1 //===- DWARFVerifier.cpp --------------------------------------------------===//
2 //
3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4 // See https://llvm.org/LICENSE.txt for license information.
5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6 //
7 //===----------------------------------------------------------------------===//
8 #include "llvm/DebugInfo/DWARF/DWARFVerifier.h"
9 #include "llvm/ADT/SmallSet.h"
10 #include "llvm/DebugInfo/DWARF/DWARFCompileUnit.h"
11 #include "llvm/DebugInfo/DWARF/DWARFContext.h"
12 #include "llvm/DebugInfo/DWARF/DWARFDebugLine.h"
13 #include "llvm/DebugInfo/DWARF/DWARFDie.h"
14 #include "llvm/DebugInfo/DWARF/DWARFExpression.h"
15 #include "llvm/DebugInfo/DWARF/DWARFFormValue.h"
16 #include "llvm/DebugInfo/DWARF/DWARFSection.h"
17 #include "llvm/Support/DJB.h"
18 #include "llvm/Support/FormatVariadic.h"
19 #include "llvm/Support/WithColor.h"
20 #include "llvm/Support/raw_ostream.h"
21 #include <map>
22 #include <set>
23 #include <vector>
24 
25 using namespace llvm;
26 using namespace dwarf;
27 using namespace object;
28 
29 DWARFVerifier::DieRangeInfo::address_range_iterator
30 DWARFVerifier::DieRangeInfo::insert(const DWARFAddressRange &R) {
31   auto Begin = Ranges.begin();
32   auto End = Ranges.end();
33   auto Pos = std::lower_bound(Begin, End, R);
34 
35   if (Pos != End) {
36     if (Pos->intersects(R))
37       return std::move(Pos);
38     if (Pos != Begin) {
39       auto Iter = Pos - 1;
40       if (Iter->intersects(R))
41         return std::move(Iter);
42     }
43   }
44 
45   Ranges.insert(Pos, R);
46   return Ranges.end();
47 }
48 
49 DWARFVerifier::DieRangeInfo::die_range_info_iterator
50 DWARFVerifier::DieRangeInfo::insert(const DieRangeInfo &RI) {
51   auto End = Children.end();
52   auto Iter = Children.begin();
53   while (Iter != End) {
54     if (Iter->intersects(RI))
55       return Iter;
56     ++Iter;
57   }
58   Children.insert(RI);
59   return Children.end();
60 }
61 
62 bool DWARFVerifier::DieRangeInfo::contains(const DieRangeInfo &RHS) const {
63   auto I1 = Ranges.begin(), E1 = Ranges.end();
64   auto I2 = RHS.Ranges.begin(), E2 = RHS.Ranges.end();
65   if (I2 == E2)
66     return true;
67 
68   DWARFAddressRange R = *I2;
69   while (I1 != E1) {
70     bool Covered = I1->LowPC <= R.LowPC;
71     if (R.LowPC == R.HighPC || (Covered && R.HighPC <= I1->HighPC)) {
72       if (++I2 == E2)
73         return true;
74       R = *I2;
75       continue;
76     }
77     if (!Covered)
78       return false;
79     if (R.LowPC < I1->HighPC)
80       R.LowPC = I1->HighPC;
81     ++I1;
82   }
83   return false;
84 }
85 
86 bool DWARFVerifier::DieRangeInfo::intersects(const DieRangeInfo &RHS) const {
87   auto I1 = Ranges.begin(), E1 = Ranges.end();
88   auto I2 = RHS.Ranges.begin(), E2 = RHS.Ranges.end();
89   while (I1 != E1 && I2 != E2) {
90     if (I1->intersects(*I2))
91       return true;
92     if (I1->LowPC < I2->LowPC)
93       ++I1;
94     else
95       ++I2;
96   }
97   return false;
98 }
99 
100 bool DWARFVerifier::verifyUnitHeader(const DWARFDataExtractor DebugInfoData,
101                                      uint64_t *Offset, unsigned UnitIndex,
102                                      uint8_t &UnitType, bool &isUnitDWARF64) {
103   uint64_t AbbrOffset, Length;
104   uint8_t AddrSize = 0;
105   uint16_t Version;
106   bool Success = true;
107 
108   bool ValidLength = false;
109   bool ValidVersion = false;
110   bool ValidAddrSize = false;
111   bool ValidType = true;
112   bool ValidAbbrevOffset = true;
113 
114   uint64_t OffsetStart = *Offset;
115   DwarfFormat Format;
116   std::tie(Length, Format) = DebugInfoData.getInitialLength(Offset);
117   isUnitDWARF64 = Format == DWARF64;
118   Version = DebugInfoData.getU16(Offset);
119 
120   if (Version >= 5) {
121     UnitType = DebugInfoData.getU8(Offset);
122     AddrSize = DebugInfoData.getU8(Offset);
123     AbbrOffset = isUnitDWARF64 ? DebugInfoData.getU64(Offset) : DebugInfoData.getU32(Offset);
124     ValidType = dwarf::isUnitType(UnitType);
125   } else {
126     UnitType = 0;
127     AbbrOffset = isUnitDWARF64 ? DebugInfoData.getU64(Offset) : DebugInfoData.getU32(Offset);
128     AddrSize = DebugInfoData.getU8(Offset);
129   }
130 
131   if (!DCtx.getDebugAbbrev()->getAbbreviationDeclarationSet(AbbrOffset))
132     ValidAbbrevOffset = false;
133 
134   ValidLength = DebugInfoData.isValidOffset(OffsetStart + Length + 3);
135   ValidVersion = DWARFContext::isSupportedVersion(Version);
136   ValidAddrSize = AddrSize == 4 || AddrSize == 8;
137   if (!ValidLength || !ValidVersion || !ValidAddrSize || !ValidAbbrevOffset ||
138       !ValidType) {
139     Success = false;
140     error() << format("Units[%d] - start offset: 0x%08" PRIx64 " \n", UnitIndex,
141                       OffsetStart);
142     if (!ValidLength)
143       note() << "The length for this unit is too "
144                 "large for the .debug_info provided.\n";
145     if (!ValidVersion)
146       note() << "The 16 bit unit header version is not valid.\n";
147     if (!ValidType)
148       note() << "The unit type encoding is not valid.\n";
149     if (!ValidAbbrevOffset)
150       note() << "The offset into the .debug_abbrev section is "
151                 "not valid.\n";
152     if (!ValidAddrSize)
153       note() << "The address size is unsupported.\n";
154   }
155   *Offset = OffsetStart + Length + (isUnitDWARF64 ? 12 : 4);
156   return Success;
157 }
158 
159 unsigned DWARFVerifier::verifyUnitContents(DWARFUnit &Unit) {
160   unsigned NumUnitErrors = 0;
161   unsigned NumDies = Unit.getNumDIEs();
162   for (unsigned I = 0; I < NumDies; ++I) {
163     auto Die = Unit.getDIEAtIndex(I);
164 
165     if (Die.getTag() == DW_TAG_null)
166       continue;
167 
168     for (auto AttrValue : Die.attributes()) {
169       NumUnitErrors += verifyDebugInfoAttribute(Die, AttrValue);
170       NumUnitErrors += verifyDebugInfoForm(Die, AttrValue);
171     }
172 
173     NumUnitErrors += verifyDebugInfoCallSite(Die);
174   }
175 
176   DWARFDie Die = Unit.getUnitDIE(/* ExtractUnitDIEOnly = */ false);
177   if (!Die) {
178     error() << "Compilation unit without DIE.\n";
179     NumUnitErrors++;
180     return NumUnitErrors;
181   }
182 
183   if (!dwarf::isUnitType(Die.getTag())) {
184     error() << "Compilation unit root DIE is not a unit DIE: "
185             << dwarf::TagString(Die.getTag()) << ".\n";
186     NumUnitErrors++;
187   }
188 
189   uint8_t UnitType = Unit.getUnitType();
190   if (!DWARFUnit::isMatchingUnitTypeAndTag(UnitType, Die.getTag())) {
191     error() << "Compilation unit type (" << dwarf::UnitTypeString(UnitType)
192             << ") and root DIE (" << dwarf::TagString(Die.getTag())
193             << ") do not match.\n";
194     NumUnitErrors++;
195   }
196 
197   //  According to DWARF Debugging Information Format Version 5,
198   //  3.1.2 Skeleton Compilation Unit Entries:
199   //  "A skeleton compilation unit has no children."
