| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
| |
Use MHD_OPTION_SOCK_ADDR to bind the http listen socket to a single address.
The address should be an IPv4 or IPv6 address configured on the system:
--listen-address=127.0.0.1
--listen-address=::1
--listen-address='LOCAL_IPv4|IPv6_ADDRESS'
As debuginfod does not include any security features, a listen on the
localhost address is sufficient for a HTTP/HTTPS reverse-proxy setup.
Signed-off-by: Michael Trapp <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This feature allows the extra http headers from debuginfod to be saved
into the client cache, and also thus replayed to clients. This way
they can perform IMA verification again, if they like, or a federating
caching intermediate debuginfod server can replay the headers it
received previously from upstream to future downstream. The headers
are placed adjacent to the payload files .cache/debuginfod/BUILDID/PAYLOAD
as .cache/debuginfod/BUILDID/hdr-PAYLOAD. They are aged the same
atime-based way.
Testing via an extension of a previous small test, and hand-running both
client & server code under valgrind. No memcheck errors reported.
Signed-off-by: Frank Ch. Eigler <[email protected]>
|
| |
|
|
|
|
|
| |
This reverts commit a71bac67f4705b84368b71f5ece54deedaa1abf1.
Commit 1be0787d6654ed71bf659e8bfd already fixes this problem.
Signed-off-by: Frank Ch. Eigler <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
debuginfod-find with a failed signature configuration was found on f41
glibc (2.40) to sometimes leave invalid addresses in a sscanf("%ms", &ptr)
pointer in case of error, leading to an invalid free() during cleanup.
We now clear that ptr manually, making valgrind happy. Unclear why this
hasn't shown up in testsuite testing.
==1098106== Invalid free() / delete / delete[] / realloc()
==1098106== at 0x4844B83: free (vg_replace_malloc.c:989)
==1098106== by 0x49647A2: ??? (in /usr/lib64/libdebuginfod-0.192.so)
==1098106== by 0x401528: main (debuginfod-find.c:209)
==1098106== Address 0xc8 is not stack'd, malloc'd or (recently) free'd
Signed-off-by: Frank Ch. Eigler <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
debuginfod_validate_imasig might call free on an uninitialized sig_buf
due to a goto that can occur before sig_buf is set to NULL.
Fix this by setting sig_buf to NULL before the goto.
Signed-off-by: Aaron Merey <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The ar program is called to assemble a list of objects
within each archive to assist in building combined libraries,
however make already has this information
when processing the subdirectory for that respective library.
The list can be saved in a "manifest" file
instead of being generated whenever it is needed
for use with other subdirectories.
Even though the difference in time is insignificant,
a simple "echo" and "cat" is as much as 10 times faster
than a call to "ar t" for printing the archive members.
Since elfutils builds ar,
this also removes the awkward circular dependency
where an installation of ar is required
to build the libraries for ar.
Additionally, not every version of ar is equally portable,
as native versions of ar on macOS and other BSD-like distributions
may print out a special archive member like "__.SYMDEF"
which is not a compiled object but rather just metadata
from ranlib, leading to a build failure.
Avoid these limitations by removing usage of ar
and adding build and clean rules
for the usage of archive manifest files.
* .gitignore: exclude ".manifest" file extension.
* backends/Makefile.am: add manifest file build and clean rules.
* debuginfod/Makefile.am: Likewise.
* lib/Makefile.am: Likewise.
* libasm/Makefile.am: Likewise.
* libcpu/Makefile.am: Likewise.
* libdw/Makefile.am: Likewise,
and set object lists to manifest contents.
* libdwelf/Makefile.am: Likewise.
* libdwfl/Makefile.am: Likewise.
* libebl/Makefile.am: Likewise.
* libelf/Makefile.am: Likewise,
and set object lists to manifest contents.
* src/Makefile.am: Likewise.
Signed-off-by: Michael Pratt <[email protected]>
|
| |
|
|
|
|
|
|
| |
Add __attribute__ ((unused)) to prevent unused param warnings in
is_seekable_archive and extract_from_seekable_archive when USE_LZMA is
false.
