Dodji Seketeli [Thu, 13 Aug 2015 13:59:41 +0000 (15:59 +0200)]
Fix finding split debug info files not located by the build-id mechanism
[This bug has been found by using elfutils in the context of
libabigail. The initial bug report is
https://sourceware.org/bugzilla/show_bug.cgi?id=18792. The
interesting comments start at is
https://sourceware.org/bugzilla/show_bug.cgi?id=18792#c4]
suppose we have a debug info file that is located at a
/prefix1/usr/lib/debug/prefix2/libfoo.so. Suppose also that the debug
info describes a binary that is located at /prefix1/prefix2/libfoo.so
Suppose the debug_link property inside the binary
/prefix1/prefix2/libfoo.so correctly contains the string "libfoo.so"
that designates the name of the debug info file.
The problem is, when find_debuginfo_in_path() is called with its
file_name parameter set to "/prefix1/prefix2/libfoo.so" and
mod->dwfl->callbacks->debuginfo_path set to
"/prefix1/lib/debug/", it fails to locate the debug
info file libfoo.so under "/prefix1/usr/lib/debug/prefix2/".
This patch fixes the issue by making find_debuginfo_in_path() try all
the sub-strings of "/prefix1/prefix2/libfoo.so "under"
"/prefix1/usr/lib/debug/", to find libfoo.so. That is, it tries, in
order:
- /prefix1/usr/lib/debug/prefix1/prefix2/libfoo.so
- /prefix1/usr/lib/debug/prefix2/libfoo.so <-- and boom, it finds it!
Note that the patch tries the variations between the two candidates
above too.
The patch uses a goto. I dislike gotos like anyone else, but then
here, not using this would imply a bigger change of the logic of that
function. So I am proposing the scheme based on the goto instead.
* libdwfl/find-debuginfo.c (find_debuginfo_in_path): Try to locate
the debug info file named debuglink_file under
mod->dwfl->callbacks->debuginfo_path, by looking at the set of
sub-trees under mod->dwfl->callbacks->debuginfo_path which is
common to the set of non-absolute parent trees of file_name.
Mark Wielaard [Tue, 4 Aug 2015 10:20:20 +0000 (12:20 +0200)]
spec: Provide default-yama-scope.
When yama is enabled in the kernel it might be used to filter any user
space access which requires PTRACE_MODE_ATTACH like ptrace attach, access
to /proc/PID/{mem,personality,stack,syscall}, and the syscalls
process_vm_readv and process_vm_writev which are used for interprocess
services, communication and introspection (like synchronisation, signaling,
debugging, tracing and profiling) of processes.
These are precisely the things that libdw dwfl and ebl backends rely on.
So make sure they don't mysteriously fail in such cases by providing the
default yama scope sysctl value.
This is implemented as a separate subpackage that just provides this
functionality so other packages that don't directly rely on elfutils-libs
can also just Requires: default-yama-scope to function properly.
https://bugzilla.redhat.com/show_bug.cgi?id=1209492#c69
Mark Wielaard [Wed, 29 Jul 2015 15:51:27 +0000 (17:51 +0200)]
unstrip: Handle debuginfo files with missing SHF_INFO_LINK section flags.
With GCC 5 there might be a .rela.plt section with SHF_INFO_LINK set.
Buggy binutils objdump might strip it from the section in the debug file.
Ignore such differences for relocation sections and put the flag back
if necessary.
Also improve the error message a little by only discarding the already
matched sections if there is an prelink undo section. Otherwise we will
report all sections as not matching if the file wasn't prelinked instead
of just the non-matching sections.
New testfiles generated by gcc5 and binutils objdump added.
Fill the .gitignore with more generated files, such as:
- test executables
- results of the automake testing framework (*.log and *.trs)
- sources generated by flex and bison
- generated *.mnemonics files in libcpu
- the helper libcpu/i386_gendis tool
- *.so.1 symlinks
Also, anchor existing filenames to their location when
builddir==srcdir.
Pino Toscano [Sat, 27 Jun 2015 17:23:01 +0000 (19:23 +0200)]
tests: skip run-deleted.sh when dwfl_linux_proc_attach is not implemented
If the current OS does not implement dwfl_linux_proc_attach (which
currently only Linux does) then skip this test, as "stack" uses that
API for attaching to a running process.
