Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG]"dlopen failed: empty/missing DT_HASH/DT_GNU_HASH", but already has DT_GNU_HASH #1866

Closed
cyxcw1 opened this issue Apr 13, 2023 · 9 comments
Closed

[BUG]"dlopen failed: empty/missing DT_HASH/DT_GNU_HASH", but already has DT_GNU_HASH #1866

cyxcw1 opened this issue Apr 13, 2023 · 9 comments
Labels
bug

Comments

@cyxcw1
Copy link

cyxcw1 commented Apr 13, 2023
edited

Description

It is related to this issue: #1865, after I solve the soname problem.
Also with the libbz2.so, my app crash when starting up:

W/linker: Warning: "/data/app/com.test.csdk.sample_app-ZWeY82cnmYLTHIVMDD5iuQ==/lib/arm64/libbz2.so" unused DT entry: unknown (type 0x5858585858585858 arg 0x0) (ignoring)
D/AndroidRuntime: Shutting down VM
E/AndroidRuntime: FATAL EXCEPTION: main
    Process: com.test.csdk.sample_app, PID: 13721
    java.lang.UnsatisfiedLinkError: dlopen failed: empty/missing DT_HASH/DT_GNU_HASH in "/data/app/com.test.csdk.sample_app-ZWeY82cnmYLTHIVMDD5iuQ==/lib/arm64/libbz2.so" (new hash type from the future?)
        at java.lang.Runtime.loadLibrary0(Runtime.java:1071)
        at java.lang.Runtime.loadLibrary0(Runtime.java:1007)

But I checked the libbz2.so and found:

  [ 4] .gnu.hash         GNU_HASH         00000000000008d8  000008d8
  [ 5] .hash             HASH             00000000000009d4  000009d4
 0x000000006ffffef5 (GNU_HASH)           0x8d8
 0x0000000000000004 (HASH)               0x9d4

Below is part of the elf info:

ELF Header:
  Magic:   7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00 
  Class:                             ELF64
  Data:                              2's complement, little endian
  Version:                           1 (current)
  OS/ABI:                            UNIX - System V
  ABI Version:                       0
  Type:                              DYN (Shared object file)
  Machine:                           AArch64
  Version:                           0x1
  Entry point address:               0x2e54
  Start of program headers:          64 (bytes into file)
  Start of section headers:          57272 (bytes into file)
  Flags:                             0x0
  Size of this header:               64 (bytes)
  Size of program headers:           56 (bytes)
  Number of program headers:         11
  Size of section headers:           64 (bytes)
  Number of section headers:         23
  Section header string table index: 19

