| blob | e9a3816a58472b58a968737417c439ee03eaa151 |
1 /* -*- mode: C; c-basic-offset: 3; -*- */
3 /*--------------------------------------------------------------------*/
4 /*--- Read DWARF3/4 ".debug_info" sections (DIE trees). ---*/
5 /*--- readdwarf3.c ---*/
6 /*--------------------------------------------------------------------*/
8 /*
9 This file is part of Valgrind, a dynamic binary instrumentation
10 framework.
12 Copyright (C) 2008-2017 OpenWorks LLP
13 info@open-works.co.uk
15 This program is free software; you can redistribute it and/or
16 modify it under the terms of the GNU General Public License as
17 published by the Free Software Foundation; either version 2 of the
18 License, or (at your option) any later version.
20 This program is distributed in the hope that it will be useful, but
21 WITHOUT ANY WARRANTY; without even the implied warranty of
22 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
23 General Public License for more details.
25 You should have received a copy of the GNU General Public License
26 along with this program; if not, write to the Free Software
27 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
28 02111-1307, USA.
30 The GNU General Public License is contained in the file COPYING.
32 Neither the names of the U.S. Department of Energy nor the
33 University of California nor the names of its contributors may be
34 used to endorse or promote products derived from this software
35 without prior written permission.
36 */
38 #if defined(VGO_linux) || defined(VGO_darwin) || defined(VGO_solaris)
40 /* REFERENCE (without which this code will not make much sense):
42 DWARF Debugging Information Format, Version 3,
43 dated 20 December 2005 (the "D3 spec").
45 Available at http://www.dwarfstd.org/Dwarf3.pdf. There's also a
46 .doc (MS Word) version, but for some reason the section numbers
47 between the Word and PDF versions differ by 1 in the first digit.
48 All section references in this code are to the PDF version.
50 CURRENT HACKS:
52 DW_TAG_{const,volatile}_type no DW_AT_type is allowed; it is
53 assumed to mean "const void" or "volatile void" respectively.
54 GDB appears to interpret them like this, anyway.
56 In many cases it is important to know the svma of a CU (the "base
57 address of the CU", as the D3 spec calls it). There are some
58 situations in which the spec implies this value is unknown, but the
59 Dwarf3 produced by gcc-4.1 seems to assume is not unknown but
60 merely zero when not explicitly stated. So we too have to make
61 that assumption.
63 POTENTIAL BUG? Spotted 6 Sept 08. Why doesn't
64 unitary_range_list() bias the resulting range list in the same way
65 that its more general cousin, get_range_list(), does? I don't
66 know.
68 TODO, 2008 Feb 17:
70 get rid of cu_svma_known and document the assumed-zero svma hack.
72 ML_(sizeOfType): differentiate between zero sized types and types
73 for which the size is unknown. Is this important? I don't know.
75 DW_TAG_array_types: deal with explicit sizes (currently we compute
76 the size from the bounds and the element size, although that's
77 fragile, if the bounds incompletely specified, or completely
78 absent)
80 Document reason for difference (by 1) of stack preening depth in
81 parse_var_DIE vs parse_type_DIE.
83 Don't hand to ML_(addVars), vars whose locations are entirely in
84 registers (DW_OP_reg*). This is merely a space-saving
85 optimisation, as ML_(evaluate_Dwarf3_Expr) should handle these
86 expressions correctly, by failing to evaluate them and hence
87 effectively ignoring the variable with which they are associated.
89 Deal with DW_TAG_array_types which have element size != stride
91 In some cases, the info for a variable is split between two
92 different DIEs (generally a declarer and a definer). We punt on
93 these. Could do better here.
95 The 'data_bias' argument passed to the expression evaluator
96 (ML_(evaluate_Dwarf3_Expr)) should really be changed to a
97 MaybeUWord, to make it clear when we do vs don't know what it is
98 for the evaluation of an expression. At the moment zero is passed
99 for this parameter in the don't know case. That's a bit fragile
100 and obscure; using a MaybeUWord would be clearer.
102 POTENTIAL PERFORMANCE IMPROVEMENTS:
104 Currently, duplicate removal and all other queries for the type
105 entities array is done using cuOffset-based pointing, which
106 involves a binary search (VG_(lookupXA)) for each access. This is
107 wildly inefficient, although simple. It would be better to
108 translate all the cuOffset-based references (iow, all the "R" and
109 "Rs" fields in the TyEnts in 'tyents') to direct index numbers in
110 'tyents' right at the start of dedup_types(), and use direct
111 indexing (VG_(indexXA)) wherever possible after that.
113 cmp__XArrays_of_AddrRange is also a performance bottleneck. Move
114 VG_(indexXA) into pub_tool_xarray.h so it can be inlined at all use
115 points, and possibly also make an _UNCHECKED version which skips
116 the range checks in performance-critical situations such as this.
118 Handle interaction between read_DIE and parse_{var,type}_DIE
119 better. Currently read_DIE reads the entire DIE just to find where
120 the end is (and for debug printing), so that it can later reliably
121 move the cursor to the end regardless of what parse_{var,type}_DIE
122 do. This means many DIEs (most, even?) are read twice. It would
123 be smarter to make parse_{var,type}_DIE return a Bool indicating
124 whether or not they advanced the DIE cursor, and only if they
125 didn't should read_DIE itself read through the DIE.
127 ML_(addVar) and add_var_to_arange: quite a lot of DiAddrRanges have
128 zero variables in their .vars XArray. Rather than have an XArray
129 with zero elements (which uses 2 malloc'd blocks), allow the .vars
130 pointer to be NULL in this case.
132 More generally, reduce the amount of memory allocated and freed
133 while reading Dwarf3 type/variable information. Even modest (20MB)
134 objects cause this module to allocate and free hundreds of
135 thousands of small blocks, and ML_(arena_malloc) and its various
136 groupies always show up at the top of performance profiles. */
157 /*------------------------------------------------------------*/
158 /*--- ---*/
159 /*--- Basic machinery for parsing DIEs. ---*/
160 /*--- ---*/
161 /*------------------------------------------------------------*/
163 #define TRACE_D3(format, args...) \
164 if (UNLIKELY(td3)) { VG_(printf)(format, ## args); }
165 #define TD3 (UNLIKELY(td3))
167 #define D3_INVALID_CUOFF ((UWord)(-1UL))
168 #define D3_FAKEVOID_CUOFF ((UWord)(-2UL))
170 typedef
176 }
177 Cursor;
187 }
189 // Initialise a cursor from a DiSlice (ELF section, really) so as to
190 // start reading at offset |sli_initial_offset| from the start of the
191 // slice.
193 DiSlice sli,
194 ULong sli_initial_offset,
197 {
205 }
210 }
215 }
219 }
223 }
228 }
230 //static void* get_address_of_Cursor ( Cursor* c ) {
231 // vg_assert(is_sane_Cursor(c));
232 // return &c->region_start_img[ c->region_next ];
233 //}
237 }
239 /* FIXME: document assumptions on endianness for
240 get_UShort/UInt/ULong. */
242 UChar r;
246 /*NOTREACHED*/
248 }
252 }
254 UShort r;
258 /*NOTREACHED*/
260 }
264 }
266 UInt r;
270 /*NOTREACHED*/
272 }
276 }
278 ULong r;
282 /*NOTREACHED*/
284 }
288 }
290 ULong result;
291 Int shift;
292 UChar byte;
293 /* unroll first iteration */
298 /* end unroll first iteration */
305 }
309 UChar byte;
318 }
320 /* Assume 'c' points to the start of a string. Return a DiCursor of
321 whatever it points at, and advance it past the terminating zero.
322 This makes it safe for the caller to then copy the string with
323 ML_(addStr), since (w.r.t. image overruns) the process of advancing
324 past the terminating zero will already have "vetted" the string. */
326 UChar uc;
330 }
337 }
343 }
347 }
354 }
356 /* Read a DWARF3 'Initial Length' field */
360 {
361 ULong w64;
362 UInt w32;
367 }
374 }
376 }
379 /*------------------------------------------------------------*/
380 /*--- ---*/
381 /*--- "CUConst" structure ---*/
382 /*--- ---*/
383 /*------------------------------------------------------------*/
385 typedef
392 /* skip_szB and next_nf are used to optimise the skipping of uninteresting DIEs.
393 Each name_form maintains how many (fixed) nr of bytes can be skipped from
394 the beginning of this form till the next attr/form to look at.
395 The next form to look can be:
396 an 'interesting' attr/form to read while skipping a DIE
397 (currently, this is only DW_AT_sibling)
398 or
399 a variable length form which must be read to be skipped.
400 For a variable length form, the skip_szB will be equal to VARSZ_FORM.
402 Note: this technique could also be used to speed up the parsing
403 of DIEs : for each parser kind, we could have the nr of bytes
404 to skip to directly reach the interesting form(s) for the parser. */
406 typedef
410 ULong atag;
411 ULong has_children;
413 /* Variable-length array of name/form pairs, terminated
414 by a 0/0 pair.
415 The skip_szB/next_nf allows to skip efficiently a DIE
416 described by this g_abbv; */
419 /* Holds information that is constant through the parsing of a
420 Compilation Unit. This is basically plumbed through to
421 everywhere. */
422 typedef
424 /* Call here if anything goes wrong */
426 /* Is this 64-bit DWARF ? */
427 Bool is_dw64;
428 /* Which DWARF version ? (2, 3 or 4) */
429 UShort version;
430 /* Length of this Compilation Unit, as stated in the
431 .unit_length :: InitialLength field of the CU Header.
432 However, this size (as specified by the D3 spec) does not
433 include the size of the .unit_length field itself, which is
434 either 4 or 12 bytes (32-bit or 64-bit Dwarf3). That value
435 can be obtained through the expression ".is_dw64 ? 12 : 4". */
436 ULong unit_length;
437 /* Offset of start of this unit in .debug_info */
438 UWord cu_start_offset;
439 /* SVMA for this CU. In the D3 spec, is known as the "base
440 address of the compilation unit (last para sec 3.1.1).
