• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /* -*- mode: C; c-basic-offset: 3; -*- */
2 
3 /*--------------------------------------------------------------------*/
4 /*--- Read DWARF1/2/3/4 debug info.                    readdwarf.c ---*/
5 /*--------------------------------------------------------------------*/
6 
7 /*
8    This file is part of Valgrind, a dynamic binary instrumentation
9    framework.
10 
11    Copyright (C) 2000-2017 Julian Seward
12       jseward@acm.org
13 
14    This program is free software; you can redistribute it and/or
15    modify it under the terms of the GNU General Public License as
16    published by the Free Software Foundation; either version 2 of the
17    License, or (at your option) any later version.
18 
19    This program is distributed in the hope that it will be useful, but
20    WITHOUT ANY WARRANTY; without even the implied warranty of
21    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
22    General Public License for more details.
23 
24    You should have received a copy of the GNU General Public License
25    along with this program; if not, write to the Free Software
26    Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
27    02111-1307, USA.
28 
29    The GNU General Public License is contained in the file COPYING.
30 */
31 
32 #if defined(VGO_linux) || defined(VGO_darwin) || defined(VGO_solaris)
33 
34 #include "pub_core_basics.h"
35 #include "pub_core_debuginfo.h"
36 #include "pub_core_libcbase.h"
37 #include "pub_core_libcassert.h"
38 #include "pub_core_libcprint.h"
39 #include "pub_core_options.h"
40 #include "pub_core_xarray.h"
41 #include "pub_core_tooliface.h"    /* VG_(needs) */
42 #include "priv_misc.h"             /* dinfo_zalloc/free/strdup */
43 #include "priv_image.h"
44 #include "priv_d3basics.h"
45 #include "priv_tytypes.h"
46 #include "priv_storage.h"
47 #include "priv_readdwarf.h"        /* self */
48 
49 
50 /*------------------------------------------------------------*/
51 /*---                                                      ---*/
52 /*--- Read line number and CFI info from DWARF1, DWARF2    ---*/
53 /*--- and to some extent DWARF3 sections.                  ---*/
54 /*---                                                      ---*/
55 /*------------------------------------------------------------*/
56 
57 /* The below "safe_*ix" functions allow to resist to malformed dwarf info:
58    if dwarf info contains wrong file or dirname indexes, these are (silently!)
59    ignored. */
60 
61 /* if xa_ix is a valid index in fndn_ix_xa,
62     return the element (i.e. the UInt indexing in fndnpool).
63    If xa_ix is invalid, return 0 (i.e. the "null" element in fndnpool). */
safe_fndn_ix(XArray * fndn_ix_xa,Int xa_ix)64 static UInt safe_fndn_ix (XArray* fndn_ix_xa, Int xa_ix)
65 {
66    if (xa_ix < 0) return 0;
67    if (xa_ix >= VG_(sizeXA) (fndn_ix_xa)) return 0;
68    return *(UInt*)VG_(indexXA) ( fndn_ix_xa, xa_ix );
69 }
70 
71 /* if xa_ix is a valid index in dirname_xa,
72     return the element (i.e. the HChar*).
73    If xa_ix is invalid, return NULL. */
safe_dirname_ix(XArray * dirname_xa,Int xa_ix)74 static const HChar* safe_dirname_ix (XArray* dirname_xa, Int xa_ix)
75 {
76    if (xa_ix < 0) return NULL;
77    if (xa_ix >= VG_(sizeXA) (dirname_xa)) return NULL;
78    return *(HChar**)VG_(indexXA) ( dirname_xa, xa_ix );
79 }
80 
81 /*------------------------------------------------------------*/
82 /*--- Read DWARF2 format line number info.                 ---*/
83 /*------------------------------------------------------------*/
84 
85 /* Structure holding info extracted from the a .debug_line
86    section.  */
87 typedef struct
88 {
89   ULong  li_length;
90   UShort li_version;
91   ULong  li_header_length;
92   UChar  li_min_insn_length;
93   UChar  li_max_ops_per_insn;
94   Int    li_line_base;
95   UChar  li_line_range;
96   UChar  li_opcode_base;
97 }
98 DebugLineInfo;
99 
100 /* Structure holding additional infos found from a .debug_info
101  * compilation unit block */
102 typedef struct
103 {
104   /* Feel free to add more members here if you need ! */
105   DiCursor compdir;  /* Compilation directory - points to .debug_info */
106   DiCursor name;     /* Main file name - points to .debug_info */
107   ULong    stmt_list; /* Offset in .debug_line */
108   Bool     dw64;      /* 64-bit Dwarf? */
109 }
110 UnitInfo;
111 
112 /* Line number opcodes.  */
113 enum dwarf_line_number_ops
114   {
115     DW_LNS_extended_op = 0,
116     DW_LNS_copy = 1,
117     DW_LNS_advance_pc = 2,
118     DW_LNS_advance_line = 3,
119     DW_LNS_set_file = 4,
120     DW_LNS_set_column = 5,
121     DW_LNS_negate_stmt = 6,
122     DW_LNS_set_basic_block = 7,
123     DW_LNS_const_add_pc = 8,
124     DW_LNS_fixed_advance_pc = 9,
125     /* DWARF 3.  */
126     DW_LNS_set_prologue_end = 10,
127     DW_LNS_set_epilogue_begin = 11,
128     DW_LNS_set_isa = 12
129   };
130 
131 /* Line number extended opcodes.  */
132 enum dwarf_line_number_x_ops
133   {
134     DW_LNE_end_sequence = 1,
135     DW_LNE_set_address = 2,
136     DW_LNE_define_file = 3,
137     DW_LNE_set_discriminator = 4
138   };
139 
140 typedef struct
141 {
142   /* Information for the last statement boundary.
143    * Needed to calculate statement lengths. */
144   Addr  last_address;
145   UInt  last_file;
146   UInt  last_line;
147 
148   Addr  address;
149   UInt  file;
150   UInt  line;
151   UInt  column;
152   Int   basic_block;
153   UChar end_sequence;
154 } LineSMR;
155 
156 
157 /* FIXME: duplicated in readdwarf3.c */
158 /* Read a 'leb128' and advance *data accordingly. */
step_leb128(DiCursor * data,Int sign)159 static ULong step_leb128 ( DiCursor* data, Int sign )
160 {
161    ULong  result = 0;
162    Int    shift = 0;
163    UChar  byte;
164 
165    vg_assert(sign == 0 || sign == 1);
166 
167    do {
168       byte = ML_(cur_step_UChar)(data);
169       result |= ((ULong)(byte & 0x7f)) << shift;
170       shift += 7;
171    }
172    while (byte & 0x80);
173 
174    if (sign && (shift < 64) && (byte & 0x40))
175       result |= -(1ULL << shift);
176 
177    return result;
178 }
179 
180 /* FIXME: duplicated in readdwarf3.c */
step_leb128U(DiCursor * data)181 static ULong step_leb128U( DiCursor* data ) {
182    return step_leb128( data, 0 );
183 }
184 
185 /* FIXME: duplicated in readdwarf3.c */
step_leb128S(DiCursor * data)186 static Long step_leb128S( DiCursor* data ) {
187    return step_leb128( data, 1 );
188 }
189 
190 /* Read what the DWARF3 spec calls an "initial length field".  This
191    uses up either 4 or 12 bytes of the input and produces a 32-bit or
192    64-bit number respectively.
193 
194    Read 32-bit value from p.  If it is 0xFFFFFFFF, instead read a
195    64-bit bit value from p+4.  This is used in 64-bit dwarf to encode
196    some table lengths.  Advance the cursor (p) accordingly.
197 
198    XXX this is a hack: the endianness of the initial length field is
199    specified by the DWARF we're reading.  This happens to work only
200    because we don't do cross-arch jitting, hence this code runs on a
201    platform of the same endianness as the DWARF it is reading.  Same
202    applies for initial lengths for CIE/FDEs and probably in zillions
203    of other places -- to be precise, exactly the places where
204    binutils/dwarf.c calls byte_get().
205 */
206 static
step_initial_length_field(DiCursor * p_img,Bool * is64)207 ULong step_initial_length_field ( DiCursor* p_img, /*OUT*/Bool* is64 )
208 {
209    UInt w32 = ML_(cur_step_UInt)(p_img);
210    if (w32 == 0xFFFFFFFF) {
211       *is64 = True;
212       return ML_(cur_step_ULong)(p_img);
213    } else {
214       *is64 = False;
215       return (ULong)w32;
216    }
217 }
218 
219 static
read_initial_length_field(DiCursor p_img,Bool * is64)220 ULong read_initial_length_field ( DiCursor p_img, /*OUT*/Bool* is64 )
221 {
222    /* Something of a roundabout approach .. the modification to p_img
223       is abandoned. */
224    return step_initial_length_field( &p_img, is64 );
225 }
226 
227 
228 static LineSMR state_machine_regs;
229 
230 static
reset_state_machine(void)231 void reset_state_machine ( void )
232 {
233    if (0) VG_(printf)("smr.a := %p (reset)\n", NULL );
234    state_machine_regs.last_address = 0;
235    state_machine_regs.last_file = 1;
236    state_machine_regs.last_line = 1;
237    state_machine_regs.address = 0;
238    state_machine_regs.file = 1;
239    state_machine_regs.line = 1;
240    state_machine_regs.column = 0;
241    state_machine_regs.basic_block = 0;
242    state_machine_regs.end_sequence = 0;
243 }
244 
245 ////////////////////////////////////////////////////////////////////
246 ////////////////////////////////////////////////////////////////////
247 
248 /* Handled an extended line op starting at *data, and advance *data
249    accordingly. */
250 static
process_extended_line_op(struct _DebugInfo * di,XArray * fndn_ix_xa,DiCursor * data)251 void process_extended_line_op( struct _DebugInfo* di,
252                                XArray* fndn_ix_xa,
253                                DiCursor* data )
254 {
255    UInt len = step_leb128U(data);
256    if (len == 0) {
257       VG_(message)(Vg_UserMsg,
258                    "Warning: DWARF2 reader: "
259                    "Badly formed extended line op encountered\n");
260       return;
261    }
262 
263    UChar op_code = ML_(cur_step_UChar)(data);
264    if (0) VG_(printf)("dwarf2: ext OPC: %d\n", op_code);
265 
266    switch (op_code) {
267       case DW_LNE_end_sequence:
268          if (0) VG_(printf)("1001: si->o %#lx, smr.a %#lx\n",
269                             (UWord)di->text_debug_bias,
270                             state_machine_regs.address );
271          /* JRS: added for compliance with spec; is pointless due to
272             reset_state_machine below */
273          state_machine_regs.end_sequence = 1;
274 
275          if (state_machine_regs.last_address) {
276             ML_(addLineInfo)(
277                di,
278                safe_fndn_ix(fndn_ix_xa,
279                             state_machine_regs.last_file),
280                di->text_debug_bias + state_machine_regs.last_address,
281                di->text_debug_bias + state_machine_regs.address,
282                state_machine_regs.last_line, 0
283             );
284          }
285          reset_state_machine();
286          if (di->ddump_line)
287             VG_(printf)("  Extended opcode %d: End of Sequence\n\n",
288                         (Int)op_code);
289          break;
290 
291       case DW_LNE_set_address: {
292          Addr adr = ML_(cur_step_Addr)(data);
293          state_machine_regs.address = adr;
294          if (di->ddump_line)
295             VG_(printf)("  Extended opcode %d: set Address to 0x%lx\n",
296                         (Int)op_code, (Addr)adr);
297          break;
298       }
299 
300       case DW_LNE_define_file: {
301          HChar* name = ML_(cur_step_strdup)(data, "di.pelo.1");
302          UInt fndn_ix = ML_(addFnDn) (di, name, NULL);
303          VG_(addToXA) (fndn_ix_xa, &fndn_ix);
304          ML_(dinfo_free)(name);
305          (void)step_leb128U(data); // ignored: dir index
306          (void)step_leb128U(data); // ignored: mod time
307          (void)step_leb128U(data); // ignored: file size
308          if (di->ddump_line)
309             VG_(printf)("  DWARF2-line: set_address\n");
310          break;
311       }
312 
313       case DW_LNE_set_discriminator:
314          (void)step_leb128U(data); // ignored: new 'discriminator' value
315          break;
316 
317       default:
318          if (di->ddump_line)
319             VG_(printf)("process_extended_line_op:default\n");
320          break;
321    }
322 }
323 
324 ////////////////////////////////////////////////////////////////////
325 ////////////////////////////////////////////////////////////////////
326 
327 /* read a .debug_line section block for a compilation unit
328  *
329  * Input:   - theBlock must point to the start of the block
330  *            for the given compilation unit
331  *          - ui contains additional info like the compilation dir
332  *            for this unit
333  *
334  * Output: - si debug info structures get updated
335  */
336 static
read_dwarf2_lineblock(struct _DebugInfo * di,const UnitInfo * ui,DiCursor theBlock,Int noLargerThan)337 void read_dwarf2_lineblock ( struct _DebugInfo* di,
338                              const UnitInfo* ui,
339                              DiCursor  theBlock, /* IMAGE */
340                              Int       noLargerThan )
341 {
342    Int            i;
343    DebugLineInfo  info;
344    Bool           is64;
345    XArray*        fndn_ix_xa; /* xarray of UInt fndn_ix */
346    UInt           fndn_ix;
347    XArray*        dirname_xa;   /* xarray of const HChar* dirname */
348    const HChar*   dirname;
349 
350    DiCursor       external = theBlock;
351    DiCursor       data = theBlock;
352 
353    /* fndn_ix_xa is an xarray of fndn_ix (indexes in di->fndnpool) which
354       are build from file names harvested from the DWARF2
355       info.  Entry [0] is the "null" pool index and is never referred to
356       by the state machine.
357 
358       Similarly, dirname_xa is an xarray of directory names.  Entry [0]
359       is also NULL and denotes "we don't know what the path is", since
360       that is different from "the path is the empty string".  Unlike
361       the fndn_ix_xa table, the state machine does refer to entry [0],
362       which basically means "." ("the current directory of the
363       compilation", whatever that means, according to the DWARF3
364       spec.)
365    */
366 
367    /* Fails due to gcc padding ...
368    vg_assert(sizeof(DWARF2_External_LineInfo)
369              == sizeof(DWARF2_Internal_LineInfo));
370    */
371 
372    dirname_xa = VG_(newXA) (ML_(dinfo_zalloc), "di.rd2l.1", ML_(dinfo_free),
373                             sizeof(HChar*) );
374    fndn_ix_xa = VG_(newXA) (ML_(dinfo_zalloc), "di.rd2l.2", ML_(dinfo_free),
375                             sizeof(UInt) );
376 
377    /* DWARF2 starts numbering filename entries at 1, so we need to
378       add a dummy zeroth entry to the table. */
379    fndn_ix = 0; // 0 is the "null" index in a fixed pool.
380    VG_(addToXA) (fndn_ix_xa, &fndn_ix);
381 
382    if (ML_(cur_is_valid)(ui->compdir))
383       dirname = ML_(addStrFromCursor)(di, ui->compdir);
384    else
385       dirname = ML_(addStr)(di, ".", -1);
386    VG_(addToXA) (dirname_xa, &dirname);
387 
388    info.li_length = step_initial_length_field( &external, &is64 );
389    if (di->ddump_line)
390       VG_(printf)("  Length:                      %llu\n",
391                   info.li_length);
392 
393    /* Check the length of the block.  */
394    if (info.li_length > noLargerThan) {
395       ML_(symerr)(di, True,
396                   "DWARF line info appears to be corrupt "
397                   "- the section is too small");
398       goto out;
399    }
400 
401    /* Check its version number.  */
402    info.li_version = ML_(cur_step_UShort)(&external);
403    if (di->ddump_line)
404       VG_(printf)("  DWARF Version:               %d\n",
405                   (Int)info.li_version);
406 
407    if (info.li_version != 2 && info.li_version != 3 && info.li_version != 4) {
408       ML_(symerr)(di, True,
409                   "Only DWARF version 2, 3 and 4 line info "
410                   "is currently supported.");
411       goto out;
412    }
413 
414    info.li_header_length = is64 ? ML_(cur_step_ULong)(&external)
415                                 : (ULong)(ML_(cur_step_UInt)(&external));
416    if (di->ddump_line)
417       VG_(printf)("  Prologue Length:             %llu\n",
418                   info.li_header_length);
419 
420    info.li_min_insn_length = ML_(cur_step_UChar)(&external);
421    if (di->ddump_line)
422       VG_(printf)("  Minimum Instruction Length:  %d\n",
423                   (Int)info.li_min_insn_length);
424 
425    /* We only support machines with one opcode per instruction
426       for now. If we ever want to support VLIW machines there is
427       code to handle multiple opcodes per instruction in the
428       patch attached to BZ#233595.
