Bug 150940

Created attachment 68451 [details]
debuginfo.patch

Rudi & Co, what do you think?

File thinks that all files stripped with objcopy --strip-debug are still unstripped, so the strip check would break for all kernel modules.

Can we set up a policy whether our libraries should be executable or not, and enforce this instead?

/lib/modules/2.6.16-rc3-5-ppc64/kernel/fs/nfsd/nfsd.ko: ELF 64-bit MSB relocatable, cisco 7500, version 1 (SYSV), not stripped

it will not hurt, unless I misunderstood what you said.

Exit 1 in find-debuginfo.sh doesn't seem like a good idea to me. I'm not sure if that aborts the build though.

it does, and it should. Is there any package that has executables in a 'debug' directory?

This will print all files that don't have /debug in their path, which applies to all kernel modules:

  find ${RPM_BUILD_ROOT} -path '*/debug' -prune -o -type f -print0

So the script would exit with 1 for all kernels --- not good.

yeah, I got the order wrong, the nfsd will of course fail the build.

find ${RPM_BUILD_ROOT} \( -path '*/debug' -o -path /boot -o -path /lib/modules \) -prune -o -type f -print0

this may work better.

Still my point from comment 3 remains: shouldn't we ensure that all libraries are executable instead, or change the debug split code to no longer only check executables?

the mode check is ok, otherwise it would take to long to look into each binary and check if its something usable. no idea how big the slowdown would be.


and poking around further on snowberry, these packages have still debuginfo in it :(

file /*bin/* /usr/*bin/* /lib*/* /usr/lib*/* | grep -E 'not stripped' | grep -vw 64-bit |  cut -f 1 -d : | xargs rpm -qf | sort -u

cdparanoia-IIIalpha9.8-551
glibc-2.3.90-64
glibc-devel-2.3.90-64
libacl-2.2.34-2
libattr-2.4.28-2
libcap-1.92-489
libcdio-0.76-3
libmikmod-3.1.11-3
mDNSResponder-107.5-2
nscd-2.3.90-64
openldap2-client-2.3.19-2
permissions-2006.1.25-1
slang-2.0.5-3
tcpd-7.6-720
timezone-2.3.90-64
vcdimager-0.7.23-6
xfsprogs-2.7.11-4


glibc may be special. maybe add yet another variable to not fail the build.

ok, some of the above simply have no -debuginfo package.

As Andreas also already wrote the output of 'file' is unreliable.  Sometimes
the files only contain a symbol table, but not real debug information.
E.g. glibc:

% file /lib/power4/libthread_db-1.0.so
/lib/power4/libthread_db-1.0.so: ELF 32-bit MSB shared object, PowerPC or cisco 4500, version 1 (SYSV), for GNU/Linux 2.6.4, not stripped

% readelf -e /lib/power4/libthread_db-1.0.so | grep debug
  [29] .gnu_debuglink    PROGBITS        00000000 007aae 000020 00  0   0  1
%

ok, should I uead readelf instead of file?
what would be the pattern?

In case of /usr/bin/chkstat, I see on the stripped binary:

@@ -49,9 +49,7 @@
   [25] .sbss             NOBITS          100131b0 0031b0 000018 00  WA  0   0  4
   [26] .bss              NOBITS          100131c8 0031b0 00000c 00  WA  0   0  4
   [27] .comment          PROGBITS        00000000 0031b0 000173 00      0   0  1
-  [28] .shstrtab         STRTAB          00000000 003323 0000f5 00      0   0  1
-  [29] .symtab           SYMTAB          00000000 0038f0 000e40 10     30  48  4
-  [30] .strtab           STRTAB          00000000 004730 000b26 00      0   0  1
+  [28] .shstrtab         STRTAB          00000000 003323 0000e5 00      0   0  1
 Key to Flags:
   W (write), A (alloc), X (execute), M (merge), S (strings)
   I (info), L (link order), G (group), x (unknown)

If a binary or shared lib is not handled by find-debuginfo (i.e. the debuginfo
separated) it will contain these DWARF2 sections:
  [23] .debug_aranges    PROGBITS        00000000 0087e0 000118 00  0   0  8
  [24] .debug_pubnames   PROGBITS        00000000 0088f8 000409 00  0   0  1
  [25] .debug_info       PROGBITS        00000000 008d01 00581d 00  0   0  1
  [26] .debug_abbrev     PROGBITS        00000000 00e51e 000abd 00  0   0  1
  [27] .debug_line       PROGBITS        00000000 00efdb 001496 00  0   0  1
  [28] .debug_frame      PROGBITS        00000000 010474 000888 00  0   0  4
  [29] .debug_str        PROGBITS        00000000 010cfc 000c7e 01  0   0  1
  [30] .debug_loc        PROGBITS        00000000 01197a 00562d 00  0   0  1
  [31] .debug_ranges     PROGBITS        00000000 016fa7 001240 00  0   0  1

greping for just .debug_info is probably safest, it's the main debug
information section.  An ELF file with separate debug info can be detected
by existence of the ".gnu_debuglink" option.  An ELF file without any
debug info has neither, but still can have the .symtab and .strtab sections.
Those would be striped by a simple-minded 'strip' command, but that would
remove usefull information for backtraces, so we leave those in the binaries.