200   if (Die.getTag() == dwarf::DW_TAG_skeleton_unit && Die.hasChildren()) {
201     error() << "Skeleton compilation unit has children.\n";
202     NumUnitErrors++;
203   }
204 
205   DieRangeInfo RI;
206   NumUnitErrors += verifyDieRanges(Die, RI);
207 
208   return NumUnitErrors;
209 }
210 
211 unsigned DWARFVerifier::verifyDebugInfoCallSite(const DWARFDie &Die) {
212   if (Die.getTag() != DW_TAG_call_site && Die.getTag() != DW_TAG_GNU_call_site)
213     return 0;
214 
215   DWARFDie Curr = Die.getParent();
216   for (; Curr.isValid() && !Curr.isSubprogramDIE(); Curr = Die.getParent()) {
217     if (Curr.getTag() == DW_TAG_inlined_subroutine) {
218       error() << "Call site entry nested within inlined subroutine:";
219       Curr.dump(OS);
220       return 1;
221     }
222   }
223 
224   if (!Curr.isValid()) {
225     error() << "Call site entry not nested within a valid subprogram:";
226     Die.dump(OS);
227     return 1;
228   }
229 
230   Optional<DWARFFormValue> CallAttr =
231       Curr.find({DW_AT_call_all_calls, DW_AT_call_all_source_calls,
232                  DW_AT_call_all_tail_calls, DW_AT_GNU_all_call_sites,
233                  DW_AT_GNU_all_source_call_sites,
234                  DW_AT_GNU_all_tail_call_sites});
235   if (!CallAttr) {
236     error() << "Subprogram with call site entry has no DW_AT_call attribute:";
237     Curr.dump(OS);
238     Die.dump(OS, /*indent*/ 1);
239     return 1;
240   }
241 
242   return 0;
243 }
244 
245 unsigned DWARFVerifier::verifyAbbrevSection(const DWARFDebugAbbrev *Abbrev) {
246   unsigned NumErrors = 0;
247   if (Abbrev) {
248     const DWARFAbbreviationDeclarationSet *AbbrDecls =
249         Abbrev->getAbbreviationDeclarationSet(0);
250     for (auto AbbrDecl : *AbbrDecls) {
251       SmallDenseSet<uint16_t> AttributeSet;
252       for (auto Attribute : AbbrDecl.attributes()) {
253         auto Result = AttributeSet.insert(Attribute.Attr);
254         if (!Result.second) {
255           error() << "Abbreviation declaration contains multiple "
256                   << AttributeString(Attribute.Attr) << " attributes.\n";
257           AbbrDecl.dump(OS);
258           ++NumErrors;
259         }
260       }
261     }
262   }
263   return NumErrors;
264 }
265 
266 bool DWARFVerifier::handleDebugAbbrev() {
267   OS << "Verifying .debug_abbrev...\n";
268 
269   const DWARFObject &DObj = DCtx.getDWARFObj();
270   unsigned NumErrors = 0;
271   if (!DObj.getAbbrevSection().empty())
272     NumErrors += verifyAbbrevSection(DCtx.getDebugAbbrev());
273   if (!DObj.getAbbrevDWOSection().empty())
274     NumErrors += verifyAbbrevSection(DCtx.getDebugAbbrevDWO());
275 
276   return NumErrors == 0;
277 }
278 
279 unsigned DWARFVerifier::verifyUnitSection(const DWARFSection &S,
280                                           DWARFSectionKind SectionKind) {
281   const DWARFObject &DObj = DCtx.getDWARFObj();
282   DWARFDataExtractor DebugInfoData(DObj, S, DCtx.isLittleEndian(), 0);
283   unsigned NumDebugInfoErrors = 0;
284   uint64_t OffsetStart = 0, Offset = 0, UnitIdx = 0;
285   uint8_t UnitType = 0;
286   bool isUnitDWARF64 = false;
287   bool isHeaderChainValid = true;
288   bool hasDIE = DebugInfoData.isValidOffset(Offset);
289   DWARFUnitVector TypeUnitVector;
290   DWARFUnitVector CompileUnitVector;
291   while (hasDIE) {
292     OffsetStart = Offset;
293     if (!verifyUnitHeader(DebugInfoData, &Offset, UnitIdx, UnitType,
294                           isUnitDWARF64)) {
295       isHeaderChainValid = false;
296       if (isUnitDWARF64)
297         break;
298     } else {
299       DWARFUnitHeader Header;
300       Header.extract(DCtx, DebugInfoData, &OffsetStart, SectionKind);
301       DWARFUnit *Unit;
302       switch (UnitType) {
303       case dwarf::DW_UT_type:
304       case dwarf::DW_UT_split_type: {
305         Unit = TypeUnitVector.addUnit(std::make_unique<DWARFTypeUnit>(
306             DCtx, S, Header, DCtx.getDebugAbbrev(), &DObj.getRangesSection(),
307             &DObj.getLocSection(), DObj.getStrSection(),
308             DObj.getStrOffsetsSection(), &DObj.getAppleObjCSection(),
309             DObj.getLineSection(), DCtx.isLittleEndian(), false,
310             TypeUnitVector));
311         break;
312       }
313       case dwarf::DW_UT_skeleton:
314       case dwarf::DW_UT_split_compile:
315       case dwarf::DW_UT_compile:
316       case dwarf::DW_UT_partial:
317       // UnitType = 0 means that we are verifying a compile unit in DWARF v4.
318       case 0: {
319         Unit = CompileUnitVector.addUnit(std::make_unique<DWARFCompileUnit>(
320             DCtx, S, Header, DCtx.getDebugAbbrev(), &DObj.getRangesSection(),
321             &DObj.getLocSection(), DObj.getStrSection(),
322             DObj.getStrOffsetsSection(), &DObj.getAppleObjCSection(),
323             DObj.getLineSection(), DCtx.isLittleEndian(), false,
324             CompileUnitVector));
325         break;
326       }
327       default: { llvm_unreachable("Invalid UnitType."); }
328       }
329       NumDebugInfoErrors += verifyUnitContents(*Unit);
330     }
331     hasDIE = DebugInfoData.isValidOffset(Offset);
332     ++UnitIdx;
333   }
334   if (UnitIdx == 0 && !hasDIE) {
335     warn() << "Section is empty.\n";
336     isHeaderChainValid = true;
337   }
338   if (!isHeaderChainValid)
339     ++NumDebugInfoErrors;
340   NumDebugInfoErrors += verifyDebugInfoReferences();
341   return NumDebugInfoErrors;
342 }
343 
344 bool DWARFVerifier::handleDebugInfo() {
345   const DWARFObject &DObj = DCtx.getDWARFObj();
346   unsigned NumErrors = 0;
347 
348   OS << "Verifying .debug_info Unit Header Chain...\n";
349   DObj.forEachInfoSections([&](const DWARFSection &S) {
350     NumErrors += verifyUnitSection(S, DW_SECT_INFO);
351   });
352 
353   OS << "Verifying .debug_types Unit Header Chain...\n";
354   DObj.forEachTypesSections([&](const DWARFSection &S) {
355     NumErrors += verifyUnitSection(S, DW_SECT_EXT_TYPES);
356   });
357   return NumErrors == 0;
358 }
359 
360 unsigned DWARFVerifier::verifyDieRanges(const DWARFDie &Die,
361                                         DieRangeInfo &ParentRI) {
362   unsigned NumErrors = 0;
363 
364   if (!Die.isValid())
365     return NumErrors;
366 
367   auto RangesOrError = Die.getAddressRanges();
368   if (!RangesOrError) {
369     // FIXME: Report the error.
370     ++NumErrors;
371     llvm::consumeError(RangesOrError.takeError());
372     return NumErrors;
373   }
374 
375   DWARFAddressRangesVector Ranges = RangesOrError.get();
376   // Build RI for this DIE and check that ranges within this DIE do not
377   // overlap.
378   DieRangeInfo RI(Die);
379 
380   // TODO support object files better
381   //
382   // Some object file formats (i.e. non-MachO) support COMDAT.  ELF in
383   // particular does so by placing each function into a section.  The DWARF data
384   // for the function at that point uses a section relative DW_FORM_addrp for
385   // the DW_AT_low_pc and a DW_FORM_data4 for the offset as the DW_AT_high_pc.