Signed-off-by: Aaron Merey <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CORS is the Cross-Origin-Resource-Sharing mechanism explained at
https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS 1. by default
JavaScript code from Website A cannot request arbitrary resources from
website B, these are called cross-origin-requests 2. The browser
performs what is called a preflight check, this the OPTIONS method 3.
the response allows website B fine-grained control over what the web
browser should allow 4. Setting "Access-Control-Allow-Origin: *" tells
the web browser to allow all access, e.g. the same behavior you get with
curl or debuginfod-find The website mentions that the corresponding spec
has been changed, such that preflight requests are no longer necessary,
but in the browsers I use today (Firefox 132 and Chromium 131) they are
still necessary.
I have confirmed that I can use debuginfod with this patch from my web
application at https://core-explorer.github.io/cdx-type/
FChE simplified the code and added a few quick "curl -i | grep" tests
to confirm the new headers are there.
* debuginfod/debuginfod.cxx (handle_options): New function.
(handler_cb): Call it for OPTIONS. Add ACAO header for all
successful requests.
(parse_opt): Parse --cors.
* tests/run-debuginfod-federation-metrics.sh,
tests/run-debuginfod-find-metadata.sh: Lightly test.
* doc/debuginfod.8: Document --cors option, default off.
Signed-off-by: Henning Meyer <[email protected]>
Signed-off-by: Frank Ch. Eigler <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To increase the consistency of how automatic clean targets run,
define the variables together without +=, default to MOSTLYCLEANFILES
when there is no need for different levels or
add more clean levels to match other subdirectories,
add more files that are built, remove duplication, and cleanup.
Do the same for EXTRA_DIST where it is equally messy.
* backends/Makefile.am: add more objects to clean, improve spacing.
* debuginfod/Makefile.am: Likewise, and remove duplicates.
* lib/Makefile.am: improve spacing.
* libasm/Makefile.am: add more objects to clean, split similar to debuginfod.
* libcpu/Makefile.am: use normal =, add more objects to clean.
* libdw/Makefile.am: add more objects to clean, split similar to debuginfod.
* libdwelf/Makefile.am: add more objects to clean, use lowest clean level.
* libdwfl/Makefile.am: Likewise.
* libebl/Makefile.am: add more objects to clean.
* libelf/Makefile.am: add more objects to clean, split similar to debuginfod.
* src/Makefile.am: consolidate including EXTRA_DIST, split clean levels,
define with normal =, define with variables.
* tests/Makefile.am: Likewise, but not including EXTRA_DIST.
Signed-off-by: Michael Pratt <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
debuginfod clients & servers may sometimes encounter very long source
file names. Previously, the client would synthesize a path name like
$CACHEDIR/$BUILDID/source-$PATHNAME
where $PATHNAME was a funky ##-encoded version of the entire source
path name. See https://sourceware.org/PR32218 for a horror case.
This can get too long to store as a single component of a file system
pathname (e.g. linux/limits.h NAME_MAX), resulting on client-side
errors even after a successful download.
New code switches encoding of the $PATHNAME part to use less escaping,
and a merciless truncation to the tail part of the filename. (We keep
the tail rather than the head, so that the extension is preserved,
which makes some consumers happier.) To limit collision damage from
truncation, we add also insert a goofy hash (4-byte DJBX33A) of the
name into the path name. The result is a relatively short name:
$CACHEDIR/$BUILDID/source-$HASH-$NAMETAIL
This is a transparent change to clients, who are not to make any
assumptions about cache file naming structure. However, one existing
test did make such assumptions, so is fixed with some globness. A new
test is also added, using a pre-baked tarball with a very long srcfile
name.
Signed-off-by: Frank Ch. Eigler <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The --metadata-maxtime=SECONDS parameter was intended to limit elapsed
time debuginfod spends attempting to answer metadata queries. These
can be slow because they have to apply glob matches across a large set
of strings, potentially taking many seconds.
However, this option was not implemented fully. It checked for
timeouts only when rows of data were finally served up by the
database, not during. Also, it used the same database connection that
normal debuginfod queries were using, locking them out.
New code creates a new temporary database connection for these
infrequent(?) metadata queries, and enforces timeouts using the
sqlite3 progress-handler callback. This effectively limits total
query runtime, inside or outside the database.