441 Needed for (amongst things) interpretation of location-list
442 values. */
443 Addr cu_svma;
444 Bool cu_svma_known;
446 /* The debug_abbreviations table to be used for this Unit */
447 //UChar* debug_abbv;
448 /* Upper bound on size thereof (an overestimate, in general) */
449 //UWord debug_abbv_maxszB;
450 /* A bounded area of the image, to be used as the
451 debug_abbreviations table tobe used for this Unit. */
452 DiSlice debug_abbv;
454 /* Image information for various sections. */
455 DiSlice escn_debug_str;
456 DiSlice escn_debug_ranges;
457 DiSlice escn_debug_loc;
458 DiSlice escn_debug_line;
459 DiSlice escn_debug_info;
460 DiSlice escn_debug_types;
461 DiSlice escn_debug_info_alt;
462 DiSlice escn_debug_str_alt;
463 /* How much to add to .debug_types resp. alternate .debug_info offsets
464 in cook_die*. */
465 UWord types_cuOff_bias;
466 UWord alt_cuOff_bias;
467 /* --- Needed so we can add stuff to the string table. --- */
469 /* --- a hash table of g_abbv (i.e. parsed abbreviations) --- */
472 /* True if this came from .debug_types; otherwise it came from
473 .debug_info. */
474 Bool is_type_unit;
475 /* For a unit coming from .debug_types, these hold the TU's type
476 signature and the uncooked DIE offset of the TU's signatured
477 type. For a unit coming from .debug_info, these are unused. */
478 ULong type_signature;
479 ULong type_offset;
481 /* Signatured type hash; computed once and then shared by all
482 CUs. */
485 /* True if this came from alternate .debug_info; otherwise
486 it came from normal .debug_info or .debug_types. */
487 Bool is_alt_info;
488 }
489 CUConst;
492 /* Return the cooked value of DIE depending on whether CC represents a
493 .debug_types unit. To cook a DIE, we pretend that the .debug_info,
494 .debug_types and optional alternate .debug_info sections form
495 a contiguous whole, so that DIEs coming from .debug_types are numbered
496 starting at the end of .debug_info and DIEs coming from alternate
497 .debug_info are numbered starting at the end of .debug_types. */
499 {
505 }
507 /* Like cook_die, but understand that DIEs coming from a
508 DW_FORM_ref_sig8 reference are already cooked. Also, handle
509 DW_FORM_GNU_ref_alt from within primary .debug_info or .debug_types
510 as reference to alternate .debug_info. */
512 {
518 }
520 /* Return the uncooked offset of DIE and set *TYPE_FLAG to true if the DIE
521 came from the .debug_types section and *ALT_FLAG to true if the DIE
522 came from alternate .debug_info section. */
525 {
528 /* The use of escn_debug_{info,types}.szB seems safe to me even if
529 escn_debug_{info,types} are DiSlice_INVALID (meaning the
530 sections were not found), because DiSlice_INVALID.szB is always
531 zero. That said, it seems unlikely we'd ever get here if
532 .debug_info or .debug_types were missing. */
540 }
541 }
543 }
545 /*------------------------------------------------------------*/
546 /*--- ---*/
547 /*--- Helper functions for Guarded Expressions ---*/
548 /*--- ---*/
549 /*------------------------------------------------------------*/
551 /* Parse the location list starting at img-offset 'debug_loc_offset'
552 in .debug_loc. Results are biased with 'svma_of_referencing_CU'
553 and so I believe are correct SVMAs for the object as a whole. This
554 function allocates the UChar*, and the caller must deallocate it.
555 The resulting block is in so-called Guarded-Expression format.
557 Guarded-Expression format is similar but not identical to the DWARF3
558 location-list format. The format of each returned block is:
560 UChar biasMe;
561 UChar isEnd;
562 followed by zero or more of
564 (Addr aMin; Addr aMax; UShort nbytes; ..bytes..; UChar isEnd)
566 '..bytes..' is an standard DWARF3 location expression which is
567 valid when aMin <= pc <= aMax (possibly after suitable biasing).
569 The number of bytes in '..bytes..' is nbytes.
571 The end of the sequence is marked by an isEnd == 1 value. All
572 previous isEnd values must be zero.
574 biasMe is 1 if the aMin/aMax fields need this DebugInfo's
575 text_bias added before use, and 0 if the GX is this is not
576 necessary (is ready to go).
578 Hence the block can be quickly parsed and is self-describing. Note
579 that aMax is 1 less than the corresponding value in a DWARF3
580 location list. Zero length ranges, with aMax == aMin-1, are not
581 allowed.
582 */
583 /* 2008-sept-12: moved ML_(pp_GX) from here to d3basics.c, where
584 it more logically belongs. */
587 /* Apply a text bias to a GX. */
589 {
590 UShort nbytes;
593 UChar uc;
604 /* t-bias aMin */
608 /* t-bias aMax */
612 /* nbytes, and actual expression */
615 }
616 }
620 {
621 SizeT bytesReqd;
627 bytesReqd
651 }
655 Bool td3,
656 ULong debug_loc_offset,
657 Addr svma_of_referencing_CU )
658 {
659 Addr base;
660 Cursor loc;
663 Word nbytes;
676 /* Who frees this xa? It is freed before this fn exits. */
685 Bool acquire;
686 UWord len;
687 /* Read a (host-)word pair. This is something of a hack since
688 the word size to read is really dictated by the ELF file;
689 however, we assume we're reading a file with the same
690 word-sizeness as the host. Reasonably enough. */
699 /* new value for 'base' */
702 }
704 /* else a location expression follows */
705 /* else enumerate [w1+base, w2+base) */
706 /* w2 is 1 past end of range, as per D3 defn for "DW_AT_high_pc"
707 (sec 2.17.2) */
711 debug_loc_offset);
713 }
715 /* ignore zero length ranges */
720 UWord w;
721 UShort s;
722 UChar c;
731 }
738 len--;
739 }
741 }
758 }
761 /*------------------------------------------------------------*/
762 /*--- ---*/
763 /*--- Helper functions for range lists and CU headers ---*/
764 /*--- ---*/
765 /*------------------------------------------------------------*/
767 /* Denotes an address range. Both aMin and aMax are included in the
768 range; hence a complete range is (0, ~0) and an empty range is any
769 (X, X-1) for X > 0.*/
770 typedef
772 AddrRange;
775 /* Generate an arbitrary structural total ordering on
776 XArray* of AddrRange. */
779 {
793 }
795 }
800 {
802 /* Who frees this xa? varstack_preen() does. */
807 }
812 {
814 AddrRange pair;
816 /* Who frees this xa? varstack_preen() does. */
824 }
827 /* Enumerate the address ranges starting at img-offset
828 'debug_ranges_offset' in .debug_ranges. Results are biased with
829 'svma_of_referencing_CU' and so I believe are correct SVMAs for the
830 object as a whole. This function allocates the XArray, and the
831 caller must deallocate it. */
835 Bool td3,
836 UWord debug_ranges_offset,
837 Addr svma_of_referencing_CU )
838 {
839 Addr base;
840 Cursor ranges;
842 AddrRange pair;
852 /* Who frees this xa? varstack_preen() does. */
857 /* Read a (host-)word pair. This is something of a hack since
858 the word size to read is really dictated by the ELF file;
859 however, we assume we're reading a file with the same
860 word-sizeness as the host. Reasonably enough. */
868 /* new value for 'base' */
871 }
873 /* else enumerate [w1+base, w2+base) */
874 /* w2 is 1 past end of range, as per D3 defn for "DW_AT_high_pc"
875 (sec 2.17.2) */
883 }
884 }
886 }
888 #define VARSZ_FORM 0xffffffff
891 /* Initialises the hash table of abbreviations.
892 We do a single scan of the abbv slice to parse and
893 build all abbreviations, for the following reasons:
894 * all or most abbreviations will be needed in any case
895 (at least for var-info reading).
896 * re-reading each time an abbreviation causes a lot of calls
897 to get_ULEB128.
898 * a CU should not have many abbreviations. */
900 Bool td3)
901 {
902 Cursor c;
907 Int i;
909 #define SZ_G_ABBV(_nf_szE) (sizeof(g_abbv) + _nf_szE * sizeof(name_form))
932 }
936 ta_nf_n++;
938 }
939 ta_nf_n++;
940 }
942 // Initialises the skip_szB/next_nf elements : an element at position
943 // i must contain the sum of its own size + the sizes of all elements
944 // following i till either the next variable size element, the next
945 // sibling element or the end of the DIE.
961 }
962 }
971 ta_nf_n);
976 }
977 }
980 #undef SZ_G_ABBV
981 }
984 {
991 }
993 /* Free the memory allocated in CUConst. */
995 {
998 }
1000 /* Parse the Compilation Unit header indicated at 'c' and
1001 initialise 'cc' accordingly. */
1004 Bool td3,
1006 DiSlice escn_debug_abbv,
1007 Bool type_unit,
1008 Bool alt_info )
1009 {
1010 UChar address_size;
1011 ULong debug_abbrev_offset;
1017 /* initial_length field */
1018 cc->unit_length
1024 /* version */
1030 /* debug_abbrev_offset */
1036 /* address size. If this isn't equal to the host word size, just
1037 give up. This makes it safe to assume elsewhere that
1038 DW_FORM_addr and DW_FORM_ref_addr can be treated as a host
1039 word. */
1051 }
1053 /* Set up cc->debug_abbv to point to the relevant table for this
1054 CU. Set its .szB so that at least we can't read off the end of
1055 the debug_abbrev section -- potentially (and quite likely) too
1056 big, if this isn't the last table in the section, but at least
1057 it's safe.
