|Freedom of Speech, Privacy, Science|
I have not received any National Security Letter.
Please join the Electronic Frontier Foundation ( EFF.org ) and the fight for your rights on the Internet.
Please join the Union of Concerned Scientists ( uscusa.org ) in bringing science into improving all our lives (everyone is welcome to join).
Public Domain works are a vital part of any culture and there are repeated attempts to erode the Public Domain. For more information see the Center for the Study of the Public Domain at Duke University.
libdwarf and dwarfdump are Free Software.
We do not get any corporate or government financial support for maintaining dwarfdump and libdwarf. A donation of just $5 or $10 a year to support the project would would make the effort here feel worthwhile. We support a few projects with donations and hope you will support libdwarf/dwarfdump.
The distribution consists of C and C++ source code that you compile with your C/C++ compiler (documentation is included).
The DWARF Debugging Information Format is of interest to programmers working on compilers and debuggers (and anyone interested in reading or writing DWARF information). It was developed by a committee (known as the PLSIG at the time) starting around 1991. Starting around 1991 SGI got involved with the committee and then developed the libdwarf and dwarfdump tools for SGI-internal use and as part of SGI IRIX developer tools. From around 1993 dwarfdump and libdwarf were shipped (as an executable and archive respectively, not source) with every release of the SGI MIPS/IRIX C compiler. In 1994 (I think the correct year) SGI agreed (at my request) to open-source libdwarf (and in 1999 to open-source dwarfdump) so anyone could use them.
BIG-ENDIAN system support has been provided by the IBM linuxone project starting in 2019. We now can test on a big-endian s390 system in a Linux VM. Thank you IBM. As of 06 October 2019 libdwarf dwarfdump and readelffobj/readobjpe/readobjmacho pass -all- tests on an IBM big endian machine one is happy to report. Please advise of anything not working correctly!
Beginning May 4, 2016 there was a list of critical vulnerabilities in libdwarf. Critical because these lead to serious difficulties where the calling application could crash (segfault, etc).
All the known vulnerabilities have been fixed.
For a list of the vulnerabilities see https://www.prevanders.net/dwarfbug.html
For an xml version of the same data one should refer to https://www.prevanders.net/dwarfbug.xml
In May 2019 we made the first release (20190505) with the option of building libdwarf and dwarfdump without any libelf. In November we implemented comprehensive testing across a variety of OSs and machines. see Work In Progress for November
License terms are mostly GPL (version 2) or LGPL (version 2.1). A few files use the FreeBSD (2-clause BSD) terms. The details are discussed in the license page.
DWARF specifications and the dwarf email forums are at http://www.dwarfstd.org. You can sign up for an email discussion list there.
Email about libdwarf and dwarfdump may be sent to libdwarf-list -at- linuxmail -dot- org (replace -at- and -dot- with the normal single characters to form the email address).
The 'master' source is now at version 0.1.0 and a major revision process is beginning. On git and sourceforge there is a new branch named 20210528-base which is the source tree for tag 20210528. The master branch on sourceforge is not up to date with these revisions (sourceforge is fully up to date with 20210528 and earlier), please access the github libdwarf-code source tree for a semi-useful 'future'. The new code structure involves new build instructions, see the README and README.md.
Bugs or omissions in the 20210528 release that are revealed will be dealt with on the branch 20210528-base (backported from master) if necessary. Going beyond that, the following actions have been suggested to simplify and standardize libdwarf/dwarfdump. If you have comments on any of this please email: libdwarf-list =at= linuxmail =dot= org
Presently releases are identified by an ISO date such as 20210512. This makes the release date clear but gives no clue what the differences are between releases.
Transitioning from ISO date to semantic versioning is a bit tricky to do in a way that will be generally understood.
Semantic versioning, a more standard release id, is a triple of numbers like x.y.z meaning major.minor.micro (some projects add suffixes). See Software Versioning.
If api is changed or removed, ++major, minor = micro = 0 If api is added ++minor, micro = 0 If bug is fixed ++micro
This form makes clear the changes.
It took just 30 minutes to convert the dwarfdump/libdwarf build to semantic versioning in a local branch.
It's now common for libraries to provide a .pc file which provides useful information for library builders. See the pkg-config command and Pkg-config on wikipedia .
It's been observed that source trees are usually organized differently than libdwarf's source. The existing source tree looks like:
code libdwarf dwarfdump scripts dwarfexample
A more usual approach to such might be (here tests means basic sanity tests):
code/ src/ lib/ (contains libdwarf) bin/ (dwarfdump dwarfexample dwarfgen) tests/ scripts/
This is accomodating really old Windows compilers that do not understand the standard %lld etc but use %I64d instead, for example. This is a user choice at build time, it is not automatically invoked.
Use of libelf is a holdover from the past when there was no alternative. libelf does handle archive files and does provide a set of functions that are elf-oriented (not DWARF oriented) and dwarfdump can use such if the dwarfdump user provides an option such as -oi (for example). But dwarfdump does not do a particularly good or complete job of printing Elf headers and there are better tools available (GNU readelf, and the readelfobj-code project we provide on github).
Dwarfdump does not really understand what relocation names apply, for example, so its elf output is not always correct in detail. The libelf interfaces and declarations and code should be removed .
The Meson build system is python-like and is reportedly faster, easier to work with, and understands more than cmake. Given cmake works adequately and given reluctance to either a) eliminate cmake or b) add a 3rd build method meson seems presently to be low priority.
This is not really necessary,but deserves investigation. The original functional interfaces to create DWARF data, the producer interfaces, (as in a compiler or dwarfgen) required callers to do ugly casts (which varied depending on the call) to determine if a call succeeded or failed. Every one of these already has a version in the library that returns DW_DLV_OK etc (no casting involved). The old ugly requires-casting interfaces should be removed. Since the producer code is useful in dwarfgen for testing (by creating DWARF5 etc features no compiler yet emits) we should keep the newer-style producer interfaces even though the producer code has long been too incomplete to be used in a modern compiler. This change is unlikely to cause anyone any difficulty at all, though a few people have expressed interest in using it (until it became clear how incomplete it is for anything past DWARF2).
Many consumer interfaces appear in multiple versions. For example, dwarf_next_cu_header(), dwarf_next_cu_header_b() dwarf_next_cu_header_c(), and dwarf_next_cu_header_d(). In all cases the one with highest letter (_d in this example) will be kept and the earlier ones can be deleted as the earlier ones do not handle all of DWARF<n> for some <n>.
In nearly every case the differences are very small: The addition of an argument to handle a DWARF format change was the motivation for all of them, and in many cases simply passing 0 for the new argument works like the older versions (though that is not recommended practice since it won't deal with some recent DWARF5 fully).[top]
With cmake version 3.10 (Ubuntu 18.04) a libdwarf/dwarfdump build gets the cmake error 'install TARGETS given target "dwarf-static" which does not exist in this directory.' The distinction is that before cmake 3.13 install commands had to be in the target directory CMakeLists.txt whereas after that they could be in the base CMakeLists.txt directory. (Documented at the end of section 4.3 Linking Targets in Professional CMake 9th Ed by Craig Scott). Bug fixed and source pushed to github and sourceforge. And thanks to Arnaud Diederen for providing a new testcase exposing a bug in libdwarf on DW_FORM_implicit_const. (18 May 2021)
Multiple people asked for a github repository of libdwarf. As of today such exists. https://github.com/davea42/libdwarf-code For now the sourceforge version and github are maintained in sync. (14 May 2021)
Thanks to Ziemowit Laski for suggesting changes (such as getting rid of the unnecessary definition of a 'boolean' type in dwarfdump, using libdwarf's Dwarf_Bool instead) that make compilation with Windows Visual Studio 2019 easier. And also for suggesting we expose leb decoding via dwarf_decode_leb128() and dwarf_decode_signed_leb128(). These are now in libdwarf.h and documented in libdwarf2.1.pdf. The .debug_macro section is now thoroughly analyzed by dwarfdump and any suprises or issues are reported as well as a few statistics about the section. (21 December 2020)
Thanks to Casper Sun (heap overflow) and Ivan Baidakou (cmake) for reporting problems (the problems are fixed). Many code cleanups done. Improved the printing of DWARF expression operators. (1 December 2020)
New version today: 20201109. With dwarfdump -vvv (or -v -v -v ) printing of compilation units includes printing the abbreviations data for the compilation unit. With -ka abbreviations checks run that were not run routinely before. As of version 20201109 running the regression tests in any temporary directory works using the standard autoconf approach of executing <path>/regressiontests/configure in that temporary directory. A review of the dwarfdump -v (verbose flag) effects is in progress and early indications are that a few revisions of verbose flag counts vs actions are in order so the effects are reasonably describable. As time permits some commits applying libdwarf conventions will occur. (see codingstyle.txt in the code directory) (9 November 2020)
