| blob | c4d529bc6db74c75410b8e118453881588fb9036 |
1 /* -*- mode: C; c-basic-offset: 3; -*- */
3 /*--------------------------------------------------------------------*/
4 /*--- Read DWARF3/4 ".debug_info" sections (DIE trees). ---*/
5 /*--- readdwarf3.c ---*/
6 /*--------------------------------------------------------------------*/
8 /*
9 This file is part of Valgrind, a dynamic binary instrumentation
10 framework.
12 Copyright (C) 2008-2017 OpenWorks LLP
13 info@open-works.co.uk
15 This program is free software; you can redistribute it and/or
16 modify it under the terms of the GNU General Public License as
17 published by the Free Software Foundation; either version 2 of the
18 License, or (at your option) any later version.
20 This program is distributed in the hope that it will be useful, but
21 WITHOUT ANY WARRANTY; without even the implied warranty of
22 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
23 General Public License for more details.
25 You should have received a copy of the GNU General Public License
26 along with this program; if not, see <http://www.gnu.org/licenses/>.
28 The GNU General Public License is contained in the file COPYING.
30 Neither the names of the U.S. Department of Energy nor the
31 University of California nor the names of its contributors may be
32 used to endorse or promote products derived from this software
33 without prior written permission.
34 */
36 #if defined(VGO_linux) || defined(VGO_darwin) || defined(VGO_solaris)
38 /* REFERENCE (without which this code will not make much sense):
40 DWARF Debugging Information Format, Version 3,
41 dated 20 December 2005 (the "D3 spec").
43 Available at http://www.dwarfstd.org/Dwarf3.pdf. There's also a
44 .doc (MS Word) version, but for some reason the section numbers
45 between the Word and PDF versions differ by 1 in the first digit.
46 All section references in this code are to the PDF version.
48 CURRENT HACKS:
50 DW_TAG_{const,volatile}_type no DW_AT_type is allowed; it is
51 assumed to mean "const void" or "volatile void" respectively.
52 GDB appears to interpret them like this, anyway.
54 In many cases it is important to know the svma of a CU (the "base
55 address of the CU", as the D3 spec calls it). There are some
56 situations in which the spec implies this value is unknown, but the
57 Dwarf3 produced by gcc-4.1 seems to assume is not unknown but
58 merely zero when not explicitly stated. So we too have to make
59 that assumption.
61 POTENTIAL BUG? Spotted 6 Sept 08. Why doesn't
62 unitary_range_list() bias the resulting range list in the same way
63 that its more general cousin, get_range_list(), does? I don't
64 know.
66 TODO, 2008 Feb 17:
68 get rid of cu_svma_known and document the assumed-zero svma hack.
70 ML_(sizeOfType): differentiate between zero sized types and types
71 for which the size is unknown. Is this important? I don't know.
73 DW_TAG_array_types: deal with explicit sizes (currently we compute
74 the size from the bounds and the element size, although that's
75 fragile, if the bounds incompletely specified, or completely
76 absent)
78 Document reason for difference (by 1) of stack preening depth in
79 parse_var_DIE vs parse_type_DIE.
81 Don't hand to ML_(addVars), vars whose locations are entirely in
82 registers (DW_OP_reg*). This is merely a space-saving
83 optimisation, as ML_(evaluate_Dwarf3_Expr) should handle these
84 expressions correctly, by failing to evaluate them and hence
85 effectively ignoring the variable with which they are associated.
87 Deal with DW_TAG_array_types which have element size != stride
89 In some cases, the info for a variable is split between two
90 different DIEs (generally a declarer and a definer). We punt on
91 these. Could do better here.
93 The 'data_bias' argument passed to the expression evaluator
94 (ML_(evaluate_Dwarf3_Expr)) should really be changed to a
95 MaybeUWord, to make it clear when we do vs don't know what it is
96 for the evaluation of an expression. At the moment zero is passed
97 for this parameter in the don't know case. That's a bit fragile
98 and obscure; using a MaybeUWord would be clearer.
100 POTENTIAL PERFORMANCE IMPROVEMENTS:
102 Currently, duplicate removal and all other queries for the type
103 entities array is done using cuOffset-based pointing, which
104 involves a binary search (VG_(lookupXA)) for each access. This is
105 wildly inefficient, although simple. It would be better to
106 translate all the cuOffset-based references (iow, all the "R" and
107 "Rs" fields in the TyEnts in 'tyents') to direct index numbers in
108 'tyents' right at the start of dedup_types(), and use direct
109 indexing (VG_(indexXA)) wherever possible after that.
111 cmp__XArrays_of_AddrRange is also a performance bottleneck. Move
112 VG_(indexXA) into pub_tool_xarray.h so it can be inlined at all use
113 points, and possibly also make an _UNCHECKED version which skips
114 the range checks in performance-critical situations such as this.
116 Handle interaction between read_DIE and parse_{var,type}_DIE
117 better. Currently read_DIE reads the entire DIE just to find where
118 the end is (and for debug printing), so that it can later reliably
119 move the cursor to the end regardless of what parse_{var,type}_DIE
120 do. This means many DIEs (most, even?) are read twice. It would
121 be smarter to make parse_{var,type}_DIE return a Bool indicating
122 whether or not they advanced the DIE cursor, and only if they
123 didn't should read_DIE itself read through the DIE.
125 ML_(addVar) and add_var_to_arange: quite a lot of DiAddrRanges have
126 zero variables in their .vars XArray. Rather than have an XArray
127 with zero elements (which uses 2 malloc'd blocks), allow the .vars
128 pointer to be NULL in this case.
130 More generally, reduce the amount of memory allocated and freed
131 while reading Dwarf3 type/variable information. Even modest (20MB)
132 objects cause this module to allocate and free hundreds of
133 thousands of small blocks, and ML_(arena_malloc) and its various
134 groupies always show up at the top of performance profiles. */
155 /*------------------------------------------------------------*/
156 /*--- ---*/
157 /*--- Basic machinery for parsing DIEs. ---*/
158 /*--- ---*/
159 /*------------------------------------------------------------*/
161 #define TRACE_D3(format, args...) \
162 if (UNLIKELY(td3)) { VG_(printf)(format, ## args); }
163 #define TD3 (UNLIKELY(td3))
165 #define D3_INVALID_CUOFF ((UWord)(-1UL))
166 #define D3_FAKEVOID_CUOFF ((UWord)(-2UL))
168 typedef
174 }
175 Cursor;
185 }
187 // Initialise a cursor from a DiSlice (ELF section, really) so as to
188 // start reading at offset |sli_initial_offset| from the start of the
189 // slice.
191 DiSlice sli,
192 ULong sli_initial_offset,
195 {
203 }
208 }
213 }
217 }
221 }
226 }
228 //static void* get_address_of_Cursor ( Cursor* c ) {
229 // vg_assert(is_sane_Cursor(c));
230 // return &c->region_start_img[ c->region_next ];
231 //}
235 }
237 /* FIXME: document assumptions on endianness for
238 get_UShort/UInt/ULong. */
240 UChar r;
244 /*NOTREACHED*/
246 }
250 }
252 UShort r;
256 /*NOTREACHED*/
258 }
262 }
264 UInt r;
268 /*NOTREACHED*/
270 }
274 }
276 ULong r;
280 /*NOTREACHED*/
282 }
286 }
288 ULong result;
289 Int shift;
290 UChar byte;
291 /* unroll first iteration */
296 /* end unroll first iteration */
303 }
307 UChar byte;
316 }
318 /* Assume 'c' points to the start of a string. Return a DiCursor of
319 whatever it points at, and advance it past the terminating zero.
320 This makes it safe for the caller to then copy the string with
321 ML_(addStr), since (w.r.t. image overruns) the process of advancing
322 past the terminating zero will already have "vetted" the string. */
324 UChar uc;
328 }
335 }
341 }
345 }
352 }
354 /* Read a DWARF3 'Initial Length' field */
358 {
359 ULong w64;
360 UInt w32;
365 }
372 }
374 }
377 /*------------------------------------------------------------*/
378 /*--- ---*/
379 /*--- "CUConst" structure ---*/
380 /*--- ---*/
381 /*------------------------------------------------------------*/
383 typedef
390 /* skip_szB and next_nf are used to optimise the skipping of uninteresting DIEs.
391 Each name_form maintains how many (fixed) nr of bytes can be skipped from
392 the beginning of this form till the next attr/form to look at.
393 The next form to look can be:
394 an 'interesting' attr/form to read while skipping a DIE
395 (currently, this is only DW_AT_sibling)
396 or
397 a variable length form which must be read to be skipped.
398 For a variable length form, the skip_szB will be equal to VARSZ_FORM.
400 Note: this technique could also be used to speed up the parsing
401 of DIEs : for each parser kind, we could have the nr of bytes
402 to skip to directly reach the interesting form(s) for the parser. */
404 typedef
408 ULong atag;
409 ULong has_children;
411 /* Variable-length array of name/form pairs, terminated
412 by a 0/0 pair.
413 The skip_szB/next_nf allows to skip efficiently a DIE
414 described by this g_abbv; */
417 /* Holds information that is constant through the parsing of a
418 Compilation Unit. This is basically plumbed through to
419 everywhere. */
420 typedef
422 /* Call here if anything goes wrong */
424 /* Is this 64-bit DWARF ? */
425 Bool is_dw64;
426 /* Which DWARF version ? (2, 3 or 4) */
427 UShort version;
428 /* Length of this Compilation Unit, as stated in the
429 .unit_length :: InitialLength field of the CU Header.
430 However, this size (as specified by the D3 spec) does not
431 include the size of the .unit_length field itself, which is
432 either 4 or 12 bytes (32-bit or 64-bit Dwarf3). That value
433 can be obtained through the expression ".is_dw64 ? 12 : 4". */
434 ULong unit_length;
435 /* Offset of start of this unit in .debug_info */
436 UWord cu_start_offset;
437 /* SVMA for this CU. In the D3 spec, is known as the "base
438 address of the compilation unit (last para sec 3.1.1).
