This is an archive of the discontinued LLVM Phabricator instance.

Differential D81988

[ELF] Refactor ObjFile<ELFT>::initializeSymbols to enforce the invariant: InputFile::symbols has non null entry
ClosedPublic

Authored by MaskRay on Jun 16 2020, 8:22 PM.

Details

Reviewers
grimar
jhenderson
psmith
espindola
Commits
rGc4d13f72a659: [ELF] Refactor ObjFile<ELFT>::initializeSymbols to enforce the invariant…
Summary

Fixes PR46348.

ObjFile<ELFT>::initializeSymbols contains two symbol iteration loops:

for each symbol
  if non-inheriting && non-local
    fill in this->symbols[i]

for each symbol
  if local
    fill in this->symbols[i]
  else
    symbol resolution

Symbol resolution can trigger a duplicate symbol error which will call
InputSectionBase::getObjMsg to iterate over InputFile::symbols. If a
non-local symbol appears after the non-local symbol being resolved
(violating ELF spec), its this->symbols[i] entry has not been filled
in, InputSectionBase::getObjMsg will crash due to
dyn_cast<Defined>(nullptr).

To fix the bug, reorganize the two loops to ensure this->symbols is
complete before symbol resolution. This enforces the invariant:
InputFile::symbols has none null entry when InputFile::getSymbols() is called.

for each symbol
  if non-inheriting
    fill in this->symbols[i]

for each symbol starting from firstGlobal
  if non-local
    symbol resolution

Additionally, move the (non-local symbol in local part of .symtab)
diagnostic from Writer<ELFT>::copyLocalSymbols() to initializeSymbols().

Diff Detail

Event Timeline

MaskRay created this revision.Jun 16 2020, 8:22 PM
Herald added a reviewer: espindola. · View Herald TranscriptJun 16 2020, 8:22 PM
Herald added a project: Restricted Project. · View Herald Transcript
Herald added subscribers: llvm-commits, arichardson, emaste. · View Herald Transcript
Harbormaster completed remote builds in B60581: Diff 271268.Jun 16 2020, 9:19 PM
jhenderson added a comment.Jun 17 2020, 12:15 AM

Thanks for the fix! It looks reasonable to me, but before approving, I wanted to ask would we be better off emitting some kind of warning or error about the out-of-order list earlier on?

lld/ELF/InputSection.cpp
350 ↗(On Diff #271268)

It might be worth a comment saying under what conditions b can be nullptr.

grimar added a comment.Jun 17 2020, 2:06 AM
In D81988#2097485, @jhenderson wrote:

would we be better off emitting some kind of warning or error about the out-of-order list earlier on?

+1 to this question.

lld/test/ELF/invalid/broken-symtab-duplicate-symbol.test
2 ↗(On Diff #271268)

I do not think you should mention the particular internal API names.
This comment should be more general probably. Like:

In this test we have a local symbol that follows a global one. This is not correct .... Check that ...
15 ↗(On Diff #271268)

OSABI is not needed.

28 ↗(On Diff #271268)

Seems there is a double spacing here and above (Sections).

MaskRay marked 5 inline comments as done.Jun 17 2020, 9:08 AM
In D81988#2097630, @grimar wrote:
In D81988#2097485, @jhenderson wrote:

would we be better off emitting some kind of warning or error about the out-of-order list earlier on?

+1 to this question.

This should be a separate change. llvm-readobj -s should emit a warning as well (like GNU readelf).

lld/test/ELF/invalid/broken-symtab-duplicate-symbol.test
2 ↗(On Diff #271268)

This test is coupled with the implementation. If the implementation changes, we'll have to adjust the test. Exposing a bit of implementation may be fine to remind a reader to adjust the test. I'll amend the comment a bit.

MaskRay updated this revision to Diff 271387.Jun 17 2020, 9:14 AM
MaskRay marked an inline comment as done.

Add comment to code. Improve test.

Harbormaster completed remote builds in B60651: Diff 271387.Jun 17 2020, 10:13 AM
jhenderson accepted this revision.Jun 17 2020, 11:57 PM

I think this is okay. LGTM, with nit.

lld/test/ELF/invalid/broken-symtab-duplicate-symbol.test
2 ↗(On Diff #271387)

Nit: spurious '#' at end of line.