An option was misspelled in the man page and dwarfdump -h (help) output. I noticed because today Paul Kaletta provided a tiny test case with Elf Section Groups. Use --format-group-number=<n> not --format-group=<n> . The documentation fix is not in the release, but it is on sourceforge now. (22 October 2020)
Thanks to Casper Sun for passing along a small corrupted Elf object file that managed to cause libdwarf to read a byte outside its known boundaries. The fix is included in the 20201020 version which was just released today. (21 October 2020)
Now dwarfdump --print-gnu-debuglink and dwarfexample/getdebuglink.c report which eligible paths shown represent object files. Thanks to Paul Kaletta for asking what might be done on this. (As of the 20201020 release full support for GNU debuglink is in libdwarf and dwarfdump.) (28 September 2020)
Thanks to Arnaud Diederen and Ilfak Guilfanov for providing several small fuzzed objects, each exposing a serious bug in libdwarf in handling corrupt elf and pe object files. (16 September 2020)
Thanks to Ilfak Guilfanov for providing a small fuzzed testcase that crashes libdwarf. A 'return' was omitted from dwarf_loclists.c when an error was detected. (1 September 2020)
Regressiontests now are careful about counting so the ending report is reliable about counts. In addition, for VMs the "export SUPPRESSBIGDIFFS=y" environment variable has the tests check for file sizes diff will use, and if set and one or the other file in a diff exceeds 30MiB the script uses cmp, not diff, to avoid multi-hour test runs. For most host-native testing that envronment-variable can be ignored. (29 August 2020)
Thanks to Jorge Gorbe Moya and Arnaud Diederen and Paul Kaletta for reporting issues with libdwarf and dwarfdump. Those issues now fixed. In addition, I hope to replace libdwarf2.1.mm with a latex version some time this year which will vastly improve the appearance of the pdf and all the important names in the pdf should be live links. Writing python3 code to get most of the conversion done relatively simply. (25 August 2020)
Thanks to Jorge Gorbe Moya for reporting this issue. The libdwarf-20200719.tar.gz release functions dwarf_get_locdesc_entry_d() and dwarf_get_locdesc_entry_c() can return via the lle_value argument a value of 0 (DW_LLE_end_of_list) on simple location expressions (the lkind argument value returned is DW_LKIND_expression). That lle_value is nonsensical and misleading. Now lle_value returns DW_LLE_start_end for this case, which makes more sense. There are now error checks in libdwarf (and dwarfdump) to ensure no future library change will break this. Documentation of these functions is updated (libdwarf2.1.pdf, Rev 3.05) (2 August 2020)
Formal Release Candidate on Sourceforge! All the tests pass and all important issues are, one thinks, dealt with. Including some new checks for sane Elf objects. We only do the checks when libdwarf is actually reading a section. We ignore sections we don't use and do not report even obvious errors in them. We'll wait a few days and if no issues are reported we'll do a formal release. (30 June 2020)
Thanks to Nick Lewycky and Timotej Kapus for reporting issues and providing tiny object files showing the problem. One was the PE reading code was just assuming it would get a non-zero value (oops), though it took a fuzzed object to present the problem.. The other was llvm folks at some point using a R_386_GOTPC (10) relocation type that we had not seen before on DWARF so did not handle. The PE fix is on sourceforge. The handling of R_386_GOTPC should get onto Sourceforge by the end of today. (28 June 2020)
Thanks to Ken Kimura for pointing out a potential division by zero bug in libdwarf/dwarf_elf_load_headers.c.. (Sorry, should have fixed this months ago.) (17 June 2020)
Corrections to loclists and rnglists suport applied. Handling of DW_FORM_rnglistx and DW_FORM_loclistx still incomplete. (17 June 2020)
libdwarf now supports the DWARF5 .debug_rnglists and .debug_loclists sections as well as the DWARF3 and DWARF4 .debug_ranges and .debug_loc. Adding -v or -vv to dwarfdump -a or dwarfdump -i will present both raw (as recorded in-section) range values as well as cooked (after calculating actual addresses from the raw values. Libdwarf now calculates the actual addresses itself and presents both raw and cooked values to callers. (14 June 2020)
Thanks to Jorge Gorbe Moya for suggesting that making use of de_alloc_tree should be optional for the few who really need a speedup in libdwarf (the effect is a ten percent cpu time reduction). See dwarf_set_de_alloc_flag() in libdwarf2.1.pdf (near page 31). And thanks too for mentioning a couple of bugs. (11 April 2020)
Thanks again to Robert Mustacchi and Stoyan Shopov for identifying issues with libdwarf. The assumption (made long ago based on SGI compilers in the early 1990's) was that libdwarf could ignore .rel. as long as it looked at applicable .rela. relocations. This was incorrect then and now (per Elf abi books) but it sufficed till recently (well mostly sufficed till certain object strings strings printed by dwarfdump made it clear this was a bad assumption). Top of trunk on Sourceforge as of f6fffb6906465fe064629436e9ebbaa3c03f9555 behaves sensibly now and obeys all relevant-to-libdwarf relocations. (14 February 2020)
Thanks to Stoyan Shopov and Robert Mustacchi for notifying that some Clang output objects could not be properly processed by libdwarf/dwarfdump. Most have been fixed on Sourceforge, but the issue of the unusual -m32 -gdwarf-4 relocation output (in .rel, not .rela) has not been fixed yet (basically clang makes .rel closer to a .rela. than I would have expected). (27 January 2020)
The code (dwarfdump/libdwarf), regressiontests, and readelfobj directories and all their tests are known to work on Linux(Ubuntu), FreeBSD, MacOS Catalina (with Apple Command Line Tools), and IBM s390 (Big Endian!) running Ubuntu Linux. On Windows-MinGW the full regression tests do not work, but 'make check' works for dwarfdump/libdwarf (the current make check actually does run dwarfdump and ensures dwarfdump works). (7 November 2019)
A new script (scripts/run-all-tests.sh) builds on all the existing tests (including generating distributions and using them) in one script by invoking the existing scripts. Tests both configure and cmake. These now work on Ubuntu little-endian FreeBSD little-endian and Ubuntu big-endian. And MacOS Catalina X86_64 (4 November). Major issues were hard-coded paths in the tests and failure to set WORDS_BIGENDIAN in config.h when appropriate (both by configure and cmake). readelfobj (which also contains readobjpe and readobjmacho) are also tested by the overall script. (18 October 2019)
Thanks to Sourceforge user rkx1209 (Ren Kimura) for noticing that the libdwarf SHT_GROUP reading code checked for a bogus gh_entsize -after- using the value. Now the check is done a few lines earlier so division-by-zero cannot happen. The change is now on Sourceforge. (05 July 2019)
Thanks to Tuan Hoang for reporting that on a big-endian system there is a warning in compiling pro_section.c and a hard error in compiling dwarfgen.cc. A patch is posted in the bug report at "https://sourceforge.net/p/libdwarf/" as of 07:16 California Time. We're waiting for verification that this patch works for big-endian systems. (13 May 2019)
cmake never worked on systems with libelf declaring struct _Elf such as FreeBSD. (Most Unix/Linux declares struct Elf (no underbar).) A simpler approach is now in place that works and now configure uses that simpler approach too so cmake should work more places. More names in the PE reading code have a trailing _dw to avoid conflicting with MS headers that might creep in to a build (thanks to Carlos Alberto-Enciso for informing me of the particular issues). (02 May 2019)
Small revisions to the cmake code. Removed some unused cmake code and moved some from subdirectories to the top-level cmake code. Small revisions to the libdwarf / dwarfdump internals tests (none test libdwarf or dwarfdump, they are just for internal api testing) and revisions to cmake files means those tests now work and test code is essentially entirely removed from non-test source files (with one exception). The file README.cmake documents certain aspects of using cmake to build libdwarf. (01 May 2019)
Thanks to Kevin Puetz for hints and a link to a MS documentation web page on how to properly load section data. Thanks to Vincent Torri suggesting that warnings were annoying, and suggesting a way to deal with some of them. Thanks to Steve Kaufman for noticing that dwarfdump -a was not quite right for a few days -- relating to libelf use. Thanks to Zoltan Turnyi for noticing that NetBSD (where there are some very nice man pages for libdwarf) documented three distinct arguments across two functions as allowing null and as that was harmless now libdwarf actually allows that (be careful, this is only usable with appropriately recent libdwarf) and the libdwarf documentation now mentions this. (26 April 2019)
Pushed a new version of libdwarf/dwarfdump to Sourceforge. It does not depend on libelf to report DWARF information. By default libelf and elf.h are used by libdwarf and dwarfump if present, but only when the dwarfdump options requesting printing of Elf section data or Elf relocation data are chosen. The configure option --disable-libelf suppresses all use of libelf, libelf.h, and elf.h. Try this and let us know of any problems. In 2-4 weeks a new formal release will be created. (20 April 2019)
Pushed changes to Sourceforge that eliminate several instances of duplicated code in printing .debug_pubnames, .debug_pubtypes, and the SGI-only sections with the same format. And with -v, dwarfdump now prints the header data in those sections too. (4 March 2019)
Now, if you run configure and make on a system with no elf.h or libelf.h present libdwarf and dwarfdump will build and will be capable of reading/printing DWARF from MacOS dSYM files and Windows executables/dlls created by gcc with DWARF. (Added --disable-libelf so one can explicitly request this no-libelf build at configure time regardless of what headers are present). It would be great if someone with a suitable MacOS machine could actually test this as I have no means to attempt a configure/build there. On Windows 8.1 I built sucessfully using MinGW. (10 February 2019)