Section Headers:
  [Nr] Name              Type             Address           Offset
       Size              EntSize          Flags  Link  Info  Align
  [ 0]                   NULL             0000000000000000  00000000
       0000000000000000  0000000000000000           0     0     0
  [ 1] .dynsym           DYNSYM           0000000000000308  00000308
       0000000000000540  0000000000000018   A      21     1     8
  [ 2] .gnu.version      VERSYM           0000000000000848  00000848
       0000000000000070  0000000000000002   A       1     0     2
  [ 3] .gnu.version_r    VERNEED          00000000000008b8  000008b8
       0000000000000020  0000000000000000   A      21     1     4
  [ 4] .gnu.hash         GNU_HASH         00000000000008d8  000008d8
       00000000000000fc  0000000000000000   A       1     0     8
  [ 5] .hash             HASH             00000000000009d4  000009d4
       00000000000001c8  0000000000000004   A       1     0     4
  [ 6] .rela.dyn         RELA             0000000000000e80  00000e80
       0000000000000210  0000000000000018   A       1     0     8
  [ 7] .rela.plt         RELA             0000000000001090  00001090
       00000000000003a8  0000000000000018  AI       1    16     8
  [ 8] .rodata           PROGBITS         0000000000001440  00001440
       0000000000000a02  0000000000000000 AMS       0     0     16
  [ 9] .eh_frame_hdr     PROGBITS         0000000000001e44  00001e44
       000000000000000c  0000000000000000   A       0     0     4
  [10] .eh_frame         PROGBITS         0000000000001e50  00001e50
       0000000000000004  0000000000000000   A       0     0     4
  [11] .text             PROGBITS         0000000000002e54  00001e54
       000000000000ad70  0000000000000000  AX       0     0     4
  [12] .plt              PROGBITS         000000000000dbd0  0000cbd0
       0000000000000290  0000000000000000  AX       0     0     16
  [13] .data.rel.ro      PROGBITS         000000000000ee60  0000ce60
       0000000000000088  0000000000000000  WA       0     0     8
  [14] .fini_array       FINI_ARRAY       000000000000eee8  0000cee8
       0000000000000010  0000000000000008  WA       0     0     8
  [15] .got              PROGBITS         000000000000f068  0000d068
       0000000000000018  0000000000000000  WA       0     0     8
  [16] .got.plt          PROGBITS         000000000000f080  0000d080
       0000000000000150  0000000000000000  WA       0     0     8
  [17] .data             PROGBITS         00000000000101d0  0000d1d0
       0000000000000c00  0000000000000000  WA       0     0     4
  [18] .comment          PROGBITS         0000000000000000  0000ddd0
       0000000000000115  0000000000000001  MS       0     0     1
  [19] .shstrtab         STRTAB           0000000000000000  0000dee5
       00000000000000ce  0000000000000000           0     0     1
  [20] .dynamic          DYNAMIC          0000000000020000  00010000
       0000000000000180  0000000000000010  WA      21     0     8
  [21] .dynstr           STRTAB           0000000000020180  00010180
       00000000000002ea  0000000000000000   A       0     0     8
  [22] .note.androi[...] NOTE             0000000000020470  00010470
       0000000000000098  0000000000000000   A       0     0     4
Key to Flags:
  W (write), A (alloc), X (execute), M (merge), S (strings), I (info),
  L (link order), O (extra OS processing required), G (group), T (TLS),
  C (compressed), x (unknown), o (OS specific), E (exclude),
  D (mbind), p (processor specific)

There are no section groups in this file.

Program Headers:
  Type           Offset             VirtAddr           PhysAddr
                 FileSiz            MemSiz              Flags  Align
  PHDR           0x0000000000000040 0x0000000000000040 0x0000000000000040
                 0x0000000000000268 0x0000000000000268  R      0x8
  LOAD           0x0000000000000000 0x0000000000000000 0x0000000000000000
                 0x0000000000001e54 0x0000000000001e54  R      0x1000
  GNU_STACK      0x0000000000000000 0x0000000000000000 0x0000000000000000
                 0x0000000000000000 0x0000000000000000  RW     0x0
  GNU_EH_FRAME   0x0000000000001e44 0x0000000000001e44 0x0000000000001e44
                 0x000000000000000c 0x000000000000000c  R      0x4
  LOAD           0x0000000000001e54 0x0000000000002e54 0x0000000000002e54
                 0x000000000000b00c 0x000000000000b00c  R E    0x1000
  LOAD           0x000000000000ce60 0x000000000000ee60 0x000000000000ee60
                 0x0000000000000370 0x0000000000000370  RW     0x1000
  GNU_RELRO      0x000000000000ce60 0x000000000000ee60 0x000000000000ee60
                 0x0000000000000370 0x00000000000011a0  R      0x1
  LOAD           0x000000000000d1d0 0x00000000000101d0 0x00000000000101d0
                 0x0000000000000c00 0x0000000000000c00  RW     0x1000
  DYNAMIC        0x0000000000010000 0x0000000000020000 0x0000000000020000
                 0x0000000000000180 0x0000000000000180  RW     0x8
  LOAD           0x0000000000010000 0x0000000000020000 0x0000000000020000
                 0x0000000000000508 0x0000000000000508  RW     0x10000
  NOTE           0x0000000000010470 0x0000000000020470 0x0000000000020470
                 0x0000000000000098 0x0000000000000098  R      0x4

 Section to Segment mapping:
  Segment Sections...
   00     
   01     .dynsym .gnu.version .gnu.version_r .gnu.hash .hash .rela.dyn .rela.plt .rodata .eh_frame_hdr .eh_frame 
   02     
   03     .eh_frame_hdr 
   04     .text .plt 
   05     .data.rel.ro .fini_array .got .got.plt 
   06     .data.rel.ro .fini_array .got .got.plt 
   07     .data 
   08     .dynamic 
   09     .dynamic .dynstr .note.android.ident 
   10     .note.android.ident 