429    */
430    if (info.li_version >= 4) {
431       info.li_max_ops_per_insn = ML_(cur_step_UChar)(&external);
432       if (info.li_max_ops_per_insn != 1) {
433          ML_(symerr)(di, True,
434                      "Invalid Maximum Ops Per Insn in line info.");
435          goto out;
436       }
437       if (di->ddump_line)
438          VG_(printf)("  Maximum Ops Per Insn:        %d\n",
439                   (Int)info.li_max_ops_per_insn);
440    } else {
441       info.li_max_ops_per_insn = 1;
442    }
443 
444    /* Register is_stmt is not tracked as we are interested only
445       in pc -> line info mapping and not other debugger features. */
446    /* default_is_stmt = */ ML_(cur_step_UChar)(&external);
447 
448    /* JRS: changed (UInt*) to (UChar*) */
449    info.li_line_base = ML_(cur_step_UChar)(&external);
450    info.li_line_base = (Int)(Char)info.li_line_base;
451    if (di->ddump_line)
452       VG_(printf)("  Line Base:                   %d\n",
453                   info.li_line_base);
454 
455    info.li_line_range = ML_(cur_step_UChar)(&external);
456    if (di->ddump_line)
457       VG_(printf)("  Line Range:                  %d\n",
458                   (Int)info.li_line_range);
459 
460    info.li_opcode_base = ML_(cur_step_UChar)(&external);
461    if (di->ddump_line)
462       VG_(printf)("  Opcode Base:                 %d\n\n",
463                   info.li_opcode_base);
464 
465    if (0) VG_(printf)("dwarf2: line base: %d, range %d, opc base: %d\n",
466                       (Int)info.li_line_base,
467                       (Int)info.li_line_range,
468                       (Int)info.li_opcode_base);
469 
470    DiCursor end_of_sequence
471      = ML_(cur_plus)(data, info.li_length + (is64 ? 12 : 4));
472 
473    reset_state_machine();
474 
475    /* Read the contents of the Opcodes table.  */
476    DiCursor standard_opcodes = external;
477    if (di->ddump_line) {
478       VG_(printf)(" Opcodes:\n");
479       for (i = 1; i < (Int)info.li_opcode_base; i++) {
480          VG_(printf)("  Opcode %d has %d args\n",
481                      i, (Int)ML_(cur_read_UChar)(
482                                 ML_(cur_plus)(standard_opcodes,
483                                               (i-1) * sizeof(UChar)) ));
484       }
485       VG_(printf)("\n");
486    }
487    /* skip over "standard_opcode_lengths" */
488    data = ML_(cur_plus)(standard_opcodes, info.li_opcode_base - 1);
489 
490    /* Read the contents of the Directory table.  */
491    if (di->ddump_line)
492       VG_(printf)(" The Directory Table%s\n",
493                   ML_(cur_read_UChar)(data) == 0 ? " is empty." : ":" );
494 
495    while (ML_(cur_read_UChar)(data) != 0) {
496 
497       HChar* data_str = ML_(cur_read_strdup)(data, "di.rd2l.1");
498       if (di->ddump_line)
499          VG_(printf)("  %s\n", data_str);
500 
501       /* If data[0] is '/', then 'data' is an absolute path and we
502          don't mess with it.  Otherwise, construct the
503          path 'ui->compdir' ++ "/" ++ 'data'. */
504 
505       if (data_str[0] != '/'
506           /* not an absolute path */
507           && ML_(cur_is_valid)(ui->compdir)
508           /* actually got something sensible for compdir */
509           && ML_(cur_strlen)(ui->compdir))
510       {
511          HChar* compdir_str = ML_(cur_read_strdup)(ui->compdir, "di.rd2l.1b");
512          SizeT  len = VG_(strlen)(compdir_str) + 1 + VG_(strlen)(data_str);
513          HChar *buf = ML_(dinfo_zalloc)("di.rd2l.1c", len + 1);
514 
515          VG_(strcpy)(buf, compdir_str);
516          VG_(strcat)(buf, "/");
517          VG_(strcat)(buf, data_str);
518 
519          dirname = ML_(addStr)(di, buf, len);
520          VG_(addToXA) (dirname_xa, &dirname);
521          if (0) VG_(printf)("rel path  %s\n", buf);
522          ML_(dinfo_free)(compdir_str);
523          ML_(dinfo_free)(buf);
524       } else {
525          /* just use 'data'. */
526          dirname = ML_(addStr)(di,data_str,-1);
527          VG_(addToXA) (dirname_xa, &dirname);
528          if (0) VG_(printf)("abs path  %s\n", data_str);
529       }
530 
531       data = ML_(cur_plus)(data, VG_(strlen)(data_str) + 1);
532       ML_(dinfo_free)(data_str);
533    }
534 
535    if (di->ddump_line)
536       VG_(printf)("\n");
537 
538    if (ML_(cur_read_UChar)(data) != 0) {
539       ML_(symerr)(di, True,
540                   "can't find NUL at end of DWARF2 directory table");
541       goto out;
542    }
543    data = ML_(cur_plus)(data, 1);
544 
545    /* Read the contents of the File Name table.  This produces a bunch
546       of fndn_ix in fndn_ix_xa. */
547    if (di->ddump_line) {
548       VG_(printf)(" The File Name Table:\n");
549       VG_(printf)("  Entry	Dir	Time	Size	Name\n");
550    }
551 
552    i = 1;
553    while (ML_(cur_read_UChar)(data) != 0) {
554       HChar* name    = ML_(cur_step_strdup)(&data, "di.rd2l.2");
555       Int    diridx  = step_leb128U(&data);
556       Int    uu_time = step_leb128U(&data); /* unused */
557       Int    uu_size = step_leb128U(&data); /* unused */
558 
559       dirname = safe_dirname_ix( dirname_xa, diridx );
560       fndn_ix = ML_(addFnDn) (di, name, dirname);
561       VG_(addToXA) (fndn_ix_xa, &fndn_ix);
562       if (0) VG_(printf)("file %s diridx %d\n", name, diridx );
563       if (di->ddump_line)
564          VG_(printf)("  %d\t%d\t%d\t%d\t%s\n",
565                      i, diridx, uu_time, uu_size, name);
566       i++;
567       ML_(dinfo_free)(name);
568    }
569 
570    if (di->ddump_line)
571       VG_(printf)("\n");
572 
573    if (ML_(cur_read_UChar)(data) != 0) {
574       ML_(symerr)(di, True,
575                   "can't find NUL at end of DWARF2 file name table");
576       goto out;
577    }
578    data = ML_(cur_plus)(data, 1);
579 
580    if (di->ddump_line)
581       VG_(printf)(" Line Number Statements:\n");
582 
583    /* Now display the statements.  */
584 
585    while (ML_(cur_cmpLT)(data, end_of_sequence)) {
586       UChar op_code = ML_(cur_step_UChar)(&data);
587 
588       if (0) VG_(printf)("dwarf2: OPC: %d\n", op_code);
589 
590       if (op_code >= info.li_opcode_base) {
591          op_code -= info.li_opcode_base;
592          Word adv = (op_code / info.li_line_range)
593                        * info.li_min_insn_length;
594          Int advAddr = adv;
595          state_machine_regs.address += adv;
596 
597          if (0) VG_(printf)("smr.a += %#lx\n", (UWord)adv );
598          adv = (op_code % info.li_line_range) + info.li_line_base;
599          if (0) VG_(printf)("1002: di->o %#lx, smr.a %#lx\n",
600                             (UWord)di->text_debug_bias,
601                             state_machine_regs.address );
602          state_machine_regs.line += adv;
603 
604          if (di->ddump_line)
605             VG_(printf)("  Special opcode %d: advance Address by %d "
606                         "to 0x%lx and Line by %d to %d\n",
607                         (Int)op_code, advAddr, state_machine_regs.address,
608                         (Int)adv, (Int)state_machine_regs.line );
609 
610          /* only add a statement if there was a previous boundary */
611          if (state_machine_regs.last_address) {
612             ML_(addLineInfo)(
613                di,
614                safe_fndn_ix(fndn_ix_xa,
615                             state_machine_regs.last_file),
616                di->text_debug_bias + state_machine_regs.last_address,
617                di->text_debug_bias + state_machine_regs.address,
618                state_machine_regs.last_line,
619                0
620             );
621          }
622          state_machine_regs.last_address = state_machine_regs.address;
623          state_machine_regs.last_file = state_machine_regs.file;
624          state_machine_regs.last_line = state_machine_regs.line;
625       }
626 
627       else { /* ! (op_code >= info.li_opcode_base) */
628 
629       switch (op_code) {
630          case DW_LNS_extended_op:
631             process_extended_line_op(di, fndn_ix_xa, &data);
632             break;
633 
634          case DW_LNS_copy:
635             if (0) VG_(printf)("1002: di->o %#lx, smr.a %#lx\n",
636                                (UWord)di->text_debug_bias,
637                                state_machine_regs.address );
638             /* only add a statement if there was a previous boundary */
639             if (state_machine_regs.last_address) {
640                ML_(addLineInfo)(
641                   di,
642                   safe_fndn_ix(fndn_ix_xa,
643                                state_machine_regs.last_file),
644                   di->text_debug_bias + state_machine_regs.last_address,
645                   di->text_debug_bias + state_machine_regs.address,
646                   state_machine_regs.last_line,
647                   0
648                );
649             }
650             state_machine_regs.last_address = state_machine_regs.address;
651             state_machine_regs.last_file = state_machine_regs.file;
652             state_machine_regs.last_line = state_machine_regs.line;
653             state_machine_regs.basic_block = 0; /* JRS added */
654             if (di->ddump_line)
655                VG_(printf)("  Copy\n");
656             break;
657 
658          case DW_LNS_advance_pc: {
659             UWord adv = info.li_min_insn_length * step_leb128U(&data);
660             state_machine_regs.address += adv;
661             if (0) VG_(printf)("smr.a += %#lx\n", adv );
662             if (di->ddump_line)
663                VG_(printf)("  Advance PC by %lu to 0x%lx\n",
664                            adv, state_machine_regs.address);
665             break;
666          }
667          case DW_LNS_advance_line: {
668             Word adv = step_leb128S(&data);
669             state_machine_regs.line += adv;
670             if (di->ddump_line)
671                VG_(printf)("  Advance Line by %ld to %d\n",
672                            adv, (Int)state_machine_regs.line);
673             break;
674          }
675          case DW_LNS_set_file: {
676             Word adv = step_leb128U(&data);
677             state_machine_regs.file = adv;
678             if (di->ddump_line)
679                VG_(printf)("  Set File Name to entry %ld in the "
680                            "File Name Table\n", adv);
681             break;
682          }
683          case DW_LNS_set_column: {
684             Word adv = step_leb128U(&data);
685             state_machine_regs.column = adv;
686             if (di->ddump_line)
687                VG_(printf)("  Set column to %ld\n", adv);
688             break;
689          }
690          case DW_LNS_negate_stmt: {
691             if (di->ddump_line)
692                VG_(printf)("  DWARF2-line: negate_stmt\n");
693             break;
694          }
695          case DW_LNS_set_basic_block: {
696             state_machine_regs.basic_block = 1;
697             if (di->ddump_line)
698                VG_(printf)("  DWARF2-line: set_basic_block\n");
699             break;
700          }
701          case DW_LNS_const_add_pc: {
702             Word adv = (((255 - info.li_opcode_base) / info.li_line_range)
703                           * info.li_min_insn_length);
704             state_machine_regs.address += adv;
705             if (0) VG_(printf)("smr.a += %#lx\n", (UWord)adv );
706             if (di->ddump_line)
707                VG_(printf)("  Advance PC by constant %ld to 0x%lx\n",
708                            adv, (Addr)state_machine_regs.address);
709             break;
710          }
711          case DW_LNS_fixed_advance_pc: {
712             /* XXX: Need something to get 2 bytes */
713             UWord adv = ML_(cur_step_UShort)(&data);
714             state_machine_regs.address += adv;
715             if (0) VG_(printf)("smr.a += %#lx\n", adv );
716             if (di->ddump_line)
717                VG_(printf)("  DWARF2-line: fixed_advance_pc\n");
718             break;
719          }
720          case DW_LNS_set_prologue_end:
721             if (di->ddump_line)
722                VG_(printf)("  DWARF2-line: set_prologue_end\n");
723             break;
724 
725          case DW_LNS_set_epilogue_begin:
726             if (di->ddump_line)
727                VG_(printf)("  DWARF2-line: set_epilogue_begin\n");
728             break;
729 
730          case DW_LNS_set_isa:
731             (void)step_leb128U(&data);
732             if (di->ddump_line)
733                VG_(printf)("  DWARF2-line: set_isa\n");
734             break;
735 
736          default: {
737             Int j;
738             for (j = (Int)ML_(cur_read_UChar)(
739                              ML_(cur_plus)(standard_opcodes,
740                                            (op_code-1) * sizeof(UChar)));
741                  j > 0 ; --j) {
742                step_leb128U(&data);
743             }
744             if (di->ddump_line)
745                VG_(printf)("  Unknown opcode %d\n", (Int)op_code);
746             break;
747          }
748       } /* switch (op_code) */
749 
750       } /* if (op_code >= info.li_opcode_base) */
751 
752    } /* while (data < end_of_sequence) */
753 
754    if (di->ddump_line)
755       VG_(printf)("\n");
756 
757   out:
758    VG_(deleteXA)(dirname_xa);
759    VG_(deleteXA)(fndn_ix_xa);
760 }
761 
762 ////////////////////////////////////////////////////////////////////
763 ////////////////////////////////////////////////////////////////////
764 
765 /* Return abbrev for given code
766  * Returned cursor points to the tag
767  * */
lookup_abbrev(DiCursor p,ULong acode)768 static DiCursor lookup_abbrev( DiCursor p, ULong acode )
769 {
770    while (1) {
771       ULong code = step_leb128U(&p);
772       if (code == acode)
773          return p;
774       (void)step_leb128U(&p);  /* skip tag */
775       p = ML_(cur_plus)(p,1);  /* skip has_children flag */
776       ULong name;
777       do {
778          name = step_leb128U(&p); /* name */
779          (void)step_leb128U(&p);  /* form */
780       }
781       while (name != 0); /* until name == form == 0 */
782    }
783 }
784 
785 /* Read general information for a particular compile unit block in
786  * the .debug_info section. In particular read the name, compdir and
787  * stmt_list needed to parse the line number information.
788  *
789  * Input: - unitblock is the start of a compilation
790  *          unit block in .debuginfo section
791  *        - debugabbrev is start of .debug_abbrev section
792  *        - debugstr is start of .debug_str section
793  *        - debugstr_alt_img is start of .debug_str section in alt debug file
794  *
795  * Output: Fill members of ui pertaining to the compilation unit:
796  *         - ui->name is the name of the compilation unit
797  *         - ui->compdir is the compilation unit directory
798  *         - ui->stmt_list is the offset in .debug_line section
799  *                for the dbginfos of this compilation unit
800  *
801  * Note : the output strings are not allocated and point
802  * directly to the memory-mapped section.
803  */
804 static
read_unitinfo_dwarf2(UnitInfo * ui,DiCursor unitblock_img,DiCursor debugabbrev_img,DiCursor debugstr_img,DiCursor debugstr_alt_img)805 void read_unitinfo_dwarf2( /*OUT*/UnitInfo* ui,
806                                   DiCursor  unitblock_img,
807                                   DiCursor  debugabbrev_img,
808                                   DiCursor  debugstr_img,
809                                   DiCursor  debugstr_alt_img )
810 {
811    UInt   acode, abcode;
812    ULong  atoffs, blklen;
813    UShort ver;
814 
815    UChar    addr_size;
816    DiCursor p = unitblock_img;
817    DiCursor end_img;
818    DiCursor abbrev_img;
819 
820    VG_(memset)( ui, 0, sizeof( UnitInfo ) );
821    ui->stmt_list = -1LL;
822 
823    /* Read the compilation unit header in .debug_info section - See p 70 */
824 
825    /* This block length */
826    blklen = step_initial_length_field( &p, &ui->dw64 );
827 
828    /* version should be 2, 3 or 4 */
829    ver = ML_(cur_step_UShort)(&p);
830 
831    /* get offset in abbrev */
832    atoffs = ui->dw64 ? ML_(cur_step_ULong)(&p)
833                      : (ULong)(ML_(cur_step_UInt)(&p));
834 
835    /* Address size */
836    addr_size = ML_(cur_step_UChar)(&p);
837 
838    /* End of this block */
839    end_img = ML_(cur_plus)(unitblock_img, blklen + (ui->dw64 ? 12 : 4));
840 
841    /* Abbreviation data for this block */
842    abbrev_img = ML_(cur_plus)(debugabbrev_img, atoffs);
843 
844    /* Read the compilation unit entry - this is always the first DIE.
845     * See DWARF4 para 7.5. */
846    if (ML_(cur_cmpLT)(p, end_img)) {
847       UInt tag;
848 
849       acode = step_leb128U( &p ); /* abbreviation code */
850 
851       /* Read abbreviation header */
852       abcode = step_leb128U( &abbrev_img ); /* abbreviation code */
853       if ( acode != abcode ) {
854          /* This isn't illegal, but somewhat unlikely. Normally the
855           * first abbrev describes the first DIE, the compile_unit.
856           * But maybe this abbreviation data is shared with another
857           * or it is a NULL entry used for padding. See para 7.5.3. */
858          abbrev_img = lookup_abbrev( ML_(cur_plus)(debugabbrev_img, atoffs),
859                                      acode );
860       }
861 
862       tag = step_leb128U( &abbrev_img );
863 
864       if ( tag != 0x0011 /*TAG_compile_unit*/ )
865          return; /* Not a compile unit (might be partial) or broken DWARF. */
866 
867       /* DW_CHILDREN_yes or DW_CHILDREN_no */
868       abbrev_img = ML_(cur_plus)(abbrev_img, 1);
869 
870       /* And loop on entries */
871       for ( ; ; ) {
872          /* Read entry definition */
873          ULong    cval = -1LL;  /* Constant value read */
874          DiCursor sval = DiCursor_INVALID; /* String value read */
875          UInt     name = step_leb128U( &abbrev_img );
876          UInt     form = step_leb128U( &abbrev_img );
877          if (name == 0)
878             break;
879 
880          /* Read data */
881          /* Attributes encoding explained p 71 */
882          if ( form == 0x16 /* FORM_indirect */ )
883             form = step_leb128U( &p );
884          /* Decode form. For most kinds, Just skip the amount of data since
885             we don't use it for now */
886          /* JRS 9 Feb 06: This now handles 64-bit DWARF too.  In
887             64-bit DWARF, lineptr (and loclistptr,macptr,rangelistptr
888             classes) use FORM_data8, not FORM_data4.  Also,
889             FORM_ref_addr and FORM_strp are 64-bit values, not 32-bit
890             values. */
891          /* TJH 27 Apr 10: in DWARF 4 lineptr (and loclistptr,macptr,
892             rangelistptr classes) use FORM_sec_offset which is 64 bits
893             in 64 bit DWARF and 32 bits in 32 bit DWARF. */
894          /* JRS 20 Apr 11: LLVM-2.9 encodes DW_AT_stmt_list using
895             FORM_addr rather than the FORM_data4 that GCC uses.  Hence
896             handle FORM_addr too. */
897          switch( form ) {
898             /* Those cases extract the data properly */
899             case 0x05: /* FORM_data2 */
900                cval = ML_(cur_step_UShort)(&p);
901                break;
902             case 0x06: /* FORM_data4 */
903                cval = ML_(cur_step_UInt)(&p);
904                break;
905             case 0x0e: /* FORM_strp */      /* pointer in .debug_str */
906                /* 2006-01-01: only generate a value if a debug_str
907                   section was found) */
908                if (ML_(cur_is_valid)(debugstr_img) && !ui->dw64)
909                   sval = ML_(cur_plus)(debugstr_img, ML_(cur_read_UInt)(p));
910                if (ML_(cur_is_valid)(debugstr_img) && ui->dw64)
911                   sval = ML_(cur_plus)(debugstr_img, ML_(cur_read_ULong)(p));
912                p = ML_(cur_plus)(p, ui->dw64 ? 8 : 4);
913                break;
914             case 0x08: /* FORM_string */
915                sval = p;
916                p = ML_(cur_plus)(p, ML_(cur_strlen)(p) + 1);
917                break;
918             case 0x0b: /* FORM_data1 */
919                cval = ML_(cur_step_UChar)(&p);
920                break;
921             case 0x17: /* FORM_sec_offset */
922                if (ui->dw64) {
923                  cval = ML_(cur_step_ULong)(&p);
924                } else {
925                  cval = ML_(cur_step_UInt)(&p);
926                };
927                break;
928             case 0x07: /* FORM_data8 */
929                if (ui->dw64) cval = ML_(cur_read_ULong)(p);
930                p = ML_(cur_plus)(p, 8);
931                /* perhaps should assign unconditionally to cval? */
932                break;
933             /* TODO : Following ones just skip data - implement if you need */
934             case 0x01: /* FORM_addr */
935                p = ML_(cur_plus)(p, addr_size);
936                break;
937             case 0x03: /* FORM_block2 */
938                p = ML_(cur_plus)(p, ML_(cur_read_UShort)(p) + 2);
939                break;
940             case 0x04: /* FORM_block4 */
941                p = ML_(cur_plus)(p, ML_(cur_read_UInt)(p) + 4);
942                break;
943             case 0x09:   /* FORM_block */     /* fallthrough */
944             case 0x18: { /* FORM_exprloc */
945                ULong block_len = step_leb128U(&p);
946                p = ML_(cur_plus)(p, block_len);
947                break;
948             }
949             case 0x0a: /* FORM_block1 */
950                p = ML_(cur_plus)(p, ML_(cur_read_UChar)(p) + 1);
951                break;
952             case 0x0c: /* FORM_flag */
953                p = ML_(cur_plus)(p, 1);
954                break;
955             case 0x0d: /* FORM_sdata */
956                (void)step_leb128S(&p);
957                break;
958             case 0x0f: /* FORM_udata */
959                (void)step_leb128U(&p);
960                break;
961             case 0x10: /* FORM_ref_addr */
962                p = ML_(cur_plus)(p, (ver == 2) ? addr_size
963                                                : (ui->dw64 ? 8 : 4));
964                break;
965             case 0x11: /* FORM_ref1 */
966                p = ML_(cur_plus)(p, 1);
967                break;
968             case 0x12: /* FORM_ref2 */
969                p = ML_(cur_plus)(p, 2);
970                break;
971             case 0x13: /* FORM_ref4 */
972                p = ML_(cur_plus)(p, 4);
973                break;
974             case 0x14: /* FORM_ref8 */
975                p = ML_(cur_plus)(p, 8);
976                break;
977             case 0x15: /* FORM_ref_udata */
978                (void)step_leb128U(&p);
979                break;
980             case 0x19: /* FORM_flag_present */
981                break;
982             case 0x20: /* FORM_ref_sig8 */
983                p = ML_(cur_plus)(p, 8);
984                break;
985             case 0x1f20: /* FORM_GNU_ref_alt */
986                p = ML_(cur_plus)(p, ui->dw64 ? 8 : 4);
987                break;
988             case 0x1f21: /* FORM_GNU_strp_alt */
989                if (ML_(cur_is_valid)(debugstr_alt_img) && !ui->dw64)
990                   sval = ML_(cur_plus)(debugstr_alt_img,
991                                        ML_(cur_read_UInt)(p));
992                if (ML_(cur_is_valid)(debugstr_alt_img) && ui->dw64)
993                   sval = ML_(cur_plus)(debugstr_alt_img,
994                                        ML_(cur_read_ULong)(p));
995                p = ML_(cur_plus)(p, ui->dw64 ? 8 : 4);
996                break;
997 
998             default:
999                VG_(printf)( "### unhandled dwarf2 abbrev form code 0x%x\n",
1000                             form );
1001                break;
1002          }
1003 
1004          /* Now store the members we need in the UnitInfo structure */
1005          if ( tag == 0x0011 /*TAG_compile_unit*/ ) {
1006                  if ( name == 0x03 ) ui->name = sval;      /* DW_AT_name */
1007             else if ( name == 0x1b ) ui->compdir = sval;   /* DW_AT_compdir */
1008             else if ( name == 0x10 ) ui->stmt_list = cval; /* DW_AT_stmt_list */
1009          }
1010       }
1011    } /* Just read the first DIE, if that wasn't the compile_unit then
1012       * this might have been a partial unit or broken DWARF info.
1013       * That's enough info for us, and we are not gdb ! */
1014 }
1015 
1016 
1017 ////////////////////////////////////////////////////////////////////
1018 ////////////////////////////////////////////////////////////////////
1019 
1020 /* Collect the debug info from DWARF3 debugging sections
1021  * of a given module.