The dependencies on __int32_t etc have been removed. I discovered that llvm/clang includes a wonderful static analyzer, scan-build (Ubuntu 18.04: apt install clang-tools-6.0 and add /usr/lib/llvm-6.0/bin to PATH) with a very pretty way to see the bugs (scan-view). If you have not tried it on your C/C++ code...you should! Many thanks to the folks who developed clang,llvm, and scan-build. As of late yesterday all the 60 or so problems scan-build discovered have been fixed and the fixes pushed to Sourceforge. The serious issues involve a few error cases that would not be noticed by libdwarf and a few cases where an error could lead to a segfault. (01 February 2019)
We're about to release again due to the bug reported 6 January 2019. In addition to the build-time simplification mentioned December 24, we also have changes (waiting in the wings) removing all dependencies on __int32_t __int64_t and friends, which simplifies building on non-Linux. (12 January 2019)
Release 20190104 can crash a caller if reading an Elf object which is not a fully valid object file. Git commit fa5a44c378b0e5a5ba67d8871ac3b325f71f15a9 and later (pushed to Sourceforge) have this fixed (I believe: waiting on confirming test results). Thanks to Steve Kaufmann for reporting this issue. (6 January 2019)
In a local branch we have a dwarfdump/libdwarf that no longer requires any build-time executables built. Simplifying the build significantly. The files those build-time things used to create are now built with and shipped with the image (and committed to git). This eliminates configuring of CFLAGS_FOR_BUILD/LDFLAGS_FOR_BUILD/CPPFLAGS_FOR_BUILD. (December 24, 2018)
The Producer code (DWARF Writer) in libdwarf now has a range of new interfaces to the existing capabilities. All the creation functions provided include a version that returns a simple int and that is entirely type-safe (they operate similar to the Consumer code (Dwarf Reader)). And all versions of all Producer interfaces are documented. The days of casting a pointer into a long long unsigned and trusting that you can detect the special value meaning 'error' are over for those who make the change. The existing interfaces (ugly as some are with required casts) are still available so no on has to change their code. The changes are on Sourceforge. The Consumer (DWARF Reader) functions do not change at all. The small Python programs that made this quickly verifiable as complete are in the scripts directory. (December 06, 2018)
Thanks to the absolutely crucial work of Vincent Torri libdwarf now also reads (and dwarfdump dumps) the DWARF4 from Microsoft PE object files created by GNU tools. The code is on Sourceforge. In addition libdwarf now supports DW_FORM_implicit_const properly thanks to dark-dork on Sourceforge asking whether libdwarf was correct (it was not, but now it is). (November 30, 2018)
Thanks to Eeri Kask for finding a big-endian host to build and execute dwarfdump. Now that works for Elf and mach-o objects (either-endian build reading either-endian objects). (November 24, 2018)
Thanks entirely to Carlos Alberto Enciso dwarfdump now has very nice long-option-names for all options (the existing options continue to work). Try "dwarfdump --help-extended" to see both long and short forms of the options. Cmake works again. Version is 20181024. dwarfdump (and libdwarf) now read mach-o dSYM DWARF data as well as Elf (no new libraries required). (October 25, 2018)
New source files in libdwarf and restructuring in dwarfdump so we can dump DWARF from more than one object file type. Only the Elf portions known to work. Some configure.ac additions for the new code break cmake build. Sorry. If you need cmake use git version c3cf01f5294e1cdb22cbc2fa9bbbab96aa2b933e (Oct 15). (October 19, 2018)
Thanks to Doug Gilmore for advising us that readelf was sometimes complaining about a wasted byte in a libdwarf-generated .debug_info section and for providing a trivial a.out demonstrating the issue. dwarfdump does not notice because libdwarf has no notion of returning the 'null-die' whether it is ending a sibling list or just an extra zero byte. (October 15, 2018)
Over the next few months the dwarf_elf_init_b() and dwarf_elf_init() libdwarf interfaces are going to be officially deprecated. Instead the existing interface dwarf_init_b( which takes a linux/unix fd) and a new interface dwarf_init_path(which takes a file name) will be preferred. Please switch to using dwarf_init_b() when convenient, something that has long been available. In addition, support for Mach-o objects (dSYM DWARF specifically) will be added soon. All the object reading will be through new object readers implemented from scratch and using new function interfaces (not libelf interfaces). (October 3, 2018)
Release generation fixed so cmake works on future released .tar.gz distributions. Thanks to Tetsuya Ooka for letting us know about the breakage from the new configure. A few other files of interest are also included in releases (left out by accident). (September 21, 2018)
Changes committed today fixed the cmake build. As git does not maintain timestamps when retrieving from the repository, and as the new configure depends on timestamps you will almost certainly see a warning about aclocal 1.15 being missing. From the top level directory do, before running configure, "sh scripts/FIX-CONFIGURE-TIMES" to restore appropriate timestamp relationships and fix the problem. It's always safe to run this command. The command checks that it is being run from an appropriate top-level libdwarf directory before doing anything. (August 23, 2018)
The configure was released 2018-08-09 and it allows but ignores --enable-wall. The commit today ( 3df4ba4cdfe ...) restores --enable-wall functionality. It also removes a small number of unused local variables. And fixes a nonsensical dwarfdump naming of a .debug_names section as .debug_str (not that one has yet seen the .debug_names section in an object file.) (August 21, 2018)
The new configure pushed to Sourceforge A complete rewrite of the configure code is on Sourceforge. It will all be simpler, easier to maintain, more accurate across the wide variety of systems that can use configure, and follow modern standard practices. Default simple configure/build will work as always, but those doing special configure options or special builds may have to change their configure options. See the README and NEWS files in the source. Thanks to Vincent Torri for undertaking this project. (July 19, 2018)
Simplifications of the current configure code are done (some pushed to Sourceforge already), along with simplification of the source in some places to reflect the changes and a configure rewrite. (June 15, 2018)
dwarfdump has a new option: --print-str-offsets . Combined with new interfaces in libdwarf (such as dwarf_open_str_offsets_table_access(), see libdwarf2.1.pdf around page 133) it is possible to print the entire .debug_str_offsets section independently of anything else. It's a good idea to try this yourself on any DWARF5 objects you have on hand as at least one compiler seems to have gotten the section a bit wrong. If there is no .debug_str_offsets section --print-str-offsets generates no output. (April 14, 2018)
Vincent Torri noticed that some aspects of the configure files were using deprecated (old) features. With his help we are now only using current features of configure, one thinks. Regrettably, the cmake build files have ceased working properly. We do not have a fix for this currently. (April 10, 2018)
Carlos Alberto-Enciso provided a DWARF5 object file created by clang/llvm which exposed omissions in handling DWARF5 FORM codes. There are not enough tests in hand to suggest how much of DWARF5 is read correctly, but this is progress. (March 24, 2018)
Thanks to Agostino Sarubbo for finding inadequate checks for corrupted DWARF data in libdwarf and dwarfdump when reading a corrupted frame section. And for providing small test cases. Dwarfdump is decoding the frame instructions itself so most of the corruption checking has to be in dwarfdump. Pushed to Sourceforge. Assigned vulnerability DW201801-001. (January 29, 2018)
Thanks to David Binderman for pointing out that a few lines in dwarf_macro5.c were dead code. The dead code has been removed and the change pushed to Sourceforge. (January 05, 2018)
Thanks to Eeri Kask for pointing out a memory leak in the example program simplereader.c (December 21, 2017)
Thanks to James Lowden for contributing a much more complete dwarfgen.1 man page. (December 4, 2017)
Thanks to Agostino Sarubbo for finding a bug in libdwarf when reading a carefully corrupted .eh_frame section and providing a small test case. This is assigned DW201712-001. The fix has been pushed to Sourceforge. (December 1, 2017)
Thanks to Agostino Sarubbo for finding bugs in dwarfdump when reading an archive file: memory was used after free() and there were other problems. (The -k options worked poorly with archives before these fixes.) Fixes pushed to Sourceforge. Sarubbo also reported cases of dereferences reading a corrupted (fuzzed) object and several such problems are now fixed. (November 08, 2017)
Option handling now allows --longnamearguments, something that will help with dwarfgen and dwarfdump as new features are added (dwarfdump uses up nearly all single letters, and dwarfgen will benefit from having meaningful names for new command line arguments). (October 16, 2017)
dwarf.h said DW_AT_ranges_base and DW_SECT_LOC but the final released DWARF5 used DW_AT_rnglists_base and DW_SECT_LOCLISTS, respectively. Now dwarf.h is correct. (October 5, 2017)
Thanks to Agostino Sarubbo for finding a vulnerability in libdwarf. A carefully constructed invalid abbrev section could crash an application using libdwarf. Assigned DW201709-001 as the identifier. (Fix will be pushed to Sourceforge.net when Sourceforge comes back on line. Sept 26, 2017)
Thanks to Dvir Yitzchaki for helping correct cmake builds and Windows builds. One cannot use cmake to build on FreeBSD as the cmake configury does not yet deal with 'struct _Elf'. The VMs for testing on FreeBSD are now at 11.1 (previously used 9.1) (August 22, 2017)
Thanks to Norm Jacobs for noticing a SPARC relocation type was missing from EM_SPARC32PLUS machine relocation checks and for providing a very concise testcase. (June 29, 2017)
dwarfdump can list Elf section and relocation details but it was not dealing sensibly with objects containing section-groups (COMDAT) and left out some DWARF-related relocation sections until now. There are better section and relocation listing programs (readelf, for example) but dwarfdump can do it too. Pushed to Sourceforge. (May 28, 2017)