1059 This amounts to taking debug_abbv_escn and moving the start
1060 position along by debug_abbrev_offset bytes, hence forming a
1061 smaller DiSlice which has the same end point. Since we checked
1062 just above that debug_abbrev_offset is less than the size of
1063 debug_abbv_escn, this should leave us with a nonempty slice. */
1070 }
1072 /* This represents a single signatured type. It maps a type signature
1073 (a ULong) to a cooked DIE offset. Objects of this type are stored
1074 in the type signature hash table. */
1075 typedef
1078 UWord data;
1079 ULong type_signature;
1080 UWord die;
1081 }
1082 D3SignatureType;
1084 /* Record a signatured type in the hash table. */
1086 ULong type_signature,
1087 UWord die )
1088 {
1095 }
1097 /* Given a type signature hash table and a type signature, return the
1098 cooked DIE offset of the type. If the type cannot be found, call
1099 BARF. */
1101 ULong type_signature,
1103 {
1105 /* This may be unwarranted chumminess with the hash table
1106 implementation. */
1111 /*NOTREACHED*/
1113 }
1115 }
1118 /* Represents Form data. If szB is 1/2/4/8 then the result is in the
1119 lowest 1/2/4/8 bytes of u.val. If szB is zero or negative then the
1120 result is an image section beginning at u.cur and with size -szB.
1121 No other szB values are allowed. */
1122 typedef
1126 }
1127 FormContents;
1129 /* From 'c', get the Form data into 'cts'. Either it gets a 1/2/4/8
1130 byte scalar value, or (a reference to) zero or more bytes starting
1131 at a DiCursor.*/
1132 static
1136 {
1138 // !!! keep switch in sync with get_Form_szB. The nr of characters read below
1139 // must be computed similarly in get_Form_szB.
1140 // The consistency is verified in trace_DIE.
1178 /* note, this is a hack. DW_FORM_addr is defined as getting
1179 a word the size of the target machine as defined by the
1180 address_size field in the CU Header. However,
1181 parse_CU_Header() rejects all inputs except those for
1182 which address_size == sizeof(Word), hence we can just
1183 treat it as a (host) Word. */
1190 /* We make the same word-size assumption as DW_FORM_addr. */
1191 /* What does this really mean? From D3 Sec 7.5.4,
1192 description of "reference", it would appear to reference
1193 some other DIE, by specifying the offset from the
1194 beginning of a .debug_info section. The D3 spec mentions
1195 that this might be in some other shared object and
1196 executable. But I don't see how the name of the other
1197 object/exe is specified.
1199 At least for the DW_FORM_ref_addrs created by icc11, the
1200 references seem to be within the same object/executable.
1201 So for the moment we merely range-check, to see that they
1202 actually do specify a plausible offset within this
1203 object's .debug_info, and return the value unchanged.
1205 In DWARF 2, DW_FORM_ref_addr is address-sized, but in
1206 DWARF 3 and later, it is offset-sized.
1207 */
1214 }
1220 /* Hmm. Offset is nonsensical for this object's .debug_info
1221 section. Be safe and reject it. */
1224 }
1228 /* this is an offset into .debug_str */
1234 /* FIXME: check the entire string lies inside debug_str,
1235 not just the first byte of it. */
1236 DiCursor str
1242 }
1246 }
1253 }
1255 /* strlen is safe because get_AsciiZ already 'vetted' the
1256 entire string */
1259 }
1267 }
1275 }
1283 }
1291 }
1299 }
1306 }
1313 ULong u64b;
1320 }
1324 }
1326 ULong u64b;
1333 }
1337 }
1339 ULong u64b;
1346 }
1350 }
1353 ULong u64b;
1360 }
1364 }
1366 ULong u64b;
1374 }
1376 /* cc->signature_types is only built/initialised when
1377 VG_(clo_read_var_info) is set. In this case,
1378 the DW_FORM_ref_sig8 can be looked up.
1379 But we can also arrive here when only reading inline info
1380 and VG_(clo_trace_symtab) is set. In such a case,
1381 we cannot lookup the DW_FORM_ref_sig8, we rather assign
1382 a dummy value. This is a kludge, but otherwise,
1383 the 'dwarf inline info reader' tracing would have to
1384 do type processing/reading. It is better to avoid
1385 adding significant 'real' processing only due to tracing. */
1387 /* Due to the way that the hash table is constructed, the
1388 resulting DIE offset here is already "cooked". See
1389 cook_die_using_form. */
1397 }
1400 }
1415 /* Hmm. Offset is nonsensical for this object's .debug_info
1416 section. Be safe and reject it. */
1419 }
1423 /* this is an offset into alternate .debug_str */
1431 /* FIXME: check the entire string lies inside debug_str,
1432 not just the first byte of it. */
1433 DiCursor str
1439 }
1443 }
1450 }
1451 }
1454 {
1457 else
1459 }
1461 #define VARSZ_FORM 0xffffffff
1462 /* If the form is a fixed length form, return the nr of bytes for this form.
1463 If the form is a variable length form, return VARSZ_FORM. */
1464 static
1466 {
1467 // !!! keep switch in sync with get_Form_contents : the nr of bytes
1468 // read from a cursor by get_Form_contents must be returned by
1469 // the below switch.
1470 // The consistency is verified in trace_DIE.
1479 else
1490 else
1532 }
1533 }
1535 /* Skip a DIE as described by abbv.
1536 If the DIE has a sibling, *sibling is set to the skipped DIE sibling value. */
1537 static
1542 {
1543 UInt nf_i;
1544 FormContents cts;
1552 nf_i++;
1556 nf_i++;
1560 }
1563 }
1564 }
1567 /*------------------------------------------------------------*/
1568 /*--- ---*/
1569 /*--- Parsing of variable-related DIEs ---*/
1570 /*--- ---*/
1571 /*------------------------------------------------------------*/
1573 typedef
1576 /* Represent ranges economically. nRanges is the number of
1577 ranges. Cases:
1578 0: .rngOneMin .rngOneMax .manyRanges are all zero
1579 1: .rngOneMin .rngOneMax hold the range; .rngMany is NULL
1580 2: .rngOneMin .rngOneMax are zero; .rngMany holds the ranges.
1581 This is merely an optimisation to avoid having to allocate
1582 and free the XArray in the common (98%) of cases where there
1583 is zero or one address ranges. */
1584 UWord nRanges;
1585 Addr rngOneMin;
1586 Addr rngOneMax;
1588 /* Do not free .rngMany, since many TempVars will have the same
1589 value. Instead the associated storage is to be freed by
1590 deleting 'rangetree', which stores a single copy of each
1591 range. */
1592 /* --- */
1593 Int level;
1597 any */
1600 /* offset in .debug_info, so that abstract instances can be
1601 found to satisfy references from concrete instances. */
1602 UWord dioff;
1604 in some other, related TempVar. */
1605 }
1606 TempVar;
1608 typedef
1610 /* Contains the range stack: a stack of address ranges, one
1611 stack entry for each nested scope.
1613 Some scope entries are created by function definitions
1614 (DW_AT_subprogram), and for those, we also note the GExpr
1615 derived from its DW_AT_frame_base attribute, if any.
1616 Consequently it should be possible to find, for any
1617 variable's DIE, the GExpr for the containing function's
1618 DW_AT_frame_base by scanning back through the stack to find
1619 the nearest entry associated with a function. This somewhat
1620 elaborate scheme is provided so as to make it possible to
1621 obtain the correct DW_AT_frame_base expression even in the
1622 presence of nested functions (or to be more precise, in the
1623 presence of nested DW_AT_subprogram DIEs).
1624 */
1626 stack */
1627 Int stack_size;
1632 /* The fndn_ix file name/dirname table. Is a mapping from dwarf
1633 integer index to the index in di->fndnpool. */
1635 }
1636 D3VarParser;
1638 /* Completely initialise a variable parser object */
1639 static void
1641 {
1649 }
1651 /* Release any memory hanging off a variable parser object */
1652 static void
1654 {
1659 }
1662 {
1673 }
1682 }
1683 }
1685 }
1687 }
1689 /* Remove from the stack, all entries with .level > 'level' */
1690 static
1692 {
1702 /* Who allocated this xa? get_range_list() or
1703 unitary_range_list(). */
1707 }
1710 }
1714 Bool td3,
1721 /* First we need to zap everything >= 'level', as we are about to
1722 replace any previous entry at 'level', so .. */
1741 }
1753 }
1756 /* cts is derived from a DW_AT_location and so refers either to a
1757 location expression or to a location list. Figure out which, and
1758 in both cases bundle the expression or location list into a
1759 so-called GExpr (guarded expression). */
1762 {
1765 /* represents a non-empty in-line location expression, and
1766 cts->u.cur points at the image bytes */
1768 }
1769 else
1771 /* represents a location list. cts->u.val is the offset of it
1772 in .debug_loc. */
1776 }
1779 }
1781 }
1783 /* Returns an xarray* of directory names (indexed by the dwarf dirname
1784 integer).
1785 If 'compdir' is NULL, entry [0] will be set to "."
1786 otherwise entry [0] is set to compdir.
1787 Entry [0] basically means "the current directory of the compilation",
1788 whatever that means, according to the DWARF3 spec.
1789 FIXME??? readdwarf3.c/readdwarf.c have a lot of duplicated code */
1790 static
1793 Bool td3 )
1794 {
1797 UInt compdir_len;
1808 }
1820 /* If data_str[0] is '/', then 'data' is an absolute path and we
1821 don't mess with it. Otherwise, construct the
1822 path 'compdir' ++ "/" ++ 'data'. */
1825 /* not an absolute path */
1826 && compdir
1827 /* actually got something sensible for compdir */
1829 {
1842 /* just use 'data'. */
1846 }
1849 }
1858 }
1861 }
1863 static
1867 Bool td3 )
1868 {
1869 Bool is_dw64;
1870 Cursor c;
1871 Word i;
1872 UShort version;
1873 UChar opcode_base;
1878 UInt fndn_ix;
1884 }
1889 /* unit_length = */
1904 /* skip over "standard_opcode_lengths" */
1910 /* Read and record the file names table */
1912 /* Add a dummy index-zero entry. DWARF3 numbers its files
1913 from 1, for some reason. */
1923 else
1932 }
1933 /* We're done! The rest of it is not interesting. */
1936 }
1938 /* setup_cu_svma to be called when a cu is found at level 0,
1939 to establish the cu_svma. */
1941 {
1942 Addr cu_svma;
1943 /* We have potentially more than one type of parser parsing the
1944 dwarf information. At least currently, each parser establishes
1945 the cu_svma. So, in case cu_svma_known, we check that the same
1946 result is obtained by the 2nd parsing of the cu.