The elfutils testsuite dataset is not large enough to show either the
slow-glob or the locking-out-normal-queries phenomenon, so the
behavioral impact was hand-tested on a moderate sized debuginfod index
on a live federation server. A full valgrind leak check indicated
it's clean.
Signed-off-by: Frank Ch. Eigler <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
When doing a --enable-gcov build we link all binaries static.
libdebuginfod.so now depends on crypto an jsonc. So also add those
when linking against libdebuginfod.a
debuginfod/Makefile.am (libdebuginfod): Add $(crypto_LIBS)
$(jsonc_LIBS) when BUILD_STATIC.
Signed-off-by: Mark Wielaard <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since the schema change adding _r_seekable was done in a backward
compatible way, seekable archives that were previously scanned will not
be in _r_seekable. Whenever an archive is going to be extracted to
satisfy a request, check if it is seekable. If so, populate _r_seekable
while extracting it so that future requests use the optimized path.
The next time that BUILDIDS is bumped, all archives will be checked at
scan time. At that point, checking again will be unnecessary and this
commit (including the test case modification) can be reverted.
Signed-off-by: Omar Sandoval <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
Whenever a new archive is scanned, check if it is seekable with a little
liblzma magic, and populate _r_seekable if so. With this, newly scanned
seekable archives will used the optimized extraction path added in the
previous commit. Also add a test case using some artificial packages.
Signed-off-by: Omar Sandoval <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The kernel debuginfo packages on Fedora, Debian, and Ubuntu, and many of
their downstreams, are all compressed with xz in multi-threaded mode,
which allows random access. We can use this to bypass the full archive
extraction and dramatically speed up kernel debuginfo requests (from ~50
seconds in the worst case to < 0.25 seconds).
This works because multi-threaded xz compression splits up the stream
into many independently compressed blocks. The stream ends with an
index of blocks. So, to seek to an offset, we find the block containing
that offset in the index and then decompress and throw away data until
we reach the offset within the block. We can then decompress the
desired amount of data, possibly from subsequent blocks. There's no
high-level API in liblzma to do this, but we can do it by stitching
together a few low-level APIs.
We need to pass down the file ids then look up the size, uncompressed
offset, and mtime in the _r_seekable table. Note that this table is not
yet populated, so this commit has no functional change on its own.
Signed-off-by: Omar Sandoval <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In order to extract a file from a seekable archive, we need to know
where in the uncompressed archive the file data starts and its size.
Additionally, in order to populate the response headers, we need the
file modification time (since we won't be able to get it from the
archive metadata). Add a new table, _r_seekable, keyed on the archive
file id and entry file id and containing the size, offset, and mtime.
It also contains the compression type just in case new seekable formats
are supported in the future.
In order to search this table when we get a request, we need the file
ids available. Add the ids to the _query_d and _query_e views, and
rename them to _query_d2 and _query_e2.
This schema change is backward compatible and doesn't require
reindexing. _query_d2 and _query_e2 can be renamed back the next time
BUILDIDS needs to be bumped.
Before this change, the database for a single kernel debuginfo RPM
(kernel-debuginfo-6.9.6-200.fc40.x86_64.rpm) was about 15MB. This
change increases that by about 70kB, only a 0.5% increase.
Signed-off-by: Omar Sandoval <[email protected]>
|
| |
|
|
|
|
|
|
| |
handle_buildid_r_match has two very similar branches where it optionally
extracts a section and then creates a microhttpd response. In
preparation for adding a third one, factor it out into a function.
Signed-off-by: Omar Sandoval <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
dwarf_extract_source_paths explicitly skips source files that equal
"<built-in>", but dwarf_filesrc may return a path like "dir/<built-in>".
Check for and skip that case, too.
In particular, the test debuginfod RPMs have paths like this. However,
the test cases didn't catch this because they have a bug, too: they
follow symlinks, which results in double-counting every file. Fix that,
too.
Signed-off-by: Omar Sandoval <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Found by GCC14 -Wanalyzer-double-free.
If the os-release file would contain multiple ID or VERSION_ID entries
we would leak the originally parsed one. Fix by seeing whether id or
version is already set and ignore any future entries.
* debuginfod/debuginfod-client.c (add_default_headers): Check
whether id or version is already set before resetting them.
