Second Wind

From Infinity Wiki
Jump to: navigation, search

Second Wind is the second full-system preview release of Infinity. Second Wind has the complete set of glibc notes for GDB to have full functionality, and its libi8x is able to exploit them. Second Wind was released November 9, 2016, and superceded by Third Eye on June 7, 2017.

Changes since Infinity First Flight

glibc

  • The minimum required version of I8C is now 0.0.4.
  • tls.h files have less stuff in them, and I8_THREAD_SELF is now defined globally.
  • Various macros in tls.h files have had missing parentheses added.
  • The second parameter of procservice::get_register(ii)i is now a DWARF register number.
  • TLS notes now implemented.
  • Notes are built differently such that they are included when statically linked.
  • All notes have been renamed to not bake the word libpthread into the interface.

libi8x

  • The shim libthread_db now has a self-test.
  • procservice::get_register(ii)i should now work for debugger wordsize != inferior wordsize cases.
  • The shim libthread_db's r_debug walk should now work for debugger wordsize != inferior wordsize cases.
  • Everything should now build on 32-bit.
  • 64-bit dereferences in 32-bit notes are now rejected.
  • All supported operations are now implemented in libi8x.
  • i8x_code_unpack_info no longer leaks readbuf references on error.
  • i8x_type is now public.
  • More of i8x_funcref is now public.
  • i8x_func is passed to native calls, for userdata access and polymorphism.
  • The shim libthread_db now has TLS notes td_thr_tlsbase and td_thr_get_addr.
  • libi8x has more tests, including validation and execution smoke tests for all notes currently written.

Building Infinity Second Wind

There are two things you need to build to try Infinity Second Wind: a glibc with Infinity notes, and the shim libthread_db that accesses them. You will also need something that uses libthread_db, for example GDB.

Create a test build of glibc with Infinity notes

To build glibc with Infinity notes you first need to install I8C. For Second Wind you need I8C 0.0.4, which you can install with PIP:

pip install --user i8c==0.0.4

or you can build from source:

git clone https://gitlab.com/gbenson/i8c.git
cd i8c
git branch i8c-0.0.4 i8c-0.0.4-release
git checkout i8c-0.0.4
python setup.py test  # optional
python setup.py install --user

The command i8c needs to be in your path before you continue. Either of the above sequences will install I8C in ~/.local/bin/i8c, so you may need to add ~/.local/bin to your path. Alternatively you can omit the --user and install I8C globally on your system. However you install it, you need to be able to enter this exact command:

i8c --version | head -n 1

and see this exact output:

I8C 0.0.4

Once you have I8C installed you can proceed to build glibc:

mkdir -p glibc/build
git clone https://gitlab.com/gbenson/glibc.git glibc/src
cd glibc/src
git branch second-wind infinity-second-wind
git checkout second-wind
cd ../build
../src/configure --prefix=/usr --with-infinity
make

--with-infinity is assumed if you have I8C installed, but specifiying it explicitly here forces configure to check the version for you.

You should be able to see Infinity notes in libpthread.so and ld.so if everything worked. Both

readelf -n nptl/libpthread.so
readelf -n elf/ld.so

should list several notes with owner "GNU" and unknown type 5:

Displaying notes found at file offset 0x0002144c with length 0x00000378:
  Owner                 Data size	Description
  GNU                  0x0000006d	Unknown note type: (0x00000005)
  GNU                  0x0000007d	Unknown note type: (0x00000005)
  GNU                  0x000000cc	Unknown note type: (0x00000005)
  GNU                  0x0000009f	Unknown note type: (0x00000005)
  GNU                  0x0000005f	Unknown note type: (0x00000005)
  GNU                  0x0000005b	Unknown note type: (0x00000005)

See https://sourceware.org/glibc/wiki/Testing/Builds for more information about glibc test builds.

Build libi8x with the shim libthread_db

To build libi8x with the shim libthread_db you first need to install the elfutils libelf development files. For Fedora and RHEL this is the elfutils-libelf-devel RPM. For Debian and Ubuntu the package you need is libelf-dev. Either way, once done you should see /usr/include/libelf.h on your system.

Once that's there, clone and build libi8x:

 git clone https://gitlab.com/gbenson/libi8x.git
 cd libi8x
 git branch libi8x-0.0.3 libi8x-0.0.3-release
 git checkout libi8x-0.0.3
 ./autogen.sh
 ./configure
 make
 make check  # optional

You should see an examples/libthread_db.so.1 symbolic link if it worked.

Things to do with Infinity Second Wind

Run the note tester, debug using GDB, trace note bytecode

All Infinity First Flight examples are still relevant. See First Flight#Things to do with Infinity First Flight.

Display TLS variables

With Second Wind it's now possible to access TLS variables. With the Python First Flight examples try errno. In one window do this:

bash$ /path/to/glibc/build/testrun.sh /usr/bin/python
Python 2.7.5 (default, Aug  2 2016, 04:20:16) 
[GCC 4.8.5 20150623 (Red Hat 4.8.5-4)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import os
>>> os.getpid()
12169
>>> import threading
>>> threading.Timer(60, dir).start()

And in another window do this:

bash$ gdb
GNU gdb (GDB) 7.11.50.20160617-git
Copyright (C) 2016 Free Software Foundation, Inc.
...
(gdb) set auto-load safe-path /path/to/libi8x/examples/
(gdb) set libthread-db-search-path /path/to/libi8x/examples/
(gdb) attach PID
Attaching to process 12169
...
(gdb) info threads
  Id   Target Id         Frame 
* 1    Thread 0x7fbf8dfd3700 (LWP 12169) "ld-linux-x86-64" 0x00007fbf8e0b41a3 in select () at ../sysdeps/unix/syscall-template.S:84
  2    Thread 0x7fbf88091700 (LWP 12175) "ld-linux-x86-64" 0x00007fbf8e0b41a3 in select () at ../sysdeps/unix/syscall-template.S:84
(gdb) print errno
$1 = 0
(gdb) thread 2
[Switching to thread 2 (Thread 0x7fbf88091700 (LWP 12175))]
#0  0x00007fbf8e0b41a3 in select () at ../sysdeps/unix/syscall-template.S:84
84	T_PSEUDO (SYSCALL_SYMBOL, SYSCALL_NAME, SYSCALL_NARGS)
(gdb) print errno
$2 = 11

The contrib/threads-static example has a TLS variable tlsvar that you can similarly inspect. Its value should be 23 in one thread and 42 in the other.