439 Needed for (amongst things) interpretation of location-list
440 values. */
441 Addr cu_svma;
442 Bool cu_svma_known;
444 /* The debug_abbreviations table to be used for this Unit */
445 //UChar* debug_abbv;
446 /* Upper bound on size thereof (an overestimate, in general) */
447 //UWord debug_abbv_maxszB;
448 /* A bounded area of the image, to be used as the
449 debug_abbreviations table tobe used for this Unit. */
450 DiSlice debug_abbv;
452 /* Image information for various sections. */
453 DiSlice escn_debug_str;
454 DiSlice escn_debug_ranges;
455 DiSlice escn_debug_loc;
456 DiSlice escn_debug_line;
457 DiSlice escn_debug_info;
458 DiSlice escn_debug_types;
459 DiSlice escn_debug_info_alt;
460 DiSlice escn_debug_str_alt;
461 /* How much to add to .debug_types resp. alternate .debug_info offsets
462 in cook_die*. */
463 UWord types_cuOff_bias;
464 UWord alt_cuOff_bias;
465 /* --- Needed so we can add stuff to the string table. --- */
467 /* --- a hash table of g_abbv (i.e. parsed abbreviations) --- */
470 /* True if this came from .debug_types; otherwise it came from
471 .debug_info. */
472 Bool is_type_unit;
473 /* For a unit coming from .debug_types, these hold the TU's type
474 signature and the uncooked DIE offset of the TU's signatured
475 type. For a unit coming from .debug_info, these are unused. */
476 ULong type_signature;
477 ULong type_offset;
479 /* Signatured type hash; computed once and then shared by all
480 CUs. */
483 /* True if this came from alternate .debug_info; otherwise
484 it came from normal .debug_info or .debug_types. */
485 Bool is_alt_info;
486 }
487 CUConst;
490 /* Return the cooked value of DIE depending on whether CC represents a
491 .debug_types unit. To cook a DIE, we pretend that the .debug_info,
492 .debug_types and optional alternate .debug_info sections form
493 a contiguous whole, so that DIEs coming from .debug_types are numbered
494 starting at the end of .debug_info and DIEs coming from alternate
495 .debug_info are numbered starting at the end of .debug_types. */
497 {
503 }
505 /* Like cook_die, but understand that DIEs coming from a
506 DW_FORM_ref_sig8 reference are already cooked. Also, handle
507 DW_FORM_GNU_ref_alt from within primary .debug_info or .debug_types
508 as reference to alternate .debug_info. */
510 {
516 }
518 /* Return the uncooked offset of DIE and set *TYPE_FLAG to true if the DIE
519 came from the .debug_types section and *ALT_FLAG to true if the DIE
520 came from alternate .debug_info section. */
523 {
526 /* The use of escn_debug_{info,types}.szB seems safe to me even if
527 escn_debug_{info,types} are DiSlice_INVALID (meaning the
528 sections were not found), because DiSlice_INVALID.szB is always
529 zero. That said, it seems unlikely we'd ever get here if
530 .debug_info or .debug_types were missing. */
538 }
539 }
541 }
543 /*------------------------------------------------------------*/
544 /*--- ---*/
545 /*--- Helper functions for Guarded Expressions ---*/
546 /*--- ---*/
547 /*------------------------------------------------------------*/
549 /* Parse the location list starting at img-offset 'debug_loc_offset'
550 in .debug_loc. Results are biased with 'svma_of_referencing_CU'
551 and so I believe are correct SVMAs for the object as a whole. This
552 function allocates the UChar*, and the caller must deallocate it.
553 The resulting block is in so-called Guarded-Expression format.
555 Guarded-Expression format is similar but not identical to the DWARF3
556 location-list format. The format of each returned block is:
558 UChar biasMe;
559 UChar isEnd;
560 followed by zero or more of
562 (Addr aMin; Addr aMax; UShort nbytes; ..bytes..; UChar isEnd)
564 '..bytes..' is an standard DWARF3 location expression which is
565 valid when aMin <= pc <= aMax (possibly after suitable biasing).
567 The number of bytes in '..bytes..' is nbytes.
569 The end of the sequence is marked by an isEnd == 1 value. All
570 previous isEnd values must be zero.
572 biasMe is 1 if the aMin/aMax fields need this DebugInfo's
573 text_bias added before use, and 0 if the GX is this is not
574 necessary (is ready to go).
576 Hence the block can be quickly parsed and is self-describing. Note
577 that aMax is 1 less than the corresponding value in a DWARF3
578 location list. Zero length ranges, with aMax == aMin-1, are not
579 allowed.
580 */
581 /* 2008-sept-12: moved ML_(pp_GX) from here to d3basics.c, where
582 it more logically belongs. */
585 /* Apply a text bias to a GX. */
587 {
588 UShort nbytes;
591 UChar uc;
602 /* t-bias aMin */
606 /* t-bias aMax */
610 /* nbytes, and actual expression */
613 }
614 }
618 {
619 SizeT bytesReqd;
625 bytesReqd
649 }
653 Bool td3,
654 ULong debug_loc_offset,
655 Addr svma_of_referencing_CU )
656 {
657 Addr base;
658 Cursor loc;
661 Word nbytes;
674 /* Who frees this xa? It is freed before this fn exits. */
683 Bool acquire;
684 UWord len;
685 /* Read a (host-)word pair. This is something of a hack since
686 the word size to read is really dictated by the ELF file;
687 however, we assume we're reading a file with the same
688 word-sizeness as the host. Reasonably enough. */
697 /* new value for 'base' */
700 }
702 /* else a location expression follows */
703 /* else enumerate [w1+base, w2+base) */
704 /* w2 is 1 past end of range, as per D3 defn for "DW_AT_high_pc"
705 (sec 2.17.2) */
709 debug_loc_offset);
711 }
713 /* ignore zero length ranges */
718 UWord w;
719 UShort s;
720 UChar c;
729 }
736 len--;
737 }
739 }
756 }
759 /*------------------------------------------------------------*/
760 /*--- ---*/
761 /*--- Helper functions for range lists and CU headers ---*/
762 /*--- ---*/
763 /*------------------------------------------------------------*/
765 /* Denotes an address range. Both aMin and aMax are included in the
766 range; hence a complete range is (0, ~0) and an empty range is any
767 (X, X-1) for X > 0.*/
768 typedef
770 AddrRange;
773 /* Generate an arbitrary structural total ordering on
774 XArray* of AddrRange. */
777 {
791 }
793 }
798 {
800 /* Who frees this xa? varstack_preen() does. */
805 }
810 {
812 AddrRange pair;
814 /* Who frees this xa? varstack_preen() does. */
822 }
825 /* Enumerate the address ranges starting at img-offset
826 'debug_ranges_offset' in .debug_ranges. Results are biased with
827 'svma_of_referencing_CU' and so I believe are correct SVMAs for the
828 object as a whole. This function allocates the XArray, and the
829 caller must deallocate it. */
833 Bool td3,
834 UWord debug_ranges_offset,
835 Addr svma_of_referencing_CU )
836 {
837 Addr base;
838 Cursor ranges;
840 AddrRange pair;
850 /* Who frees this xa? varstack_preen() does. */
855 /* Read a (host-)word pair. This is something of a hack since
856 the word size to read is really dictated by the ELF file;
857 however, we assume we're reading a file with the same
858 word-sizeness as the host. Reasonably enough. */
866 /* new value for 'base' */
869 }
871 /* else enumerate [w1+base, w2+base) */
872 /* w2 is 1 past end of range, as per D3 defn for "DW_AT_high_pc"
873 (sec 2.17.2) */
881 }
882 }
884 }
886 #define VARSZ_FORM 0xffffffff
889 /* Initialises the hash table of abbreviations.
890 We do a single scan of the abbv slice to parse and
891 build all abbreviations, for the following reasons:
892 * all or most abbreviations will be needed in any case
893 (at least for var-info reading).
894 * re-reading each time an abbreviation causes a lot of calls
895 to get_ULEB128.
896 * a CU should not have many abbreviations. */
898 Bool td3)
899 {
900 Cursor c;
905 Int i;
907 #define SZ_G_ABBV(_nf_szE) (sizeof(g_abbv) + _nf_szE * sizeof(name_form))
930 }
934 ta_nf_n++;
936 }
937 ta_nf_n++;
938 }
940 // Initialises the skip_szB/next_nf elements : an element at position
941 // i must contain the sum of its own size + the sizes of all elements
942 // following i till either the next variable size element, the next
943 // sibling element or the end of the DIE.
959 }
960 }
969 ta_nf_n);
974 }
975 }
978 #undef SZ_G_ABBV
979 }
982 {
989 }
991 /* Free the memory allocated in CUConst. */
993 {
996 }
998 /* Parse the Compilation Unit header indicated at 'c' and
999 initialise 'cc' accordingly. */
1002 Bool td3,
1004 DiSlice escn_debug_abbv,
1005 Bool type_unit,
1006 Bool alt_info )
1007 {
1008 UChar address_size;
1009 ULong debug_abbrev_offset;
1015 /* initial_length field */
1016 cc->unit_length
1022 /* version */
1028 /* debug_abbrev_offset */
1034 /* address size. If this isn't equal to the host word size, just
1035 give up. This makes it safe to assume elsewhere that
1036 DW_FORM_addr and DW_FORM_ref_addr can be treated as a host
1037 word. */
1049 }
1051 /* Set up cc->debug_abbv to point to the relevant table for this
1052 CU. Set its .szB so that at least we can't read off the end of
1053 the debug_abbrev section -- potentially (and quite likely) too
1054 big, if this isn't the last table in the section, but at least
1055 it's safe.