1948 Alternatively, we could reset cu_svma_known after each parsing
1949 and then check that we only see a single DW_TAG_compile_unit DIE
1950 at level 0, DWARF3 only allows exactly one top level DIE per
1951 CU. */
1956 /* Now, it may be that this DIE doesn't tell us the CU's
1957 SVMA, by way of not having a DW_AT_low_pc. That's OK --
1958 the CU doesn't *have* to have its SVMA specified.
1960 But as per last para D3 spec sec 3.1.1 ("Normal and
1961 Partial Compilation Unit Entries", "If the base address
1962 (viz, the SVMA) is undefined, then any DWARF entry of
1963 structure defined interms of the base address of that
1964 compilation unit is not valid.". So that means, if whilst
1965 processing the children of this top level DIE (or their
1966 children, etc) we see a DW_AT_range, and cu_svma_known is
1967 False, then the DIE that contains it is (per the spec)
1968 invalid, and we can legitimately stop and complain. */
1969 /* .. whereas The Reality is, simply assume the SVMA is zero
1970 if it isn't specified. */
1972 }
1981 }
1982 }
1985 DW_TAG dtag,
1986 UWord posn,
1987 Int level,
1988 UWord saved_die_c_offset,
1991 {
1992 Cursor c;
1993 FormContents cts;
1995 UInt nf_i;
1996 Bool debug_types_flag;
1997 Bool alt_flag;
1998 Cursor check_skip;
2016 nf_i++;
2019 /* Get the form contents, so as to print them */
2023 }
2025 }
2027 /* Verify that skipping a DIE gives the same displacement as
2028 tracing (i.e. reading) a DIE. If there is an inconsistency in
2029 the nr of bytes read by get_Form_contents and get_Form_szB, this
2030 should be detected by the below. Using --trace-symtab=yes
2031 --read-var-info=yes will ensure all DIEs are systematically
2032 verified. */
2037 }
2042 DW_TAG dtag,
2043 UWord posn,
2044 Int level,
2046 UWord saved_die_c_offset,
2049 {
2053 }
2057 {
2059 }
2060 #define goto_bad_DIE do {bad_DIE_confusion(__LINE__); goto bad_DIE;} while (0)
2068 DW_TAG dtag,
2069 UWord posn,
2070 Int level,
2074 Bool td3
2075 )
2076 {
2077 FormContents cts;
2078 UInt nf_i;
2099 nf_i++;
2105 }
2111 }
2115 }
2123 }
2127 }
2128 }
2132 /* Now, does this give us an opportunity to find this
2133 CU's svma? */
2137 /* Do we have something that looks sane? */
2142 level,
2145 /* CU has no code, presumably?
2146 Such situations have been encountered for code
2147 compiled with -ffunction-sections -fdata-sections
2148 and linked with --gc-sections. Completely
2149 eliminated CU gives such 0 lo/hi pc. Similarly
2150 to a CU which has no lo/hi/range pc, we push
2151 an empty range list. */
2154 level,
2161 level,
2165 /* CU has no code, presumably? */
2168 level,
2172 /* broken DIE created by gcc-4.3.X ? Ignore the
2173 apparently-redundant DW_AT_low_pc and use the DW_AT_ranges
2174 instead. */
2178 level,
2183 goto_bad_DIE;
2184 }
2185 }
2201 nf_i++;
2207 }
2213 }
2217 }
2224 }
2225 }
2228 /* Do we have something that looks sane? */
2231 /* This is legit - ignore it. Sec 3.3.3: "A subroutine entry
2232 representing a subroutine declaration that is not also a
2233 definition does not have code address or range
2234 attributes." */
2238 /* I believe this is legit, and means the lexical block
2239 contains no insns (whatever that might mean). Ignore. */
2242 /* This scope supplies just a single address range. */
2249 /* This scope supplies multiple address ranges via the use of
2250 a range list. */
2257 /* This scope is bogus. The D3 spec sec 3.4 (Lexical Block
2258 Entries) says fairly clearly that a scope must have either
2259 _range or (_low_pc and _high_pc). */
2260 /* The spec is a bit ambiguous though. Perhaps a single byte
2261 range is intended? See sec 2.17 (Code Addresses And Ranges) */
2262 /* This case is here because icc9 produced this:
2263 <2><13bd>: DW_TAG_lexical_block
2264 DW_AT_decl_line : 5229
2265 DW_AT_decl_column : 37
2266 DW_AT_decl_file : 1
2267 DW_AT_low_pc : 0x401b03
2268 */
2269 /* Ignore (seems safe than pushing a single byte range) */
2271 goto_bad_DIE;
2272 }
2287 nf_i++;
2290 n_attrs++;
2293 }
2299 }
2302 }
2305 }
2308 }
2310 /*declaration = True;*/
2311 }
2314 }
2320 }
2323 }
2324 }
2326 /* Case of a static variable. It is better to declare
2327 it global as the variable is not really related to
2328 a PC range, as its address can be used by program
2329 counters outside of the ranges where it is visible . */
2331 }
2333 /* We'll collect it under if one of the following three
2334 conditions holds:
2335 (1) has location and type -> completed
2336 (2) has type only -> is an abstract instance
2337 (3) has location and abs_ori -> is a concrete instance
2338 Name, fndn_ix and line number are all optional frills.
2339 */
2344 /* Add this variable to the list of interesting looking
2345 variables. Crucially, note along with it the address
2346 range(s) associated with the variable, which for locals
2347 will be the address ranges at the top of the varparser's
2348 stack. */
2353 /* Stack can't be empty; we put a dummy entry on it for the
2354 entire address range before starting with the DIEs for
2355 this CU. */
2358 /* If this is a local variable (non-global), try to find
2359 the GExpr for the DW_AT_frame_base of the containing
2360 function. It should have been pushed on the stack at the
2361 time we encountered its DW_TAG_subprogram DIE, so the way
2362 to find it is to scan back down the stack looking for it.
2363 If there isn't an enclosing stack entry marked 'isFunc'
2364 then we must be seeing variable or formal param DIEs
2365 outside of a function, so we deem the Dwarf to be
2366 malformed if that happens. Note that the fbGX may be NULL
2367 if the containing DT_TAG_subprogram didn't supply a
2368 DW_AT_frame_base -- that's OK, but there must actually be
2369 a containing DW_TAG_subprogram. */
2377 }
2378 }
2382 "warning: parse_var_DIE: non-global variable "
2384 }
2385 /* goto_bad_DIE; */
2386 /* This seems to happen a lot. Just ignore it -- if,
2387 when we come to evaluation of the location (guarded)
2388 expression, it requires a frame base value, and
2389 there's no expression for that, then evaluation as a
2390 whole will fail. Harmless - a bit of a waste of
2391 cycles but nothing more. */
2392 }
2393 }
2395 /* re "global ? 0 : parser->sp" (twice), if the var is
2396 marked 'global' then we must put it at the global scope,
2397 as only the global scope (level 0) covers the entire PC
2398 address space. It is asserted elsewhere that level 0
2399 always covers the entire address space. */
2415 /* See explanation on definition of type TempVar for the
2416 reason for this elaboration. */
2425 }
2427 /* See if we already have a range list which is
2428 structurally identical. If so, use that; if not, clone
2429 this one, and add it to our collection. */
2440 }
2441 }
2447 /* collect stats on how effective the ->ranges special
2448 casing is */
2451 ntot++;
2455 }
2457 }
2459 /* Here are some other weird cases seen in the wild:
2461 We have a variable with a name and a type, but no
2462 location. I guess that's a sign that it has been
2463 optimised away. Ignore it. Here's an example:
2465 static Int lc_compar(void* n1, void* n2) {
2466 MC_Chunk* mc1 = *(MC_Chunk**)n1;
2467 MC_Chunk* mc2 = *(MC_Chunk**)n2;
2468 return (mc1->data < mc2->data ? -1 : 1);
2469 }
2471 Both mc1 and mc2 are like this
2472 <2><5bc>: Abbrev Number: 21 (DW_TAG_variable)
2473 DW_AT_name : mc1
2474 DW_AT_decl_file : 1
2475 DW_AT_decl_line : 216
2476 DW_AT_type : <5d3>
2478 whereas n1 and n2 do have locations specified.
2480 ---------------------------------------------
2482 We see a DW_TAG_formal_parameter with a type, but
2483 no name and no location. It's probably part of a function type
2484 construction, thusly, hence ignore it:
2485 <1><2b4>: Abbrev Number: 12 (DW_TAG_subroutine_type)
2486 DW_AT_sibling : <2c9>
2487 DW_AT_prototyped : 1
2488 DW_AT_type : <114>
2489 <2><2be>: Abbrev Number: 13 (DW_TAG_formal_parameter)
2490 DW_AT_type : <13e>
2491 <2><2c3>: Abbrev Number: 13 (DW_TAG_formal_parameter)
2492 DW_AT_type : <133>
2494 ---------------------------------------------
2496 Is very minimal, like this:
2497 <4><81d>: Abbrev Number: 44 (DW_TAG_variable)
2498 DW_AT_abstract_origin: <7ba>
2499 What that signifies I have no idea. Ignore.
2501 ----------------------------------------------
2503 Is very minimal, like this:
2504 <200f>: DW_TAG_formal_parameter
2505 DW_AT_abstract_ori: <1f4c>
2506 DW_AT_location : 13440
2507 What that signifies I have no idea. Ignore.
2508 It might be significant, though: the variable at least
2509 has a location and so might exist somewhere.
