Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Fix] GoTLS function offset #2

Closed
wants to merge 2 commits into from
Closed

[Fix] GoTLS function offset #2

wants to merge 2 commits into from

Conversation

wlingze
Copy link
Owner

@wlingze wlingze commented Apr 2, 2024

No description provided.

@wlingze wlingze mentioned this pull request Apr 2, 2024
Closed
@wlingze
Copy link
Owner Author

wlingze commented Apr 3, 2024

I have created some test cases for the docker arm64 binary file, See #2 for details.
When i use IdaPro, readelf or simplely retrieve all symbols from *elf.File, it works and I obtain the correct address.
When I use *gosym.Table, the address is incorrect. address = 0x00635cb0
Also, when *gosym.Table is built, the data contains errors.

you can set a condition breakpoint in /usr/lib/go/src/debug/gosym/pclntab.go at line 308 with i==6626, where the *gosym.Func is built.

And I used go-parser with IdaPro, which shows that gopclntab contains incorrect data.

in this address: data(0x238980) + .textbase(0x3fd1e0) = 0x00635cb0
image

There's another thing:
I've previously built some simple binary files for testing, see #1, and they run well after removing the IdaProOffset.

So debug/gosym get wrong address, because binary file gopclntable data wrong or need other calculate.

debug/gosym get wrong, but go-parser get correct data.

in go-parser use this text-start:
image
in debug/gosym use this text-start:
image

@wlingze
Copy link
Owner Author

wlingze commented Apr 3, 2024
edited
Loading

why this f.textStart error?

this f.textStart data from here:
/usr/lib/go/src/debug/gosym/pclntab.go:258
image
and this t.PC come from NewLineTable, in code ~/ecapture/user/config/config_gotls.go:333.

in other side, go-parser get this textStart data from pclntbl table.

rootcause:

debug/gosym use PC passed by call NewLineTable for textStart.
But this textStart should get from pclntable.

The relevant code changed by go pr 366695

solution:

  1. use symbols from *elf.File like nopie case, you can get correct address. (Checked)
  2. use symbols get runtime.text address, pass to NewLineTable, like go pr 366695 (NoChecked)

@wlingze wlingze mentioned this pull request Apr 7, 2024
Merged
@wlingze wlingze closed this Apr 9, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@wlingze