Dynamic section at offset 0x10000 contains 24 entries:
  Tag        Type                         Name/Value
 0x000000000000000e (SONAME)             Library soname: [libbz2.so]
 0x0000000000000001 (NEEDED)             Shared library: [libc.so]
 0x000000000000001e (FLAGS)              BIND_NOW
 0x000000006ffffffb (FLAGS_1)            Flags: NOW
 0x0000000000000007 (RELA)               0xe80
 0x0000000000000008 (RELASZ)             528 (bytes)
 0x0000000000000009 (RELAENT)            24 (bytes)
 0x000000006ffffff9 (RELACOUNT)          19
 0x0000000000000017 (JMPREL)             0x1090
 0x0000000000000002 (PLTRELSZ)           936 (bytes)
 0x0000000000000003 (PLTGOT)             0xf080
 0x0000000000000014 (PLTREL)             RELA
 0x0000000000000006 (SYMTAB)             0x308
 0x000000000000000b (SYMENT)             24 (bytes)
 0x0000000000000005 (STRTAB)             0x20180
 0x000000000000000a (STRSZ)              746 (bytes)
 0x000000006ffffef5 (GNU_HASH)           0x8d8
 0x0000000000000004 (HASH)               0x9d4
 0x000000000000001a (FINI_ARRAY)         0xeee8
 0x000000000000001c (FINI_ARRAYSZ)       16 (bytes)
 0x000000006ffffff0 (VERSYM)             0x848
 0x000000006ffffffe (VERNEED)            0x8b8
 0x000000006fffffff (VERNEEDNUM)         1
 0x0000000000000000 (NULL)               0x0

Relocation section '.rela.dyn' at offset 0xe80 contains 22 entries:
  Offset          Info           Type           Sym. Value    Sym. Name + Addend
00000000ee60  000000000403 R_AARCH64_RELATIV                    ee60
00000000ee68  000000000403 R_AARCH64_RELATIV                    1bd4
00000000ee70  000000000403 R_AARCH64_RELATIV                    1c1b
00000000ee78  000000000403 R_AARCH64_RELATIV                    1ce7
00000000ee80  000000000403 R_AARCH64_RELATIV                    1c2a
00000000ee88  000000000403 R_AARCH64_RELATIV                    1bc9
00000000ee90  000000000403 R_AARCH64_RELATIV                    1c06
00000000ee98  000000000403 R_AARCH64_RELATIV                    1d9c
00000000eea0  000000000403 R_AARCH64_RELATIV                    1bd7
00000000eea8  000000000403 R_AARCH64_RELATIV                    1be6
00000000eeb0  000000000403 R_AARCH64_RELATIV                    14c8
00000000eeb8  000000000403 R_AARCH64_RELATIV                    1c17
00000000eec0  000000000403 R_AARCH64_RELATIV                    1c17
00000000eec8  000000000403 R_AARCH64_RELATIV                    1c17
00000000eed0  000000000403 R_AARCH64_RELATIV                    1c17
00000000eed8  000000000403 R_AARCH64_RELATIV                    1c17
00000000eee0  000000000403 R_AARCH64_RELATIV                    1c17
00000000eee8  000000000403 R_AARCH64_RELATIV                    2e64
00000000eef0  000000000403 R_AARCH64_RELATIV                    2e54
00000000f068  000300000401 R_AARCH64_GLOB_DA 0000000000000000 __sF@LIBC + 0
00000000f078  003300000401 R_AARCH64_GLOB_DA 00000000000101d0 BZ2_crc32Table + 0
00000000f070  003400000401 R_AARCH64_GLOB_DA 00000000000105d0 BZ2_rNums + 0

Affected versions

r23

I’ve used the latest NDK version: 25.2.9519653, and the problem still exists.