2510 Maybe we should handle this.
2512 ---------------------------------------------
2514 <22407>: DW_TAG_variable
2515 DW_AT_name : (indirect string, offset: 0x6579):
2516 vgPlain_trampoline_stuff_start
2517 DW_AT_decl_file : 29
2518 DW_AT_decl_line : 56
2519 DW_AT_external : 1
2520 DW_AT_declaration : 1
2522 Nameless and typeless variable that has a location? Who
2523 knows. Not me.
2524 <2><3d178>: Abbrev Number: 22 (DW_TAG_variable)
2525 DW_AT_location : 9 byte block: 3 c0 c7 13 38 0 0 0 0
2526 (DW_OP_addr: 3813c7c0)
2528 No, really. Check it out. gcc is quite simply borked.
2529 <3><168cc>: Abbrev Number: 141 (DW_TAG_variable)
2530 // followed by no attributes, and the next DIE is a sibling,
2531 // not a child
2532 */
2533 }
2536 bad_DIE:
2539 abbv,
2540 cc);
2541 /*NOTREACHED*/
2542 }
2544 typedef
2546 /* The fndn_ix file name/dirname table. Is a mapping from dwarf
2547 integer index to the index in di->fndnpool. */
2550 }
2551 D3InlParser;
2553 /* Return the function name corresponding to absori.
2555 absori is a 'cooked' reference to a DIE, i.e. absori can be either
2556 in cc->escn_debug_info or in cc->escn_debug_info_alt.
2557 get_inlFnName will uncook absori.
2559 The returned value is a (permanent) string in DebugInfo's .strchunks.
2561 LIMITATION: absori must point in the CU of cc. If absori points
2562 in another CU, returns "UnknownInlinedFun".
2564 Here are the problems to retrieve the fun name if absori is in
2565 another CU: the DIE reading code cannot properly extract data from
2566 another CU, as the abbv code retrieved in the other CU cannot be
2567 translated in an abbreviation. Reading data from the alternate debug
2568 info also gives problems as the string reference is also in the alternate
2569 file, but when reading the alt DIE, the string form is a 'local' string,
2570 but cannot be read in the current CU, but must be read in the alt CU.
2571 See bug 338803 comment#3 and attachment for a failed attempt to handle
2572 these problems (failed because with the patch, only one alt abbrev hash
2573 table is kept, while we must handle all abbreviations in all CUs
2574 referenced by an absori (being a reference to an alt CU, or a previous
2575 or following CU). */
2577 {
2578 Cursor c;
2581 UInt has_children;
2582 UWord posn;
2585 FormContents cts;
2586 UInt nf_i;
2588 /* Some inlined subroutine call dwarf entries do not have the abstract
2589 origin attribute, resulting in absori being 0 (see callers of
2590 get_inlFnName). This is observed at least with gcc 6.3.0 when compiling
2591 valgrind with lto. So, in case we have a 0 absori, do not report an
2592 error, instead, rather return an unknown inlined function. */
2600 }
2603 }
2609 /* LIMITATION: check we are in the same CU.
2610 If not, return unknown inlined function name. */
2611 /* if crossing between alt debug info<>normal info
2612 or posn not in the cu range,
2613 then it is in another CU. */
2623 }
2626 }
2651 nf_i++;
2663 DW_AT_specification. */
2664 }
2666 UWord cdie;
2671 /* The recursive call to get_inlFnName will uncook its arg.
2672 So, we need to cook it here, so as to reference the
2673 correct section (e.g. the alt info). */
2676 /* hoping that there is no loop */
2678 /* Unclear if having both DW_AT_specification and DW_AT_name is
2679 possible but in any case, we do not break here.
2680 If we find later on a DW_AT_name, it will override the name found
2681 in the DW_AT_specification.*/
2682 }
2683 }
2690 }
2691 }
2693 /* Returns True if the (possibly) childrens of the current DIE are interesting
2694 to parse. Returns False otherwise.
2695 If the current DIE has a sibling, the non interesting children can
2696 maybe be skipped (if the DIE has a DW_AT_sibling). */
2700 DW_TAG dtag,
2701 UWord posn,
2702 Int level,
2706 Bool td3
2707 )
2708 {
2709 FormContents cts;
2710 UInt nf_i;
2714 /* Get info about DW_TAG_compile_unit and DW_TAG_partial_unit 'which
2715 in theory could also contain inlined fn calls). */
2725 nf_i++;
2731 }
2739 }
2743 }
2746 }
2747 }
2750 }
2763 // 0 will be interpreted as no abstract origin by get_inlFnName
2769 nf_i++;
2778 }
2781 }
2784 }
2787 inlinedfn_abstract_origin
2789 }
2794 }
2800 }
2804 }
2807 }
2808 }
2811 /* Do we have something that looks sane? */
2814 /* Seems strange. How can an inlined subroutine have
2815 no code ? */
2816 goto_bad_DIE;
2819 /* This inlined call is just a single address range. */
2821 /* Apply text debug biasing */
2827 caller_fndn_ix,
2829 }
2831 /* This inlined call is several address ranges. */
2833 Word j;
2837 /* Ranges are biased for the inline info using the same logic
2838 as what is used for biasing ranges for the var info, for which
2839 ranges are read using cc->cu_svma (see parse_var_DIE).
2840 Then text_debug_bias is added when a (non global) var
2841 is recorded (see just before the call to ML_(addVar)) */
2849 // aMax+1 as range has its last bound included
2850 // while ML_(addInlInfo) expects last bound not
2851 // included.
2852 inlfnname,
2853 caller_fndn_ix,
2855 }
2858 goto_bad_DIE;
2859 }
2861 // Only recursively parse the (possible) children for the DIE which
2862 // might maybe contain a DW_TAG_inlined_subroutine:
2867 bad_DIE:
2870 abbv,
2871 cc);
2872 /*NOTREACHED*/
2873 }
2876 /*------------------------------------------------------------*/
2877 /*--- ---*/
2878 /*--- Parsing of type-related DIEs ---*/
2879 /*--- ---*/
2880 /*------------------------------------------------------------*/
2882 typedef
2884 /* What source language? 'A'=Ada83/95,
2885 'C'=C/C++,
2886 'F'=Fortran,
2887 '?'=other
2888 Established once per compilation unit. */
2889 UChar language;
2890 /* A stack of types which are currently under construction */
2892 stack */
2893 Int stack_size;
2894 /* Note that the TyEnts in qparentE are temporary copies of the
2895 ones accumulating in the main tyent array. So it is not safe
2896 to free up anything on them when popping them off the stack
2897 (iow, it isn't safe to use TyEnt__make_EMPTY on them). Just
2898 memset them to zero when done. */
2901 }
2902 D3TypeParser;
2904 /* Completely initialise a type parser object */
2905 static void
2907 {
2913 }
2915 /* Release any memory hanging off a type parser object */
2916 static void
2918 {
2921 }
2924 {
2925 Word i;
2931 }
2933 }
2935 /* Remove from the stack, all entries with .level > 'level' */
2936 static
2938 {
2950 }
2953 }
2956 {
2959 }
2963 Bool td3,
2965 {
2970 /* First we need to zap everything >= 'level', as we are about to
2971 replace any previous entry at 'level', so .. */
2984 }
2995 }
2997 /* True if the subrange type being parsed gives the bounds of an array. */
2999 DW_TAG dtag ) {
3001 /* For most languages, a subrange_type dtag always gives the
3002 bounds of an array.
3003 For Ada, there are additional conditions as a subrange_type
3004 is also used for other purposes. */
3006 /* not Ada, so it definitely denotes an array bound. */
3008 else
3009 /* Extra constraints for Ada: it only denotes an array bound if .. */
3012 }
3014 /* True if the form is one of the forms supported to give an array bound.
3015 For some arrays (scope local arrays with variable size),
3016 a DW_FORM_ref4 was used, and was wrongly used as the bound value.
3017 So, refuse the forms that are known to give a problem. */
3026 }
3028 /* Parse a type-related DIE. 'parser' holds the current parser state.
3029 'admin' is where the completed types are dumped. 'dtag' is the tag
3030 for this DIE. 'c_die' points to the start of the data fields (FORM
3031 stuff) for the DIE. abbv is the parsed abbreviation which describe
3032 the DIE.
3034 We may find the DIE uninteresting, in which case we should ignore
3035 it.
3037 What happens: the DIE is examined. If uninteresting, it is ignored.
3038 Otherwise, the DIE gives rise to two things:
3040 (1) the offset of this DIE in the CU -- the cuOffset, a UWord
3041 (2) a TyAdmin structure, which holds the type, or related stuff
3043 (2) is added at the end of 'tyadmins', at some index, say 'i'.
3045 A pair (cuOffset, i) is added to 'tydict'.
3047 Hence 'tyadmins' holds the actual type entities, and 'tydict' holds
3048 a mapping from cuOffset to the index of the corresponding entry in
3049 'tyadmin'.
3051 When resolving a cuOffset to a TyAdmin, first look up the cuOffset
3052 in the tydict (by binary search). This gives an index into
3053 tyadmins, and the required entity lives in tyadmins at that index.