1022  *
1023  * Inputs: given .debug_xxx sections
1024  * Output: update di to contain all the DWARF3 debug infos
1025  */
ML_(read_debuginfo_dwarf3)1026 void ML_(read_debuginfo_dwarf3)
1027         ( struct _DebugInfo* di,
1028           DiSlice escn_debug_info,      /* .debug_info */
1029           DiSlice escn_debug_types,     /* .debug_types */
1030           DiSlice escn_debug_abbv,      /* .debug_abbrev */
1031           DiSlice escn_debug_line,      /* .debug_line */
1032           DiSlice escn_debug_str,       /* .debug_str */
1033           DiSlice escn_debug_str_alt )  /* .debug_str */
1034 {
1035    UnitInfo ui;
1036    UShort   ver;
1037    ULong    blklen;
1038    Bool     blklen_is_64;
1039 
1040    /* Make sure we at least have a header for the first block */
1041    if (escn_debug_info.szB < 4) {
1042       ML_(symerr)( di, True,
1043                    "Last block truncated in .debug_info; ignoring" );
1044       return;
1045    }
1046 
1047    DiCursor block_img = DiCursor_INVALID;
1048    DiCursor end1_img  = ML_(cur_plus)( ML_(cur_from_sli)(escn_debug_info),
1049                                        escn_debug_info.szB );
1050    Int blklen_len = 0;
1051 
1052    /* Iterate on all the blocks we find in .debug_info */
1053    for ( block_img = ML_(cur_from_sli)(escn_debug_info);
1054          ML_(cur_cmpLT)(block_img, ML_(cur_plus)(end1_img, -(DiOffT)4));
1055          block_img = ML_(cur_plus)(block_img, blklen + blklen_len) ) {
1056 
1057       /* Read the compilation unit header in .debug_info section - See
1058          p 70 */
1059       /* This block length */
1060       blklen     = read_initial_length_field( block_img, &blklen_is_64 );
1061       blklen_len = blklen_is_64 ? 12 : 4;
1062 
1063       if (ML_(cur_cmpGT)( ML_(cur_plus)(block_img, blklen + blklen_len),
1064                           end1_img )) {
1065          ML_(symerr)( di, True,
1066                       "Last block truncated in .debug_info; ignoring" );
1067          return;
1068       }
1069 
1070       /* version should be 2 */
1071       ver = ML_(cur_read_UShort)( ML_(cur_plus)(block_img, blklen_len) );
1072       if ( ver != 2 && ver != 3 && ver != 4 ) {
1073          ML_(symerr)( di, True,
1074                       "Ignoring non-Dwarf2/3/4 block in .debug_info" );
1075          continue;
1076       }
1077 
1078       /* Fill ui with offset in .debug_line and compdir */
1079       if (0)
1080          VG_(printf)(
1081             "Reading UnitInfo at 0x%llx.....\n",
1082             (ULong)ML_(cur_minus)( block_img,
1083                                    ML_(cur_from_sli)(escn_debug_info)) );
1084       read_unitinfo_dwarf2( &ui, block_img,
1085                                  ML_(cur_from_sli)(escn_debug_abbv),
1086                                  ML_(cur_from_sli)(escn_debug_str),
1087                                  ML_(cur_from_sli)(escn_debug_str_alt) );
1088       if (0) {
1089          HChar* str_name    = ML_(cur_read_strdup)(ui.name,    "di.rdd3.1");
1090          HChar* str_compdir = ML_(cur_read_strdup)(ui.compdir, "di.rdd3.2");
1091          VG_(printf)( "   => LINES=0x%llx    NAME=%s     DIR=%s\n",
1092                       ui.stmt_list, str_name, str_compdir );
1093          ML_(dinfo_free)(str_name);
1094          ML_(dinfo_free)(str_compdir);
1095       }
1096 
1097       /* Ignore blocks with no .debug_line associated block */
1098       if ( ui.stmt_list == -1LL )
1099          continue;
1100 
1101       if (0) {
1102          HChar* str_name = ML_(cur_read_strdup)(ui.name, "di.rdd3.3");
1103          VG_(printf)("debug_line_sz %llu, ui.stmt_list %llu  %s\n",
1104                      escn_debug_line.szB, ui.stmt_list, str_name );
1105          ML_(dinfo_free)(str_name);
1106       }
1107 
1108       /* Read the .debug_line block for this compile unit */
1109       read_dwarf2_lineblock(
1110          di, &ui,
1111          ML_(cur_plus)(ML_(cur_from_sli)(escn_debug_line), ui.stmt_list),
1112          escn_debug_line.szB  - ui.stmt_list
1113       );
1114    }
1115 }
1116 
1117 
1118 ////////////////////////////////////////////////////////////////////
1119 ////////////////////////////////////////////////////////////////////
1120 
1121 /*------------------------------------------------------------*/
1122 /*--- Read DWARF1 format line number info.                 ---*/
1123 /*------------------------------------------------------------*/
1124 
1125 /* DWARF1 appears to be redundant, but nevertheless the Lahey Fortran
1126    compiler generates it.
1127 */
1128 
1129 /* The following three enums (dwarf_tag, dwarf_form, dwarf_attribute)
1130    are taken from the file include/elf/dwarf.h in the GNU gdb-6.0
1131    sources, which are Copyright 1992, 1993, 1995, 1999 Free Software
1132    Foundation, Inc and naturally licensed under the GNU General Public
1133    License version 2 or later.
1134 */
1135 
1136 /* Tag names and codes.  */
1137 
1138 enum dwarf_tag {
1139     TAG_padding			= 0x0000,
1140     TAG_array_type		= 0x0001,
1141     TAG_class_type		= 0x0002,
1142     TAG_entry_point		= 0x0003,
1143     TAG_enumeration_type	= 0x0004,
1144     TAG_formal_parameter	= 0x0005,
1145     TAG_global_subroutine	= 0x0006,
1146     TAG_global_variable		= 0x0007,
1147     				/* 0x0008 -- reserved */
1148 				/* 0x0009 -- reserved */
1149     TAG_label			= 0x000a,
1150     TAG_lexical_block		= 0x000b,
1151     TAG_local_variable		= 0x000c,
1152     TAG_member			= 0x000d,
1153 				/* 0x000e -- reserved */
1154     TAG_pointer_type		= 0x000f,
1155     TAG_reference_type		= 0x0010,
1156     TAG_compile_unit		= 0x0011,
1157     TAG_string_type		= 0x0012,
1158     TAG_structure_type		= 0x0013,
1159     TAG_subroutine		= 0x0014,
1160     TAG_subroutine_type		= 0x0015,
1161     TAG_typedef			= 0x0016,
1162     TAG_union_type		= 0x0017,
1163     TAG_unspecified_parameters	= 0x0018,
1164     TAG_variant			= 0x0019,
1165     TAG_common_block		= 0x001a,
1166     TAG_common_inclusion	= 0x001b,
1167     TAG_inheritance		= 0x001c,
1168     TAG_inlined_subroutine	= 0x001d,
1169     TAG_module			= 0x001e,
1170     TAG_ptr_to_member_type	= 0x001f,
1171     TAG_set_type		= 0x0020,
1172     TAG_subrange_type		= 0x0021,
1173     TAG_with_stmt		= 0x0022,
1174 
1175     /* GNU extensions */
1176 
1177     TAG_format_label		= 0x8000,  /* for FORTRAN 77 and Fortran 90 */
1178     TAG_namelist		= 0x8001,  /* For Fortran 90 */
1179     TAG_function_template	= 0x8002,  /* for C++ */
1180     TAG_class_template		= 0x8003   /* for C++ */
1181 };
1182 
1183 /* Form names and codes.  */
1184 
1185 enum dwarf_form {
1186     FORM_ADDR	= 0x1,
1187     FORM_REF	= 0x2,
1188     FORM_BLOCK2	= 0x3,
1189     FORM_BLOCK4	= 0x4,
1190     FORM_DATA2	= 0x5,
1191     FORM_DATA4	= 0x6,
1192     FORM_DATA8	= 0x7,
1193     FORM_STRING	= 0x8
1194 };
1195 
1196 /* Attribute names and codes.  */
1197 
1198 enum dwarf_attribute {
1199     AT_sibling			= (0x0010|FORM_REF),
1200     AT_location			= (0x0020|FORM_BLOCK2),
1201     AT_name			= (0x0030|FORM_STRING),
1202     AT_fund_type		= (0x0050|FORM_DATA2),
1203     AT_mod_fund_type		= (0x0060|FORM_BLOCK2),
1204     AT_user_def_type		= (0x0070|FORM_REF),
1205     AT_mod_u_d_type		= (0x0080|FORM_BLOCK2),
1206     AT_ordering			= (0x0090|FORM_DATA2),
1207     AT_subscr_data		= (0x00a0|FORM_BLOCK2),
1208     AT_byte_size		= (0x00b0|FORM_DATA4),
1209     AT_bit_offset		= (0x00c0|FORM_DATA2),
1210     AT_bit_size			= (0x00d0|FORM_DATA4),
1211 				/* (0x00e0|FORM_xxxx) -- reserved */
1212     AT_element_list		= (0x00f0|FORM_BLOCK4),
1213     AT_stmt_list		= (0x0100|FORM_DATA4),
1214     AT_low_pc			= (0x0110|FORM_ADDR),
1215     AT_high_pc			= (0x0120|FORM_ADDR),
1216     AT_language			= (0x0130|FORM_DATA4),
1217     AT_member			= (0x0140|FORM_REF),
1218     AT_discr			= (0x0150|FORM_REF),
1219     AT_discr_value		= (0x0160|FORM_BLOCK2),
1220 				/* (0x0170|FORM_xxxx) -- reserved */
1221 				/* (0x0180|FORM_xxxx) -- reserved */
1222     AT_string_length		= (0x0190|FORM_BLOCK2),
1223     AT_common_reference		= (0x01a0|FORM_REF),
1224     AT_comp_dir			= (0x01b0|FORM_STRING),
1225         AT_const_value_string	= (0x01c0|FORM_STRING),
1226         AT_const_value_data2	= (0x01c0|FORM_DATA2),
1227         AT_const_value_data4	= (0x01c0|FORM_DATA4),
1228         AT_const_value_data8	= (0x01c0|FORM_DATA8),
1229         AT_const_value_block2	= (0x01c0|FORM_BLOCK2),
1230         AT_const_value_block4	= (0x01c0|FORM_BLOCK4),
1231     AT_containing_type		= (0x01d0|FORM_REF),
1232         AT_default_value_addr	= (0x01e0|FORM_ADDR),
1233         AT_default_value_data2	= (0x01e0|FORM_DATA2),
1234         AT_default_value_data4	= (0x01e0|FORM_DATA4),
1235         AT_default_value_data8	= (0x01e0|FORM_DATA8),
1236         AT_default_value_string	= (0x01e0|FORM_STRING),
1237     AT_friends			= (0x01f0|FORM_BLOCK2),
1238     AT_inline			= (0x0200|FORM_STRING),
1239     AT_is_optional		= (0x0210|FORM_STRING),
1240         AT_lower_bound_ref	= (0x0220|FORM_REF),
1241         AT_lower_bound_data2	= (0x0220|FORM_DATA2),
1242         AT_lower_bound_data4	= (0x0220|FORM_DATA4),
1243         AT_lower_bound_data8	= (0x0220|FORM_DATA8),
1244     AT_private			= (0x0240|FORM_STRING),
1245     AT_producer			= (0x0250|FORM_STRING),
1246     AT_program			= (0x0230|FORM_STRING),
1247     AT_protected		= (0x0260|FORM_STRING),
1248     AT_prototyped		= (0x0270|FORM_STRING),
1249     AT_public			= (0x0280|FORM_STRING),
1250     AT_pure_virtual		= (0x0290|FORM_STRING),
1251     AT_return_addr		= (0x02a0|FORM_BLOCK2),
1252     AT_abstract_origin		= (0x02b0|FORM_REF),
1253     AT_start_scope		= (0x02c0|FORM_DATA4),
1254     AT_stride_size		= (0x02e0|FORM_DATA4),
1255         AT_upper_bound_ref	= (0x02f0|FORM_REF),
1256         AT_upper_bound_data2	= (0x02f0|FORM_DATA2),
1257         AT_upper_bound_data4	= (0x02f0|FORM_DATA4),
1258         AT_upper_bound_data8	= (0x02f0|FORM_DATA8),
1259     AT_virtual			= (0x0300|FORM_STRING),
1260 
1261     /* GNU extensions.  */
1262 
1263     AT_sf_names			= (0x8000|FORM_DATA4),
1264     AT_src_info			= (0x8010|FORM_DATA4),
1265     AT_mac_info			= (0x8020|FORM_DATA4),
1266     AT_src_coords		= (0x8030|FORM_DATA4),
1267     AT_body_begin		= (0x8040|FORM_ADDR),
1268     AT_body_end			= (0x8050|FORM_ADDR)
1269 };
1270 
1271 /* end of enums taken from gdb-6.0 sources */
1272 #if 0
1273 void ML_(read_debuginfo_dwarf1) (
1274         struct _DebugInfo* di,
1275         UChar* dwarf1d, Int dwarf1d_sz,
1276         UChar* dwarf1l, Int dwarf1l_sz )
1277 {
1278    UInt   stmt_list;
1279    Bool   stmt_list_found;
1280    Int    die_offset, die_szb, at_offset;
1281    UShort die_kind, at_kind;
1282    UChar* at_base;
1283    HChar* src_filename;
1284 
1285    if (0)
1286       VG_(printf)("read_debuginfo_dwarf1 ( %p, %d, %p, %d )\n",
1287 	          dwarf1d, dwarf1d_sz, dwarf1l, dwarf1l_sz );
1288 
1289    /* This loop scans the DIEs. */
1290    die_offset = 0;
1291    while (True) {
1292       if (die_offset >= dwarf1d_sz) break;
1293 
1294       die_szb  = ML_(read_Int)(dwarf1d + die_offset);
1295       die_kind = ML_(read_UShort)(dwarf1d + die_offset + 4);
1296 
1297       /* We're only interested in compile_unit DIEs; ignore others. */
1298       if (die_kind != TAG_compile_unit) {
1299          die_offset += die_szb;
1300          continue;
1301       }
1302 
1303       if (0)
1304          VG_(printf)("compile-unit DIE: offset %d, tag 0x%x, size %d\n",
1305                      die_offset, (Int)die_kind, die_szb );
1306 
1307       /* We've got a compile_unit DIE starting at (dwarf1d +
1308          die_offset+6).  Try and find the AT_name and AT_stmt_list
1309          attributes.  Then, finally, we can read the line number info
1310          for this source file. */
1311 
1312       /* The next 3 are set as we find the relevant attrs. */
1313       src_filename    = NULL;
1314       stmt_list_found = False;
1315       stmt_list       = 0;
1316 
1317       /* This loop scans the Attrs inside compile_unit DIEs. */
1318       at_base = dwarf1d + die_offset + 6;
1319       at_offset = 0;
1320       while (True) {
1321          if (at_offset >= die_szb-6) break;
1322 
1323          at_kind = ML_(read_UShort)(at_base + at_offset);
1324          if (0) VG_(printf)("atoffset %d, attag 0x%x\n",
1325                             at_offset, (Int)at_kind );
1326          at_offset += 2; /* step over the attribute itself */
1327 	 /* We have to examine the attribute to figure out its
1328             length. */
1329          switch (at_kind) {
1330             case AT_stmt_list:
1331             case AT_language:
1332             case AT_sibling:
1333                if (at_kind == AT_stmt_list) {
1334                   stmt_list_found = True;
1335                   stmt_list = ML_(read_Int)(at_base+at_offset);
1336                }
1337                at_offset += 4; break;
1338             case AT_high_pc:
1339             case AT_low_pc:
1340                at_offset += sizeof(void*); break;
1341             case AT_name:
1342             case AT_producer:
1343             case AT_comp_dir:
1344                /* Zero terminated string, step over it. */
1345                if (at_kind == AT_name)
1346                  src_filename = (HChar *)(at_base + at_offset);
1347                while (at_offset < die_szb-6 && at_base[at_offset] != 0)
1348                   at_offset++;
1349                at_offset++;
1350                break;
1351             default:
1352                VG_(printf)("Unhandled DWARF-1 attribute 0x%x\n",
1353                            (Int)at_kind );
1354                VG_(core_panic)("Unhandled DWARF-1 attribute");
1355          } /* switch (at_kind) */
1356       } /* looping over attributes */
1357 
1358       /* So, did we find the required stuff for a line number table in
1359          this DIE?  If yes, read it. */
1360       if (stmt_list_found /* there is a line number table */
1361           && src_filename != NULL /* we know the source filename */
1362          ) {
1363          /* Table starts:
1364                Length:
1365                   4 bytes, includes the entire table
1366                Base address:
1367                   unclear (4? 8?), assuming native pointer size here.
1368             Then a sequence of triples
1369                (source line number -- 32 bits
1370                 source line column -- 16 bits
1371                 address delta -- 32 bits)
1372 	 */
1373          Addr   base;
1374 	 Int    len;
1375          HChar* curr_filenm;
1376          UChar* ptr;
1377          UInt   prev_line, prev_delta;
1378 
1379          curr_filenm = ML_(addStr) ( di, src_filename, -1 );
1380          prev_line = prev_delta = 0;
1381 
1382          ptr = dwarf1l + stmt_list;
1383          len  = ML_(read_Int)(ptr);  ptr += sizeof(Int);
1384          base = ML_(read_Addr)(ptr); ptr += sizeof(void*);
1385          len -= (sizeof(Int) + sizeof(void*));
1386          while (len > 0) {
1387             UInt   line;
1388             UShort col;
1389             UInt   delta;
1390             line = ML_(read_UInt)(ptr);    ptr += sizeof(UInt);
1391             col  = ML_(read_UShort)(ptr);  ptr += sizeof(UShort);
1392             delta = ML_(read_UInt)(ptr);   ptr += sizeof(UInt);
1393 	    if (0) VG_(printf)("line %d, col %d, delta %d\n",
1394                                line, (Int)col, delta );
1395             len -= (sizeof(UInt) + sizeof(UShort) + sizeof(UInt));
1396 
1397 	    if (delta > 0 && prev_line > 0) {
1398 	       if (0) VG_(printf) ("     %d  %d-%d\n",
1399                                    prev_line, prev_delta, delta-1);
1400 	       ML_(addLineInfo) ( di, curr_filenm, NULL,
1401 		 	          base + prev_delta, base + delta,
1402 			          prev_line, 0 );
1403 	    }
1404 	    prev_line = line;
1405 	    prev_delta = delta;
1406 	 }
1407       }
1408 
1409       /* Move on the next DIE. */
1410       die_offset += die_szb;
1411 
1412    } /* Looping over DIEs */
1413 
1414 }
1415 #endif
1416 
1417 /*------------------------------------------------------------*/
1418 /*--- Read call-frame info from an .eh_frame section       ---*/
1419 /*------------------------------------------------------------*/
1420 
1421 /* Sources of info:
1422 
1423    The DWARF3 spec, available from http://www.dwarfstd.org/Download.php
1424 
1425    This describes how to read CFA data from .debug_frame sections.
1426    So as to maximise everybody's annoyance and confusion, .eh_frame
1427    sections are almost the same as .debug_frame sections, but differ
1428    in a few subtle and ill documented but important aspects.
1429 
1430    Generic ELF Specification, sections 7.5 (DWARF Extensions) and 7.6
1431    (Exception Frames), available from
1432 
1433    http://www.linux-foundation.org/spec/book/ELF-generic/ELF-generic.html
1434 
1435    This really does describe .eh_frame, at least the aspects that
1436    differ from standard DWARF3.  It's better than guessing, and
1437    (marginally) more fun than reading the gdb source code.
1438 */
1439 
1440 /* Useful info ..
1441 
1442    In general:
1443    gdb-6.3/gdb/dwarf2-frame.c
1444 
1445    gdb-6.3/gdb/i386-tdep.c:
1446 
1447    DWARF2/GCC uses the stack address *before* the function call as a
1448    frame's CFA.  [jrs: I presume this means %esp before the call as
1449    the CFA].
1450 
1451    JRS: on amd64, the dwarf register numbering is, as per
1452    gdb-6.3/gdb/amd64-tdep.c and also amd64-abi-0.98.pdf:
1453 
1454       0    1    2    3    4    5    6    7
1455       RAX  RDX  RCX  RBX  RSI  RDI  RBP  RSP
1456 
1457       8  ...  15
1458       R8 ... R15
1459 
1460       16 is the return address (RIP)
1461       "The table defines Return Address to have a register number,
1462       even though the address is stored in 0(%rsp) and not in a
1463       physical register."
1464 
1465       17   ...   24
1466       XMM0 ... XMM7
1467 
1468       25   ...    32
1469       XMM8 ... XMM15
1470 
1471       33   ...   40
1472       ST0  ...  ST7
1473 
1474       41   ...   48
1475       MM0  ...  MM7
1476 
1477       49                  RFLAGS
1478       50,51,52,53,54,55   ES,CS,SS,DS,FS,GS
1479       58                  FS.BASE  (what's that?)
1480       59                  GS.BASE  (what's that?)
1481       62                  TR (task register)
1482       63                  LDTR (LDT register)
1483       64                  MXCSR
1484       65                  FCW (x87 control word)
1485       66                  FSW (x86 status word)
1486 
1487    On x86 I cannot find any documentation.  It _appears_ to be the
1488    actual instruction encoding, viz:
1489 
1490       0    1    2    3    4    5    6    7
1491       EAX  ECX  EDX  EBX  ESP  EBP  ESI  EDI
1492 
1493       8 is the return address (EIP) */
1494 
1495 
1496 /* Comments re DW_CFA_set_loc, 16 Nov 06.