Canary version

No response

Host OS

Mac

Host OS version

macOS 13.2.1

Affected ABIs

arm64-v8a

Build system

CMake

Other build system

No response

minSdkVersion

21

Device API level

29
@cyxcw1 cyxcw1 added the bug label Apr 13, 2023
@cyxcw1
Copy link
Author

cyxcw1 commented Apr 13, 2023

We can Reproduce it by the description in this issue: #1865

@enh-google
Copy link
Collaborator

although it's "only" a warning, i think

W/linker: Warning: "/data/app/com.test.csdk.sample_app-ZWeY82cnmYLTHIVMDD5iuQ==/lib/arm64/libbz2.so" unused DT entry: unknown (type 0x5858585858585858 arg 0x0) (ignoring)

is your real problem. 0x5858585858585858 doesn't look remotely like a a DT_* constant, so i suspect you've corrupted your ELF file... (you did mention that you were doing some post-processing. i suggest trying to load the ELF file "fresh" from the linker, to confirm that it's the post-processing that's corrupting it.)

@leleliu008
Copy link

NixOS/patchelf#480

It's most likely a bug that patchelf introduced. I will write a C/C++ compiler driver wrapper to inject -Wl,-soname,libxx.so option when building a shared library rather than using patchelf to chang DT_SONAME

@cyxcw1
Copy link
Author

cyxcw1 commented Apr 14, 2023

@enh-google @leleliu008 , thanks.
With @leleliu008 's help, I solve this problem. This problem was cause after I using patchelf to change DT_SONAME

@cyxcw1 cyxcw1 closed this as completed Apr 14, 2023
@cyxcw1
Copy link
Author

cyxcw1 commented Apr 14, 2023

@enh-google
Why the .so file is corrupted, readelf can still read the info?

@enh-google
Copy link
Collaborator

@enh-google Why the .so file is corrupted, readelf can still read the info?

because it's different code? having written toybox's readelf for the device myself, and having been somewhat involved in bionic's dynamic linker too, i can say they're very different.

(i'd be curious to know what adb shell readelf and llvm-readelf say about your corrupt file. let me know if either of them crashes :-) i wonder if gnu readelf [which you seem to have used] just stops trying to read the dynamic section if it hits an obviously nonsense entry? certainly gnu ld does some weird stuff in there, and i had to add a special case to toybox readelf to not dump all the terminating null entries, since gnu ld can leave a lot lying around, rather than the obvious single one!)

@cyxcw1
Copy link
Author

cyxcw1 commented Apr 15, 2023

re.txt
@enh-google This is the result I used llvm-readelf to the corrupt file. The command:

./toolchains/llvm/prebuilt/darwin-x86_64/bin/llvm-readelf -a /Users/cyxcw1/.ndk-pkg/install.d/android/21/bzip2-tmp/arm64-v8a/lib-no-versioning/libbz2.so > ~/Downloads/re.txt

I could not use adb shell readelf:

/system/bin/sh: readelf: inaccessible or not found

Here is the file:
https://drive.google.com/file/d/1TfoppEfw9-tqG5sKP1w1VmV2uXlJR6Iq/view?usp=sharing

@enh-google
Copy link
Collaborator

/system/bin/sh: readelf: inaccessible or not found

if you're on an old version of Android, you won't have it; it was added in Android R: https://android.googlesource.com/platform/system/core/+/master/shell_and_utilities/README.md

here's Android U:

~/aosp-master-with-phones/bionic$ adb shell readelf -aW /data/local/tmp/libbz2.so
ELF Header:
  Magic:   7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00
  Class:                             ELF64
  Data:                              2's complement, little endian
  Version:                           1 (current)
  OS/ABI:                            UNIX - System V
  ABI Version:                       0
  Type:                              DYN (Shared object file)
  Machine:                           arm64
  Version:                           0x1
  Entry point address:               0x2e54
  Start of program headers:          64 (bytes into file)
  Start of section headers:          57272 (bytes into file)
  Flags:                             0x0
  Size of this header:               64 (bytes)
  Size of program headers:           56 (bytes)
  Number of program headers:         11
  Size of section headers:           64 (bytes)
  Number of section headers:         23
  Section header string table index: 19