1057 This amounts to taking debug_abbv_escn and moving the start
1058 position along by debug_abbrev_offset bytes, hence forming a
1059 smaller DiSlice which has the same end point. Since we checked
1060 just above that debug_abbrev_offset is less than the size of
1061 debug_abbv_escn, this should leave us with a nonempty slice. */
1068 }
1070 /* This represents a single signatured type. It maps a type signature
1071 (a ULong) to a cooked DIE offset. Objects of this type are stored
1072 in the type signature hash table. */
1073 typedef
1076 UWord data;
1077 ULong type_signature;
1078 UWord die;
1079 }
1080 D3SignatureType;
1082 /* Record a signatured type in the hash table. */
1084 ULong type_signature,
1085 UWord die )
1086 {
1093 }
1095 /* Given a type signature hash table and a type signature, return the
1096 cooked DIE offset of the type. If the type cannot be found, call
1097 BARF. */
1099 ULong type_signature,
1101 {
1103 /* This may be unwarranted chumminess with the hash table
1104 implementation. */
1109 /*NOTREACHED*/
1111 }
1113 }
1116 /* Represents Form data. If szB is 1/2/4/8 then the result is in the
1117 lowest 1/2/4/8 bytes of u.val. If szB is zero or negative then the
1118 result is an image section beginning at u.cur and with size -szB.
1119 No other szB values are allowed. */
1120 typedef
1124 }
1125 FormContents;
1127 /* From 'c', get the Form data into 'cts'. Either it gets a 1/2/4/8
1128 byte scalar value, or (a reference to) zero or more bytes starting
1129 at a DiCursor.*/
1130 static
1134 {
1136 // !!! keep switch in sync with get_Form_szB. The nr of characters read below
1137 // must be computed similarly in get_Form_szB.
1138 // The consistency is verified in trace_DIE.
1176 /* note, this is a hack. DW_FORM_addr is defined as getting
1177 a word the size of the target machine as defined by the
1178 address_size field in the CU Header. However,
1179 parse_CU_Header() rejects all inputs except those for
1180 which address_size == sizeof(Word), hence we can just
1181 treat it as a (host) Word. */
1188 /* We make the same word-size assumption as DW_FORM_addr. */
1189 /* What does this really mean? From D3 Sec 7.5.4,
1190 description of "reference", it would appear to reference
1191 some other DIE, by specifying the offset from the
1192 beginning of a .debug_info section. The D3 spec mentions
1193 that this might be in some other shared object and
1194 executable. But I don't see how the name of the other
1195 object/exe is specified.
1197 At least for the DW_FORM_ref_addrs created by icc11, the
1198 references seem to be within the same object/executable.
1199 So for the moment we merely range-check, to see that they
1200 actually do specify a plausible offset within this
1201 object's .debug_info, and return the value unchanged.
1203 In DWARF 2, DW_FORM_ref_addr is address-sized, but in
1204 DWARF 3 and later, it is offset-sized.
1205 */
1212 }
1218 /* Hmm. Offset is nonsensical for this object's .debug_info
1219 section. Be safe and reject it. */
1222 }
1226 /* this is an offset into .debug_str */
1232 /* FIXME: check the entire string lies inside debug_str,
1233 not just the first byte of it. */
1234 DiCursor str
1240 }
1244 }
1251 }
1253 /* strlen is safe because get_AsciiZ already 'vetted' the
1254 entire string */
1257 }
1265 }
1273 }
1281 }
1289 }
1297 }
1304 }
1311 ULong u64b;
1318 }
1322 }
1324 ULong u64b;
1331 }
1335 }
1337 ULong u64b;
1344 }
1348 }
1351 ULong u64b;
1358 }
1362 }
1364 ULong u64b;
1372 }
1374 /* cc->signature_types is only built/initialised when
1375 VG_(clo_read_var_info) is set. In this case,
1376 the DW_FORM_ref_sig8 can be looked up.
1377 But we can also arrive here when only reading inline info
1378 and VG_(clo_trace_symtab) is set. In such a case,
1379 we cannot lookup the DW_FORM_ref_sig8, we rather assign
1380 a dummy value. This is a kludge, but otherwise,
1381 the 'dwarf inline info reader' tracing would have to
1382 do type processing/reading. It is better to avoid
1383 adding significant 'real' processing only due to tracing. */
1385 /* Due to the way that the hash table is constructed, the
1386 resulting DIE offset here is already "cooked". See
1387 cook_die_using_form. */
1395 }
1398 }
1413 /* Hmm. Offset is nonsensical for this object's .debug_info
1414 section. Be safe and reject it. */
1417 }
1421 /* this is an offset into alternate .debug_str */
1429 /* FIXME: check the entire string lies inside debug_str,
1430 not just the first byte of it. */
1431 DiCursor str
1437 }
1441 }
1448 }
1449 }
1452 {
1455 else
1457 }
1459 #define VARSZ_FORM 0xffffffff
1460 /* If the form is a fixed length form, return the nr of bytes for this form.
1461 If the form is a variable length form, return VARSZ_FORM. */
1462 static
1464 {
1465 // !!! keep switch in sync with get_Form_contents : the nr of bytes
1466 // read from a cursor by get_Form_contents must be returned by
1467 // the below switch.
1468 // The consistency is verified in trace_DIE.
1477 else
1488 else
1530 }
1531 }
1533 /* Skip a DIE as described by abbv.
1534 If the DIE has a sibling, *sibling is set to the skipped DIE sibling value. */
1535 static
1540 {
1541 UInt nf_i;
1542 FormContents cts;
1550 nf_i++;
1554 nf_i++;
1558 }
1561 }
1562 }
1565 /*------------------------------------------------------------*/
1566 /*--- ---*/
1567 /*--- Parsing of variable-related DIEs ---*/
1568 /*--- ---*/
1569 /*------------------------------------------------------------*/
1571 typedef
1574 /* Represent ranges economically. nRanges is the number of
1575 ranges. Cases:
1576 0: .rngOneMin .rngOneMax .manyRanges are all zero
1577 1: .rngOneMin .rngOneMax hold the range; .rngMany is NULL
1578 2: .rngOneMin .rngOneMax are zero; .rngMany holds the ranges.
1579 This is merely an optimisation to avoid having to allocate
1580 and free the XArray in the common (98%) of cases where there
1581 is zero or one address ranges. */
1582 UWord nRanges;
1583 Addr rngOneMin;
1584 Addr rngOneMax;
1586 /* Do not free .rngMany, since many TempVars will have the same
1587 value. Instead the associated storage is to be freed by
1588 deleting 'rangetree', which stores a single copy of each
1589 range. */
1590 /* --- */
1591 Int level;
1595 any */
1598 /* offset in .debug_info, so that abstract instances can be
1599 found to satisfy references from concrete instances. */
1600 UWord dioff;
1602 in some other, related TempVar. */
1603 }
1604 TempVar;
1606 typedef
1608 /* Contains the range stack: a stack of address ranges, one
1609 stack entry for each nested scope.
1611 Some scope entries are created by function definitions
1612 (DW_AT_subprogram), and for those, we also note the GExpr
1613 derived from its DW_AT_frame_base attribute, if any.
1614 Consequently it should be possible to find, for any
1615 variable's DIE, the GExpr for the containing function's
1616 DW_AT_frame_base by scanning back through the stack to find
1617 the nearest entry associated with a function. This somewhat
1618 elaborate scheme is provided so as to make it possible to
1619 obtain the correct DW_AT_frame_base expression even in the
1620 presence of nested functions (or to be more precise, in the
1621 presence of nested DW_AT_subprogram DIEs).
1622 */
1624 stack */
1625 Int stack_size;
1630 /* The fndn_ix file name/dirname table. Is a mapping from dwarf
1631 integer index to the index in di->fndnpool. */
1633 }
1634 D3VarParser;
1636 /* Completely initialise a variable parser object */
1637 static void
1639 {
1647 }
1649 /* Release any memory hanging off a variable parser object */
1650 static void
1652 {
1657 }
1660 {
1671 }
1680 }
1681 }
1683 }
1685 }
1687 /* Remove from the stack, all entries with .level > 'level' */
1688 static
1690 {
1700 /* Who allocated this xa? get_range_list() or
1701 unitary_range_list(). */
1705 }
1708 }
1712 Bool td3,
1719 /* First we need to zap everything >= 'level', as we are about to
1720 replace any previous entry at 'level', so .. */
1739 }
1751 }
1754 /* cts is derived from a DW_AT_location and so refers either to a
1755 location expression or to a location list. Figure out which, and
1756 in both cases bundle the expression or location list into a
1757 so-called GExpr (guarded expression). */
1760 {
1763 /* represents a non-empty in-line location expression, and
1764 cts->u.cur points at the image bytes */
1766 }
1767 else
1769 /* represents a location list. cts->u.val is the offset of it
1770 in .debug_loc. */
1774 }
1777 }
1779 }
1781 /* Returns an xarray* of directory names (indexed by the dwarf dirname
1782 integer).
1783 If 'compdir' is NULL, entry [0] will be set to "."
1784 otherwise entry [0] is set to compdir.
1785 Entry [0] basically means "the current directory of the compilation",
1786 whatever that means, according to the DWARF3 spec.
1787 FIXME??? readdwarf3.c/readdwarf.c have a lot of duplicated code */
1788 static
1791 Bool td3 )
1792 {
1795 UInt compdir_len;
1806 }
1818 /* If data_str[0] is '/', then 'data' is an absolute path and we
1819 don't mess with it. Otherwise, construct the
1820 path 'compdir' ++ "/" ++ 'data'. */
1823 /* not an absolute path */
1824 && compdir
1825 /* actually got something sensible for compdir */
1827 {
1840 /* just use 'data'. */
1844 }
1847 }
1856 }
1859 }
1861 static
1865 Bool td3 )
1866 {
1867 Bool is_dw64;
1868 Cursor c;
1869 Word i;
1870 UShort version;
1871 UChar opcode_base;
1876 UInt fndn_ix;
1882 }
1887 /* unit_length = */
1902 /* skip over "standard_opcode_lengths" */
1908 /* Read and record the file names table */
1910 /* Add a dummy index-zero entry. DWARF3 numbers its files
1911 from 1, for some reason. */
1921 else
1930 }
1931 /* We're done! The rest of it is not interesting. */
1934 }
1936 /* setup_cu_svma to be called when a cu is found at level 0,
1937 to establish the cu_svma. */
1939 {
1940 Addr cu_svma;
1941 /* We have potentially more than one type of parser parsing the
1942 dwarf information. At least currently, each parser establishes
1943 the cu_svma. So, in case cu_svma_known, we check that the same
1944 result is obtained by the 2nd parsing of the cu.
