This is an archive of the discontinued LLVM Phabricator instance.

Differential D38462

[DebugInfo] Replace unreachable with ReportError in debug frame parser.
AbandonedPublic

Authored by JDevlieghere on Oct 2 2017, 8:50 AM.

Details

Reviewers
aprantl
dblaikie
JDevlieghere
Summary

The parser should not rely on assertions or unreachables for invalid
input. This patch replaces calls to llvm::unreachable with calls to
ReportError in the debug frame parser.

This fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3519
Test case is taken from there.

Diff Detail

Repository
rL LLVM

Event Timeline

JDevlieghere created this revision.Oct 2 2017, 8:50 AM
Herald added subscribers: aheejin, sbc100. · View Herald TranscriptOct 2 2017, 8:50 AM
rnk added subscribers: MatzeB, rnk.Oct 2 2017, 9:10 AM

@MatzeB has proposed making report_fatal_error abort, which libfuzzer will re-file as a bug. Converting unreachable to report_fatal_error just kicks the actual error handling down the road.

aprantl edited edge metadata.Oct 2 2017, 9:14 AM

Since we are working towards the goal of making libDebugInfo good enough for LLDB to use, I don't think using report_fatal_error is acceptable on invalid inputs. Could this be made so the parsing returns an optional or expected instead?

aprantl added a reviewer: JDevlieghere.Oct 2 2017, 9:14 AM
JDevlieghere edited edge metadata.Oct 2 2017, 9:28 AM

Thanks guys, I should've given this more thought!

In D38462#885890, @rnk wrote:

@MatzeB has proposed making report_fatal_error abort, which libfuzzer will re-file as a bug. Converting unreachable to report_fatal_error just kicks the actual error handling down the road.

That makes sense.

In D38462#885897, @aprantl wrote:

Since we are working towards the goal of making libDebugInfo good enough for LLDB to use, I don't think using report_fatal_error is acceptable on invalid inputs. Could this be made so the parsing returns an optional or expected instead?

I think this is indeed the desired solution.