Section Headers:
  [Nr] Name              Type            Address          Off    Size   ES Flg Lk Inf Al
  [ 0]                   NULL            0000000000000000 000000 000000 00      0  0  0
  [ 1] .dynsym           DYNSYM          0000000000000308 000308 000540 18   A 21  1  8
  [ 2] .gnu.version      VERSYM          0000000000000848 000848 000070 02   A  1  0  2
  [ 3] .gnu.version_r    VERNEED         00000000000008b8 0008b8 000020 00   A 21  1  4
  [ 4] .gnu.hash         GNU_HASH        00000000000008d8 0008d8 0000fc 00   A  1  0  8
  [ 5] .hash             HASH            00000000000009d4 0009d4 0001c8 04   A  1  0  4
  [ 6] .rela.dyn         RELA            0000000000000e80 000e80 000210 18   A  1  0  8
  [ 7] .rela.plt         RELA            0000000000001090 001090 0003a8 18  AI  1 16  8
  [ 8] .rodata           PROGBITS        0000000000001440 001440 000a02 00 AMS  0  0 16
  [ 9] .eh_frame_hdr     PROGBITS        0000000000001e44 001e44 00000c 00   A  0  0  4
  [10] .eh_frame         PROGBITS        0000000000001e50 001e50 000004 00   A  0  0  4
  [11] .text             PROGBITS        0000000000002e54 001e54 00ad70 00  AX  0  0  4
  [12] .plt              PROGBITS        000000000000dbd0 00cbd0 000290 00  AX  0  0 16
  [13] .data.rel.ro      PROGBITS        000000000000ee60 00ce60 000088 00  WA  0  0  8
  [14] .fini_array       FINI_ARRAY      000000000000eee8 00cee8 000010 08  WA  0  0  8
  [15] .got              PROGBITS        000000000000f068 00d068 000018 00  WA  0  0  8
  [16] .got.plt          PROGBITS        000000000000f080 00d080 000150 00  WA  0  0  8
  [17] .data             PROGBITS        00000000000101d0 00d1d0 000c00 00  WA  0  0  4
  [18] .comment          PROGBITS        0000000000000000 00ddd0 000115 01  MS  0  0  1
  [19] .shstrtab         STRTAB          0000000000000000 00dee5 0000ce 00      0  0  1
  [20] .dynamic          DYNAMIC         0000000000020000 010000 000180 10  WA 21  0  8
  [21] .dynstr           STRTAB          0000000000020180 010180 0002ea 00   A  0  0  8
  [22] .note.android.ident NOTE            0000000000020470 010470 000098 00   A  0  0  4
Key:
  (W)rite, (A)lloc, e(X)ecute, (M)erge, (S)trings, (I)nfo
  (L)ink order, (O)S, (G)roup, (T)LS, (C)ompressed, x=unknown

Program Headers:
  Type           Offset   VirtAddr           PhysAddr           FileSiz MemSiz  Flg Align
  PHDR           0x000040 0x0000000000000040 0x0000000000000040 0x00268 0x00268 R   0x8
  LOAD           0x000000 0x0000000000000000 0x0000000000000000 0x01e54 0x01e54 R   0x1000