Pino Toscano [Fri, 26 Jun 2015 18:36:01 +0000 (20:36 +0200)]
Reduce scope of some includes
Use some includes only according to the #ifdef block of the respective
code, or matching the fact they are Linux-only. This way, includes
potentially unportable are not unconditionally used.
Mark Wielaard [Thu, 18 Jun 2015 21:43:39 +0000 (23:43 +0200)]
findtextrel: Don't leak memory in process_file.
When a files do contain textrels we fail to release the segments searched
and valgrind will show:
2,560 bytes in 16 blocks are definitely lost in loss record 1 of 1
at 0x40281B5: malloc (in vgpreload_memcheck-x86-linux.so)
by 0x804AE63: process_file (findtextrel.c:322)
by 0x804909B: main (findtextrel.c:149)
Mark Wielaard [Thu, 18 Jun 2015 09:07:41 +0000 (11:07 +0200)]
nm: Fix typo in size check to determine whether we stack allocated memory.
We allocate GElf_SymX entries, which are larger than plain GElf_Sym structs.
The check to see whether we could use stack allocation used the correct
sizeof (GElf_SymX), but the check to see if we needed to free was using
the incorrect sizeof (GElf_Sym). Which could cause us to leak memory.
Mark Wielaard [Thu, 18 Jun 2015 09:00:51 +0000 (11:00 +0200)]
strings: Handle failure of getting section name on bogus section data.
If there is something wrong with getting the section data it is likely
we won't be able to get the actual section name because the file is
somehow corrupted. Try to get the name, but handle failure gracefully.
Mark Wielaard [Thu, 18 Jun 2015 08:41:42 +0000 (10:41 +0200)]
libdw: Not leak memory on error in dwarf_getpubnames.
When there is an error with the first entry we might already have allocated
the memory but not yet set cnt to 1. Just always free the memory on error.
free (NULL) is a nop anyway and doesn't matter on a failure path.
Mark Wielaard [Tue, 16 Jun 2015 12:05:35 +0000 (14:05 +0200)]
libelf: Always call ftruncate before posix_fallocate to set the right size.
When elf_update.c (write_file) doesn't know the current maximum file length
it might have to reduce the file size. posix_fallocate can only extend the
file. So always call ftruncate before that to set the file size and making
sure the backing store is fully there. Add test cases for checking strip
in place (eu-strip without -o) actually reduces the file size. But only
for non-ET_REL files. We might not be able to strip ET_REL files (except
when they are kernel modules) because they might contain "dangling" symbol
table entries.
Mark Wielaard [Tue, 9 Jun 2015 14:26:16 +0000 (16:26 +0200)]
strip: Just admit we don't support stripping ar archives for now.
We try to handle (in-place) stripping of ar archives, but since elf_clone
doesn't really support cloning ar members and we don't handle reducing
the size of the members, moving the offsets of other members. This causes
crashes or writing garbage. Better to just admit that for now we don't
support stripping archives. Call error when we see an ELF_K_AR file.
Mark Wielaard [Sat, 6 Jun 2015 21:40:42 +0000 (23:40 +0200)]
libdwfl: Fix memory leak in find_debuginfo_in_path.
commit c4f133 libdwfl: find_debuginfo_in_patch don't alloca/strdupa
strings of unknown size. Introduced a memory leak in the case nothing
was found. Make sure before returning all temporary strings are all
freed.
Mark Wielaard [Sat, 6 Jun 2015 20:49:34 +0000 (22:49 +0200)]
libdwfl: Fix memory leak in cache_sections.
commit be1778 libdwfl: Fix possible unbounded stack usage in cache_sections.
introduced a memory leak. The refs pointers were copied to the sortrefs
array but never freed. Only the array was freed. Also free the elements.
Mark Wielaard [Thu, 4 Jun 2015 14:25:37 +0000 (16:25 +0200)]
libelf: Make sure elf_getdata_rawchunk returns aligned data.
elf_getdata_rawchunk might return an unaligned buffer for the requested
ELF data type. Make sure the data is also correctly aligned when using
an mmapped file. Also add some missing alignments for ELF data types
for __libelf_type_align (the missing types could also make elf_getdata
to return unaligned data).
Mark Wielaard [Wed, 3 Jun 2015 16:50:40 +0000 (18:50 +0200)]
libelf: Make sure conversion functions work on aligned data for type.