1497 
1498    JRS:
1499    Someone recently sent me a libcrypto.so.0.9.8 as distributed with
1500    Ubuntu of some flavour, compiled with gcc 4.1.2 on amd64.  It
1501    causes V's CF reader to complain a lot:
1502 
1503    >> --19976-- DWARF2 CFI reader: unhandled CFI instruction 0:24
1504    >> --19976-- DWARF2 CFI reader: unhandled CFI instruction 0:24
1505    >> --19976-- DWARF2 CFI reader: unhandled CFI instruction 0:24
1506    >> --19976-- DWARF2 CFI reader: unhandled CFI instruction 0:24
1507    >> --19976-- DWARF2 CFI reader: unhandled CFI instruction 0:48
1508    >> --19976-- DWARF2 CFI reader: unhandled CFI instruction 0:24
1509 
1510    After chasing this around a bit it seems that the CF bytecode
1511    parser lost sync at a DW_CFA_set_loc, which has a single argument
1512    denoting an address.
1513 
1514    As it stands that address is extracted by read_Addr().  On amd64
1515    that just fetches 8 bytes regardless of anything else.
1516 
1517    read_encoded_Addr() is more sophisticated.  This appears to take
1518    into account some kind of encoding flag.  When I replace the uses
1519    of read_Addr by read_encoded_Addr for DW_CFA_set_loc, the
1520    complaints go away, there is no loss of sync, and the parsed CF
1521    instructions are the same as shown by readelf --debug-dump=frames.
1522 
1523    So it seems a plausible fix.  The problem is I looked in the DWARF3
1524    spec and completely failed to figure out whether or not the arg to
1525    DW_CFA_set_loc is supposed to be encoded in a way suitable for
1526    read_encoded_Addr, nor for that matter any description of what it
1527    is that read_encoded_Addr is really decoding.
1528 
1529    TomH:
1530    The problem is that the encoding is not standard - the eh_frame
1531    section uses the same encoding as the dwarf_frame section except
1532    for a few small changes, and this is one of them. So this is not
1533    something the DWARF standard covers.
1534 
1535    There is an augmentation string to indicate what is going on though
1536    so that programs can recognise it.
1537 
1538    What we are doing seems to match what gdb 6.5 and libdwarf 20060614
1539    do though. I'm not sure about readelf though.
1540 
1541    (later): Well dwarfdump barfs on it:
1542 
1543       dwarfdump ERROR:  dwarf_get_fde_info_for_reg:
1544                         DW_DLE_DF_FRAME_DECODING_ERROR(193) (193)
1545 
1546    I've looked at binutils as well now, and the code in readelf agrees
1547    with your patch - ie it treats set_loc as having an encoded address
1548    if there is a zR augmentation indicating an encoding.
1549 
1550    Quite why gdb and libdwarf don't understand this is an interesting
1551    question...
1552 
1553    Final outcome: all uses of read_Addr were replaced by
1554    read_encoded_Addr.  A new type AddressDecodingInfo was added to
1555    make it relatively clean to plumb through the extra info needed by
1556    read_encoded_Addr.
1557 */
1558 
1559 /* More badness re address encoding, 12 Jan 07.
1560 
1561    Most gcc provided CIEs have a "zR" augmentation, which means they
1562    supply their own address encoding, and that works fine.  However,
1563    some icc9 supplied CIEs have no augmentation, which means they use
1564    the default_Addr_encoding().  That says to use a machine-word sized
1565    value, literally unmodified.
1566 
1567    Since .so's are, in general, relocated when loaded, having absolute
1568    addresses in the CFI data makes no sense when read_encoded_Addr is
1569    used to find the initial location for a FDE.  The resulting saga:
1570 
1571    TomH:
1572    > I'm chasing a stack backtrace failure for an amd64 .so which was
1573    > created I believe by icc 9.1.  After a while I wound up looking at
1574    > this: (readdwarf.c)
1575    >
1576    >   5083        tom static UChar default_Addr_encoding ( void )
1577    >   3584        tom {
1578    >   3584        tom    switch (sizeof(Addr)) {
1579    >   3584        tom       case 4: return DW_EH_PE_udata4;
1580    >   3584        tom       case 8: return DW_EH_PE_udata8;
1581    >   3584        tom       default: vg_assert(0);
1582    >   3584        tom    }
1583    >   3584        tom }
1584    >
1585    > If a CIE does not have an "augmentation string" (typically "zR") then
1586    > addresses are decoded as described by default_Addr_encoding.  If there
1587    > is an 'R' in the augmentation string then the encoding to use
1588    > is specified by the CIE itself, which works fine with GCC compiled code
1589    > since that always appears to specify zR.
1590 
1591    Correct.
1592 
1593    > Problem is this .so has no augmentation string and so uses the
1594    > default encoding, viz DW_EH_PE_udata8.  That appears to mean
1595    > "read a 64 bit number" and use that as-is (for the starting value
1596    > of the program counter when running the CFA program).
1597 
1598    Strictly speaking the default is DW_EH_PE_absptr, but that amounts
1599    to either udata4 or udata8 depending on the platform's pointer size
1600    which is a shortcut I used.
1601 
1602    > For this .so that gives nonsense (very small) PCs which are later
1603    > rejected by the sanity check which ensures PC ranges fall inside
1604    > the mapped text segment.  It seems like the .so expects to have the
1605    > start VMA of the text segment added on.  This would correspond to
1606    >
1607    >   static UChar default_Addr_encoding ( void )
1608    >   {
1609    >      switch (sizeof(Addr)) {
1610    >         case 4: return DW_EH_PE_textrel + DW_EH_PE_udata4;
1611    >         case 8: return DW_EH_PE_textrel + DW_EH_PE_udata8;
1612    >         default: vg_assert(0);
1613    >      }
1614    >   }
1615 
1616    The problem you're seeing is that you have absolute pointers inside
1617    a shared library, which obviously makes little sense on the face of
1618    things as how would the linker know where the library will be
1619    loaded?
1620 
1621    The answer of course is that it doesn't, so if it points absolute
1622    pointers in the frame unwind data is has to include relocations for
1623    them, and I'm betting that if you look at the relocations in the
1624    library you will there are some for that data.
1625 
1626    That is fine of course when ld.so maps the library - it will
1627    relocate the eh_frame data as it maps it (or prelinking will
1628    already have done so) and when the g++ exception code kicks in and
1629    unwinds the stack it will see relocated data.
1630 
1631    We of course are mapping the section from the ELF file ourselves
1632    and are not applying the relocations, hence the problem you are
1633    seeing.
1634 
1635    Strictly speaking we should apply the relocations but the cheap
1636    solution is essentially to do what you've done - strictly speaking
1637    you should adjust by the difference between the address the library
1638    was linked for and the address it has been loaded at, but a shared
1639    library will normally be linked for address zero I believe. It's
1640    possible that prelinking might change that though?
1641 
1642    JRS:
1643    That all syncs with what I am seeing.
1644 
1645    So what I am inclined to do is:
1646 
1647    - Leave default_Addr_encoding as it is
1648 
1649    - Change read_encoded_Addr's handling of "case DW_EH_PE_absptr" so
1650      it sets base to, as you say, the difference between the address
1651      the library was linked for and the address it has been loaded at
1652      (== the SegInfo's text_bias)
1653 
1654    Does that sound sane?  I think it should even handle the prelinked
1655    case.
1656 
1657    (JRS, later)
1658 
1659    Hmm.  Plausible as it sounds, it doesn't work.  It now produces
1660    bogus backtraces for locations inside the (statically linked)
1661    memcheck executable.
1662 
1663    Besides, there are a couple of other places where read_encoded_Addr
1664    is used -- one of which is used to establish the length of the
1665    address range covered by the current FDE:
1666 
1667          fde_arange = read_encoded_Addr(&nbytes, &adi, data);
1668 
1669    and it doesn't seem to make any sense for read_encoded_Addr to add
1670    on the text segment bias in that context.  The DWARF3 spec says
1671    that both the initial_location and address_range (length) fields
1672    are encoded the same way ("target address"), so it is unclear at
1673    what stage in the process it would be appropriate to relocate the
1674    former but not the latter.
1675 
1676    One unprincipled kludge that does work is the following: just
1677    before handing one of the address range fragments off to
1678    ML_(addDiCfSI) for permanent storage, check its start address.  If
1679    that is very low (less than 2 M), and is far below the mapped text
1680    segment, and adding the text bias would move the fragment entirely
1681    inside the mapped text segment, then do so.  A kind of kludged
1682    last-minute relocation, if you like.
1683 
1684    12 Jan 07: committing said kludge (see kludge_then_addDiCfSI).  If
1685    the situation clarifies, it can easily enough be backed out and
1686    replaced by a better fix.
1687 */
1688 
1689 /* --------------- Decls --------------- */
1690 
1691 #if defined(VGP_x86_linux) || defined(VGP_x86_solaris)
1692 #  define FP_REG         5
1693 #  define SP_REG         4
1694 #  define RA_REG_DEFAULT 8
1695 #elif defined(VGP_amd64_linux) || defined(VGP_amd64_solaris)
1696 #  define FP_REG         6
1697 #  define SP_REG         7
1698 #  define RA_REG_DEFAULT 16
1699 #elif defined(VGP_ppc32_linux)
1700 #  define FP_REG         1
1701 #  define SP_REG         1
1702 #  define RA_REG_DEFAULT 65
1703 #elif defined(VGP_ppc64be_linux) || defined(VGP_ppc64le_linux)
1704 #  define FP_REG         1
1705 #  define SP_REG         1
1706 #  define RA_REG_DEFAULT 65
1707 #elif defined(VGP_arm_linux)
1708 #  define FP_REG         12
1709 #  define SP_REG         13
1710 #  define RA_REG_DEFAULT 14
1711 #elif defined(VGP_arm64_linux)
1712 #  define FP_REG         29
1713 #  define SP_REG         31
1714 #  define RA_REG_DEFAULT 30
1715 #elif defined(VGP_x86_darwin)
1716 #  define FP_REG         5
1717 #  define SP_REG         4
1718 #  define RA_REG_DEFAULT 8
1719 #elif defined(VGP_amd64_darwin)
1720 #  define FP_REG         6
1721 #  define SP_REG         7
1722 #  define RA_REG_DEFAULT 16
1723 #elif defined(VGP_s390x_linux)
1724 #  define FP_REG         11    // sometimes s390 has a frame pointer in r11
1725 #  define SP_REG         15    // stack is always r15
1726 #  define RA_REG_DEFAULT 14    // the return address is in r14
1727 #elif defined(VGP_mips32_linux)
1728 #  define FP_REG         30
1729 #  define SP_REG         29
1730 #  define RA_REG_DEFAULT 31
1731 #elif defined(VGP_mips64_linux)
1732 #  define FP_REG         30
1733 #  define SP_REG         29
1734 #  define RA_REG_DEFAULT 31
1735 #else
1736 #  error "Unknown platform"
1737 #endif
1738 
1739 /* The number of regs we are prepared to unwind.  The number for
1740    arm-linux (320) seems ludicrously high, but the ARM IHI 0040A page
1741    7 (DWARF for the ARM Architecture) specifies that values up to 320
1742    might exist, for Neon/VFP-v3. */
1743 #if defined(VGP_ppc32_linux) || defined(VGP_ppc64be_linux) \
1744      || defined(VGP_ppc64le_linux) || defined(VGP_mips32_linux) \
1745      || defined(VGP_mips64_linux)
1746 # define N_CFI_REGS 72
1747 #elif defined(VGP_arm_linux)
1748 # define N_CFI_REGS 320
1749 #elif defined(VGP_arm64_linux)
1750 # define N_CFI_REGS 128
1751 #else
1752 # define N_CFI_REGS 20
1753 #endif
1754 
1755 /* Instructions for the automaton */
1756 enum dwarf_cfa_primary_ops
1757   {
1758     DW_CFA_use_secondary = 0,
1759     DW_CFA_advance_loc   = 1,
1760     DW_CFA_offset        = 2,
1761     DW_CFA_restore       = 3
1762   };
1763 
1764 enum dwarf_cfa_secondary_ops
1765   {
1766     DW_CFA_nop                = 0x00,
1767     DW_CFA_set_loc            = 0x01,
1768     DW_CFA_advance_loc1       = 0x02,
1769     DW_CFA_advance_loc2       = 0x03,
1770     DW_CFA_advance_loc4       = 0x04,
1771     DW_CFA_offset_extended    = 0x05,
1772     DW_CFA_restore_extended   = 0x06,
1773     DW_CFA_undefined          = 0x07,
1774     DW_CFA_same_value         = 0x08,
1775     DW_CFA_register           = 0x09,
1776     DW_CFA_remember_state     = 0x0a,
1777     DW_CFA_restore_state      = 0x0b,
1778     DW_CFA_def_cfa            = 0x0c,
1779     DW_CFA_def_cfa_register   = 0x0d,
1780     DW_CFA_def_cfa_offset     = 0x0e,
1781     DW_CFA_def_cfa_expression = 0x0f, /* DWARF3 only */
1782     DW_CFA_expression         = 0x10, /* DWARF3 only */
1783     DW_CFA_offset_extended_sf = 0x11, /* DWARF3 only */
1784     DW_CFA_def_cfa_sf         = 0x12, /* DWARF3 only */
1785     DW_CFA_def_cfa_offset_sf  = 0x13, /* DWARF3 only */
1786     DW_CFA_val_offset         = 0x14, /* DWARF3 only */
1787     DW_CFA_val_offset_sf      = 0x15, /* DWARF3 only */
1788     DW_CFA_val_expression     = 0x16, /* DWARF3 only */
1789     DW_CFA_lo_user            = 0x1c,
1790     DW_CFA_GNU_window_save    = 0x2d, /* GNU extension */
1791     DW_CFA_GNU_args_size      = 0x2e, /* GNU extension */
1792     DW_CFA_GNU_negative_offset_extended = 0x2f, /* GNU extension */
1793     DW_CFA_ORCL_arg_loc       = 0x30, /* Oracle extension */
1794     DW_CFA_hi_user            = 0x3f
1795   };
1796 
1797 #define DW_EH_PE_absptr		0x00
1798 #define DW_EH_PE_omit		0xff
1799 
1800 #define DW_EH_PE_uleb128	0x01
1801 #define DW_EH_PE_udata2		0x02
1802 #define DW_EH_PE_udata4		0x03
1803 #define DW_EH_PE_udata8		0x04
1804 #define DW_EH_PE_sleb128	0x09
1805 #define DW_EH_PE_sdata2		0x0A
1806 #define DW_EH_PE_sdata4		0x0B
1807 #define DW_EH_PE_sdata8		0x0C
1808 #define DW_EH_PE_signed		0x08
1809 
1810 #define DW_EH_PE_pcrel		0x10
1811 #define DW_EH_PE_textrel	0x20
1812 #define DW_EH_PE_datarel	0x30
1813 #define DW_EH_PE_funcrel	0x40
1814 #define DW_EH_PE_aligned	0x50
1815 
1816 #define DW_EH_PE_indirect	0x80
1817 
1818 
1819 /* RegRule and UnwindContext are used temporarily to do the unwinding.
1820    The result is then summarised into a sequence of CfiSIs, if
1821    possible.  UnwindContext effectively holds the state of the
1822    abstract machine whilst it is running.
1823 
1824    The CFA can either be a signed offset from a register,
1825    or an expression:
1826 
1827    CFA = cfa_reg + cfa_off   when UnwindContext.cfa_is_regoff==True
1828        | [[ cfa_expr_id ]]
1829 
1830    When .cfa_is_regoff == True,  cfa_expr_id must be zero
1831    When .cfa_is_regoff == False, cfa_reg must be zero
1832                                  and cfa_off must be zero
1833 
1834    RegRule describes, for each register, how to get its
1835    value in the previous frame, where 'cfa' denotes the cfa
1836    for the frame as a whole:
1837 
1838    RegRule = RR_Undef          -- undefined
1839            | RR_Same           -- same as in previous frame
1840            | RR_CFAOff    arg  -- is at * ( cfa + arg )
1841            | RR_CFAValOff arg  -- is ( cfa + arg )
1842            | RR_Reg       arg  -- is in register 'arg'
1843            | RR_Expr      arg  -- is at * [[ arg ]]
1844            | RR_ValExpr   arg  -- is [[ arg ]]
1845            | RR_Arch           -- dunno
1846 
1847    Note that RR_Expr is redundant since the same can be represented
1848    using RR_ValExpr with an explicit dereference (CfiExpr_Deref) at
1849    the outermost level.
1850 
1851    All expressions are stored in exprs in the containing
1852    UnwindContext.  Since the UnwindContext gets reinitialised for each
1853    new FDE, summarise_context needs to copy out any expressions it
1854    wants to keep into the cfsi_exprs field of the containing SegInfo.
1855 */
1856 typedef
1857    struct {
1858       enum { RR_Undef, RR_Same, RR_CFAOff, RR_CFAValOff,
1859              RR_Reg, /*RR_Expr,*/ RR_ValExpr, RR_Arch } tag;
1860       /* meaning:  int offset for CFAoff/CFAValOff
1861                    reg # for Reg
1862                    expr index for Expr/ValExpr */
1863       Int arg;
1864    }
1865    RegRule;
1866 
ppRegRule(const XArray * exprs,const RegRule * rrule)1867 static void ppRegRule ( const XArray* exprs, const RegRule* rrule )
1868 {
1869    vg_assert(exprs);
1870    switch (rrule->tag) {
1871       case RR_Undef:     VG_(printf)("u  "); break;
1872       case RR_Same:      VG_(printf)("s  "); break;
1873       case RR_CFAOff:    VG_(printf)("c%d ", rrule->arg); break;
1874       case RR_CFAValOff: VG_(printf)("v%d ", rrule->arg); break;
1875       case RR_Reg:       VG_(printf)("r%d ", rrule->arg); break;
1876       case RR_ValExpr:   VG_(printf)("ve{");
1877                          ML_(ppCfiExpr)( exprs, rrule->arg );
1878                          VG_(printf)("} ");
1879                          break;
1880       case RR_Arch:      VG_(printf)("a  "); break;
1881       default:           VG_(core_panic)("ppRegRule");
1882    }
1883 }
1884 
1885 
1886 /* Size of the stack of register unwind rules.  This is only
1887    exceedingly rarely used, so a stack of size 1 should actually work
1888    with almost all compiler-generated CFA. */
1889 #define N_RR_STACK 4
1890 
1891 typedef
1892    struct {
1893       /* Read-only fields (set by the CIE) */
1894       Int     code_a_f;
1895       Int     data_a_f;
1896       Addr    initloc;
1897       Int     ra_reg;
1898       /* The rest of these fields can be modified by
1899          run_CF_instruction. */
1900       /* The LOC entry */
1901       Addr    loc;
1902       /* We need a stack of these in order to handle
1903          DW_CFA_{remember,restore}_state. */
1904       struct UnwindContextState {
1905           /* The CFA entry.  This can be either reg+/-offset or an expr. */
1906           Bool    cfa_is_regoff; /* True=>is reg+offset; False=>is expr */
1907           Int     cfa_reg;
1908           Int     cfa_off;  /* in bytes */
1909           Int     cfa_expr_ix; /* index into cfa_exprs */
1910           /* Register unwind rules.  */
1911           RegRule reg[N_CFI_REGS];
1912       }
1913       state[N_RR_STACK];
1914       Int     state_sp; /* 0 <= state_sp < N_RR_STACK; points at the
1915                            currently-in-use rule set. */
1916       /* array of CfiExpr, shared by reg[] and cfa_expr_ix */
1917       XArray* exprs;
1918    }
1919    UnwindContext;
1920 
ppUnwindContext(const UnwindContext * ctx)1921 static void ppUnwindContext ( const UnwindContext* ctx )
1922 {
1923    Int j, i;
1924    VG_(printf)("0x%llx: ", (ULong)ctx->loc);
1925    for (j = 0; j <= ctx->state_sp; j++) {
1926       const struct UnwindContextState* ctxs = &ctx->state[j];
1927       VG_(printf)("%s[%d]={ ", j > 0 ? " " : "", j);
1928       if (ctxs->cfa_is_regoff) {
1929          VG_(printf)("%d(r%d) ", ctxs->cfa_off, ctxs->cfa_reg);
1930       } else {
1931          vg_assert(ctx->exprs);
1932          VG_(printf)("{");
1933          ML_(ppCfiExpr)( ctx->exprs, ctxs->cfa_expr_ix );
1934          VG_(printf)("} ");
1935       }
1936       VG_(printf)("{ ");
1937       for (i = 0; i < N_CFI_REGS; i++)
1938          ppRegRule(ctx->exprs, &ctxs->reg[i]);
1939       VG_(printf)("}");
1940    }
1941    VG_(printf)("\n");
1942 }
1943 
initUnwindContext(UnwindContext * ctx)1944 static void initUnwindContext ( /*OUT*/UnwindContext* ctx )
1945 {
1946    Int j, i;
1947    VG_(memset)(ctx, 0, sizeof(*ctx));
1948    /* ctx->code_a_f   = 0;
1949    ctx->data_a_f      = 0;
1950    ctx->initloc       = 0; */
1951    ctx->ra_reg        = RA_REG_DEFAULT;
1952    /* ctx->loc        = 0;
1953    ctx->exprs         = NULL;
1954    ctx->state_sp        = 0; */
1955    for (j = 0; j < N_RR_STACK; j++) {
1956       ctx->state[j].cfa_is_regoff = True;
1957       /* ctx->state[j].cfa_reg    = 0;
1958       ctx->state[j].cfa_off       = 0;
1959       ctx->state[j].cfa_expr_ix   = 0; */
1960       for (i = 0; i < N_CFI_REGS; i++) {
1961          if (RR_Undef != 0)
1962            ctx->state[j].reg[i].tag = RR_Undef;
1963          /* ctx->state[j].reg[i].arg = 0; */
1964       }
1965 #     if defined(VGA_arm)
1966       /* All callee-saved registers (or at least the ones we are
1967          summarising for) should start out as RR_Same, on ARM. */
1968       ctx->state[j].reg[11].tag = RR_Same;
1969       /* ctx->state[j].reg[13].tag = RR_Same; */
1970       ctx->state[j].reg[14].tag = RR_Same;
1971       ctx->state[j].reg[12].tag = RR_Same;
1972       ctx->state[j].reg[7].tag  = RR_Same;
1973       /* this can't be right though: R12 (IP) isn't callee saved. */
1974 #     elif defined(VGA_arm64)
1975       /* Callee-saved registers (that we are interested in) should
1976          start out as RR_Same. */
1977       ctx->state[j].reg[29/*FP*/].tag = RR_Same;
1978       ctx->state[j].reg[30/*LR*/].tag = RR_Same;
1979 #     endif
1980    }
1981 }
1982 
1983 
1984 /* A structure which holds information needed by read_encoded_Addr().