Signed-off-by: Mark Wielaard <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
Tweak configure.ac to support $subject again. Also tweak
debuginfod-find.c to not unconditionally include json-c.h, since it
may just be compiled in "dummy" mode, sans such prerequisites. It
turns out debuginfod-find fails at run time very early in such a
configuration, long before it gets to jsonic activities.
Signed-off-by: Frank Ch. Eigler <[email protected]>
|
| |
|
|
|
|
| |
Tweak a switch/case statement for gcc8 compatibility.
Signed-off-by: Frank Ch. Eigler <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch extends the debuginfod API with a "metadata query"
operation. It allows clients to request an enumeration of file names
known to debuginfod servers, returning a JSON response including the
matching buildids. This lets clients later download debuginfo for a
range of versions of the same named binaries, in case they need to to
prospective work (like systemtap-based live-patching). It also lets
server operators implement prefetch triggering operations for popular
but slow debuginfo slivers like kernel vdso.debug files on fedora.
Implementation requires a modern enough json-c library, namely 0.11,
which dates from 2014. Without that, debuginfod client/server bits
will refuse to build.
% debuginfod-find metadata file /bin/ls
% debuginfod-find metadata glob "/usr/local/bin/c*"
Refactored several functions in debuginfod-client.c, because the
metadata search logic is different for multiple servers (merge all
responses instead of first responder wins).
Documentation and testing are included.
Signed-off-by: Ryan Goldberg <[email protected]>
Signed-off-by: Frank Ch. Eigler <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Recent versions of Fedora/RHEL include per-file cryptographic
signatures in RPMs, not just an overall RPM signature. This work
extends debuginfod client & server to extract, transfer, and verify
those signatures. These allow clients to assure users that the
downloaded files have not been corrupted since their original
packaging. Downloads that fail the test are rejected.
Clients may select a desired level of enforcement for sets of URLs in
the DEBUGINFOD_URLS by inserting special markers ahead of them:
ima:ignore pay no attention to absence or presence of signatures
ima:enforcing require every file to be correctly signed
The default is ima:ignore mode. In ima:enforcing mode, section
queries are forced to be entire-file downloads, as it is not
possible to crypto-verify just sections.
IMA signatures are verified against a set of signing certificates.
These are normally published by distributions. The environment
variable $DEBUGINFOD_IMA_CERT_PATH contains a colon-separated path for
finding DER or PEM formatted certificates / public keys. These
certificates are assumed trusted. The profile.d scripts transcribe
/etc/debuginfod/*.certdir files into that variable.
As for implementation:
* configure.ac: Add --enable-debuginfod-ima-verification parameter.
Add --enable-default-ima-cert-path=PATH parameter.
Check for libimaevm (using headers only).
* config/Makefile.am: Install defaults into /etc files.
* config/profile.{csh,sh}.in: Process defaults into env variables.
* config/elfutils.spec.in: Add more buildrequires.
* debuginfod/debuginfod.cxx (handle_buildid_r_match): Added extraction of the
per-file IMA signature for the queried file and store in http header.
(find_globbed_koji_filepath): New function.
(parse_opt): New flag --koji-sigcache.
* debuginfod/debuginfod-client.c (debuginfod_query_server): Added policy for
validating IMA signatures
(debuginfod_validate_imasig): New function, with friends.
* debuginfod/debuginfod.h.in: Added DEBUGINFOD_IMA_CERT_PATH_ENV_VAR.
* debuginfod/Makefile.am: Add linker flags for rpm and crypto.
* doc/debuginfod-client-config.7: Document DEBUGINFOD_IMA_CERT_PATH,
update DEBUGINFOD_URLS.
* doc/debuginfod.8: Document --koji-sigcache.
* doc/debuginfod-find.1, doc/debuginfod_find_debuginfo.3: Update SECURITY.
* tests/run-debuginfod-ima-verification.sh: New test.
* tests/debuginfod-ima: Some new files for the tests.
* tests/Makefile.am: run/distribute them.
Signed-off-by: Ryan Goldberg <[email protected]>
Signed-off-by: Frank Ch. Eigler <[email protected]>
|
| |
|
|
|
|
| |
libcurl will fail if a protocol is requested that is not available.