This revision is now accepted and ready to land.Jun 17 2020, 11:57 PM
grimar added a comment.Jun 18 2020, 2:11 AM
In D81988#2098351, @MaskRay wrote:
In D81988#2097630, @grimar wrote:
In D81988#2097485, @jhenderson wrote:

would we be better off emitting some kind of warning or error about the out-of-order list earlier on?

+1 to this question.

This should be a separate change. llvm-readobj -s should emit a warning as well (like GNU readelf).

Shouldn't we just error out early?

We have a few more places where we have this code pattern:

  1. MapFile.cpp

https://github.com/llvm/llvm-project/blob/master/lld/ELF/MapFile.cpp#L54

  1. InputSectionBase::getEnclosingFunction:

https://github.com/llvm/llvm-project/blob/master/lld/ELF/InputSection.cpp#L285

That code also uses dyn_cast<Defined>(b) and makes me wondering why do you want to support
this broken case instead of reporting an error much earlier? This ways seems we will not need to
fix all other places.

MaskRay added a comment.Jun 18 2020, 12:03 PM
In D81988#2100226, @grimar wrote:
In D81988#2098351, @MaskRay wrote:
In D81988#2097630, @grimar wrote:
In D81988#2097485, @jhenderson wrote:

would we be better off emitting some kind of warning or error about the out-of-order list earlier on?

+1 to this question.

This should be a separate change. llvm-readobj -s should emit a warning as well (like GNU readelf).

Shouldn't we just error out early?

Yes.

We have a few more places where we have this code pattern:

  1. MapFile.cpp

https://github.com/llvm/llvm-project/blob/master/lld/ELF/MapFile.cpp#L54

  1. InputSectionBase::getEnclosingFunction:

https://github.com/llvm/llvm-project/blob/master/lld/ELF/InputSection.cpp#L285

That code also uses dyn_cast<Defined>(b) and makes me wondering why do you want to support
this broken case instead of reporting an error much earlier? This ways seems we will not need to
fix all other places.

The two functions are called in the relocation pass, which is very late and is not subject to the bug.
I do think we have a more serious issue which my original description failed to capture.
Updating...

MaskRay updated this revision to Diff 271806.Jun 18 2020, 12:04 PM
MaskRay retitled this revision from [ELF] Fix a dyn_cast<Defined>(nullptr) crash if a local symbol appears in InputFile::symbols to [ELF] Refactor ObjFile<ELFT>::initializeSymbols to keep the invariant: InputFile::symbols has non null entry.
MaskRay edited the summary of this revision. (Show Details)

Refactor ObjFile<ELFT>::initializeSymbols instead

MaskRay updated this revision to Diff 271815.Jun 18 2020, 12:41 PM
MaskRay retitled this revision from [ELF] Refactor ObjFile<ELFT>::initializeSymbols to keep the invariant: InputFile::symbols has non null entry to [ELF] Refactor ObjFile<ELFT>::initializeSymbols to enforce the invariant: InputFile::symbols has non null entry.
MaskRay edited the summary of this revision. (Show Details)

Move a diagnostic from Writer to initializeSymbols

MaskRay edited the summary of this revision. (Show Details)Jun 18 2020, 12:43 PM
MaskRay edited the summary of this revision. (Show Details)
Harbormaster completed remote builds in B60877: Diff 271806.Jun 18 2020, 1:39 PM
Harbormaster completed remote builds in B60883: Diff 271815.Jun 18 2020, 2:15 PM
grimar accepted this revision.Jun 19 2020, 12:58 AM

LGTM with a nit.

lld/ELF/InputFiles.cpp
1062

You can do:

if (eSym.getBinding() != STB_LOCAL) {

and inline STB_LOCAL value.

jhenderson added inline comments.Jun 19 2020, 12:59 AM
lld/ELF/InputFiles.cpp
1100

Isn't this going to result in reading every global symbol twice? That seems like a negative performance hit to me, and I'm not sure it's necessary either (the two loops could still be a single loop it seems to me).

lld/test/ELF/invalid/symtab-sh-info-dup.test
6

an null -> a null
to null pointer -> to a null pointer

MaskRay marked 4 inline comments as done.Jun 19 2020, 8:54 AM
MaskRay added inline comments.
lld/ELF/InputFiles.cpp
1100

There were two loops before and two loops now. After refactoring there is strictly less work: the second loops starts from firstGlobal (was 0).

(the two loops could still be a single loop it seems to me)

It will be very difficult.