1946 Alternatively, we could reset cu_svma_known after each parsing
1947 and then check that we only see a single DW_TAG_compile_unit DIE
1948 at level 0, DWARF3 only allows exactly one top level DIE per
1949 CU. */
1954 /* Now, it may be that this DIE doesn't tell us the CU's
1955 SVMA, by way of not having a DW_AT_low_pc. That's OK --
1956 the CU doesn't *have* to have its SVMA specified.
1958 But as per last para D3 spec sec 3.1.1 ("Normal and
1959 Partial Compilation Unit Entries", "If the base address
1960 (viz, the SVMA) is undefined, then any DWARF entry of
1961 structure defined interms of the base address of that
1962 compilation unit is not valid.". So that means, if whilst
1963 processing the children of this top level DIE (or their
1964 children, etc) we see a DW_AT_range, and cu_svma_known is
1965 False, then the DIE that contains it is (per the spec)
1966 invalid, and we can legitimately stop and complain. */
1967 /* .. whereas The Reality is, simply assume the SVMA is zero
1968 if it isn't specified. */
1970 }
1979 }
1980 }
1983 DW_TAG dtag,
1984 UWord posn,
1985 Int level,
1986 UWord saved_die_c_offset,
1989 {
1990 Cursor c;
1991 FormContents cts;
1993 UInt nf_i;
1994 Bool debug_types_flag;
1995 Bool alt_flag;
1996 Cursor check_skip;
2014 nf_i++;
2017 /* Get the form contents, so as to print them */
2021 }
2023 }
2025 /* Verify that skipping a DIE gives the same displacement as
2026 tracing (i.e. reading) a DIE. If there is an inconsistency in
2027 the nr of bytes read by get_Form_contents and get_Form_szB, this
2028 should be detected by the below. Using --trace-symtab=yes
2029 --read-var-info=yes will ensure all DIEs are systematically
2030 verified. */
2035 }
2040 DW_TAG dtag,
2041 UWord posn,
2042 Int level,
2044 UWord saved_die_c_offset,
2047 {
2051 }
2055 {
2057 }
2058 #define goto_bad_DIE do {bad_DIE_confusion(__LINE__); goto bad_DIE;} while (0)
2066 DW_TAG dtag,
2067 UWord posn,
2068 Int level,
2072 Bool td3
2073 )
2074 {
2075 FormContents cts;
2076 UInt nf_i;
2097 nf_i++;
2103 }
2109 }
2113 }
2121 }
2125 }
2126 }
2130 /* Now, does this give us an opportunity to find this
2131 CU's svma? */
2135 /* Do we have something that looks sane? */
2140 level,
2143 /* CU has no code, presumably?
2144 Such situations have been encountered for code
2145 compiled with -ffunction-sections -fdata-sections
2146 and linked with --gc-sections. Completely
2147 eliminated CU gives such 0 lo/hi pc. Similarly
2148 to a CU which has no lo/hi/range pc, we push
2149 an empty range list. */
2152 level,
2159 level,
2163 /* CU has no code, presumably? */
2166 level,
2170 /* broken DIE created by gcc-4.3.X ? Ignore the
2171 apparently-redundant DW_AT_low_pc and use the DW_AT_ranges
2172 instead. */
2176 level,
2181 goto_bad_DIE;
2182 }
2183 }
2199 nf_i++;
2205 }
2211 }
2215 }
2222 }
2223 }
2226 /* Do we have something that looks sane? */
2229 /* This is legit - ignore it. Sec 3.3.3: "A subroutine entry
2230 representing a subroutine declaration that is not also a
2231 definition does not have code address or range
2232 attributes." */
2236 /* I believe this is legit, and means the lexical block
2237 contains no insns (whatever that might mean). Ignore. */
2240 /* This scope supplies just a single address range. */
2247 /* This scope supplies multiple address ranges via the use of
2248 a range list. */
2255 /* This scope is bogus. The D3 spec sec 3.4 (Lexical Block
2256 Entries) says fairly clearly that a scope must have either
2257 _range or (_low_pc and _high_pc). */
2258 /* The spec is a bit ambiguous though. Perhaps a single byte
2259 range is intended? See sec 2.17 (Code Addresses And Ranges) */
2260 /* This case is here because icc9 produced this:
2261 <2><13bd>: DW_TAG_lexical_block
2262 DW_AT_decl_line : 5229
2263 DW_AT_decl_column : 37
2264 DW_AT_decl_file : 1
2265 DW_AT_low_pc : 0x401b03
2266 */
2267 /* Ignore (seems safe than pushing a single byte range) */
2269 goto_bad_DIE;
2270 }
2285 nf_i++;
2288 n_attrs++;
2291 }
2297 }
2300 }
2303 }
2306 }
2308 /*declaration = True;*/
2309 }
2312 }
2318 }
2321 }
2322 }
2324 /* Case of a static variable. It is better to declare
2325 it global as the variable is not really related to
2326 a PC range, as its address can be used by program
2327 counters outside of the ranges where it is visible . */
2329 }
2331 /* We'll collect it under if one of the following three
2332 conditions holds:
2333 (1) has location and type -> completed
2334 (2) has type only -> is an abstract instance
2335 (3) has location and abs_ori -> is a concrete instance
2336 Name, fndn_ix and line number are all optional frills.
2337 */
2342 /* Add this variable to the list of interesting looking
2343 variables. Crucially, note along with it the address
2344 range(s) associated with the variable, which for locals
2345 will be the address ranges at the top of the varparser's
2346 stack. */
2351 /* Stack can't be empty; we put a dummy entry on it for the
2352 entire address range before starting with the DIEs for
2353 this CU. */
2356 /* If this is a local variable (non-global), try to find
2357 the GExpr for the DW_AT_frame_base of the containing
2358 function. It should have been pushed on the stack at the
2359 time we encountered its DW_TAG_subprogram DIE, so the way
2360 to find it is to scan back down the stack looking for it.
2361 If there isn't an enclosing stack entry marked 'isFunc'
2362 then we must be seeing variable or formal param DIEs
2363 outside of a function, so we deem the Dwarf to be
2364 malformed if that happens. Note that the fbGX may be NULL
2365 if the containing DT_TAG_subprogram didn't supply a
2366 DW_AT_frame_base -- that's OK, but there must actually be
2367 a containing DW_TAG_subprogram. */
2375 }
2376 }
2380 "warning: parse_var_DIE: non-global variable "
2382 }
2383 /* goto_bad_DIE; */
2384 /* This seems to happen a lot. Just ignore it -- if,
2385 when we come to evaluation of the location (guarded)
2386 expression, it requires a frame base value, and
2387 there's no expression for that, then evaluation as a
2388 whole will fail. Harmless - a bit of a waste of
2389 cycles but nothing more. */
2390 }
2391 }
2393 /* re "global ? 0 : parser->sp" (twice), if the var is
2394 marked 'global' then we must put it at the global scope,
2395 as only the global scope (level 0) covers the entire PC
2396 address space. It is asserted elsewhere that level 0
2397 always covers the entire address space. */
2413 /* See explanation on definition of type TempVar for the
2414 reason for this elaboration. */
2423 }
2425 /* See if we already have a range list which is
2426 structurally identical. If so, use that; if not, clone
2427 this one, and add it to our collection. */
2438 }
2439 }
2445 /* collect stats on how effective the ->ranges special
2446 casing is */
2449 ntot++;
2453 }
2455 }
2457 /* Here are some other weird cases seen in the wild:
2459 We have a variable with a name and a type, but no
2460 location. I guess that's a sign that it has been
2461 optimised away. Ignore it. Here's an example:
2463 static Int lc_compar(void* n1, void* n2) {
2464 MC_Chunk* mc1 = *(MC_Chunk**)n1;
2465 MC_Chunk* mc2 = *(MC_Chunk**)n2;
2466 return (mc1->data < mc2->data ? -1 : 1);
2467 }
2469 Both mc1 and mc2 are like this
2470 <2><5bc>: Abbrev Number: 21 (DW_TAG_variable)
2471 DW_AT_name : mc1
2472 DW_AT_decl_file : 1
2473 DW_AT_decl_line : 216
2474 DW_AT_type : <5d3>
2476 whereas n1 and n2 do have locations specified.
2478 ---------------------------------------------
2480 We see a DW_TAG_formal_parameter with a type, but
2481 no name and no location. It's probably part of a function type
2482 construction, thusly, hence ignore it:
2483 <1><2b4>: Abbrev Number: 12 (DW_TAG_subroutine_type)
2484 DW_AT_sibling : <2c9>
2485 DW_AT_prototyped : 1
2486 DW_AT_type : <114>
2487 <2><2be>: Abbrev Number: 13 (DW_TAG_formal_parameter)
2488 DW_AT_type : <13e>
2489 <2><2c3>: Abbrev Number: 13 (DW_TAG_formal_parameter)
2490 DW_AT_type : <133>
2492 ---------------------------------------------
2494 Is very minimal, like this:
2495 <4><81d>: Abbrev Number: 44 (DW_TAG_variable)
2496 DW_AT_abstract_origin: <7ba>
2497 What that signifies I have no idea. Ignore.
2499 ----------------------------------------------
2501 Is very minimal, like this:
2502 <200f>: DW_TAG_formal_parameter
2503 DW_AT_abstract_ori: <1f4c>
2504 DW_AT_location : 13440
2505 What that signifies I have no idea. Ignore.
2506 It might be significant, though: the variable at least
2507 has a location and so might exist somewhere.
