Next: The symtypetab sections, Previous: CTF header, Up: CTF dictionaries [Contents][Index]
This section is the most important section in CTF, describing all the top-level types in the program. It consists of an array of type structures, each of which describes a type of some kind: each kind of type has some amount of variable-length data associated with it (some kinds have none). The amount of variable-length data associated with a given type can be determined by inspecting the type, so the reading code can walk through the types in sequence at opening time.
Each type structure is one of a set of overlapping structures in a discriminated union of sorts: the variable-length data for each type immediately follows the type’s type structure. Here’s the largest of the overlapping structures, which is only needed for huge types and so is very rarely seen:
typedef struct ctf_type
{
uint32_t ctt_name;
uint32_t ctt_info;
__extension__
union
{
uint32_t ctt_size;
uint32_t ctt_type;
};
uint32_t ctt_lsizehi;
uint32_t ctt_lsizelo;
} ctf_type_t;
Here’s the much more common smaller form:
typedef struct ctf_stype
{
uint32_t ctt_name;
uint32_t ctt_info;
__extension__
union
{
uint32_t ctt_size;
uint32_t ctt_type;
};
} ctf_type_t;
If ctt_size is the #define CTF_LSIZE_SENT, 0xffffffff, this type
is described by a ctf_type_t: otherwise, a ctf_stype_t.
Here’s what the fields mean:
| Offset | Name | Description |
|---|---|---|
| 0x00 | uint32_t ctt_name
| Strtab offset of the type name, if any (0 if none). |
| 0x04 | uint32_t ctt_info
| The info word, containing information on the kind of this type, its variable-length data and whether it is visible to name lookup. See See section The info word, ctt_info. |
| 0x08 | uint32_t ctt_size
| The size of this type, if this type is of a kind for which a size needs
to be recorded (constant-size types don’t need one). If this is
CTF_LSIZE_SENT, this type is a huge type described by ctf_type_t. |
| 0x08 | uint32_t ctt_type
| The type this type refers to, if this type is of a kind which refers to
other types (like a pointer). All such types are fixed-size, and no types that
are variable-size refer to other types, so ctt_size and ctt_type
overlap. All type kinds that use ctt_type are described by
ctf_stype_t, not ctf_type_t. See section Type indexes and type IDs. |
0x0c (ctf_type_t only) | uint32_t ctt_lsizehi
| The high 32 bits of the size of a very large type. The CTF_TYPE_LSIZE macro
can be used to get a 64-bit size out of this field and the next one.
CTF_SIZE_TO_LSIZE_HI splits the ctt_lsizehi out of it again.
|
0x10 (ctf_type_t only) | uint32_t ctt_lsizelo
| The low 32 bits of the size of a very large type.
CTF_SIZE_TO_LSIZE_LO splits the ctt_lsizelo out of a 64-bit size.
|
Two aspects of this need further explanation: the info word, and what exactly a
type ID is and how you determine it. (Information on the various type-kind-
dependent things, like whether ctt_size or ctt_type is used,
is described in the section devoted to each kind.)
Next: The symtypetab sections, Previous: CTF header, Up: CTF dictionaries [Contents][Index]