MaskRay updated this revision to Diff 272097.Jun 19 2020, 8:55 AM
MaskRay marked an inline comment as done.

Address comments

Closed by commit rGc4d13f72a659: [ELF] Refactor ObjFile<ELFT>::initializeSymbols to enforce the invariant… (authored by MaskRay). · Explain WhyJun 19 2020, 9:12 AM
This revision was automatically updated to reflect the committed changes.
Harbormaster failed remote builds in B61046: Diff 272097!Jun 19 2020, 9:14 AM
MaskRay mentioned this in D79962: Fix the verification of DIEs with DW_AT_ranges..Jun 19 2020, 9:51 AM
jhenderson added inline comments.Jun 22 2020, 12:25 AM
lld/ELF/InputFiles.cpp
1100

Ah, sorry, the way the diff lined up made it look like only one loop on the left. Thanks.

Revision Contents

PathSize
lld/
ELF/
77 lines
4 lines
test/
ELF/
invalid/
36 lines
4 lines

Diff 272099

lld/ELF/InputFiles.cpp

Show First 20 LinesShow All 1,043 Lines▼ Show 20 Lines
} }
// Initialize this->Symbols. this->Symbols is a parallel array as // Initialize this->Symbols. this->Symbols is a parallel array as
// its corresponding ELF symbol table. // its corresponding ELF symbol table.
template <class ELFT> void ObjFile<ELFT>::initializeSymbols() { template <class ELFT> void ObjFile<ELFT>::initializeSymbols() {
ArrayRef<Elf_Sym> eSyms = this->getELFSyms<ELFT>(); ArrayRef<Elf_Sym> eSyms = this->getELFSyms<ELFT>();
this->symbols.resize(eSyms.size()); this->symbols.resize(eSyms.size());
// Our symbol table may have already been partially initialized // Fill in InputFile::symbols. Some entries have been initialized
// because of LazyObjFile. // because of LazyObjFile.
for (size_t i = 0, end = eSyms.size(); i != end; ++i)
if (!this->symbols[i] && eSyms[i].getBinding() != STB_LOCAL)
this->symbols[i] =
symtab->insert(CHECK(eSyms[i].getName(this->stringTable), this));
// Fill this->Symbols. A symbol is either local or global.
for (size_t i = 0, end = eSyms.size(); i != end; ++i) { for (size_t i = 0, end = eSyms.size(); i != end; ++i) {
if (this->symbols[i])
continue;
const Elf_Sym &eSym = eSyms[i]; const Elf_Sym &eSym = eSyms[i];
// Read symbol attributes.
uint32_t secIdx = getSectionIndex(eSym); uint32_t secIdx = getSectionIndex(eSym);
if (secIdx >= this->sections.size()) if (secIdx >= this->sections.size())
fatal(toString(this) + ": invalid section index: " + Twine(secIdx)); fatal(toString(this) + ": invalid section index: " + Twine(secIdx));
if (eSym.getBinding() != STB_LOCAL) {
InputSectionBase *sec = this->sections[secIdx]; if (i < firstGlobal)
grimarUnsubmitted
Done
ReplyInline Actions

You can do:

if (eSym.getBinding() != STB_LOCAL) {

and inline STB_LOCAL value.

