| blob | 0b1f6535ba50266359d3f8c2090b3b0b88653a62 |
1 /* -*- mode: C; c-basic-offset: 3; -*- */
3 /*--------------------------------------------------------------------*/
4 /*--- Read DWARF1/2/3/4 debug info. readdwarf.c ---*/
5 /*--------------------------------------------------------------------*/
7 /*
8 This file is part of Valgrind, a dynamic binary instrumentation
9 framework.
11 Copyright (C) 2000-2017 Julian Seward
12 jseward@acm.org
14 This program is free software; you can redistribute it and/or
15 modify it under the terms of the GNU General Public License as
16 published by the Free Software Foundation; either version 2 of the
17 License, or (at your option) any later version.
19 This program is distributed in the hope that it will be useful, but
20 WITHOUT ANY WARRANTY; without even the implied warranty of
21 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
22 General Public License for more details.
24 You should have received a copy of the GNU General Public License
25 along with this program; if not, write to the Free Software
26 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
27 02111-1307, USA.
29 The GNU General Public License is contained in the file COPYING.
30 */
32 #if defined(VGO_linux) || defined(VGO_darwin) || defined(VGO_solaris)
50 /*------------------------------------------------------------*/
51 /*--- ---*/
52 /*--- Read line number and CFI info from DWARF1, DWARF2 ---*/
53 /*--- and to some extent DWARF3 sections. ---*/
54 /*--- ---*/
55 /*------------------------------------------------------------*/
57 /* The below "safe_*ix" functions allow to resist to malformed dwarf info:
58 if dwarf info contains wrong file or dirname indexes, these are (silently!)
59 ignored. */
61 /* if xa_ix is a valid index in fndn_ix_xa,
62 return the element (i.e. the UInt indexing in fndnpool).
63 If xa_ix is invalid, return 0 (i.e. the "null" element in fndnpool). */
65 {
69 }
71 /* if xa_ix is a valid index in dirname_xa,
72 return the element (i.e. the HChar*).
73 If xa_ix is invalid, return NULL. */
75 {
79 }
81 /*------------------------------------------------------------*/
82 /*--- Read DWARF2 format line number info. ---*/
83 /*------------------------------------------------------------*/
85 /* Structure holding info extracted from the a .debug_line
86 section. */
88 {
89 ULong li_length;
90 UShort li_version;
91 ULong li_header_length;
92 UChar li_min_insn_length;
93 UChar li_max_ops_per_insn;
94 Int li_line_base;
95 UChar li_line_range;
96 UChar li_opcode_base;
97 }
98 DebugLineInfo;
100 /* Structure holding additional infos found from a .debug_info
101 * compilation unit block */
103 {
104 /* Feel free to add more members here if you need ! */
109 }
110 UnitInfo;
112 /* Line number opcodes. */
113 enum dwarf_line_number_ops
114 {
125 /* DWARF 3. */
129 };
131 /* Line number extended opcodes. */
132 enum dwarf_line_number_x_ops
133 {
138 };
141 {
142 /* Information for the last statement boundary.
143 * Needed to calculate statement lengths. */
144 Addr last_address;
145 UInt last_file;
146 UInt last_line;
148 Addr address;
149 UInt file;
150 UInt line;
151 UInt column;
152 Int basic_block;
153 UChar end_sequence;
157 /* FIXME: duplicated in readdwarf3.c */
158 /* Read a 'leb128' and advance *data accordingly. */
160 {
163 UChar byte;
171 }
178 }
180 /* FIXME: duplicated in readdwarf3.c */
183 }
185 /* FIXME: duplicated in readdwarf3.c */
188 }
190 /* Read what the DWARF3 spec calls an "initial length field". This
191 uses up either 4 or 12 bytes of the input and produces a 32-bit or
192 64-bit number respectively.
194 Read 32-bit value from p. If it is 0xFFFFFFFF, instead read a
195 64-bit bit value from p+4. This is used in 64-bit dwarf to encode
196 some table lengths. Advance the cursor (p) accordingly.
198 XXX this is a hack: the endianness of the initial length field is
199 specified by the DWARF we're reading. This happens to work only
200 because we don't do cross-arch jitting, hence this code runs on a
201 platform of the same endianness as the DWARF it is reading. Same
202 applies for initial lengths for CIE/FDEs and probably in zillions
203 of other places -- to be precise, exactly the places where
204 binutils/dwarf.c calls byte_get().
205 */
206 static
208 {
216 }
217 }
219 static
221 {
222 /* Something of a roundabout approach .. the modification to p_img
223 is abandoned. */
225 }
230 static
232 {
243 }
245 ////////////////////////////////////////////////////////////////////
246 ////////////////////////////////////////////////////////////////////
248 /* Handled an extended line op starting at *data, and advance *data
249 accordingly. */
250 static
254 {
258 "Warning: DWARF2 reader: "
261 }
271 /* JRS: added for compliance with spec; is pointless due to
272 reset_state_machine below */
277 di,
283 );
284 }
298 }
311 }
321 }
322 }
324 ////////////////////////////////////////////////////////////////////
325 ////////////////////////////////////////////////////////////////////
327 /* read a .debug_line section block for a compilation unit
328 *
329 * Input: - theBlock must point to the start of the block
330 * for the given compilation unit
331 * - ui contains additional info like the compilation dir
332 * for this unit
333 *
334 * Output: - si debug info structures get updated
335 */
336 static
340 Int noLargerThan )
341 {
342 Int i;
343 DebugLineInfo info;
344 Bool is64;
346 UInt fndn_ix;
353 /* fndn_ix_xa is an xarray of fndn_ix (indexes in di->fndnpool) which
354 are build from file names harvested from the DWARF2
355 info. Entry [0] is the "null" pool index and is never referred to
356 by the state machine.
358 Similarly, dirname_xa is an xarray of directory names. Entry [0]
359 is also NULL and denotes "we don't know what the path is", since
360 that is different from "the path is the empty string". Unlike
361 the fndn_ix_xa table, the state machine does refer to entry [0],
362 which basically means "." ("the current directory of the
363 compilation", whatever that means, according to the DWARF3
364 spec.)
365 */
367 /* Fails due to gcc padding ...
368 vg_assert(sizeof(DWARF2_External_LineInfo)
369 == sizeof(DWARF2_Internal_LineInfo));
370 */
377 /* DWARF2 starts numbering filename entries at 1, so we need to
378 add a dummy zeroth entry to the table. */
384 else
393 /* Check the length of the block. */
396 "DWARF line info appears to be corrupt "
399 }
401 /* Check its version number. */
409 "Only DWARF version 2, 3 and 4 line info "
412 }
425 /* We only support machines with one opcode per instruction
426 for now. If we ever want to support VLIW machines there is
427 code to handle multiple opcodes per instruction in the
428 patch attached to BZ#233595.
