On Wed, Dec 11, 2019 at 05:29:42PM -0800, Omar Sandoval wrote:
> From: Omar Sandoval <osan...@fb.com>
>
> Hello,
>
> I recently encountered a bug that dwfl_addrmodule doesn't work correctly
> for Linux kernel modules. This is because each section of a kernel
> module is allocated independently, so sections from different kernel
> modules may be intermixed. For example:
>
> # cd /sys/modules
> # cat ext4/sections/.init.text
> 0xffffffffc0f0f000
> # cat ext4/sections/.bss
> 0xffffffffc1303e80
> # cat kvm/sections/.init.text
> 0xffffffffc0f06000
> # cat kvm/sections/.bss
> 0xffffffffc10d2340
>
> This confuses dwfl_addrmodule/dwfl_addrsegment, which builds a lookup
> table based on mod->low_addr and mod->high_addr.
I did some more testing, and I realized that my analysis was wrong :(
What's going on here is that:
1. The kernel frees the .init sections once the module is initialized,
which means the addresses can be reused for new modules.
2. My application is reporting low_addr and high_addr based on the
section addresses (which is different from how
dwfl_linux_kernel_report_modules does it).
Reading the kernel code, the main sections are indeed contiguous. So
this was entirely my bug. Sorry for the noise!
On the bright side, patch 2 ("libdwfl: remove broken coalescing logic in
dwfl_report_segment") does seem like a legitimate bug.