386   // In such a case, when the Die is the CU, the ranges will overlap, and we
387   // will flag valid conflicting ranges as invalid.
388   //
389   // For such targets, we should read the ranges from the CU and partition them
390   // by the section id.  The ranges within a particular section should be
391   // disjoint, although the ranges across sections may overlap.  We would map
392   // the child die to the entity that it references and the section with which
393   // it is associated.  The child would then be checked against the range
394   // information for the associated section.
395   //
396   // For now, simply elide the range verification for the CU DIEs if we are
397   // processing an object file.
398 
399   if (!IsObjectFile || IsMachOObject || Die.getTag() != DW_TAG_compile_unit) {
400     for (auto Range : Ranges) {
401       if (!Range.valid()) {
402         ++NumErrors;
403         error() << "Invalid address range " << Range << "\n";
404         continue;
405       }
406 
407       // Verify that ranges don't intersect.
408       const auto IntersectingRange = RI.insert(Range);
409       if (IntersectingRange != RI.Ranges.end()) {
410         ++NumErrors;
411         error() << "DIE has overlapping address ranges: " << Range << " and "
412                 << *IntersectingRange << "\n";
413         break;
414       }
415     }
416   }
417 
418   // Verify that children don't intersect.
419   const auto IntersectingChild = ParentRI.insert(RI);
420   if (IntersectingChild != ParentRI.Children.end()) {
421     ++NumErrors;
422     error() << "DIEs have overlapping address ranges:";
423     dump(Die);
424     dump(IntersectingChild->Die) << '\n';
425   }
426 
427   // Verify that ranges are contained within their parent.
428   bool ShouldBeContained = !Ranges.empty() && !ParentRI.Ranges.empty() &&
429                            !(Die.getTag() == DW_TAG_subprogram &&
430                              ParentRI.Die.getTag() == DW_TAG_subprogram);
431   if (ShouldBeContained && !ParentRI.contains(RI)) {
432     ++NumErrors;
433     error() << "DIE address ranges are not contained in its parent's ranges:";
434     dump(ParentRI.Die);
435     dump(Die, 2) << '\n';
436   }
437 
438   // Recursively check children.
439   for (DWARFDie Child : Die)
440     NumErrors += verifyDieRanges(Child, RI);
441 
442   return NumErrors;
443 }
444 
445 unsigned DWARFVerifier::verifyDebugInfoAttribute(const DWARFDie &Die,
446                                                  DWARFAttribute &AttrValue) {
447   unsigned NumErrors = 0;
448   auto ReportError = [&](const Twine &TitleMsg) {
449     ++NumErrors;
450     error() << TitleMsg << '\n';
451     dump(Die) << '\n';
452   };
453 
454   const DWARFObject &DObj = DCtx.getDWARFObj();
455   const auto Attr = AttrValue.Attr;
456   switch (Attr) {
457   case DW_AT_ranges:
458     // Make sure the offset in the DW_AT_ranges attribute is valid.
459     if (auto SectionOffset = AttrValue.Value.getAsSectionOffset()) {
460       if (*SectionOffset >= DObj.getRangesSection().Data.size())
461         ReportError("DW_AT_ranges offset is beyond .debug_ranges bounds:");
462       break;
463     }
464     ReportError("DIE has invalid DW_AT_ranges encoding:");
465     break;
466   case DW_AT_stmt_list:
467     // Make sure the offset in the DW_AT_stmt_list attribute is valid.
468     if (auto SectionOffset = AttrValue.Value.getAsSectionOffset()) {
469       if (*SectionOffset >= DObj.getLineSection().Data.size())
470         ReportError("DW_AT_stmt_list offset is beyond .debug_line bounds: " +
471                     llvm::formatv("{0:x8}", *SectionOffset));
472       break;
473     }
474     ReportError("DIE has invalid DW_AT_stmt_list encoding:");
475     break;
476   case DW_AT_location: {
477     if (Expected<std::vector<DWARFLocationExpression>> Loc =
478             Die.getLocations(DW_AT_location)) {
479       DWARFUnit *U = Die.getDwarfUnit();
480       for (const auto &Entry : *Loc) {
481         DataExtractor Data(toStringRef(Entry.Expr), DCtx.isLittleEndian(), 0);
482         DWARFExpression Expression(Data, U->getAddressByteSize());
483         bool Error = any_of(Expression, [](DWARFExpression::Operation &Op) {
484           return Op.isError();
485         });
486         if (Error || !Expression.verify(U))
487           ReportError("DIE contains invalid DWARF expression:");
488       }
489     } else
490       ReportError(toString(Loc.takeError()));
491     break;
492   }
493   case DW_AT_specification:
494   case DW_AT_abstract_origin: {
495     if (auto ReferencedDie = Die.getAttributeValueAsReferencedDie(Attr)) {
496       auto DieTag = Die.getTag();
497       auto RefTag = ReferencedDie.getTag();
498       if (DieTag == RefTag)
499         break;
500       if (DieTag == DW_TAG_inlined_subroutine && RefTag == DW_TAG_subprogram)
501         break;
502       if (DieTag == DW_TAG_variable && RefTag == DW_TAG_member)
503         break;
504       // This might be reference to a function declaration.
505       if (DieTag == DW_TAG_GNU_call_site && RefTag == DW_TAG_subprogram)
506         break;
507       ReportError("DIE with tag " + TagString(DieTag) + " has " +
508                   AttributeString(Attr) +
509                   " that points to DIE with "
510                   "incompatible tag " +
511                   TagString(RefTag));
512     }
513     break;
514   }
515   case DW_AT_type: {
516     DWARFDie TypeDie = Die.getAttributeValueAsReferencedDie(DW_AT_type);
517     if (TypeDie && !isType(TypeDie.getTag())) {
518       ReportError("DIE has " + AttributeString(Attr) +
519                   " with incompatible tag " + TagString(TypeDie.getTag()));
520     }
521     break;
522   }
523   default:
524     break;
525   }
526   return NumErrors;
527 }
528 
529 unsigned DWARFVerifier::verifyDebugInfoForm(const DWARFDie &Die,
530                                             DWARFAttribute &AttrValue) {
531   const DWARFObject &DObj = DCtx.getDWARFObj();
532   auto DieCU = Die.getDwarfUnit();
533   unsigned NumErrors = 0;
534   const auto Form = AttrValue.Value.getForm();
535   switch (Form) {
536   case DW_FORM_ref1:
537   case DW_FORM_ref2:
538   case DW_FORM_ref4:
539   case DW_FORM_ref8:
540   case DW_FORM_ref_udata: {
541     // Verify all CU relative references are valid CU offsets.
542     Optional<uint64_t> RefVal = AttrValue.Value.getAsReference();
543     assert(RefVal);
544     if (RefVal) {
545       auto CUSize = DieCU->getNextUnitOffset() - DieCU->getOffset();
546       auto CUOffset = AttrValue.Value.getRawUValue();
547       if (CUOffset >= CUSize) {
548         ++NumErrors;
549         error() << FormEncodingString(Form) << " CU offset "
550                 << format("0x%08" PRIx64, CUOffset)
551                 << " is invalid (must be less than CU size of "
552                 << format("0x%08" PRIx64, CUSize) << "):\n";
553         Die.dump(OS, 0, DumpOpts);
554         dump(Die) << '\n';
555       } else {
556         // Valid reference, but we will verify it points to an actual
557         // DIE later.
558         ReferenceToDIEOffsets[*RefVal].insert(Die.getOffset());
559       }
560     }
561     break;
562   }
563   case DW_FORM_ref_addr: {
564     // Verify all absolute DIE references have valid offsets in the
565     // .debug_info section.
566     Optional<uint64_t> RefVal = AttrValue.Value.getAsReference();
567     assert(RefVal);
568     if (RefVal) {
569       if (*RefVal >= DieCU->getInfoSection().Data.size()) {
570         ++NumErrors;
571         error() << "DW_FORM_ref_addr offset beyond .debug_info "
572                    "bounds:\n";
573         dump(Die) << '\n';
574       } else {
575         // Valid reference, but we will verify it points to an actual
576         // DIE later.
577         ReferenceToDIEOffsets[*RefVal].insert(Die.getOffset());
578       }
579     }
580     break;
581   }
582   case DW_FORM_strp: {
583     auto SecOffset = AttrValue.Value.getAsSectionOffset();
584     assert(SecOffset); // DW_FORM_strp is a section offset.