Now libdwarf and dwarfdump can deal with split dwarf and COMDAT sections in a sensible fashion. A next task is to document the new functions in libdwarf2.1.mm If you do not need these sorts of DWARF handling then there is nothing new or different here for you. Given recent compiler changes you might be surprised how much COMDAT is emitted in DWARF4, and dwarfdump will tell you about it. Pushed to Sourceforge. (May 17, 2017)
Beginning work on emitting at least basic DWARF5 from the producer code and dwarfgen with the intent of also emitting the .debug_names section. At this point some basic DWARF5 can be emitted from dwarfgen and read properly by dwarfdump. (April 21, 2017)
Thanks to Sid Price for reporting three functions named in libdwarf.h that were not implemented. Deleted from the header since those serve no purpose. After that change issued a tar.gz release as there have been a few fixes since the last release. (April 16,2017)
Thanks to Alexandr Terekhov for noticing that dwarf_dietype_offset() leaked memory essentially every time it was called. The fix is a single additional line, a call to dwarf_dealloc(). Remembered to update dwarfdump version strings. (March 23,2017)
Thanks to Marcel Bohme and Van-Thuan Pham for finding some out of bounds reads and providing test cases. The fixes have been pushed to SourceForge. (March 22, 2017)
Thanks to Emre Kultursay for reporting a bug (and providing a test case!) in the handling of location expressions for DWP/DWO DWARF5 content in DWARF4. (A combination that only a few will encounter). The fix has been pushed to Sourceforge. (March 04, 2017)
Profound thanks to Carlos Alberto Enciso for finding a long-standing bug in dwarfdump/esb.c. What should be a final DWARF5 dwarf.h is on Sourceforge (in libdwarf source as usual) and on this web site. (January 31, 2017)
Sture Carlson reports a new problem compiling libdwarf/dwarf_elf_access.c in CentOS. CentOS-7.3 libelf.h makes an assumption of the connection between SHF_COMPRESSED and Elf32(64)_Chdr that conflicts with libdwarf coding. Moving the SHF_COMPRESSED from a libdwarf header to a C file in libdwarf source fixes the problem very simply. The libdwarf fix is now on Sourceforge. (December 20, 2016)
Thanks to Dvir Yitzchaki for contributing cmake files so cmake enthusiasts can build libdwarf etc with their favorite tool, and that is on Sourceforge now. He also contributed some changes to make a build on Windows easier and those are under review now. (November 30, 2016)
The release was done 2016-09-23, then redone on 2016-09-29, and redone again on 2016-10-01... Then the questionable operation (1<<bit) in dwarfdump tag_tree.c and tag_attr.c where 'bit' can be 31, was flagged as an error by -fsanitize=undefined during the dwarfdump build. That and similar errors doing left-shift are now fixed in several places in the top of trunk version of libdwarf and dwarfdump on Sourceforge. (October 9, 2016)
Using latest libdwarf (not available to the public as of September 22) all the tests have run with an address sanitizer (gcc option -fsanitize=address) and the sanitizer is not finding problems. As soon as we're satisfied with test results we will will issue a new release. (September 22, 2016)
dwarfdump cpu time spent doing -f or -F is now reduced by 25-50 percent. On one X86_64 machine user cpu went from 508 down to 323 seconds (to run 17K tests of a regression test run). One pattern of libdwarf use by dwarfdump made a small memoization effort inside libdwarf work well. Your mileage may vary. (June 13, 2016)
Corrupt relocation records are noticed and prevented from corrupting in-memory data. Thanks to to Yue Liu for the new test case. (May 17, 2016)
Many checks added to catch corrupt DWARF thanks to Yue Liu and his test cases. Thanks to Sture Carlson for pointing out a mistake in the code used to generate tables in the dwarfdump build. Fixes pushed to Sourceforge. (May 12, 2016)
Thanks to Etienne Berg for reporting a missing comma in libdwarf/dwarf_error.c which meant error numbers 264 and higher returned incorrect strings from dwarf_errmsg(). Now that string table is checked by test code. Now, at build time, the array size is checked for correctness. Thanks to Tom Murphy for passing on a report by lieanu of a bug where libdwarf failed to check for a NULL when it really should have checked. Thanks to Yue Liu for providing small test cases showing where libdwarf was not careful to check for erroneous DWARF. Fixes pushed to Sourceforge. (April 27, 2016)
Fixed problems in the -k checking code of DIEs and improved reporting of abbreviations information in DIEs and with -b (try adding -G -v). Fixed a problem where (with a NULL error pointer argument) libdwarf attempted to dereference NULL. (March 12, 2016)
Recent commits to Sourceforge have been cleanups provoked by compiler warnings (the --enable-wall configure option adds a bunch of gcc warning options). Cross-compilation of libdwarf is a little easier as a result of makefile/configure suggestions by Hannes Domani. The SHF_COMPRESSED Elf section flag (meaning zlib compression) is supported for reading DWARF2 through DWARF5 in libdwarf. (February 14, 2016)
Thanks to Hannes Domani for providing a link to some work by Jose Fonseca. Work of interest to folks wanting to access DWARF in a PE object file. See https://github.com/jrfonseca/drmingw/tree/master/src/mgwhelp . It presumes one is using MinGW as a Windows development environment. The C++ source file dwarf_pe.cpp shows how to use existing facilities in libdwarf to access an object format that libdwarf knows nothing about. Basically one creates a set of properly defined function pointers and calls dwarf_object_init() and then the libdwarf function calls are available.. The mgwhelp source is LGPL. (February 07, 2016)
Added support for DWARF5 DW_FORM_line_strp in dwarf_formstring().
Added checks for too-small .debug_frame .eh_frame sections. However this is just the tip of the iceberg when it comes to preventing crashes in the face of bogus input. Most places that are reading bytes of DWARF data simply assume the read won't run off the end of anything. With a little macro magic it's not difficult to do MUCH more thorough testing while reading from memory and yet let one turn off all that testing. It's is not at all clear how much a performance-hit thorough checking would be. For example, checking reads of leb numbers would likely mean checking every byte for still-allowed-pointer. Is such protection from damaged objects a critical feature? (January 19, 2016)
libdwarf.h: in one new macro function interface the argument names were not commented out. Normally not a problem but formally a mistake. Sorry. It's fixed on Sourceforge. The new DWARF5 (and DWARF4 with currrent gcc) macro section (.debug_macro) interface functions are now documented in version 2.38 of libdwarf2.1.pdf on Sourceforge. (January 16, 2016)
Thanks to Tom Hughes for bringing a problem reading a badly-damaged (fuzzed) elf object to my attention: now libdwarf gets an error not a coredump. Thanks to Tom Kittel for suggesting a 4 line fix to a Makefile that lets one easily build and use a shared-library (.so) libdwarf with dwarfdump (or, just as easily, build and use an archive version). Thanks for Emre Kultursay for finding a couple of bugs in libdwarf location list handling and providing the fix. (December 30, 2015)
Libdwarf reads compressed 'zdebug' dwarf sections (transparently, automatically). Thanks to Gernot Klingler for providing an example executable and demonstrating the GNU objcopy option that creates zdebug sections from ordinary DWARF debug sections. Libdwarf now uses zlib if zlib is present at configure time. If zlib is not present at configure time it all still builds but the result won't deal with zdebug sections. (November 27, 2015)
Now allows building libdwarf dwarfdump dwarfgen and dwarfexample separate from the source tree. The build uses configure everywhere now. Thanks to Kubo Takehiro for some configure and Makefile suggestions and for motivating me to complete this feature. (November 15, 2015)
Libdwarf/dwarfdump now supports reading gcc's two-level line tables and split dwarf location lists and some other DWARF5 data.. Thanks to Cary Coutant and Emre Kultursay as their assistance was crucial to getting it done. (November 14, 2015)
Thanks to Edward Williamson, Arnaud Diederen, and Remi Gurski for noticing incompleteness in error condition tests in the libdwarf consumer source code. Fixes for all these issues are in the SourceForge source as of today (one new fix February 13 2015).
Corrections in the use of va_end() pushed to Sourceforge on 12 January, 2015. And addition of includes of stdarg.h in dwarfdump source pushed to Sourceforge 15 January 2015. New options for checking DWARF use (in dwarfdump) pushed to Sourceforge on 08 January, 2015. The regressiontests file set has new tests. Some improvements in handling malloc-failure are included in the source. Thanks to Carlos Alberto Enciso for doing the dwarfdump enhancement.
There no longer seems much need for dwarfdump2 now that dwarfdump has search code built in (dwarf_tsearch). As of the 20150115 release dwarfdump2 is no longer present.
"Code Testing Through Fault Injection" in :login; magazine (December, 2014. Usenix.org) by Peter Gutmann offered a simple idea from an unnamed friend: instrument malloc() so on call N malloc() returns NULL. Here are the details
Results from tests based on this idea make it clear that having the dwarf_error() return be dependent on malloc is not such a good idea when malloc is out of space. The change creates no change in interfaces or semantics, it just uses a static Dwarf_Error_s struct when the alternative is to not really report an error.
Code using the consumer (reader) calls need not change. Binary and source compatibility is retained for consumer code.
The dwarf_producer_init() function interface changed so existing calls will fail at caller compile time. The producer callback function name changed too. This returns the code to a single producer-init function and one with an easier to understand option list. It also results in the elimination of extremely messy producer configure-time options and code #ifdefs relating to relocation generation in favor of simple run-time choices. Though this change is a problem for a few users it seemed inevitable and waiting for some future date did not seem productive.
