This is an archive of the discontinued LLVM Phabricator instance.

[Object] Skip section offset checking for /<XFGHASHMAP>/
ClosedPublic

Authored by psamolysov-intel on Feb 28 2022, 12:07 AM.

Details

Summary

Starting from Windows SDK for Windows 11 (10.0.22000.x), all the system
libraries (.lib files) contain a section with the '/<XFGHASHMAP>/' name.
This looks like the libraries are built with control flow guard enabled:
https://docs.microsoft.com/en-us/cpp/build/reference/guard-enable-control-flow-guard?view=msvc-170

To let the LLVM tools (llvm-ar, llvm-lib) work with these libraries,
this patch just skips the section offset check for sections with the
'/<XFGHASHMAP>/' name.

Closes: llvm/llvm-project#53814

Signed-off-by: Pavel Samolysov <pavel.samolysov@intel.com>

Diff Detail

Event Timeline

psamolysov-intel created this object with edit policy "Administrators".
psamolysov-intel requested review of this revision.Feb 28 2022, 12:07 AM
psamolysov-intel edited the summary of this revision. (Show Details)Feb 28 2022, 12:52 AM
psamolysov-intel changed the edit policy from "Administrators" to "All Users".Feb 28 2022, 1:05 AM
thieta requested changes to this revision.Feb 28 2022, 1:06 AM
thieta added a subscriber: thieta.

Thanks for doing this. I think it looks sane over all, but I would like to see:

  • Better comment about the symbol
  • A test that cover this symbol and that we skip it and not bomb out, like we currently do.
llvm/lib/Object/Archive.cpp
259

I think this comment could be more descriptive. We should say what this symbol is for and that we just skip it for now.

This revision now requires changes to proceed.Feb 28 2022, 1:06 AM
mstorsjo added a subscriber: mstorsjo.

Can you add a testcase, e.g. somewhere in llvm/test/tools/llvm-ar or similar?

llvm/lib/Object/Archive.cpp
166

This change seems unrelated to the rest. Even if some cleanliness tool might complain about deviations from the coding convention, we normally don't change much outside of what the patch itself covers.

Thank you for the comments. I'm going to revert the part about end->End renaming and add a test (or a few).

Unfortunately, I have no idea how to create a library with the /<XFGHASHMAP>/ section. I'm trying to use /guard:cf directive for the compiler as well as for the linker with VS 2019 and 2022 but the generated library contains no such section. I've seen such section only in the standard libraries shipped with Microsoft Windows SDK for Windows 11 but (Kernel32.Lib, for example), as I understand, we cannot attach a 3rd party (Microsoft in this case) library to our project. I tried to create a DLL and interface library for it with a dependency from another DLL or a DLL that contain the DllMain entry point, no success. Any help is welcome.

Unfortunately, I have no idea how to create a library with the /<XFGHASHMAP>/ section. I'm trying to use /guard:cf directive for the compiler as well as for the linker with VS 2019 and 2022 but the generated library contains no such section. I've seen such section only in the standard libraries shipped with Microsoft Windows SDK for Windows 11 but (Kernel32.Lib, for example), as I understand, we cannot attach a 3rd party (Microsoft in this case) library to our project. I tried to create a DLL and interface library for it with a dependency from another DLL or a DLL that contain the DllMain entry point, no success. Any help is welcome.

I'm not really familiar with the Windows lib format, but in traditional GNU archives, you can basically just concatenate a new archive member to the end of an existing archive and it'll just work. If that works for Windows libs too, you could do that using python, maybe?

Thanks @jhenderson for the idea to use python to insert (or replace in my case) a section. I've updated the patch and added a test for the llvm-lib tool to list sections from a library with /<XFGHASHMAP>/. I've made a patch using the git diff -U8000 command and I'm not sure the binary file (the library for the test) has been uploaded well. If not, could you share with me the required command to attach the binary content to the patch?

Thanks @jhenderson for the idea to use python to insert (or replace in my case) a section. I've updated the patch and added a test for the llvm-lib tool to list sections from a library with /<XFGHASHMAP>/. I've made a patch using the git diff -U8000 command and I'm not sure the binary file (the library for the test) has been uploaded well. If not, could you share with me the required command to attach the binary content to the patch?

We try to avoid using canned binaries as test inputs. Could you generate an archive at test time, and then append the relevant bit using python then? There are a few examples in the lit testsuite of invoking python at test time to do various bits of manipulation.

FWIW, I don't believe you can upload a binary to Phabricator.

psamolysov-intel marked an inline comment as done.Mar 1 2022, 12:13 AM

Thank you for the suggestion. I've added a python script to replace a section with /<XFGHASHMAP>/ and re-created a test to generate the library on the fly.

psamolysov-intel marked an inline comment as done.Mar 1 2022, 1:37 AM
thieta accepted this revision.Mar 1 2022, 1:46 AM

Thanks! This looks great!