Signed-off-by: Norbert Lange <[email protected]>
|
| |
|
|
|
|
|
| |
Correct an off-by-one error in argv parsing.
Reported-By: <[email protected]>
Signed-Off-By: Frank Ch. Eigler <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
Add malloc_trim() for releasing memory which is allocated for
temporary purposes, e.g. answering queries, adding data to the
database during scans. This patch just adds one call after the groom
cycle, but others could be added around webapi query handling or
scanning ops too.
Signed-off-by: Di Chen <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Recent commit acd9525e9 has removed all references to max_fds
therefore remove it, moreover clang18 is happier
| ../../elfutils-0.191/debuginfod/debuginfod.cxx:1448:8: error: private field 'max_fds' is not used [-Werror,-Wunused-private-field]
| 1448 | long max_fds;
| | ^
| 1 error generated.
Signed-off-by: Khem Raj <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Completely replace the "fdcache" algorithms in debuginfod, which
manages files extracted from archives. Previous logic was a LRU queue
for files requested by users, and a separate LRU queue for prefetched
files found nearby the ones users requested. The code did not handle
annoying edge cases like infrequently accessed but very costly
extraction of files like fedora kernels' vdso.debug. In addition, the
queue was searched linearly for normal lookups. It was also
unceremoniously dropped at each groom cycle.
New code replaces this with an indexed datastructure for quick
lookups, and extra metadata for use during eviction decisions. Each
entry tracks size and such, but now also tracks how recently and how
many times it was requested, how long it took to originally extract.
The new code combines these quantities in a score, by which eviction
eligibility is ranked. Intuitively, the effect is to prefer to hoard
small / slow-to-access files, and prefer to jettison large / fast /
never accessed ones.
It's a tricky thing to balance. The parameters in this configuration
were tested by timing-accurate replaying a few days' worth of actual
traffic of the main fedora debuginfod server. The peer
debuginfod.stg.fedoraproject.org runs the new code. It shows good
performance, excellent use of the cache storage, and strong preference
to hold onto those vdso.debug files. But who knows, it might need
tweaking later. The new code adds more prometheus metrics to make it
possible to grok the effectiveness of the few remaining
fdcache-related options.
Patch includes doc updates and NEWS. The changes are invisible to the
testsuite (except with respect to the new metrics). Code changes are
focused on all the member functions of class libarchive_fdcache, and
their callers. Unused parameters are removed, with previous command
line options hidden/accepted/ignored. Some other minor error-path
tempfile-gc was fixed in the extraction paths.
Signed-Off-By: Frank Ch. Eigler <[email protected]>
|
| |
|
|
|
|
|
|
| |
This reverts commit 41c235a3b3d5778e682a3f9b2b4a2e8ba378facd.
Comment removal in commit 75fb8c0 was intended.
Signed-off-by: Aaron Merey <[email protected]>
|
| |
|
|
|
|
| |
Restore comment mistakenly removed in commit 75fb8c0152.
Signed-off-by: Aaron Merey <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* srcfiles.cxx: Introduce new --zip option that places all the
source files associated with a specified dwarf/elf file
into a zip file and sends it to stdout. Files may be
fetched from debuginfod (if applicable) or locally as
a backup.
Added -b option to disable the backup of checking
for files locally in -z mode.
* run-srcfiles-self.sh: Added test-case for the new zip
feature that archives the source files of the srcfiles
tool and checks archive integrity. An additional test
ensures that if debuginfod is enabled, the files are
fetched and archived properly while maintaing integrity.
* debuginfod-subr.sh: On very slow/remote storage, it can
take O(minute) to finish indexing the entire elfutils
build tree, so a wait_ready4 shell function is one
way to let a longer debuginfod wait operation work.
* srcfiles.1, NEWS: Added documentation for the new zip feature.
* configure.ac: Simplify check for libarchive for srcfiles.cxx
by integrating it into the same check for debuginfod.
* Makefile.am: build with local copy of debuginfod-client.
