ELFUTILS DEBUGINFOD

elfutils debuginfod is a client/server in elfutils 0.178+ that automatically distributes elf/dwarf/source-code from servers to clients such as debuggers across HTTP.

servers

Anyone may run debuginfod servers for their private purposes. Software publishers are invited to run public servers for use by the community. Heck, anyone may run servers based on redistributable artifacts from others. To configure a client tool to use them, simply add any of the server URLs to your $DEBUGINFOD_URLS environment variable (space-separated).

private servers

To run your own server, identify the directories containing raw build files, or RPM packages, or DEB packages, or any combination, plus any desired upstream federated servers. Launch debuginfod into the background, or use systemd. 
% export DEBUGINFOD_URLS=https://foo.bar/   # list of federated upstream servers, if any
% debuginfod [-F $files] [-R $rpms] [-U $debs] &
Then, configure clients to talk to this server: 
% export DEBUGINFOD_URLS=http://localhost:8002/

public servers

The following public services currently [2025-01] welcome users.
The first one federates to others, so 
% export DEBUGINFOD_URLS="https://debuginfod.elfutils.org/ $DEBUGINFOD_URLS"
% export DEBUGINFOD_PROGRESS=1    # for optional download progress reporting
will get you to most of them. If your distro offers a server, you may prefer to link to that one directly, for authoritative service. IMA means serving per-file signatures, which allows a debuginfod client to cryptographically verify downloads in ima:enforcing mode. Public keys may be found on your operating system, or at our git server.


serverstatusIMA operatordistropackagesarchitectures
https://debuginfod.elfutils.org/ online mixed fche@redhat.com federates selected servers, ima:enforcing if possible
https://debuginfod.systemtap.org/ experimental mixed fche@redhat.com rhel (ubi8/9/10), rpmfusion all all
https://debuginfod.opensuse.org/ official no openSUSE Tumbleweed all all
https://debuginfod.s.voidlinux.org/ temp. offline no ericonr@disroot.org void linux most most
https://debuginfod.debian.net/ official no sergiodj@debian.org debian linux main distributions amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
https://debuginfod.fedoraproject.org/ official yes (f39+) fche@redhat.com fedora 35+ all all
https://debuginfod.altlinux.org/ testing ruby impl. no vt@altlinux.org alt linux all x86_64, i586, aarch64, armh, ppc64le
https://debuginfod.archlinux.org/ official no foxboron@archlinux.org arch linux all all
https://debuginfod.artixlinux.org/ official no nous@artixlinux.org artix linux all all
https://debuginfod.centos.org/ official yes fche@redhat.com centos all all
https://debuginfod.ubuntu.com/ official no sergiodj@ubuntu.com Support Ubuntu releases all all


clients

debuginfod client-side support is under construction or already available in a variety of binary-related utilities. We summarize current upstream status [2025-01] below. Note that distros may lag behind upstream developments.


toolstatus
elfutils released in version 0.178, 2019-11
systemtap automatic via elfutils
dwarves automatic via elfutils
dwgrep automatic via elfutils
ltrace automatic via elfutils
libabigail automatic via elfutils
QT Creator perfparser automatic via elfutils
drgn automatic via elfutils
binutils released in version 2.34, 2020-02
gdb released in version 10.1, 2020-10
dyninst released in version 11.0 2021-04
valgrind released in version 3.17.0, 2021-03
annocheck released in version 9.03, 2020-01
delve released in version 1.7.2, 2021-09
llvm symbolizer merged, server merged, lldb help wanted, see also
bpftrace released in version 0.21.0, 2021-07
perf released in linux 5.10, 2021-01
systemd-coredumpd help wanted
retrace/abrt/faf in progress amerey@redhat.com
vtune help wanted
pixie help wanted
sentry symbolicator partly released partly help wanted
VS Code automatic via gdb
WinDbg released in version 1.2104.13002.0, 2021-04
UDB released in version 6.5
parca released in version 0.8.0, 2022-02

smoke tests

Print a stack traceback of a live process: 
% eu-stack -v -p $$
PID 3063417 - process
TID 3063417:
#0  0x0000151bf53f2e3c     __GI___sigsuspend - /usr/lib64/libc-2.31.so
../sysdeps/unix/sysv/linux/sigsuspend.c:26:10
#1  0x000055fd754de91b - 1 signal_suspend - /usr/bin/zsh
/usr/src/debug/zsh-5.8-1.fc32.x86_64/Src/signals.c:393:11
#2  0x000055fd754a8f7b - 1 zwaitjob - /usr/bin/zsh
/usr/src/debug/zsh-5.8-1.fc32.x86_64/Src/jobs.c:1603:6
...
#8  0x000055fd754a4bd6 - 1 zsh_main - /usr/bin/zsh
/usr/src/debug/zsh-5.8-1.fc32.x86_64/Src/init.c:1781:6
#9  0x0000151bf53dd042 - 1 __libc_start_main - /usr/lib64/libc-2.31.so
../csu/libc-start.c:308:16
#10 0x000055fd754689fe - 1 _start - /usr/bin/zsh


Fetch a source file: 
% cat `debuginfod-find source 245240a31888ad5c11bbc55b18e02d87388f59a9 \
       /usr/src/debug/glibc-2.37-4.fc38.x86_64/locale/setlocale.c `
[source code]


Apply crypto verification to a download. Requires elfutils 0.192 or later. 
# ... no need for these next two steps on Fedora hosts with /etc/keys/ima
% git clone --depth 1 https://sourceware.org/git/elfutils.git -b ima-keys ima-keys
% export DEBUGINFOD_IMA_CERT_PATH=`pwd`/ima-keys

% export DEBUGINFOD_URLS="ima:enforcing https://debuginfod.elfutils.org/"
% export DEBUGINFOD_VERBOSE=1
% debuginfod-find debuginfo 1ba84b92a0ae2a9fa2f1b8033a583c6eb223c204
...
Downloading from https://debuginfod.elfutils.org/ 62112/62112
server response No error
got file from server
Searching for ima keyid 388b603e
Computed ima signature verification res=0
valid signature
Search for metadata. Requires elfutils 0.192 or later. 
% export DEBUGINFOD_URLS="https://debuginfod.elfutils.org/"
% debuginfod-find metadata glob '/lib/libc.so.*'
"results":[
{
"type":"executable",
"buildid":"00cacb752c0c4e3a153479fe803de1309e403b41",
"file":"/lib/libc.so.6",
"archive":"/mnt/fedora_koji_prod/koji/packages/glibc/2.36.9000/19.fc38/i686/glibc-2.36.9000-19.fc38.i686.rpm"
},
...
],
"complete":false
}
% debuginfod-find metadata glob '/lib/libc.so.*' | jq '.results | length'
282

more readings