1985 */
1986 typedef
1987    struct {
1988       UChar    encoding;
1989       DiCursor ehframe_image;
1990       Addr     ehframe_avma;
1991       Addr     text_bias;
1992       Addr     got_avma;
1993    }
1994    AddressDecodingInfo;
1995 
1996 
1997 /* ------------ Deal with summary-info records ------------ */
1998 
1999 /* --------------- Summarisation --------------- */
2000 
2001 /* Forward */
2002 static
2003 Int copy_convert_CfiExpr_tree ( XArray* dst, const UnwindContext* srcuc,
2004                                 Int nd );
2005 
2006 /* Summarise ctx into si, if possible.  Returns True if successful.
2007    This is taken to be just after ctx's loc advances; hence the
2008    summary is up to but not including the current loc.  This works
2009    on both x86 and amd64.
2010 */
summarise_context(Addr * base,UInt * len,DiCfSI_m * si_m,Addr loc_start,const UnwindContext * ctx,DebugInfo * debuginfo)2011 static Bool summarise_context(/*OUT*/Addr* base,
2012                               /*OUT*/UInt* len,
2013                               /*OUT*/DiCfSI_m* si_m,
2014                                Addr loc_start,
2015 	                       const UnwindContext* ctx,
2016                                DebugInfo* debuginfo )
2017 {
2018    Int why = 0;
2019    const struct UnwindContextState* ctxs;
2020 
2021    *base = 0;
2022    *len = 0;
2023    VG_(bzero_inline)(si_m, sizeof(*si_m));
2024 
2025 
2026    /* Guard against obviously stupid settings of the reg-rule stack
2027       pointer. */
2028    if (ctx->state_sp < 0)           { why = 8; goto failed; }
2029    if (ctx->state_sp >= N_RR_STACK) { why = 9; goto failed; }
2030    ctxs = &ctx->state[ctx->state_sp];
2031 
2032    /* First, summarise the method for generating the CFA */
2033    if (!ctxs->cfa_is_regoff) {
2034       /* it was set by DW_CFA_def_cfa_expression; try to convert */
2035       XArray *src, *dst;
2036       Int    conv;
2037       src = ctx->exprs;
2038       dst = debuginfo->cfsi_exprs;
2039       if (src && (VG_(sizeXA)(src) > 0) && (!dst)) {
2040          dst = VG_(newXA)( ML_(dinfo_zalloc), "di.ccCt.1", ML_(dinfo_free),
2041                            sizeof(CfiExpr) );
2042          debuginfo->cfsi_exprs = dst;
2043       }
2044       conv = copy_convert_CfiExpr_tree
2045                     ( dst, ctx, ctxs->cfa_expr_ix );
2046       vg_assert(conv >= -1);
2047       if (conv == -1) { why = 6; goto failed; }
2048       si_m->cfa_how = CFIC_EXPR;
2049       si_m->cfa_off = conv;
2050       if (0 && debuginfo->ddump_frames)
2051          ML_(ppCfiExpr)(dst, conv);
2052    }
2053    else
2054    if (ctxs->cfa_is_regoff && ctxs->cfa_reg == SP_REG) {
2055       si_m->cfa_off = ctxs->cfa_off;
2056 #     if defined(VGA_x86) || defined(VGA_amd64) || defined(VGA_s390x) \
2057          || defined(VGA_mips32) || defined(VGA_mips64)
2058       si_m->cfa_how = CFIC_IA_SPREL;
2059 #     elif defined(VGA_arm)
2060       si_m->cfa_how = CFIC_ARM_R13REL;
2061 #     elif defined(VGA_arm64)
2062       si_m->cfa_how = CFIC_ARM64_SPREL;
2063 #     else
2064       si_m->cfa_how = 0; /* invalid */
2065 #     endif
2066    }
2067    else
2068    if (ctxs->cfa_is_regoff && ctxs->cfa_reg == FP_REG) {
2069       si_m->cfa_off = ctxs->cfa_off;
2070 #     if defined(VGA_x86) || defined(VGA_amd64) || defined(VGA_s390x) \
2071          || defined(VGA_mips32) || defined(VGA_mips64)
2072       si_m->cfa_how = CFIC_IA_BPREL;
2073 #     elif defined(VGA_arm)
2074       si_m->cfa_how = CFIC_ARM_R12REL;
2075 #     elif defined(VGA_arm64)
2076       si_m->cfa_how = CFIC_ARM64_X29REL;
2077 #     else
2078       si_m->cfa_how = 0; /* invalid */
2079 #     endif
2080    }
2081 #  if defined(VGA_arm)
2082    else
2083    if (ctxs->cfa_is_regoff && ctxs->cfa_reg == 11/*??_REG*/) {
2084       si_m->cfa_how = CFIC_ARM_R11REL;
2085       si_m->cfa_off = ctxs->cfa_off;
2086    }
2087    else
2088    if (ctxs->cfa_is_regoff && ctxs->cfa_reg == 7/*??_REG*/) {
2089       si_m->cfa_how = CFIC_ARM_R7REL;
2090       si_m->cfa_off = ctxs->cfa_off;
2091    }
2092 #  elif defined(VGA_arm64)
2093    // do we need any arm64 specifics here?
2094 #  endif
2095    else {
2096       why = 1;
2097       goto failed;
2098    }
2099 
2100 #  define SUMMARISE_HOW(_how, _off, _ctxreg)                  \
2101    switch (_ctxreg.tag) {                                     \
2102       case RR_Undef:                                          \
2103          _how = CFIR_UNKNOWN;   _off = 0; break;              \
2104       case RR_Same:                                           \
2105          _how = CFIR_SAME;      _off = 0; break;              \
2106       case RR_CFAOff:                                         \
2107          _how = CFIR_MEMCFAREL; _off = _ctxreg.arg; break;    \
2108       case RR_CFAValOff:                                      \
2109          _how = CFIR_CFAREL;    _off = _ctxreg.arg; break;    \
2110       case RR_ValExpr: {                                      \
2111          XArray *src, *dst;                                   \
2112          Int    conv;                                         \
2113          src = ctx->exprs;                                    \
2114          dst = debuginfo->cfsi_exprs;                         \
2115          if (src && (VG_(sizeXA)(src) > 0) && (!dst)) {       \
2116             dst = VG_(newXA)( ML_(dinfo_zalloc),              \
2117                               "di.ccCt.2",                    \
2118                               ML_(dinfo_free),                \
2119                               sizeof(CfiExpr) );              \
2120             debuginfo->cfsi_exprs = dst;                      \
2121          }                                                    \
2122          conv = copy_convert_CfiExpr_tree                     \
2123                        ( dst, ctx, _ctxreg.arg );             \
2124          vg_assert(conv >= -1);                               \
2125          if (conv == -1) { why = 7; goto failed; }            \
2126          _how = CFIR_EXPR;                                    \
2127          _off = conv;                                         \
2128          if (0 && debuginfo->ddump_frames)                    \
2129             ML_(ppCfiExpr)(dst, conv);                        \
2130          break;                                               \
2131       }                                                       \
2132       default:                                                \
2133          why = 2; goto failed; /* otherwise give up */        \
2134    }
2135 
2136 
2137 #  if defined(VGA_x86) || defined(VGA_amd64)
2138 
2139    /* --- entire tail of this fn specialised for x86/amd64 --- */
2140 
2141    SUMMARISE_HOW(si_m->ra_how, si_m->ra_off,
2142                                ctxs->reg[ctx->ra_reg] );
2143    SUMMARISE_HOW(si_m->bp_how, si_m->bp_off,
2144                                ctxs->reg[FP_REG] );
2145 
2146    /* on x86/amd64, it seems the old %{e,r}sp value before the call is
2147       always the same as the CFA.  Therefore ... */
2148    si_m->sp_how = CFIR_CFAREL;
2149    si_m->sp_off = 0;
2150 
2151    /* also, gcc says "Undef" for %{e,r}bp when it is unchanged.  So
2152       .. */
2153    if (ctxs->reg[FP_REG].tag == RR_Undef)
2154       si_m->bp_how = CFIR_SAME;
2155 
2156    /* knock out some obviously stupid cases */
2157    if (si_m->ra_how == CFIR_SAME)
2158       { why = 3; goto failed; }
2159 
2160    /* bogus looking range?  Note, we require that the difference is
2161       representable in 32 bits. */
2162    if (loc_start >= ctx->loc)
2163       { why = 4; goto failed; }
2164    if (ctx->loc - loc_start > 10000000 /* let's say */)
2165       { why = 5; goto failed; }
2166 
2167    *base = loc_start + ctx->initloc;
2168    *len  = (UInt)(ctx->loc - loc_start);
2169 
2170    return True;
2171 
2172 #  elif defined(VGA_arm)
2173 
2174    /* ---- entire tail of this fn specialised for arm ---- */
2175 
2176    SUMMARISE_HOW(si_m->r14_how, si_m->r14_off,
2177                                 ctxs->reg[14] );
2178 
2179    //SUMMARISE_HOW(si_m->r13_how, si_m->r13_off,
2180    //                             ctxs->reg[13] );
2181 
2182    SUMMARISE_HOW(si_m->r12_how, si_m->r12_off,
2183                                 ctxs->reg[FP_REG] );
2184 
2185    SUMMARISE_HOW(si_m->r11_how, si_m->r11_off,
2186                                 ctxs->reg[11/*FP_REG*/] );
2187 
2188    SUMMARISE_HOW(si_m->r7_how, si_m->r7_off,
2189                                ctxs->reg[7] );
2190 
2191    if (ctxs->reg[14/*LR*/].tag == RR_Same
2192        && ctx->ra_reg == 14/*as we expect it always to be*/) {
2193       /* Generate a trivial CfiExpr, which merely says "r14".  First
2194          ensure this DebugInfo has a cfsi_expr array in which to park
2195          it. */
2196       if (!debuginfo->cfsi_exprs)
2197          debuginfo->cfsi_exprs = VG_(newXA)( ML_(dinfo_zalloc),
2198                                              "di.ccCt.2a",
2199                                              ML_(dinfo_free),
2200                                              sizeof(CfiExpr) );
2201       si_m->ra_off = ML_(CfiExpr_CfiReg)( debuginfo->cfsi_exprs,
2202                                          Creg_ARM_R14);
2203       si_m->ra_how = CFIR_EXPR;
2204    } else {
2205       /* Just summarise it in the normal way */
2206       SUMMARISE_HOW(si_m->ra_how, si_m->ra_off,
2207                                   ctxs->reg[ctx->ra_reg] );
2208    }
2209 
2210    /* on arm, it seems the old r13 (SP) value before the call is
2211       always the same as the CFA.  Therefore ... */
2212    si_m->r13_how = CFIR_CFAREL;
2213    si_m->r13_off = 0;
2214 
2215    /* bogus looking range?  Note, we require that the difference is
2216       representable in 32 bits. */
2217    if (loc_start >= ctx->loc)
2218       { why = 4; goto failed; }
2219    if (ctx->loc - loc_start > 10000000 /* let's say */)
2220       { why = 5; goto failed; }
2221 
2222    *base = loc_start + ctx->initloc;
2223    *len  = (UInt)(ctx->loc - loc_start);
2224 
2225    return True;
2226 
2227 #  elif defined(VGA_arm64)
2228 
2229    /* --- entire tail of this fn specialised for arm64 --- */
2230 
2231    SUMMARISE_HOW(si_m->x30_how, si_m->x30_off, ctxs->reg[30/*LR*/]);
2232    SUMMARISE_HOW(si_m->x29_how, si_m->x29_off, ctxs->reg[29/*FP*/]);
2233 
2234    if (ctxs->reg[30/*LR*/].tag == RR_Same
2235        && ctx->ra_reg == 30/*as we expect it always to be*/) {
2236       /* Generate a trivial CfiExpr, which merely says "x30".  First
2237          ensure this DebugInfo has a cfsi_expr array in which to park
2238          it. */
2239       if (!debuginfo->cfsi_exprs)
2240          debuginfo->cfsi_exprs = VG_(newXA)( ML_(dinfo_zalloc),
2241                                              "di.ccCt.2a-arm64",
2242                                              ML_(dinfo_free),
2243                                              sizeof(CfiExpr) );
2244       si_m->ra_off = ML_(CfiExpr_CfiReg)( debuginfo->cfsi_exprs,
2245                                           Creg_ARM64_X30);
2246       si_m->ra_how = CFIR_EXPR;
2247    } else {
2248       /* Just summarise it in the normal way */
2249       SUMMARISE_HOW(si_m->ra_how, si_m->ra_off, ctxs->reg[ctx->ra_reg]);
2250    }
2251 
2252    /* on arm64, it seems the old SP value before the call is always
2253       the same as the CFA.  Therefore ... */
2254    si_m->sp_how = CFIR_CFAREL;
2255    si_m->sp_off = 0;
2256 
2257    /* bogus looking range?  Note, we require that the difference is
2258       representable in 32 bits. */
2259    if (loc_start >= ctx->loc)
2260       { why = 4; goto failed; }
2261    if (ctx->loc - loc_start > 10000000 /* let's say */)
2262       { why = 5; goto failed; }
2263 
2264    *base = loc_start + ctx->initloc;
2265    *len  = (UInt)(ctx->loc - loc_start);
2266 
2267    return True;
2268 
2269 #  elif defined(VGA_s390x)
2270 
2271    /* --- entire tail of this fn specialised for s390 --- */
2272 
2273    SUMMARISE_HOW(si_m->ra_how, si_m->ra_off,
2274                                ctxs->reg[ctx->ra_reg] );
2275    SUMMARISE_HOW(si_m->fp_how, si_m->fp_off,
2276                                ctxs->reg[FP_REG] );
2277    SUMMARISE_HOW(si_m->sp_how, si_m->sp_off,
2278                                ctxs->reg[SP_REG] );
2279 
2280    /* change some defaults to consumable values */
2281    if (si_m->sp_how == CFIR_UNKNOWN)
2282       si_m->sp_how = CFIR_SAME;
2283 
2284    if (si_m->fp_how == CFIR_UNKNOWN)
2285       si_m->fp_how = CFIR_SAME;
2286 
2287    if (si_m->cfa_how == CFIR_UNKNOWN) {
2288       si_m->cfa_how = CFIC_IA_SPREL;
2289       si_m->cfa_off = 160;
2290    }
2291    if (si_m->ra_how == CFIR_UNKNOWN) {
2292       if (!debuginfo->cfsi_exprs)
2293          debuginfo->cfsi_exprs = VG_(newXA)( ML_(dinfo_zalloc),
2294                                              "di.ccCt.2a",
2295                                              ML_(dinfo_free),
2296                                              sizeof(CfiExpr) );
2297       si_m->ra_how = CFIR_EXPR;
2298       si_m->ra_off = ML_(CfiExpr_CfiReg)( debuginfo->cfsi_exprs,
2299                                           Creg_S390_LR);
2300    }
2301 
2302    /* knock out some obviously stupid cases */
2303    if (si_m->ra_how == CFIR_SAME)
2304       { why = 3; goto failed; }
2305 
2306    /* bogus looking range?  Note, we require that the difference is
2307       representable in 32 bits. */
2308    if (loc_start >= ctx->loc)
2309       { why = 4; goto failed; }
2310    if (ctx->loc - loc_start > 10000000 /* let's say */)
2311       { why = 5; goto failed; }
2312 
2313    *base = loc_start + ctx->initloc;
2314    *len  = (UInt)(ctx->loc - loc_start);
2315 
2316    return True;
2317 
2318 #  elif defined(VGA_mips32) || defined(VGA_mips64)
2319 
2320    /* --- entire tail of this fn specialised for mips --- */
2321 
2322    SUMMARISE_HOW(si_m->ra_how, si_m->ra_off,
2323                                ctxs->reg[ctx->ra_reg] );
2324    SUMMARISE_HOW(si_m->fp_how, si_m->fp_off,
2325                                ctxs->reg[FP_REG] );
2326    SUMMARISE_HOW(si_m->sp_how, si_m->sp_off,
2327                                ctxs->reg[SP_REG] );
2328    si_m->sp_how = CFIR_CFAREL;
2329    si_m->sp_off = 0;
2330 
2331    if (si_m->fp_how == CFIR_UNKNOWN)
2332        si_m->fp_how = CFIR_SAME;
2333    if (si_m->cfa_how == CFIR_UNKNOWN) {
2334       si_m->cfa_how = CFIC_IA_SPREL;
2335       si_m->cfa_off = 160;
2336    }
2337    if (si_m->ra_how == CFIR_UNKNOWN) {
2338       if (!debuginfo->cfsi_exprs)
2339          debuginfo->cfsi_exprs = VG_(newXA)( ML_(dinfo_zalloc),
2340                                              "di.ccCt.2a",
2341                                              ML_(dinfo_free),
2342                                              sizeof(CfiExpr) );
2343       si_m->ra_how = CFIR_EXPR;
2344       si_m->ra_off = ML_(CfiExpr_CfiReg)( debuginfo->cfsi_exprs,
2345                                           Creg_MIPS_RA);
2346    }
2347 
2348    if (si_m->ra_how == CFIR_SAME)
2349       { why = 3; goto failed; }
2350 
2351    if (loc_start >= ctx->loc)
2352       { why = 4; goto failed; }
2353    if (ctx->loc - loc_start > 10000000 /* let's say */)
2354       { why = 5; goto failed; }
2355 
2356    *base = loc_start + ctx->initloc;
2357    *len  = (UInt)(ctx->loc - loc_start);
2358 
2359    return True;
2360 #  elif defined(VGA_ppc32) || defined(VGA_ppc64be) || defined(VGA_ppc64le)
2361    /* These don't use CFI based unwinding (is that really true?) */
2362 
2363 #  else
2364 #    error "Unknown arch"
2365 #  endif
2366 
2367    /* --- non-specialised code after this point --- */
2368 
2369 #  undef SUMMARISE_HOW
2370 
2371   failed:
2372    if (VG_(clo_verbosity) > 2 || debuginfo->trace_cfi) {
2373       VG_(message)(Vg_DebugMsg,
2374                   "summarise_context(loc_start = %#lx)"
2375                   ": cannot summarise(why=%d):   \n", loc_start, why);
2376       ppUnwindContext(ctx);
2377    }
2378    return False;
2379 }
2380 
2381 /* Copy the tree rooted at srcuc->exprs node srcix to dstxa, on the
2382    way converting any DwReg regs (regs numbered using the Dwarf scheme
2383    defined by each architecture's ABI) into CfiRegs, which are
2384    platform independent.  If the conversion isn't possible because
2385    there is no equivalent register, return -1.  This has the
2386    undesirable side effect of de-dagifying the input; oh well. */
copy_convert_CfiExpr_tree(XArray * dstxa,const UnwindContext * srcuc,Int srcix)2387 static Int copy_convert_CfiExpr_tree ( XArray*        dstxa,
2388                                        const UnwindContext* srcuc,
2389                                        Int            srcix )
2390 {
2391    CfiExpr* src;
2392    Int      cpL, cpR, cpA;
2393    XArray*  srcxa = srcuc->exprs;
2394    vg_assert(srcxa);
2395    vg_assert(dstxa);
2396    vg_assert(srcix >= 0 && srcix < VG_(sizeXA)(srcxa));
2397 
2398    src = VG_(indexXA)( srcxa, srcix );
2399    switch (src->tag) {
2400       case Cex_Undef:
2401          return ML_(CfiExpr_Undef)( dstxa );
2402       case Cex_Deref:
2403          cpA = copy_convert_CfiExpr_tree( dstxa, srcuc, src->Cex.Deref.ixAddr );
2404          if (cpA == -1)
2405             return -1; /* propagate failure */
2406          return ML_(CfiExpr_Deref)( dstxa, cpA );
2407       case Cex_Const:
2408          return ML_(CfiExpr_Const)( dstxa, src->Cex.Const.con );
2409       case Cex_Binop:
2410          cpL = copy_convert_CfiExpr_tree( dstxa, srcuc, src->Cex.Binop.ixL );
2411          cpR = copy_convert_CfiExpr_tree( dstxa, srcuc, src->Cex.Binop.ixR );
2412          vg_assert(cpL >= -1 && cpR >= -1);
2413          if (cpL == -1 || cpR == -1)
2414             return -1; /* propagate failure */
2415          return ML_(CfiExpr_Binop)( dstxa, src->Cex.Binop.op, cpL, cpR );
2416       case Cex_CfiReg:
2417          /* should not see these in input (are created only by this
2418             conversion step!) */
2419          VG_(core_panic)("copy_convert_CfiExpr_tree: CfiReg in input");
2420       case Cex_DwReg: {
2421          /* This is the only place where the conversion can fail. */