429 */
436 }
442 }
444 /* Register is_stmt is not tracked as we are interested only
445 in pc -> line info mapping and not other debugger features. */
448 /* JRS: changed (UInt*) to (UChar*) */
470 DiCursor end_of_sequence
475 /* Read the contents of the Opcodes table. */
484 }
486 }
487 /* skip over "standard_opcode_lengths" */
490 /* Read the contents of the Directory table. */
501 /* If data[0] is '/', then 'data' is an absolute path and we
502 don't mess with it. Otherwise, construct the
503 path 'ui->compdir' ++ "/" ++ 'data'. */
506 /* not an absolute path */
508 /* actually got something sensible for compdir */
510 {
525 /* just use 'data'. */
529 }
533 }
542 }
545 /* Read the contents of the File Name table. This produces a bunch
546 of fndn_ix in fndn_ix_xa. */
550 }
566 i++;
568 }
577 }
583 /* Now display the statements. */
610 /* only add a statement if there was a previous boundary */
613 di,
619 0
620 );
621 }
625 }
638 /* only add a statement if there was a previous boundary */
641 di,
647 0
648 );
649 }
666 }
674 }
682 }
689 }
694 }
700 }
710 }
712 /* XXX: Need something to get 2 bytes */
719 }
737 Int j;
743 }
747 }
757 out:
760 }
762 ////////////////////////////////////////////////////////////////////
763 ////////////////////////////////////////////////////////////////////
765 /* Return abbrev for given code
766 * Returned cursor points to the tag
767 * */
769 {
776 ULong name;
780 }
782 }
783 }
785 /* Read general information for a particular compile unit block in
786 * the .debug_info section. In particular read the name, compdir and
787 * stmt_list needed to parse the line number information.
788 *
789 * Input: - unitblock is the start of a compilation
790 * unit block in .debuginfo section
791 * - debugabbrev is start of .debug_abbrev section
792 * - debugstr is start of .debug_str section
793 * - debugstr_alt_img is start of .debug_str section in alt debug file
794 *
795 * Output: Fill members of ui pertaining to the compilation unit:
796 * - ui->name is the name of the compilation unit
797 * - ui->compdir is the compilation unit directory
798 * - ui->stmt_list is the offset in .debug_line section
799 * for the dbginfos of this compilation unit
800 *
801 * Note : the output strings are not allocated and point
802 * directly to the memory-mapped section.
803 */
804 static
806 DiCursor unitblock_img,
807 DiCursor debugabbrev_img,
808 DiCursor debugstr_img,
809 DiCursor debugstr_alt_img )
810 {
813 UShort ver;
815 UChar addr_size;
817 DiCursor end_img;
818 DiCursor abbrev_img;
823 /* Read the compilation unit header in .debug_info section - See p 70 */
825 /* This block length */
828 /* version should be 2, 3 or 4 */
831 /* get offset in abbrev */
835 /* Address size */
838 /* End of this block */
841 /* Abbreviation data for this block */
844 /* Read the compilation unit entry - this is always the first DIE.
845 * See DWARF4 para 7.5. */
847 UInt tag;
851 /* Read abbreviation header */
854 /* This isn't illegal, but somewhat unlikely. Normally the
855 * first abbrev describes the first DIE, the compile_unit.
856 * But maybe this abbreviation data is shared with another
857 * or it is a NULL entry used for padding. See para 7.5.3. */
859 acode );
860 }
867 /* DW_CHILDREN_yes or DW_CHILDREN_no */
870 /* And loop on entries */
872 /* Read entry definition */
880 /* Read data */
881 /* Attributes encoding explained p 71 */
884 /* Decode form. For most kinds, Just skip the amount of data since
885 we don't use it for now */
886 /* JRS 9 Feb 06: This now handles 64-bit DWARF too. In
887 64-bit DWARF, lineptr (and loclistptr,macptr,rangelistptr
888 classes) use FORM_data8, not FORM_data4. Also,
889 FORM_ref_addr and FORM_strp are 64-bit values, not 32-bit
890 values. */
891 /* TJH 27 Apr 10: in DWARF 4 lineptr (and loclistptr,macptr,
892 rangelistptr classes) use FORM_sec_offset which is 64 bits
893 in 64 bit DWARF and 32 bits in 32 bit DWARF. */
894 /* JRS 20 Apr 11: LLVM-2.9 encodes DW_AT_stmt_list using
895 FORM_addr rather than the FORM_data4 that GCC uses. Hence
896 handle FORM_addr too. */
898 /* Those cases extract the data properly */
906 /* 2006-01-01: only generate a value if a debug_str
907 section was found) */
926 };
931 /* perhaps should assign unconditionally to cval? */
933 /* TODO : Following ones just skip data - implement if you need */
948 }
1000 form );
1002 }
1004 /* Now store the members we need in the UnitInfo structure */
1009 }
1010 }
1012 * this might have been a partial unit or broken DWARF info.
1013 * That's enough info for us, and we are not gdb ! */
1014 }
1017 ////////////////////////////////////////////////////////////////////
1018 ////////////////////////////////////////////////////////////////////
1020 /* Collect the debug info from DWARF3 debugging sections
1021 * of a given module.
1022 *
1023 * Inputs: given .debug_xxx sections
1024 * Output: update di to contain all the DWARF3 debug infos
1025 */
1034 {
1035 UnitInfo ui;
1036 UShort ver;
1037 ULong blklen;
1038 Bool blklen_is_64;
1040 /* Make sure we at least have a header for the first block */
1045 }
1052 /* Iterate on all the blocks we find in .debug_info */
1057 /* Read the compilation unit header in .debug_info section - See
1058 p 70 */
1059 /* This block length */
1064 end1_img )) {
1068 }
1070 /* version should be 2 */
1076 }
1078 /* Fill ui with offset in .debug_line and compdir */
1095 }
1097 /* Ignore blocks with no .debug_line associated block */
1106 }
1108 /* Read the .debug_line block for this compile unit */
1113 );
1114 }
1115 }
1118 ////////////////////////////////////////////////////////////////////
1119 ////////////////////////////////////////////////////////////////////
1121 /*------------------------------------------------------------*/
1122 /*--- Read DWARF1 format line number info. ---*/
1123 /*------------------------------------------------------------*/
1125 /* DWARF1 appears to be redundant, but nevertheless the Lahey Fortran
1126 compiler generates it.