Ok, will look for a better patch. libicu from beta3 doesnt have any .debug_* sections. Maybe rpm scripts removed it in some other way.

libicu is a subpackage of icu.  The -debuginfo packages are created in
<main>-debuginfo, also for all subpackages.  The shared libraries in
libicu.rpm should all contain a .gnu_debuglink section.

Created attachment 68711 [details]
find-debuginfo.patch

look at all files, file would have done it anyway.
force permissions of all debug related files.

your patch doesn't fix "find" being unreliable source. it should use objdump -h | grep debug_info (or similiar). 

can you provide a better patch?

interesting abuse of NEEDINFO :)

Created attachment 69111 [details]
dmueller's find-debuginfo patch

list of affected files (from my workstation):

would strip /usr/X11R6/lib/X11/locale/lib/common/xlcDef.so.2
would strip /usr/X11R6/lib/X11/locale/lib/common/xlcUTF8Load.so.2
would strip /usr/X11R6/lib/X11/locale/lib/common/xlibi18n.so.2
would strip /usr/X11R6/lib/X11/locale/lib/common/xlocale.so.2
would strip /usr/X11R6/lib/X11/locale/lib/common/xomGeneric.so.2
would strip /usr/X11R6/lib/modules/dri/atiogl_a_dri.so
would strip /usr/X11R6/lib/modules/dri/fglrx_dri.so
would strip /usr/X11R6/lib/modules/input/gunze_drv.so
would strip /usr/X11R6/lib/modules/input/synaptics_drv.so
would strip /usr/bin/gnutls-cli-debug
would strip /usr/bin/cdxa2mpeg
would strip /usr/bin/vcd-info
would strip /usr/bin/vcdimager
would strip /usr/bin/vcdxbuild
would strip /usr/bin/vcdxgen
would strip /usr/bin/vcdxminfo
would strip /usr/bin/vcdxrip
would strip /usr/bin/isodebug
would strip /usr/bin/debugsh
would strip /usr/lib/browser-plugins/nphelix.so
would strip /usr/lib/browser-plugins/libdragonegg.so
would strip /usr/lib/browser-plugins/nsdejavu.so
would strip /usr/lib/pt_chown
would strip /usr/lib/slang/v2/modules/select-module.so
would strip /usr/lib/slang/v2/modules/fcntl-module.so
would strip /usr/lib/slang/v2/modules/termios-module.so
would strip /usr/lib/slang/v2/modules/slsmg-module.so
would strip /usr/lib/slang/v2/modules/varray-module.so
would strip /usr/lib/perl5/vendor_perl/5.8.8/i586-linux-thread-multi/LibStorage.so
would strip /usr/lib/gcc/i586-suse-linux/4.1.0/libgcc_s.so.1
would strip /usr/lib/gnupg/gpgkeys_ldap
would strip /usr/lib/libimnxcert.a
would strip /usr/lib/rpm/debugedit
would strip /usr/lib/libmikmod.so.2.0.4
would strip /usr/lib/libslang.so.2.0.5
would strip /usr/lib/dvb/ci_highlevel.so
would strip /usr/lib/dvb/ci_linklayer.so
would strip /usr/lib/libvcdinfo.so.0.2.0
would strip /usr/lib/libcdda_interface.so.0.9.8
would strip /usr/lib/libcdda_paranoia.so.0.9.8
would strip /usr/lib/torcs/drivers/berniw/berniw.so
would strip /usr/lib/torcs/drivers/berniw2/berniw2.so
would strip /usr/lib/torcs/drivers/berniw3/berniw3.so
would strip /usr/lib/torcs/drivers/bt/bt.so
would strip /usr/lib/torcs/drivers/cylos1/cylos1.so
would strip /usr/lib/torcs/drivers/damned/damned.so
would strip /usr/lib/torcs/drivers/human/human.so
would strip /usr/lib/torcs/drivers/inferno/inferno.so
would strip /usr/lib/torcs/drivers/inferno2/inferno2.so
would strip /usr/lib/torcs/drivers/lliaw/lliaw.so
would strip /usr/lib/torcs/drivers/olethros/olethros.so
would strip /usr/lib/torcs/drivers/sparkle/sparkle.so
would strip /usr/lib/torcs/drivers/tanhoj/tanhoj.so
would strip /usr/lib/torcs/drivers/tita/tita.so
would strip /usr/lib/torcs/lib/libconfscreens.so
would strip /usr/lib/torcs/lib/libclient.so
would strip /usr/lib/torcs/lib/libraceengine.so
would strip /usr/lib/torcs/lib/liblearning.so
would strip /usr/lib/torcs/lib/libracescreens.so
would strip /usr/lib/torcs/lib/librobottools.so
would strip /usr/lib/torcs/lib/libtgf.so
would strip /usr/lib/torcs/lib/libtgfclient.so
would strip /usr/lib/torcs/lib/libtxml.so
would strip /usr/lib/torcs/modules/graphic/ssggraph.so
would strip /usr/lib/torcs/modules/simu/simuv2.so
would strip /usr/lib/torcs/modules/telemetry/telemetry.so