grimar: You can do: ``` if (eSym.getBinding() != STB_LOCAL) { ``` and inline `STB_LOCAL` value.
uint8_t binding = eSym.getBinding(); error(toString(this) + ": non-local symbol (" + Twine(i) +
uint8_t stOther = eSym.st_other; ") found at index < .symtab's sh_info (" + Twine(firstGlobal) +
uint8_t type = eSym.getType(); ")");
uint64_t value = eSym.st_value; this->symbols[i] =
uint64_t size = eSym.st_size; symtab->insert(CHECK(eSyms[i].getName(this->stringTable), this));
StringRefZ name = this->stringTable.data() + eSym.st_name; continue;
}
// Handle local symbols. Local symbols are not added to the symbol // Handle local symbols. Local symbols are not added to the symbol
// table because they are not visible from other object files. We // table because they are not visible from other object files. We
// allocate symbol instances and add their pointers to Symbols. // allocate symbol instances and add their pointers to symbols.
if (binding == STB_LOCAL) { if (i >= firstGlobal)
if (eSym.getType() == STT_FILE) errorOrWarn(toString(this) + ": STB_LOCAL symbol (" + Twine(i) +
sourceFile = CHECK(eSym.getName(this->stringTable), this); ") found at index >= .symtab's sh_info (" +
Twine(firstGlobal) + ")");
InputSectionBase *sec = this->sections[secIdx];
uint8_t type = eSym.getType();
if (type == STT_FILE)
sourceFile = CHECK(eSym.getName(this->stringTable), this);
if (this->stringTable.size() <= eSym.st_name) if (this->stringTable.size() <= eSym.st_name)
fatal(toString(this) + ": invalid symbol name offset"); fatal(toString(this) + ": invalid symbol name offset");
StringRefZ name = this->stringTable.data() + eSym.st_name;
if (eSym.st_shndx == SHN_UNDEF) if (eSym.st_shndx == SHN_UNDEF)
this->symbols[i] = make<Undefined>(this, name, binding, stOther, type); this->symbols[i] =
make<Undefined>(this, name, STB_LOCAL, eSym.st_other, type);
else if (sec == &InputSection::discarded) else if (sec == &InputSection::discarded)
this->symbols[i] = make<Undefined>(this, name, binding, stOther, type,
/*DiscardedSecIdx=*/secIdx);
else
this->symbols[i] = this->symbols[i] =
make<Defined>(this, name, binding, stOther, type, value, size, sec); make<Undefined>(this, name, STB_LOCAL, eSym.st_other, type,
continue; /*discardedSecIdx=*/secIdx);
else
this->symbols[i] = make<Defined>(this, name, STB_LOCAL, eSym.st_other,
type, eSym.st_value, eSym.st_size, sec);
} }
// Symbol resolution of non-local symbols.
for (size_t i = firstGlobal, end = eSyms.size(); i != end; ++i) {
jhendersonUnsubmitted
Done
ReplyInline Actions

Isn't this going to result in reading every global symbol twice? That seems like a negative performance hit to me, and I'm not sure it's necessary either (the two loops could still be a single loop it seems to me).

jhenderson: Isn't this going to result in reading every global symbol twice? That seems like a negative…
MaskRayAuthorUnsubmitted
Done
ReplyInline Actions

There were two loops before and two loops now. After refactoring there is strictly less work: the second loops starts from firstGlobal (was 0).

(the two loops could still be a single loop it seems to me)

It will be very difficult.

MaskRay: There were two loops before and two loops now. After refactoring there is strictly less work…
jhendersonUnsubmitted
Not Done
ReplyInline Actions

Ah, sorry, the way the diff lined up made it look like only one loop on the left. Thanks.

jhenderson: Ah, sorry, the way the diff lined up made it look like only one loop on the left. Thanks.
const Elf_Sym &eSym = eSyms[i];
uint8_t binding = eSym.getBinding();
if (binding == STB_LOCAL)
continue; // Errored above.
uint32_t secIdx = getSectionIndex(eSym);
InputSectionBase *sec = this->sections[secIdx];
uint8_t stOther = eSym.st_other;
uint8_t type = eSym.getType();
uint64_t value = eSym.st_value;
uint64_t size = eSym.st_size;
StringRefZ name = this->stringTable.data() + eSym.st_name;
// Handle global undefined symbols. // Handle global undefined symbols.
if (eSym.st_shndx == SHN_UNDEF) { if (eSym.st_shndx == SHN_UNDEF) {
this->symbols[i]->resolve(Undefined{this, name, binding, stOther, type}); this->symbols[i]->resolve(Undefined{this, name, binding, stOther, type});
this->symbols[i]->referenced = true; this->symbols[i]->referenced = true;
continue; continue;
} }
// Handle global common symbols. // Handle global common symbols.
▲ Show 20 LinesShow All 628 LinesShow Last 20 Lines

