fix: support runtime DWARF endianness

Load DWARF sections with the object's runtime endianness and keep that
reader through call-site, CFI, and expression parsing so big-endian
DWARF stays correct.

Add targeted big-endian regressions for call_target expressions and
DW_OP_addr decoding.

Author: swananan

ghostscope-dwarf/src/binary/mapped_file.rs

@@ -2,6 +2,8 @@ use std::ops::Deref;
 use std::path::{Path, PathBuf};
 use std::sync::Arc;
 
+use object::{Endianness, Object};
+
 /// Internal helper for mmap-backed file access and object parsing.
 #[derive(Debug)]
 pub(crate) struct MappedFile {
@@ -29,19 +31,24 @@ impl MappedFile {
     }
 
     /// Create a DWARF reader over the whole mapped file.
-    pub fn dwarf_reader(file: Arc<Self>) -> DwarfReader {
-        DwarfReader::new(DwarfBytes::Mapped(file), gimli::LittleEndian)
+    pub fn dwarf_reader(file: Arc<Self>, endian: DwarfEndian) -> DwarfReader {
+        DwarfReader::new(DwarfBytes::Mapped(file), endian)
     }
 
     /// Create a DWARF reader over a file range without copying the mapped data.
-    pub fn dwarf_reader_range(file: Arc<Self>, start: u64, size: u64) -> Option<DwarfReader> {
+    pub fn dwarf_reader_range(
+        file: Arc<Self>,
+        start: u64,
+        size: u64,
+        endian: DwarfEndian,
+    ) -> Option<DwarfReader> {
         let start = usize::try_from(start).ok()?;
         let size = usize::try_from(size).ok()?;
         let end = start.checked_add(size)?;
         if end > file.as_bytes().len() {
             return None;
         }
-        Some(Self::dwarf_reader(file).range(start..end))
+        Some(Self::dwarf_reader(file, endian).range(start..end))
     }
 }
 
@@ -66,13 +73,30 @@ impl Deref for DwarfBytes {
 unsafe impl gimli::StableDeref for DwarfBytes {}
 unsafe impl gimli::CloneStableDeref for DwarfBytes {}
 
-pub(crate) type DwarfReader = gimli::EndianReader<gimli::LittleEndian, DwarfBytes>;
+pub(crate) type DwarfEndian = gimli::RunTimeEndian;
+pub(crate) type DwarfReader = gimli::EndianReader<DwarfEndian, DwarfBytes>;
 pub(crate) type DwarfData = gimli::Dwarf<DwarfReader>;
 
+#[cfg(test)]
 pub(crate) fn dwarf_reader_from_arc(bytes: Arc<[u8]>) -> DwarfReader {
-    DwarfReader::new(DwarfBytes::Owned(bytes), gimli::LittleEndian)
+    dwarf_reader_from_arc_with_endian(bytes, gimli::RunTimeEndian::Little)
+}
+
+#[cfg(test)]
+pub(crate) fn dwarf_reader_from_arc_with_endian(
+    bytes: Arc<[u8]>,
+    endian: DwarfEndian,
+) -> DwarfReader {
+    DwarfReader::new(DwarfBytes::Owned(bytes), endian)
 }
 
-pub(crate) fn empty_dwarf_reader() -> DwarfReader {
-    dwarf_reader_from_arc(Arc::<[u8]>::from(&[][..]))
+pub(crate) fn empty_dwarf_reader_with_endian(endian: DwarfEndian) -> DwarfReader {
+    DwarfReader::new(DwarfBytes::Owned(Arc::<[u8]>::from(&[][..])), endian)
+}
+
+pub(crate) fn dwarf_endian_from_object(object: &object::File<'_>) -> DwarfEndian {
+    match object.endianness() {
+        Endianness::Little => gimli::RunTimeEndian::Little,
+        Endianness::Big => gimli::RunTimeEndian::Big,
+    }
 }

ghostscope-dwarf/src/binary/mod.rs

@@ -2,6 +2,9 @@ pub(crate) mod debuglink;
 pub(crate) mod mapped_file;
 
 pub(crate) use debuglink::try_load_debug_file;
+pub(crate) use mapped_file::{
+    dwarf_endian_from_object, empty_dwarf_reader_with_endian, DwarfData, DwarfEndian, DwarfReader,
+    MappedFile,
+};
 #[cfg(test)]
-pub(crate) use mapped_file::dwarf_reader_from_arc;
-pub(crate) use mapped_file::{empty_dwarf_reader, DwarfData, DwarfReader, MappedFile};
+pub(crate) use mapped_file::{dwarf_reader_from_arc, dwarf_reader_from_arc_with_endian};