585     if (SecOffset && *SecOffset >= DObj.getStrSection().size()) {
586       ++NumErrors;
587       error() << "DW_FORM_strp offset beyond .debug_str bounds:\n";
588       dump(Die) << '\n';
589     }
590     break;
591   }
592   case DW_FORM_strx:
593   case DW_FORM_strx1:
594   case DW_FORM_strx2:
595   case DW_FORM_strx3:
596   case DW_FORM_strx4: {
597     auto Index = AttrValue.Value.getRawUValue();
598     auto DieCU = Die.getDwarfUnit();
599     // Check that we have a valid DWARF v5 string offsets table.
600     if (!DieCU->getStringOffsetsTableContribution()) {
601       ++NumErrors;
602       error() << FormEncodingString(Form)
603               << " used without a valid string offsets table:\n";
604       dump(Die) << '\n';
605       break;
606     }
607     // Check that the index is within the bounds of the section.
608     unsigned ItemSize = DieCU->getDwarfStringOffsetsByteSize();
609     // Use a 64-bit type to calculate the offset to guard against overflow.
610     uint64_t Offset =
611         (uint64_t)DieCU->getStringOffsetsBase() + Index * ItemSize;
612     if (DObj.getStrOffsetsSection().Data.size() < Offset + ItemSize) {
613       ++NumErrors;
614       error() << FormEncodingString(Form) << " uses index "
615               << format("%" PRIu64, Index) << ", which is too large:\n";
616       dump(Die) << '\n';
617       break;
618     }
619     // Check that the string offset is valid.
620     uint64_t StringOffset = *DieCU->getStringOffsetSectionItem(Index);
621     if (StringOffset >= DObj.getStrSection().size()) {
622       ++NumErrors;
623       error() << FormEncodingString(Form) << " uses index "
624               << format("%" PRIu64, Index)
625               << ", but the referenced string"
626                  " offset is beyond .debug_str bounds:\n";
627       dump(Die) << '\n';
628     }
629     break;
630   }
631   default:
632     break;
633   }
634   return NumErrors;
635 }
636 
637 unsigned DWARFVerifier::verifyDebugInfoReferences() {
638   // Take all references and make sure they point to an actual DIE by
639   // getting the DIE by offset and emitting an error
640   OS << "Verifying .debug_info references...\n";
641   unsigned NumErrors = 0;
642   for (const std::pair<const uint64_t, std::set<uint64_t>> &Pair :
643        ReferenceToDIEOffsets) {
644     if (DCtx.getDIEForOffset(Pair.first))
645       continue;
646     ++NumErrors;
647     error() << "invalid DIE reference " << format("0x%08" PRIx64, Pair.first)
648             << ". Offset is in between DIEs:\n";
649     for (auto Offset : Pair.second)
650       dump(DCtx.getDIEForOffset(Offset)) << '\n';
651     OS << "\n";
652   }
653   return NumErrors;
654 }
655 
656 void DWARFVerifier::verifyDebugLineStmtOffsets() {
657   std::map<uint64_t, DWARFDie> StmtListToDie;
658   for (const auto &CU : DCtx.compile_units()) {
659     auto Die = CU->getUnitDIE();
660     // Get the attribute value as a section offset. No need to produce an
661     // error here if the encoding isn't correct because we validate this in
662     // the .debug_info verifier.
663     auto StmtSectionOffset = toSectionOffset(Die.find(DW_AT_stmt_list));
664     if (!StmtSectionOffset)
665       continue;
666     const uint64_t LineTableOffset = *StmtSectionOffset;
667     auto LineTable = DCtx.getLineTableForUnit(CU.get());
668     if (LineTableOffset < DCtx.getDWARFObj().getLineSection().Data.size()) {
669       if (!LineTable) {
670         ++NumDebugLineErrors;
671         error() << ".debug_line[" << format("0x%08" PRIx64, LineTableOffset)
672                 << "] was not able to be parsed for CU:\n";
673         dump(Die) << '\n';
674         continue;
675       }
676     } else {
677       // Make sure we don't get a valid line table back if the offset is wrong.
678       assert(LineTable == nullptr);
679       // Skip this line table as it isn't valid. No need to create an error
680       // here because we validate this in the .debug_info verifier.
681       continue;
682     }
683     auto Iter = StmtListToDie.find(LineTableOffset);
684     if (Iter != StmtListToDie.end()) {
685       ++NumDebugLineErrors;
686       error() << "two compile unit DIEs, "
687               << format("0x%08" PRIx64, Iter->second.getOffset()) << " and "
688               << format("0x%08" PRIx64, Die.getOffset())
689               << ", have the same DW_AT_stmt_list section offset:\n";
690       dump(Iter->second);
691       dump(Die) << '\n';
692       // Already verified this line table before, no need to do it again.
693       continue;
694     }
695     StmtListToDie[LineTableOffset] = Die;
696   }
697 }
698 
699 void DWARFVerifier::verifyDebugLineRows() {
700   for (const auto &CU : DCtx.compile_units()) {
701     auto Die = CU->getUnitDIE();
702     auto LineTable = DCtx.getLineTableForUnit(CU.get());
703     // If there is no line table we will have created an error in the
704     // .debug_info verifier or in verifyDebugLineStmtOffsets().
705     if (!LineTable)
706       continue;
707 
708     // Verify prologue.
709     uint32_t MaxDirIndex = LineTable->Prologue.IncludeDirectories.size();
710     uint32_t FileIndex = 1;
711     StringMap<uint16_t> FullPathMap;
712     for (const auto &FileName : LineTable->Prologue.FileNames) {
713       // Verify directory index.
714       if (FileName.DirIdx > MaxDirIndex) {
715         ++NumDebugLineErrors;
716         error() << ".debug_line["
717                 << format("0x%08" PRIx64,
718                           *toSectionOffset(Die.find(DW_AT_stmt_list)))
719                 << "].prologue.file_names[" << FileIndex
720                 << "].dir_idx contains an invalid index: " << FileName.DirIdx
721                 << "\n";
722       }
723 
724       // Check file paths for duplicates.
725       std::string FullPath;
726       const bool HasFullPath = LineTable->getFileNameByIndex(
727           FileIndex, CU->getCompilationDir(),
728           DILineInfoSpecifier::FileLineInfoKind::AbsoluteFilePath, FullPath);
729       assert(HasFullPath && "Invalid index?");
730       (void)HasFullPath;
731       auto It = FullPathMap.find(FullPath);
732       if (It == FullPathMap.end())
733         FullPathMap[FullPath] = FileIndex;
734       else if (It->second != FileIndex) {
735         warn() << ".debug_line["
736                << format("0x%08" PRIx64,
737                          *toSectionOffset(Die.find(DW_AT_stmt_list)))
738                << "].prologue.file_names[" << FileIndex
739                << "] is a duplicate of file_names[" << It->second << "]\n";
740       }
741 
742       FileIndex++;
743     }
744 
745     // Verify rows.
746     uint64_t PrevAddress = 0;
747     uint32_t RowIndex = 0;
748     for (const auto &Row : LineTable->Rows) {
749       // Verify row address.
750       if (Row.Address.Address < PrevAddress) {
751         ++NumDebugLineErrors;
752         error() << ".debug_line["
753                 << format("0x%08" PRIx64,
754                           *toSectionOffset(Die.find(DW_AT_stmt_list)))
755                 << "] row[" << RowIndex
756                 << "] decreases in address from previous row:\n";
757 
758         DWARFDebugLine::Row::dumpTableHeader(OS);
759         if (RowIndex > 0)
760           LineTable->Rows[RowIndex - 1].dump(OS);
761         Row.dump(OS);
762         OS << '\n';
763       }
764 
765       // Verify file index.