1127 */
1129 /* The following three enums (dwarf_tag, dwarf_form, dwarf_attribute)
1130 are taken from the file include/elf/dwarf.h in the GNU gdb-6.0
1131 sources, which are Copyright 1992, 1993, 1995, 1999 Free Software
1132 Foundation, Inc and naturally licensed under the GNU General Public
1133 License version 2 or later.
1134 */
1136 /* Tag names and codes. */
1147 /* 0x0008 -- reserved */
1148 /* 0x0009 -- reserved */
1153 /* 0x000e -- reserved */
1175 /* GNU extensions */
1181 };
1183 /* Form names and codes. */
1194 };
1196 /* Attribute names and codes. */
1211 /* (0x00e0|FORM_xxxx) -- reserved */
1220 /* (0x0170|FORM_xxxx) -- reserved */
1221 /* (0x0180|FORM_xxxx) -- reserved */
1261 /* GNU extensions. */
1269 };
1271 /* end of enums taken from gdb-6.0 sources */
1272 #if 0
1277 {
1278 UInt stmt_list;
1279 Bool stmt_list_found;
1289 /* This loop scans the DIEs. */
1297 /* We're only interested in compile_unit DIEs; ignore others. */
1301 }
1307 /* We've got a compile_unit DIE starting at (dwarf1d +
1308 die_offset+6). Try and find the AT_name and AT_stmt_list
1309 attributes. Then, finally, we can read the line number info
1310 for this source file. */
1312 /* The next 3 are set as we find the relevant attrs. */
1317 /* This loop scans the Attrs inside compile_unit DIEs. */
1327 /* We have to examine the attribute to figure out its
1328 length. */
1336 }
1344 /* Zero terminated string, step over it. */
1348 at_offset++;
1349 at_offset++;
1358 /* So, did we find the required stuff for a line number table in
1359 this DIE? If yes, read it. */
1362 ) {
1363 /* Table starts:
1364 Length:
1365 4 bytes, includes the entire table
1366 Base address:
1367 unclear (4? 8?), assuming native pointer size here.
1368 Then a sequence of triples
1369 (source line number -- 32 bits
1370 source line column -- 16 bits
1371 address delta -- 32 bits)
1372 */
1373 Addr base;
1374 Int len;
1387 UInt line;
1388 UShort col;
1389 UInt delta;
1403 }
1406 }
1407 }
1409 /* Move on the next DIE. */
1414 }
1415 #endif
1417 /*------------------------------------------------------------*/
1418 /*--- Read call-frame info from an .eh_frame section ---*/
1419 /*------------------------------------------------------------*/
1421 /* Sources of info:
1423 The DWARF3 spec, available from http://www.dwarfstd.org/Download.php
1425 This describes how to read CFA data from .debug_frame sections.
1426 So as to maximise everybody's annoyance and confusion, .eh_frame
1427 sections are almost the same as .debug_frame sections, but differ
1428 in a few subtle and ill documented but important aspects.
1430 Generic ELF Specification, sections 7.5 (DWARF Extensions) and 7.6
1431 (Exception Frames), available from
1433 http://www.linux-foundation.org/spec/book/ELF-generic/ELF-generic.html
1435 This really does describe .eh_frame, at least the aspects that
1436 differ from standard DWARF3. It's better than guessing, and
1437 (marginally) more fun than reading the gdb source code.
1438 */
1440 /* Useful info ..
1442 In general:
1443 gdb-6.3/gdb/dwarf2-frame.c
1445 gdb-6.3/gdb/i386-tdep.c:
1447 DWARF2/GCC uses the stack address *before* the function call as a
1448 frame's CFA. [jrs: I presume this means %esp before the call as
1449 the CFA].
1451 JRS: on amd64, the dwarf register numbering is, as per
1452 gdb-6.3/gdb/amd64-tdep.c and also amd64-abi-0.98.pdf:
1454 0 1 2 3 4 5 6 7
1455 RAX RDX RCX RBX RSI RDI RBP RSP
1457 8 ... 15
1458 R8 ... R15
1460 16 is the return address (RIP)
1461 "The table defines Return Address to have a register number,
1462 even though the address is stored in 0(%rsp) and not in a
1463 physical register."
1465 17 ... 24
1466 XMM0 ... XMM7
1468 25 ... 32
1469 XMM8 ... XMM15
1471 33 ... 40
1472 ST0 ... ST7
1474 41 ... 48
1475 MM0 ... MM7
1477 49 RFLAGS
1478 50,51,52,53,54,55 ES,CS,SS,DS,FS,GS
1479 58 FS.BASE (what's that?)
1480 59 GS.BASE (what's that?)
1481 62 TR (task register)
1482 63 LDTR (LDT register)
1483 64 MXCSR
1484 65 FCW (x87 control word)
1485 66 FSW (x86 status word)
1487 On x86 I cannot find any documentation. It _appears_ to be the
1488 actual instruction encoding, viz:
1490 0 1 2 3 4 5 6 7
1491 EAX ECX EDX EBX ESP EBP ESI EDI
1493 8 is the return address (EIP) */
1496 /* Comments re DW_CFA_set_loc, 16 Nov 06.
1498 JRS:
1499 Someone recently sent me a libcrypto.so.0.9.8 as distributed with
1500 Ubuntu of some flavour, compiled with gcc 4.1.2 on amd64. It
1501 causes V's CF reader to complain a lot:
1503 >> --19976-- DWARF2 CFI reader: unhandled CFI instruction 0:24
1504 >> --19976-- DWARF2 CFI reader: unhandled CFI instruction 0:24
1505 >> --19976-- DWARF2 CFI reader: unhandled CFI instruction 0:24
1506 >> --19976-- DWARF2 CFI reader: unhandled CFI instruction 0:24
1507 >> --19976-- DWARF2 CFI reader: unhandled CFI instruction 0:48
1508 >> --19976-- DWARF2 CFI reader: unhandled CFI instruction 0:24
1510 After chasing this around a bit it seems that the CF bytecode
1511 parser lost sync at a DW_CFA_set_loc, which has a single argument
1512 denoting an address.
1514 As it stands that address is extracted by read_Addr(). On amd64
1515 that just fetches 8 bytes regardless of anything else.
1517 read_encoded_Addr() is more sophisticated. This appears to take
1518 into account some kind of encoding flag. When I replace the uses
1519 of read_Addr by read_encoded_Addr for DW_CFA_set_loc, the
1520 complaints go away, there is no loss of sync, and the parsed CF
1521 instructions are the same as shown by readelf --debug-dump=frames.
1523 So it seems a plausible fix. The problem is I looked in the DWARF3
1524 spec and completely failed to figure out whether or not the arg to
1525 DW_CFA_set_loc is supposed to be encoded in a way suitable for
1526 read_encoded_Addr, nor for that matter any description of what it
1527 is that read_encoded_Addr is really decoding.
1529 TomH:
1530 The problem is that the encoding is not standard - the eh_frame
1531 section uses the same encoding as the dwarf_frame section except
1532 for a few small changes, and this is one of them. So this is not
1533 something the DWARF standard covers.
1535 There is an augmentation string to indicate what is going on though
1536 so that programs can recognise it.
1538 What we are doing seems to match what gdb 6.5 and libdwarf 20060614
1539 do though. I'm not sure about readelf though.
1541 (later): Well dwarfdump barfs on it:
1543 dwarfdump ERROR: dwarf_get_fde_info_for_reg:
1544 DW_DLE_DF_FRAME_DECODING_ERROR(193) (193)
1546 I've looked at binutils as well now, and the code in readelf agrees
1547 with your patch - ie it treats set_loc as having an encoded address
1548 if there is a zR augmentation indicating an encoding.
1550 Quite why gdb and libdwarf don't understand this is an interesting
1551 question...