2508 Maybe we should handle this.
2510 ---------------------------------------------
2512 <22407>: DW_TAG_variable
2513 DW_AT_name : (indirect string, offset: 0x6579):
2514 vgPlain_trampoline_stuff_start
2515 DW_AT_decl_file : 29
2516 DW_AT_decl_line : 56
2517 DW_AT_external : 1
2518 DW_AT_declaration : 1
2520 Nameless and typeless variable that has a location? Who
2521 knows. Not me.
2522 <2><3d178>: Abbrev Number: 22 (DW_TAG_variable)
2523 DW_AT_location : 9 byte block: 3 c0 c7 13 38 0 0 0 0
2524 (DW_OP_addr: 3813c7c0)
2526 No, really. Check it out. gcc is quite simply borked.
2527 <3><168cc>: Abbrev Number: 141 (DW_TAG_variable)
2528 // followed by no attributes, and the next DIE is a sibling,
2529 // not a child
2530 */
2531 }
2534 bad_DIE:
2537 abbv,
2538 cc);
2539 /*NOTREACHED*/
2540 }
2542 typedef
2544 /* The fndn_ix file name/dirname table. Is a mapping from dwarf
2545 integer index to the index in di->fndnpool. */
2548 }
2549 D3InlParser;
2551 /* Return the function name corresponding to absori.
2553 absori is a 'cooked' reference to a DIE, i.e. absori can be either
2554 in cc->escn_debug_info or in cc->escn_debug_info_alt.
2555 get_inlFnName will uncook absori.
2557 The returned value is a (permanent) string in DebugInfo's .strchunks.
2559 LIMITATION: absori must point in the CU of cc. If absori points
2560 in another CU, returns "UnknownInlinedFun".
2562 Here are the problems to retrieve the fun name if absori is in
2563 another CU: the DIE reading code cannot properly extract data from
2564 another CU, as the abbv code retrieved in the other CU cannot be
2565 translated in an abbreviation. Reading data from the alternate debug
2566 info also gives problems as the string reference is also in the alternate
2567 file, but when reading the alt DIE, the string form is a 'local' string,
2568 but cannot be read in the current CU, but must be read in the alt CU.
2569 See bug 338803 comment#3 and attachment for a failed attempt to handle
2570 these problems (failed because with the patch, only one alt abbrev hash
2571 table is kept, while we must handle all abbreviations in all CUs
2572 referenced by an absori (being a reference to an alt CU, or a previous
2573 or following CU). */
2575 {
2576 Cursor c;
2579 UInt has_children;
2580 UWord posn;
2583 FormContents cts;
2584 UInt nf_i;
2586 /* Some inlined subroutine call dwarf entries do not have the abstract
2587 origin attribute, resulting in absori being 0 (see callers of
2588 get_inlFnName). This is observed at least with gcc 6.3.0 when compiling
2589 valgrind with lto. So, in case we have a 0 absori, do not report an
2590 error, instead, rather return an unknown inlined function. */
2598 }
2601 }
2607 /* LIMITATION: check we are in the same CU.
2608 If not, return unknown inlined function name. */
2609 /* if crossing between alt debug info<>normal info
2610 or posn not in the cu range,
2611 then it is in another CU. */
2621 }
2624 }
2649 nf_i++;
2661 DW_AT_specification. */
2662 }
2664 UWord cdie;
2669 /* The recursive call to get_inlFnName will uncook its arg.
2670 So, we need to cook it here, so as to reference the
2671 correct section (e.g. the alt info). */
2674 /* hoping that there is no loop */
2676 /* Unclear if having both DW_AT_specification and DW_AT_name is
2677 possible but in any case, we do not break here.
2678 If we find later on a DW_AT_name, it will override the name found
2679 in the DW_AT_specification.*/
2680 }
2681 }
2688 }
2689 }
2691 /* Returns True if the (possibly) childrens of the current DIE are interesting
2692 to parse. Returns False otherwise.
2693 If the current DIE has a sibling, the non interesting children can
2694 maybe be skipped (if the DIE has a DW_AT_sibling). */
2698 DW_TAG dtag,
2699 UWord posn,
2700 Int level,
2704 Bool td3
2705 )
2706 {
2707 FormContents cts;
2708 UInt nf_i;
2712 /* Get info about DW_TAG_compile_unit and DW_TAG_partial_unit 'which
2713 in theory could also contain inlined fn calls). */
2723 nf_i++;
2729 }
2737 }
2741 }
2744 }
2745 }
2748 }
2761 // 0 will be interpreted as no abstract origin by get_inlFnName
2767 nf_i++;
2776 }
2779 }
2782 }
2785 inlinedfn_abstract_origin
2787 }
2792 }
2798 }
2802 }
2805 }
2806 }
2809 /* Do we have something that looks sane? */
2812 /* Seems strange. How can an inlined subroutine have
2813 no code ? */
2814 goto_bad_DIE;
2817 /* This inlined call is just a single address range. */
2819 /* Apply text debug biasing */
2825 caller_fndn_ix,
2827 }
2829 /* This inlined call is several address ranges. */
2831 Word j;
2835 /* Ranges are biased for the inline info using the same logic
2836 as what is used for biasing ranges for the var info, for which
2837 ranges are read using cc->cu_svma (see parse_var_DIE).
2838 Then text_debug_bias is added when a (non global) var
2839 is recorded (see just before the call to ML_(addVar)) */
2847 // aMax+1 as range has its last bound included
2848 // while ML_(addInlInfo) expects last bound not
2849 // included.
2850 inlfnname,
2851 caller_fndn_ix,
2853 }
2856 goto_bad_DIE;
2857 }
2859 // Only recursively parse the (possible) children for the DIE which
2860 // might maybe contain a DW_TAG_inlined_subroutine:
2865 bad_DIE:
2868 abbv,
2869 cc);
2870 /*NOTREACHED*/
2871 }
2874 /*------------------------------------------------------------*/
2875 /*--- ---*/
2876 /*--- Parsing of type-related DIEs ---*/
2877 /*--- ---*/
2878 /*------------------------------------------------------------*/
2880 typedef
2882 /* What source language? 'A'=Ada83/95,
2883 'C'=C/C++,
2884 'F'=Fortran,
2885 '?'=other
2886 Established once per compilation unit. */
2887 UChar language;
2888 /* A stack of types which are currently under construction */
2890 stack */
2891 Int stack_size;
2892 /* Note that the TyEnts in qparentE are temporary copies of the
2893 ones accumulating in the main tyent array. So it is not safe
2894 to free up anything on them when popping them off the stack
2895 (iow, it isn't safe to use TyEnt__make_EMPTY on them). Just
2896 memset them to zero when done. */
2899 }
2900 D3TypeParser;
2902 /* Completely initialise a type parser object */
2903 static void
2905 {
2911 }
2913 /* Release any memory hanging off a type parser object */
2914 static void
2916 {
2919 }
2922 {
2923 Word i;
2929 }
2931 }
2933 /* Remove from the stack, all entries with .level > 'level' */
2934 static
2936 {
2948 }
2951 }
2954 {
2957 }
2961 Bool td3,
2963 {
2968 /* First we need to zap everything >= 'level', as we are about to
2969 replace any previous entry at 'level', so .. */
2982 }
2993 }
2995 /* True if the subrange type being parsed gives the bounds of an array. */
2997 DW_TAG dtag ) {
2999 /* For most languages, a subrange_type dtag always gives the
3000 bounds of an array.
3001 For Ada, there are additional conditions as a subrange_type
3002 is also used for other purposes. */
3004 /* not Ada, so it definitely denotes an array bound. */
3006 else
3007 /* Extra constraints for Ada: it only denotes an array bound if .. */
3010 }
3012 /* True if the form is one of the forms supported to give an array bound.
3013 For some arrays (scope local arrays with variable size),
3014 a DW_FORM_ref4 was used, and was wrongly used as the bound value.
3015 So, refuse the forms that are known to give a problem. */
3024 }
3026 /* Parse a type-related DIE. 'parser' holds the current parser state.
3027 'admin' is where the completed types are dumped. 'dtag' is the tag
3028 for this DIE. 'c_die' points to the start of the data fields (FORM
3029 stuff) for the DIE. abbv is the parsed abbreviation which describe
3030 the DIE.
3032 We may find the DIE uninteresting, in which case we should ignore
3033 it.
3035 What happens: the DIE is examined. If uninteresting, it is ignored.
3036 Otherwise, the DIE gives rise to two things:
3038 (1) the offset of this DIE in the CU -- the cuOffset, a UWord
3039 (2) a TyAdmin structure, which holds the type, or related stuff
3041 (2) is added at the end of 'tyadmins', at some index, say 'i'.
3043 A pair (cuOffset, i) is added to 'tydict'.
3045 Hence 'tyadmins' holds the actual type entities, and 'tydict' holds
3046 a mapping from cuOffset to the index of the corresponding entry in
3047 'tyadmin'.
3049 When resolving a cuOffset to a TyAdmin, first look up the cuOffset
3050 in the tydict (by binary search). This gives an index into
3051 tyadmins, and the required entity lives in tyadmins at that index.