2422          Int dwreg __attribute__((unused));
2423          dwreg = src->Cex.DwReg.reg;
2424 #        if defined(VGA_x86) || defined(VGA_amd64)
2425          if (dwreg == SP_REG)
2426             return ML_(CfiExpr_CfiReg)( dstxa, Creg_IA_SP );
2427          if (dwreg == FP_REG)
2428             return ML_(CfiExpr_CfiReg)( dstxa, Creg_IA_BP );
2429          if (dwreg == srcuc->ra_reg)
2430             return ML_(CfiExpr_CfiReg)( dstxa, Creg_IA_IP ); /* correct? */
2431 #        elif defined(VGA_arm)
2432          if (dwreg == SP_REG)
2433             return ML_(CfiExpr_CfiReg)( dstxa, Creg_ARM_R13 );
2434          if (dwreg == FP_REG)
2435             return ML_(CfiExpr_CfiReg)( dstxa, Creg_ARM_R12 );
2436          if (dwreg == srcuc->ra_reg)
2437            return ML_(CfiExpr_CfiReg)( dstxa, Creg_ARM_R15 ); /* correct? */
2438 #        elif defined(VGA_s390x)
2439          if (dwreg == SP_REG)
2440             return ML_(CfiExpr_CfiReg)( dstxa, Creg_S390_SP );
2441          if (dwreg == FP_REG)
2442             return ML_(CfiExpr_CfiReg)( dstxa, Creg_S390_FP );
2443          if (dwreg == srcuc->ra_reg)
2444             return ML_(CfiExpr_CfiReg)( dstxa, Creg_S390_IA );
2445 #        elif defined(VGA_mips32) || defined(VGA_mips64)
2446          if (dwreg == SP_REG)
2447             return ML_(CfiExpr_CfiReg)( dstxa, Creg_IA_SP );
2448          if (dwreg == FP_REG)
2449             return ML_(CfiExpr_CfiReg)( dstxa, Creg_IA_BP );
2450          if (dwreg == srcuc->ra_reg)
2451             return ML_(CfiExpr_CfiReg)( dstxa, Creg_IA_IP );
2452 #        elif defined(VGA_arm64)
2453          I_die_here;
2454 #        elif defined(VGA_ppc32) || defined(VGA_ppc64be) \
2455             || defined(VGA_ppc64le)
2456 #        else
2457 #           error "Unknown arch"
2458 #        endif
2459          /* else we must fail - can't represent the reg */
2460          return -1;
2461       }
2462       default:
2463          VG_(core_panic)("copy_convert_CfiExpr_tree: default");
2464    }
2465 }
2466 
2467 
ppUnwindContext_summary(const UnwindContext * ctx)2468 static void ppUnwindContext_summary ( const UnwindContext* ctx )
2469 {
2470    const struct UnwindContextState* ctxs = &ctx->state[ctx->state_sp];
2471 
2472    VG_(printf)("0x%llx-1: ", (ULong)ctx->loc);
2473 
2474    if (ctxs->cfa_reg == SP_REG) {
2475       VG_(printf)("SP/CFA=%d+SP   ", ctxs->cfa_off);
2476    } else
2477    if (ctxs->cfa_reg == FP_REG) {
2478       VG_(printf)("SP/CFA=%d+FP   ", ctxs->cfa_off);
2479    } else {
2480       VG_(printf)("SP/CFA=unknown  ");
2481    }
2482 
2483    VG_(printf)("RA=");
2484    ppRegRule( ctx->exprs, &ctxs->reg[ctx->ra_reg] );
2485 
2486    VG_(printf)("FP=");
2487    ppRegRule( ctx->exprs, &ctxs->reg[FP_REG] );
2488    VG_(printf)("\n");
2489 }
2490 
2491 
2492 /* ------------ Pick apart DWARF2 byte streams ------------ */
2493 
step_le_u_encoded_literal(DiCursor * data,UInt size)2494 static ULong step_le_u_encoded_literal ( DiCursor* data, UInt size )
2495 {
2496    switch (size) {
2497       case 8:  return (ULong)ML_(cur_step_ULong)( data );
2498       case 4:  return (ULong)ML_(cur_step_UInt)( data );
2499       case 2:  return (ULong)ML_(cur_step_UShort)( data );
2500       case 1:  return (ULong)ML_(cur_step_UChar)( data );
2501       default: vg_assert(0); /*NOTREACHED*/ return 0;
2502    }
2503 }
2504 
step_le_s_encoded_literal(DiCursor * data,UInt size)2505 static Long step_le_s_encoded_literal ( DiCursor* data, UInt size )
2506 {
2507    ULong u64 = step_le_u_encoded_literal( data, size );
2508    Long s64;
2509    switch (size) {
2510       case 8:  s64 = u64; break;
2511       case 4:  s64 = u64 << 32; s64 >>= 32; break;
2512       case 2:  s64 = u64 << 48; s64 >>= 48; break;
2513       case 1:  s64 = u64 << 56; s64 >>= 56; break;
2514       default: vg_assert(0); /*NOTREACHED*/ return 0;
2515    }
2516    return s64;
2517 }
2518 
default_Addr_encoding(void)2519 static UChar default_Addr_encoding ( void )
2520 {
2521    switch (sizeof(Addr)) {
2522       case 4: return DW_EH_PE_udata4;
2523       case 8: return DW_EH_PE_udata8;
2524       default: vg_assert(0);
2525    }
2526 }
2527 
size_of_encoded_Addr(UChar encoding)2528 static UInt size_of_encoded_Addr ( UChar encoding )
2529 {
2530    if (encoding == DW_EH_PE_omit)
2531       return 0;
2532 
2533    switch (encoding & 0x07) {
2534       case DW_EH_PE_absptr: return sizeof(Addr);
2535       case DW_EH_PE_udata2: return sizeof(UShort);
2536       case DW_EH_PE_udata4: return sizeof(UInt);
2537       case DW_EH_PE_udata8: return sizeof(ULong);
2538       default: vg_assert(0);
2539    }
2540 }
2541 
step_encoded_Addr(const AddressDecodingInfo * adi,DiCursor * data)2542 static Addr step_encoded_Addr ( const AddressDecodingInfo* adi,
2543                                 /*MOD*/DiCursor* data )
2544 {
2545    /* Regarding the handling of DW_EH_PE_absptr.  DWARF3 says this
2546       denotes an absolute address, hence you would think 'base' is
2547       zero.  However, that is nonsensical (unless relocations are to
2548       be applied to the unwind data before reading it, which sounds
2549       unlikely).  My interpretation is that DW_EH_PE_absptr indicates
2550       an address relative to where the object was loaded (technically,
2551       relative to its stated load VMA, hence the use of text_bias
2552       rather than text_avma).  Hmm, should we use text_bias or
2553       text_avma here?  Not sure.
2554 
2555       This view appears to be supported by DWARF3 spec sec 7.3
2556       "Executable Objects and Shared Objects":
2557 
2558          This requirement makes the debugging information for shared
2559          objects position independent.  Virtual addresses in a shared
2560          object may be calculated by adding the offset to the base
2561          address at which the object was attached.  This offset is
2562          available in the run-time linker's data structures.
2563    */
2564    Addr     base;
2565    Word     offset;
2566    UChar    encoding      = adi->encoding;
2567    DiCursor ehframe_image = adi->ehframe_image;
2568    Addr     ehframe_avma  = adi->ehframe_avma;
2569    Addr     got_avma      = adi->got_avma;
2570 
2571    vg_assert((encoding & DW_EH_PE_indirect) == 0);
2572 
2573    switch (encoding & 0x70) {
2574       case DW_EH_PE_absptr:
2575          base = adi->text_bias;
2576          break;
2577       case DW_EH_PE_pcrel:
2578          base = ehframe_avma + ML_(cur_minus)(*data, ehframe_image);
2579          break;
2580       case DW_EH_PE_datarel:
2581          base = got_avma;
2582          break;
2583       case DW_EH_PE_textrel:
2584          vg_assert(0);
2585          base = /* text base address */ 0;
2586          break;
2587       case DW_EH_PE_funcrel:
2588          base = 0;
2589          break;
2590       case DW_EH_PE_aligned:
2591          base = 0;
2592          offset = ML_(cur_minus)(*data, ehframe_image);
2593          if ((offset % sizeof(Addr)) != 0) {
2594             Word nbytes = sizeof(Addr) - (offset % sizeof(Addr));
2595             *data = ML_(cur_plus)(*data, nbytes);
2596          }
2597          break;
2598       default:
2599          vg_assert(0);
2600    }
2601 
2602    if ((encoding & 0x07) == 0x00)
2603       encoding |= default_Addr_encoding();
2604 
2605    switch (encoding & 0x0f) {
2606       case DW_EH_PE_udata2:
2607          return base + ML_(cur_step_UShort)(data);
2608       case DW_EH_PE_udata4:
2609          return base + ML_(cur_step_UInt)(data);
2610       case DW_EH_PE_udata8:
2611          return base + ML_(cur_step_ULong)(data);
2612       case DW_EH_PE_sdata2:
2613          return base + ML_(cur_step_Short)(data);
2614       case DW_EH_PE_sdata4:
2615          return base + ML_(cur_step_Int)(data);
2616       case DW_EH_PE_sdata8:
2617          return base + ML_(cur_step_Long)(data);
2618       default:
2619          vg_assert2(0, "read encoded address %d\n", encoding & 0x0f);
2620    }
2621 }
2622 
2623 
2624 /* ------------ Run/show DWARF3 expressions ---------- */
2625 
2626 /* Convert the DWARF3 expression in expr[0 .. exprlen-1] into a dag
2627    (of CfiExprs) stored in ctx->exprs, and return the index in
2628    ctx->exprs of the root node.  Or fail in which case return -1. */
2629 /* IMPORTANT: when adding expression forms here, also remember to
2630    add suitable evaluation code in evalCfiExpr in debuginfo.c. */
dwarfexpr_to_dag(const UnwindContext * ctx,DiCursor expr,Int exprlen,Bool push_cfa_at_start,Bool ddump_frames)2631 static Int dwarfexpr_to_dag ( const UnwindContext* ctx,
2632                               DiCursor expr, Int exprlen,
2633                               Bool push_cfa_at_start,
2634                               Bool ddump_frames )
2635 {
2636 #  define N_EXPR_STACK 20
2637 
2638 #  define PUSH(_arg)                               \
2639       do {                                         \
2640          vg_assert(sp >= -1 && sp < N_EXPR_STACK); \
2641          if (sp == N_EXPR_STACK-1)                 \
2642             return -1;                             \
2643          sp++;                                     \
2644          stack[sp] = (_arg);                       \
2645       } while (0)
2646 
2647 #  define POP(_lval)                               \
2648       do {                                         \
2649          vg_assert(sp >= -1 && sp < N_EXPR_STACK); \
2650          if (sp == -1)                             \
2651             return -1;                             \
2652          _lval = stack[sp];                        \
2653          sp--;                                     \
2654       } while (0)
2655 
2656    Int      ix, ix2, reg;
2657    UChar    opcode;
2658    Word     sw;
2659    UWord    uw;
2660    CfiUnop  uop;
2661    CfiBinop bop;
2662    const HChar* opname;
2663 
2664    Int sp; /* # of top element: valid is -1 .. N_EXPR_STACK-1 */
2665    Int stack[N_EXPR_STACK];  /* indices into ctx->exprs */
2666    const struct UnwindContextState* ctxs = &ctx->state[ctx->state_sp];
2667 
2668    XArray*  dst   = ctx->exprs;
2669    DiCursor limit = ML_(cur_plus)(expr, exprlen);
2670 
2671    vg_assert(dst);
2672    vg_assert(exprlen >= 0);
2673 
2674    sp = -1; /* empty */
2675 
2676    /* Synthesise the CFA as a CfiExpr */
2677    if (push_cfa_at_start) {
2678       if (ctxs->cfa_is_regoff) {
2679          /* cfa is reg +/- offset */
2680          ix = ML_(CfiExpr_Binop)( dst,
2681                  Cbinop_Add,
2682                  ML_(CfiExpr_DwReg)( dst, ctxs->cfa_reg ),
2683                  ML_(CfiExpr_Const)( dst, (UWord)(Word)ctxs->cfa_off )
2684               );
2685          PUSH(ix);
2686       } else {
2687          /* CFA is already an expr; use its root node */
2688          PUSH(ctxs->cfa_expr_ix);
2689       }
2690    }
2691 
2692    while (True) {
2693 
2694       vg_assert(sp >= -1 && sp < N_EXPR_STACK);
2695 
2696       if (ML_(cur_cmpGT)(expr, limit)) /* "expr > limit" */
2697          return -1;  /* overrun - something's wrong */
2698 
2699       if (ML_(cur_cmpEQ)(expr, limit)) { /* "expr == limit" */
2700         /* end of expr - return expr on the top of stack. */
2701         if (sp == -1)
2702            return -1; /* stack empty.  Bad. */
2703         else
2704            break;
2705       }
2706 
2707       uop = 0; bop = 0; opname = NULL; /* excessively conservative */
2708 
2709       opcode = ML_(cur_step_UChar)(&expr);
2710       switch (opcode) {
2711 
2712          case DW_OP_lit0 ... DW_OP_lit31:
2713             /* push: literal 0 .. 31 */
2714             sw = (Word)opcode - (Word)DW_OP_lit0;
2715             vg_assert(sw >= 0 && sw <= 31);
2716             PUSH( ML_(CfiExpr_Const)( dst, (UWord)sw ) );
2717             if (ddump_frames)
2718                VG_(printf)("DW_OP_lit%ld", sw);
2719             break;
2720 
2721          case DW_OP_breg0 ... DW_OP_breg31:
2722             /* push: reg + sleb128 */
2723             reg = (Int)opcode - (Int)DW_OP_breg0;
2724             vg_assert(reg >= 0 && reg <= 31);
2725             sw = step_leb128S( &expr );
2726             ix = ML_(CfiExpr_Binop)( dst,
2727                     Cbinop_Add,
2728                     ML_(CfiExpr_DwReg)( dst, reg ),
2729                     ML_(CfiExpr_Const)( dst, (UWord)sw )
2730                  );
2731             PUSH(ix);
2732             if (ddump_frames)
2733                VG_(printf)("DW_OP_breg%d: %ld", reg, sw);
2734             break;
2735 
2736          case DW_OP_reg0 ... DW_OP_reg31:
2737             /* push: reg */
2738             reg = (Int)opcode - (Int)DW_OP_reg0;
2739             vg_assert(reg >= 0 && reg <= 31);
2740             ix = ML_(CfiExpr_DwReg)( dst, reg );
2741             PUSH(ix);
2742             if (ddump_frames)
2743                VG_(printf)("DW_OP_reg%d", reg);
2744             break;
2745 
2746          case DW_OP_plus_uconst:
2747             uw = step_leb128U( &expr );
2748             PUSH( ML_(CfiExpr_Const)( dst, uw ) );
2749             POP( ix );
2750             POP( ix2 );
2751             PUSH( ML_(CfiExpr_Binop)( dst, Cbinop_Add, ix2, ix ) );
2752             if (ddump_frames)
2753                VG_(printf)("DW_OP_plus_uconst: %lu", uw);
2754             break;
2755 
2756          case DW_OP_const4s:
2757             /* push: 32-bit signed immediate */
2758             sw = step_le_s_encoded_literal( &expr, 4 );
2759             PUSH( ML_(CfiExpr_Const)( dst, (UWord)sw ) );
2760             if (ddump_frames)
2761                VG_(printf)("DW_OP_const4s: %ld", sw);
2762             break;
2763 
2764          case DW_OP_const2s:
2765             /* push: 16-bit signed immediate */
2766             sw = step_le_s_encoded_literal( &expr, 2 );
2767             PUSH( ML_(CfiExpr_Const)( dst, (UWord)sw ) );
2768             if (ddump_frames)
2769                VG_(printf)("DW_OP_const2s: %ld", sw);
2770             break;
2771 
2772          case DW_OP_const1s:
2773             /* push: 8-bit signed immediate */
2774             sw = step_le_s_encoded_literal( &expr, 1 );
2775             PUSH( ML_(CfiExpr_Const)( dst, (UWord)sw ) );
2776             if (ddump_frames)
2777                VG_(printf)("DW_OP_const1s: %ld", sw);
2778             break;
2779 
2780          case DW_OP_const1u:
2781             /* push: 8-bit unsigned immediate */
2782             uw = step_le_u_encoded_literal( &expr, 1 );
2783             PUSH( ML_(CfiExpr_Const)( dst, uw ) );
2784             if (ddump_frames)
2785                VG_(printf)("DW_OP_const1: %lu", uw);
2786             break;
2787 
2788          case DW_OP_const2u:
2789             /* push: 16-bit unsigned immediate */
2790             uw = step_le_u_encoded_literal( &expr, 2 );
2791             PUSH( ML_(CfiExpr_Const)( dst, uw ) );
2792             if (ddump_frames)
2793                VG_(printf)("DW_OP_const2: %lu", uw);
2794             break;
2795 
2796          case DW_OP_const4u:
2797             /* push: 32-bit unsigned immediate */
2798             uw = step_le_u_encoded_literal( &expr, 4 );
2799             PUSH( ML_(CfiExpr_Const)( dst, uw ) );
2800             if (ddump_frames)
2801                VG_(printf)("DW_OP_const4: %lu", uw);
2802             break;
2803 
2804          case DW_OP_abs:
2805             uop = Cunop_Abs; opname = "abs"; goto unop;
2806          case DW_OP_neg:
2807             uop = Cunop_Neg; opname = "neg"; goto unop;
2808          case DW_OP_not:
2809             uop = Cunop_Not; opname = "not"; goto unop;
2810          unop:
2811             POP( ix );
2812             PUSH( ML_(CfiExpr_Unop)( dst, uop, ix ) );
2813             if (ddump_frames)
2814                VG_(printf)("DW_OP_%s", opname);
2815             break;
2816 
2817          case DW_OP_minus:
2818             bop = Cbinop_Sub; opname = "minus"; goto binop;
2819          case DW_OP_plus:
2820             bop = Cbinop_Add; opname = "plus"; goto binop;
2821          case DW_OP_and:
2822             bop = Cbinop_And; opname = "and"; goto binop;
2823          case DW_OP_mul:
2824             bop = Cbinop_Mul; opname = "mul"; goto binop;
2825          case DW_OP_shl:
2826             bop = Cbinop_Shl; opname = "shl"; goto binop;
2827          case DW_OP_shr:
2828             bop = Cbinop_Shr; opname = "shr"; goto binop;
2829          case DW_OP_eq:
2830             bop = Cbinop_Eq; opname = "eq"; goto binop;
2831          case DW_OP_ge:
2832             bop = Cbinop_Ge; opname = "ge"; goto binop;
2833          case DW_OP_gt:
2834             bop = Cbinop_Gt; opname = "gt"; goto binop;
2835          case DW_OP_le:
2836             bop = Cbinop_Le; opname = "le"; goto binop;
2837          case DW_OP_lt:
2838             bop = Cbinop_Lt; opname = "lt"; goto binop;
2839          case DW_OP_ne:
2840             bop = Cbinop_Ne; opname = "ne"; goto binop;
2841          binop:
2842             POP( ix );
2843             POP( ix2 );
2844             PUSH( ML_(CfiExpr_Binop)( dst, bop, ix2, ix ) );
2845             if (ddump_frames)
2846                VG_(printf)("DW_OP_%s", opname);
2847             break;
2848 
2849          case DW_OP_deref:
2850             POP( ix );
2851             PUSH( ML_(CfiExpr_Deref)( dst, ix ) );
2852             if (ddump_frames)
2853                VG_(printf)("DW_OP_deref");
2854             break;
2855 
2856          default:
2857             if (!VG_(clo_xml))
2858                VG_(message)(Vg_DebugMsg,
2859                             "Warning: DWARF2 CFI reader: unhandled DW_OP_ "
2860                             "opcode 0x%x\n", (Int)opcode);
2861             return -1;
2862       }
2863 
2864       if (ML_(cur_cmpLT)(expr, limit) && ddump_frames)
2865          VG_(printf)("; ");
2866 
2867    }
2868 
2869    vg_assert(sp >= -1 && sp < N_EXPR_STACK);
2870    if (sp == -1)
2871       return -1;
2872 
2873    if (0 && ddump_frames)
2874       ML_(ppCfiExpr)( dst, stack[sp] );
2875    return stack[sp];
2876 
2877 #  undef POP
2878 #  undef PUSH
2879 #  undef N_EXPR_STACK
2880 }
2881 
2882 
2883 /* ------------ Run/show CFI instructions ------------ */
2884 
2885 /* Run a CFI instruction, and also return its length.
