[llvm] [llvm-debuginfo-analyzer] Fix a couple of unhandled DWARF situations leading to a crash (PR #137221)
Javier Lopez-Gomez via llvm-commits
llvm-commits at lists.llvm.org
Thu Apr 24 11:08:27 PDT 2025
https://github.com/jalopezg-git created https://github.com/llvm/llvm-project/pull/137221
This pull request fixes a couple of unhandled situations in DWARF input leading to a crash. Specifically,
- If the DWARF input contains a declaration of a C variadic function (where `...` translates to `DW_TAG_unspecified_parameters`), which is then followed by a definition, `llvm_unreachable()` is hit in `LVScope::addMissingElements()`.
This is only visible in Debug builds (see stack trace below), but still. `test-dwarf-clang-unspec-params.elf` triggers this condition.
```
Invalid symbol kind.
UNREACHABLE executed at /home/jalopezg/repos/llvm-project/llvm/lib/DebugInfo/LogicalView/Core/LVScope.cpp:345!
PLEASE submit a bug report to https://github.com/llvm/llvm-project/issues/ and include the crash backtrace.
Stack dump:
0. Program arguments: _build/Debug/bin/llvm-debuginfo-analyzer --print=all --attribute=all /tmp/test-dwarf-clang-unspec-params.elf
#0 0x00005577295666f6 llvm::sys::PrintStackTrace(llvm::raw_ostream&, int) /home/jalopezg/repos/llvm-project/llvm/lib/Support/Unix/Signals.inc:804:22
#1 0x0000557729566b09 PrintStackTraceSignalHandler(void*) /home/jalopezg/repos/llvm-project/llvm/lib/Support/Unix/Signals.inc:880:1
#2 0x0000557729563f1f llvm::sys::RunSignalHandlers() /home/jalopezg/repos/llvm-project/llvm/lib/Support/Signals.cpp:105:20
#3 0x0000557729565fb4 SignalHandler(int, siginfo_t*, void*) /home/jalopezg/repos/llvm-project/llvm/lib/Support/Unix/Signals.inc:418:13
#4 0x00007fc5ff23e710 (/usr/lib/libc.so.6+0x3e710)
#5 0x00007fc5ff28e83c (/usr/lib/libc.so.6+0x8e83c)
#6 0x00007fc5ff23e668 gsignal (/usr/lib/libc.so.6+0x3e668)
#7 0x00007fc5ff2264b8 abort (/usr/lib/libc.so.6+0x264b8)
#8 0x00005577294ad073 bindingsErrorHandler(void*, char const*, bool) /home/jalopezg/repos/llvm-project/llvm/lib/Support/ErrorHandling.cpp:223:55
#9 0x0000557728f56b0c llvm::logicalview::LVScope::addMissingElements(llvm::logicalview::LVScope*) /home/jalopezg/repos/llvm-project/llvm/lib/DebugInfo/LogicalView/Core/LVScope.cpp:322:5
#10 0x0000557728f5f4b7 llvm::logicalview::LVScopeFunction::resolveReferences() /home/jalopezg/repos/llvm-project/llvm/lib/DebugInfo/LogicalView/Core/LVScope.cpp:1773:9
```
- Parsing of instructions in `LVBinaryReader::createInstructions()` does not check whether `Offset` lies within the `Bytes` ArrayRef. A specially crafted DWARF input can lead to this condition.
FYI, @CarlosAlbertoEnciso. I believe this patchset is ready; feel free to start review.