ghostscope-dwarf/src/index/block_index.rs

@@ -554,14 +554,11 @@ impl<'a> BlockIndexBuilder<'a> {
         entry: &gimli::DebuggingInformationEntry<DwarfReader>,
     ) -> Option<u64> {
         let attr = entry.attr(gimli::constants::DW_AT_call_target)?;
-        let gimli::AttributeValue::Exprloc(expr) = attr.value() else {
+        let gimli::AttributeValue::Exprloc(mut expr) = attr.value() else {
             return None;
         };
-        let expr_bytes = expr.0.to_slice().ok()?;
-        let mut expression =
-            gimli::Expression(gimli::EndianSlice::new(&expr_bytes, gimli::LittleEndian));
-        let first = gimli::Operation::parse(&mut expression.0, unit.encoding()).ok()?;
-        if !expression.0.is_empty() {
+        let first = gimli::Operation::parse(&mut expr.0, unit.encoding()).ok()?;
+        if !expr.0.is_empty() {
             return None;
         }
         match first {
@@ -589,14 +586,11 @@ impl<'a> BlockIndexBuilder<'a> {
         entry: &gimli::DebuggingInformationEntry<DwarfReader>,
     ) -> Option<u16> {
         let attr = entry.attr(gimli::constants::DW_AT_location)?;
-        let gimli::AttributeValue::Exprloc(expr) = attr.value() else {
+        let gimli::AttributeValue::Exprloc(mut expr) = attr.value() else {
             return None;
         };
-        let expr_bytes = expr.0.to_slice().ok()?;
-        let mut expression =
-            gimli::Expression(gimli::EndianSlice::new(&expr_bytes, gimli::LittleEndian));
-        let first = gimli::Operation::parse(&mut expression.0, unit.encoding()).ok()?;
-        if !expression.0.is_empty() {
+        let first = gimli::Operation::parse(&mut expr.0, unit.encoding()).ok()?;
+        if !expr.0.is_empty() {
             return None;
         }
         match first {
@@ -623,9 +617,9 @@ impl<'a> BlockIndexBuilder<'a> {
                 _ => None,
             }
         })?;
-        let expr_bytes = expr.0.to_slice().ok()?;
         ExpressionEvaluator::parse_expression_to_steps_in_unit(
-            &expr_bytes,
+            expr.0.to_slice().ok().as_deref().unwrap_or(&[]),
+            expr.0.endian(),
             unit,
             self.dwarf,
             return_pc,
@@ -634,17 +628,15 @@ impl<'a> BlockIndexBuilder<'a> {
             None,
         )
         .ok()
-        .or_else(|| Self::lower_entry_value_call_site_register(unit, &expr_bytes))
+        .or_else(|| Self::lower_entry_value_call_site_register(unit, expr))
     }
 
     fn lower_entry_value_call_site_register(
         unit: &gimli::Unit<DwarfReader>,
-        expr_bytes: &[u8],
+        mut expr: gimli::Expression<DwarfReader>,
     ) -> Option<Vec<ComputeStep>> {
-        let mut expression =
-            gimli::Expression(gimli::EndianSlice::new(expr_bytes, gimli::LittleEndian));
-        let first = gimli::Operation::parse(&mut expression.0, unit.encoding()).ok()?;
-        if !expression.0.is_empty() {
+        let first = gimli::Operation::parse(&mut expr.0, unit.encoding()).ok()?;
+        if !expr.0.is_empty() {
             return None;
         }
         let gimli::Operation::EntryValue { expression: inner } = first else {
@@ -681,13 +673,13 @@ impl<'a> BlockIndexBuilder<'a> {
 #[cfg(test)]
 mod tests {
     use super::*;
-    use crate::binary::dwarf_reader_from_arc;
+    use crate::binary::{dwarf_reader_from_arc, dwarf_reader_from_arc_with_endian};
     use gimli::constants;
     use gimli::write::{
         Address, AttributeValue as WriteAttributeValue, Dwarf as WriteDwarf, EndianVec,
         Expression as WriteExpression, LineProgram, Sections, Unit,
     };
-    use gimli::{Format, LittleEndian, Register};
+    use gimli::{BigEndian, Format, LittleEndian, Register};
     use std::sync::Arc;
 
     fn build_call_site_fixture(
@@ -906,6 +898,95 @@ mod tests {
         (read_dwarf, cu_offset)
     }
 