2886    Returns 0 if the instruction could not be executed.
2887 */
run_CF_instruction(UnwindContext * ctx,DiCursor instrIN,const UnwindContext * restore_ctx,const AddressDecodingInfo * adi,const DebugInfo * di)2888 static Int run_CF_instruction ( /*MOD*/UnwindContext* ctx,
2889                                 DiCursor instrIN,
2890                                 const UnwindContext* restore_ctx,
2891                                 const AddressDecodingInfo* adi,
2892                                 const DebugInfo* di )
2893 {
2894    Int      off, reg, reg2, len, j;
2895    UInt     delta;
2896    Addr     printing_bias = ((Addr)ctx->initloc) - ((Addr)di->text_bias);
2897    struct UnwindContextState* ctxs;
2898 
2899    DiCursor instr   = instrIN;
2900    UChar    instr_0 = ML_(cur_step_UChar)(&instr);
2901    UChar    hi2     = (instr_0 >> 6) & 3;
2902    UChar    lo6     = instr_0 & 0x3F;
2903 
2904    if (ctx->state_sp < 0 || ctx->state_sp >= N_RR_STACK)
2905       return 0; /* bogus reg-rule stack pointer */
2906 
2907    ctxs = &ctx->state[ctx->state_sp];
2908    if (hi2 == DW_CFA_advance_loc) {
2909       delta = (UInt)lo6;
2910       delta *= ctx->code_a_f;
2911       ctx->loc += delta;
2912       if (di->ddump_frames)
2913          VG_(printf)("  DW_CFA_advance_loc: %d to %08lx\n",
2914                      (Int)delta, (Addr)ctx->loc + printing_bias);
2915       return ML_(cur_minus)(instr, instrIN);
2916    }
2917 
2918    if (hi2 == DW_CFA_offset) {
2919       /* Set rule for reg 'lo6' to CFAOff(off * data_af) */
2920       off = step_leb128( &instr, 0 );
2921       reg = (Int)lo6;
2922       if (reg < 0 || reg >= N_CFI_REGS)
2923          return 0; /* fail */
2924       ctxs->reg[reg].tag = RR_CFAOff;
2925       ctxs->reg[reg].arg = off * ctx->data_a_f;
2926       if (di->ddump_frames)
2927          VG_(printf)("  DW_CFA_offset: r%d at cfa%s%d\n",
2928                      (Int)reg,
2929                      ctxs->reg[reg].arg < 0 ? "" : "+",
2930                      (Int)ctxs->reg[reg].arg );
2931       return ML_(cur_minus)(instr, instrIN);
2932    }
2933 
2934    if (hi2 == DW_CFA_restore) {
2935       reg = (Int)lo6;
2936       if (reg < 0 || reg >= N_CFI_REGS)
2937          return 0; /* fail */
2938       if (restore_ctx == NULL)
2939          return 0; /* fail */
2940       ctxs->reg[reg] = restore_ctx->state[restore_ctx->state_sp].reg[reg];
2941       if (di->ddump_frames)
2942          VG_(printf)("  DW_CFA_restore: r%d\n", (Int)reg);
2943       return ML_(cur_minus)(instr, instrIN);
2944    }
2945 
2946    vg_assert(hi2 == DW_CFA_use_secondary);
2947 
2948    switch (lo6) {
2949       case DW_CFA_nop:
2950          if (di->ddump_frames)
2951             VG_(printf)("  DW_CFA_nop\n");
2952          break;
2953       case DW_CFA_set_loc:
2954          /* WAS:
2955             ctx->loc = read_Addr(&instr[i]) - ctx->initloc; i+= sizeof(Addr);
2956             Was this ever right? */
2957          /* 2007 Feb 23: No.  binutils/dwarf.c treats it as an encoded
2958             address and that appears to be in accordance with the
2959             DWARF3 spec. */
2960          ctx->loc = step_encoded_Addr(adi, &instr);
2961          if (di->ddump_frames)
2962             VG_(printf)("  rci:DW_CFA_set_loc\n");
2963          break;
2964       case DW_CFA_advance_loc1:
2965          delta = (UInt)ML_(cur_step_UChar)(&instr);
2966          delta *= ctx->code_a_f;
2967          ctx->loc += delta;
2968          if (di->ddump_frames)
2969             VG_(printf)("  DW_CFA_advance_loc1: %d to %08lx\n",
2970                         (Int)delta, (Addr)ctx->loc + printing_bias);
2971          break;
2972       case DW_CFA_advance_loc2:
2973          delta = (UInt)ML_(cur_step_UShort)(&instr);
2974          delta *= ctx->code_a_f;
2975          ctx->loc += delta;
2976          if (di->ddump_frames)
2977             VG_(printf)("  DW_CFA_advance_loc2: %d to %08lx\n",
2978                         (Int)delta, (Addr)ctx->loc + printing_bias);
2979          break;
2980       case DW_CFA_advance_loc4:
2981          delta = (UInt)ML_(cur_step_UInt)(&instr);
2982          delta *= ctx->code_a_f;
2983          ctx->loc += delta;
2984          if (di->ddump_frames)
2985             VG_(printf)("  DW_CFA_advance_loc4: %d to %08lx\n",
2986                         (Int)delta, (Addr)ctx->loc + printing_bias);
2987          break;
2988 
2989       case DW_CFA_def_cfa:
2990          reg = step_leb128( &instr, 0 );
2991          off = step_leb128( &instr, 0 );
2992          if (reg < 0 || reg >= N_CFI_REGS)
2993             return 0; /* fail */
2994          ctxs->cfa_is_regoff = True;
2995          ctxs->cfa_expr_ix   = 0;
2996          ctxs->cfa_reg       = reg;
2997          ctxs->cfa_off       = off;
2998          if (di->ddump_frames)
2999             VG_(printf)("  DW_CFA_def_cfa: r%d ofs %d\n", (Int)reg, (Int)off);
3000          break;
3001 
3002       case DW_CFA_def_cfa_sf:
3003          reg = step_leb128( &instr, 0 );
3004          off = step_leb128( &instr, 1 );
3005          if (reg < 0 || reg >= N_CFI_REGS)
3006             return 0; /* fail */
3007          ctxs->cfa_is_regoff = True;
3008          ctxs->cfa_expr_ix   = 0;
3009          ctxs->cfa_reg       = reg;
3010          ctxs->cfa_off       = off * ctx->data_a_f;
3011          if (di->ddump_frames)
3012             VG_(printf)("  rci:DW_CFA_def_cfa_sf\n");
3013          break;
3014 
3015       case DW_CFA_register:
3016          reg  = step_leb128( &instr, 0 );
3017          reg2 = step_leb128( &instr, 0 );
3018          if (reg < 0 || reg >= N_CFI_REGS)
3019             return 0; /* fail */
3020          if (reg2 < 0 || reg2 >= N_CFI_REGS)
3021             return 0; /* fail */
3022          ctxs->reg[reg].tag = RR_Reg;
3023          ctxs->reg[reg].arg = reg2;
3024          if (di->ddump_frames)
3025             VG_(printf)("  DW_CFA_register: r%d in r%d\n",
3026                         (Int)reg, (Int)reg2);
3027          break;
3028 
3029       case DW_CFA_offset_extended:
3030          reg = step_leb128( &instr, 0 );
3031          off = step_leb128( &instr, 0 );
3032          if (reg < 0 || reg >= N_CFI_REGS)
3033             return 0; /* fail */
3034          ctxs->reg[reg].tag = RR_CFAOff;
3035          ctxs->reg[reg].arg = off * ctx->data_a_f;
3036          if (di->ddump_frames)
3037             VG_(printf)("  rci:DW_CFA_offset_extended\n");
3038          break;
3039 
3040       case DW_CFA_offset_extended_sf:
3041          reg = step_leb128( &instr, 0 );
3042          off = step_leb128( &instr, 1 );
3043          if (reg < 0 || reg >= N_CFI_REGS)
3044             return 0; /* fail */
3045          ctxs->reg[reg].tag = RR_CFAOff;
3046          ctxs->reg[reg].arg = off * ctx->data_a_f;
3047          if (di->ddump_frames)
3048             VG_(printf)("  DW_CFA_offset_extended_sf: r%d at cfa%s%d\n",
3049                         reg,
3050                         ctxs->reg[reg].arg < 0 ? "" : "+",
3051                         (Int)ctxs->reg[reg].arg);
3052          break;
3053 
3054       case DW_CFA_GNU_negative_offset_extended:
3055          reg = step_leb128( &instr, 0 );
3056          off = step_leb128( &instr, 0 );
3057          if (reg < 0 || reg >= N_CFI_REGS)
3058             return 0; /* fail */
3059          ctxs->reg[reg].tag = RR_CFAOff;
3060          ctxs->reg[reg].arg = (-off) * ctx->data_a_f;
3061          if (di->ddump_frames)
3062             VG_(printf)("  rci:DW_CFA_GNU_negative_offset_extended\n");
3063          break;
3064 
3065       case DW_CFA_restore_extended:
3066          reg = step_leb128( &instr, 0 );
3067          if (reg < 0 || reg >= N_CFI_REGS)
3068             return 0; /* fail */
3069 	 if (restore_ctx == NULL)
3070 	    return 0; /* fail */
3071 	 ctxs->reg[reg] = restore_ctx->state[restore_ctx->state_sp].reg[reg];
3072          if (di->ddump_frames)
3073             VG_(printf)("  rci:DW_CFA_restore_extended\n");
3074          break;
3075 
3076       case DW_CFA_val_offset:
3077          reg = step_leb128( &instr, 0 );
3078          off = step_leb128( &instr, 0 );
3079          if (reg < 0 || reg >= N_CFI_REGS)
3080             return 0; /* fail */
3081          ctxs->reg[reg].tag = RR_CFAValOff;
3082          ctxs->reg[reg].arg = off * ctx->data_a_f;
3083          if (di->ddump_frames)
3084             VG_(printf)("  rci:DW_CFA_val_offset\n");
3085          break;
3086 
3087       case DW_CFA_val_offset_sf:
3088          reg = step_leb128( &instr, 0 );
3089          off = step_leb128( &instr, 1 );
3090          if (reg < 0 || reg >= N_CFI_REGS)
3091             return 0; /* fail */
3092          ctxs->reg[reg].tag = RR_CFAValOff;
3093          ctxs->reg[reg].arg = off * ctx->data_a_f;
3094          if (di->ddump_frames)
3095             VG_(printf)("  rci:DW_CFA_val_offset_sf\n");
3096          break;
3097 
3098       case DW_CFA_def_cfa_register:
3099          reg = step_leb128( &instr, 0);
3100          if (reg < 0 || reg >= N_CFI_REGS)
3101             return 0; /* fail */
3102          ctxs->cfa_is_regoff = True;
3103          ctxs->cfa_expr_ix   = 0;
3104          ctxs->cfa_reg       = reg;
3105          /* ->cfa_off unchanged */
3106          if (di->ddump_frames)
3107             VG_(printf)("  DW_CFA_def_cfa_register: r%d\n", (Int)reg );
3108          break;
3109 
3110       case DW_CFA_def_cfa_offset:
3111          off = step_leb128( &instr, 0);
3112          ctxs->cfa_is_regoff = True;
3113          ctxs->cfa_expr_ix   = 0;
3114          /* ->reg is unchanged */
3115          ctxs->cfa_off       = off;
3116          if (di->ddump_frames)
3117             VG_(printf)("  DW_CFA_def_cfa_offset: %d\n", (Int)off);
3118          break;
3119 
3120       case DW_CFA_def_cfa_offset_sf:
3121          off = step_leb128( &instr, 1);
3122          ctxs->cfa_is_regoff = True;
3123          ctxs->cfa_expr_ix   = 0;
3124          /* ->reg is unchanged */
3125          ctxs->cfa_off       = off * ctx->data_a_f;
3126          if (di->ddump_frames)
3127             VG_(printf)("  DW_CFA_def_cfa_offset_sf: %d\n", ctxs->cfa_off);
3128          break;
3129 
3130       case DW_CFA_undefined:
3131          reg = step_leb128( &instr, 0);
3132          if (reg < 0 || reg >= N_CFI_REGS)
3133             return 0; /* fail */
3134          ctxs->reg[reg].tag = RR_Undef;
3135          ctxs->reg[reg].arg = 0;
3136          if (di->ddump_frames)
3137             VG_(printf)("  rci:DW_CFA_undefined\n");
3138          break;
3139 
3140       case DW_CFA_same_value:
3141          reg = step_leb128( &instr, 0);
3142          if (reg < 0 || reg >= N_CFI_REGS)
3143             return 0; /* fail */
3144          ctxs->reg[reg].tag = RR_Same;
3145          ctxs->reg[reg].arg = 0;
3146          if (di->ddump_frames)
3147             VG_(printf)("  rci:DW_CFA_same_value\n");
3148          break;
3149 
3150       case DW_CFA_GNU_args_size:
3151          /* No idea what is supposed to happen.  gdb-6.3 simply
3152             ignores these. */
3153          /*off = */ (void)step_leb128( &instr, 0 );
3154          if (di->ddump_frames)
3155             VG_(printf)("  rci:DW_CFA_GNU_args_size (ignored)\n");
3156          break;
3157 
3158       case DW_CFA_expression: {
3159          /* Identical to DW_CFA_val_expression except that the value
3160             computed is an address and so needs one final
3161             dereference. */
3162          DiCursor expr;
3163          reg = step_leb128( &instr, 0 );
3164          len = step_leb128( &instr, 0 );
3165          expr = instr;
3166          instr = ML_(cur_plus)(instr, len);
3167          if (reg < 0 || reg >= N_CFI_REGS)
3168             return 0; /* fail */
3169          if (di->ddump_frames)
3170             VG_(printf)("  DW_CFA_expression: r%d (",
3171                         (Int)reg);
3172          /* Convert the expression into a dag rooted at ctx->exprs index j,
3173             or fail. */
3174          j = dwarfexpr_to_dag ( ctx, expr, len, True/*push CFA at start*/,
3175                                 di->ddump_frames);
3176          if (di->ddump_frames)
3177             VG_(printf)(")\n");
3178          vg_assert(j >= -1);
3179          if (j >= 0) {
3180             vg_assert(ctx->exprs);
3181             vg_assert( j < VG_(sizeXA)(ctx->exprs) );
3182          }
3183          if (j == -1)
3184             return 0; /* fail */
3185          /* Add an extra dereference */
3186          j = ML_(CfiExpr_Deref)( ctx->exprs, j );
3187          ctxs->reg[reg].tag = RR_ValExpr;
3188          ctxs->reg[reg].arg = j;
3189          break;
3190       }
3191 
3192       case DW_CFA_val_expression: {
3193          DiCursor expr;
3194          reg = step_leb128( &instr, 0 );
3195          len = step_leb128( &instr, 0 );
3196          expr = instr;
3197          instr = ML_(cur_plus)(instr, len);
3198          if (reg < 0 || reg >= N_CFI_REGS)
3199             return 0; /* fail */
3200          if (di->ddump_frames)
3201             VG_(printf)("  DW_CFA_val_expression: r%d (",
3202                         (Int)reg);
3203          /* Convert the expression into a dag rooted at ctx->exprs index j,
3204             or fail. */
3205          j = dwarfexpr_to_dag ( ctx, expr, len, True/*push CFA at start*/,
3206                                 di->ddump_frames);
3207          if (di->ddump_frames)
3208             VG_(printf)(")\n");
3209          vg_assert(j >= -1);
3210          if (j >= 0) {
3211             vg_assert(ctx->exprs);
3212             vg_assert( j < VG_(sizeXA)(ctx->exprs) );
3213          }
3214          if (j == -1)
3215             return 0; /* fail */
3216          ctxs->reg[reg].tag = RR_ValExpr;
3217          ctxs->reg[reg].arg = j;
3218          break;
3219       }
3220 
3221       case DW_CFA_def_cfa_expression: {
3222          DiCursor expr;
3223          len = step_leb128( &instr, 0 );
3224          expr = instr;
3225          instr = ML_(cur_plus)(instr, len);
3226          if (di->ddump_frames)
3227             VG_(printf)("  DW_CFA_def_cfa_expression (");
3228          /* Convert the expression into a dag rooted at ctx->exprs index j,
3229             or fail. */
3230          j = dwarfexpr_to_dag ( ctx, expr, len, False/*!push CFA at start*/,
3231                                 di->ddump_frames);
3232          if (di->ddump_frames)
3233             VG_(printf)(")\n");
3234          ctxs->cfa_is_regoff = False;
3235          ctxs->cfa_reg       = 0;
3236          ctxs->cfa_off       = 0;
3237          ctxs->cfa_expr_ix   = j;
3238          break;
3239       }
3240 
3241       case DW_CFA_GNU_window_save:
3242          /* Ignored.  This appears to be sparc-specific; quite why it
3243             turns up in SuSE-supplied x86 .so's beats me. */
3244          if (di->ddump_frames)
3245             VG_(printf)("  DW_CFA_GNU_window_save\n");
3246          break;
3247 
3248       case DW_CFA_remember_state:
3249          if (di->ddump_frames)
3250             VG_(printf)("  DW_CFA_remember_state\n");
3251          /* we just checked this at entry, so: */
3252          vg_assert(ctx->state_sp >= 0 && ctx->state_sp < N_RR_STACK);
3253          ctx->state_sp++;
3254          if (ctx->state_sp == N_RR_STACK) {
3255             /* stack overflow.  We're hosed. */
3256             VG_(message)(Vg_DebugMsg, "DWARF2 CFI reader: N_RR_STACK is "
3257                                       "too low; increase and recompile.");
3258             return 0; /* indicate failure */
3259          } else {
3260             VG_(memcpy)(/*dst*/&ctx->state[ctx->state_sp],
3261                         /*src*/&ctx->state[ctx->state_sp - 1],
3262                         sizeof(ctx->state[ctx->state_sp]) );
3263          }
3264          break;
3265 
3266       case DW_CFA_restore_state:
3267          if (di->ddump_frames)
3268             VG_(printf)("  DW_CFA_restore_state\n");
3269          /* we just checked this at entry, so: */
3270          vg_assert(ctx->state_sp >= 0 && ctx->state_sp < N_RR_STACK);
3271          if (ctx->state_sp == 0) {
3272             /* stack undefflow.  Give up. */
3273             return 0; /* indicate failure */
3274          } else {
3275             /* simply fall back to previous entry */
3276             ctx->state_sp--;
3277          }
3278          break;
3279 
3280       case DW_CFA_ORCL_arg_loc:
3281          if (di->ddump_frames)
3282             VG_(printf)("  DW_CFA_ORCL_arg_loc\n");
3283          break;
3284 
3285       default:
3286          VG_(message)(Vg_DebugMsg, "DWARF2 CFI reader: unhandled CFI "
3287                                    "instruction 0:%d\n", (Int)lo6);
3288          if (di->ddump_frames)
3289             VG_(printf)("  rci:run_CF_instruction:default\n");
3290          return 0; /* failure */
3291          /*NOTREACHED*/
3292    }
3293 
3294    return ML_(cur_minus)(instr, instrIN);
3295 }
3296 
3297 
3298 /* Show a CFI instruction, and also return its length.  Show it as
3299    close as possible (preferably identical) to how GNU binutils
3300    readelf --debug-dump=frames would. */
3301 
show_CF_instruction(DiCursor instrIN,const AddressDecodingInfo * adi,Int code_a_f,Int data_a_f)3302 static Int show_CF_instruction ( DiCursor instrIN,
3303                                  const AddressDecodingInfo* adi,
3304                                  Int code_a_f, Int data_a_f )
3305 {
3306    Int      off, coff, reg, reg2, len;
3307    UInt     delta;
3308    Addr     loc;
3309    DiCursor instr   = instrIN;
3310    UChar    instr_0 = ML_(cur_step_UChar)(&instr);
3311    UChar    hi2     = (instr_0 >> 6) & 3;
3312    UChar    lo6     = instr_0 & 0x3F;
3313 
3314    if (0) {
3315       DiCursor tmpi = instrIN;
3316       UInt i_0 = ML_(cur_step_UChar)(&tmpi);
3317       UInt i_1 = ML_(cur_step_UChar)(&tmpi);
3318       UInt i_2 = ML_(cur_step_UChar)(&tmpi);
3319       UInt i_3 = ML_(cur_step_UChar)(&tmpi);
3320       UInt i_4 = ML_(cur_step_UChar)(&tmpi);
3321       UInt i_5 = ML_(cur_step_UChar)(&tmpi);
3322       UInt i_6 = ML_(cur_step_UChar)(&tmpi);
3323       UInt i_7 = ML_(cur_step_UChar)(&tmpi);