>From 31fe4a89f1a81708ddef85bceb8d80c53763b969 Mon Sep 17 00:00:00 2001
From: Javier Lopez-Gomez <javier.lopez.gomez at proton.me>
Date: Thu, 24 Apr 2025 19:44:14 +0200
Subject: [PATCH 1/2] [llvm-debuginfo-analyzer] Fix parsing of instructions
beyond section contents
---
llvm/lib/DebugInfo/LogicalView/Readers/LVBinaryReader.cpp | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/llvm/lib/DebugInfo/LogicalView/Readers/LVBinaryReader.cpp b/llvm/lib/DebugInfo/LogicalView/Readers/LVBinaryReader.cpp
index ad14baa0c9269..b12208c53b8e3 100644
--- a/llvm/lib/DebugInfo/LogicalView/Readers/LVBinaryReader.cpp
+++ b/llvm/lib/DebugInfo/LogicalView/Readers/LVBinaryReader.cpp
@@ -433,6 +433,13 @@ Error LVBinaryReader::createInstructions(LVScope *Scope,
ArrayRef<uint8_t> Bytes = arrayRefFromStringRef(*SectionContentsOrErr);
uint64_t Offset = Address - SectionAddress;
+ if (Offset > Bytes.size()) {
+ LLVM_DEBUG({
+ dbgs() << "offset (" << hexValue(Offset) << ") is beyond section size ("
+ << hexValue(Bytes.size()) << "); malformed input?\n";
+ });
+ return Error::success();
+ }
uint8_t const *Begin = Bytes.data() + Offset;
uint8_t const *End = Bytes.data() + Offset + Size;
>From 8b5f4dc99570c5a9933cc46662e2083fd788d47c Mon Sep 17 00:00:00 2001
From: Javier Lopez-Gomez <javier.lopez.gomez at proton.me>
Date: Thu, 24 Apr 2025 19:44:14 +0200
Subject: [PATCH 2/2] [llvm-debuginfo-analyzer] LVScope::addMissingElements:
fix handling of unspecified parameters
---
.../DebugInfo/LogicalView/Core/LVScope.cpp | 5 ++-
.../DebugInfo/LogicalView/DWARFReaderTest.cpp | 33 +++++++++++++++++-
.../Inputs/test-dwarf-clang-unspec-params.elf | Bin 0 -> 16800 bytes
3 files changed, 36 insertions(+), 2 deletions(-)
create mode 100755 llvm/unittests/DebugInfo/LogicalView/Inputs/test-dwarf-clang-unspec-params.elf
diff --git a/llvm/lib/DebugInfo/LogicalView/Core/LVScope.cpp b/llvm/lib/DebugInfo/LogicalView/Core/LVScope.cpp
index 8bbaf93db0caa..f187b1a57bd45 100644
--- a/llvm/lib/DebugInfo/LogicalView/Core/LVScope.cpp
+++ b/llvm/lib/DebugInfo/LogicalView/Core/LVScope.cpp
@@ -330,13 +330,16 @@ void LVScope::addMissingElements(LVScope *Reference) {
Symbol->setIsOptimized();
Symbol->setReference(Reference);
- // The symbol can be a constant, parameter or variable.
+ // The symbol can be a constant, parameter, variable or unspecified
+ // parameters (i.e. `...`).
if (Reference->getIsConstant())
Symbol->setIsConstant();
else if (Reference->getIsParameter())
Symbol->setIsParameter();
else if (Reference->getIsVariable())
Symbol->setIsVariable();
+ else if (Reference->getIsUnspecified())
+ Symbol->setIsUnspecified();
else
llvm_unreachable("Invalid symbol kind.");
}
diff --git a/llvm/unittests/DebugInfo/LogicalView/DWARFReaderTest.cpp b/llvm/unittests/DebugInfo/LogicalView/DWARFReaderTest.cpp
index c062c15481da9..7262da634d18d 100644
--- a/llvm/unittests/DebugInfo/LogicalView/DWARFReaderTest.cpp
+++ b/llvm/unittests/DebugInfo/LogicalView/DWARFReaderTest.cpp
@@ -30,6 +30,7 @@ extern const char *TestMainArgv0;
namespace {
const char *DwarfClang = "test-dwarf-clang.o";
+const char *DwarfClangUnspecParams = "test-dwarf-clang-unspec-params.elf";
const char *DwarfGcc = "test-dwarf-gcc.o";
// Helper function to get the first compile unit.