  GNU_STACK      0x000000 0x0000000000000000 0x0000000000000000 0x00000 0x00000 RW  0
  GNU_EH_FRAME   0x001e44 0x0000000000001e44 0x0000000000001e44 0x0000c 0x0000c R   0x4
  LOAD           0x001e54 0x0000000000002e54 0x0000000000002e54 0x0b00c 0x0b00c R E 0x1000
  LOAD           0x00ce60 0x000000000000ee60 0x000000000000ee60 0x00370 0x00370 RW  0x1000
  GNU_RELRO      0x00ce60 0x000000000000ee60 0x000000000000ee60 0x00370 0x011a0 R   0x1
  LOAD           0x00d1d0 0x00000000000101d0 0x00000000000101d0 0x00c00 0x00c00 RW  0x1000
  DYNAMIC        0x010000 0x0000000000020000 0x0000000000020000 0x00180 0x00180 RW  0x8
phdr 9 has bad offset/size 65536/1288phdr 10 has bad offset/size 66672/152
 Section to Segment mapping:
  Segment Sections...
   00     
   01     .dynsym .gnu.version .gnu.version_r .gnu.hash .hash .rela.dyn .rela.plt .rodata .eh_frame_hdr .eh_frame 
   02     
   03     .eh_frame_hdr 
   04     .text .plt 
   05     .data.rel.ro .fini_array .got .got.plt 
   06     .data.rel.ro .fini_array .got .got.plt 
   07     .data 
   08     .dynamic 
phdr 9 has bad offset/size 65536/1288phdr 10 has bad offset/size 66672/152
Dynamic section at offset 0x10000 contains 24 entries:
  Tag                Type                 Name/Value
 0x000000000000000e (SONAME)             Library soname: [libbz2.so]
 0x0000000000000001 (NEEDED)             Shared library: [libc.so]
 0x000000000000001e (FLAGS)              BIND_NOW
 0x000000006ffffffb (FLAGS_1)            Flags: NOW
 0x0000000000000007 (RELA)               0xe80
 0x0000000000000008 (RELASZ)             528 (bytes)
 0x0000000000000009 (RELAENT)            24 (bytes)
 0x000000006ffffff9 (RELACOUNT)          19
 0x0000000000000017 (JMPREL)             0x1090
 0x0000000000000002 (PLTRELSZ)           936 (bytes)
 0x0000000000000003 (PLTGOT)             0xf080
 0x0000000000000014 (PLTREL)             RELA
 0x0000000000000006 (SYMTAB)             0x308
 0x000000000000000b (SYMENT)             24 (bytes)
 0x0000000000000005 (STRTAB)             0x20180
 0x000000000000000a (STRSZ)              746 (bytes)
 0x000000006ffffef5 (GNU_HASH)           0x8d8
 0x0000000000000004 (HASH)               0x9d4
 0x000000000000001a (FINI_ARRAY)         0xeee8
 0x000000000000001c (FINI_ARRAYSZ)       16 (bytes)
 0x000000006ffffff0 (VERSYM)             0x848
 0x000000006ffffffe (VERNEED)            0x8b8
 0x000000006fffffff (VERNEEDNUM)         1
 0x0000000000000000 (NULL)               0x0

