This is an archive of the discontinued LLVM Phabricator instance.

Differential D68971

[libunwind][Android] Improve workaround for PIE zero-dlpi_addr bug
ClosedPublic

Authored by rprichard on Oct 15 2019, 12:31 AM.

Details

Reviewers
mclow.lists
srhines
danalbert
compnerd
Commits
rUNW374969: [libunwind][Android] Improve workaround for PIE zero-dlpi_addr bug
rG8200dbbcae93: [libunwind][Android] Improve workaround for PIE zero-dlpi_addr bug
rL374969: [libunwind][Android] Improve workaround for PIE zero-dlpi_addr bug
Summary

The workaround added in https://reviews.llvm.org/rL299575 appears to be
working around a bug in Android JB 4.1.x and 4.2.x (API 16 and 17).

Starting in API 16, Android added support for PIE binaries, but the
dynamic linker failed to initialize dlpi_addr to the address that the
executable was loaded at. The bug was fixed in Android JB 4.3.x (API 18).

Improve the true load bias calculation:

  • The code was assuming that the first segment would be the PT_PHDR segment. I think it's better to be explicit and search for PT_PHDR. (It will be almost as fast in practice.)
  • It's more correct to use p_vaddr rather than p_offset. If a PIE executable is linked with a non-zero image base (e.g. lld's -Wl,--image-base=xxxx), then we must use p_vaddr here.

The "phdr->p_vaddr < image_base" condition seems unnecessary and maybe
slightly wrong. If the OS were to load a binary at an address smaller than
a vaddr in the binary, we would still want to do this workaround.

The workaround is safe when the linker bug isn't present, because it
should calculate an image_base equal to dlpi_addr. Note that with API 21
and up, this workaround should never activate for dynamically-linked
objects, because non-PIE executables aren't allowed.

Consolidate the fix into a single block of code that calculates the true
image base, and make it clear that the fix no longer applies after API 18.

See https://github.com/android/ndk/issues/505 for details.

Diff Detail

Event Timeline

rprichard created this revision.Oct 15 2019, 12:31 AM
Herald added a project: Restricted Project. · View Herald TranscriptOct 15 2019, 12:31 AM
Herald added subscribers: libcxx-commits, christof, krytarowski, srhines. · View Herald Transcript
Harbormaster completed remote builds in B39553: Diff 224960.Oct 15 2019, 12:36 AM
Herald added a reviewer: mclow.lists. · View Herald TranscriptOct 15 2019, 12:36 AM
Herald added a reviewer: mclow.lists. · View Herald Transcript
Herald added a reviewer: mclow.lists. · View Herald Transcript
rprichard updated this revision to Diff 224962.Oct 15 2019, 12:37 AM

Exclude an unrelated change from the base revision.

Harbormaster completed remote builds in B39554: Diff 224962.Oct 15 2019, 12:48 AM
rprichard added reviewers: srhines, danalbert, compnerd.Oct 15 2019, 12:57 AM

FWIW, Android's official toolchain currently only uses LLVM's libunwind for arm32, so this patch doesn't affect anything yet in the Android platform or NDK. I tested it with NDK r20 by:

  • building libunwind.a with -DLIBUNWIND_TARGET_TRIPLE=i686-linux-android16, then
  • building a PIE executable, linking libunwind.a in front of the libgcc.a unwinder that NDK r20 normally uses.

I verified that libunwind.a was broken on an API16 x86-32 emulator when I used a non-zero -Wl,--image-base=nnnn setting, but this patch fixes it.

(I also tried running the libunwind tests but didn't get them to run.)

compnerd accepted this revision.Oct 15 2019, 10:15 AM

Thanks, this should be more robust. Nice catch with the image base being explicitly set and using p_vaddr rather than p_offset, that was something that I failed to account for. I really wish that we had a more complete test suite, but that is *way* beyond this change.