766       if (!LineTable->hasFileAtIndex(Row.File)) {
767         ++NumDebugLineErrors;
768         bool isDWARF5 = LineTable->Prologue.getVersion() >= 5;
769         error() << ".debug_line["
770                 << format("0x%08" PRIx64,
771                           *toSectionOffset(Die.find(DW_AT_stmt_list)))
772                 << "][" << RowIndex << "] has invalid file index " << Row.File
773                 << " (valid values are [" << (isDWARF5 ? "0," : "1,")
774                 << LineTable->Prologue.FileNames.size()
775                 << (isDWARF5 ? ")" : "]") << "):\n";
776         DWARFDebugLine::Row::dumpTableHeader(OS);
777         Row.dump(OS);
778         OS << '\n';
779       }
780       if (Row.EndSequence)
781         PrevAddress = 0;
782       else
783         PrevAddress = Row.Address.Address;
784       ++RowIndex;
785     }
786   }
787 }
788 
789 DWARFVerifier::DWARFVerifier(raw_ostream &S, DWARFContext &D,
790                              DIDumpOptions DumpOpts)
791     : OS(S), DCtx(D), DumpOpts(std::move(DumpOpts)), IsObjectFile(false),
792       IsMachOObject(false) {
793   if (const auto *F = DCtx.getDWARFObj().getFile()) {
794     IsObjectFile = F->isRelocatableObject();
795     IsMachOObject = F->isMachO();
796   }
797 }
798 
799 bool DWARFVerifier::handleDebugLine() {
800   NumDebugLineErrors = 0;
801   OS << "Verifying .debug_line...\n";
802   verifyDebugLineStmtOffsets();
803   verifyDebugLineRows();
804   return NumDebugLineErrors == 0;
805 }
806 
807 unsigned DWARFVerifier::verifyAppleAccelTable(const DWARFSection *AccelSection,
808                                               DataExtractor *StrData,
809                                               const char *SectionName) {
810   unsigned NumErrors = 0;
811   DWARFDataExtractor AccelSectionData(DCtx.getDWARFObj(), *AccelSection,
812                                       DCtx.isLittleEndian(), 0);
813   AppleAcceleratorTable AccelTable(AccelSectionData, *StrData);
814 
815   OS << "Verifying " << SectionName << "...\n";
816 
817   // Verify that the fixed part of the header is not too short.
818   if (!AccelSectionData.isValidOffset(AccelTable.getSizeHdr())) {
819     error() << "Section is too small to fit a section header.\n";
820     return 1;
821   }
822 
823   // Verify that the section is not too short.
824   if (Error E = AccelTable.extract()) {
825     error() << toString(std::move(E)) << '\n';
826     return 1;
827   }
828 
829   // Verify that all buckets have a valid hash index or are empty.
830   uint32_t NumBuckets = AccelTable.getNumBuckets();
831   uint32_t NumHashes = AccelTable.getNumHashes();
832 
833   uint64_t BucketsOffset =
834       AccelTable.getSizeHdr() + AccelTable.getHeaderDataLength();
835   uint64_t HashesBase = BucketsOffset + NumBuckets * 4;
836   uint64_t OffsetsBase = HashesBase + NumHashes * 4;
837   for (uint32_t BucketIdx = 0; BucketIdx < NumBuckets; ++BucketIdx) {
838     uint32_t HashIdx = AccelSectionData.getU32(&BucketsOffset);
839     if (HashIdx >= NumHashes && HashIdx != UINT32_MAX) {
840       error() << format("Bucket[%d] has invalid hash index: %u.\n", BucketIdx,
841                         HashIdx);
842       ++NumErrors;
843     }
844   }
845   uint32_t NumAtoms = AccelTable.getAtomsDesc().size();
846   if (NumAtoms == 0) {
847     error() << "No atoms: failed to read HashData.\n";
848     return 1;
849   }
850   if (!AccelTable.validateForms()) {
851     error() << "Unsupported form: failed to read HashData.\n";
852     return 1;
853   }
854 
855   for (uint32_t HashIdx = 0; HashIdx < NumHashes; ++HashIdx) {
856     uint64_t HashOffset = HashesBase + 4 * HashIdx;
857     uint64_t DataOffset = OffsetsBase + 4 * HashIdx;
858     uint32_t Hash = AccelSectionData.getU32(&HashOffset);
859     uint64_t HashDataOffset = AccelSectionData.getU32(&DataOffset);
860     if (!AccelSectionData.isValidOffsetForDataOfSize(HashDataOffset,
861                                                      sizeof(uint64_t))) {
862       error() << format("Hash[%d] has invalid HashData offset: "
863                         "0x%08" PRIx64 ".\n",
864                         HashIdx, HashDataOffset);
865       ++NumErrors;
866     }
867 
868     uint64_t StrpOffset;
869     uint64_t StringOffset;
870     uint32_t StringCount = 0;
871     uint64_t Offset;
872     unsigned Tag;
873     while ((StrpOffset = AccelSectionData.getU32(&HashDataOffset)) != 0) {
874       const uint32_t NumHashDataObjects =
875           AccelSectionData.getU32(&HashDataOffset);
876       for (uint32_t HashDataIdx = 0; HashDataIdx < NumHashDataObjects;
877            ++HashDataIdx) {
878         std::tie(Offset, Tag) = AccelTable.readAtoms(&HashDataOffset);
879         auto Die = DCtx.getDIEForOffset(Offset);
880         if (!Die) {
881           const uint32_t BucketIdx =
882               NumBuckets ? (Hash % NumBuckets) : UINT32_MAX;
883           StringOffset = StrpOffset;
884           const char *Name = StrData->getCStr(&StringOffset);
885           if (!Name)
886             Name = "<NULL>";
887 
888           error() << format(
889               "%s Bucket[%d] Hash[%d] = 0x%08x "
890               "Str[%u] = 0x%08" PRIx64 " DIE[%d] = 0x%08" PRIx64 " "
891               "is not a valid DIE offset for \"%s\".\n",
892               SectionName, BucketIdx, HashIdx, Hash, StringCount, StrpOffset,
893               HashDataIdx, Offset, Name);
894 
895           ++NumErrors;
896           continue;
897         }
898         if ((Tag != dwarf::DW_TAG_null) && (Die.getTag() != Tag)) {
899           error() << "Tag " << dwarf::TagString(Tag)
900                   << " in accelerator table does not match Tag "
901                   << dwarf::TagString(Die.getTag()) << " of DIE[" << HashDataIdx
902                   << "].\n";
903           ++NumErrors;
904         }
905       }
906       ++StringCount;
907     }
908   }
909   return NumErrors;
910 }
911 
912 unsigned
913 DWARFVerifier::verifyDebugNamesCULists(const DWARFDebugNames &AccelTable) {
914   // A map from CU offset to the (first) Name Index offset which claims to index
915   // this CU.
916   DenseMap<uint64_t, uint64_t> CUMap;
917   const uint64_t NotIndexed = std::numeric_limits<uint64_t>::max();
918 
919   CUMap.reserve(DCtx.getNumCompileUnits());
920   for (const auto &CU : DCtx.compile_units())
921     CUMap[CU->getOffset()] = NotIndexed;
922 
923   unsigned NumErrors = 0;
924   for (const DWARFDebugNames::NameIndex &NI : AccelTable) {
925     if (NI.getCUCount() == 0) {
926       error() << formatv("Name Index @ {0:x} does not index any CU\n",
927                          NI.getUnitOffset());
928       ++NumErrors;
929       continue;
930     }
931     for (uint32_t CU = 0, End = NI.getCUCount(); CU < End; ++CU) {
932       uint64_t Offset = NI.getCUOffset(CU);
933       auto Iter = CUMap.find(Offset);
934 
935       if (Iter == CUMap.end()) {
936         error() << formatv(
937             "Name Index @ {0:x} references a non-existing CU @ {1:x}\n",
938             NI.getUnitOffset(), Offset);
939         ++NumErrors;
940         continue;
941       }
942 
943       if (Iter->second != NotIndexed) {
944         error() << formatv("Name Index @ {0:x} references a CU @ {1:x}, but "
945                            "this CU is already indexed by Name Index @ {2:x}\n",
946                            NI.getUnitOffset(), Offset, Iter->second);
947         continue;
948       }
949       Iter->second = NI.getUnitOffset();
950     }
951   }
952 
953   for (const auto &KV : CUMap) {
954     if (KV.second == NotIndexed)
955       warn() << formatv("CU @ {0:x} not covered by any Name Index\n", KV.first);
956   }
957 
958   return NumErrors;
959 }
960 
961 unsigned
962 DWARFVerifier::verifyNameIndexBuckets(const DWARFDebugNames::NameIndex &NI,
963                                       const DataExtractor &StrData) {
964   struct BucketInfo {
965     uint32_t Bucket;
966     uint32_t Index;
967 
968     constexpr BucketInfo(uint32_t Bucket, uint32_t Index)
969         : Bucket(Bucket), Index(Index) {}
970     bool operator<(const BucketInfo &RHS) const { return Index < RHS.Index; }
971   };
972 
973   uint32_t NumErrors = 0;
974   if (NI.getBucketCount() == 0) {
975     warn() << formatv("Name Index @ {0:x} does not contain a hash table.\n",
976                       NI.getUnitOffset());
977     return NumErrors;
978   }
979 
980   // Build up a list of (Bucket, Index) pairs. We use this later to verify that
981   // each Name is reachable from the appropriate bucket.