+    fn build_big_endian_call_target_expr_fixture(
+    ) -> (gimli::Dwarf<DwarfReader>, gimli::DebugInfoOffset) {
+        let encoding = gimli::Encoding {
+            format: Format::Dwarf32,
+            version: 5,
+            address_size: 8,
+        };
+
+        let mut dwarf = WriteDwarf::new();
+        let unit_id = dwarf.units.add(Unit::new(encoding, LineProgram::none()));
+        let unit = dwarf.units.get_mut(unit_id);
+        let root = unit.root();
+
+        let caller_id = unit.add(root, constants::DW_TAG_subprogram);
+        let caller = unit.get_mut(caller_id);
+        caller.set(
+            constants::DW_AT_name,
+            WriteAttributeValue::String(b"caller".to_vec()),
+        );
+        caller.set(
+            constants::DW_AT_low_pc,
+            WriteAttributeValue::Address(Address::Constant(0x1000)),
+        );
+        caller.set(constants::DW_AT_high_pc, WriteAttributeValue::Udata(0x40));
+
+        let callee_id = unit.add(root, constants::DW_TAG_subprogram);
+        let callee = unit.get_mut(callee_id);
+        callee.set(
+            constants::DW_AT_name,
+            WriteAttributeValue::String(b"callee".to_vec()),
+        );
+        callee.set(
+            constants::DW_AT_low_pc,
+            WriteAttributeValue::Address(Address::Constant(0x1200)),
+        );
+        callee.set(constants::DW_AT_high_pc, WriteAttributeValue::Udata(0x10));
+
+        let call_site_id = unit.add(caller_id, constants::DW_TAG_call_site);
+        let mut target_expr = WriteExpression::new();
+        target_expr.op_addr(Address::Constant(0x1200));
+        unit.get_mut(call_site_id).set(
+            constants::DW_AT_call_target,
+            WriteAttributeValue::Exprloc(target_expr),
+        );
+        unit.get_mut(call_site_id).set(
+            constants::DW_AT_call_return_pc,
+            WriteAttributeValue::Address(Address::Constant(0x1018)),
+        );
+
+        let param_id = unit.add(call_site_id, constants::DW_TAG_call_site_parameter);
+        let param = unit.get_mut(param_id);
+        let mut location = WriteExpression::new();
+        location.op_reg(Register(5));
+        param.set(
+            constants::DW_AT_location,
+            WriteAttributeValue::Exprloc(location),
+        );
+        let mut value = WriteExpression::new();
+        value.op_constu(42);
+        param.set(
+            constants::DW_AT_call_value,
+            WriteAttributeValue::Exprloc(value),
+        );
+
+        let mut sections = Sections::new(EndianVec::new(BigEndian));
+        dwarf.write(&mut sections).unwrap();
+
+        let dwarf_sections: gimli::DwarfSections<Vec<u8>> = gimli::DwarfSections::load(|id| {
+            Ok::<_, gimli::Error>(
+                sections
+                    .get(id)
+                    .map(|section| section.slice().to_vec())
+                    .unwrap_or_default(),
+            )
+        })
+        .unwrap();
+
+        let read_dwarf = dwarf_sections.borrow(|section| {
+            dwarf_reader_from_arc_with_endian(
+                Arc::<[u8]>::from(section.as_slice()),
+                gimli::RunTimeEndian::Big,
+            )
+        });
+        let mut units = read_dwarf.units();
+        let header = units.next().unwrap().unwrap();
+        let cu_offset = header.debug_info_offset().unwrap();
+        (read_dwarf, cu_offset)
+    }
+
     #[test]
     fn build_for_unit_indexes_standard_call_site_values() {
         let (dwarf, cu_offset) = build_call_site_fixture(
@@ -1178,6 +1259,30 @@ mod tests {
         );
     }
 
+    #[test]
+    fn add_functions_links_big_endian_incoming_call_sites_by_call_target_expr() {
+        let (dwarf, cu_offset) = build_big_endian_call_target_expr_fixture();
+        let builder = BlockIndexBuilder::new(&dwarf);
+        let functions = builder
+            .build_for_unit(cu_offset)
+            .expect("fixture CU should build");
+
+        let mut block_index = BlockIndex::new();
+        block_index.add_functions(functions);
+
+        let callee = block_index
+            .find_function_by_pc(0x1200)
+            .expect("callee function should be indexed");
+        let incoming = callee
+            .incoming_call_sites
+            .get(&0x1018)
+            .map(Vec::as_slice)
+            .expect("callee should have one incoming call site");
+        assert_eq!(incoming.len(), 1);
+        assert_eq!(incoming[0].call_origin, None);
+        assert_eq!(incoming[0].call_target, Some(0x1200));
+    }
+
     #[test]
     fn entry_value_parameter_lookup_uses_nearest_prior_return_pc() {
         let mut function = FunctionBlocks::new(gimli::DebugInfoOffset(0), gimli::UnitOffset(0));

ghostscope-dwarf/src/index/cfi_index.rs

@@ -4,7 +4,7 @@
 //! by utilizing eh_frame_hdr's binary search table when available.
 