@@ -37,7 +38,7 @@ LVScopeCompileUnit *getFirstCompileUnit(LVScopeRoot *Root) {
EXPECT_NE(Root, nullptr);
const LVScopes *CompileUnits = Root->getScopes();
EXPECT_NE(CompileUnits, nullptr);
- EXPECT_EQ(CompileUnits->size(), 1u);
+ EXPECT_GT(CompileUnits->size(), 0u);
LVScopes::const_iterator Iter = CompileUnits->begin();
EXPECT_NE(Iter, nullptr);
@@ -124,6 +125,32 @@ void checkElementProperties(LVReader *Reader) {
ASSERT_EQ(Lines->size(), 0x12u);
}
+// Check proper handling of DW_AT_unspecified_parameters in
+// LVScope::addMissingElements().
+void checkUnspecifiedParameters(LVReader *Reader) {
+ LVScopeRoot *Root = Reader->getScopesRoot();
+ LVScopeCompileUnit *CompileUnit = getFirstCompileUnit(Root);
+
+ EXPECT_EQ(Root->getFileFormatName(), "elf64-x86-64");
+ EXPECT_EQ(Root->getName(), DwarfClangUnspecParams);
+
+ const LVPublicNames &PublicNames = CompileUnit->getPublicNames();
+ ASSERT_EQ(PublicNames.size(), 1u);
+
+ LVPublicNames::const_iterator IterNames = PublicNames.cbegin();
+ LVScope *Function = (*IterNames).first;
+ EXPECT_EQ(Function->getName(), "foo_printf");
+ const LVElements *Elements = Function->getChildren();
+ ASSERT_NE(Elements, nullptr);
+ EXPECT_EQ(std::any_of(
+ Elements->begin(), Elements->end(),
+ [](const LVElement *elt) {
+ return elt->getIsSymbol() &&
+ static_cast<const LVSymbol *>(elt)->getIsUnspecified();
+ }),
+ true);
+}
+
// Check the logical elements selection.
void checkElementSelection(LVReader *Reader) {
LVScopeRoot *Root = Reader->getScopesRoot();
@@ -253,6 +280,7 @@ void elementProperties(SmallString<128> &InputsDir) {
ReaderOptions.setAttributePublics();
ReaderOptions.setAttributeRange();
ReaderOptions.setAttributeLocation();
+ ReaderOptions.setAttributeInserted();
ReaderOptions.setPrintAll();
ReaderOptions.resolveDependencies();
@@ -264,6 +292,9 @@ void elementProperties(SmallString<128> &InputsDir) {
std::unique_ptr<LVReader> Reader =
createReader(ReaderHandler, InputsDir, DwarfClang);
checkElementProperties(Reader.get());
+
+ Reader = createReader(ReaderHandler, InputsDir, DwarfClangUnspecParams);
+ checkUnspecifiedParameters(Reader.get());
}
// Logical elements selection.
diff --git a/llvm/unittests/DebugInfo/LogicalView/Inputs/test-dwarf-clang-unspec-params.elf b/llvm/unittests/DebugInfo/LogicalView/Inputs/test-dwarf-clang-unspec-params.elf
new file mode 100755
index 0000000000000000000000000000000000000000..67c6e71fbf7b93f456b519d2b75f72a7d6b64fb7
GIT binary patch
literal 16800
zcmeHOYitzP6~43Uwbw6fu)!uEJR}%_sK;Idj+0<mV;go=^N2C!AtjUb?%H0--gS1z
z$e at VO(ELD%ivDRURjnGefBL6ss#I$Gqg_gs7Nx0(+DcUF5BGse(nmm{6-^|z-<dgQ
zJq+upZKSGF=UOx0Ip?15-ZN+JyuA0mI5N5~plM1<Q0-Qv>CKKM$`y<KEC8aaUo~R?