Example:
% ./src/srcfiles -z -e /bin/ls > output.zip
https://sourceware.org/bugzilla/show_bug.cgi?id=30991
Signed-off-by: Housam Alamour <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
Previous code could return a fd that had its file-offset left at the
place where libcurl last used it, namely at the end of the freshly
downloaded file. Not good if a client just wants to read it right
away! We now ensure (and document) that the fd is pointed to the
beginning of the file.
Signed-off-by: Frank Ch. Eigler <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
musl does not provide GNU version of basename and lately have removed
the definiton from string.h [1] which exposes this problem. It can be
made to work by providing a local implementation of basename which
implements the GNU basename behavior, this makes it work across C
libraries which have POSIX implementation only.
[1] https://git.musl-libc.org/cgit/musl/commit/?id=725e17ed6dff4d0cd22487bb64470881e86a92e7
* lib/system.h (xbasename): New static inline functions.
Poison basename.
* libdw/dwarf_getsrc_file.c (dwarf_getsrc_file): Use xbasename.
* libdwfl/core-file.c (dwfl_core_file_report): Likewise.
* libdwfl/dwfl_module_getsrc_file.c (dwfl_module_getsrc_file):
Likewise.
* libdwfl/dwfl_segment_report_module.c (dwfl_segment_report_module):
Likewise.
* libdwfl/find-debuginfo.c (find_debuginfo_in_path): Likewise.
* libdwfl/link_map.c (report_r_debug): Likewise.
* libdwfl/linux-kernel-modules.c (try_kernel_name): Likewise.
* src/addr2line.c (print_dwarf_function): Likewise.
(print_src): Likewise.
* src/ar.c (do_oper_insert): Likewise.
And cast away const in entry.key assignment.
* src/nm.c (show_symbols): Use xbasename.
* src/stack.c (module_callback): Likewise.
* src/strip.c (handle_elf): Likewise.
* tests/show-die-info.c: Include system.h.
(dwarf_tag_string): Use xbasename.
* tests/varlocs.c: Likewise.
* debuginfod/debuginfod.cxx: Move include system.h to the end.
(register_file_name): Rename basename to filename.
Signed-off-by: Khem Raj <[email protected]>
Signed-off-by: Mark Wielaard <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
libcurl passes an empty line to header_callback indicating the end
of the response's HTTP headers.
Currently this empty line is printed to the debuginfod_client's
verbose_fd with a "header" prefix:
$ echo $DEBUGINFOD_URLS
https://debuginfod.fedoraproject.org/
$ debuginfod-find -vv debuginfo e2bbf033b548021c37866429f12a99bd33bd6e8d
[...]
header x-fedora-requestid: ZULLx0PPA8nmj8c8Hw-RtAACgAE
header server: Apache
header
[...]
Prevent this unnecessary line of output by only printing non-empty
lines in header_callback.
Signed-off-by: Aaron Merey <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
Previous code was inconsistent in offering basename versus full
pathname for these headers. The documentation was not explicit on
this issue. We now simplify by always passing full names back, and
document this in the debuginfod.8 man page, along with pointers to
how to use proxy front-end servers to strip them if needed.
Signed-Off-By: Frank Ch. Eigler <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
Code inspection identified two places where sqlite_ps objects were
being created/used outside try/catch protection. This patch wraps or
replaces them.
* configure.ac: Look for glibc backtrace headers.
* debuginfod.cxx (scan): New function wrapped by a try/catch loop.
(sqlite_checkpoint_pb): Use non-exception-producing sqlite functions.
(main, my_terminate_handler): New terminate() handler.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* debuginfod-client.c (debuginfod_query_server): Use fstat(3)
of the file handle being downloaded into as the preferred
source of download progress.
Tested by hand, as the testsuite doesn't have enough machinery to
simulate compressed vs. uncompressed service. Hand testing with
(unmodified) fedora-38 gdb and debuginfod-find shows dramatically
improved progress displays: all have quantitative figures when
fetching from real (unmodified) upstream servers.
Signed-off-by: Frank Ch. Eigler <[email protected]>
|
| |
|
|
|
|
|
|
| |
The formatting of debuginfod_config_cache in debuginfod-client.c was
slightly off making it hard to see the program logic. Make sure lines
are < 76 chars, and if { } else { } indentation follows GNU style.