3054 */
3058 DW_TAG dtag,
3059 UWord posn,
3060 Int level,
3064 Bool td3 )
3065 {
3066 FormContents cts;
3067 UInt nf_i;
3068 TyEnt typeE;
3069 TyEnt atomE;
3070 TyEnt fieldE;
3071 TyEnt boundE;
3080 /* If we've returned to a level at or above any previously noted
3081 parent, un-note it, so we don't believe we're still collecting
3082 its children. */
3088 /* See if we can find DW_AT_language, since it is important for
3089 establishing array bounds (see DW_TAG_subrange_type below in
3090 this fn) */
3095 nf_i++;
3101 goto_bad_DIE;
3123 goto_bad_DIE;
3124 }
3125 }
3126 }
3129 /* We can pick up a new base type any time. */
3137 nf_i++;
3144 }
3147 }
3163 goto_bad_DIE;
3164 }
3165 }
3166 }
3168 /* Invent a name if it doesn't have one. gcc-4.3
3169 -ftree-vectorize is observed to emit nameless base types. */
3175 /* Do we have something that looks sane? */
3178 /* and a plausible size. Yes, really 32: "complex long
3179 double" apparently has size=32 */
3181 /* and a plausible encoding */
3186 goto_bad_DIE;
3187 /* Last minute hack: if we see this
3188 <1><515>: DW_TAG_base_type
3189 DW_AT_byte_size : 0
3190 DW_AT_encoding : 5
3191 DW_AT_name : void
3192 convert it into a real Void type. */
3198 }
3201 }
3203 /*
3204 * An example of DW_TAG_rvalue_reference_type:
3205 *
3206 * $ readelf --debug-dump /usr/lib/debug/usr/lib/libstdc++.so.6.0.16.debug
3207 * <1><1014>: Abbrev Number: 55 (DW_TAG_rvalue_reference_type)
3208 * <1015> DW_AT_byte_size : 4
3209 * <1016> DW_AT_type : <0xe52>
3210 */
3214 /* This seems legit for _pointer_type and _reference_type. I
3215 don't know if rolling _ptr_to_member_type in here really is
3216 legit, but it's better than not handling it at all. */
3234 }
3235 /* target type defaults to void */
3237 /* These four type kinds don't *have* to specify their size, in
3238 which case we assume it's a machine word. But if they do
3239 specify it, it must be a machine word :-) This probably
3240 assumes that the word size of the Dwarf3 we're reading is the
3241 same size as that on the machine. gcc appears to give a size
3242 whereas icc9 doesn't. */
3248 nf_i++;
3253 }
3257 }
3258 }
3259 /* Do we have something that looks sane? */
3261 goto_bad_DIE;
3262 else
3264 }
3267 /* Create a new Type to hold the results. */
3280 nf_i++;
3287 }
3290 }
3293 }
3294 }
3301 /* Do we have something that looks sane? */
3303 /* we must know the size */
3304 /* but not for Ada, which uses such dummy
3305 enumerations as helper for gdb ada mode.
3306 Also GCC allows incomplete enums as GNU extension.
3307 http://gcc.gnu.org/onlinedocs/gcc/Incomplete-Enums.html
3308 These are marked as DW_AT_declaration and won't have
3309 a size. They can only be used in declaration or as
3310 pointer types. You can't allocate variables or storage
3311 using such an enum type. (Also GCC seems to have a bug
3312 that will put such an enumeration_type into a .debug_types
3313 unit which should only contain complete types.) */
3315 goto_bad_DIE;
3316 }
3318 /* On't stack! */
3321 }
3323 /* gcc (GCC) 4.4.0 20081017 (experimental) occasionally produces
3324 DW_TAG_enumerator with only a DW_AT_name but no
3325 DW_AT_const_value. This is in violation of the Dwarf3 standard,
3326 and appears to be a new "feature" of gcc - versions 4.3.x and
3327 earlier do not appear to do this. So accept DW_TAG_enumerator
3328 which only have a name but no value. An example:
3330 <1><180>: Abbrev Number: 6 (DW_TAG_enumeration_type)
3331 <181> DW_AT_name : (indirect string, offset: 0xda70):
3332 QtMsgType
3333 <185> DW_AT_byte_size : 4
3334 <186> DW_AT_decl_file : 14
3335 <187> DW_AT_decl_line : 1480
3336 <189> DW_AT_sibling : <0x1a7>
3337 <2><18d>: Abbrev Number: 7 (DW_TAG_enumerator)
3338 <18e> DW_AT_name : (indirect string, offset: 0x9e18):
3339 QtDebugMsg
3340 <2><192>: Abbrev Number: 7 (DW_TAG_enumerator)
3341 <193> DW_AT_name : (indirect string, offset: 0x1505f):
3342 QtWarningMsg
3343 <2><197>: Abbrev Number: 7 (DW_TAG_enumerator)
3344 <198> DW_AT_name : (indirect string, offset: 0x16f4a):
3345 QtCriticalMsg
3346 <2><19c>: Abbrev Number: 7 (DW_TAG_enumerator)
3347 <19d> DW_AT_name : (indirect string, offset: 0x156dd):
3348 QtFatalMsg
3349 <2><1a1>: Abbrev Number: 7 (DW_TAG_enumerator)
3350 <1a2> DW_AT_name : (indirect string, offset: 0x13660):
3351 QtSystemMsg
3352 */
3361 nf_i++;
3368 }
3372 }
3373 }
3374 /* Do we have something that looks sane? */
3376 goto_bad_DIE;
3377 /* Do we have a plausible parent? */
3383 /* Record this child in the parent */
3387 /* And record the child itself */
3389 }
3391 /* Treat DW_TAG_class_type as if it was a DW_TAG_structure_type. I
3392 don't know if this is correct, but it at least makes this reader
3393 usable for gcc-4.3 produced Dwarf3. */
3399 /* Create a new Type to hold the results. */
3416 nf_i++;
3423 }
3427 }
3430 }
3433 }
3440 }
3441 }
3442 /* Do we have something that looks sane? */
3444 /* It's a DW_AT_declaration. We require the name but
3445 nothing else. */
3446 /* JRS 2012-06-28: following discussion w/ tromey, if the
3447 type doesn't have name, just make one up, and accept it.
3448 It might be referred to by other DIEs, so ignoring it
3449 doesn't seem like a safe option. */
3455 /* JRS 2009 Aug 10: <possible kludge>? */
3456 /* Push this tyent on the stack, even though it's incomplete.
3457 It appears that gcc-4.4 on Fedora 11 will sometimes create
3458 DW_TAG_member entries for it, and so we need to have a
3459 plausible parent present in order for that to work. See
3460 #200029 comments 8 and 9. */
3462 /* </possible kludge> */
3464 }
3466 /* this is the common, ordinary case */
3467 /* The name can be present, or not */
3469 /* We must know the size.
3470 But in Ada, record with discriminants might have no size.
3471 But in C, VLA in the middle of a struct (gcc extension)
3472 might have no size.
3473 Instead, some GNAT dwarf extensions and/or dwarf entries
3474 allow to calculate the struct size at runtime.
3475 We cannot do that (yet?) so, the temporary kludge is to use
3476 a small size. */
3478 }
3479 /* On't stack! */
3482 }
3484 /* don't know how to handle any other variants just now */
3485 goto_bad_DIE;
3486 }
3487 }
3490 /* Acquire member entries for both DW_TAG_structure_type and
3491 DW_TAG_union_type. They differ minorly, in that struct
3492 members must have a DW_AT_data_member_location expression
3493 whereas union members must not. */
3494 Bool parent_is_struct;
3503 nf_i++;
3510 }
3514 }
3515 /* There are 2 different cases for DW_AT_data_member_location.
3516 If it is a constant class attribute, it contains byte offset
3517 from the beginning of the containing entity.
3518 Otherwise it is a location expression. */
3522 }
3529 }
3530 }
3531 /* Do we have a plausible parent? */
3537 /* Do we have something that looks sane? If this a member of a
3538 struct, we must have a location expression; but if a member
3539 of a union that is irrelevant (D3 spec sec 5.6.6). We ought
3540 to reject in the latter case, but some compilers have been
3541 observed to emit constant-zero expressions. So just ignore
3542 them. */
3543 parent_is_struct
3550 goto_bad_DIE;
3553 /* If this is a union type, pretend we haven't seen the data
3554 member location expression, as it is by definition
3555 redundant (it must be zero). */
3560 }
3561 /* Record this child in the parent */
3566 /* And record the child itself */
3569 /* Member with no location - this can happen with static
3570 const members in C++ code which are compile time constants
3571 that do no exist in the class. They're not of any interest
3572 to us so we ignore them. */
3574 }
3575 }
3590 nf_i++;
3596 }
3597 }
3599 goto_bad_DIE;
3600 /* On't stack! */
3603 }
3605 /* this is a subrange type defining the bounds of an array. */
3620 DW_TAG_compile_unit in this fn */
3621 }
3630 nf_i++;
3637 }
3642 }
3644 /*count = (Long)cts.u.val;*/
3646 }
3647 }
3648 /* FIXME: potentially skip the rest if no parent present, since
3649 it could be the case that this subrange type is free-standing
3650 (not being used to describe the bounds of a containing array
3651 type) */
3652 /* Do we have a plausible parent? */
3659 /* Figure out if we have a definite range or not */
3665 }
3671 }
3677 }
3684 /* FIXME: handle more cases */
3685 goto_bad_DIE;
3686 }
3688 /* Record this bound in the parent */
3693 /* And record the child itself */
3695 }
3697 /* typedef or subrange_type other than array bounds. */
3701 /* subrange_type other than array bound is only for Ada. */
3703 /* We can pick up a new typedef/subrange_type any time. */
3713 nf_i++;
3720 }
3724 }
3725 }
3726 /* Do we have something that looks sane?
3727 gcc gnat Ada generates minimal typedef
3728 such as the below
3729 <6><91cc>: DW_TAG_typedef
3730 DW_AT_abstract_ori: <9066>
3731 g++ for OMP can generate artificial functions that have
3732 parameters that refer to pointers to unnamed typedefs.