 use crate::{
-    binary::{DwarfReader, MappedFile},
+    binary::{dwarf_endian_from_object, DwarfReader, MappedFile},
     core::{CallerFrameRecovery, CfaResult, ComputeStep, Result},
 };
 use anyhow::{anyhow, Context};
@@ -46,6 +46,7 @@ impl CfiIndex {
         let object = file_data
             .parse_object()
             .context("Failed to parse object file")?;
+        let endian = dwarf_endian_from_object(&object);
 
         // Load eh_frame section (required)
         let eh_frame_section = object
@@ -56,9 +57,13 @@ impl CfiIndex {
         let (eh_frame_start, eh_frame_size) = eh_frame_section
             .file_range()
             .ok_or_else(|| anyhow!(".eh_frame section has no file range"))?;
-        let eh_frame_reader =
-            MappedFile::dwarf_reader_range(Arc::clone(&file_data), eh_frame_start, eh_frame_size)
-                .ok_or_else(|| anyhow!("Invalid .eh_frame range in mapped file"))?;
+        let eh_frame_reader = MappedFile::dwarf_reader_range(
+            Arc::clone(&file_data),
+            eh_frame_start,
+            eh_frame_size,
+            endian,
+        )
+        .ok_or_else(|| anyhow!("Invalid .eh_frame range in mapped file"))?;
         let eh_frame = EhFrame::from(eh_frame_reader);
 
         // Try to load eh_frame_hdr for fast lookup (optional)
@@ -67,9 +72,13 @@ impl CfiIndex {
                 let (hdr_start, hdr_size) = hdr_section_obj
                     .file_range()
                     .ok_or_else(|| anyhow!(".eh_frame_hdr section has no file range"))?;
-                let hdr_reader =
-                    MappedFile::dwarf_reader_range(Arc::clone(&file_data), hdr_start, hdr_size)
-                        .ok_or_else(|| anyhow!("Invalid .eh_frame_hdr range in mapped file"))?;
+                let hdr_reader = MappedFile::dwarf_reader_range(
+                    Arc::clone(&file_data),
+                    hdr_start,
+                    hdr_size,
+                    endian,
+                )
+                .ok_or_else(|| anyhow!("Invalid .eh_frame_hdr range in mapped file"))?;
                 let hdr_section = EhFrameHdr::from(hdr_reader);
 
                 // Parse with proper address_size

ghostscope-dwarf/src/objfile/loading.rs

@@ -1,6 +1,9 @@
 use super::LoadedObjfile;
 use crate::{
-    binary::{empty_dwarf_reader, try_load_debug_file, DwarfData, MappedFile},
+    binary::{
+        dwarf_endian_from_object, empty_dwarf_reader_with_endian, try_load_debug_file, DwarfData,
+        MappedFile,
+    },
     core::{mapping::ModuleMapping, Result},
     index::{BlockIndex, CfiIndex, TypeNameIndex},
     parser::DetailedParser,
@@ -239,18 +242,20 @@ impl LoadedObjfile {
 
     fn load_dwarf_sections(file_data: &Arc<MappedFile>) -> Result<DwarfData> {
         let object = file_data.parse_object()?;
+        let endian = dwarf_endian_from_object(&object);
 
         let load_section = |id: gimli::SectionId| -> Result<_> {
             if let Some(section) = object.section_by_name(id.name()) {
                 if let Some((start, size)) = section.file_range() {
-                    MappedFile::dwarf_reader_range(Arc::clone(file_data), start, size).ok_or_else(
-                        || anyhow::anyhow!("Invalid DWARF section range for {}", id.name()),
-                    )
+                    MappedFile::dwarf_reader_range(Arc::clone(file_data), start, size, endian)
+                        .ok_or_else(|| {
+                            anyhow::anyhow!("Invalid DWARF section range for {}", id.name())
+                        })
                 } else {
-                    Ok(empty_dwarf_reader())
+                    Ok(empty_dwarf_reader_with_endian(endian))
                 }
             } else {
-                Ok(empty_dwarf_reader())
+                Ok(empty_dwarf_reader_with_endian(endian))
             }
         };
 

ghostscope-dwarf/src/objfile/variables.rs

@@ -628,6 +628,7 @@ impl LoadedObjfile {
                         gimli::AttributeValue::Exprloc(expr) => {
                             ExpressionEvaluator::parse_expression_in_unit(
                                 expr.0.to_slice().ok().as_deref().unwrap_or(&[]),
+                                expr.0.endian(),
                                 &unit,
                                 dwarf,
                                 pc,