1553 Final outcome: all uses of read_Addr were replaced by
1554 read_encoded_Addr. A new type AddressDecodingInfo was added to
1555 make it relatively clean to plumb through the extra info needed by
1556 read_encoded_Addr.
1557 */
1559 /* More badness re address encoding, 12 Jan 07.
1561 Most gcc provided CIEs have a "zR" augmentation, which means they
1562 supply their own address encoding, and that works fine. However,
1563 some icc9 supplied CIEs have no augmentation, which means they use
1564 the default_Addr_encoding(). That says to use a machine-word sized
1565 value, literally unmodified.
1567 Since .so's are, in general, relocated when loaded, having absolute
1568 addresses in the CFI data makes no sense when read_encoded_Addr is
1569 used to find the initial location for a FDE. The resulting saga:
1571 TomH:
1572 > I'm chasing a stack backtrace failure for an amd64 .so which was
1573 > created I believe by icc 9.1. After a while I wound up looking at
1574 > this: (readdwarf.c)
1575 >
1576 > 5083 tom static UChar default_Addr_encoding ( void )
1577 > 3584 tom {
1578 > 3584 tom switch (sizeof(Addr)) {
1579 > 3584 tom case 4: return DW_EH_PE_udata4;
1580 > 3584 tom case 8: return DW_EH_PE_udata8;
1581 > 3584 tom default: vg_assert(0);
1582 > 3584 tom }
1583 > 3584 tom }
1584 >
1585 > If a CIE does not have an "augmentation string" (typically "zR") then
1586 > addresses are decoded as described by default_Addr_encoding. If there
1587 > is an 'R' in the augmentation string then the encoding to use
1588 > is specified by the CIE itself, which works fine with GCC compiled code
1589 > since that always appears to specify zR.
1591 Correct.
1593 > Problem is this .so has no augmentation string and so uses the
1594 > default encoding, viz DW_EH_PE_udata8. That appears to mean
1595 > "read a 64 bit number" and use that as-is (for the starting value
1596 > of the program counter when running the CFA program).
1598 Strictly speaking the default is DW_EH_PE_absptr, but that amounts
1599 to either udata4 or udata8 depending on the platform's pointer size
1600 which is a shortcut I used.
1602 > For this .so that gives nonsense (very small) PCs which are later
1603 > rejected by the sanity check which ensures PC ranges fall inside
1604 > the mapped text segment. It seems like the .so expects to have the
1605 > start VMA of the text segment added on. This would correspond to
1606 >
1607 > static UChar default_Addr_encoding ( void )
1608 > {
1609 > switch (sizeof(Addr)) {
1610 > case 4: return DW_EH_PE_textrel + DW_EH_PE_udata4;
1611 > case 8: return DW_EH_PE_textrel + DW_EH_PE_udata8;
1612 > default: vg_assert(0);
1613 > }
1614 > }
1616 The problem you're seeing is that you have absolute pointers inside
1617 a shared library, which obviously makes little sense on the face of
1618 things as how would the linker know where the library will be
1619 loaded?
1621 The answer of course is that it doesn't, so if it points absolute
1622 pointers in the frame unwind data is has to include relocations for
1623 them, and I'm betting that if you look at the relocations in the
1624 library you will there are some for that data.
1626 That is fine of course when ld.so maps the library - it will
1627 relocate the eh_frame data as it maps it (or prelinking will
1628 already have done so) and when the g++ exception code kicks in and
1629 unwinds the stack it will see relocated data.
1631 We of course are mapping the section from the ELF file ourselves
1632 and are not applying the relocations, hence the problem you are
1633 seeing.
1635 Strictly speaking we should apply the relocations but the cheap
1636 solution is essentially to do what you've done - strictly speaking
1637 you should adjust by the difference between the address the library
1638 was linked for and the address it has been loaded at, but a shared
1639 library will normally be linked for address zero I believe. It's
1640 possible that prelinking might change that though?
1642 JRS:
1643 That all syncs with what I am seeing.
1645 So what I am inclined to do is:
1647 - Leave default_Addr_encoding as it is
1649 - Change read_encoded_Addr's handling of "case DW_EH_PE_absptr" so
1650 it sets base to, as you say, the difference between the address
1651 the library was linked for and the address it has been loaded at
1652 (== the SegInfo's text_bias)
1654 Does that sound sane? I think it should even handle the prelinked
1655 case.
1657 (JRS, later)
1659 Hmm. Plausible as it sounds, it doesn't work. It now produces
1660 bogus backtraces for locations inside the (statically linked)
1661 memcheck executable.
1663 Besides, there are a couple of other places where read_encoded_Addr
1664 is used -- one of which is used to establish the length of the
1665 address range covered by the current FDE:
1667 fde_arange = read_encoded_Addr(&nbytes, &adi, data);
1669 and it doesn't seem to make any sense for read_encoded_Addr to add
1670 on the text segment bias in that context. The DWARF3 spec says
1671 that both the initial_location and address_range (length) fields
1672 are encoded the same way ("target address"), so it is unclear at
1673 what stage in the process it would be appropriate to relocate the
1674 former but not the latter.
1676 One unprincipled kludge that does work is the following: just
1677 before handing one of the address range fragments off to
1678 ML_(addDiCfSI) for permanent storage, check its start address. If
1679 that is very low (less than 2 M), and is far below the mapped text
1680 segment, and adding the text bias would move the fragment entirely
1681 inside the mapped text segment, then do so. A kind of kludged
1682 last-minute relocation, if you like.
1684 12 Jan 07: committing said kludge (see kludge_then_addDiCfSI). If
1685 the situation clarifies, it can easily enough be backed out and
1686 replaced by a better fix.