This revision is now accepted and ready to land.Oct 15 2019, 10:15 AM
Closed by commit rG8200dbbcae93: [libunwind][Android] Improve workaround for PIE zero-dlpi_addr bug (authored by rprichard). · Explain WhyOct 15 2019, 7:38 PM
This revision was automatically updated to reflect the committed changes.
rprichard added a comment.Oct 15 2019, 7:41 PM

(I also tried running the libunwind tests but didn't get them to run.)

FWIW, I also built libunwind for the host and was able to run ninja check-unwind successfully.

Revision Contents

PathSize
libunwind/
src/
50 lines

Diff 225150

libunwind/src/AddressSpace.hpp

Show First 20 LinesShow All 491 Lines▼ Show 20 Lines int found = dl_iterate_phdr(
} }
#if !defined(Elf_Half) #if !defined(Elf_Half)
typedef ElfW(Half) Elf_Half; typedef ElfW(Half) Elf_Half;
#endif #endif
#if !defined(Elf_Phdr) #if !defined(Elf_Phdr)
typedef ElfW(Phdr) Elf_Phdr; typedef ElfW(Phdr) Elf_Phdr;
#endif #endif
#if !defined(Elf_Addr)
typedef ElfW(Addr) Elf_Addr;
#endif
Elf_Addr image_base = pinfo->dlpi_addr;
#if defined(__ANDROID__) && __ANDROID_API__ < 18
if (image_base == 0) {
// Normally, an image base of 0 indicates a non-PIE executable. On
// versions of Android prior to API 18, the dynamic linker reported a
// dlpi_addr of 0 for PIE executables. Compute the true image base
// using the PT_PHDR segment.
// See https://github.com/android/ndk/issues/505.
for (Elf_Half i = 0; i < pinfo->dlpi_phnum; i++) {
const Elf_Phdr *phdr = &pinfo->dlpi_phdr[i];
if (phdr->p_type == PT_PHDR) {
image_base = reinterpret_cast<Elf_Addr>(pinfo->dlpi_phdr) -
phdr->p_vaddr;
break;
}
}
}
#endif
#if defined(_LIBUNWIND_SUPPORT_DWARF_UNWIND) #if defined(_LIBUNWIND_SUPPORT_DWARF_UNWIND)
#if !defined(_LIBUNWIND_SUPPORT_DWARF_INDEX) #if !defined(_LIBUNWIND_SUPPORT_DWARF_INDEX)
#error "_LIBUNWIND_SUPPORT_DWARF_UNWIND requires _LIBUNWIND_SUPPORT_DWARF_INDEX on this platform." #error "_LIBUNWIND_SUPPORT_DWARF_UNWIND requires _LIBUNWIND_SUPPORT_DWARF_INDEX on this platform."
#endif #endif
size_t object_length; size_t object_length;
#if defined(__ANDROID__)
#if !defined(Elf_Addr)
typedef ElfW(Addr) Elf_Addr;
#endif
Elf_Addr image_base =
pinfo->dlpi_phnum
? reinterpret_cast<Elf_Addr>(pinfo->dlpi_phdr) -
reinterpret_cast<const Elf_Phdr *>(pinfo->dlpi_phdr)
->p_offset
: 0;
#endif
for (Elf_Half i = 0; i < pinfo->dlpi_phnum; i++) { for (Elf_Half i = 0; i < pinfo->dlpi_phnum; i++) {
const Elf_Phdr *phdr = &pinfo->dlpi_phdr[i]; const Elf_Phdr *phdr = &pinfo->dlpi_phdr[i];
if (phdr->p_type == PT_LOAD) { if (phdr->p_type == PT_LOAD) {
uintptr_t begin = pinfo->dlpi_addr + phdr->p_vaddr; uintptr_t begin = image_base + phdr->p_vaddr;
#if defined(__ANDROID__)
if (pinfo->dlpi_addr == 0 && phdr->p_vaddr < image_base)
begin = begin + image_base;
#endif
uintptr_t end = begin + phdr->p_memsz; uintptr_t end = begin + phdr->p_memsz;