The gelf_xlate conversion functions work on properly aligned ELF data
types. If elf_get data needs to do conversion and ! ALLOW_UNALIGNED
and the rawdata_base isn't aligned properly for the section type, then
provide an aligned copy of the data.
Found with --enable-sanitize-undefined in run-test-archive64.sh on x86_64.
Mark Wielaard [Sat, 6 Jun 2015 13:06:22 +0000 (15:06 +0200)]
libdwfl: Report core module segment even when NT_FILE build-id doesn't match.
dwfl_segment_report_module can take the NT_FILE note contents to find
the matching file for the module on the file system from the core file.
If the file exists but the build-id didn't match we would not report the
module. But we should just report the module anyway, ignore the file,
and try to match the ELF image another way.
This issue can be replicated by building and running make check in
/tmp/elfutils with run-backtrace-core-aarch64.sh since that core file
includes a NT_FILE note pointing to /tmp/elfutils/tests/backtrace-child.
Which won't match if it was just recompiled.
Mark Wielaard [Thu, 4 Jun 2015 11:51:27 +0000 (13:51 +0200)]
libelf: Check e_shoff alignment before direct access of Elf(32|64)_Shdr.
In get_shnum the check was whether the Elf(32|64)_Ehdr was correctly
aligned, but to access the Shdr directly we need to check whether the
address that points to the Elf(32|64)_Shdr structure is correctly aligned.
Mark Wielaard [Tue, 2 Jun 2015 08:54:26 +0000 (10:54 +0200)]
libelf: Split checks for ehdr and shdr, drop phdr check in file_read_elf.
There are various places in the code that check whether mmapped structures
are correctly aligned (or ALLOW_UNALIGNED is set). Some of these checks
are asserts. Like the one in elf(32|64)_getshdr. We should not get into
that part of the code if the shdr scn structure was cached in elf_begin
because it was mmapped in and properly aligned.
These asserts could trigger because in elf_begin.c file_read_elf ()
all alignment checks were combined. So even though only one of the ehdr,
shdr or phdr structures were not properly aligned all structures would be
copied. Also the phdr structure was not even read in elf_begin, so the
alignment check was unnecessary.
This patch splits the alignment checks and reading of ehdr and shdr
structures into separate code paths. It also drops the phdr alignment
checks in elf_begin. Those phdr checks are done in elf(32|64)_getphdr
already.
Mark Wielaard [Mon, 1 Jun 2015 15:07:26 +0000 (17:07 +0200)]
libdwfl: Fix memory leak in __libdwfl_open_by_build_id.
commit c57829 introduced a memory leak by passing the path string to
strsep. strsep will change the given pointer and set it to NULL eventually.
Causing the original pointer to leak. Fix by passing a copy of the pointer
to strsep.
Mark Wielaard [Sun, 31 May 2015 21:03:30 +0000 (23:03 +0200)]
Define MODVERSION in a more reproducable way.
We define MODVERSION to make sure the libebl backend modules match the
elfutils build when we dlopen them. Using hostname and date makes it very
hard to create reproducable builds. Define them a little more reproducable
using LIBEBL_SUBDIR, eu_version and ac_cv_build.
Mark Wielaard [Sun, 31 May 2015 20:37:19 +0000 (22:37 +0200)]
Fix sanitize-undefined config check. Don't ALLOW_UNALIGNED when checking.
The -fsanitize=undefined check need to use AC_LINK_IFELSE to make sure
libubsan is installed. When doing undefined checking we should disable
ALLOW_UNALIGNED memory accesses to catch issues where we do unaligned
accesses by accident.
Mark Wielaard [Sat, 30 May 2015 20:50:37 +0000 (22:50 +0200)]
configure: Add check for bunzip2 and maintainer-mode tools.
Without bunzip2 make check cannot be run. To generate all files in
maintainer-mode flex and bison are needed. Otherwise check that
libdw/known-dwarf.h is already generated.
Mark Wielaard [Sat, 23 May 2015 22:07:33 +0000 (00:07 +0200)]
libdwfl: Check mod is not NULL in check_module.
check_module is called from dwfl_module_relocate_address and from
dwfl_module_address_section. Both could take a NULL Dwfl_Module if
an earlier error had occured. Make check_module return immediately
indicating an issue in that case.
All library code now builds with this warning and -Werror enabled.
Add exceptions for most of the src tools (ldgeneric, readelf, nm, size,
strip, elflint, findtextrel, elfcmp objdump, ranlib, ar and unstrip).
