Hi Mark, this was very useful. Thanks.
Since we are now using not only executables and .so, but ".o" files too, I'm trying to decide if I can use the same functions to all of them, like the code you pointed out to deal with ".o". Would that work for EXEC, SHARED, and RELOC? The idea is not to have two codes to parse modules and DIEs, two ways because as you pointed out ".o" files need some relocation to be performed, therefore using dwfl_*. Meanwhile for executables and .so we only use dwarf_* functions. In face of that, do you foresee bigger changes or things we should worry that we would have in case we use only dwfl_* to open all the ELF files with dwarf data, and drop the way we used to open them? Because our code base for a long time has only used the dwarf_* functions, this would be a big change. Sasha From: Mark Wielaard <m...@klomp.org> Sent: Wednesday, June 10, 2020 6:33 AM To: Sasha Da Rocha Pinheiro <darochapi...@wisc.edu>; elfutils-devel@sourceware.org <elfutils-devel@sourceware.org> Subject: Re: location list Hi Sasha, On Tue, 2020-06-09 at 16:38 +0000, Sasha Da Rocha Pinheiro via Elfutils-devel wrote: > I am now trying to design the changes needed to be done in Dyninst. > So far we have only used the functions dwarf_* under libdw. > What I understood is that libdw is kinda divided in subsets of functions, > dwarf_*, dwfl_* and dwelf_*. > I didn't find any documentation about it, or the purpose of these subset of > functions. > (Whats fl in dwfl for?) > But my understanding is that I can't use data structures from one on the > other one. > That alone will need some design to modify the way we parse dwarf info into > Dyninst. > Currently the lifetime of a dwarf handle lasts through one execution, > because we parse dwarf data when the user needs it. So elfutils contains 4 libraries. libelf, which is a semi-standardize "unix" library to read and manipulate ELF files. libdw, which adds reading of DWARF data, linux process and kernel mappings, and various elf/dwarf utility functions. libasm, which provides a assembler and disassembler interface, but which isn't really finished/recommended at the moment (it only provides a partial x86 assembler/disassembler and a bpf disassembler). And libdebuginfod, which provides a way to fetch remotely stored executables, debuginfo and sources based on build-ids (from a debuginfod server). There used to be non-public, internal, "libebl" backend libraries, for each elfutils supported architecture (libebl_aarch64.so, libebl_riscv.so, etc.) which were loaded dynamically to safe a bit of memory in case the backend/arch wasn't used. But with 0.178 the libraries are build into libdw.so directly and no longer dynamically loaded. libebl was never intended to be used directly. [lib]ebl stands for ELF Backend Library. [lib]dw is short for DWARF. [lib]dwfl then can be read as DWARF Frontend library functions. And [lib]dwelf are the DWARF and ELF utility functions. The main data structure of libelf is the Elf handle which can be used to go through an ELF through sections (Shdrs) or program (Phdrs) headers. The main data structure that the libdw dwarf_* functions work on is the Dwarf handle, which is associated with one Elf handle. The main data structure of the libdwfl dwfl_* functions is the Dwfl handle. A Dwfl represents a program (or kernel) with library (or kernel modules) memory lay out. Each Dwfl_Module represents a piece of executable code mapped at a certain memory range. The Dwfl uses buildids to associate/create Elf images and Dwarf handles associated with each Dwfl_Module (it can optionally use libdebuginfod to download/cache any it doesn't have yet). Since kernel modules are ET_REL file (non-relocated object files), libdwfl also resolves any relocations between .debug_sections (this is the property we abused in the example code I gave you, where we construct a Dwfl from a single ET_REL object file). Given a Dwfl_Module you can get the associated Elf or Dwarf with dwfl_module_getelf or dwfl_module_getdwarf. You will note that those functions also provide a Dwarf_Addr bias which might be non- zero if the address range where the Dwfl_Module is mapped is different (at an offset) from the addresses found in the Elf image or Dwarf data. You would use the libdwfl functions if you want to represent a whole program as it would be mapped into memory (or the kernel and its modules). It is convenient if you got a process map (dwfl_linux_proc_report) or core file (dwfl_core_file_report). The libdwfl functions would automatically associate an Elf image and find the Dwarf data for you. It is even nice to use for "single file" programs like we did in the example with the single file because it does the automatic lookup of the Dwarf handle, and because, if the file is an ET_REL object, you get the relocation between .debug sections for free. It might make sense to provide utility functions (in libdwelf) to do both functions separately from setting up a Dwfl. You can already do most of the lookups by hand using dwelf_elf_gnu_debuglink, dwelf_dwarf_gnu_debugaltlink, dwelf_elf_gnu_build_id, plus the libdebuginfod calls. But one generic helper function might be convenient. The only other way to do the relocation resolving at the moment is through eu-strip --reloc-debug-sections-only (but this is a permanent, non-reversible operation on the file, which will make it unsuitable for linking with other object files). Hope that give a bit of an overview. Cheers, Mark