3733 See https://bugs.kde.org/show_bug.cgi?id=273475
3734 So we cannot require a name for a DW_TAG_typedef.
3735 */
3737 }
3740 /* function type? just record that one fact and ask no
3741 further questions. */
3746 }
3757 /* target type defaults to 'void' */
3763 nf_i++;
3769 have_ty++;
3770 }
3771 }
3772 /* gcc sometimes generates DW_TAG_const/volatile_type without
3773 DW_AT_type and GDB appears to interpret the type as 'const
3774 void' (resp. 'volatile void'). So just allow it .. */
3777 else
3778 goto_bad_DIE;
3779 }
3781 /*
3782 * Treat DW_TAG_unspecified_type as type void. An example of DW_TAG_unspecified_type:
3783 *
3784 * $ readelf --debug-dump /usr/lib/debug/usr/lib/libstdc++.so.6.0.16.debug
3785 * <1><10d4>: Abbrev Number: 53 (DW_TAG_unspecified_type)
3786 * <10d5> DW_AT_name : (indirect string, offset: 0xdb7): decltype(nullptr)
3787 */
3794 }
3796 /* else ignore this DIE */
3798 /*NOTREACHED*/
3800 acquire_Type:
3807 /*NOTREACHED*/
3809 acquire_Atom:
3816 /*NOTREACHED*/
3818 acquire_Field:
3819 /* For union members, Expr should be absent */
3828 }
3833 /*NOTREACHED*/
3835 acquire_Bound:
3842 /*NOTREACHED*/
3844 bad_DIE:
3847 abbv,
3848 cc);
3849 /*NOTREACHED*/
3850 }
3853 /*------------------------------------------------------------*/
3854 /*--- ---*/
3855 /*--- Compression of type DIE information ---*/
3856 /*--- ---*/
3857 /*------------------------------------------------------------*/
3862 UWord cuOff )
3863 {
3871 }
3881 }
3882 }
3884 static
3889 {
3898 }
3900 }
3905 {
3968 }
3970 }
3972 /* Make a pass over 'ents'. For each tyent, inspect the target of any
3973 'R' or 'Rs' fields (those which refer to other tyents), and replace
3974 any which point to INDIR nodes with the target of the indirection
3975 (which should not itself be an indirection). In summary, this
3976 routine shorts out all references to indirection nodes. */
3977 static
3980 {
3982 Bool b;
3987 /* We have to substitute everything, even indirections, so as to
3988 ensure that chains of indirections don't build up. */
3991 nChanged++;
3992 }
3995 }
3998 /* Make a pass over 'ents', building a dictionary of TyEnts as we go.
3999 Look up each new tyent in the dictionary in turn. If it is already
4000 in the dictionary, replace this tyent with an indirection to the
4001 existing one, and delete any malloc'd stuff hanging off this one.
4002 In summary, this routine commons up all tyents that are identical
4003 as defined by TyEnt__cmp_by_all_except_cuOff. */
4004 static
4006 {
4016 );
4024 /* Ignore indirections, although check that they are
4025 not forming a cycle. */
4029 }
4033 /* it's already in the dictionary. */
4038 /* since we are traversing the array in increasing order of
4039 cuOff: */
4041 /* So anyway, dump this entry and replace it with an
4042 indirection to the one in the dictionary. Note that the
4043 assertion above guarantees that we cannot create cycles of
4044 indirections, since we are always creating an indirection
4045 to a tyent with a cuOff lower than this one. */
4049 nDeleted++;
4051 /* not in dictionary; add it and keep going. */
4053 }
4054 }
4059 }
4062 static
4066 {
4072 /* If a commoning pass and a substitution pass both make fewer than
4073 this many changes, just stop. It's pointless to burn up CPU
4074 time trying to compress the last 1% or so out of the array. */
4077 /* First we must sort .ents by its .cuOff fields, so we
4078 can index into it. */
4082 /* Now repeatedly do commoning and substitution passes over
4083 the array, until there are no more changes. */
4091 /* Sanity check: all INDIR nodes should point at a non-INDIR thing.
4092 In fact this should be true at the end of every loop iteration
4093 above (a commoning pass followed by a substitution pass), but
4094 checking it on every iteration is excessively expensive. Note,
4095 this loop also computes 'm' for the stats printing below it. */
4102 m++;
4107 }
4110 }
4113 /*------------------------------------------------------------*/
4114 /*--- ---*/
4115 /*--- Resolution of references to type DIEs ---*/
4116 /*--- ---*/
4117 /*------------------------------------------------------------*/
4119 /* Make a pass through the (temporary) variables array. Examine the
4120 type of each variable, check is it found, and chase any Te_INDIRs.
4121 Postcondition is: each variable has a typeR field that refers to a
4122 valid type in tyents, or a Te_UNKNOWN, and is certainly guaranteed
4123 not to refer to a Te_INDIR. (This is so that we can throw all the
4124 Te_INDIRs away later). */
4132 )
4133 {
4138 /* This is the stated type of the variable. But it might be
4139 an indirection, so be careful. */
4147 }
4149 /* Deal first with "normal" cases */
4153 }
4155 /* If there's no ent, it probably we did not manage to read a
4156 type at the cuOffset which is stated as being this variable's
4157 type. Maybe a deficiency in parse_type_DIE. Complain. */
4162 }
4164 /* If ent has any other tag, something bad happened, along the
4165 lines of var->typeR not referring to a type at all. */
4167 /* Just accept it; the type will be useless, but at least keep
4168 going. */
4170 }
4171 }
4174 /*------------------------------------------------------------*/
4175 /*--- ---*/
4176 /*--- Parsing of Compilation Units ---*/
4177 /*--- ---*/
4178 /*------------------------------------------------------------*/
4186 }
4197 )
4198 {
4201 UWord posn;
4202 UInt has_children;
4203 UWord start_die_c_offset;
4204 UWord after_die_c_offset;
4205 // If the DIE we will parse has a sibling and the parser(s) are
4206 // all indicating that parse_children is not necessary, then
4207 // we will skip the children by jumping to the sibling of this DIE
4208 // (if it has a sibling).
4212 /* --- Deal with this DIE --- */
4222 }
4231 /* We're set up to look at the fields of this DIE. Hand it off to
4232 any parser(s) that want to see it. Since they will in general
4233 advance the DIE cursor, remember the current settings so that we
4234 can then back up. . */
4240 typarser,
4242 posn,
4243 level,
4246 cc,
4247 td3 );
4251 }
4254 tempvars,
4255 gexprs,
4256 varparser,
4258 posn,
4259 level,
4262 cc,
4263 td3 );
4267 }
4270 // type and var parsers do not have logic to skip childrens and establish
4271 // the value of sibling.
4272 }
4276 parse_children =
4279 posn,
4280 level,
4283 cc,
4284 td3 )
4288 // Last parser, no need to reset the cursor to start_die_c_offset.
4289 }
4293 }
4296 // DIE was read by a parser above, so we know where the DIE ends.
4299 /* No parser has parsed this DIE. So, we need to skip the DIE,
4300 in order to read the next DIE.
4301 At the same time, establish sibling value if the DIE has one. */
4304 }
4306 /* --- Now recurse into its children, if any
4307 and the parsing of the children is requested by a parser --- */
4317 }
4318 /* Now we need to eat the terminating zero */
4323 // We can skip the childrens, by jumping to the sibling
4328 }
4329 }
4331 }
4335 DiSlice escn_debug_loc)
4336 {
4337 #if 0
4338 /* This doesn't work properly because it assumes all entries are
4339 packed end to end, with no holes. But that doesn't always
4340 appear to be the case, so it loses sync. And the D3 spec
4341 doesn't appear to require a no-hole situation either. */
4342 /* Display .debug_loc */
4343 Addr dl_base;
4344 UWord dl_offset;
4358 UWord len;
4362 /* Read a (host-)word pair. This is something of a hack since
4363 the word size to read is really dictated by the ELF file;
4364 however, we assume we're reading a file with the same
4365 word-sizeness as the host. Reasonably enough. */
4370 /* end of list. reset 'base' */
4375 }
4378 /* new value for 'base' */
4383 }
4385 /* else a location expression follows */
4392 len--;
4393 }
4395 }
4396 }
4397 #endif
4398 }
4402 DiSlice escn_debug_ranges)
4403 {
4405 Addr dr_base;
4406 UWord dr_offset;
4409 /* Display .debug_ranges */
4424 /* Read a (host-)word pair. This is something of a hack since
4425 the word size to read is really dictated by the ELF file;
4426 however, we assume we're reading a file with the same
4427 word-sizeness as the host. Reasonably enough. */
4432 /* end of list. reset 'base' */
4437 }
4440 /* new value for 'base' */
4445 }
4447 /* else a range [w1+base, w2+base) is denoted */
4450 }
4451 }
4452 }
4456 DiSlice escn_debug_abbv)
4457 {
4461 /* Display .debug_abbrev */
4470 /* Read one abbreviation table */
4473 ULong atag;
4474 UInt has_children;
4488 }
4489 }
4490 }
4491 }
4492 }
4494 static
4503 DiSlice escn_debug_str_alt
4504 )
4505 {
4516 D3TypeParser typarser;
4517 D3VarParser varparser;
4518 D3InlParser inlparser;
4522 Int pass;
4525 /* Display/trace various information, if requested. */
4531 }
4533 /* Zero out all parsers. Parsers will really be initialised
4534 according to VG_(clo_read_*_info). */
4538 /* We'll park the harvested type information in here. Also create
4539 a fake "void" entry with offset D3_FAKEVOID_CUOFF, so we always
4540 have at least one type entry to refer to. D3_FAKEVOID_CUOFF is
4541 huge and presumably will not occur in any valid DWARF3 file --
4542 it would need to have a .debug_info section 4GB long for that to
4543 happen. These type entries end up in the DebugInfo. */
4553 }
4559 }
4561 /* This is a tree used to unique-ify the range lists that are
4562 manufactured by parse_var_DIE. References to the keys in the
4563 tree wind up in .rngMany fields in TempVars. We'll need to
4564 delete this tree, and the XArrays attached to it, at the end of
4565 this function. */
4571 /* List of variables we're accumulating. These don't end up in the
4572 DebugInfo; instead their contents are handed to ML_(addVar) and
4573 the list elements are then deleted. */
4579 /* List of GExprs we're accumulating. These wind up in the
4580 DebugInfo. */
4584 /* We need a D3TypeParser to keep track of partially constructed
4585 types. It'll be discarded as soon as we've completed the CU,
4586 since the resulting information is tipped in to 'tyents' as it
4587 is generated. */
4593 }
4595 /* Do an initial pass to scan the .debug_types section, if any, and
4596 fill in the signatured types hash table. This lets us handle
4597 mapping from a type signature to a (cooked) DIE offset directly
4598 in get_Form_contents. */
4607 CUConst cc;
4612 /* parse_CU_header initialises the CU's abbv hash table. */
4615 /* Needed by cook_die. */
4621 /* Until proven otherwise we assume we don't need the icc9
4622 workaround in this case; see the DIE-reading loop below
4623 for details. */
4631 }
4634 }
4635 }
4637 /* Perform three DIE-reading passes. The first pass reads DIEs from
4638 alternate .debug_info (if any), the second pass reads DIEs from
4639 .debug_info, and the third pass reads DIEs from .debug_types.
