From: Wen Congyang <we...@cn.fujitsu.com>
Subject: [RFC][PATCH 09/14 v7] introduce a new monitor command 'dump' to dump
guest's memory
Date: Thu, 01 Mar 2012 10:51:42 +0800
> + /*
> + * calculate phdr_num
> + *
> + * the type of phdr->num is uint16_t, so we should avoid overflow
> + */
> + s->phdr_num = 1; /* PT_NOTE */
> + if (s->list.num > (1 << 16) - 2) {
> + s->phdr_num = (1 << 16) - 1;
> + } else {
> + s->phdr_num += s->list.num;
> + }
> +
> + return s;
> +}
Though e_phnum is uint16_t at default, there's extension up to
uint32_t. Look at relatively new manual page. This is from FC14's.
e_phnum This member holds the number of entries in the
program header table. Thus the product of
e_phentsize and e_phnum gives the table's size
in bytes. If a file has no program header,
e_phnum holds the value zero.
If the number of entries in the program header
table is larger than or equal to PN_XNUM
(0xffff), this member holds PN_XNUM (0xffff) and
the real number of entries in the program header
table is held in the sh_info member of the
initial entry in section header table.
Otherwise, the sh_info member of the initial
entry contains the value zero.
PN_XNUM This is defined as 0xffff, the largest
number e_phnum can have, specifying
where the actual number of program
headers is assigned.
Recent kernel, gdb and tools in binutils supports this. But crash
doesn't, so you need to fix this.
I'm interested in the number of program headers at worst
case. According to Intel Programming Guide 3A, Table 4-1. shows
physical-address width on IA-32e is up to 52 and linear-address width
is 48. Can the number exceed this limit in theory? Also how many
program headers are created typically?
Thanks.
HATAYAMA, Daisuke