Signed-off-by: Mark Wielaard <[email protected]>
|
| |
|
|
|
|
| |
race condition
Signed-off-by: Ryan Goldberg <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Add a "--scan-checkpoint=NUM" option to debuginfod to control forced
synchronization & sqlite -wal checkpointing for the multithreaded
scanning process. In absence of this, a server that's busy with other
read & write operations can accumulate potentially large SQLITE WAL
temporary files. This option causes the server to take intermittent
quiescent breaks during scanning, during which the -wal file can be
processed and truncated.
Signed-off-by: Frank Ch. Eigler <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Split the _files table into two links into a new _fileparts table,
interning the dirname and basename of each file name string. This
reduces storage requirements for many thousands of almost-identical
long paths that are evident in large builds like kernels.
This is unfortunately a schema-breaking change, so requires reindexing
of the corpus.
While in the vicinity, the file scan work queue is changed from a
<set> to an <unordered_set>. The intent is that files be scanned in a
more random sequence instead of sorted. If they're sorted, then files
that contain errors will tend to be retried over and over again at the
next scan cycle, even at the expense of making progress on the other
files in the queue.
Signed-off-by: Frank Ch. Eigler <[email protected]>
|
| |
|
|
|
|
|
|
| |
Until this fix, debuginfod -r -X '.*' didn't trigger groom-time removal
of everything, because the -I include regex overrode it. Corrected logic
to match the scan-time tie-breaking between -I / -X.
Signed-off-by: Frank Ch. Eigler <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
On some public debuginfod servers, it was observed that errors
may occur during individual archive scanning operations. That's
fine, but previous code still went ahead and marked the archive
"done" by inserting a record into the *_file_mtime_scanned table.
New code ensures that exceptions propagate for these cases, and an
archive that encountered an error while scanning will be retried
later.
Signed-off-by: Frank Ch. Eigler <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
The cache cleaning logic requires atime to be correct (strictatime or
relatime) but some users on Linux only have noatime.
Attempt to update the atime manually so that the cache works properly.
Signed-off-by: Jan Alexander Steffens (heftig) <[email protected]>
|
| |
|
|
|
|
|
|
| |
Instead of copying the mtime, which might be far in the past, don't
touch the access time. This will prevent cache cleaning from considering
the file as old immediately.
Signed-off-by: Jan Alexander Steffens (heftig) <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
sscanf is used to get the value of x-debuginfod-size from the http
headers. The format string used assumes that the header field name
is entirely lower case. However mixed-case field names are possible,
resulting in the value not being read.
Fix this by removing "x-debuginfod-size" from the format string.
Signed-off-by: Aaron Merey <[email protected]>
|
| |
|
|
|
|
|
| |
Similar to what 8c4aa0ef998191ed828a37190dc179b91649938a did for ar and
strip, replace the non-standard futimes with the POSIX futimens.
Signed-off-by: Jan Alexander Steffens (heftig) <[email protected]>
|
| |
|
|
|
|
| |
x-debuginfod-size header
Signed-off-by: lilydjwg <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Empty files in the client cache are used to indicate that contacted
servers could not find a requested resource. Future queries for this
resource will not be attempted until the cache_miss_s duration has
passed.
Currently these empty files are also created when a query is cancelled
through the client's progressfn. This can occur, for example, when a
user cancels a download with ctrl-c.
This prevents user-cancelled queries from being retried promptly without
having to modify cache_miss_s. Fix this by skipping the creation of an
empty cache file when progressfn cancels a query.
Signed-off-by: Aaron Merey <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add support for clang Memory Sanitizer [1], which detects the usage of
uninitialized values. While elfutils itself is already checked with
valgrind, checking code that depends on elfutils requires elfutils to
be built with MSan.
MSan is not linked into shared libraries, and is linked into
executables statically. Therefore, unlike the other sanitizers, MSan
needs to be configured fairly early, since we need to drop
-D_FORTIFY_SOURCE [2], -Wl,-z,defs and --no-undefined.
Disable a few tests that run for more than 5 minutes due to test files
being statically linked with MSan.
[1] https://clang.llvm.org/docs/MemorySanitizer.html
[2] https://github.com/google/sanitizers/issues/247
Signed-off-by: Ilya Leoshkevich <[email protected]>
|