Mark Wielaard [Fri, 22 May 2015 21:33:56 +0000 (23:33 +0200)]
libdw: Limit stack usage of temporary dir, file and line lists.
Limit stack usage of lines with MAX_STACK_LINES, files with MAX_STACK_LINES
and dirs with MAX_STACK_DIRS. Calculate number of dirs needed first, then
create dirarray directly, without needing the next field. Free not stack
allocated lines and files at the end.
Use preallocated stack arrays for all instead of calling alloca to help
compiler see actual stack usage.
The current stack allocation limits are 4096 lines, 1024 files in 256 dirs
per CU. For GCC 4.8 libstdc++.so has on average 512 lines per CU. With
these settings read_srclines uses max 228K of stack on x86_64.
Mark Wielaard [Fri, 22 May 2015 12:18:11 +0000 (14:18 +0200)]
libdwfl: Reject very short or really large build-ids.
We cannot handle build-ids less than at least 3 or more than 64 bytes.
Very big build-ids, or very large debug search paths might have blown
up the stack.
Mark Wielaard [Tue, 19 May 2015 10:40:30 +0000 (12:40 +0200)]
libdwfl: Minimize stack usage in dwfl_linux_kernel_report_offline.
Don't stack allocate module name. Also fixes a latent bug (if the module
file didn't have a suffix - which is very unlikely) and an inefficiency.
We only need to substitue chars up to the suffix.
Mark Wielaard [Sun, 17 May 2015 16:49:10 +0000 (18:49 +0200)]
libebl: Use static number for array stack allocation in openbackend.
Help the compiler see we stack allocate a small array. Add assert to check
no machine prefix is ever larger than 16. Current maximum number is 7.
This prevents gcc warning about possible unbounded stack usage with
-Wstack-usage.
Mark Wielaard [Wed, 20 May 2015 12:09:46 +0000 (14:09 +0200)]
addr2line: Add --pretty-print option to show all information on one line.
This adds an option --pretty-print to eu-addr2line to show all information
on one line and all inlines on a line of their own. This mimics the same
option from binutils addr2line, but without the short option variant -p.
Since we already use -p to select the process.
Example output:
eu-addr2line --pretty-print -s -i -f -C -p$(pidof firefox) 0x00007f368c6f8915
mozilla::ReentrantMonitor::Wait(unsigned int) at ReentrantMonitor.h:92
(inlined by) mozilla::ReentrantMonitorAutoEnter::Wait(unsigned int) at ReentrantMonitor.h:190
A couple of tests were added to check the output matches that of
binutils addr2line.
Mark Wielaard [Tue, 19 May 2015 21:08:00 +0000 (23:08 +0200)]
addr2line: Always parse addresses as hex numbers.
We would sometimes interpret input addresses as decimal or octal.
That could be confusing and isn't what binutils addr2line does.
Be consistent and always treat input addresses as hex.
Mark Wielaard [Thu, 14 May 2015 10:34:26 +0000 (12:34 +0200)]
libelf: Use posix_fallocate instead of ftruncate to extend ELF file.
This fixes an obscure SIGBUS error when using ELF_C_WRITE_MMAP on an ELF
file that needs extending when the underlying file system is (nearly) full.
Use posix_fallocate to make sure the file content is really there. Using
ftruncate might mean the file is extended, but space isn't allocated yet.
This might cause a SIGBUS once we write into the mmapped space and the disk
is full.
Using fallocate might fail on some file systems. posix_fallocate is
required to extend the file and allocate enough space even if the
underlying filesystem would normally return EOPNOTSUPP or the kernel
doesn't implement the fallocate syscall. Also posix_fallocate has been in
glibc since 2.1.94, while support for fallocate was only added in 2.10
and kernel 2.6.23.
Mark Wielaard [Wed, 13 May 2015 13:21:57 +0000 (15:21 +0200)]
libelf: If e_phnum is zero then set e_phoff also to zero.
If phnum is zero make sure e_phoff is also zero and not some random value.
That would cause trouble in update_file. This could happen when ELF_F_LAYOUT
is set and the user copied over a ehdr from a bogus ELF file where the phdrs
are unreadable. In that case trying to write out the new ELF image would
crash trying to follow the bogus e_phdr value.
Mark Wielaard [Tue, 12 May 2015 13:59:04 +0000 (15:59 +0200)]
strip: Harden against bogus input files. Don't leak tmp debug file on error.