1687 */
1689 /* --------------- Decls --------------- */
1691 #if defined(VGP_x86_linux) || defined(VGP_x86_solaris)
1692 # define FP_REG 5
1693 # define SP_REG 4
1694 # define RA_REG_DEFAULT 8
1695 #elif defined(VGP_amd64_linux) || defined(VGP_amd64_solaris)
1696 # define FP_REG 6
1697 # define SP_REG 7
1698 # define RA_REG_DEFAULT 16
1699 #elif defined(VGP_ppc32_linux)
1700 # define FP_REG 1
1701 # define SP_REG 1
1702 # define RA_REG_DEFAULT 65
1703 #elif defined(VGP_ppc64be_linux) || defined(VGP_ppc64le_linux)
1704 # define FP_REG 1
1705 # define SP_REG 1
1706 # define RA_REG_DEFAULT 65
1707 #elif defined(VGP_arm_linux)
1708 # define FP_REG 12
1709 # define SP_REG 13
1710 # define RA_REG_DEFAULT 14
1711 #elif defined(VGP_arm64_linux)
1712 # define FP_REG 29
1713 # define SP_REG 31
1714 # define RA_REG_DEFAULT 30
1715 #elif defined(VGP_x86_darwin)
1716 # define FP_REG 5
1717 # define SP_REG 4
1718 # define RA_REG_DEFAULT 8
1719 #elif defined(VGP_amd64_darwin)
1720 # define FP_REG 6
1721 # define SP_REG 7
1722 # define RA_REG_DEFAULT 16
1723 #elif defined(VGP_s390x_linux)
1727 #elif defined(VGP_mips32_linux)
1728 # define FP_REG 30
1729 # define SP_REG 29
1730 # define RA_REG_DEFAULT 31
1731 #elif defined(VGP_mips64_linux)
1732 # define FP_REG 30
1733 # define SP_REG 29
1734 # define RA_REG_DEFAULT 31
1735 #else
1737 #endif
1739 /* The number of regs we are prepared to unwind. The number for
1740 arm-linux (320) seems ludicrously high, but the ARM IHI 0040A page
1741 7 (DWARF for the ARM Architecture) specifies that values up to 320
1742 might exist, for Neon/VFP-v3. */
1743 #if defined(VGP_ppc32_linux) || defined(VGP_ppc64be_linux) \
1744 || defined(VGP_ppc64le_linux) || defined(VGP_mips32_linux) \
1745 || defined(VGP_mips64_linux)
1746 # define N_CFI_REGS 72
1747 #elif defined(VGP_arm_linux)
1748 # define N_CFI_REGS 320
1749 #elif defined(VGP_arm64_linux)
1750 # define N_CFI_REGS 128
1751 #elif defined(VGP_s390x_linux)
1752 # define N_CFI_REGS 66
1753 #else
1754 # define N_CFI_REGS 20
1755 #endif
1757 /* Instructions for the automaton */
1758 enum dwarf_cfa_primary_ops
1759 {
1764 };
1766 enum dwarf_cfa_secondary_ops
1767 {
1797 };
1799 #define DW_EH_PE_absptr 0x00
1800 #define DW_EH_PE_omit 0xff
1802 #define DW_EH_PE_uleb128 0x01
1803 #define DW_EH_PE_udata2 0x02
1804 #define DW_EH_PE_udata4 0x03
1805 #define DW_EH_PE_udata8 0x04
1806 #define DW_EH_PE_sleb128 0x09
1807 #define DW_EH_PE_sdata2 0x0A
1808 #define DW_EH_PE_sdata4 0x0B
1809 #define DW_EH_PE_sdata8 0x0C
1810 #define DW_EH_PE_signed 0x08
1812 #define DW_EH_PE_pcrel 0x10
1813 #define DW_EH_PE_textrel 0x20
1814 #define DW_EH_PE_datarel 0x30
1815 #define DW_EH_PE_funcrel 0x40
1816 #define DW_EH_PE_aligned 0x50
1818 #define DW_EH_PE_indirect 0x80
1821 /* RegRule and UnwindContext are used temporarily to do the unwinding.
1822 The result is then summarised into a sequence of CfiSIs, if
1823 possible. UnwindContext effectively holds the state of the
1824 abstract machine whilst it is running.
1826 The CFA can either be a signed offset from a register,
1827 or an expression:
1829 CFA = cfa_reg + cfa_off when UnwindContext.cfa_is_regoff==True
1830 | [[ cfa_expr_id ]]
1832 When .cfa_is_regoff == True, cfa_expr_id must be zero
1833 When .cfa_is_regoff == False, cfa_reg must be zero
1834 and cfa_off must be zero
1836 RegRule describes, for each register, how to get its
1837 value in the previous frame, where 'cfa' denotes the cfa
1838 for the frame as a whole:
1840 RegRule = RR_Undef -- undefined
1841 | RR_Same -- same as in previous frame
1842 | RR_CFAOff arg -- is at * ( cfa + arg )
1843 | RR_CFAValOff arg -- is ( cfa + arg )
1844 | RR_Reg arg -- is in register 'arg'
1845 | RR_Expr arg -- is at * [[ arg ]]
1846 | RR_ValExpr arg -- is [[ arg ]]
1848 Note that RR_Expr is redundant since the same can be represented
1849 using RR_ValExpr with an explicit dereference (CfiExpr_Deref) at
1850 the outermost level.
1852 All expressions are stored in exprs in the containing
1853 UnwindContext. Since the UnwindContext gets reinitialised for each
1854 new FDE, summarise_context needs to copy out any expressions it
1855 wants to keep into the cfsi_exprs field of the containing SegInfo.
1856 */
1857 typedef
1861 /* meaning: int offset for CFAoff/CFAValOff
1862 reg # for Reg
1863 expr index for Expr/ValExpr */
1864 Int arg;
1865 }
1866 RegRule;
1869 {
1882 }
1883 }
1886 /* Size of the stack of register unwind rules. This is only
1887 exceedingly rarely used, so a stack of size 1 should actually work
1888 with almost all compiler-generated CFA. */
1889 #define N_RR_STACK 4
1891 typedef
1893 /* Read-only fields (set by the CIE) */
1894 Int code_a_f;
1895 Int data_a_f;
1896 Addr initloc;
1897 Int ra_reg;
1898 /* The rest of these fields can be modified by
1899 run_CF_instruction. */
1900 /* The LOC entry */
1901 Addr loc;
1902 /* We need a stack of these in order to handle
1903 DW_CFA_{remember,restore}_state. */
1905 /* The CFA entry. This can be either reg+/-offset or an expr. */
1907 Int cfa_reg;
1910 /* Register unwind rules. */
1912 }
1915 currently-in-use rule set. */
1916 /* array of CfiExpr, shared by reg[] and cfa_expr_ix */
1918 }
1919 UnwindContext;
1922 {
1935 }
1940 }
1942 }
1945 {
1948 /* ctx->code_a_f = 0;
1949 ctx->data_a_f = 0;
1950 ctx->initloc = 0; */
1952 /* ctx->loc = 0;
1953 ctx->exprs = NULL;
1954 ctx->state_sp = 0; */
1957 /* ctx->state[j].cfa_reg = 0;
1958 ctx->state[j].cfa_off = 0;
1959 ctx->state[j].cfa_expr_ix = 0; */
1963 /* ctx->state[j].reg[i].arg = 0; */
1964 }
1965 # if defined(VGA_arm)
1966 /* All callee-saved registers (or at least the ones we are
1967 summarising for) should start out as RR_Same, on ARM. */
1969 /* ctx->state[j].reg[13].tag = RR_Same; */
1973 /* this can't be right though: R12 (IP) isn't callee saved. */
1974 # elif defined(VGA_arm64)
1975 /* Callee-saved registers (that we are interested in) should
1976 start out as RR_Same. */
1979 # endif
1980 }
1981 }
1984 /* A structure which holds information needed by read_encoded_Addr().
1985 */
1986 typedef
1988 UChar encoding;
1989 DiCursor ehframe_image;
1990 Addr ehframe_avma;
1991 Addr text_bias;
1992 Addr got_avma;
1993 }
1994 AddressDecodingInfo;
1997 /* ------------ Deal with summary-info records ------------ */
1999 /* --------------- Summarisation --------------- */
2001 /* Forward */
2002 static
2004 Int nd );
2006 /* Summarise ctx into si, if possible. Returns True if successful.