JDevlieghere abandoned this revision.Oct 3 2017, 8:49 AM

Revision Contents

Diff 117358

lib/DebugInfo/DWARF/DWARFDebugFrame.cpp

Show All 25 Lines
#include <cinttypes> #include <cinttypes>
#include <cstdint> #include <cstdint>
#include <string> #include <string>
#include <vector> #include <vector>
using namespace llvm; using namespace llvm;
using namespace dwarf; using namespace dwarf;
// This is a workaround for old compilers which do not allow
// noreturn attribute usage in lambdas. Once the support for those
// compilers are phased out, we can remove this and return back to
// a ReportError lambda: [StartOffset](const char *ErrorMsg).
static void LLVM_ATTRIBUTE_NORETURN ReportError(uint32_t StartOffset,
const char *ErrorMsg) {
std::string Str;
raw_string_ostream OS(Str);
OS << format(ErrorMsg, StartOffset);
OS.flush();
report_fatal_error(Str);
}
/// \brief Abstract frame entry defining the common interface concrete /// \brief Abstract frame entry defining the common interface concrete
/// entries implement. /// entries implement.
class llvm::FrameEntry { class llvm::FrameEntry {
public: public:
enum FrameKind {FK_CIE, FK_FDE}; enum FrameKind {FK_CIE, FK_FDE};
FrameEntry(FrameKind K, uint64_t Offset, uint64_t Length) FrameEntry(FrameKind K, uint64_t Offset, uint64_t Length)
: Kind(K), Offset(Offset), Length(Length) {} : Kind(K), Offset(Offset), Length(Length) {}
▲ Show 20 LinesShow All 75 Lines▼ Show 20 Lines while (*Offset < EndOffset) {
// Some instructions have a primary opcode encoded in the top bits. // Some instructions have a primary opcode encoded in the top bits.
uint8_t Primary = Opcode & DWARF_CFI_PRIMARY_OPCODE_MASK; uint8_t Primary = Opcode & DWARF_CFI_PRIMARY_OPCODE_MASK;
if (Primary) { if (Primary) {
// If it's a primary opcode, the first operand is encoded in the bottom // If it's a primary opcode, the first operand is encoded in the bottom
// bits of the opcode itself. // bits of the opcode itself.
uint64_t Op1 = Opcode & DWARF_CFI_PRIMARY_OPERAND_MASK; uint64_t Op1 = Opcode & DWARF_CFI_PRIMARY_OPERAND_MASK;
switch (Primary) { switch (Primary) {
default: llvm_unreachable("Impossible primary CFI opcode"); default:
ReportError(Primary, "Impossible primary CFI opcode: %d");
case DW_CFA_advance_loc: case DW_CFA_advance_loc:
case DW_CFA_restore: case DW_CFA_restore:
addInstruction(Primary, Op1); addInstruction(Primary, Op1);
break; break;
case DW_CFA_offset: case DW_CFA_offset:
addInstruction(Primary, Op1, Data.getULEB128(Offset)); addInstruction(Primary, Op1, Data.getULEB128(Offset));
break; break;
} }
} else { } else {
// Extended opcode - its value is Opcode itself. // Extended opcode - its value is Opcode itself.
switch (Opcode) { switch (Opcode) {
default: llvm_unreachable("Invalid extended CFI opcode"); default:
ReportError(Opcode, "Invalid extended CFI opcode: %d");
case DW_CFA_nop: case DW_CFA_nop:
case DW_CFA_remember_state: case DW_CFA_remember_state:
case DW_CFA_restore_state: case DW_CFA_restore_state:
case DW_CFA_GNU_window_save: case DW_CFA_GNU_window_save:
// No operands // No operands
addInstruction(Opcode); addInstruction(Opcode);
break; break;
case DW_CFA_set_loc: case DW_CFA_set_loc:
// Operands: Address // Operands: Address
addInstruction(Opcode, Data.getAddress(Offset)); addInstruction(Opcode, Data.getAddress(Offset));
break; break;
case DW_CFA_advance_loc1: case DW_CFA_advance_loc1:
// Operands: 1-byte delta // Operands: 1-byte delta
addInstruction(Opcode, Data.getU8(Offset)); addInstruction(Opcode, Data.getU8(Offset));
break; break;
case DW_CFA_advance_loc2: case DW_CFA_advance_loc2:
// Operands: 2-byte delta // Operands: 2-byte delta
addInstruction(Opcode, Data.getU16(Offset)); addInstruction(Opcode, Data.getU16(Offset));
break; break;
case DW_CFA_advance_loc4: case DW_CFA_advance_loc4:
// Operands: 4-byte delta // Operands: 4-byte delta
addInstruction(Opcode, Data.getU32(Offset)); addInstruction(Opcode, Data.getU32(Offset));
break; break;
case DW_CFA_restore_extended: case DW_CFA_restore_extended:
case DW_CFA_undefined: case DW_CFA_undefined:
case DW_CFA_same_value: case DW_CFA_same_value:
case DW_CFA_def_cfa_register: case DW_CFA_def_cfa_register:
case DW_CFA_def_cfa_offset: case DW_CFA_def_cfa_offset:
// Operands: ULEB128 // Operands: ULEB128
addInstruction(Opcode, Data.getULEB128(Offset)); addInstruction(Opcode, Data.getULEB128(Offset));
break; break;
case DW_CFA_def_cfa_offset_sf: case DW_CFA_def_cfa_offset_sf:
// Operands: SLEB128 // Operands: SLEB128
addInstruction(Opcode, Data.getSLEB128(Offset)); addInstruction(Opcode, Data.getSLEB128(Offset));
break; break;
case DW_CFA_offset_extended: case DW_CFA_offset_extended:
case DW_CFA_register: case DW_CFA_register:
case DW_CFA_def_cfa: case DW_CFA_def_cfa:
case DW_CFA_val_offset: { case DW_CFA_val_offset: {
// Operands: ULEB128, ULEB128 // Operands: ULEB128, ULEB128
// Note: We can not embed getULEB128 directly into function // Note: We can not embed getULEB128 directly into function
// argument list. getULEB128 changes Offset and order of evaluation // argument list. getULEB128 changes Offset and order of evaluation
// for arguments is unspecified. // for arguments is unspecified.
auto op1 = Data.getULEB128(Offset); auto op1 = Data.getULEB128(Offset);
auto op2 = Data.getULEB128(Offset); auto op2 = Data.getULEB128(Offset);
addInstruction(Opcode, op1, op2); addInstruction(Opcode, op1, op2);
break; break;
} }
case DW_CFA_offset_extended_sf: case DW_CFA_offset_extended_sf:
case DW_CFA_def_cfa_sf: case DW_CFA_def_cfa_sf:
case DW_CFA_val_offset_sf: { case DW_CFA_val_offset_sf: {
// Operands: ULEB128, SLEB128 // Operands: ULEB128, SLEB128
// Note: see comment for the previous case // Note: see comment for the previous case
auto op1 = Data.getULEB128(Offset); auto op1 = Data.getULEB128(Offset);
auto op2 = (uint64_t)Data.getSLEB128(Offset); auto op2 = (uint64_t)Data.getSLEB128(Offset);
▲ Show 20 LinesShow All 295 Lines▼ Show 20 Lines for (int i = 0; i < Length; ++i) {
uint8_t c = Data.getU8(&Offset); uint8_t c = Data.getU8(&Offset);
errs().write_hex(c); errs() << " "; errs().write_hex(c); errs() << " ";
} }
errs() << "\n"; errs() << "\n";
} }
static unsigned getSizeForEncoding(const DataExtractor &Data, static unsigned getSizeForEncoding(const DataExtractor &Data,
unsigned symbolEncoding) { unsigned symbolEncoding) {
unsigned format = symbolEncoding & 0x0f; unsigned Format = symbolEncoding & 0x0f;
switch (format) { switch (Format) {
default: llvm_unreachable("Unknown Encoding"); default:
ReportError(Format, "Unknown uncoding: %d");
case DW_EH_PE_absptr: case DW_EH_PE_absptr:
case DW_EH_PE_signed: case DW_EH_PE_signed:
return Data.getAddressSize(); return Data.getAddressSize();
case DW_EH_PE_udata2: case DW_EH_PE_udata2:
case DW_EH_PE_sdata2: case DW_EH_PE_sdata2:
return 2; return 2;
case DW_EH_PE_udata4: case DW_EH_PE_udata4:
case DW_EH_PE_sdata4: case DW_EH_PE_sdata4:
return 4; return 4;
case DW_EH_PE_udata8: case DW_EH_PE_udata8:
case DW_EH_PE_sdata8: case DW_EH_PE_sdata8:
return 8; return 8;
} }
} }
static uint64_t readPointer(const DataExtractor &Data, uint32_t &Offset, static uint64_t readPointer(const DataExtractor &Data, uint32_t &Offset,
unsigned Encoding) { unsigned Encoding) {
switch (getSizeForEncoding(Data, Encoding)) { unsigned Size = getSizeForEncoding(Data, Encoding);
switch (Size) {
case 2: case 2:
return Data.getU16(&Offset); return Data.getU16(&Offset);
case 4: case 4:
return Data.getU32(&Offset); return Data.getU32(&Offset);
case 8: case 8:
return Data.getU64(&Offset); return Data.getU64(&Offset);
default: default:
llvm_unreachable("Illegal data size"); ReportError(Size, "Illegal data size: %d");
}
} }
// This is a workaround for old compilers which do not allow
// noreturn attribute usage in lambdas. Once the support for those
// compilers are phased out, we can remove this and return back to
// a ReportError lambda: [StartOffset](const char *ErrorMsg).
static void LLVM_ATTRIBUTE_NORETURN ReportError(uint32_t StartOffset,
const char *ErrorMsg) {
std::string Str;
raw_string_ostream OS(Str);
OS << format(ErrorMsg, StartOffset);
OS.flush();
report_fatal_error(Str);
} }
void DWARFDebugFrame::parse(DataExtractor Data) { void DWARFDebugFrame::parse(DataExtractor Data) {
uint32_t Offset = 0; uint32_t Offset = 0;
DenseMap<uint32_t, CIE *> CIEs; DenseMap<uint32_t, CIE *> CIEs;
while (Data.isValidOffset(Offset)) { while (Data.isValidOffset(Offset)) {
uint32_t StartOffset = Offset; uint32_t StartOffset = Offset;
▲ Show 20 LinesShow All 175 LinesShow Last 20 Lines

test/DebugInfo/Inputs/dwarfdump-invalid-extended-cfi-opcode.wasm

  • This binary file was added.

test/DebugInfo/dwarfdump-invalid-extended-cfi-opcode.test

  • This file was added.
RUN: not llvm-dwarfdump -debug-frame %p/Inputs/dwarfdump-invalid-extended-cfi-opcode.wasm 2>&1 | FileCheck %s
CHECK: LLVM ERROR: Invalid extended CFI opcode: 41