There were various places where a bogus/unexpected input file would cause
eu-strip to crash. Also on an unexpected error eu-strip would leak the temp
debug file it was writing.
Mark Wielaard [Tue, 12 May 2015 13:28:06 +0000 (15:28 +0200)]
libelf: More checking of valid sh_addralign values.
There were two issues with bogus sh_addralign values. First we would only
check the individual Elf_Data d_align values were powerof2. But not the
actual shdr addralign value. This would cause an issue if the shdr addralign
was bigger than all of the individual d_align values. Then we could write
out a bogus (! powerof2) shdr addralign value for the sections. Secondly
when reading in the Elf_Data we would set the d_align value to the value
of the shdr addralign value. But we would not check it was valid at all.
In practice there are ELF files with incorrect sh_addralign values (they
are a powerof2, but aren't aligned to the ELF image offset). We would try
to fix that up in elf_update by adding extra padding. But this could bloat
the ELF image a lot for large alignment values. So for too large alignments
that are bigger than the offset in the ELF file clamp them to the offset
value. This could lead us to reject to write out the data again when the
offset was not a powerof2. But this will only happen for aligment values
bigger than 64. Which are uncommon in practice.
Mark Wielaard [Tue, 12 May 2015 13:16:35 +0000 (15:16 +0200)]
libelf: Make sure shdrs are valid before storing extended phnum in newphdr.
Creating phdr with more than PN_XNUM phnum requires a valid section zero
shdr to store the extended value. Make sure the shdrs are valid. Also fix
the error when count was too big to store by setting ELF_E_INVALID_INDEX
before failing.
Jonathan Lebon [Mon, 11 May 2015 19:38:14 +0000 (15:38 -0400)]
dwarf_begin_elf: new error for compression failure
In order to provide better feedback to users, a distinction is made
between finding no dwarf info (E_NO_DWARF) and finding dwarf info but
which is compressed and failed to decompress (E_COMPRESSED_ERROR). This
can occur for example if elfutils was built without zlib support, or if
the compressed section is invalid.
Signed-off-by: Jonathan Lebon <jlebon@redhat.com> Signed-off-by: Mark Wielaard <mjw@redhat.com>
Jonathan Lebon [Mon, 11 May 2015 19:38:13 +0000 (15:38 -0400)]
dwarf_begin_elf: decouple section searching from reading
To help legibility, we separate the section name matching from the
actual section reading. This also allows us to remove duplicate code in
cases of sections appearing twice or empty section data. There are no
changes in functionality. The indentation will be fixed in the next
commit, in the interest of keeping this commit easier to read.
Signed-off-by: Jonathan Lebon <jlebon@redhat.com> Signed-off-by: Mark Wielaard <mjw@redhat.com>
Mark Wielaard [Fri, 8 May 2015 15:56:32 +0000 (17:56 +0200)]
Always call gelf_fsize with EV_CURRENT as argument.
Don't trust the elf version given by the file. It could be completely
bogus. In which case gelf_fsize just returns zero. Which could cause
divide by zero errors.
Mark Wielaard [Thu, 7 May 2015 16:35:48 +0000 (18:35 +0200)]
libdwfl: Only intern CU when not EOF marker and cuoff points to a DIE.
We need to check the cuoff points to a real Dwarf_Die before trying to
intern the cu with tsearch. Otherwise bogus keys might end up in the
search tree with NULL cus. That will cause crashes in compare_cukey
during next insertion or deletion of cus. We also don't want to insert
the EOF marker and unconditionally tdestroy the lazy_cu_root. The EOF
could be caused by bad DWARF from a bogus agranges entry.
Mark Wielaard [Wed, 6 May 2015 15:38:18 +0000 (17:38 +0200)]
elflint: Add sanity checks to check_attributes.
This is similar to commit 9644aa for readelf print_attributes.
Bail out when the vendor name isn't terminated and add overflow check
for subsection_len.
Note that readelf does handle non-gnu attributes, while elflint doesn't.
Mark Wielaard [Wed, 6 May 2015 10:55:21 +0000 (12:55 +0200)]
libdw: Detect line number overflow in dwarf_getsrclines on 32bit.
We do check whether the values we store for the line fit our data
representation in add_new_line, but on 32bit systems we would fail
to notice line overflowing.
projects / thirdparty / elfutils.git / log