2007 This is taken to be just after ctx's loc advances; hence the
2008 summary is up to but not including the current loc. This works
2009 on both x86 and amd64.
2010 */
2014 Addr loc_start,
2017 {
2026 # if defined(VGP_s390x_linux)
2028 # endif
2030 /* Guard against obviously stupid settings of the reg-rule stack
2031 pointer. */
2036 /* First, summarise the method for generating the CFA */
2038 /* it was set by DW_CFA_def_cfa_expression; try to convert */
2040 Int conv;
2047 }
2048 conv = copy_convert_CfiExpr_tree
2056 }
2057 else
2060 # if defined(VGA_x86) || defined(VGA_amd64) || defined(VGA_s390x) \
2061 || defined(VGA_mips32) || defined(VGA_mips64)
2063 # elif defined(VGA_arm)
2065 # elif defined(VGA_arm64)
2067 # else
2069 # endif
2070 }
2071 else
2074 # if defined(VGA_x86) || defined(VGA_amd64) || defined(VGA_s390x) \
2075 || defined(VGA_mips32) || defined(VGA_mips64)
2077 # elif defined(VGA_arm)
2079 # elif defined(VGA_arm64)
2081 # else
2083 # endif
2084 }
2085 # if defined(VGA_arm)
2086 else
2090 }
2091 else
2095 }
2096 # elif defined(VGA_arm64)
2097 // do we need any arm64 specifics here?
2098 # endif
2102 }
2104 # define SUMMARISE_HOW(_how, _off, _ctxreg) \
2106 _off = 0; \
2107 switch (_ctxreg.tag) { \
2108 case RR_Undef: \
2109 _how = CFIR_UNKNOWN; _off = 0; break; \
2110 case RR_Same: \
2111 _how = CFIR_SAME; _off = 0; break; \
2112 case RR_CFAOff: \
2113 _how = CFIR_MEMCFAREL; _off = _ctxreg.arg; break; \
2114 case RR_CFAValOff: \
2115 _how = CFIR_CFAREL; _off = _ctxreg.arg; break; \
2116 case RR_ValExpr: { \
2117 XArray *src, *dst; \
2118 Int conv; \
2119 src = ctx->exprs; \
2120 dst = debuginfo->cfsi_exprs; \
2121 if (src && (VG_(sizeXA)(src) > 0) && (!dst)) { \
2122 dst = VG_(newXA)( ML_(dinfo_zalloc), \
2124 ML_(dinfo_free), \
2125 sizeof(CfiExpr) ); \
2126 debuginfo->cfsi_exprs = dst; \
2127 } \
2128 conv = copy_convert_CfiExpr_tree \
2129 ( dst, ctx, _ctxreg.arg ); \
2130 vg_assert(conv >= -1); \
2131 if (conv == -1) { why = 7; goto failed; } \
2132 _how = CFIR_EXPR; \
2133 _off = conv; \
2134 if (0 && debuginfo->ddump_frames) \
2135 ML_(ppCfiExpr)(dst, conv); \
2136 break; \
2137 } \
2138 case RR_Reg: \
2139 if (is_s390x_linux) { \
2141 _how = CFIR_S390X_F0; \
2142 _off = 0; \
2143 break; \
2144 } \
2146 _how = CFIR_S390X_F2; \
2147 _off = 0; \
2148 break; \
2149 } \
2151 _how = CFIR_S390X_F4; \
2152 _off = 0; \
2153 break; \
2154 } \
2156 _how = CFIR_S390X_F6; \
2157 _off = 0; \
2158 break; \
2159 } \
2161 _how = CFIR_S390X_F1; \
2162 _off = 0; \
2163 break; \
2164 } \
2166 _how = CFIR_S390X_F3; \
2167 _off = 0; \
2168 break; \
2169 } \
2171 _how = CFIR_S390X_F5; \
2172 _off = 0; \
2173 break; \
2174 } \
2176 _how = CFIR_S390X_F7; \
2177 _off = 0; \
2178 break; \
2179 } \
2180 } \
2182 why = 2; goto failed; \
2183 default: \
2185 }
2188 # if defined(VGA_x86) || defined(VGA_amd64)
2190 /* --- entire tail of this fn specialised for x86/amd64 --- */
2197 /* on x86/amd64, it seems the old %{e,r}sp value before the call is
2198 always the same as the CFA. Therefore ... */
2202 /* also, gcc says "Undef" for %{e,r}bp when it is unchanged. So
2203 .. */
2207 /* knock out some obviously stupid cases */
2211 /* bogus looking range? Note, we require that the difference is
2212 representable in 32 bits. */
2223 # elif defined(VGA_arm)
2225 /* ---- entire tail of this fn specialised for arm ---- */
2230 //SUMMARISE_HOW(si_m->r13_how, si_m->r13_off,
2231 // ctxs->reg[13] );
2244 /* Generate a trivial CfiExpr, which merely says "r14". First
2245 ensure this DebugInfo has a cfsi_expr array in which to park
2246 it. */
2253 Creg_ARM_R14);
2256 /* Just summarise it in the normal way */
2259 }
2261 /* on arm, it seems the old r13 (SP) value before the call is
2262 always the same as the CFA. Therefore ... */
2266 /* bogus looking range? Note, we require that the difference is
2267 representable in 32 bits. */
2278 # elif defined(VGA_arm64)
2280 /* --- entire tail of this fn specialised for arm64 --- */
2287 /* Generate a trivial CfiExpr, which merely says "x30". First
2288 ensure this DebugInfo has a cfsi_expr array in which to park
2289 it. */
2296 Creg_ARM64_X30);
2299 /* Just summarise it in the normal way */
2301 }
2303 /* on arm64, it seems the old SP value before the call is always
2304 the same as the CFA. Therefore ... */
2308 /* bogus looking range? Note, we require that the difference is
2309 representable in 32 bits. */
2320 # elif defined(VGA_s390x)
2322 /* --- entire tail of this fn specialised for s390 --- */
2347 /* change some defaults to consumable values */
2357 }
2367 Creg_S390_LR);
2368 }
2394 /* knock out some obviously stupid cases */
2398 /* bogus looking range? Note, we require that the difference is
2399 representable in 32 bits. */
2410 # elif defined(VGA_mips32) || defined(VGA_mips64)
2412 /* --- entire tail of this fn specialised for mips --- */
2428 }
2437 Creg_MIPS_RA);
2438 }
2452 # elif defined(VGA_ppc32) || defined(VGA_ppc64be) || defined(VGA_ppc64le)
2453 /* These don't use CFI based unwinding (is that really true?) */
2455 # else
2457 # endif
2459 /* --- non-specialised code after this point --- */
2461 # undef SUMMARISE_HOW
2463 failed:
2466 "summarise_context(loc_start = %#lx)"
2469 }
2471 }
2473 /* Copy the tree rooted at srcuc->exprs node srcix to dstxa, on the
2474 way converting any DwReg regs (regs numbered using the Dwarf scheme
2475 defined by each architecture's ABI) into CfiRegs, which are
2476 platform independent. If the conversion isn't possible because
2477 there is no equivalent register, return -1. This has the
2478 undesirable side effect of de-dagifying the input; oh well. */
2481 Int srcix )
2482 {
2509 /* should not see these in input (are created only by this
2510 conversion step!) */
2513 /* This is the only place where the conversion can fail. */
2516 # if defined(VGA_x86) || defined(VGA_amd64)
2523 # elif defined(VGA_arm)
2530 # elif defined(VGA_s390x)
2537 # elif defined(VGA_mips32) || defined(VGA_mips64)
2544 # elif defined(VGA_arm64)
2545 I_die_here;
2546 # elif defined(VGA_ppc32) || defined(VGA_ppc64be) \
2547 || defined(VGA_ppc64le)
2548 # else
2550 # endif
2551 /* else we must fail - can't represent the reg */
2553 }
2556 }
2557 }
2561 {
2573 }
2581 }
2584 /* ------------ Pick apart DWARF2 byte streams ------------ */
2587 {
2594 }
2595 }
2598 {
2600 Long s64;
2607 }
2609 }
2612 {
2617 }
2618 }
2621 {
2631 }
2632 }
2636 {
2637 /* Regarding the handling of DW_EH_PE_absptr. DWARF3 says this
2638 denotes an absolute address, hence you would think 'base' is
2639 zero. However, that is nonsensical (unless relocations are to
2640 be applied to the unwind data before reading it, which sounds
2641 unlikely). My interpretation is that DW_EH_PE_absptr indicates
2642 an address relative to where the object was loaded (technically,
2643 relative to its stated load VMA, hence the use of text_bias
2644 rather than text_avma). Hmm, should we use text_bias or
2645 text_avma here? Not sure.