A correspondent reports that a Go language implementation emitted DW_FORM_ref_addr according to DWARF V2 for the case of 64 bit addresses with 32 bit DWARF offsets. Libdwarf was assuming no one was going to do that in the odd way DWARF2 documented. Now libdwarf follows the standard (as it really should have all along). Thanks to Arnaud Diederen for pointing out this blunder and for providing a tiny Go test source.
Because tsearch() itself is not universally available (and even when tsearch() is available tdestroy() is sometimes not available) I implemented some tree algorithms using the standard tsearch interface definitions.
The basic four tsearch Standard interface declarations are quite old, traditional, incompletely documented, hard to use, and not at all what anyone would design as an interface today. But these four functions are declared in the Posix/SingleUnixSpecification standard.
The algorithms implemented are binary tree, binary tree with Eppinger delete, balanced binary tree, red black tree, and even a hashing version). The function interfaces implemented include tsearch(), tdelete(), tdestroy(), tfind(), and twalk(). All these are in a directory named tsearch beginning with the 20140131 release of libdwarf. The test data for tsearch testing was moved to the regressiontests git repository as of the 20140208 release (to save space in the release source tar file).
To avoid conflicts with standard library versions all the function names are prefixed with dwarf_. Libdwarf and dwarfdump now use the new tsearch.
I ran all the distribution's source code through the checker called STACK from mit.edu. It checks C/C++ source for many sorts of errors. For example, it finds undefined-effect C code. Code optimizers increasingly delete code with undefined-effect so what used to work in your code can stop working. STACK depends on building llvm and clang with specific options and all this is nicely defined on the STACK web page.
I highly recommend this checker for any code you ship.
With Ubuntu 13.10 I found it easy to run C code through the tests. With C++ there were issues with missing gcc headers which required an annoying workaround. I fixed the two errors STACK found, both of which were in libwarf's producer code. The errors involved using a pointer before testing it for NULL. The tests involved would only have effect if callers passed in invalid arguments and meant callers could coredump instead of seeing an error return.
January 31, 2013: Announcing this incompatible change!
In June 2013 there will be an incompatible change to libdwarf.h which will mean those compiling against the producer code in libdwarf will encounter an error. The Callback function prototype will add 'const' to a char * argument in the Callback functions whose types are named below. This is not a binary incompatibility it is a source compile time incompatibility.
Generally the only people affected are those compiling a compiler that uses libdwarf to generate DWARF2. The function prototypes in libdwarf.h are named Dwarf_Callback_Func_c, Dwarf_Callback_Func_b, and Dwarf_Callback_Func.
It will not affect folks linking against libdwarf but not recompiling the code calling libdwarf.
The fix is simple: add 'const' to the char* argument to your libdwarf callback prototypes and implementation.
This change will let us eliminate several compiler warning messages from the build of libdwarf. It will not affect folks calling only the consumer interfaces of libdwarf. Only those who coded callback functions using the libdwarf producer callbacks are affected.
All libdwarf distributions contain C source plus the DWARF2 specification plus libdwarf specifications. Implementors often extend DWARF by adding new attributes and other things. Those that we are aware of are defined in dwarf.h which is provided here for reference. If you have corrections or additions, please let me know! The file is in every distribution of libdwarf.
Beginning 14 May 2021 libdwarf source code is available via anonymous access from github as well as Sourceforge:
"git clone https://github.com/davea42/libdwarf-code code
initializes a git repository in the local directory it will create named "code" and populates it with the most up to date libdwarf source. See the README and README.md for the new June 2021 build instructions.
Since github has programmable APIs you may wish
to switch to accessing the project from github.
Since 19 March 2011 libdwarf source code has been available via anonymous access with git from SourceForge.net. As of June 2021 those wishing to see the latest should use github.com as the source because sourceforge.net is not up to date with the libdwarf source at the moment. The git source code is the most recent: it may have features or fixes not in a tar.gz release, but if so the features or fixes are not needed by most people. Top-of-trunk code in the git repository has been fully tested. currently NOT RECOMMENDED to clone from sourceforge. See the github clone command above.
"git clone git://git.code.sf.net/p/libdwarf/code" from SourceForge.net
initializes a git repository in the local directory it will create named "code" and populates it with the most up to date libdwarf source.
Here is a complete build example using github. Note that these instructions are not up to date with top of trunk. To save space here, we are not building optional programs and not doing any checking for failure at any step. In some environments configure options may be necessary, but none are shown in this example. Later sections here on building show some additional configure options.
# sourceforge example rm -rf /tmp/dwbuildexample mkdir /tmp/dwbuildexample cd /tmp/dwbuildexample # We target 'code' as that is necessary for # the regressiontests to work properly # (see below) but for most people libdwarf-code # is likely a clearer choice. #git clone git://git.code.sf.net/p/libdwarf/code code git clone https://github.com/davea42/libdwarf-code code cd libdwarf-code sh scripts/FIX-CONFIGURE-TIMES mkdir /tmp/dwbuild cd /tmp/dwbuild /tmp/dwbuildexample/libdwarf-code/configure make # move the dwarfdump executable to a convenient place. cp dwarfdump/dwarfdump ~/bin/dwarfdump
cmake users can ignore scripts/FIX-CONFIGURE-TIMES. See README.cmake as of April 26, 2019.
The shell script scripts/FIX-CONFIGURE-TIMES fixes the configure-related file timestamps so configure will be happy. The scripts/FIX-CONFIGURE-TIMES command is safe to run at any time. The command checks that it is being run from an appropriate libdwarf top-level directory before doing anything.
Some new small object tools are available in source via anonymous
"git clone git://git.code.sf.net/p/readelfobj/code readelfobj"
which creates and populates a directory named "readelfobj". The tools will work properly on little-endian and big-endian objects whether the tools are running on a big-endian or little-endian system. There are specific readers for MacOS and PE Object files as well as readelfobj. None of these tools uses any library other than libc. You need to run scripts/FIX-CONFIGURE-TIMES in readelfobj just as you do in the code directory.
cd /path/to/readelfobj-code sh scripts/FIX-CONFIGURE-TIMES #Then run configure
When you build after a clone or pull without running scripts/FIX-CONFIGURE-TIMES you will most likely see an error about aclocal.m4 1.15 when you configure or build. Git does not maintain timestamps (which configure depends on) so after cloning the source (or at any time) go to the top level and run:
sh scripts/FIX-CONFIGURE-TIMES #Then run configure
That will fix the configure-related file timestamps so configure will be happy. The command is safe to run at any time. The command checks that it is being run from an appropriate top-level directory before doing anything.
object_detector prints a few simple facts about Elf, PE, or mach-o dsym files. It does not require you have any Elf,PE, or mach-o object headers.
readelfobj prints Elf object file headers by default. It does not require you have elf.h or libelf.h.
readobjmacho prints a limited part of MacOS mach-o object file header information including the list of sections that contain DWARF information (if any such exist in the object). It does not require you have any mach-o object headers.
readobjpe prints limited set of Windows PE object file section headers. It does not require you have any PE object headers.
(which you really don't need or want)
via either of
"git clone https://github.com/davea42/libdwarf-regressiontests regressiontests "
"git clone git://git.code.sf.net/p/libdwarf/regressiontests
which creates and populates a directory named "regressiontests". The "regressiontests" directory should appear in the same directory as the "code" source code directory as the regression test scripts reach around to the source at certain points. As of 09 November 2020 the regression tests can be run in a temporary directory with something like
mkdir /tmp/dwtests cd /tmp/dwtests /path-to/regressiontests/configure make
The indent-checking tool
useful in case you make changes and want
to preserve proper libdwarf indentation.
As of November 2020 new checks relating
to the libdwarf coding style have been added.
Clone a copy of the source code with
"git clone git://git.code.sf.net/p/dicheck-da/code dicheck-code"
which creates and populates a directory named "dicheck-code".
The libdwarf build process involves a simple traditional approach (at least for personal use, people generating binary releases or a corporate library will have their own internal requirements to consider). In the base directory of the source distribution (either expanded from a tar.gz or from git) do the following:
If all goes well, this will build libdwarf and dwarfdump.
It's common to do the build in a separate directory. As an example of building all the executables using a separate directory, do something like:
# Assuming the source top-level is in /path/to/libdwarf-20180809 mkdir /tmp/bld cd /tmp/bld /path/to/libdwarf-20180809/configure --enable-dwarfexample --enable-dwarfgen make
which will build libdwarf, dwarfdump, dwarfgen, and dwarfexample in a minute or two. You don't need dwarfgen or dwarfexample. If libdwarf and dwarfdump complete their build you have most of the functionality you need. dwarfdump (written in C) lets you dump out, in readable form, the DWARF2, DWARF3, DWARF4, and some DWARF5 data from an object file. (the DWARF5 standard was released on dwarfstd.org in February 2017).
There are some prerequisites you must have installed on your build machine:
C compiler (Conformant with the 1989 or later C standard. Support for the 'long long' datatype is required.) C++ compiler (only needed to build dwarfgen) libelf is optional (however it is required to build dwarfgen) zlib (if your compiler uses compressed sections) See the top-level README in the source for specific references for libelf and zlib.
Contact the libdwarf-list email address before attempting to contribute any code.
On Windows Use of one of the POSIX-like environments like mingw or cygwin or the like will ease your way. You may find cmake very useful on Windows.
The regression test build process involves rather more work, and few will want to bother with it. There is no tar.gz available, you have to use git. In the base directory of the regressiontests distribution do the following (if the base of the libdwarf source tree is at ../code this should work, but if not see the regressiontests/README.txt file):
Rather than keeping known-good output in the regression-tests, we keep a dwarfdump.O (O for Old) to compare its output against the new dwarfdump. We do it this way as the test output is much too large to save.
