editor like emacs to generate more functions like these 使用像emacs这样的体面的编辑器来生成更多这样的函数
- use a decent codegen to generate such codes at preprocess time like macro (but I cannot find a solution with macro) 使用像样的代码生成器在预处理时像宏一样生成此类代码(但是我找不到宏的解决方案)
Of course, there may be more ways to achieve this goal. 当然,可能有更多方法可以实现此目标。
Question: 题:
How to reach the limit of the global offset table? 如何达到全局偏移表的极限?
1 个解决方案
解决方案1
1 已采纳 2019-07-15 04:45:48
Before testing a limit, it is often helpful to know what the limit is. 在测试极限之前,了解极限是经常有帮助的。 The tricks for declaring thousands of functions would be overkill if all you need is a dozen. 如果您只需要一打,那么声明数千个功能的技巧就太过分了。 So what are the size limitations of a GOT? 那么,GOT的尺寸限制是什么? According to Red Hat : "These maximums are 8k on the SPARC and 32k on the m68k and RS/6000. The 386 has no such limit." 根据Red Hat的说法 : “在SPARC上,这些最大值为8k;在m68k和RS / 6000上,最大值为32k。386没有这样的限制。”
There are two takeaways from knowing the limits. 知道限制有两个要点。 First, trying to overload the GOT does require a method that can reasonably easily generate thousands of GOT entries. 首先,试图使GOT过载确实需要一种可以合理地轻松生成数千个GOT条目的方法。 Second, on your architecture (x86), this is a hopeless task as there is no limit. 其次,在您的体系结构(x86)上,这是没有希望的任务,因为它没有限制。
(For those interested in how I found that link: I just searched the web for "global offset table size restriction".) (对于那些对如何找到该链接感兴趣的人:我只是在网上搜索“全局偏移表大小限制”。)
For those on other architectures, I suppose an easy way to expand the question's example code is to write another program to generate it. 对于那些使用其他体系结构的人,我认为扩展问题示例代码的一种简单方法是编写另一个程序来生成它。
#include <fstream>
constexpr unsigned NUM_FUN = 70000;
int main()
{
std::ofstream out("got.c");
out << "void test(void)\n{\n";
for ( unsigned i = 0; i < NUM_FUN; ++i )
out << "\tfun" << i << "();\n";
out << "}\n";
}
Compile and run this to generate a got.c file that calls more functions than will fit in a m68k's global offset table format. 编译并运行该文件,以生成got.c文件,该文件调用的功能比m68k的全局偏移表格式所能容纳的功能更多。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.