2647 This view appears to be supported by DWARF3 spec sec 7.3
2648 "Executable Objects and Shared Objects":
2650 This requirement makes the debugging information for shared
2651 objects position independent. Virtual addresses in a shared
2652 object may be calculated by adding the offset to the base
2653 address at which the object was attached. This offset is
2654 available in the run-time linker's data structures.
2655 */
2656 Addr base;
2657 Word offset;
2688 }
2692 }
2712 }
2713 }
2716 /* ------------ Run/show DWARF3 expressions ---------- */
2718 /* Convert the DWARF3 expression in expr[0 .. exprlen-1] into a dag
2719 (of CfiExprs) stored in ctx->exprs, and return the index in
2720 ctx->exprs of the root node. Or fail in which case return -1. */
2721 /* IMPORTANT: when adding expression forms here, also remember to
2722 add suitable evaluation code in evalCfiExpr in debuginfo.c. */
2725 Bool push_cfa_at_start,
2726 Bool ddump_frames )
2727 {
2728 # define N_EXPR_STACK 20
2730 # define PUSH(_arg) \
2731 do { \
2732 vg_assert(sp >= -1 && sp < N_EXPR_STACK); \
2733 if (sp == N_EXPR_STACK-1) \
2734 return -1; \
2735 sp++; \
2736 stack[sp] = (_arg); \
2737 } while (0)
2739 # define POP(_lval) \
2740 do { \
2741 vg_assert(sp >= -1 && sp < N_EXPR_STACK); \
2742 if (sp == -1) \
2743 return -1; \
2744 _lval = stack[sp]; \
2745 sp--; \
2746 } while (0)
2749 UChar opcode;
2750 Word sw;
2751 UWord uw;
2752 CfiUnop uop;
2753 CfiBinop bop;
2768 /* Synthesise the CFA as a CfiExpr */
2771 /* cfa is reg +/- offset */
2773 Cbinop_Add,
2776 );
2779 /* CFA is already an expr; use its root node */
2781 }
2782 }
2792 /* end of expr - return expr on the top of stack. */
2795 else
2797 }
2805 /* push: literal 0 .. 31 */
2814 /* push: reg + sleb128 */
2819 Cbinop_Add,
2822 );
2829 /* push: reg */
2849 /* push: 32-bit signed immediate */
2857 /* push: 16-bit signed immediate */
2865 /* push: 8-bit signed immediate */
2873 /* push: 8-bit unsigned immediate */
2881 /* push: 16-bit unsigned immediate */
2889 /* push: 32-bit unsigned immediate */
2902 unop:
2933 binop:
2957 "Warning: DWARF2 CFI reader: unhandled DW_OP_ "
2960 }
2965 }
2975 # undef POP
2976 # undef PUSH
2977 # undef N_EXPR_STACK
2978 }
2981 /* ------------ Run/show CFI instructions ------------ */
2983 /* Run a CFI instruction, and also return its length.
2984 Returns 0 if the instruction could not be executed.
2985 */
2987 DiCursor instrIN,
2991 {
2993 UInt delta;
3014 }
3017 /* Set rule for reg 'lo6' to CFAOff(off * data_af) */
3030 }
3042 }
3052 /* WAS:
3053 ctx->loc = read_Addr(&instr[i]) - ctx->initloc; i+= sizeof(Addr);
3054 Was this ever right? */
3055 /* 2007 Feb 23: No. binutils/dwarf.c treats it as an encoded
3056 address and that appears to be in accordance with the
3057 DWARF3 spec. */
3147 reg,
3203 /* ->cfa_off unchanged */
3212 /* ->reg is unchanged */
3222 /* ->reg is unchanged */
3249 /* No idea what is supposed to happen. gdb-6.3 simply
3250 ignores these. */
3257 /* Identical to DW_CFA_val_expression except that the value
3258 computed is an address and so needs one final
3259 dereference. */
3260 DiCursor expr;
3270 /* Convert the expression into a dag rooted at ctx->exprs index j,
3271 or fail. */
3280 }
3283 /* Add an extra dereference */
3288 }
3291 DiCursor expr;
3301 /* Convert the expression into a dag rooted at ctx->exprs index j,
3302 or fail. */
3311 }
3317 }
3320 DiCursor expr;
3326 /* Convert the expression into a dag rooted at ctx->exprs index j,
3327 or fail. */
3337 }
3340 /* Ignored. This appears to be sparc-specific; quite why it
3341 turns up in SuSE-supplied x86 .so's beats me. */
3349 /* we just checked this at entry, so: */
3353 /* stack overflow. We're hosed. */
3361 }
3367 /* we just checked this at entry, so: */
3370 /* stack undefflow. Give up. */
3373 /* simply fall back to previous entry */
3375 }
3389 /*NOTREACHED*/
3390 }
3393 }
3396 /* Show a CFI instruction, and also return its length. Show it as
3397 close as possible (preferably identical) to how GNU binutils
3398 readelf --debug-dump=frames would. */
3403 {
3405 UInt delta;
3406 Addr loc;
3424 }
3429 }
3437 }
3442 }
3453 /* WAS: loc = read_Addr(&instr[i]); i+= sizeof(Addr);
3454 (now known to be incorrect -- the address is encoded) */
3605 }
3608 }
3611 /* Show the instructions in instrs[0 .. ilen-1]. */
3615 {
3621 }
3622 }
3625 /* Run the CF instructions in instrs[0 .. ilen-1], until the end is
3626 reached, or until there is a failure. Return True iff success.
