radare2 icon indicating copy to clipboard operation
radare2 copied to clipboard
verified publisher icon radareorg

Compact relocations are not supported

Open haberman opened this issue 8 months ago • 3 comments

Environment

Sun May 18 06:23:36 AM UTC 2025
radare2 5.9.8 0 @ linux-x86-64
birth: git.5.9.8 2025-03-15__02:06:40
options: gpl release -O1 cs:5 cl:2 meson
Linux x86_64

Description

There is a new (experimental) relocation format in Clang now called "compact relocations" (or "crel" for short): https://maskray.me/blog/2024-03-09-a-compact-relocation-format-for-elf

r2 doesn't understand crel, and gets confused if you give it a crel-enabled file.

crel is currently experimental, which probably means it could change before it is released. This is what happens if you try to enable crel without the experimental flag:

$ clang -Wa,--crel -o test.o test.c -c
clang: error: -Wa,--allow-experimental-crel must be specified to use -Wa,--crel. CREL is experimental and uses a non-standard section type code

Since it's experimental, it would be understandable if r2 decided not to support it for now. On the other hand, there could be binaries floating around that use it, so it could be valuable to support it even in its experimental state.

Test

$ cat test.c
int callee(void);
int caller(void) { return callee(); }
$ clang -Wa,--crel -o test.o test.c -c -Wa,--allow-experimental-crel
$ r2 -A -e bin.cache=true -c 's sym.caller; pdf' test.o
INFO: Analyze all flags starting with sym. and entry0 (aa)
INFO: Analyze imports (af@@@i)
INFO: Analyze symbols (af@@@s)
INFO: Analyze all functions arguments/locals (afva@@@F)
INFO: Analyze function calls (aac)
INFO: Analyze len bytes of instructions for references (aar)
ERROR: invalid memory at 0x08000125
INFO: Finding and parsing C++ vtables (avrr)
INFO: Analyzing methods (af @@ method.*)
INFO: Recovering local variables (afva@@@F)
INFO: Type matching analysis for all functions (aaft)
INFO: Propagate noreturn information (aanr)
INFO: Use -AA or aaaa to perform additional experimental analysis
            ;-- section..text:
            ;-- rip:
┌ 11: sym.caller ();
│           0x08000040      55             push rbp                    ; [02] -r-x section size 11 named .text
│           0x08000041      4889e5         mov rbp, rsp
│           0x08000044      e800000000     call 0x8000049
│           ; CALL XREF from sym.caller @ 0x8000044(x)
│           0x08000049      5d             pop rbp
└           0x0800004a      c3             ret

Note how the call instruction above is not resolved symbolically, as it would be normally:

$ clang -o test.o test.c -c
$ r2 -A -e bin.cache=true -c 's sym.caller; pdf' test.o
INFO: Analyze all flags starting with sym. and entry0 (aa)
INFO: Analyze imports (af@@@i)
INFO: Analyze symbols (af@@@s)
INFO: Analyze all functions arguments/locals (afva@@@F)
INFO: Analyze function calls (aac)
INFO: Analyze len bytes of instructions for references (aar)
ERROR: invalid memory at 0x08000138
INFO: Finding and parsing C++ vtables (avrr)
INFO: Analyzing methods (af @@ method.*)
INFO: Recovering local variables (afva@@@F)
INFO: Type matching analysis for all functions (aaft)
INFO: Propagate noreturn information (aanr)
INFO: Use -AA or aaaa to perform additional experimental analysis
            ;-- section..text:
            ;-- rip:
┌ 11: sym.caller ();
│           0x08000040      55             push rbp                    ; RELOC 32 .text @ 0x08000040 - 0x8000090 ; [02] -r-x section size 11 named .text
│           0x08000041      4889e5         mov rbp, rsp
│           0x08000044      e86f010000     call callee
│           0x08000049      5d             pop rbp
└           0x0800004a      c3             ret

haberman avatar May 18 '25 06:05 haberman

Can you upload some test files to the testbins repo? Would u like to implement support for them?

trufae avatar May 18 '25 13:05 trufae

I'm not sure exactly what test files would be helpful (I'm not deeply familiar with crel so couldn't suggest how to get good coverage). But a recent Clang should be able to produce test files easily using --allow-experimental-crel -Wa,--crel.

I don't have cycles to implement this myself unfortunately.

haberman avatar May 19 '25 18:05 haberman

i'll try to find time for this but my pipeline is already quite full right now

trufae avatar May 26 '25 16:05 trufae

i dont have any clang that supports those flags, so i cant generate a file for testing, can you attach the file? i have implemented a wip PR from what i imagine it should be doing by reading patches from glibc and clang online. but wont merge that unless i can test it . ref https://github.com/radareorg/radare2/pull/24310

trufae avatar Jun 17 '25 17:06 trufae

@apkunpacker built dat.

test.o.zip

trufae avatar Jun 18 '25 18:06 trufae

done in https://github.com/radareorg/radare2/pull/24342 at least for the test file i managed to find. if you have more bins for testing just give it a try

trufae avatar Jun 24 '25 14:06 trufae