982   std::vector<BucketInfo> BucketStarts;
983   BucketStarts.reserve(NI.getBucketCount() + 1);
984   for (uint32_t Bucket = 0, End = NI.getBucketCount(); Bucket < End; ++Bucket) {
985     uint32_t Index = NI.getBucketArrayEntry(Bucket);
986     if (Index > NI.getNameCount()) {
987       error() << formatv("Bucket {0} of Name Index @ {1:x} contains invalid "
988                          "value {2}. Valid range is [0, {3}].\n",
989                          Bucket, NI.getUnitOffset(), Index, NI.getNameCount());
990       ++NumErrors;
991       continue;
992     }
993     if (Index > 0)
994       BucketStarts.emplace_back(Bucket, Index);
995   }
996 
997   // If there were any buckets with invalid values, skip further checks as they
998   // will likely produce many errors which will only confuse the actual root
999   // problem.
1000   if (NumErrors > 0)
1001     return NumErrors;
1002 
1003   // Sort the list in the order of increasing "Index" entries.
1004   array_pod_sort(BucketStarts.begin(), BucketStarts.end());
1005 
1006   // Insert a sentinel entry at the end, so we can check that the end of the
1007   // table is covered in the loop below.
1008   BucketStarts.emplace_back(NI.getBucketCount(), NI.getNameCount() + 1);
1009 
1010   // Loop invariant: NextUncovered is the (1-based) index of the first Name
1011   // which is not reachable by any of the buckets we processed so far (and
1012   // hasn't been reported as uncovered).
1013   uint32_t NextUncovered = 1;
1014   for (const BucketInfo &B : BucketStarts) {
1015     // Under normal circumstances B.Index be equal to NextUncovered, but it can
1016     // be less if a bucket points to names which are already known to be in some
1017     // bucket we processed earlier. In that case, we won't trigger this error,
1018     // but report the mismatched hash value error instead. (We know the hash
1019     // will not match because we have already verified that the name's hash
1020     // puts it into the previous bucket.)
1021     if (B.Index > NextUncovered) {
1022       error() << formatv("Name Index @ {0:x}: Name table entries [{1}, {2}] "
1023                          "are not covered by the hash table.\n",
1024                          NI.getUnitOffset(), NextUncovered, B.Index - 1);
1025       ++NumErrors;
1026     }
1027     uint32_t Idx = B.Index;
1028 
1029     // The rest of the checks apply only to non-sentinel entries.
1030     if (B.Bucket == NI.getBucketCount())
1031       break;
1032 
1033     // This triggers if a non-empty bucket points to a name with a mismatched
1034     // hash. Clients are likely to interpret this as an empty bucket, because a
1035     // mismatched hash signals the end of a bucket, but if this is indeed an
1036     // empty bucket, the producer should have signalled this by marking the
1037     // bucket as empty.
1038     uint32_t FirstHash = NI.getHashArrayEntry(Idx);
1039     if (FirstHash % NI.getBucketCount() != B.Bucket) {
1040       error() << formatv(
1041           "Name Index @ {0:x}: Bucket {1} is not empty but points to a "
1042           "mismatched hash value {2:x} (belonging to bucket {3}).\n",
1043           NI.getUnitOffset(), B.Bucket, FirstHash,
1044           FirstHash % NI.getBucketCount());
1045       ++NumErrors;
1046     }
1047 
1048     // This find the end of this bucket and also verifies that all the hashes in
1049     // this bucket are correct by comparing the stored hashes to the ones we
1050     // compute ourselves.
1051     while (Idx <= NI.getNameCount()) {
1052       uint32_t Hash = NI.getHashArrayEntry(Idx);
1053       if (Hash % NI.getBucketCount() != B.Bucket)
1054         break;
1055 
1056       const char *Str = NI.getNameTableEntry(Idx).getString();
1057       if (caseFoldingDjbHash(Str) != Hash) {
1058         error() << formatv("Name Index @ {0:x}: String ({1}) at index {2} "
1059                            "hashes to {3:x}, but "
1060                            "the Name Index hash is {4:x}\n",
1061                            NI.getUnitOffset(), Str, Idx,
1062                            caseFoldingDjbHash(Str), Hash);
1063         ++NumErrors;
1064       }
1065 
1066       ++Idx;
1067     }
1068     NextUncovered = std::max(NextUncovered, Idx);
1069   }
1070   return NumErrors;
1071 }
1072 
1073 unsigned DWARFVerifier::verifyNameIndexAttribute(
1074     const DWARFDebugNames::NameIndex &NI, const DWARFDebugNames::Abbrev &Abbr,
1075     DWARFDebugNames::AttributeEncoding AttrEnc) {
1076   StringRef FormName = dwarf::FormEncodingString(AttrEnc.Form);
1077   if (FormName.empty()) {
1078     error() << formatv("NameIndex @ {0:x}: Abbreviation {1:x}: {2} uses an "
1079                        "unknown form: {3}.\n",
1080                        NI.getUnitOffset(), Abbr.Code, AttrEnc.Index,
1081                        AttrEnc.Form);
1082     return 1;
1083   }
1084 
1085   if (AttrEnc.Index == DW_IDX_type_hash) {
1086     if (AttrEnc.Form != dwarf::DW_FORM_data8) {
1087       error() << formatv(
1088           "NameIndex @ {0:x}: Abbreviation {1:x}: DW_IDX_type_hash "
1089           "uses an unexpected form {2} (should be {3}).\n",
1090           NI.getUnitOffset(), Abbr.Code, AttrEnc.Form, dwarf::DW_FORM_data8);
1091       return 1;
1092     }
1093   }
1094 
1095   // A list of known index attributes and their expected form classes.
1096   // DW_IDX_type_hash is handled specially in the check above, as it has a
1097   // specific form (not just a form class) we should expect.