3627 */
3628 static
3630 Bool record,
3632 UWord fde_arange,
3635 {
3636 Addr base;
3637 UInt len;
3638 DiCfSI_m cfsi_m;
3639 Bool summ_ok;
3641 Addr loc_prev;
3662 }
3663 }
3664 }
3675 }
3676 }
3677 }
3679 }
3682 /* ------------ Main entry point for CFI reading ------------ */
3684 typedef
3686 /* This gives the CIE an identity to which FDEs will refer. */
3687 ULong offset;
3688 /* Code, data factors. */
3689 Int code_a_f;
3690 Int data_a_f;
3691 /* Return-address pseudo-register. */
3692 Int ra_reg;
3693 UChar address_encoding;
3694 /* Where are the instrs? */
3695 DiCursor instrs;
3696 Int ilen;
3697 /* God knows .. don't ask */
3698 Bool saw_z_augmentation;
3699 }
3700 CIE;
3703 {
3712 }
3717 /* Read, summarise and store CFA unwind info from .eh_frame and
3718 .debug_frame sections. is_ehframe tells us which kind we are
3719 dealing with -- they are slightly different. */
3723 {
3729 UWord cfsi_used_orig;
3731 /* If we're dealing with a .debug_frame, assume zero frame_avma. */
3735 # if defined(VGP_ppc32_linux) || defined(VGP_ppc64be_linux) \
3736 || defined(VGP_ppc64le_linux)
3737 /* These targets don't use CFI-based stack unwinding. */
3739 # endif
3741 /* If we read more than one .debug_frame or .eh_frame for this
3742 DebugInfo*, the second and subsequent reads should only add FDEs
3743 for address ranges not already covered by the FDEs already
3744 present. To be able to quickly check which address ranges are
3745 already present, any existing records (DiCFSIs) must be sorted,
3746 so we can binary-search them in the code below. We also record
3747 di->cfsi_used so that we know where the boundary is between
3748 existing and new records. */
3751 }
3759 }
3761 /* Loop over CIEs/FDEs */
3763 /* Conceptually, the frame info is a sequence of FDEs, one for each
3764 function. Inside an FDE is a miniature program for a special
3765 state machine, which, when run, produces the stack-unwinding
3766 info for that function.
3768 Because the FDEs typically have much in common, and because the
3769 DWARF designers appear to have been fanatical about space
3770 saving, the common parts are factored out into so-called CIEs.
3771 That means that what we traverse is a sequence of structs, each
3772 of which is either a FDE (usually) or a CIE (occasionally).
3773 Each FDE has a field indicating which CIE is the one pertaining
3774 to it.
3776 The following loop traverses the sequence. FDEs are dealt with
3777 immediately; once we harvest the useful info in an FDE, it is
3778 then forgotten about. By contrast, CIEs are validated and
3779 dumped into an array, because later FDEs may refer to any
3780 previously-seen CIE.
3781 */
3783 DiCursor ciefde_start;
3784 ULong ciefde_len;
3785 ULong cie_pointer;
3786 Bool dw64;
3788 /* Are we done? */
3792 /* Overshot the end? Means something is wrong */
3796 }
3798 /* Ok, we must be looking at the start of a new CIE or FDE.
3799 Figure out which it is. */
3810 /* Apparently, if the .length field is zero, we are at the end
3811 of the sequence. This is stated in the Generic Elf
3812 Specification (see comments far above here) and is one of the
3813 places where .eh_frame and .debug_frame data differ. */
3819 }
3821 /* If the .length field is 0xFFFFFFFF then we're dealing with
3822 64-bit DWARF, and the real length is stored as a 64-bit
3823 number immediately following it. */
3828 }
3830 /* Now get the CIE ID, whose size depends on the DWARF 32 vs
3831 64-ness. */
3833 /* see XXX below */
3836 /* see XXX below */
3838 }
3843 /* If cie_pointer is zero for .eh_frame or all ones for .debug_frame,
3844 we've got a CIE; else it's an FDE. */
3848 Int this_CIE;
3849 UChar cie_version;
3850 DiCursor cie_augmentation;
3852 /* --------- CIE --------- */
3856 /* Allocate a new CIE record. */
3862 }
3865 n_CIEs++;
3868 /* Record its offset. This is how we will find it again
3869 later when looking at an FDE. */
3887 }
3899 }
3906 }
3912 }
3916 }
3917 }
3939 }
3951 }
3960 UInt i;
3966 }
3969 }
3997 }
4000 }
4001 }
4003 done_augmentation:
4013 //VG_(printf)("cie.instrs = %p\n", the_CIEs[this_CIE].instrs);
4015 }
4021 }
4025 /* Show the CIE's instructions (the preamble for each FDE
4026 that uses this CIE). */
4031 AddressDecodingInfo adi;
4041 }
4048 AddressDecodingInfo adi;
4050 Int cie;
4051 ULong look_for;
4052 Bool ok;
4053 Addr fde_initloc;
4054 UWord fde_arange;
4055 DiCursor fde_instrs;
4056 Int fde_ilen;
4058 /* --------- FDE --------- */
4060 /* Find the relevant CIE. The CIE we want is located
4061 cie_pointer bytes back from here. */
4063 /* re sizeof(UInt) / sizeof(ULong), matches XXX above. */
4068 else
4076 }
4081 }
4098 /* WAS (incorrectly):
4099 fde_arange = read_encoded_Addr(&nbytes, &adi, data);
4100 data += nbytes;
4101 The following corresponds to what binutils/dwarf.c does:
4102 */
4106 fde_arange
4112 }
4113 }
4130 UInt i;
4136 }
4138 }
4144 //VG_(printf)("fde.instrs = %p\n", fde_instrs);
4146 }
4151 }
4155 /* If this object's DebugInfo* had some DiCFSIs from a
4156 previous .eh_frame or .debug_frame read, we must check
4157 that we're not adding a duplicate. */
4164 /* current unsearched space is from lo to hi, inclusive. */
4173 }
4176 }
4178 /* The range this .debug_frame FDE covers has been already
4179 covered in .eh_frame section. Don't add it from .debug_frame
4180 section again. */
4183 }
4205 /* Run the CIE's instructions. Ugly hack: if
4206 --debug-dump=frames is in effect, suppress output for
4207 these instructions since they will already have been shown
4208 at the time the CIE was first encountered. Note, not
4209 thread safe - if this reader is ever made threaded, should
4210 fix properly. */
4217 );
4219 }
4220 /* And now run the instructions for the FDE, starting from
4221 the state created by running the CIE preamble
4222 instructions. */
4228 );
4231 }
4234 }
4235 }
4239 bad:
4244 }
4248 /*--------------------------------------------------------------------*/
4249 /*--- end ---*/
4250 /*--------------------------------------------------------------------*/