Symbol table '.dynsym' contains 56 entries:
   Num:            Value  Size Type    Bind   Vis      Ndx Name
     0: 0000000000000000     0 NOTYPE  LOCAL  DEFAULT  UND 
     1: 0000000000000000     0 FUNC    GLOBAL DEFAULT  UND __cxa_finalize
     2: 0000000000000000     0 FUNC    GLOBAL DEFAULT  UND __cxa_atexit
     3: 0000000000000000     0 OBJECT  GLOBAL DEFAULT  UND __sF
     4: 0000000000000000     0 FUNC    GLOBAL DEFAULT  UND fprintf
     5: 0000000000000000     0 FUNC    GLOBAL DEFAULT  UND fwrite
     6: 0000000000000000     0 FUNC    GLOBAL DEFAULT  UND memcpy
     7: 0000000000000000     0 FUNC    GLOBAL DEFAULT  UND memset
     8: 0000000000000000     0 FUNC    GLOBAL DEFAULT  UND fputc
     9: 0000000000000000     0 FUNC    GLOBAL DEFAULT  UND exit
    10: 0000000000000000     0 FUNC    GLOBAL DEFAULT  UND fclose
    11: 0000000000000000     0 FUNC    GLOBAL DEFAULT  UND fdopen
    12: 0000000000000000     0 FUNC    GLOBAL DEFAULT  UND ferror
    13: 0000000000000000     0 FUNC    GLOBAL DEFAULT  UND fflush
    14: 0000000000000000     0 FUNC    GLOBAL DEFAULT  UND fgetc
    15: 0000000000000000     0 FUNC    GLOBAL DEFAULT  UND fopen
    16: 0000000000000000     0 FUNC    GLOBAL DEFAULT  UND fread
    17: 0000000000000000     0 FUNC    GLOBAL DEFAULT  UND free
    18: 0000000000000000     0 FUNC    GLOBAL DEFAULT  UND malloc
    19: 0000000000000000     0 FUNC    GLOBAL DEFAULT  UND strlen
    20: 0000000000000000     0 FUNC    GLOBAL DEFAULT  UND ungetc
    21: 000000000000b48c    96 FUNC    GLOBAL DEFAULT   11 BZ2_bz__AssertH__fail
    22: 000000000000d220   156 FUNC    GLOBAL DEFAULT   11 BZ2_bzReadClose
    23: 000000000000da50    32 FUNC    GLOBAL DEFAULT   11 BZ2_bzerror
    24: 000000000000d998     8 FUNC    GLOBAL DEFAULT   11 BZ2_bzflush
    25: 000000000000d73c    16 FUNC    GLOBAL DEFAULT   11 BZ2_bzopen
    26: 0000000000004d54 15188 FUNC    GLOBAL DEFAULT   11 BZ2_compressBlock
    27: 000000000000bc5c   128 FUNC    GLOBAL DEFAULT   11 BZ2_bzCompressEnd
    28: 000000000000cd5c   324 FUNC    GLOBAL DEFAULT   11 BZ2_bzWrite
    29: 000000000000ceb0   504 FUNC    GLOBAL DEFAULT   11 BZ2_bzWriteClose64
    30: 000000000000d95c    60 FUNC    GLOBAL DEFAULT   11 BZ2_bzwrite
    31: 00000000000047d0   964 FUNC    GLOBAL DEFAULT   11 BZ2_hbMakeCodeLengths
    32: 000000000000bda4    52 FUNC    GLOBAL DEFAULT   11 BZ2_indexIntoF
    33: 000000000000b6d8   396 FUNC    GLOBAL DEFAULT   11 BZ2_bzCompress
    34: 000000000000cba8   128 FUNC    GLOBAL DEFAULT   11 BZ2_bzDecompressEnd
    35: 000000000000d2bc   456 FUNC    GLOBAL DEFAULT   11 BZ2_bzRead
    36: 000000000000d90c    80 FUNC    GLOBAL DEFAULT   11 BZ2_bzread
    37: 000000000000d534   268 FUNC    GLOBAL DEFAULT   11 BZ2_bzBuffToBuffCompress
    38: 000000000000bdd8  3536 FUNC    GLOBAL DEFAULT   11 BZ2_bzDecompress
    39: 000000000000cc28   308 FUNC    GLOBAL DEFAULT   11 BZ2_bzWriteOpen
    40: 000000000000b4ec    12 FUNC    GLOBAL DEFAULT   11 BZ2_bzlibVersion
    41: 000000000000d640   252 FUNC    GLOBAL DEFAULT   11 BZ2_bzBuffToBuffDecompress
    42: 000000000000d0a8   376 FUNC    GLOBAL DEFAULT   11 BZ2_bzReadOpen
    43: 000000000000d9a0   176 FUNC    GLOBAL DEFAULT   11 BZ2_bzclose
    44: 000000000000d8f8    20 FUNC    GLOBAL DEFAULT   11 BZ2_bzdopen
    45: 0000000000002e90  3664 FUNC    GLOBAL DEFAULT   11 BZ2_blockSort
    46: 0000000000004d48    12 FUNC    GLOBAL DEFAULT   11 BZ2_bsInitWrite
    47: 000000000000b4f8   452 FUNC    GLOBAL DEFAULT   11 BZ2_bzCompressInit
    48: 000000000000d4c0   116 FUNC    GLOBAL DEFAULT   11 BZ2_bzReadGetUnused
    49: 0000000000004b94   100 FUNC    GLOBAL DEFAULT   11 BZ2_hbAssignCodes
    50: 0000000000004bf8   336 FUNC    GLOBAL DEFAULT   11 BZ2_hbCreateDecodeTables
    51: 00000000000101d0  1024 OBJECT  GLOBAL DEFAULT   17 BZ2_crc32Table
    52: 00000000000105d0  2048 OBJECT  GLOBAL DEFAULT   17 BZ2_rNums
    53: 0000000000008a38 10836 FUNC    GLOBAL DEFAULT   11 BZ2_decompress
    54: 000000000000bcdc   200 FUNC    GLOBAL DEFAULT   11 BZ2_bzDecompressInit
    55: 000000000000cea0    16 FUNC    GLOBAL DEFAULT   11 BZ2_bzWriteClose