1098   struct FormClassTable {
1099     dwarf::Index Index;
1100     DWARFFormValue::FormClass Class;
1101     StringLiteral ClassName;
1102   };
1103   static constexpr FormClassTable Table[] = {
1104       {dwarf::DW_IDX_compile_unit, DWARFFormValue::FC_Constant, {"constant"}},
1105       {dwarf::DW_IDX_type_unit, DWARFFormValue::FC_Constant, {"constant"}},
1106       {dwarf::DW_IDX_die_offset, DWARFFormValue::FC_Reference, {"reference"}},
1107       {dwarf::DW_IDX_parent, DWARFFormValue::FC_Constant, {"constant"}},
1108   };
1109 
1110   ArrayRef<FormClassTable> TableRef(Table);
1111   auto Iter = find_if(TableRef, [AttrEnc](const FormClassTable &T) {
1112     return T.Index == AttrEnc.Index;
1113   });
1114   if (Iter == TableRef.end()) {
1115     warn() << formatv("NameIndex @ {0:x}: Abbreviation {1:x} contains an "
1116                       "unknown index attribute: {2}.\n",
1117                       NI.getUnitOffset(), Abbr.Code, AttrEnc.Index);
1118     return 0;
1119   }
1120 
1121   if (!DWARFFormValue(AttrEnc.Form).isFormClass(Iter->Class)) {
1122     error() << formatv("NameIndex @ {0:x}: Abbreviation {1:x}: {2} uses an "
1123                        "unexpected form {3} (expected form class {4}).\n",
1124                        NI.getUnitOffset(), Abbr.Code, AttrEnc.Index,
1125                        AttrEnc.Form, Iter->ClassName);
1126     return 1;
1127   }
1128   return 0;
1129 }
1130 
1131 unsigned
1132 DWARFVerifier::verifyNameIndexAbbrevs(const DWARFDebugNames::NameIndex &NI) {
1133   if (NI.getLocalTUCount() + NI.getForeignTUCount() > 0) {
1134     warn() << formatv("Name Index @ {0:x}: Verifying indexes of type units is "
1135                       "not currently supported.\n",
1136                       NI.getUnitOffset());
1137     return 0;
1138   }
1139 
1140   unsigned NumErrors = 0;
1141   for (const auto &Abbrev : NI.getAbbrevs()) {
1142     StringRef TagName = dwarf::TagString(Abbrev.Tag);
1143     if (TagName.empty()) {
1144       warn() << formatv("NameIndex @ {0:x}: Abbreviation {1:x} references an "
1145                         "unknown tag: {2}.\n",
1146                         NI.getUnitOffset(), Abbrev.Code, Abbrev.Tag);
1147     }
1148     SmallSet<unsigned, 5> Attributes;
1149     for (const auto &AttrEnc : Abbrev.Attributes) {
1150       if (!Attributes.insert(AttrEnc.Index).second) {
1151         error() << formatv("NameIndex @ {0:x}: Abbreviation {1:x} contains "
1152                            "multiple {2} attributes.\n",
1153                            NI.getUnitOffset(), Abbrev.Code, AttrEnc.Index);
1154         ++NumErrors;
1155         continue;
1156       }
1157       NumErrors += verifyNameIndexAttribute(NI, Abbrev, AttrEnc);
1158     }
1159 
1160     if (NI.getCUCount() > 1 && !Attributes.count(dwarf::DW_IDX_compile_unit)) {
1161       error() << formatv("NameIndex @ {0:x}: Indexing multiple compile units "
1162                          "and abbreviation {1:x} has no {2} attribute.\n",
1163                          NI.getUnitOffset(), Abbrev.Code,
1164                          dwarf::DW_IDX_compile_unit);
1165       ++NumErrors;
1166     }
1167     if (!Attributes.count(dwarf::DW_IDX_die_offset)) {
1168       error() << formatv(
1169           "NameIndex @ {0:x}: Abbreviation {1:x} has no {2} attribute.\n",
1170           NI.getUnitOffset(), Abbrev.Code, dwarf::DW_IDX_die_offset);
1171       ++NumErrors;
1172     }
1173   }
1174   return NumErrors;
1175 }
1176 
1177 static SmallVector<StringRef, 2> getNames(const DWARFDie &DIE,
1178                                           bool IncludeLinkageName = true) {
1179   SmallVector<StringRef, 2> Result;
1180   if (const char *Str = DIE.getName(DINameKind::ShortName))
1181     Result.emplace_back(Str);
1182   else if (DIE.getTag() == dwarf::DW_TAG_namespace)
1183     Result.emplace_back("(anonymous namespace)");
1184 
1185   if (IncludeLinkageName) {
1186     if (const char *Str = DIE.getName(DINameKind::LinkageName)) {
1187       if (Result.empty() || Result[0] != Str)
1188         Result.emplace_back(Str);
1189     }
1190   }
1191 
1192   return Result;
1193 }
1194 
1195 unsigned DWARFVerifier::verifyNameIndexEntries(
1196     const DWARFDebugNames::NameIndex &NI,
1197     const DWARFDebugNames::NameTableEntry &NTE) {
1198   // Verifying type unit indexes not supported.
1199   if (NI.getLocalTUCount() + NI.getForeignTUCount() > 0)
1200     return 0;
1201 
1202   const char *CStr = NTE.getString();
1203   if (!CStr) {
1204     error() << formatv(
1205         "Name Index @ {0:x}: Unable to get string associated with name {1}.\n",
1206         NI.getUnitOffset(), NTE.getIndex());
1207     return 1;
1208   }
1209   StringRef Str(CStr);
1210 
1211   unsigned NumErrors = 0;
1212   unsigned NumEntries = 0;
1213   uint64_t EntryID = NTE.getEntryOffset();
1214   uint64_t NextEntryID = EntryID;
1215   Expected<DWARFDebugNames::Entry> EntryOr = NI.getEntry(&NextEntryID);
1216   for (; EntryOr; ++NumEntries, EntryID = NextEntryID,
1217                                 EntryOr = NI.getEntry(&NextEntryID)) {
1218     uint32_t CUIndex = *EntryOr->getCUIndex();
1219     if (CUIndex > NI.getCUCount()) {
1220       error() << formatv("Name Index @ {0:x}: Entry @ {1:x} contains an "
1221                          "invalid CU index ({2}).\n",
1222                          NI.getUnitOffset(), EntryID, CUIndex);
1223       ++NumErrors;
1224       continue;
1225     }
1226     uint64_t CUOffset = NI.getCUOffset(CUIndex);
1227     uint64_t DIEOffset = CUOffset + *EntryOr->getDIEUnitOffset();
1228     DWARFDie DIE = DCtx.getDIEForOffset(DIEOffset);
1229     if (!DIE) {
1230       error() << formatv("Name Index @ {0:x}: Entry @ {1:x} references a "
1231                          "non-existing DIE @ {2:x}.\n",
1232                          NI.getUnitOffset(), EntryID, DIEOffset);
1233       ++NumErrors;
1234       continue;
1235     }
1236     if (DIE.getDwarfUnit()->getOffset() != CUOffset) {
1237       error() << formatv("Name Index @ {0:x}: Entry @ {1:x}: mismatched CU of "
1238                          "DIE @ {2:x}: index - {3:x}; debug_info - {4:x}.\n",
1239                          NI.getUnitOffset(), EntryID, DIEOffset, CUOffset,
1240                          DIE.getDwarfUnit()->getOffset());
1241       ++NumErrors;
1242     }
1243     if (DIE.getTag() != EntryOr->tag()) {
1244       error() << formatv("Name Index @ {0:x}: Entry @ {1:x}: mismatched Tag of "
1245                          "DIE @ {2:x}: index - {3}; debug_info - {4}.\n",
1246                          NI.getUnitOffset(), EntryID, DIEOffset, EntryOr->tag(),
1247                          DIE.getTag());
1248       ++NumErrors;
1249     }
1250 
1251     auto EntryNames = getNames(DIE);
1252     if (!is_contained(EntryNames, Str)) {
1253       error() << formatv("Name Index @ {0:x}: Entry @ {1:x}: mismatched Name "
1254                          "of DIE @ {2:x}: index - {3}; debug_info - {4}.\n",
1255                          NI.getUnitOffset(), EntryID, DIEOffset, Str,
1256                          make_range(EntryNames.begin(), EntryNames.end()));
1257       ++NumErrors;
1258     }
1259   }
1260   handleAllErrors(EntryOr.takeError(),
1261                   [&](const DWARFDebugNames::SentinelError &) {
1262                     if (NumEntries > 0)
1263                       return;
1264                     error() << formatv("Name Index @ {0:x}: Name {1} ({2}) is "
1265                                        "not associated with any entries.\n",
1266                                        NI.getUnitOffset(), NTE.getIndex(), Str);
1267                     ++NumErrors;
1268                   },
1269                   [&](const ErrorInfoBase &Info) {
1270                     error()
1271                         << formatv("Name Index @ {0:x}: Name {1} ({2}): {3}\n",
1272                                    NI.getUnitOffset(), NTE.getIndex(), Str,
1273                                    Info.message());
1274                     ++NumErrors;
1275                   });
1276   return NumErrors;
1277 }
1278 
1279 static bool isVariableIndexable(const DWARFDie &Die, DWARFContext &DCtx) {
1280   Expected<std::vector<DWARFLocationExpression>> Loc =
1281       Die.getLocations(DW_AT_location);
1282   if (!Loc) {
1283     consumeError(Loc.takeError());
1284     return false;
1285   }
1286   DWARFUnit *U = Die.getDwarfUnit();
1287   for (const auto &Entry : *Loc) {
1288     DataExtractor Data(toStringRef(Entry.Expr), DCtx.isLittleEndian(),
1289                        U->getAddressByteSize());
1290     DWARFExpression Expression(Data, U->getAddressByteSize());
1291     bool IsInteresting = any_of(Expression, [](DWARFExpression::Operation &Op) {
1292       return !Op.isError() && (Op.getCode() == DW_OP_addr ||
1293                                Op.getCode() == DW_OP_form_tls_address ||
1294                                Op.getCode() == DW_OP_GNU_push_tls_address);
1295     });
1296     if (IsInteresting)
1297       return true;
1298   }
1299   return false;
1300 }
1301 
1302 unsigned DWARFVerifier::verifyNameIndexCompleteness(
1303     const DWARFDie &Die, const DWARFDebugNames::NameIndex &NI) {
1304 
1305   // First check, if the Die should be indexed. The code follows the DWARF v5
1306   // wording as closely as possible.