To run the dwarfextract test successfully, bfd.h needs to be installed in a standard place, so install binutils-dev (or the equivalent for your release) to get bfd.h. We do not link to the bfd library.
In the regressiontests directory do the following.
In the code directory there is a test script that does all the tests including building releases, using cmake and more as well as running the regression tests.
sh scripts/run-all-tests.sh >& /tmp/results # The following is a passing run. grep FAIL /tmp/results # XFAIL: 0 # FAIL: 0 # XFAIL: 0 # FAIL: 0 # XFAIL: 0 # FAIL: 0 # XFAIL: 0 # FAIL: 0 # XFAIL: 0 # FAIL: 0 # XFAIL: 0 # FAIL: 0 # XFAIL: 0 # FAIL: 0 FAIL 0 FAIL 0 FAIL 0 FAIL 0 in run-all-tests.sh
grep FAIL /tmp/results should show all zeros (there should be about 18 lines)
On a modern 3GHz-cpu Linux environment running directly on the host the tests should run in about 35 minutes and the final message should say PASS. Running in a KVM Virtual Machine the tests run in 45 minutes or more. Unless all the components in the libdwarf source build correctly the tests cannot pass.
Unless you are running Ubuntu GNU/Linux or FreeBSD 12 on a i386- or X86_64-compatible cpu you may have more work to do to run the tests, partly because the tests depend on having a known-good version of dwarfdump in the distribution.
If the Ubuntu or FreeBSD dwarfdump executables in the distribution won't run in your test environment you could build dwarfdump.O to run tests:
|filename, download-link||Bytes||Reason for release|
This release corrects libdwarf's handling of DWARF5 line table header DW_LNCT entries. Dwarfdump now prints DW_OP_bra and DW_OP_skip correctly and correctly validates the target of these operators.
sha512sum (remove spaces following colon): e0f9c88554053ee6c1b1333960891189 e7820c4a4ddc302b7e63754a4cdcfc2a cb1b4b6083a722d1204a75e994fff340 1ecc251b8c3b24090f8cb4046d90f870
This release adds summary information on attribute/form-class uses and attribute/forms use to the existing option -ku summary on tags and attributes. Dwarfdump verifies many attribute references are usable and prints a little from the target DIE, including with DW_FORM_ref_sig8 references. Now dwarf.h shows many more extensions (added by compiler developers) to the TAGs and ATtributes defines. Alongide releases is a pdf, libdwarf2.1xl.pdf (xl.pdf as it is extra-large), that is the same as the latest libdwarf2.1.pdf but with the table-of-contents at the front, not the back, of the pdf. Created an experiment, it is around 15MB so seemed too large to place it in the release or to do multiple versions. Later updates will just replace it on prevanders.net.
sha512sum (remove spaces following colon): 6fa05cf88125a95ebe38673d62e94470 1fdd28ba5c50f7695037acbc386f29b4 1d6551d9d08283b7d24fba02f3c0d6c8 f5d424ee75989b6aef54f8dc2340d0f5
Added checks for corrupted DWARF. Improved printing with --print-debug-gnu. Printing of DWARF Expression operators is much easier to read now. The regression tests can now be run in a temporary directory, keeping the test source directory clean.
sha512sum (remove spaces following colon): 246a08b1983e3d765a0516068066ea1c 9ddb3d04d6c25dae73ae251542c9c1f2 8c340ecc50cb2adda7ffea7773d7d615 b7826f85b56e6859ba889301d72e8a85
Corrected the printing of DWARF5 line tables, rnglists, and loclists. Now follows GNU debuglink rules to find the object file with debug in it (when that applies). A new dwarf_init_path_dl() function gives callers needing every feature of GNU debuglink flexibility the required new arguments. Added checks to catch corrupted Elf and PE objects as soon as possible. See the introduction in dwarfdump.1 for a short overview of GNU debuglink, DWARF5 split-dwarf, and MacOS dSYM.
sha512sum (remove spaces following colon): 5c1078440c4afc255ce9597e1fca9661 5b9b41c88fe33c18a1fdc140ec1dee83 5bd926473535fcacb2f8d3c8fd63349c 24e89e71a2d1a2319408a970f7bfa320
Fixed errors in handling split-dwarf so we get more complete information when dwarfdump/libdwarf see both the dwp and the executable. Added some well-known GNU TAG/ATTRIBUTE to the extensions list so dwarfdump will not complain with -ka.
sha512sum (remove spaces following colon): ef7578d5a07d45ded0e5e641ac69b917 ace33bd94efcad7d87b5d1960d7e4883 9095b480b086c84326fc2f15a9e9cfb6 ea7a51d8fffe2f63f50b4b8bd5fdbd39
Added some tag-tag and tag-attribute relationships for DWARF5 and some common extensions to their relationship lists so the -k options do not report these as issues to check. Now libdwarf reads and dwarfdump can print the DWARF5 .debug_sup section. And similarly for .debug_gnu_pubnames, .debug_gnu_pubtypes. A bug in dwarfdump that could lead to a small one-time memory leakage is now fixed fixed.
sha512sum (remove spaces following colon): d474482a7391ca660fa08c2f52ef1c29 61b7c2e7e5b92bf733a9996b7f610ec2 27ff6ea00401f0b4fcd897552fc3b0b0 54e706a36aaffe10841a383391e013a0
Adds support for DWARF5 rnglists and loclists. See the documentation for dwarf_set_de_alloc_flag(0) in libdwarf2.1.pdf, this offers improved libdwarf performance (but requires diligence).
sha512sum (remove spaces following colon): bf0ea33b166d1a5723f67022282eeb2f 374425e8bf3887cde843bcec8d47036f c5c2d713311e09f43ea93b79616a4743 a0394bcd3820f871243a37c0982358c3
The documentation of dwarf_init_path() has been clarified. A couple of memory leaks in handling rare errors have been fixed. The dwarfexample directory has a new example relating to the gnu debuglink features in gcc that allow one to find where any separate object files containing DWARF are located.
sha512sum (remove spaces following colon): b8ed28f0a7e0f537331cdcb1c9a4faf2 5103a70dc9e0f6985a836c4b84bd762e 3631586105abc7a2632e2d35048217d7 9097dccafbb328f56752cb85990e222a
The code and regression tests now work properly in more environments. Including Ubuntu Linux little-endian, big-endian Linux machines (s390), MacOS Catalina, and FreeBSD, and MinGW. 32bit and 64bit systems. No libraries other than libc are needed to build libdwarf or dwarfdump (certain object files use libz compression for DWARF sections and reading those does require one have libz linked in).
sha512sum (remove spaces following colon): 21cac4dc003ebb941a4aeb02454dfff4 afddfbfca1bec7f595a25b8659110d76 cdbb2ccb1c1c2290d94d62ed1c34e71d 5fa469389752c4599f1a76a445a16b4a
Numerous small improvements have been made. Clarifying code, ensuring 'make check' really shows dwarfdump and libdwarf work, and ensuring that 'make check' works under mingw (win32) are the main points.
sha512sum (remove spaces following colon): 0d8b89a91d10badb40137a2c49e897e6 d6beac7176fe877bd52b147a1f3307d9 d0866398b0992c1ce50f8599b9ddce04 fb82e8eeba6bbf6e80b581f96946a938
The build now works for more environments. The cmake support is now simpler and more complete. We now test in big-endian as well as little-endian systems (dwarfgen does not work properly in a big-endian system yet).
sha512sum (remove spaces following colon): 495f194e5be0537b351b359d8529ab7f 89fc93bedd8950526c9d0a7bbf4df112 730b27339434d3ae8fac516db6bbce59 ea5aca2236ee16c21213de0d9b0840ad
It is now straightforward to build a libdwarf and dwarfdump that do not rely on libelf yet will read and process Elf object files. The build with configure is simplified as much unneeded code has been removed. For example all uses and configuration of __UINT32_t and other related integer types have been removed. The cmake build is simplified with configure-isms removed and now works better with MinGW, MSVC, and systems with struct _Elf (example: FreeBSD). Code calling the libelf-only interfaces dwarf_elf_init() and dwarf_elf_init_b() will, when the called libdwarf was built without libelf, get an immediate error return.
sha512sum (remove spaces following colon): 0bd22bc62c72819198917a7fd2585905 2913e38bd2b09a73ccaa8e57c9ed072b 8f14763c5b34b6dcb91e9f904535ced1 122cfd9d5e036d07508c478b30522726
The problem with libdwarf-20190104 is fixed.
sha512sum (remove spaces following colon): 417f17e73cd1ef66c3b049892d893883 95255ebe65808da803084bd929360aec 350c38877ec438a797b5920d2bb363dd 76f938a653da15de13f145a27f6bc567
Do not use! dwarfdump and libdwarf now read and dump DWARF information from Elf, Mach-o and PE object files. January 9: a serious new bug was discovered today. If an object file fails a particular check in libdwarf then libdwarf will crash the caller. Reading valid object files will not crash the caller. Git commit fa5a44c378b0e5a5ba67d8871ac3b325f71f15a9 and later (pushed to Sourceforge) have this fixed.
