1 //===- DWARFVerifier.h ----------------------------------------------------===// 2 // 3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. 4 // See https://llvm.org/LICENSE.txt for license information. 5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception 6 // 7 //===----------------------------------------------------------------------===// 8 9 #ifndef LLVM_DEBUGINFO_DWARF_DWARFVERIFIER_H 10 #define LLVM_DEBUGINFO_DWARF_DWARFVERIFIER_H 11 12 #include "llvm/ADT/Optional.h" 13 #include "llvm/DebugInfo/DIContext.h" 14 #include "llvm/DebugInfo/DWARF/DWARFAcceleratorTable.h" 15 #include "llvm/DebugInfo/DWARF/DWARFAddressRange.h" 16 #include "llvm/DebugInfo/DWARF/DWARFDie.h" 17 #include "llvm/DebugInfo/DWARF/DWARFUnitIndex.h" 18 19 #include <cstdint> 20 #include <map> 21 #include <set> 22 23 namespace llvm { 24 class raw_ostream; 25 struct DWARFAttribute; 26 class DWARFContext; 27 class DWARFDie; 28 class DWARFUnit; 29 class DWARFCompileUnit; 30 class DWARFDataExtractor; 31 class DWARFDebugAbbrev; 32 class DataExtractor; 33 struct DWARFSection; 34 35 /// A class that verifies DWARF debug information given a DWARF Context. 36 class DWARFVerifier { 37 public: 38 /// A class that keeps the address range information for a single DIE. 39 struct DieRangeInfo { 40 DWARFDie Die; 41 42 /// Sorted DWARFAddressRanges. 43 std::vector<DWARFAddressRange> Ranges; 44 45 /// Sorted DWARFAddressRangeInfo. 46 std::set<DieRangeInfo> Children; 47 48 DieRangeInfo() = default; DieRangeInfoDieRangeInfo49 DieRangeInfo(DWARFDie Die) : Die(Die) {} 50 51 /// Used for unit testing. DieRangeInfoDieRangeInfo52 DieRangeInfo(std::vector<DWARFAddressRange> Ranges) 53 : Ranges(std::move(Ranges)) {} 54 55 typedef std::vector<DWARFAddressRange>::const_iterator 56 address_range_iterator; 57 typedef std::set<DieRangeInfo>::const_iterator die_range_info_iterator; 58 59 /// Inserts the address range. If the range overlaps with an existing 60 /// range, the range that it overlaps with will be returned and the two 61 /// address ranges will be unioned together in "Ranges". 62 /// 63 /// This is used for finding overlapping ranges in the DW_AT_ranges 64 /// attribute of a DIE. It is also used as a set of address ranges that 65 /// children address ranges must all be contained in. 66 Optional<DWARFAddressRange> insert(const DWARFAddressRange &R); 67 68 /// Finds an address range in the sorted vector of ranges. findRangeDieRangeInfo69 address_range_iterator findRange(const DWARFAddressRange &R) const { 70 auto Begin = Ranges.begin(); 71 auto End = Ranges.end(); 72 auto Iter = std::upper_bound(Begin, End, R); 73 if (Iter != Begin) 74 --Iter; 75 return Iter; 76 } 77 78 /// Inserts the address range info. If any of its ranges overlaps with a 79 /// range in an existing range info, the range info is *not* added and an 80 /// iterator to the overlapping range info. 81 /// 82 /// This is used for finding overlapping children of the same DIE. 83 die_range_info_iterator insert(const DieRangeInfo &RI); 84 85 /// Return true if ranges in this object contains all ranges within RHS. 86 bool contains(const DieRangeInfo &RHS) const; 87 88 /// Return true if any range in this object intersects with any range in 89 /// RHS. 90 bool intersects(const DieRangeInfo &RHS) const; 91 }; 92 93 private: 94 raw_ostream &OS; 95 DWARFContext &DCtx; 96 DIDumpOptions DumpOpts; 97 /// A map that tracks all references (converted absolute references) so we 98 /// can verify each reference points to a valid DIE and not an offset that 99 /// lies between to valid DIEs. 100 std::map<uint64_t, std::set<uint64_t>> ReferenceToDIEOffsets; 101 uint32_t NumDebugLineErrors = 0; 102 // Used to relax some checks that do not currently work portably 103 bool IsObjectFile; 104 bool IsMachOObject; 105 106 raw_ostream &error() const; 107 raw_ostream &warn() const; 108 raw_ostream ¬e() const; 109 raw_ostream &dump(const DWARFDie &Die, unsigned indent = 0) const; 110 111 /// Verifies the abbreviations section. 112 /// 113 /// This function currently checks that: 114 /// --No abbreviation declaration has more than one attributes with the same 115 /// name. 116 /// 117 /// \param Abbrev Pointer to the abbreviations section we are verifying 118 /// Abbrev can be a pointer to either .debug_abbrev or debug_abbrev.dwo. 119 /// 120 /// \returns The number of errors that occurred during verification. 121 unsigned verifyAbbrevSection(const DWARFDebugAbbrev *Abbrev); 122 123 /// Verifies the header of a unit in a .debug_info or .debug_types section. 