1307 
1308   // "All non-defining declarations (that is, debugging information entries
1309   // with a DW_AT_declaration attribute) are excluded."
1310   if (Die.find(DW_AT_declaration))
1311     return 0;
1312 
1313   // "DW_TAG_namespace debugging information entries without a DW_AT_name
1314   // attribute are included with the name “(anonymous namespace)”.
1315   // All other debugging information entries without a DW_AT_name attribute
1316   // are excluded."
1317   // "If a subprogram or inlined subroutine is included, and has a
1318   // DW_AT_linkage_name attribute, there will be an additional index entry for
1319   // the linkage name."
1320   auto IncludeLinkageName = Die.getTag() == DW_TAG_subprogram ||
1321                             Die.getTag() == DW_TAG_inlined_subroutine;
1322   auto EntryNames = getNames(Die, IncludeLinkageName);
1323   if (EntryNames.empty())
1324     return 0;
1325 
1326   // We deviate from the specification here, which says:
1327   // "The name index must contain an entry for each debugging information entry
1328   // that defines a named subprogram, label, variable, type, or namespace,
1329   // subject to ..."
1330   // Instead whitelisting all TAGs representing a "type" or a "subprogram", to
1331   // make sure we catch any missing items, we instead blacklist all TAGs that we
1332   // know shouldn't be indexed.
1333   switch (Die.getTag()) {
1334   // Compile units and modules have names but shouldn't be indexed.
1335   case DW_TAG_compile_unit:
1336   case DW_TAG_module:
1337     return 0;
1338 
1339   // Function and template parameters are not globally visible, so we shouldn't
1340   // index them.
1341   case DW_TAG_formal_parameter:
1342   case DW_TAG_template_value_parameter:
1343   case DW_TAG_template_type_parameter:
1344   case DW_TAG_GNU_template_parameter_pack:
1345   case DW_TAG_GNU_template_template_param:
1346     return 0;
1347 
1348   // Object members aren't globally visible.
1349   case DW_TAG_member:
1350     return 0;
1351 
1352   // According to a strict reading of the specification, enumerators should not
1353   // be indexed (and LLVM currently does not do that). However, this causes
1354   // problems for the debuggers, so we may need to reconsider this.
1355   case DW_TAG_enumerator:
1356     return 0;
1357 
1358   // Imported declarations should not be indexed according to the specification
1359   // and LLVM currently does not do that.
1360   case DW_TAG_imported_declaration:
1361     return 0;
1362 
1363   // "DW_TAG_subprogram, DW_TAG_inlined_subroutine, and DW_TAG_label debugging
1364   // information entries without an address attribute (DW_AT_low_pc,
1365   // DW_AT_high_pc, DW_AT_ranges, or DW_AT_entry_pc) are excluded."
1366   case DW_TAG_subprogram:
1367   case DW_TAG_inlined_subroutine:
1368   case DW_TAG_label:
1369     if (Die.findRecursively(
1370             {DW_AT_low_pc, DW_AT_high_pc, DW_AT_ranges, DW_AT_entry_pc}))
1371       break;
1372     return 0;
1373 
1374   // "DW_TAG_variable debugging information entries with a DW_AT_location
1375   // attribute that includes a DW_OP_addr or DW_OP_form_tls_address operator are
1376   // included; otherwise, they are excluded."
1377   //
1378   // LLVM extension: We also add DW_OP_GNU_push_tls_address to this list.
1379   case DW_TAG_variable:
1380     if (isVariableIndexable(Die, DCtx))
1381       break;
1382     return 0;
1383 
1384   default:
1385     break;
1386   }
1387 
1388   // Now we know that our Die should be present in the Index. Let's check if
1389   // that's the case.
1390   unsigned NumErrors = 0;
1391   uint64_t DieUnitOffset = Die.getOffset() - Die.getDwarfUnit()->getOffset();
1392   for (StringRef Name : EntryNames) {
1393     if (none_of(NI.equal_range(Name), [&](const DWARFDebugNames::Entry &E) {
1394           return E.getDIEUnitOffset() == DieUnitOffset;
1395         })) {
1396       error() << formatv("Name Index @ {0:x}: Entry for DIE @ {1:x} ({2}) with "
1397                          "name {3} missing.\n",
1398                          NI.getUnitOffset(), Die.getOffset(), Die.getTag(),
1399                          Name);
1400       ++NumErrors;
1401     }
1402   }
1403   return NumErrors;
1404 }
1405 
1406 unsigned DWARFVerifier::verifyDebugNames(const DWARFSection &AccelSection,
1407                                          const DataExtractor &StrData) {
1408   unsigned NumErrors = 0;
1409   DWARFDataExtractor AccelSectionData(DCtx.getDWARFObj(), AccelSection,
1410                                       DCtx.isLittleEndian(), 0);
1411   DWARFDebugNames AccelTable(AccelSectionData, StrData);
1412 
1413   OS << "Verifying .debug_names...\n";
1414 
1415   // This verifies that we can read individual name indices and their
1416   // abbreviation tables.
1417   if (Error E = AccelTable.extract()) {
1418     error() << toString(std::move(E)) << '\n';
1419     return 1;
1420   }
1421 
1422   NumErrors += verifyDebugNamesCULists(AccelTable);
1423   for (const auto &NI : AccelTable)
1424     NumErrors += verifyNameIndexBuckets(NI, StrData);
1425   for (const auto &NI : AccelTable)
1426     NumErrors += verifyNameIndexAbbrevs(NI);
1427 
1428   // Don't attempt Entry validation if any of the previous checks found errors
1429   if (NumErrors > 0)
1430     return NumErrors;
1431   for (const auto &NI : AccelTable)
1432     for (DWARFDebugNames::NameTableEntry NTE : NI)
1433       NumErrors += verifyNameIndexEntries(NI, NTE);
1434 
1435   if (NumErrors > 0)
1436     return NumErrors;
1437 
1438   for (const std::unique_ptr<DWARFUnit> &U : DCtx.compile_units()) {
1439     if (const DWARFDebugNames::NameIndex *NI =
1440             AccelTable.getCUNameIndex(U->getOffset())) {
1441       auto *CU = cast<DWARFCompileUnit>(U.get());
1442       for (const DWARFDebugInfoEntry &Die : CU->dies())
1443         NumErrors += verifyNameIndexCompleteness(DWARFDie(CU, &Die), *NI);
1444     }
1445   }
1446   return NumErrors;
1447 }
1448 
1449 bool DWARFVerifier::handleAccelTables() {
1450   const DWARFObject &D = DCtx.getDWARFObj();
1451   DataExtractor StrData(D.getStrSection(), DCtx.isLittleEndian(), 0);
1452   unsigned NumErrors = 0;
1453   if (!D.getAppleNamesSection().Data.empty())
1454     NumErrors += verifyAppleAccelTable(&D.getAppleNamesSection(), &StrData,
1455                                        ".apple_names");
1456   if (!D.getAppleTypesSection().Data.empty())
1457     NumErrors += verifyAppleAccelTable(&D.getAppleTypesSection(), &StrData,
1458                                        ".apple_types");
1459   if (!D.getAppleNamespacesSection().Data.empty())
1460     NumErrors += verifyAppleAccelTable(&D.getAppleNamespacesSection(), &StrData,
1461                                        ".apple_namespaces");
1462   if (!D.getAppleObjCSection().Data.empty())
1463     NumErrors += verifyAppleAccelTable(&D.getAppleObjCSection(), &StrData,
1464                                        ".apple_objc");
1465 
1466   if (!D.getNamesSection().Data.empty())
1467     NumErrors += verifyDebugNames(D.getNamesSection(), StrData);
1468   return NumErrors == 0;
1469 }
1470 
1471 raw_ostream &DWARFVerifier::error() const { return WithColor::error(OS); }
1472 
1473 raw_ostream &DWARFVerifier::warn() const { return WithColor::warning(OS); }
1474 
1475 raw_ostream &DWARFVerifier::note() const { return WithColor::note(OS); }
1476 
1477 raw_ostream &DWARFVerifier::dump(const DWARFDie &Die, unsigned indent) const {
1478   Die.dump(OS, indent, DumpOpts);
1479   return OS;
1480 }
1481