3052 */
3056 DW_TAG dtag,
3057 UWord posn,
3058 Int level,
3062 Bool td3 )
3063 {
3064 FormContents cts;
3065 UInt nf_i;
3066 TyEnt typeE;
3067 TyEnt atomE;
3068 TyEnt fieldE;
3069 TyEnt boundE;
3078 /* If we've returned to a level at or above any previously noted
3079 parent, un-note it, so we don't believe we're still collecting
3080 its children. */
3086 /* See if we can find DW_AT_language, since it is important for
3087 establishing array bounds (see DW_TAG_subrange_type below in
3088 this fn) */
3093 nf_i++;
3099 goto_bad_DIE;
3121 goto_bad_DIE;
3122 }
3123 }
3124 }
3127 /* We can pick up a new base type any time. */
3135 nf_i++;
3142 }
3145 }
3161 goto_bad_DIE;
3162 }
3163 }
3164 }
3166 /* Invent a name if it doesn't have one. gcc-4.3
3167 -ftree-vectorize is observed to emit nameless base types. */
3173 /* Do we have something that looks sane? */
3176 /* and a plausible size. Yes, really 32: "complex long
3177 double" apparently has size=32 */
3179 /* and a plausible encoding */
3184 goto_bad_DIE;
3185 /* Last minute hack: if we see this
3186 <1><515>: DW_TAG_base_type
3187 DW_AT_byte_size : 0
3188 DW_AT_encoding : 5
3189 DW_AT_name : void
3190 convert it into a real Void type. */
3196 }
3199 }
3201 /*
3202 * An example of DW_TAG_rvalue_reference_type:
3203 *
3204 * $ readelf --debug-dump /usr/lib/debug/usr/lib/libstdc++.so.6.0.16.debug
3205 * <1><1014>: Abbrev Number: 55 (DW_TAG_rvalue_reference_type)
3206 * <1015> DW_AT_byte_size : 4
3207 * <1016> DW_AT_type : <0xe52>
3208 */
3212 /* This seems legit for _pointer_type and _reference_type. I
3213 don't know if rolling _ptr_to_member_type in here really is
3214 legit, but it's better than not handling it at all. */
3232 }
3233 /* target type defaults to void */
3235 /* These four type kinds don't *have* to specify their size, in
3236 which case we assume it's a machine word. But if they do
3237 specify it, it must be a machine word :-) This probably
3238 assumes that the word size of the Dwarf3 we're reading is the
3239 same size as that on the machine. gcc appears to give a size
3240 whereas icc9 doesn't. */
3246 nf_i++;
3251 }
3255 }
3256 }
3257 /* Do we have something that looks sane? */
3259 goto_bad_DIE;
3260 else
3262 }
3265 /* Create a new Type to hold the results. */
3278 nf_i++;
3285 }
3288 }
3291 }
3292 }
3299 /* Do we have something that looks sane? */
3301 /* we must know the size */
3302 /* but not for Ada, which uses such dummy
3303 enumerations as helper for gdb ada mode.
3304 Also GCC allows incomplete enums as GNU extension.
3305 http://gcc.gnu.org/onlinedocs/gcc/Incomplete-Enums.html
3306 These are marked as DW_AT_declaration and won't have
3307 a size. They can only be used in declaration or as
3308 pointer types. You can't allocate variables or storage
3309 using such an enum type. (Also GCC seems to have a bug
3310 that will put such an enumeration_type into a .debug_types
3311 unit which should only contain complete types.) */
3313 goto_bad_DIE;
3314 }
3316 /* On't stack! */
3319 }
3321 /* gcc (GCC) 4.4.0 20081017 (experimental) occasionally produces
3322 DW_TAG_enumerator with only a DW_AT_name but no
3323 DW_AT_const_value. This is in violation of the Dwarf3 standard,
3324 and appears to be a new "feature" of gcc - versions 4.3.x and
3325 earlier do not appear to do this. So accept DW_TAG_enumerator
3326 which only have a name but no value. An example:
3328 <1><180>: Abbrev Number: 6 (DW_TAG_enumeration_type)
3329 <181> DW_AT_name : (indirect string, offset: 0xda70):
3330 QtMsgType
3331 <185> DW_AT_byte_size : 4
3332 <186> DW_AT_decl_file : 14
3333 <187> DW_AT_decl_line : 1480
3334 <189> DW_AT_sibling : <0x1a7>
3335 <2><18d>: Abbrev Number: 7 (DW_TAG_enumerator)
3336 <18e> DW_AT_name : (indirect string, offset: 0x9e18):
3337 QtDebugMsg
3338 <2><192>: Abbrev Number: 7 (DW_TAG_enumerator)
3339 <193> DW_AT_name : (indirect string, offset: 0x1505f):
3340 QtWarningMsg
3341 <2><197>: Abbrev Number: 7 (DW_TAG_enumerator)
3342 <198> DW_AT_name : (indirect string, offset: 0x16f4a):
3343 QtCriticalMsg
3344 <2><19c>: Abbrev Number: 7 (DW_TAG_enumerator)
3345 <19d> DW_AT_name : (indirect string, offset: 0x156dd):
3346 QtFatalMsg
3347 <2><1a1>: Abbrev Number: 7 (DW_TAG_enumerator)
3348 <1a2> DW_AT_name : (indirect string, offset: 0x13660):
3349 QtSystemMsg
3350 */
3359 nf_i++;
3366 }
3370 }
3371 }
3372 /* Do we have something that looks sane? */
3374 goto_bad_DIE;
3375 /* Do we have a plausible parent? */
3381 /* Record this child in the parent */
3385 /* And record the child itself */
3387 }
3389 /* Treat DW_TAG_class_type as if it was a DW_TAG_structure_type. I
3390 don't know if this is correct, but it at least makes this reader
3391 usable for gcc-4.3 produced Dwarf3. */
3397 /* Create a new Type to hold the results. */
3414 nf_i++;
3421 }
3425 }
3428 }
3431 }
3438 }
3439 }
3440 /* Do we have something that looks sane? */
3442 /* It's a DW_AT_declaration. We require the name but
3443 nothing else. */
3444 /* JRS 2012-06-28: following discussion w/ tromey, if the
3445 type doesn't have name, just make one up, and accept it.
3446 It might be referred to by other DIEs, so ignoring it
3447 doesn't seem like a safe option. */
3453 /* JRS 2009 Aug 10: <possible kludge>? */
3454 /* Push this tyent on the stack, even though it's incomplete.
3455 It appears that gcc-4.4 on Fedora 11 will sometimes create
3456 DW_TAG_member entries for it, and so we need to have a
3457 plausible parent present in order for that to work. See
3458 #200029 comments 8 and 9. */
3460 /* </possible kludge> */
3462 }
3464 /* this is the common, ordinary case */
3465 /* The name can be present, or not */
3467 /* We must know the size.
3468 But in Ada, record with discriminants might have no size.
3469 But in C, VLA in the middle of a struct (gcc extension)
3470 might have no size.
3471 Instead, some GNAT dwarf extensions and/or dwarf entries
3472 allow to calculate the struct size at runtime.
3473 We cannot do that (yet?) so, the temporary kludge is to use
3474 a small size. */
3476 }
3477 /* On't stack! */
3480 }
3482 /* don't know how to handle any other variants just now */
3483 goto_bad_DIE;
3484 }
3485 }
3488 /* Acquire member entries for both DW_TAG_structure_type and
3489 DW_TAG_union_type. They differ minorly, in that struct
3490 members must have a DW_AT_data_member_location expression
3491 whereas union members must not. */
3492 Bool parent_is_struct;
3501 nf_i++;
3508 }
3512 }
3513 /* There are 2 different cases for DW_AT_data_member_location.
3514 If it is a constant class attribute, it contains byte offset
3515 from the beginning of the containing entity.
3516 Otherwise it is a location expression. */
3520 }
3527 }
3528 }
3529 /* Do we have a plausible parent? */
3535 /* Do we have something that looks sane? If this a member of a
3536 struct, we must have a location expression; but if a member
3537 of a union that is irrelevant (D3 spec sec 5.6.6). We ought
3538 to reject in the latter case, but some compilers have been
3539 observed to emit constant-zero expressions. So just ignore
3540 them. */
3541 parent_is_struct
3548 goto_bad_DIE;
3551 /* If this is a union type, pretend we haven't seen the data
3552 member location expression, as it is by definition
3553 redundant (it must be zero). */
3558 }
3559 /* Record this child in the parent */
3564 /* And record the child itself */
3567 /* Member with no location - this can happen with static
3568 const members in C++ code which are compile time constants
3569 that do no exist in the class. They're not of any interest
3570 to us so we ignore them. */
3572 }
3573 }
3588 nf_i++;
3594 }
3595 }
3597 goto_bad_DIE;
3598 /* On't stack! */
3601 }
3603 /* this is a subrange type defining the bounds of an array. */
3619 DW_TAG_compile_unit in this fn */
3620 }
3629 nf_i++;
3636 }
3641 }
3645 }
3646 }
3647 /* FIXME: potentially skip the rest if no parent present, since
3648 it could be the case that this subrange type is free-standing
3649 (not being used to describe the bounds of a containing array
3650 type) */
3651 /* Do we have a plausible parent? */
3658 /* Figure out if we have a definite range or not */
3664 }
3670 }
3676 }
3688 /* FIXME: handle more cases */
3689 goto_bad_DIE;
3690 }
3692 /* Record this bound in the parent */
3697 /* And record the child itself */
3699 }
3701 /* typedef or subrange_type other than array bounds. */
3705 /* subrange_type other than array bound is only for Ada. */
3707 /* We can pick up a new typedef/subrange_type any time. */
3717 nf_i++;
3724 }
3728 }
3729 }
3730 /* Do we have something that looks sane?
3731 gcc gnat Ada generates minimal typedef
3732 such as the below
3733 <6><91cc>: DW_TAG_typedef
3734 DW_AT_abstract_ori: <9066>
3735 g++ for OMP can generate artificial functions that have
3736 parameters that refer to pointers to unnamed typedefs.