124 /// 125 /// This function currently checks for: 126 /// - Unit is in 32-bit DWARF format. The function can be modified to 127 /// support 64-bit format. 128 /// - The DWARF version is valid 129 /// - The unit type is valid (if unit is in version >=5) 130 /// - The unit doesn't extend beyond the containing section 131 /// - The address size is valid 132 /// - The offset in the .debug_abbrev section is valid 133 /// 134 /// \param DebugInfoData The section data 135 /// \param Offset A reference to the offset start of the unit. The offset will 136 /// be updated to point to the next unit in the section 137 /// \param UnitIndex The index of the unit to be verified 138 /// \param UnitType A reference to the type of the unit 139 /// \param isUnitDWARF64 A reference to a flag that shows whether the unit is 140 /// in 64-bit format. 141 /// 142 /// \returns true if the header is verified successfully, false otherwise. 143 bool verifyUnitHeader(const DWARFDataExtractor DebugInfoData, 144 uint64_t *Offset, unsigned UnitIndex, uint8_t &UnitType, 145 bool &isUnitDWARF64); 146 147 /// Verifies the header of a unit in a .debug_info or .debug_types section. 148 /// 149 /// This function currently verifies: 150 /// - The debug info attributes. 151 /// - The debug info form=s. 152 /// - The presence of a root DIE. 153 /// - That the root DIE is a unit DIE. 154 /// - If a unit type is provided, that the unit DIE matches the unit type. 155 /// - The DIE ranges. 156 /// - That call site entries are only nested within subprograms with a 157 /// DW_AT_call attribute. 158 /// 159 /// \param Unit The DWARF Unit to verify. 160 /// 161 /// \returns The number of errors that occurred during verification. 162 unsigned verifyUnitContents(DWARFUnit &Unit); 163 164 /// Verifies the unit headers and contents in a .debug_info or .debug_types 165 /// section. 166 /// 167 /// \param S The DWARF Section to verify. 168 /// \param SectionKind The object-file section kind that S comes from. 169 /// 170 /// \returns The number of errors that occurred during verification. 171 unsigned verifyUnitSection(const DWARFSection &S, 172 DWARFSectionKind SectionKind); 173 174 /// Verifies that a call site entry is nested within a subprogram with a 175 /// DW_AT_call attribute. 176 /// 177 /// \returns Number of errors that occurred during verification. 178 unsigned verifyDebugInfoCallSite(const DWARFDie &Die); 179 180 /// Verify that all Die ranges are valid. 181 /// 182 /// This function currently checks for: 183 /// - cases in which lowPC >= highPC 184 /// 185 /// \returns Number of errors that occurred during verification. 186 unsigned verifyDieRanges(const DWARFDie &Die, DieRangeInfo &ParentRI); 187 188 /// Verifies the attribute's DWARF attribute and its value. 189 /// 190 /// This function currently checks for: 191 /// - DW_AT_ranges values is a valid .debug_ranges offset 192 /// - DW_AT_stmt_list is a valid .debug_line offset 193 /// 194 /// \param Die The DWARF DIE that owns the attribute value 195 /// \param AttrValue The DWARF attribute value to check 196 /// 197 /// \returns NumErrors The number of errors occurred during verification of 198 /// attributes' values in a unit 199 unsigned verifyDebugInfoAttribute(const DWARFDie &Die, 200 DWARFAttribute &AttrValue); 201 202 /// Verifies the attribute's DWARF form. 203 /// 204 /// This function currently checks for: 205 /// - All DW_FORM_ref values that are CU relative have valid CU offsets 206 /// - All DW_FORM_ref_addr values have valid section offsets 207 /// - All DW_FORM_strp values have valid .debug_str offsets 208 /// 209 /// \param Die The DWARF DIE that owns the attribute value 210 /// \param AttrValue The DWARF attribute value to check 211 /// 212 /// \returns NumErrors The number of errors occurred during verification of 213 /// attributes' forms in a unit 214 unsigned verifyDebugInfoForm(const DWARFDie &Die, DWARFAttribute &AttrValue); 215 216 /// Verifies the all valid references that were found when iterating through 217 /// all of the DIE attributes. 218 /// 219 /// This function will verify that all references point to DIEs whose DIE 220 /// offset matches. This helps to ensure if a DWARF link phase moved things 221 /// around, that it doesn't create invalid references by failing to relocate 222 /// CU relative and absolute references. 223 /// 224 /// \returns NumErrors The number of errors occurred during verification of 225 /// references for the .debug_info and .debug_types sections 226 unsigned verifyDebugInfoReferences(); 227 228 /// Verify the DW_AT_stmt_list encoding and value and ensure that no 229 /// compile units that have the same DW_AT_stmt_list value. 