if (cbdata->targetAddr >= begin && cbdata->targetAddr < end) { if (cbdata->targetAddr >= begin && cbdata->targetAddr < end) {
cbdata->sects->dso_base = begin; cbdata->sects->dso_base = begin;
object_length = phdr->p_memsz; object_length = phdr->p_memsz;
found_obj = true; found_obj = true;
} }
} else if (phdr->p_type == PT_GNU_EH_FRAME) { } else if (phdr->p_type == PT_GNU_EH_FRAME) {
EHHeaderParser<LocalAddressSpace>::EHHeaderInfo hdrInfo; EHHeaderParser<LocalAddressSpace>::EHHeaderInfo hdrInfo;
uintptr_t eh_frame_hdr_start = pinfo->dlpi_addr + phdr->p_vaddr; uintptr_t eh_frame_hdr_start = image_base + phdr->p_vaddr;
#if defined(__ANDROID__)
if (pinfo->dlpi_addr == 0 && phdr->p_vaddr < image_base)
eh_frame_hdr_start = eh_frame_hdr_start + image_base;
#endif
cbdata->sects->dwarf_index_section = eh_frame_hdr_start; cbdata->sects->dwarf_index_section = eh_frame_hdr_start;
cbdata->sects->dwarf_index_section_length = phdr->p_memsz; cbdata->sects->dwarf_index_section_length = phdr->p_memsz;
found_hdr = EHHeaderParser<LocalAddressSpace>::decodeEHHdr( found_hdr = EHHeaderParser<LocalAddressSpace>::decodeEHHdr(
*cbdata->addressSpace, eh_frame_hdr_start, phdr->p_memsz, *cbdata->addressSpace, eh_frame_hdr_start, phdr->p_memsz,
hdrInfo); hdrInfo);
if (found_hdr) if (found_hdr)
cbdata->sects->dwarf_section = hdrInfo.eh_frame_ptr; cbdata->sects->dwarf_section = hdrInfo.eh_frame_ptr;
} }
} }
if (found_obj && found_hdr) { if (found_obj && found_hdr) {
cbdata->sects->dwarf_section_length = object_length; cbdata->sects->dwarf_section_length = object_length;
return true; return true;
} else { } else {
return false; return false;
} }
#else // defined(_LIBUNWIND_ARM_EHABI) #else // defined(_LIBUNWIND_ARM_EHABI)
for (Elf_Half i = 0; i < pinfo->dlpi_phnum; i++) { for (Elf_Half i = 0; i < pinfo->dlpi_phnum; i++) {
const Elf_Phdr *phdr = &pinfo->dlpi_phdr[i]; const Elf_Phdr *phdr = &pinfo->dlpi_phdr[i];
if (phdr->p_type == PT_LOAD) { if (phdr->p_type == PT_LOAD) {
uintptr_t begin = pinfo->dlpi_addr + phdr->p_vaddr; uintptr_t begin = image_base + phdr->p_vaddr;
uintptr_t end = begin + phdr->p_memsz; uintptr_t end = begin + phdr->p_memsz;
if (cbdata->targetAddr >= begin && cbdata->targetAddr < end) if (cbdata->targetAddr >= begin && cbdata->targetAddr < end)
found_obj = true; found_obj = true;
} else if (phdr->p_type == PT_ARM_EXIDX) { } else if (phdr->p_type == PT_ARM_EXIDX) {
uintptr_t exidx_start = pinfo->dlpi_addr + phdr->p_vaddr; uintptr_t exidx_start = image_base + phdr->p_vaddr;
cbdata->sects->arm_section = exidx_start; cbdata->sects->arm_section = exidx_start;
cbdata->sects->arm_section_length = phdr->p_memsz; cbdata->sects->arm_section_length = phdr->p_memsz;
found_hdr = true; found_hdr = true;
} }
} }
return found_obj && found_hdr; return found_obj && found_hdr;
#endif #endif
}, },
▲ Show 20 LinesShow All 43 LinesShow Last 20 Lines