Generalize GetBase for shared libraries to handle cases when both process mapping offset and program header addresses are non-zero. Based on process mapping information, a sample at a virtual address x maps to a file offset fx = x - map_start + map_offset. The program header for the segment with the .text section may have non-zero mapping information. Thus, a file offset fx maps to a symbol address sx = fx - ph_offset + ph_virt_addr. Thus, sx = x - map_start + map_offset - ph_offset + ph_virt_addr, and the base address for symbolization is map_start - map_offset + ph_offset - ph_virt_addr.

il y a 8 ans · a613757740
--- a/internal/elfexec/elfexec.go
+++ b/internal/elfexec/elfexec.go
@@ -240,17 +240,22 @@ func GetBase(fh *elf.FileHeader, loadSegment *elf.ProgHeader, stextOffset *uint6
 
				 		}
			
 
				 		return start, nil
			
 
				 	case elf.ET_DYN:
			
 
				-		if offset != 0 {
			
 
				-			if loadSegment == nil || loadSegment.Vaddr == 0 {
			
 
				-				return start - offset, nil
			
 
				-			}
			
 
				-			return 0, fmt.Errorf("Don't know how to handle mapping. Offset=%x, vaddr=%x",
			
 
				-				offset, loadSegment.Vaddr)
			
 
				-		}
			
 
				+		// The process mapping information, start = start of virtual address range,
			
 
				+		// and offset = offset in the executable file of the start address, tells us
			
 
				+		// that a runtime virtual address x maps to a file offset
			
 
				+		// fx = x - start + offset.
			
 
				 		if loadSegment == nil {
			
 
				-			return start, nil
			
 
				+			return start - offset, nil
			
 
				 		}
			
 
				-		return start - loadSegment.Vaddr, nil
			
 
				+		// The program header, if not nil, indicates the offset in the file where
			
 
				+		// the executable segment is located (loadSegment.Off), and the base virtual
			
 
				+		// address where the first byte of the segment is loaded
			
 
				+		// (loadSegment.Vaddr). A file offset fx maps to a virtual (symbol) address
			
 
				+		// sx = fx - loadSegment.Off + loadSegment.Vaddr.
			
 
				+		//
			
 
				+		// Thus, a runtime virtual address x maps to a symbol address
			
 
				+		// sx = x - start + offset - loadSegment.Off + loadSegment.Vaddr.
			
 
				+		return start - offset + loadSegment.Off - loadSegment.Vaddr, nil
			
 
				 	}
			
 
				 	return 0, fmt.Errorf("Don't know how to handle FileHeader.Type %v", fh.Type)
			
 
				 }
			
--- a/internal/elfexec/elfexec_test.go
+++ b/internal/elfexec/elfexec_test.go
@@ -62,8 +62,9 @@ func TestGetBase(t *testing.T) {
 
				 		{"exec chromeos kernel 4", fhExec, kernelHeader, uint64p(0xffffffff81200198), 0x198, 0x100000, 0, 0x7ee00000, false},
			
 
				 		{"exec chromeos kernel unremapped", fhExec, kernelHeader, uint64p(0xffffffff810001c8), 0xffffffff834001c8, 0xffffffffc0000000, 0xffffffff834001c8, 0x2400000, false},
			
 
				 		{"dyn", fhDyn, nil, nil, 0x200000, 0x300000, 0, 0x200000, false},
			
 
				-		{"dyn offset", fhDyn, lsOffset, nil, 0x0, 0x300000, 0, 0xFFFFFFFFFFC00000, false},
			
 
				+		{"dyn map", fhDyn, lsOffset, nil, 0x0, 0x300000, 0, 0xFFFFFFFFFFE00000, false},
			
 
				 		{"dyn nomap", fhDyn, nil, nil, 0x0, 0x0, 0, 0, false},
			
 
				+		{"dyn map+offset", fhDyn, lsOffset, nil, 0x900000, 0xa00000, 0x200000, 0x500000, false},
			
 
				 		{"rel", fhRel, nil, nil, 0x2000000, 0x3000000, 0, 0x2000000, false},
			
 
				 		{"rel nomap", fhRel, nil, nil, 0x0, ^uint64(0), 0, 0, false},
			
 
				 		{"rel offset", fhRel, nil, nil, 0x100000, 0x200000, 0x1, 0, true},