zn0i!IL$9)JPJPq?)H>xx;6V(tJqRRTI|&tVy<=8_5+Nb+mMs(z6+u1@;)Tf0x)+af
z2ZB;x?oTH&if- at Ac$rl}H;+PC>~b6y2Oh*8&PzX|@JJ=zZRXu(p5S$kQ&93rIiane
z^XWw$byReFuauW}oOxaxW`9BIgUXScR_Z_L?=bTkbh{bl#Z8V`2}*xYgD0nyT|N at z
zG>>tA%bf?E^DoHhRoye0iM}1(GpVkbOm=>uYoWidt8a%<$QiwMzZ4hsL1SwF!J{g0
zP8G=}e3DzSQCg|~_{*j4FSWf{8&9 at npKIv))55M@)zSuW$cGBqXp=&9vWe|q!F_Og
zw1Ok`vZ{iejzzCvr at kxMKe3Emnda1NE^8L7MBXw at WyZ%3n5lF=J(Vd~>HPSCp_yDZ
zJ)W4DNjr6wYs}<A!ko-x6Em4Ja5Ql?lHBHOB9m3n3sx$*Z5y4DK2m4P(o_<zq(#V{
zbnN>_<9mn9USs<XC1S6!lMXn5bEMgSq-oGU3zYHm`sY56VHZ?iWZV2BnOfp}jhs>B
zx|Zvyd8K2&#n-Lai`-y1>eP!}^x_`JPGg*MF6E~#yWA?M?z+p)m#$5@;j+8O(W1+4
z-v^}wAN>sY8SpdUXTZ;Zp8-Dueg^)pGVp%Wh7V%r{~V583|;G1D)w^G3Y4zL&i^=k
z)y at OeNB$DO at b<H at 3%`q<|HJLW<0Fw`<XY^~z#TZ0R-Xs!?xfMw at fq76_U}<UmqOnr
zc;cS58ck1f)3v3=rjB#uc$E?U7i|BXFA;3LAG>fncIB^oVpr}3W7-?Bx9?l6XkaHd
z5H2lFHgyay at hQG@10$$b^V^Tc&JVn6K#X0uX*I?!4s3?KwE6~2x00n&>5b5O7_?`u
zF2#Fwa!GFLh$?FDohkToe37Edxv2vOHt^O8rG7AoUcOHsc#+~eH{f2*V>xrE^NXJW
zKLdUS{0#UR at H60Nz|Vl60Y3wN2K)^88TcQ`0R7(8ne0qaING}4Q#z1-PinngD(xb?
zQ!0%EHvwlz$3{gvGp4kKW^G+VP53f?up&GCR)77yQfV_e4A<Ddc#(Yvw(p`n_wQ6x
zIg0IDu(t#K;%C6mfS&<B1AYel4EP!FGvH^y&w!r+KLZ~x12P{`<{!%3!YOW6^iv-F
zoJXfQkyIKSC{K`VWIe|79 at nxi^CH)=F7q89VO{1&%KUDr|J(gij$FRVAB!?q at i0$j
zr1_Clid<jksOnY5dPe!CT+O;b4GU3jSo$rp9g{olBK!|aPCPK$uJ>7QW<GxUwd0jM
z;&ay4oyq1({eyM)w=Z|`Uj>;zzFem=4|V_0(3AQW%tqd-N46WiMnv!J>D}Jb-xE>E
znM8I<Kb6iGGP$fC=`(sT^Y$Pb3 at OddjixrT1S3tWb#mrN+Oc4j(r6ZHP&-<!v>`}U
zDijJ;RmULK9KbGAQ?049B%qyVfp&{M5KdwXXmnC&3v^+pssgX5;1eY5#V({my8+d~
zYOSU!TobmPwPRrwT!6WD8oNN9_Ov!!r;P`i2bHQ1AquK%cmcacRb3ORT0zYzZKc-P
z*%AtN=G&Uv)^)C2x2n3(2D+h<7;QhZHrpBOe6s$j`gqG84ESJ31=_`ca45vkCKc at 5
zU0;v!Sly)JEjYr>HZ0rv4pdW{0nme*MwF_Jusx0 at LJqfjsnHq|>+5%;GQ1R*1VK^N
z#<Uk(UeeZnTEjJ17e|O^(Q>_^Ed{@8Ejc!X?7$i+>=jO|>Qi(G81au&IyCLW6^#Tm