3737 See https://bugs.kde.org/show_bug.cgi?id=273475
3738 So we cannot require a name for a DW_TAG_typedef.
3739 */
3741 }
3744 /* function type? just record that one fact and ask no
3745 further questions. */
3750 }
3761 /* target type defaults to 'void' */
3767 nf_i++;
3773 have_ty++;
3774 }
3775 }
3776 /* gcc sometimes generates DW_TAG_const/volatile_type without
3777 DW_AT_type and GDB appears to interpret the type as 'const
3778 void' (resp. 'volatile void'). So just allow it .. */
3781 else
3782 goto_bad_DIE;
3783 }
3785 /*
3786 * Treat DW_TAG_unspecified_type as type void. An example of DW_TAG_unspecified_type:
3787 *
3788 * $ readelf --debug-dump /usr/lib/debug/usr/lib/libstdc++.so.6.0.16.debug
3789 * <1><10d4>: Abbrev Number: 53 (DW_TAG_unspecified_type)
3790 * <10d5> DW_AT_name : (indirect string, offset: 0xdb7): decltype(nullptr)
3791 */
3798 }
3800 /* else ignore this DIE */
3802 /*NOTREACHED*/
3804 acquire_Type:
3811 /*NOTREACHED*/
3813 acquire_Atom:
3820 /*NOTREACHED*/
3822 acquire_Field:
3823 /* For union members, Expr should be absent */
3832 }
3837 /*NOTREACHED*/
3839 acquire_Bound:
3846 /*NOTREACHED*/
3848 bad_DIE:
3851 abbv,
3852 cc);
3853 /*NOTREACHED*/
3854 }
3857 /*------------------------------------------------------------*/
3858 /*--- ---*/
3859 /*--- Compression of type DIE information ---*/
3860 /*--- ---*/
3861 /*------------------------------------------------------------*/
3866 UWord cuOff )
3867 {
3875 }
3885 }
3886 }
3888 static
3893 {
3902 }
3904 }
3909 {
3972 }
3974 }
3976 /* Make a pass over 'ents'. For each tyent, inspect the target of any
3977 'R' or 'Rs' fields (those which refer to other tyents), and replace
3978 any which point to INDIR nodes with the target of the indirection
3979 (which should not itself be an indirection). In summary, this
3980 routine shorts out all references to indirection nodes. */
3981 static
3984 {
3986 Bool b;
3991 /* We have to substitute everything, even indirections, so as to
3992 ensure that chains of indirections don't build up. */
3995 nChanged++;
3996 }
3999 }
4002 /* Make a pass over 'ents', building a dictionary of TyEnts as we go.
4003 Look up each new tyent in the dictionary in turn. If it is already
4004 in the dictionary, replace this tyent with an indirection to the
4005 existing one, and delete any malloc'd stuff hanging off this one.
4006 In summary, this routine commons up all tyents that are identical
4007 as defined by TyEnt__cmp_by_all_except_cuOff. */
4008 static
4010 {
4020 );
4028 /* Ignore indirections, although check that they are
4029 not forming a cycle. */
4033 }
4037 /* it's already in the dictionary. */
4042 /* since we are traversing the array in increasing order of
4043 cuOff: */
4045 /* So anyway, dump this entry and replace it with an
4046 indirection to the one in the dictionary. Note that the
4047 assertion above guarantees that we cannot create cycles of
4048 indirections, since we are always creating an indirection
4049 to a tyent with a cuOff lower than this one. */
4053 nDeleted++;
4055 /* not in dictionary; add it and keep going. */
4057 }
4058 }
4063 }
4066 static
4070 {
4076 /* If a commoning pass and a substitution pass both make fewer than
4077 this many changes, just stop. It's pointless to burn up CPU
4078 time trying to compress the last 1% or so out of the array. */
4081 /* First we must sort .ents by its .cuOff fields, so we
4082 can index into it. */
4086 /* Now repeatedly do commoning and substitution passes over
4087 the array, until there are no more changes. */
4095 /* Sanity check: all INDIR nodes should point at a non-INDIR thing.
4096 In fact this should be true at the end of every loop iteration
4097 above (a commoning pass followed by a substitution pass), but
4098 checking it on every iteration is excessively expensive. Note,
4099 this loop also computes 'm' for the stats printing below it. */
4106 m++;
4111 }
4114 }
4117 /*------------------------------------------------------------*/
4118 /*--- ---*/
4119 /*--- Resolution of references to type DIEs ---*/
4120 /*--- ---*/
4121 /*------------------------------------------------------------*/
4123 /* Make a pass through the (temporary) variables array. Examine the
4124 type of each variable, check is it found, and chase any Te_INDIRs.
4125 Postcondition is: each variable has a typeR field that refers to a
4126 valid type in tyents, or a Te_UNKNOWN, and is certainly guaranteed
4127 not to refer to a Te_INDIR. (This is so that we can throw all the
4128 Te_INDIRs away later). */
4136 )
4137 {
4142 /* This is the stated type of the variable. But it might be
4143 an indirection, so be careful. */
4151 }
4153 /* Deal first with "normal" cases */
4157 }
4159 /* If there's no ent, it probably we did not manage to read a
4160 type at the cuOffset which is stated as being this variable's
4161 type. Maybe a deficiency in parse_type_DIE. Complain. */
4166 }
4168 /* If ent has any other tag, something bad happened, along the
4169 lines of var->typeR not referring to a type at all. */
4171 /* Just accept it; the type will be useless, but at least keep
4172 going. */
4174 }
4175 }
4178 /*------------------------------------------------------------*/
4179 /*--- ---*/
4180 /*--- Parsing of Compilation Units ---*/
4181 /*--- ---*/
4182 /*------------------------------------------------------------*/
4190 }
4201 )
4202 {
4205 UWord posn;
4206 UInt has_children;
4207 UWord start_die_c_offset;
4208 UWord after_die_c_offset;
4209 // If the DIE we will parse has a sibling and the parser(s) are
4210 // all indicating that parse_children is not necessary, then
4211 // we will skip the children by jumping to the sibling of this DIE
4212 // (if it has a sibling).
4216 /* --- Deal with this DIE --- */
4226 }
4235 /* We're set up to look at the fields of this DIE. Hand it off to
4236 any parser(s) that want to see it. Since they will in general
4237 advance the DIE cursor, remember the current settings so that we
4238 can then back up. . */
4244 typarser,
4246 posn,
4247 level,
4250 cc,
4251 td3 );
4255 }
4258 tempvars,
4259 gexprs,
4260 varparser,
4262 posn,
4263 level,
4266 cc,
4267 td3 );
4271 }
4274 // type and var parsers do not have logic to skip childrens and establish
4275 // the value of sibling.
4276 }
4280 parse_children =
4283 posn,
4284 level,
4287 cc,
4288 td3 )
4292 // Last parser, no need to reset the cursor to start_die_c_offset.
4293 }
4297 }
4300 // DIE was read by a parser above, so we know where the DIE ends.
4303 /* No parser has parsed this DIE. So, we need to skip the DIE,
4304 in order to read the next DIE.
4305 At the same time, establish sibling value if the DIE has one. */
4308 }
4310 /* --- Now recurse into its children, if any
4311 and the parsing of the children is requested by a parser --- */
4321 }
4322 /* Now we need to eat the terminating zero */
4327 // We can skip the childrens, by jumping to the sibling
4332 }
4333 }
4335 }
4339 DiSlice escn_debug_loc)
4340 {
4341 #if 0
4342 /* This doesn't work properly because it assumes all entries are
4343 packed end to end, with no holes. But that doesn't always
4344 appear to be the case, so it loses sync. And the D3 spec
4345 doesn't appear to require a no-hole situation either. */
4346 /* Display .debug_loc */
4347 Addr dl_base;
4348 UWord dl_offset;
4362 UWord len;
4366 /* Read a (host-)word pair. This is something of a hack since
4367 the word size to read is really dictated by the ELF file;
4368 however, we assume we're reading a file with the same
4369 word-sizeness as the host. Reasonably enough. */
4374 /* end of list. reset 'base' */
4379 }
4382 /* new value for 'base' */
4387 }
4389 /* else a location expression follows */
4396 len--;
4397 }
4399 }
4400 }
4401 #endif
4402 }
4406 DiSlice escn_debug_ranges)
4407 {
4409 Addr dr_base;
4410 UWord dr_offset;
4413 /* Display .debug_ranges */
4428 /* Read a (host-)word pair. This is something of a hack since
4429 the word size to read is really dictated by the ELF file;
4430 however, we assume we're reading a file with the same
4431 word-sizeness as the host. Reasonably enough. */
4436 /* end of list. reset 'base' */
4441 }
4444 /* new value for 'base' */
4449 }
4451 /* else a range [w1+base, w2+base) is denoted */
4454 }
4455 }
4456 }
4460 DiSlice escn_debug_abbv)
4461 {
4465 /* Display .debug_abbrev */
4474 /* Read one abbreviation table */
4477 ULong atag;
4478 UInt has_children;
4492 }
4493 }
4494 }
4495 }
4496 }
4498 static
4507 DiSlice escn_debug_str_alt
4508 )
4509 {
4520 D3TypeParser typarser;
4521 D3VarParser varparser;
4522 D3InlParser inlparser;
4526 Int pass;
4529 /* Display/trace various information, if requested. */
4535 }
4537 /* Zero out all parsers. Parsers will really be initialised
4538 according to VG_(clo_read_*_info). */
4542 /* We'll park the harvested type information in here. Also create
4543 a fake "void" entry with offset D3_FAKEVOID_CUOFF, so we always
4544 have at least one type entry to refer to. D3_FAKEVOID_CUOFF is
4545 huge and presumably will not occur in any valid DWARF3 file --
4546 it would need to have a .debug_info section 4GB long for that to
4547 happen. These type entries end up in the DebugInfo. */
4557 }
4563 }
4565 /* This is a tree used to unique-ify the range lists that are
4566 manufactured by parse_var_DIE. References to the keys in the
4567 tree wind up in .rngMany fields in TempVars. We'll need to
4568 delete this tree, and the XArrays attached to it, at the end of
4569 this function. */
4575 /* List of variables we're accumulating. These don't end up in the
4576 DebugInfo; instead their contents are handed to ML_(addVar) and
4577 the list elements are then deleted. */
4583 /* List of GExprs we're accumulating. These wind up in the
4584 DebugInfo. */
4588 /* We need a D3TypeParser to keep track of partially constructed
4589 types. It'll be discarded as soon as we've completed the CU,
4590 since the resulting information is tipped in to 'tyents' as it
4591 is generated. */
4597 }
4599 /* Do an initial pass to scan the .debug_types section, if any, and
4600 fill in the signatured types hash table. This lets us handle
4601 mapping from a type signature to a (cooked) DIE offset directly
4602 in get_Form_contents. */
4611 CUConst cc;
4616 /* parse_CU_header initialises the CU's abbv hash table. */
4619 /* Needed by cook_die. */
4625 /* Until proven otherwise we assume we don't need the icc9
4626 workaround in this case; see the DIE-reading loop below
4627 for details. */
4635 }
4638 }
4639 }
4641 /* Perform three DIE-reading passes. The first pass reads DIEs from
4642 alternate .debug_info (if any), the second pass reads DIEs from
4643 .debug_info, and the third pass reads DIEs from .debug_types.