4640 Moving the body of this loop into a separate function would
4641 require a large number of arguments to be passed in, so it is
4642 kept inline instead. */
4644 ULong section_size;
4649 /* Now loop over the Compilation Units listed in the alternate
4650 .debug_info section (see D3SPEC sec 7.5) paras 1 and 2.
4651 Each compilation unit contains a Compilation Unit Header
4652 followed by precisely one DW_TAG_compile_unit or
4653 DW_TAG_partial_unit DIE. */
4660 /* Now loop over the Compilation Units listed in the .debug_info
4661 section (see D3SPEC sec 7.5) paras 1 and 2. Each compilation
4662 unit contains a Compilation Unit Header followed by precisely
4663 one DW_TAG_compile_unit or DW_TAG_partial_unit DIE. */
4679 }
4683 CUConst cc;
4684 /* It may be that the stated size of this CU is larger than the
4685 amount of stuff actually in it. icc9 seems to generate CUs
4686 thusly. We use these variables to figure out if this is
4687 indeed the case, and if so how many bytes we need to skip to
4688 get to the start of the next CU. Not skipping those bytes
4689 causes us to misidentify the start of the next CU, and it all
4690 goes badly wrong after that (not surprisingly). */
4693 /* It seems icc9 finishes the DIE info before debug_info_sz
4694 bytes have been used up. So be flexible, and declare the
4695 sequence complete if there is not enough remaining bytes to
4696 hold even the smallest conceivable CU header. (11 bytes I
4697 reckon). */
4698 /* JRS 23Jan09: I suspect this is no longer necessary now that
4699 the code below contains a 'while (cu_amount_used <
4700 cu_size_including_IniLen ...' style loop, which skips over
4701 any leftover bytes at the end of a CU in the case where the
4702 CU's stated size is larger than its actual size (as
4703 determined by reading all its DIEs). However, for prudence,
4704 I'll leave the following test in place. I can't see that a
4705 CU header can be smaller than 11 bytes, so I don't think
4706 there's any harm possible through the test -- it just adds
4707 robustness. */
4714 }
4717 /* Check the varparser's stack is in a sane state. */
4719 /* Check the typarser's stack is in a sane state. */
4721 }
4726 /* parse_CU_header initialises the CU's hashtable of abbvs ht_abbvs */
4733 }
4749 /* The CU's svma can be deduced by looking at the AT_low_pc
4750 value in the top level TAG_compile_unit, which is the topmost
4751 DIE. We'll leave it for the 'varparser' to acquire that info
4752 and fill it in -- since it is the only party to want to know
4753 it. */
4760 /* Create a fake outermost-level range covering the entire
4761 address range. So we always have *something* to catch all
4762 variable declarations. */
4767 /* And set up the fndn_ix_Table. When we come across the top
4768 level DIE for this CU (which is what the next call to
4769 read_DIE should process) we will copy all the file names out
4770 of the .debug_line img area and use this table to look up the
4771 copies when we later see filename numbers in DW_TAG_variables
4772 etc. */
4774 varparser.fndn_ix_Table
4778 }
4781 /* fndn_ix_Table for the inlined call parser */
4783 inlparser.fndn_ix_Table
4787 }
4789 /* Now read the one-and-only top-level DIE for this CU. */
4802 /* How big the CU claims it is .. */
4804 /* .. vs how big we have found it to be */
4812 /* If the CU is bigger than it claims to be, we've got a serious
4813 problem. */
4817 /* If the CU is smaller than it claims to be, we need to skip some
4818 bytes. Loop updates cu_offset_new and cu_amount_used. */
4825 }
4828 /* Preen to level -2. DIEs have level >= 0 so -2 cannot occur
4829 anywhere else at all. Our fake the-entire-address-space
4830 range is at level -1, so preening to -2 should completely
4831 empty the stack out. */
4834 /* Similarly, empty the type stack out. */
4836 }
4842 }
4847 }
4852 /* else keep going */
4853 }
4854 }
4858 /* From here on we're post-processing the stuff we got
4859 out of the .debug_info section. */
4865 }
4874 }
4880 /* Copy all the non-INDIR tyents into a new table. For large
4881 .so's, about 90% of the tyents will by now have been resolved to
4882 INDIRs, and we no longer need them, and so don't need to store
4883 them. */
4884 tyents_to_keep
4893 }
4900 /* Sort tyents_to_keep so we can lookup in it. A complete (if
4901 minor) waste of time, since tyents itself is sorted, but
4902 necessary since VG_(lookupXA) refuses to cooperate if we
4903 don't. */
4907 /* Enable cacheing on tyents_to_keep */
4908 tyents_to_keep_cache
4913 /* And record the tyents in the DebugInfo. We do this before
4914 starting to hand variables to ML_(addVar), since if ML_(addVar)
4915 wants to do debug printing (of the types of said vars) then it
4916 will need the tyents.*/
4920 /* Bias all the location expressions. */
4928 }
4933 /* Park (pointers to) all the vars in an XArray, so we can look up
4934 abstract origins quickly. The array is sorted (hence, looked-up
4935 by) the .dioff fields. Since the .dioffs should be in strictly
4936 ascending order, there is no need to sort the array after
4937 construction. The ascendingness is however asserted for. */
4938 dioff_lookup_tab
4947 first_primary_var++) {
4951 }
4957 /* why should this hold? Only, I think, because we've
4958 constructed the array by reading .debug_info sequentially,
4959 and so the array .dioff fields should reflect that, and be
4960 strictly ascending. */
4962 }
4964 }
4968 /* Now visit each var. Collect up as much info as possible for
4969 each var and hand it to ML_(addVar). */
4975 /* Possibly show .. */
4985 }
4991 }
4999 }
5006 }
5008 /* Skip variables which have no location. These must be
5009 abstract instances; they are useless as-is since with no
5010 location they have no specified memory location. They will
5011 presumably be referred to via the absOri fields of other
5012 variables. */
5016 }
5018 /* So it has a location, at least. If it refers to some other
5019 entry through its absOri field, pull in further info through
5020 that. */
5022 Bool found;
5024 TempVar key;
5032 /* barf("DW_AT_abstract_origin can't be resolved"); */
5035 }
5036 /* If the following fails, there is more than one entry with
5037 the same dioff. Which can't happen. */
5040 /* stay sane */
5044 /* Copy what useful info we can. */
5053 }
5055 /* Give it a name if it doesn't have one. */
5059 /* So now does it have enough info to be useful? */
5060 /* NOTE: re typeR: this is a hack. If typeR is Te_UNKNOWN then
5061 the type didn't get resolved. Really, in that case
5062 something's broken earlier on, and should be fixed, rather
5063 than just skipping the variable. */
5065 tyents_to_keep_cache,
5067 /* The next two assertions should be guaranteed by
5068 our previous call to resolve_variable_types. */
5079 /* Ok. So we're going to keep it. Call ML_(addVar) once for
5080 each address range in which the variable exists. */
5084 Word nVarPcRanges;
5085 /* Set up to iterate over address ranges, however
5086 represented. */
5092 }
5105 }
5108 /* and iterate */
5113 /* Level 0 is the global address range. So at level 0 we
5114 don't want to bias pcMin/pcMax; but at all other levels
5115 we do since those are derived from svmas in the Dwarf
5116 we're reading. Be paranoid ... */
5121 /* vg_assert(pcMin > (Addr)0);
5122 No .. we can legitimately expect to see ranges like
5123 0x0-0x11D (pre-biasing, of course). */
5125 }
5127 /* Apply text biasing, for non-global variables. */
5131 }
5143 );
5144 }
5145 }
5148 /* and move on to the next var */
5149 }
5151 /* Now free all the TempVars */
5156 }
5160 /* and the temp lookup table */
5163 /* and the ranges tree. Note that we need to also free the XArrays
5164 which constitute the keys, hence pass VG_(deleteXA) as a
5165 key-finalizer. */
5168 /* and the tyents_to_keep cache */
5174 /* And the signatured type hash. */
5177 /* record the GExprs in di so they can be freed later */
5180 }
5182 // Free up dynamically allocated memory
5186 }
5187 }
5190 /*------------------------------------------------------------*/
5191 /*--- ---*/
5192 /*--- The "new" DWARF3 reader -- top level control logic ---*/
5193 /*--- ---*/
5194 /*------------------------------------------------------------*/
5204 /*NOTREACHED*/
5206 }
5209 void
5217 DiSlice escn_debug_str_alt
5218 )
5219 {
5223 /* Run the _wrk function to read the dwarf3. If it succeeds, it
5224 just returns normally. If there is any failure, it longjmp's
5225 back here, having first set d3rd_jmpbuf_reason to something
5226 useful. */
5233 /* try this ... */
5240 escn_debug_str_alt );
5244 /* It longjmp'd. */
5246 /* Can't longjump without giving some sort of reason. */
5252 }
5256 }
5260 /* --- Unused code fragments which might be useful one day. --- */
5262 #if 0
5263 /* Read the arange tables */
5271 Bool is64;
5272 UShort version;
5277 /* Read one arange thingy */
5278 /* initial_length field */
5295 }
5301 }
5302 }
5304 #endif
5308 /*--------------------------------------------------------------------*/
5309 /*--- end ---*/
5310 /*--------------------------------------------------------------------*/