pyelftools
pyelftools copied to clipboard
eliben
Support for separate dwarf files?
I'm trying to find symbols in the linux loader (ld-2.24.so) using its dwarf info, because on ubuntu the loader is stripped. But the dwarf info for the loader is in a separate file:
Loader elf file:
/lib/x86_64-linux-gnu/ld-2.24.so
Loader dwarf file (found via gdb):
/usr/lib/debug/.build-id/6f/150f33b150d6a81e26a425dd47d713d00f2d29.debug
When I try to access the dwarf info in ld-2.24.so, pyelftools tells me there is no debug info there. But when I try to access the dwarf file directly, pyelftools crashes because the offsets refer to the elf file, not to the dwarf file that is being read:
> python examples/examine_dwarf_info.py --test /usr/lib/debug/.build-id/6f/150f33b150d6a81e26a425dd47d713d00f2d29.debug
Processing file: /usr/lib/debug/.build-id/6f/150f33b150d6a81e26a425dd47d713d00f2d29.debug
Found a compile unit at offset 0, length 36768
Top DIE with tag=DW_TAG_compile_unit
name=/build/glibc-p3Km7c/glibc-2.24/elf/rtld.c
Found a compile unit at offset 36772, length 31677
Top DIE with tag=DW_TAG_compile_unit
name=/build/glibc-p3Km7c/glibc-2.24/elf/dl-load.c
Found a compile unit at offset 68453, length 21926
Top DIE with tag=DW_TAG_compile_unit
name=/build/glibc-p3Km7c/glibc-2.24/elf/dl-lookup.c
Found a compile unit at offset 90383, length 15463
Top DIE with tag=DW_TAG_compile_unit
name=/build/glibc-p3Km7c/glibc-2.24/elf/dl-object.c
Found a compile unit at offset 105850, length 20361
Top DIE with tag=DW_TAG_compile_unit
name=/build/glibc-p3Km7c/glibc-2.24/elf/dl-reloc.c
Found a compile unit at offset 126215, length 19006
Traceback (most recent call last):
File "examples/examine_dwarf_info.py", line 57, in <module>
process_file(filename)
File "examples/examine_dwarf_info.py", line 48, in process_file
top_DIE = CU.get_top_DIE()
File "./elftools/dwarf/compileunit.py", line 76, in get_top_DIE
return self._get_DIE(0)
File "./elftools/dwarf/compileunit.py", line 95, in _get_DIE
self._parse_DIEs()
File "./elftools/dwarf/compileunit.py", line 119, in _parse_DIEs
offset=die_offset)
File "./elftools/dwarf/die.py", line 92, in __init__
self._parse_DIE()
File "./elftools/dwarf/die.py", line 174, in _parse_DIE
abbrev_decl = self.cu.get_abbrev_table().get_abbrev(
File "./elftools/dwarf/compileunit.py", line 69, in get_abbrev_table
self['debug_abbrev_offset'])
File "./elftools/dwarf/dwarfinfo.py", line 129, in get_abbrev_table
"Offset '0x%x' to abbrev table out of section bounds" % offset)
File "./elftools/common/utils.py", line 83, in dwarf_assert
_assert_with_exception(cond, msg, DWARFError)
File "./elftools/common/utils.py", line 109, in _assert_with_exception
raise exception_type(msg)
elftools.common.exceptions.DWARFError: Offset '0x1ecd' to abbrev table out of section bounds
So how can I use pyelftools to correlate an elf file with a separate dwarf file?
Good question :-) It's not currently supported, but it should! Separate DWARF files ("fission") came after pyelftools, and we never adjusted to support it. PRs welcome
I just commented out the assert that fails, everything seems to work for me (I can dump all line info from the libc .debug file without crashing). Not sure about the implications though.
I just commented out the assert that fails, everything seems to work for me (I can dump all line info from the libc .debug file without crashing). Not sure about the implications though.
I can also confirm that if you ignore the assertion everything seems to work. For context, I'm working in Debian Sid on ELF files that have had their DWARF info merged back into the original stripped binary.