sha512sum (remove spaces following colon): 6f6891df47cd76aa8ee5cbbad91c43de2c6a9b6cee2 7c8f5f64dc9df3e37c577718f8056e7a71fba6215c7 751ccb834935f52532032eb16bae2c26b3a3450677
Do not use this. It's deleted. See 20190104 (above) instead. A new function (dwarf_init_path()) did not have adequate regression testing and Coverity static analysis identified six or so problems in that code.
sha512sum (remove spaces following colon):
Dwarfdump now has meaningful long-option-names available for all its options. dwarfdump --help-extended shows the list of all options. Thanks to Carlos Alberto Enciso for conceiving and creating the long options. Now libdwarf/dwarfdump can read/print DWARF from mach-o dSYM objects as well as Elf object. Thanks to Eeri Kask for providing help, the impetus to make it happen, and test objects. A libdwarf init call (dwarf_init_path()) is now available. dwarf_object_detector_path() (and dwarf_object_detector_fd()) inform callers information on what an object file actually is (elf, mach-o, or PE). (post release discovery: "dwarfdump -h" does not work usefully. Oops. Use the long-option --help-extended instead.)
sha512sum (remove spaces following colon): 134f8639c4a2ddf012ab196551bcc9afc65c729b36 299ebf807de94561fe878473ea58443d33daaa96f0 08b28dd169ab29f65616e9f1e44a6e7921cfde6e3f19
The new configure seem to be working properly now. For example, 'make check', 'make install' and 'make dist' do the right things whether run in-source-tree or from a build directory. In addition, dwarfdump prints information on section compression (for sections that are compressed) and always prints the actual section name from the object file.
sha512sum (remove spaces following colon): 3c1a97e5b0bae0f18d02402c7b67b1e7 4aacd26b68b738afe5be8e446bdbdd9b 1189658779b8c65cddba40dbd7848d40 510c03eec258708956209b2d76f5dd66
News 2018-07-31. While usable there are issues here: make install does not install the dwarfdump.1 man page . make install installs more into /usr/local/share/libdwarf than was really intended. libdwarf.so shows as version 1.5.0 which was not intended. Replacement coming soon. But if the issues don't matter to you it's fine to use. Replaces 20180723. This release has the new configure. The configure options are mostly identical to previous releases. See the README in the top-level. Profound thanks to Vincent Torri for writing the new configure (any mistakes here are undoubtedly mine, though). Thanks to Hannes Domani for applying Coverity to libdwarf which identified over twenty previously-unknown bugs quite precisely (all fixed now). Thanks to Tom Hughes who noticed an omission in the alpha-non-release July 6. It is quite possible that something important to you is broken. Get in touch as soon as possible if you think something is wrong.
sha512sum (remove spaces following colon): 8eaa9f6ef147a1f59035a4ced24912b4 d1adecf6338a8ae7a061ab396519011c 2c98bc3d58534fefa2bac2a68d3f1871 999f75a3a820c6a58ca7b34dccf9a9c1
Withdrawn. The tar.gz file is missing libdwarf.h.in so attempts to build on FreeBSD (and possibly other platforms) will not succeed.
NOT A NORMAL RELEASE: this is a test release that will be added to Sourceforge on or after July 17, 2018. It uses a completely rewritten configure setup that uses automake and libtool yet one uses configure almost identically to releases of the past; the point is easier source maintenance and additional automation. It passes the usual tests on both Ubuntu 16.04 and FreeBSD 11.1 with 32bit and 64bit pointer environments. See the top-level README. This source is not on Sourceforge, it is only available in this .tar.gz Try it out. Let us know of any difficulties. Make install fails to install dwarf.h and libdwarf.h . The tar.gz here does not have the one-line fix. Email to: libdwarf-list =at= linuxmail =dot= org
sha512sum (remove spaces following colon): 3db4f472906bcb108493b0c85085d635 dde1df59a285989f6720554243ae8ec7 1510c9fadd1c59abf43c6211cf446f62 fb78f2276193adb1a8230d6c1ab6e971
libdwarf: Improved error checking and made cross compiling possible. Possibly all DWARF5 is supported. dwarfdump: Brought configure closer to current standards, enabled cross compiling. Now supports --longoptionnames. Refactored option/flag handling for easier maintenance. Now can print the .debug_str_offsets section with option --print-str-offsets. Thanks to David Blaikie,Carlos Alberto Enciso, Helmut Grohne,Eeri Kask,Pedro Navarro, Vincent Torri,Fabian Wolff, and Keith Walker for their test cases,assistence, and advice.
sha512sum (remove spaces following colon): f8f285373d03498e0bcf607d61cc0fb1 7b555ca48bbeda7c133a9c620e34b727 973aceecfa5402b53189211e3a0f15db e49951c2cf3e63e43775fbc8e9fbfa5d
Fixes libdwarf/dwarfdump vulnerabilities related to detecting corrupt DWARF and includes other small improvements. Thanks to Agostino Sarubbo, David Binderman, Eeri Kask, James Lowden, and Dvir Yitzchaki for their help.
sha512sum (remove spaces following colon): 02f8024bb9959c91a1fe322459f7587a589d096595 6d643921a173e6f9e0a184db7aef66f0fd2548d669 5be7f9ee368f1cc8940cea4ddda01ff99d28bbf1fe58
Fixes a libdwarf vulnerability. Thanks to Team OWL337 for finding the vulnerability and to Fabian Wolff for emailing an alert. Has updates to documentation on DWARF5 consumer interfaces.
sha512sum (remove spaces following colon): afff6716ef1af5d8aae2b887f36b9a6547fb576770 bc6f630b82725ed1e59cbd387779aa729bbd1a5ae0 26a25ac76aacf64b038cd898b2419a8676f9aa8c59f1
Begins to support the DWARF5 .debug_names section and other DWARF5 changes. (not tested, no test cases yet available). Now supports DWARF5 split dwarf sensibly. The few new function interfaces can be ignored by those not needing split dwarf support. The tools can now be built with cmake (the default build is still with configure), thank you Dvir Yitzchaki. Carlos Alberto-Enciso, Emre Kultursay, Marcel Bohme, Van-Thuan Pham, and Alexandr Terekhov all noted bugs or vulnerabilities and these are all fixed.
sha512sum (remove spaces following colon): 85be7ec806029200648514b965e23e163a54cbdc6f2 feba0d4cc96180bab441f85d22640c7a96d6350b8f8 749b7bcbe2f0f1af0865f9a427f2acce5135c4e630
Fixes some newly discovered vulnerabilities (most due to corrupted DWARF). Thanks to Puzzor (Shi Ji) and Agostino Sarubbo for finding and reporting these and for providing short test cases.
sha512sum (remove spaces following colon): 38e480bce5ae8273fd585ec1d8ba94dc3e865a0ef3fcfcf3 8b5d92fa1ce41f8b8c95a7cf8a6e69e7c6f638a3cc56ebbf b37b6317047309725fa17e7929096799
Fixes one place where erroneous dwarf not caught, Updates version strings, adds a bit more DWARF5 support, and converts the few Python scripts from python2 to python3.
sha512sum (remove spaces following colon): 733523fd5c58f878d65949c1812b2f46b40c4cc3177bc 780c703ec71f83675d4b84e81bc1bcca42adf69b5e122 562e4ce8e9a8743af29cc6fafe78ed9f8213fd
Fixes serious bugs in release 20160929 and all earlier releases relating to encoding/decoding leb numbers. It is unlikely anyone will see any difference in output, but values showing a difference can be constructed. libdwarf/dwarf_leb.c has new test code and a few of the tests there demonstrated problems. gcc -fsanitize=undefined found problems as well.
sha512sum (remove spaces following colon): 2c522ae0b6e2afffd09e2e79562987fd819b197c9b ce4900b6a4fd176b5ff229e88c6b755cfbae7831e7 160ddeb3bfe2afbf39d756d7e75ec31ace0668554048
|libdwarf-20160929.tar.gz||Withdrawn. See 20161001.||
Fixes three serious bugs in release 20160923. Two of them old bugs, one new in 20160923. The bugs were exposed by occasional inconsistent behavior in one or two regression tests.
DO NOT USE: use libdwarf-20161001 instead. Think of this as withdrawn. Many improvements in the code catching corrupt dwarf. Quite a number of places with out-of-bound read/write of memory fixed. Trivial but annoying memory leaks in dwarfdump fixed. Thanks to Puzzor, STARLAB, Salvatore Bonaccorso, Agostino Sarubbo, Vul, James Grumbach, and others for reporting memory corruption and other issues.
sha512sum (remove spaces following colon): 941c16dd487e152e34f83a8d1f5eb2992fb8c9fb7a 6309c7c33825267c95614c2a07ef24b205de287344 9b16df1749f9e9a0b9d1c85b64a635180ade073aeb66
Incorporates code detecting malformed DWARF and malformed Elf object files. Dwarfdump and libdwarf performance reading frame data improved significantly, though the improvements don't apply to all frame data interface functions. The configure/make system now builds libdwarf shared objects (when asked to) with a proper soname. Thanks to Sture Carlson, Hannes Domani, etienneberg, Steve Kaufman, Yue Liu, and Fabian Wolff for their help/comments on libdwarf. Major thanks to Carlos Alberto Enciso for his collaboration.
sha512sum (remove spaces following colon): 430978587e284f4c63e54790a7cbbfdf13c7a4154b 9e130dc788869b6c6584981c5af46b7b363d3b181e aaafd5190bcb17e5383f8600cb1d2627c423a7042dc2
Incorporates many additional checks so that corrupt dwarf will not crash an executable calling libdwarf. Thanks to Yue Liu for providing a number of small and corrupted objects.