230 void verifyDebugLineStmtOffsets(); 231 232 /// Verify that all of the rows in the line table are valid. 233 /// 234 /// This function currently checks for: 235 /// - addresses within a sequence that decrease in value 236 /// - invalid file indexes 237 void verifyDebugLineRows(); 238 239 /// Verify that an Apple-style accelerator table is valid. 240 /// 241 /// This function currently checks that: 242 /// - The fixed part of the header fits in the section 243 /// - The size of the section is as large as what the header describes 244 /// - There is at least one atom 245 /// - The form for each atom is valid 246 /// - The tag for each DIE in the table is valid 247 /// - The buckets have a valid index, or they are empty 248 /// - Each hashdata offset is valid 249 /// - Each DIE is valid 250 /// 251 /// \param AccelSection pointer to the section containing the acceleration table 252 /// \param StrData pointer to the string section 253 /// \param SectionName the name of the table we're verifying 254 /// 255 /// \returns The number of errors occurred during verification 256 unsigned verifyAppleAccelTable(const DWARFSection *AccelSection, 257 DataExtractor *StrData, 258 const char *SectionName); 259 260 unsigned verifyDebugNamesCULists(const DWARFDebugNames &AccelTable); 261 unsigned verifyNameIndexBuckets(const DWARFDebugNames::NameIndex &NI, 262 const DataExtractor &StrData); 263 unsigned verifyNameIndexAbbrevs(const DWARFDebugNames::NameIndex &NI); 264 unsigned verifyNameIndexAttribute(const DWARFDebugNames::NameIndex &NI, 265 const DWARFDebugNames::Abbrev &Abbr, 266 DWARFDebugNames::AttributeEncoding AttrEnc); 267 unsigned verifyNameIndexEntries(const DWARFDebugNames::NameIndex &NI, 268 const DWARFDebugNames::NameTableEntry &NTE); 269 unsigned verifyNameIndexCompleteness(const DWARFDie &Die, 270 const DWARFDebugNames::NameIndex &NI); 271 272 /// Verify that the DWARF v5 accelerator table is valid. 273 /// 274 /// This function currently checks that: 275 /// - Headers individual Name Indices fit into the section and can be parsed. 276 /// - Abbreviation tables can be parsed and contain valid index attributes 277 /// with correct form encodings. 278 /// - The CU lists reference existing compile units. 279 /// - The buckets have a valid index, or they are empty. 280 /// - All names are reachable via the hash table (they have the correct hash, 281 /// and the hash is in the correct bucket). 282 /// - Information in the index entries is complete (all required entries are 283 /// present) and consistent with the debug_info section DIEs. 284 /// 285 /// \param AccelSection section containing the acceleration table 286 /// \param StrData string section 287 /// 288 /// \returns The number of errors occurred during verification 289 unsigned verifyDebugNames(const DWARFSection &AccelSection, 290 const DataExtractor &StrData); 291 292 public: 293 DWARFVerifier(raw_ostream &S, DWARFContext &D, 294 DIDumpOptions DumpOpts = DIDumpOptions::getForSingleDIE()); 295 296 /// Verify the information in any of the following sections, if available: 297 /// .debug_abbrev, debug_abbrev.dwo 298 /// 299 /// Any errors are reported to the stream that was this object was 300 /// constructed with. 301 /// 302 /// \returns true if .debug_abbrev and .debug_abbrev.dwo verify successfully, 303 /// false otherwise. 304 bool handleDebugAbbrev(); 305 306 /// Verify the information in the .debug_info and .debug_types sections. 307 /// 308 /// Any errors are reported to the stream that this object was 309 /// constructed with. 310 /// 311 /// \returns true if all sections verify successfully, false otherwise. 312 bool handleDebugInfo(); 313 314 /// Verify the information in the .debug_line section. 315 /// 316 /// Any errors are reported to the stream that was this object was 317 /// constructed with. 318 /// 319 /// \returns true if the .debug_line verifies successfully, false otherwise. 320 bool handleDebugLine(); 321 322 /// Verify the information in accelerator tables, if they exist. 323 /// 324 /// Any errors are reported to the stream that was this object was 325 /// constructed with. 326 /// 327 /// \returns true if the existing Apple-style accelerator tables verify 328 /// successfully, false otherwise. 329 bool handleAccelTables(); 330 }; 331 332 static inline bool operator<(const DWARFVerifier::DieRangeInfo &LHS, 333 const DWARFVerifier::DieRangeInfo &RHS) { 334 return std::tie(LHS.Ranges, LHS.Die) < std::tie(RHS.Ranges, RHS.Die); 335 } 336 337 } // end namespace llvm 338 339 #endif // LLVM_DEBUGINFO_DWARF_DWARFCONTEXT_H 340