would strip /usr/lib/torcs/modules/track/track.so
would strip /usr/lib/libicui18n.so.34.0
would strip /usr/lib/libicuio.so.34.0
would strip /usr/lib/libicule.so.34.0
would strip /usr/lib/libiculx.so.34.0
would strip /usr/lib/libxvidcore.so.4.1
would strip /usr/lib/libQtCore_debug.so.4.1.0
would strip /usr/lib/libQt3Support_debug.so.4.1.0
would strip /usr/lib/libQtDesignerComponents_debug.so.4.1.0
would strip /usr/lib/libQtDesigner_debug.so.4.1.0
would strip /usr/lib/libQtGui_debug.so.4.1.0
would strip /usr/lib/libQtNetwork_debug.so.4.1.0
would strip /usr/lib/libQtOpenGL_debug.so.4.1.0
would strip /usr/lib/libQtSvg_debug.so.4.1.0
would strip /usr/lib/libQtXml_debug.so.4.1.0
would strip /usr/lib/libicutu.so.34.0
would strip /usr/lib/libicuuc.so.34.0
would strip /usr/lib/libdjvulibre.so.15.1.0
would strip /usr/lib/libQtTest_debug.so.4.1.0
would strip /usr/lib/libQtSql_debug.so.4.1.0
would strip /usr/local/sbin/blktool
would strip /usr/sbin/fix_chs
would strip /usr/share/doc/packages/gnutls/examples/.libs/ex-cert-select
would strip /usr/share/doc/packages/gnutls/examples/.libs/ex-client-resume
would strip /usr/share/doc/packages/gnutls/examples/.libs/ex-client-srp
would strip /usr/share/doc/packages/gnutls/examples/.libs/ex-client1
would strip /usr/share/doc/packages/gnutls/examples/.libs/ex-client2
would strip /usr/share/doc/packages/gnutls/examples/.libs/ex-crq
would strip /usr/share/doc/packages/gnutls/examples/.libs/ex-serv-anon
would strip /usr/share/doc/packages/gnutls/examples/.libs/ex-serv-export
would strip /usr/share/doc/packages/gnutls/examples/.libs/ex-serv-pgp
would strip /usr/share/doc/packages/gnutls/examples/.libs/ex-serv-srp
would strip /usr/share/doc/packages/gnutls/examples/.libs/ex-serv1
would strip /usr/share/doc/packages/libxml2-devel/examples/.libs/io1
would strip /usr/share/doc/packages/libxml2-devel/examples/.libs/io2
would strip /usr/share/doc/packages/libxml2-devel/examples/.libs/parse1
would strip /usr/share/doc/packages/libxml2-devel/examples/.libs/parse2
would strip /usr/share/doc/packages/libxml2-devel/examples/.libs/parse3
would strip /usr/share/doc/packages/libxml2-devel/examples/.libs/parse4
would strip /usr/share/doc/packages/libxml2-devel/examples/.libs/reader1
would strip /usr/share/doc/packages/libxml2-devel/examples/.libs/reader2
would strip /usr/share/doc/packages/libxml2-devel/examples/.libs/reader3
would strip /usr/share/doc/packages/libxml2-devel/examples/.libs/reader4
would strip /usr/share/doc/packages/libxml2-devel/examples/.libs/testWriter
would strip /usr/share/doc/packages/libxml2-devel/examples/.libs/tree1
would strip /usr/share/doc/packages/libxml2-devel/examples/.libs/tree2
would strip /usr/share/doc/packages/libxml2-devel/examples/.libs/xpath1
would strip /usr/share/doc/packages/libxml2-devel/examples/.libs/xpath2
would strip /usr/share/doc/packages/slang-devel/modules/fcntl-module.so
would strip /usr/share/doc/packages/slang-devel/modules/select-module.so
would strip /usr/share/doc/packages/slang-devel/modules/termios-module.so
would strip /usr/share/doc/packages/slang-devel/modules/slsmg-module.so
would strip /usr/share/doc/packages/slang-devel/modules/varray-module.so
would strip /usr/share/doc/packages/slang-devel/slsh/slsh

this removes the warning. bad to find offenders.
doesnt force 644 permissions.
also, not all of the files are part of a package which has a -debuginfo.rpm

Created attachment 69116 [details]
new patch

well, the patch was only a replacement for the first hunk of your patch obviously.

and what do you mean by "not all of the files are part of a package which has a -debuginfo.rpm" ? Wasn't that part of the story of fixing debuginfo support ?!

master-boot-code has no -debuginfo.
your patch will likely work.

can you submit a package to BETA to see what breaks?

never mind, did so myself. 

Status?

ready.

Its either waiting for debuginfo's to be enabled in BETA or being copied over to STABLE. 

ping.. nothing happening..

submitted to STABLE.