sha512sum (remove spaces following colon): 8a4d3721390d4d79fbf8d01fb27995ac9871f1d3e 19d85aa25c108ee4cc45968a5331e2b477f559168 c4597513235fb508bfe4ee1664c6dfbede3a47d48490b5
Now reads and prints DWARF5/4 macro data (The new .debug_macro section). Added some checks of abbreviation codes. Thanks to Emre Kultursay, Tom Kittel, Gernot Klingler, and Kubo Takehiro for suggestions and test cases. See the top-level README for hints on building the package outside of the source tree and building and using the shared-library version of libdwarf.
sha512sum (remove spaces following colon): 594519460d3cd3f60f7e97931ce3e3d775393e03068a 2c932d72ba95d8cdb2c53b622671c5af8a798712937b 62dbf9594e2da8945553a0021a275cf677f4d90a
Support for reading Split Dwarf object files provided. New location and location-list interfaces added for Split Dwarf and DWARF5. Uses new functions to pass location list data to callers, not publicly defined structures, as functions make any future changes to location information easier to support. Existing DWARF 2,3,4 location information interfaces retained for compatibility so existing calling code is not affected..
sha512sum (remove spaces following colon): 22c6a233cf156f3e7a8ad65c6b0f3c6b0de5a7ddc0f 1c71c9b2dc7efa59a4ee1c9714e981bb26d40a0c212 7501a3e853a7605af10be96bdcb0486723d4a1443c
Corrected accidental C99-isms, added missing return statements, and improved checking. Thanks to Carlos Alberto Enciso for these enhancements. I suggest using the git source base, it has some small fixes beyond this release related to new code for the .debug_addr and the .debug_str_offsets sections (DWARF5) and for reading gcc experimental two-level line tables.. Thanks to Emre Kultursay for encouraging me to add some needed DWARF5 features and for reporting bugs so the git source base gets corrected quickly.
sha512sum (remove spaces following colon): a567e653fdad598d911e2ed7e219945adbf0f00ef 8e81806e993916aacfc8075657ec3ca925e1efa85 c7860a0d9515cae2b04677dfb25ac416fb4cc47933441a
Strings are checked thoroughly to ensure they do not run off the end of their section without a termination and cause chaos in libdwarf. Now with DWARF5 (and DWARF4) Debug Fission support, so one can nearly transparently (see dwarf_set_tied_dbg()) extract addresses denoted DW_FORM_addrx in a package file from the executable with the .debug_addr section. Withdrawn as 20150915 has this and more.
sha512sum (remove spaces following colon):
Now with DWARF5 (and DWARF4) Package File reader support. Package Files are a way to keep DWARF debug information in a separate object file. DWARF5 is not a released standard, so the new features must be considered tentative.
sha512sum (remove spaces following colon): 3495f6c17b5ade3a9f38e4d92b63f318e1f69d8841 95e6eafecb99c49e9366ed5c0fbdabd15f6d3b79c9 426565a5960364bb1ac1d1cb185363318872cdf83520
Improved range checking. Fixed bugs in dwgetopt(). Added omitted tags and attributes lists in dwarfdump to make error checking more accurate. Where pc checks make no sense in a line table (meaning on DW_TAG_type_unit and children) such dwarfdump checks are now omitted.
sha512sum (remove spaces following colon): 983c0bb5d70f59e95b8b9de9cda74d714795526220 ac944b6e058554b1f1e831063ae5524d6a2de557e1 fe829ccbf17b1ab71195fa5589504ead3d94396ab0a4
The omission of an include of stdarg.h in the 20150112 release meant that standard-conforming compilers could get an error compiling dwarfdump due to va_list not being defined, though Ubuntu and FreeBSD compiles did not see such an error. Now dwarfdump does the include. The dwarfdump2 source has been removed as of this tar.gz file. Dwarfdump2 is no longer needed.
sha512sum (remove spaces following colon): abcc465f3fcc369143cb34976ad2874b5a9d2a6b4f732be2 b83b0e7620799747778947aed0c10872a5fad73443cfa986 48bdc50a3b17c98292a6439b54d60222
New checking options added to dwarfdump. Dwarfdump2 no longer updated or compiled. Improvements in internal checking to handle badly formed Elf and Dwarf files. Better recovery from malloc failure.
sha512sum (remove spaces following colon): 23fe3dec516a90c2cedb851971f2fd902e056bf4471a32 a2237881354d71af866fcdbc9d3ff55d4e83b75fdafd9f 7790bf90165506e9285259c67f342c4eccba
Source incompatibility for users of producer code: dwarf_producer_init() now has a new interface and a sensible way to select the output ABI/ISA for relocation numbers. Part of preparation to emit DWARF3,4,5. The reader code now handles DebugFission, called Split Dwarf objects in the draft DWARF5 standard.
sha512sum (remove spaces following colon): ccf8180b69cdb47902564dda1fca52d15c10239ce6bb8c c9f5af5a67d37f888811572e314414372bfbc2b640c1fff 7cf87542f782f8390f733d884a24d9a16fb
Libdwarf now follows the DWARF2 standard properly in reading DW_FORM_ref_addr. The original DWARF2 standard is on dwarfstd.org so it's gone from the libdwarf source.
sha512sum (remove spaces following colon): 7ecd27b40418fd98bb24ee59b9779efe30dca26384b4a36f5 a1b0a99805f4d8ff281b2e3d4470fb8e8da28045c34bf6b53 fdf85e9dfc5fa76c0eac8462ae8467
Fixed a bug in dwarfdump Makefile.in so parallel make works reliably. Removed remaining trailing-whitespace. Moved tsearch testcases over to the libdwarf regressiontests repository as the tests seemed too large to keep in the source.
sha512sum (remove spaces following colon): d8ba3eeaf36d98a1ee26397208fff1658a2b7a41c 25d3742a81617c74d6359aeff08bb6221f99b9937 9030575578e11cd66be1d906a5832a6edd362229ce2e7e
Radically simplifies libdwarf allocation code. Adds GNU-specific DW_FORM codes so recent gcc objects can be read usefully. Adds tsearch implementations (see the tsearch directory). Removes trailing whitespace (it appeared all over). Adds new functions to libdwarf for new DWARF reference types. The tsearch test cases have bloated this source release, but in future those test cases won't be in the tar file (instead they are in the libdwarf regressiontests repository on Sourceforge).
sha512sum (remove spaces following colon): d41ebe4e7b76ad91f93b17e33da878fb0a35d7a35 32d641108b217bf93bcd9f10c1d52f0dd5f2ece08 3152d8dafe637ae343633f894122cbb77825b7a3350ed2
Added AARCH64 relocation support. Fixed some simple compiler warnings.
sha512sum (remove spaces following colon): f9d25cfd6c6b15bebf6cd63c7014ecf4123798fce637c 0da103008758d6a9d5705c3797216a8d1ab3e210c4235 f199ab19d7ed0bf6c3582f49eacba1629c5cc0
Now with a simplified build (see README) and with checks for most compiler errors in producing DW_AT_sibling attributes. Verified on Ubuntu 12.10 and FreeBSD 9.1.
sha512sum (remove spaces following colon): 1cb272f80745a789d592d57e6a64b1b4ec6e1b646653 da2f19c2e2d803b8e90b52f5c69597360bf1703b1c25 7844c53c3f43a80cd9f45a2adb314ad2511c19e9
A mistake in handling DW_OP_GNU_const_type could lead to a libdwarf coredump at times, and even when it appeared to work the value printed was wrong. Thanks to Tom Hughes and Andrew Bernat for pointing out the DW_OP_GNU_const_type problem. This release has libdwarf interfaces compatible with releases before 20130125. Compared to 20130125 this restores the libdwarf.h interface Dwarf_Loc structure and changes the way the lr_number2 member is used for the new location expression operator DW_OP_GNU_const_type.
sha512sum (remove spaces following colon): c9911ce0b9725400ec1a70e809e185b122095c534f05687 ea0be16a0e9bfe3b8128e353834c43b5fe80e1b149b11 f113fcce53c57bad0a12b3b091dd0e31d043
For information on previous releases, see the older release list
Every release of libdwarf/dwarfdump is tested with many options and option-combinations. There is no real reason libdwarf/dwarfdump users should need to redo this testing work. However, if you do wish to try running the regression tests, you will find them in git in Sourceforge via anonymous access "git clone git://git.code.sf.net/p/libdwarf/regressiontests". See the file README.txt in the base directory of the tests for an overview of the test process. We do not provide a tar file of the regression tests. The regression tests are updated with every libdwarf release.
Additional tests (simple object files or shared-objects or executables) are accepted here should you wish to submit such, but the goal is to add tests that represent previously-untested aspects of DWARF/libdwarf, not to duplicate existing tests. Smallish object files are preferred. No source need be provided. The submitter has to be sure, and state, that releasing the objects here is appropriate.
Nothing in libdwarf looks at very many sections of an Elf file: the other section contents can be zeroed out without affecting the object use for testing libdwarf (see the directory named 'zero' in the testing distribution for a convenient byte-zeroing helper application in C++ source). Sections like .text and .data (and closely related sections) are of no value for testing libdwarf. It may be that otherwise-proprietary objects can be released for use in this test suite once the instruction and data sections are zeroed out.
This work is licensed under a Creative Commons Attribution 4.0 International License.