4644 Moving the body of this loop into a separate function would
4645 require a large number of arguments to be passed in, so it is
4646 kept inline instead. */
4648 ULong section_size;
4653 /* Now loop over the Compilation Units listed in the alternate
4654 .debug_info section (see D3SPEC sec 7.5) paras 1 and 2.
4655 Each compilation unit contains a Compilation Unit Header
4656 followed by precisely one DW_TAG_compile_unit or
4657 DW_TAG_partial_unit DIE. */
4664 /* Now loop over the Compilation Units listed in the .debug_info
4665 section (see D3SPEC sec 7.5) paras 1 and 2. Each compilation
4666 unit contains a Compilation Unit Header followed by precisely
4667 one DW_TAG_compile_unit or DW_TAG_partial_unit DIE. */
4683 }
4687 CUConst cc;
4688 /* It may be that the stated size of this CU is larger than the
4689 amount of stuff actually in it. icc9 seems to generate CUs
4690 thusly. We use these variables to figure out if this is
4691 indeed the case, and if so how many bytes we need to skip to
4692 get to the start of the next CU. Not skipping those bytes
4693 causes us to misidentify the start of the next CU, and it all
4694 goes badly wrong after that (not surprisingly). */
4697 /* It seems icc9 finishes the DIE info before debug_info_sz
4698 bytes have been used up. So be flexible, and declare the
4699 sequence complete if there is not enough remaining bytes to
4700 hold even the smallest conceivable CU header. (11 bytes I
4701 reckon). */
4702 /* JRS 23Jan09: I suspect this is no longer necessary now that
4703 the code below contains a 'while (cu_amount_used <
4704 cu_size_including_IniLen ...' style loop, which skips over
4705 any leftover bytes at the end of a CU in the case where the
4706 CU's stated size is larger than its actual size (as
4707 determined by reading all its DIEs). However, for prudence,
4708 I'll leave the following test in place. I can't see that a
4709 CU header can be smaller than 11 bytes, so I don't think
4710 there's any harm possible through the test -- it just adds
4711 robustness. */
4718 }
4721 /* Check the varparser's stack is in a sane state. */
4723 /* Check the typarser's stack is in a sane state. */
4725 }
4730 /* parse_CU_header initialises the CU's hashtable of abbvs ht_abbvs */
4737 }
4753 /* The CU's svma can be deduced by looking at the AT_low_pc
4754 value in the top level TAG_compile_unit, which is the topmost
4755 DIE. We'll leave it for the 'varparser' to acquire that info
4756 and fill it in -- since it is the only party to want to know
4757 it. */
4764 /* Create a fake outermost-level range covering the entire
4765 address range. So we always have *something* to catch all
4766 variable declarations. */
4771 /* And set up the fndn_ix_Table. When we come across the top
4772 level DIE for this CU (which is what the next call to
4773 read_DIE should process) we will copy all the file names out
4774 of the .debug_line img area and use this table to look up the
4775 copies when we later see filename numbers in DW_TAG_variables
4776 etc. */
4778 varparser.fndn_ix_Table
4782 }
4785 /* fndn_ix_Table for the inlined call parser */
4787 inlparser.fndn_ix_Table
4791 }
4793 /* Now read the one-and-only top-level DIE for this CU. */
4806 /* How big the CU claims it is .. */
4808 /* .. vs how big we have found it to be */
4816 /* If the CU is bigger than it claims to be, we've got a serious
4817 problem. */
4821 /* If the CU is smaller than it claims to be, we need to skip some
4822 bytes. Loop updates cu_offset_new and cu_amount_used. */
4829 }
4832 /* Preen to level -2. DIEs have level >= 0 so -2 cannot occur
4833 anywhere else at all. Our fake the-entire-address-space
4834 range is at level -1, so preening to -2 should completely
4835 empty the stack out. */
4838 /* Similarly, empty the type stack out. */
4840 }
4846 }
4851 }
4856 /* else keep going */
4857 }
4858 }
4862 /* From here on we're post-processing the stuff we got
4863 out of the .debug_info section. */
4869 }
4878 }
4884 /* Copy all the non-INDIR tyents into a new table. For large
4885 .so's, about 90% of the tyents will by now have been resolved to
4886 INDIRs, and we no longer need them, and so don't need to store
4887 them. */
4888 tyents_to_keep
4897 }
4904 /* Sort tyents_to_keep so we can lookup in it. A complete (if
4905 minor) waste of time, since tyents itself is sorted, but
4906 necessary since VG_(lookupXA) refuses to cooperate if we
4907 don't. */
4911 /* Enable cacheing on tyents_to_keep */
4912 tyents_to_keep_cache
4917 /* And record the tyents in the DebugInfo. We do this before
4918 starting to hand variables to ML_(addVar), since if ML_(addVar)
4919 wants to do debug printing (of the types of said vars) then it
4920 will need the tyents.*/
4924 /* Bias all the location expressions. */
4932 }
4937 /* Park (pointers to) all the vars in an XArray, so we can look up
4938 abstract origins quickly. The array is sorted (hence, looked-up
4939 by) the .dioff fields. Since the .dioffs should be in strictly
4940 ascending order, there is no need to sort the array after
4941 construction. The ascendingness is however asserted for. */
4942 dioff_lookup_tab
4951 first_primary_var++) {
4955 }
4961 /* why should this hold? Only, I think, because we've
4962 constructed the array by reading .debug_info sequentially,
4963 and so the array .dioff fields should reflect that, and be
4964 strictly ascending. */
4966 }
4968 }
4972 /* Now visit each var. Collect up as much info as possible for
4973 each var and hand it to ML_(addVar). */
4979 /* Possibly show .. */
4989 }
4995 }
5003 }
5010 }
5012 /* Skip variables which have no location. These must be
5013 abstract instances; they are useless as-is since with no
5014 location they have no specified memory location. They will
5015 presumably be referred to via the absOri fields of other
5016 variables. */
5020 }
5022 /* So it has a location, at least. If it refers to some other
5023 entry through its absOri field, pull in further info through
5024 that. */
5026 Bool found;
5028 TempVar key;
5036 /* barf("DW_AT_abstract_origin can't be resolved"); */
5039 }
5040 /* If the following fails, there is more than one entry with
5041 the same dioff. Which can't happen. */
5044 /* stay sane */
5048 /* Copy what useful info we can. */
5057 }
5059 /* Give it a name if it doesn't have one. */
5063 /* So now does it have enough info to be useful? */
5064 /* NOTE: re typeR: this is a hack. If typeR is Te_UNKNOWN then
5065 the type didn't get resolved. Really, in that case
5066 something's broken earlier on, and should be fixed, rather
5067 than just skipping the variable. */
5069 tyents_to_keep_cache,
5071 /* The next two assertions should be guaranteed by
5072 our previous call to resolve_variable_types. */
5083 /* Ok. So we're going to keep it. Call ML_(addVar) once for
5084 each address range in which the variable exists. */
5088 Word nVarPcRanges;
5089 /* Set up to iterate over address ranges, however
5090 represented. */
5096 }
5109 }
5112 /* and iterate */
5117 /* Level 0 is the global address range. So at level 0 we
5118 don't want to bias pcMin/pcMax; but at all other levels
5119 we do since those are derived from svmas in the Dwarf
5120 we're reading. Be paranoid ... */
5125 /* vg_assert(pcMin > (Addr)0);
5126 No .. we can legitimately expect to see ranges like
5127 0x0-0x11D (pre-biasing, of course). */
5129 }
5131 /* Apply text biasing, for non-global variables. */
5135 }
5147 );
5148 }
5149 }
5152 /* and move on to the next var */
5153 }
5155 /* Now free all the TempVars */
5160 }
5164 /* and the temp lookup table */
5167 /* and the ranges tree. Note that we need to also free the XArrays
5168 which constitute the keys, hence pass VG_(deleteXA) as a
5169 key-finalizer. */
5172 /* and the tyents_to_keep cache */
5178 /* And the signatured type hash. */
5181 /* record the GExprs in di so they can be freed later */
5184 }
5186 // Free up dynamically allocated memory
5190 }
5191 }
5194 /*------------------------------------------------------------*/
5195 /*--- ---*/
5196 /*--- The "new" DWARF3 reader -- top level control logic ---*/
5197 /*--- ---*/
5198 /*------------------------------------------------------------*/
5208 /*NOTREACHED*/
5210 }
5213 void
5221 DiSlice escn_debug_str_alt
5222 )
5223 {
5227 /* Run the _wrk function to read the dwarf3. If it succeeds, it
5228 just returns normally. If there is any failure, it longjmp's
5229 back here, having first set d3rd_jmpbuf_reason to something
5230 useful. */
5237 /* try this ... */
5244 escn_debug_str_alt );
5248 /* It longjmp'd. */
5250 /* Can't longjump without giving some sort of reason. */
5256 }
5260 }
5264 /* --- Unused code fragments which might be useful one day. --- */
5266 #if 0
5267 /* Read the arange tables */
5275 Bool is64;
5276 UShort version;
5281 /* Read one arange thingy */
5282 /* initial_length field */
5299 }
5305 }
5306 }
5308 #endif
5312 /*--------------------------------------------------------------------*/
5313 /*--- end ---*/
5314 /*--------------------------------------------------------------------*/