lld/ELF/Writer.cpp

Show First 20 LinesShow All 757 Lines▼ Show 20 Lines
template <class ELFT> void Writer<ELFT>::copyLocalSymbols() { template <class ELFT> void Writer<ELFT>::copyLocalSymbols() {
if (!in.symTab) if (!in.symTab)
return; return;
if (config->copyRelocs && config->discard != DiscardPolicy::None) if (config->copyRelocs && config->discard != DiscardPolicy::None)
markUsedLocalSymbols<ELFT>(); markUsedLocalSymbols<ELFT>();
for (InputFile *file : objectFiles) { for (InputFile *file : objectFiles) {
ObjFile<ELFT> *f = cast<ObjFile<ELFT>>(file); ObjFile<ELFT> *f = cast<ObjFile<ELFT>>(file);
for (Symbol *b : f->getLocalSymbols()) { for (Symbol *b : f->getLocalSymbols()) {
if (!b->isLocal()) assert(b->isLocal() && "should have been caught in initializeSymbols()");
fatal(toString(f) +
": broken object: getLocalSymbols returns a non-local symbol");
auto *dr = dyn_cast<Defined>(b); auto *dr = dyn_cast<Defined>(b);
// No reason to keep local undefined symbol in symtab. // No reason to keep local undefined symbol in symtab.
if (!dr) if (!dr)
continue; continue;
if (!includeInSymtab(*b)) if (!includeInSymtab(*b))
continue; continue;
if (!shouldKeepInSymtab(*dr)) if (!shouldKeepInSymtab(*dr))
▲ Show 20 LinesShow All 2,198 LinesShow Last 20 Lines

lld/test/ELF/invalid/symtab-sh-info-dup.test

  • This file was added.
# REQUIRES: x86
## The ELF spec says all symbols with STB_LOCAL binding precede the weak and
## global symbols. If a local symbol is found in the non-local part of the
## symbol table, make sure we have filled in all entries of InputFile::symbols.
## Otherwise a null entry can lead to a null pointer dereference when iterating
## over InputFile::symbols.
jhendersonUnsubmitted
Done
ReplyInline Actions

an null -> a null
to null pointer -> to a null pointer

jhenderson: an null -> a null to null pointer -> to a null pointer
# RUN: yaml2obj %s -o %t.o
# RUN: not ld.lld %t.o %t.o -o /dev/null 2>&1 | FileCheck %s
# CHECK: error: {{.*}}.o: STB_LOCAL symbol (2) found at index >= .symtab's sh_info (1)
# CHECK-NEXT: error: {{.*}}.o: STB_LOCAL symbol (2) found at index >= .symtab's sh_info (1)
# CHECK-NEXT: error: duplicate symbol: _start
# CHECK-NEXT: >>> defined at {{.*}}.o:(.text+0x0)
# CHECK-NEXT: >>> defined at {{.*}}.o:(.text+0x0)
# RUN: ld.lld --noinhibit-exec %t.o -o /dev/null 2>&1 | FileCheck %s --check-prefix=WARN
# WARN: warning: {{.*}}.o: STB_LOCAL symbol (2) found at index >= .symtab's sh_info (1)
!ELF
FileHeader:
Class: ELFCLASS64
Data: ELFDATA2LSB
Type: ET_REL
Machine: EM_X86_64
Sections:
- Type: SHT_PROGBITS
Name: .text
Flags: [ SHF_ALLOC, SHF_EXECINSTR ]
Symbols:
- Name: _start
Section: .text
Binding: STB_GLOBAL
- Name: local
Section: .text
Binding: STB_LOCAL

lld/test/ELF/invalid/symtab-sh-info.s

Show All 16 Lines - Name: .symtab
Type: SHT_SYMTAB Type: SHT_SYMTAB
Symbols: Symbols:
- Name: foo - Name: foo
Binding: STB_GLOBAL Binding: STB_GLOBAL
## sh_info has value 2 what says that non-local symbol `foo` is local. ## sh_info has value 2 what says that non-local symbol `foo` is local.
## Check we report this case. ## Check we report this case.
# RUN: yaml2obj --docnum=2 %s -o %t.o # RUN: yaml2obj --docnum=2 %s -o %t.o
# RUN: not ld.lld %t.o -o /dev/null 2>&1 | FileCheck --check-prefix=ERR2 %s # RUN: not ld.lld --noinhibit-exec %t.o -o /dev/null 2>&1 | FileCheck --check-prefix=ERR2 %s
# ERR2: broken object: getLocalSymbols returns a non-local symbol # ERR2: error: {{.*}}.o: non-local symbol (1) found at index < .symtab's sh_info (2)
--- !ELF --- !ELF
FileHeader: FileHeader:
Class: ELFCLASS64 Class: ELFCLASS64
Data: ELFDATA2LSB Data: ELFDATA2LSB
Type: ET_REL Type: ET_REL
Machine: EM_X86_64 Machine: EM_X86_64
Sections: Sections:
Show All 25 Lines