sentry-cli icon indicating copy to clipboard operation
sentry-cli copied to clipboard

Published 20 hours ago verified publisher icon getsentry

difutil check shouldn't report libraries with no build-id as ussable

Open ericriff opened this issue 1 year ago • 2 comments

On C/C++ native, sentry needs libraries and executable with build-ids to work properly. Otherwise the crash report will mark the debug information, aka images as missing and the backtrace will have unknown frames. Screenshot from 2022-09-12 16-58-17 Screenshot from 2022-09-12 16-59-04

I think difutil check should validate this and mark those libraries as non-usable.

Environment

Ubuntu 20.04, sentry-cli version 2.5.2

Steps to Reproduce

# this library doesn't have `build-id`, otherwise `file` would report it.
$ file aarch64-none-linux-gnu/libc/lib64/libc.so.6
aarch64-none-linux-gnu/libc/lib64/libc.so.6: ELF 64-bit LSB shared object, ARM aarch64, version 1 (GNU/Linux), dynamically linked, interpreter /lib/ld-linux-aarch64.so.1, for GNU/Linux 3.7.0, with debug_info, not stripped

# but difutil check doesn't complaiin about it
$ sentry-cli difutil check aarch64-none-linux-gnu/libc/lib64/libc.so.6
Debug Info File Check
  Type: elf library
  Contained debug identifiers:
    > Debug ID: 21cb4b28-62c1-b10a-8d86-147797dd92f2
      Arch:     arm64
  Contained debug information:
    > symtab, debug, unwind
  Usable: yes

# For reference, I recompiled libc with build-id enabled, this is how file reports it
$ file aarch64-none-linux-gnu/libc/lib/libc.so.6
aarch64-none-linux-gnu/libc/lib/libc.so.6: ELF 64-bit LSB shared object, ARM aarch64, version 1 (GNU/Linux), dynamically linked, interpreter /lib/ld-linux-aarch64.so.1, BuildID[sha1]=fe125c5a15563b6bbf32700cd8b9fe2b184cd83c, for GNU/Linux 3.7.0, with debug_info, not stripped

Expected Result

I'd expect this library to be properly marked as non usable, bonus point if you explain why

$ sentry-cli difutil check aarch64-none-linux-gnu/libc/lib64/libc.so.6
Debug Info File Check
  Type: elf library
  Contained debug identifiers:
    > Debug ID: 21cb4b28-62c1-b10a-8d86-147797dd92f2
      Arch:     arm64
  Contained debug information:
    > symtab, debug, unwind
  Usable: no; missing build-id

ericriff avatar Sep 12 '22 20:09 ericriff

We have some fallbacks in place in case the executable does not have a build-id.

In this case the first page of the .text section is being hashed. Here in symbolic: https://github.com/getsentry/symbolic/blob/99750d304d265bf5c685d175322cce19843afefe/symbolic-debuginfo/src/elf.rs#L393-L403 In sentry-native: https://github.com/getsentry/sentry-native/blob/5962300ea77bc546d293f15c7b091051a8abace6/src/modulefinder/sentry_modulefinder_linux.c#L418-L425 So does breakpad: https://chromium.googlesource.com/breakpad/breakpad/+/refs/heads/main/src/common/linux/file_id.cc#153

This fallback seems to absent from crashpad however :-( So I think the problem here that some tools are more lenient while others just reject the file outright.

Swatinem avatar Sep 22 '22 08:09 Swatinem

This issue has gone three weeks without activity. In another week, I will close it.

But! If you comment or otherwise update it, I will reset the clock, and if you label it Status: Backlog or Status: In Progress, I will leave it alone ... forever!

"A weed is but an unloved flower." ― Ella Wheeler Wilcox 🥀

github-actions[bot] avatar Oct 14 '22 00:10 github-actions[bot]