This revision is now accepted and ready to land.Mar 1 2022, 1:46 AM

@thieta Thank you for the approve. I have no commit right to the repository, so it would be great if someone with the commit rights lands the patch.

thieta added a comment.Mar 1 2022, 1:52 AM

@thieta Thank you for the approve. I have no commit right to the repository, so it would be great if someone with the commit rights lands the patch.

I can land it for you - but I would like another reviewer to approve it as well first.

jhenderson requested changes to this revision.Mar 1 2022, 3:05 AM

Basically looks fine, although I'm not a Windows archive expert. @mstorsjo might have some other feedback.

llvm/lib/Object/Archive.cpp
259–260

Some grammar nits.

llvm/test/tools/llvm-lib/Inputs/xfghashmap-inserter.py
8

I believe you can just do this?

llvm/test/tools/llvm-lib/xfghashmap-list.test
1–5

You can simplify this slightly.

7

Rather than put the python file in a separate file to the test file, you can include it inline as follows:

  1. Add comment markers to the start of every RUN and CHECK line, (e.g. # RUN: ...).
  2. Change the existing comment to use double-comment markers (not strictly needed, but it helps it stand out (i.e. ## This should ...).
  3. Add the contents of the python script to the end of this test file.
  4. Reference the script by using %s in your python execution.

Also, I'd put a brief comment somewhere, either at the start of the python script, or immediately before this RUN line, explaining what the script does.

9

Nit: missing trailing "." at the end of the comment.

This revision now requires changes to proceed.Mar 1 2022, 3:05 AM

@jhenderson thank you for the review. I'm not an English native speaker, so some grammar may be bad, sorry. I've put the python script into the test itself as you suggested and added a few comments why this script is used at all.

psamolysov-intel marked 4 inline comments as done.Mar 1 2022, 4:08 AM
psamolysov-intel added inline comments.
llvm/lib/Object/Archive.cpp
259–260

Thank you, I've applied the suggestion.

llvm/test/tools/llvm-lib/xfghashmap-list.test
7

Thank you for the idea, I've encapsulated the script into the test, it works!

I’m not entirely clear about the big picture here… The real Windows SDK library files contain members that cause us to error out (for some reason), and we choose to just skip those members, to avoid erroring out.

To test this, we artificially create libraries with a member named like this (but which is a real regular object file), and we check that we ignore it. But the test doesn’t replicate the aspect of the real files that made us error out on them to begin with, right? So the testcase can’t be used for testing other ways of dealing with the root cause, other than ignoring - is that right?

(I’m not saying the it has to be done differently, I’m just trying to get a grasp of the issue and what this tests.)

psamolysov-intel marked 2 inline comments as done.Mar 1 2022, 4:28 AM

@mstorsjo I agree with you, we make some manipulations to get a library with a member named like this. Unfortunately, the member is not documented (or I cannot find the documentation) and it is difficult to build the right library using the Microsoft toolchain.

jhenderson accepted this revision.Mar 1 2022, 5:07 AM

LGTM, but please work with @mstorsjo about the testing etc.

llvm/test/tools/llvm-lib/xfghashmap-list.test
25

Still can use a byte literal as suggested earlier.

This revision is now accepted and ready to land.Mar 1 2022, 5:07 AM

@jhenderson Thank you, I missed the suggestion about the byte literal, sorry. Updated the test.

psamolysov-intel marked an inline comment as done.Mar 1 2022, 5:37 AM

x64 debian failed

I see there is no failed test in LLVM, only some tests in Clang but they look as not related to the patch.

Herald added a project: Restricted Project. · View Herald TranscriptMar 1 2022, 10:50 PM

x64 debian failed

I see there is no failed test in LLVM, only some tests in Clang but they look as not related to the patch.

That's not unusual. It means there were issues in main at the point the auto-test ran.

LGTM, but please work with @mstorsjo about the testing etc.

No objections from me, thanks for clarifying the situation.

Do you have commit access to push the patch, or do you want me to do it for you? In that case, can you provide your preferred git author line ("Real Name <email@address>") to use for pushing the commit? (Via the github issue I do see your own commit for this patch too, at https://github.com/psamolysov-intel/llvm/commit/7467ea9a6a173829ab61693dd199ae0d94a0a787, so I guess I could pick your preferred info from there too.)

psamolysov-intel added a comment.EditedMar 2 2022, 2:59 AM

Thank you @mstorsjo! I have no commit access, if you can commit this patch, it would be great. You can use the info from https://github.com/psamolysov-intel/llvm/commit/7467ea9a6a173829ab61693dd199ae0d94a0a787

This revision was landed with ongoing or failed builds.Mar 2 2022, 3:29 AM
This revision was automatically updated to reflect the committed changes.

Thank you @mstorsjo for landing.