z$gx4_u*Z8)>j*T3HfZ*>@SFF)Ss!j}{a{<m&pZG4+V5Y%1zQ`?`L>{i0(GqcOtjYi
zy_Riy;X8MYw^pCMd;MpZtW_J%{K#&(hg)t9)z-BjXPQ=Ve4a{R?s&m6l5=ya+nSwI
z=E+FUWG-jU<uh4p^6)2<XVj9aV1t^UO;{>9oyaSiY;JQ+b8u{I at Pv6JesaVdKXG^j
zbKC8i=yXG*Ov#bb4UP0F9RiBPImGeWLAawTcd-fHd{<F)+uDeY{*^{!au^$3CWo+X
z!6ts=kjani&tP-=KM#G`Lg%ka-6?q;=zd<wPJWf_YwQM^%Ii366}zq2G}WTK_Z?b2
zq2cgu at qBdgr-N%&YgBVoEDrt(pu?^_b~@md3NvwZ2q+j6cA>jQrF9RdVPA!(mz)k7
z>{RG(vof$o$^FkZVs{Z6`O9gQ`}bGK9%xkZyc7Sg+y0_0;je8w+Tr>C_Wwp<yF&H=
zu3oka<0lX(9&a9g0XyZ#n}<c)-lp245M1RZ<Yv|OP&;>E*Ij-hHfoja>zA>sibL2m
z@#HW^V&=ZF!2=^^Y<NtW!zT_79*7SqbN}d}y at R9Xp?&*~jEtM(gL_9uus$T6N>~Xj
z1v!M}9jQ##oG+wPSn%Oq{}FYs*sw1;(@Yg|=5!*PqGcoxU(vL5B=hjHk#a*=1!BU(
zf(urpm?H;=X{m}yp*X8d5LcGMm?#v)@KFm{Dy(^_xUNMRh10WEVghL89h?>kx1Mx<
zP8r#pl{Tib^Tu30H<!*^r(LFr`3zPhWm0S!+#Bz*5>v`{pH38}m61A~MHdcQd8dXS
z*$*ft>hkHC1QC>B=fbek3zjnM)EW7leO`?8v^kki%%;uh6d0m83^S3>ClDSnL`HLo
z*-R3B<<J&(#@q}9r!izx8Ohx2Y#O&&BbA<*pTcRF%!!<sn8>G3iH3z&X_1j65fdqj
z#37Rl&QDo~Xyzs-3u&t$1N&nly}#lT!0U`t+WAHxDDSUaZTpH$_!u^N=M;WF^96O(
zxl7osK<>ll<{xLiAU!nPMec)Qi$iepUtqqVE{=>|{xR79j(1pzU*5|F<@n{j+#7!a
zeB9;A$1m^gf|t2pijndxe7QeoV55+wfB6m&d=+)>LT$JUJp}0;UHIiECqF^udq(0H
zKS6pv&^y2A^4>2<FQ-(z at jF(fE<vE23O~yI3KrQ>`u86H7f?^fB=zOz1wS|B`-+<>
zKL<tsvWKrTPjHJTVO%YAd!3uRe|hc+())tDc*oB-P)U3_ex<WFV=b!!UjA#SaPu3O
zC%8$7j9&f^J^UW#3qHp at 0m;AU*C606!ybcVlkZwtPwMp-U69^inp}MO?!DDTtu2jr
zM_bZ`|65ehx#!Ea{5~b?gJm5sjXx^Flk at m4Y?MFY%R0kiH+efRlaA!<g)jIX%x=EC
zx7}jCT&L28 at C5I9_$tbtJq}8oY%Rwx`h5u0mc%dbMa|5Ye#D<*b(bIvWMlVomGHfG
z;R`k}zf5Ey%EVuKDugHI_GS335yyk#a~F at QHZQ|(qZetE*BvPDz5HJ0dyn%?=ASAv
z9YOel1I+ihsln}z#oMm%#6Qk_uix{`m;VQezwiZ5Fkk8gFEXD#fZRoRVk5nL?-3(#
wk@?5DawBYX4as<taZUFp8G8`RrJo+mD1Dv|Ju1FYD)Y1SWsNf9A$U~vPgc_ET>t<8
literal 0
HcmV?d00001
More information about the llvm-commits
mailing list