Displaying notes found in: .note.android.ident
  Owner                 Data size	Description
  Android              0x00000084	NT_VERSION	API level 21, NDK r22b (7171670)

where the only complaints are:

phdr 9 has bad offset/size 65536/1288

and

phdr 10 has bad offset/size 66672/152

which llvm-readelf shows as

  LOAD           0x010000 0x0000000000020000 0x0000000000020000 0x000508 0x000508 RW  0x10000
  NOTE           0x010470 0x0000000000020470 0x0000000000020470 0x000098 0x000098 R   0x4

the file is 66824 bytes long, so there's an off-by-one there, and i think it's in our readelf, so i'll fix that.

anyway... your .so file's dynamic section looks fine:

00010000  0e 00 00 00 00 00 00 00 e0 02 00 00 00 00 00 00  N@@@@@@@?B@@@@@@
00010010  01 00 00 00 00 00 00 00 d3 02 00 00 00 00 00 00  A@@@@@@@?B@@@@@@
00010020  1e 00 00 00 00 00 00 00 08 00 00 00 00 00 00 00  ^@@@@@@@H@@@@@@@
00010030  fb ff ff 6f 00 00 00 00 01 00 00 00 00 00 00 00  ???o@@@@A@@@@@@@
00010040  07 00 00 00 00 00 00 00 80 0e 00 00 00 00 00 00  G@@@@@@@?N@@@@@@
00010050  08 00 00 00 00 00 00 00 10 02 00 00 00 00 00 00  H@@@@@@@PB@@@@@@
00010060  09 00 00 00 00 00 00 00 18 00 00 00 00 00 00 00  I@@@@@@@X@@@@@@@
00010070  f9 ff ff 6f 00 00 00 00 13 00 00 00 00 00 00 00  ???o@@@@S@@@@@@@
00010080  17 00 00 00 00 00 00 00 90 10 00 00 00 00 00 00  W@@@@@@@?P@@@@@@
00010090  02 00 00 00 00 00 00 00 a8 03 00 00 00 00 00 00  B@@@@@@@?C@@@@@@
000100a0  03 00 00 00 00 00 00 00 80 f0 00 00 00 00 00 00  C@@@@@@@??@@@@@@
000100b0  14 00 00 00 00 00 00 00 07 00 00 00 00 00 00 00  T@@@@@@@G@@@@@@@
000100c0  06 00 00 00 00 00 00 00 08 03 00 00 00 00 00 00  F@@@@@@@HC@@@@@@
000100d0  0b 00 00 00 00 00 00 00 18 00 00 00 00 00 00 00  K@@@@@@@X@@@@@@@
000100e0  05 00 00 00 00 00 00 00 80 01 02 00 00 00 00 00  E@@@@@@@?AB@@@@@
000100f0  0a 00 00 00 00 00 00 00 ea 02 00 00 00 00 00 00  J@@@@@@@?B@@@@@@
00010100  f5 fe ff 6f 00 00 00 00 d8 08 00 00 00 00 00 00  ???o@@@@?H@@@@@@
00010110  04 00 00 00 00 00 00 00 d4 09 00 00 00 00 00 00  D@@@@@@@?I@@@@@@
00010120  1a 00 00 00 00 00 00 00 e8 ee 00 00 00 00 00 00  Z@@@@@@@??@@@@@@
00010130  1c 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00  \@@@@@@@P@@@@@@@
00010140  f0 ff ff 6f 00 00 00 00 48 08 00 00 00 00 00 00  ???o@@@@HH@@@@@@
00010150  fe ff ff 6f 00 00 00 00 b8 08 00 00 00 00 00 00  ???o@@@@?H@@@@@@
00010160  ff ff ff 6f 00 00 00 00 01 00 00 00 00 00 00 00  ???o@@@@A@@@@@@@
00010170  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  @@@@@@@@@@@@@@@@

those seem like the right entries, in the right order, with a single DT_NULL at the end. the string table follows, and although there are large sections of 'X'es in the ELF file (corresponding to the 0x58585858'58585858 that the dynamic linker complained about), there's nothing down here near the end of the file.

okay, time to actually try this on an arm64 device!

(there will now be a short intermission while i find a suitable device, build for it, flash it, and test it...)

@enh-google
Copy link
Collaborator

hmm... your libbz2.so with sha256 ac03f5e33e6c90edeed67646588c2d068f4d868f058cb6f432161589528b3b05 dlopen()s fine for me on AOSP master.

what version of Android were you having trouble on?

landley pushed a commit to landley/toybox that referenced this issue May 18, 2023
@enh-google @landley
readelf: fix an off-by-one and improve warnings.
f1682dc 
Factor out the existing section header/program header/note section
bounds checks to ensure they all behave the same (rather than program
headers being the odd one out) and so they all have much more detailed
(and convincing) error messages.

Bug: android/ndk#1866
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@leleliu008 @cyxcw1 @enh-google