3324       VG_(printf)("raw:%x/%x:%x:%x:%x:%x:%x:%x:%x:%x\n",
3325                   hi2, lo6, i_0, i_1, i_2, i_3, i_4, i_5, i_6, i_7);
3326    }
3327 
3328    if (hi2 == DW_CFA_advance_loc) {
3329       VG_(printf)("  sci:DW_CFA_advance_loc(%d)\n", (Int)lo6);
3330       return ML_(cur_minus)(instr, instrIN);
3331    }
3332 
3333    if (hi2 == DW_CFA_offset) {
3334       off = step_leb128( &instr, 0 );
3335       coff = off * data_a_f;
3336       VG_(printf)("  DW_CFA_offset: r%d at cfa%s%d\n",
3337                   (Int)lo6, coff < 0 ? "" : "+", (Int)coff );
3338       return ML_(cur_minus)(instr, instrIN);
3339    }
3340 
3341    if (hi2 == DW_CFA_restore) {
3342       VG_(printf)("  sci:DW_CFA_restore(r%d)\n", (Int)lo6);
3343       return ML_(cur_minus)(instr, instrIN);
3344    }
3345 
3346    vg_assert(hi2 == DW_CFA_use_secondary);
3347 
3348    switch (lo6) {
3349 
3350       case DW_CFA_nop:
3351          VG_(printf)("  DW_CFA_nop\n");
3352          break;
3353 
3354       case DW_CFA_set_loc:
3355          /* WAS: loc = read_Addr(&instr[i]); i+= sizeof(Addr);
3356             (now known to be incorrect -- the address is encoded) */
3357          loc = step_encoded_Addr(adi, &instr);
3358          VG_(printf)("  sci:DW_CFA_set_loc(%#lx)\n", loc);
3359          break;
3360 
3361       case DW_CFA_advance_loc1:
3362          delta = (UInt)ML_(cur_step_UChar)(&instr);
3363          VG_(printf)("  sci:DW_CFA_advance_loc1(%u)\n", delta);
3364          break;
3365 
3366       case DW_CFA_advance_loc2:
3367          delta = (UInt)ML_(cur_step_UShort)(&instr);
3368          VG_(printf)("  sci:DW_CFA_advance_loc2(%u)\n", delta);
3369          break;
3370 
3371       case DW_CFA_advance_loc4:
3372          delta = (UInt)ML_(cur_step_UInt)(&instr);
3373          VG_(printf)("  DW_CFA_advance_loc4(%u)\n", delta);
3374          break;
3375 
3376       case DW_CFA_def_cfa:
3377          reg = step_leb128( &instr, 0 );
3378          off = step_leb128( &instr, 0 );
3379          VG_(printf)("  DW_CFA_def_cfa: r%d ofs %d\n", reg, off);
3380          break;
3381 
3382       case DW_CFA_def_cfa_sf:
3383          reg = step_leb128( &instr, 0 );
3384          off = step_leb128( &instr, 1 );
3385          VG_(printf)("  DW_CFA_def_cfa_sf: r%d ofs %d\n",
3386                      reg, off * data_a_f);
3387          break;
3388 
3389       case DW_CFA_register:
3390          reg  = step_leb128( &instr, 0);
3391          reg2 = step_leb128( &instr, 0);
3392          VG_(printf)("  sci:DW_CFA_register(r%d, r%d)\n", reg, reg2);
3393          break;
3394 
3395       case DW_CFA_def_cfa_register:
3396          reg = step_leb128( &instr, 0);
3397          VG_(printf)("  sci:DW_CFA_def_cfa_register(r%d)\n", reg);
3398          break;
3399 
3400       case DW_CFA_def_cfa_offset:
3401          off = step_leb128( &instr, 0);
3402          VG_(printf)("  sci:DW_CFA_def_cfa_offset(%d)\n", off);
3403          break;
3404 
3405       case DW_CFA_def_cfa_offset_sf:
3406          off = step_leb128( &instr, 1);
3407          VG_(printf)("  sci:DW_CFA_def_cfa_offset_sf(%d)\n", off);
3408          break;
3409 
3410       case DW_CFA_restore_extended:
3411          reg = step_leb128( &instr, 0);
3412          VG_(printf)("  sci:DW_CFA_restore_extended(r%d)\n", reg);
3413          break;
3414 
3415       case DW_CFA_undefined:
3416          reg = step_leb128( &instr, 0);
3417          VG_(printf)("  sci:DW_CFA_undefined(r%d)\n", reg);
3418          break;
3419 
3420       case DW_CFA_same_value:
3421          reg = step_leb128( &instr, 0);
3422          VG_(printf)("  sci:DW_CFA_same_value(r%d)\n", reg);
3423          break;
3424 
3425       case DW_CFA_remember_state:
3426          VG_(printf)("  sci:DW_CFA_remember_state\n");
3427          break;
3428 
3429       case DW_CFA_restore_state:
3430          VG_(printf)("  sci:DW_CFA_restore_state\n");
3431          break;
3432 
3433       case DW_CFA_GNU_args_size:
3434          off = step_leb128( &instr, 0 );
3435          VG_(printf)("  sci:DW_CFA_GNU_args_size(%d)\n", off );
3436          break;
3437 
3438       case DW_CFA_def_cfa_expression:
3439          len = step_leb128( &instr, 0 );
3440          instr = ML_(cur_plus)(instr, len);
3441          VG_(printf)("  sci:DW_CFA_def_cfa_expression(length %d)\n", len);
3442          break;
3443 
3444       case DW_CFA_expression:
3445          reg = step_leb128( &instr, 0 );
3446          len = step_leb128( &instr, 0 );
3447          instr = ML_(cur_plus)(instr, len);
3448          VG_(printf)("  sci:DW_CFA_expression(r%d, length %d)\n", reg, len);
3449          break;
3450 
3451       case DW_CFA_val_expression:
3452          reg = step_leb128( &instr, 0 );
3453          len = step_leb128( &instr, 0 );
3454          instr = ML_(cur_plus)(instr, len);
3455          VG_(printf)("  sci:DW_CFA_val_expression(r%d, length %d)\n", reg, len);
3456          break;
3457 
3458       case DW_CFA_offset_extended:
3459          reg = step_leb128( &instr, 0 );
3460          off = step_leb128( &instr, 0 );
3461          VG_(printf)("  sci:DW_CFA_offset_extended(r%d, "
3462                      "off %d x data_af)\n", reg, off);
3463          break;
3464 
3465       case DW_CFA_offset_extended_sf:
3466          reg = step_leb128( &instr, 0 );
3467          off = step_leb128( &instr, 1 );
3468 	 coff = (Int)(off * data_a_f);
3469          VG_(printf)("  DW_CFA_offset_extended_sf: r%d at cfa%s%d\n",
3470                         reg, coff < 0 ? "" : "+", coff);
3471          break;
3472 
3473       case DW_CFA_GNU_negative_offset_extended:
3474          reg = step_leb128( &instr, 0 );
3475          off = step_leb128( &instr, 0 );
3476          VG_(printf)("  sci:DW_CFA_GNU_negative_offset_extended"
3477                      "(r%d, off %d x data_af)\n", reg, -off);
3478          break;
3479 
3480       case DW_CFA_val_offset:
3481          reg = step_leb128( &instr, 0 );
3482          off = step_leb128( &instr, 0 );
3483          VG_(printf)("  sci:DW_CFA_val_offset(r%d, off %d x data_af)\n",
3484                      reg, off);
3485          break;
3486 
3487        case DW_CFA_val_offset_sf:
3488          reg = step_leb128( &instr, 0 );
3489          off = step_leb128( &instr, 1 );
3490          VG_(printf)("  sci:DW_CFA_val_offset_sf(r%d, off %d x data_af)\n",
3491                      reg, off);
3492          break;
3493 
3494       case DW_CFA_GNU_window_save:
3495          VG_(printf)("  sci:DW_CFA_GNU_window_save\n");
3496          break;
3497 
3498       case DW_CFA_ORCL_arg_loc:
3499          reg = step_leb128( &instr, 0 );
3500          len = step_leb128( &instr, 0 );
3501          VG_(printf)("  sci:DW_CFA_ORCL_arg_loc(%d, length %d)\n", reg, len);
3502          break;
3503 
3504       default:
3505          VG_(printf)("  sci:0:%d\n", (Int)lo6);
3506          break;
3507    }
3508 
3509    return ML_(cur_minus)(instr, instrIN);
3510 }
3511 
3512 
3513 /* Show the instructions in instrs[0 .. ilen-1]. */
show_CF_instructions(DiCursor instrs,Int ilen,const AddressDecodingInfo * adi,Int code_a_f,Int data_a_f)3514 static void show_CF_instructions ( DiCursor instrs, Int ilen,
3515                                    const AddressDecodingInfo* adi,
3516                                    Int code_a_f, Int data_a_f )
3517 {
3518    Int i = 0;
3519    while (True) {
3520       if (i >= ilen) break;
3521       i += show_CF_instruction( ML_(cur_plus)(instrs, i),
3522                                 adi, code_a_f, data_a_f );
3523    }
3524 }
3525 
3526 
3527 /* Run the CF instructions in instrs[0 .. ilen-1], until the end is
3528    reached, or until there is a failure.  Return True iff success.
3529 */
3530 static
run_CF_instructions(DebugInfo * di,Bool record,UnwindContext * ctx,DiCursor instrs,Int ilen,UWord fde_arange,const UnwindContext * restore_ctx,const AddressDecodingInfo * adi)3531 Bool run_CF_instructions ( DebugInfo* di,
3532                            Bool record,
3533                            UnwindContext* ctx, DiCursor instrs, Int ilen,
3534                            UWord fde_arange,
3535                            const UnwindContext* restore_ctx,
3536                            const AddressDecodingInfo* adi )
3537 {
3538    Addr base;
3539    UInt len;
3540    DiCfSI_m cfsi_m;
3541    Bool summ_ok;
3542    Int j, i = 0;
3543    Addr loc_prev;
3544    if (0) ppUnwindContext(ctx);
3545    if (0) ppUnwindContext_summary(ctx);
3546    while (True) {
3547       loc_prev = ctx->loc;
3548       if (i >= ilen) break;
3549       if (0) (void)show_CF_instruction( ML_(cur_plus)(instrs,i), adi,
3550                                         ctx->code_a_f, ctx->data_a_f );
3551       j = run_CF_instruction( ctx, ML_(cur_plus)(instrs,i),
3552                               restore_ctx, adi, di );
3553       if (j == 0)
3554          return False; /* execution failed */
3555       i += j;
3556       if (0) ppUnwindContext(ctx);
3557       if (record && loc_prev != ctx->loc) {
3558          summ_ok = summarise_context ( &base, &len, &cfsi_m,
3559                                        loc_prev, ctx, di );
3560          if (summ_ok) {
3561             ML_(addDiCfSI)(di, base, len, &cfsi_m);
3562             if (di->trace_cfi)
3563                ML_(ppDiCfSI)(di->cfsi_exprs, base, len, &cfsi_m);
3564          }
3565       }
3566    }
3567    if (ctx->loc < fde_arange) {
3568       loc_prev = ctx->loc;
3569       ctx->loc = fde_arange;
3570       if (record) {
3571          summ_ok = summarise_context ( &base, &len, &cfsi_m,
3572                                        loc_prev, ctx, di );
3573          if (summ_ok) {
3574             ML_(addDiCfSI)(di, base, len, &cfsi_m);
3575             if (di->trace_cfi)
3576                ML_(ppDiCfSI)(di->cfsi_exprs, base, len, &cfsi_m);
3577          }
3578       }
3579    }
3580    return True;
3581 }
3582 
3583 
3584 /* ------------ Main entry point for CFI reading ------------ */
3585 
3586 typedef
3587    struct {
3588       /* This gives the CIE an identity to which FDEs will refer. */
3589       ULong    offset;
3590       /* Code, data factors. */
3591       Int      code_a_f;
3592       Int      data_a_f;
3593       /* Return-address pseudo-register. */
3594       Int      ra_reg;
3595       UChar    address_encoding;
3596       /* Where are the instrs? */
3597       DiCursor instrs;
3598       Int      ilen;
3599       /* God knows .. don't ask */
3600       Bool     saw_z_augmentation;
3601    }
3602    CIE;
3603 
init_CIE(CIE * cie)3604 static void init_CIE ( CIE* cie )
3605 {
3606    cie->offset             = 0;
3607    cie->code_a_f           = 0;
3608    cie->data_a_f           = 0;
3609    cie->ra_reg             = 0;
3610    cie->address_encoding   = 0;
3611    cie->instrs             = DiCursor_INVALID;
3612    cie->ilen               = 0;
3613    cie->saw_z_augmentation = False;
3614 }
3615 
3616 static CIE *the_CIEs = NULL;
3617 static SizeT N_CIEs = 0;
3618 
3619 /* Read, summarise and store CFA unwind info from .eh_frame and
3620    .debug_frame sections.  is_ehframe tells us which kind we are
3621    dealing with -- they are slightly different. */
ML_(read_callframe_info_dwarf3)3622 void ML_(read_callframe_info_dwarf3)
3623         ( /*OUT*/struct _DebugInfo* di,
3624           DiSlice escn_frame, Addr frame_avma, Bool is_ehframe )
3625 {
3626    const HChar* how = NULL;
3627    Int      n_CIEs = 0;
3628    DiCursor frame_image = ML_(cur_from_sli)(escn_frame); /* fixed */
3629    DiOffT   frame_size  = escn_frame.szB;
3630    DiCursor data        = frame_image;
3631    UWord    cfsi_used_orig;
3632 
3633    /* If we're dealing with a .debug_frame, assume zero frame_avma. */
3634    if (!is_ehframe)
3635       vg_assert(frame_avma == 0);
3636 
3637 #  if defined(VGP_ppc32_linux) || defined(VGP_ppc64be_linux) \
3638       || defined(VGP_ppc64le_linux)
3639    /* These targets don't use CFI-based stack unwinding.  */
3640    return;
3641 #  endif
3642 
3643    /* If we read more than one .debug_frame or .eh_frame for this
3644       DebugInfo*, the second and subsequent reads should only add FDEs
3645       for address ranges not already covered by the FDEs already
3646       present.  To be able to quickly check which address ranges are
3647       already present, any existing records (DiCFSIs) must be sorted,
3648       so we can binary-search them in the code below.  We also record
3649       di->cfsi_used so that we know where the boundary is between
3650       existing and new records. */
3651    if (di->cfsi_used > 0) {
3652       ML_(canonicaliseCFI) ( di );
3653    }
3654    cfsi_used_orig = di->cfsi_used;
3655 
3656    if (di->trace_cfi) {
3657       VG_(printf)("\n-----------------------------------------------\n");
3658       VG_(printf)("CFI info: szB %llu, _avma %#lx\n",
3659                   escn_frame.szB, frame_avma );
3660       VG_(printf)("CFI info: name %s\n", di->fsm.filename );
3661    }
3662 
3663    /* Loop over CIEs/FDEs */
3664 
3665    /* Conceptually, the frame info is a sequence of FDEs, one for each
3666       function.  Inside an FDE is a miniature program for a special
3667       state machine, which, when run, produces the stack-unwinding
3668       info for that function.
3669 
3670       Because the FDEs typically have much in common, and because the
3671       DWARF designers appear to have been fanatical about space
3672       saving, the common parts are factored out into so-called CIEs.
3673       That means that what we traverse is a sequence of structs, each
3674       of which is either a FDE (usually) or a CIE (occasionally).
3675       Each FDE has a field indicating which CIE is the one pertaining
3676       to it.
3677 
3678       The following loop traverses the sequence.  FDEs are dealt with
3679       immediately; once we harvest the useful info in an FDE, it is
3680       then forgotten about.  By contrast, CIEs are validated and
3681       dumped into an array, because later FDEs may refer to any
3682       previously-seen CIE.
3683    */
3684    while (True) {
3685       DiCursor ciefde_start;
3686       ULong    ciefde_len;
3687       ULong    cie_pointer;
3688       Bool     dw64;
3689 
3690       /* Are we done? */
3691       if (ML_(cur_cmpEQ)(data, ML_(cur_plus)(frame_image, frame_size)))
3692          return;
3693 
3694       /* Overshot the end?  Means something is wrong */
3695       if (ML_(cur_cmpGT)(data, ML_(cur_plus)(frame_image, frame_size))) {
3696          how = "overran the end of .eh_frame";
3697          goto bad;
3698       }
3699 
3700       /* Ok, we must be looking at the start of a new CIE or FDE.
3701          Figure out which it is. */
3702 
3703       ciefde_start = data;
3704       if (di->trace_cfi)
3705          VG_(printf)("\ncie/fde.start   = (frame_image + 0x%llx)\n",
3706                      (ULong)ML_(cur_minus)(ciefde_start, frame_image));
3707 
3708       ciefde_len = (ULong)ML_(cur_step_UInt)(&data);
3709       if (di->trace_cfi)
3710          VG_(printf)("cie/fde.length  = %llu\n", ciefde_len);
3711 
3712       /* Apparently, if the .length field is zero, we are at the end
3713          of the sequence.  This is stated in the Generic Elf
3714          Specification (see comments far above here) and is one of the
3715          places where .eh_frame and .debug_frame data differ. */
3716       if (ciefde_len == 0) {
3717          if (di->ddump_frames)
3718             VG_(printf)("%08llx ZERO terminator\n\n",
3719                         (ULong)ML_(cur_minus)(ciefde_start, frame_image));
3720          return;
3721       }
3722 
3723       /* If the .length field is 0xFFFFFFFF then we're dealing with
3724          64-bit DWARF, and the real length is stored as a 64-bit
3725          number immediately following it. */
3726       dw64 = False;
3727       if (ciefde_len == 0xFFFFFFFFUL) {
3728          dw64 = True;
3729          ciefde_len = ML_(cur_step_ULong)(&data);
3730       }
3731 
3732       /* Now get the CIE ID, whose size depends on the DWARF 32 vs
3733 	 64-ness. */
3734       if (dw64) {
3735          /* see XXX below */
3736          cie_pointer = ML_(cur_step_ULong)(&data);
3737       } else {
3738          /* see XXX below */
3739          cie_pointer = (ULong)ML_(cur_step_UInt)(&data);
3740       }
3741 
3742       if (di->trace_cfi)
3743          VG_(printf)("cie.pointer     = %llu\n", cie_pointer);
3744 
3745       /* If cie_pointer is zero for .eh_frame or all ones for .debug_frame,
3746          we've got a CIE; else it's an FDE. */
3747       if (cie_pointer == (is_ehframe ? 0ULL
3748                           : dw64 ? 0xFFFFFFFFFFFFFFFFULL : 0xFFFFFFFFULL)) {
3749 
3750          Int      this_CIE;
3751          UChar    cie_version;
3752          DiCursor cie_augmentation;
3753 
3754          /* --------- CIE --------- */
3755 	 if (di->trace_cfi)
3756             VG_(printf)("------ new CIE #%d ------\n", n_CIEs);
3757 
3758 	 /* Allocate a new CIE record. */
3759          vg_assert(n_CIEs >= 0);
3760          if (n_CIEs == N_CIEs) {
3761             N_CIEs += 1000;
3762             the_CIEs = ML_(dinfo_realloc)("di.rcid3.2", the_CIEs,
3763                                           N_CIEs * sizeof the_CIEs[0]);
3764          }
3765 
3766          this_CIE = n_CIEs;
3767          n_CIEs++;
3768          init_CIE( &the_CIEs[this_CIE] );
3769 
3770 	 /* Record its offset.  This is how we will find it again
3771             later when looking at an FDE. */
3772          the_CIEs[this_CIE].offset
3773             = (ULong)ML_(cur_minus)(ciefde_start, frame_image);
3774 
3775          if (di->ddump_frames)
3776             VG_(printf)("%08lx %08lx %08lx CIE\n",
3777                         (Addr)ML_(cur_minus)(ciefde_start, frame_image),
3778                         (Addr)ciefde_len,
3779                         (Addr)(UWord)cie_pointer );
3780 
3781          cie_version = ML_(cur_step_UChar)(&data);
3782          if (di->trace_cfi)
3783             VG_(printf)("cie.version     = %d\n", (Int)cie_version);
3784          if (di->ddump_frames)
3785             VG_(printf)("  Version:               %d\n", (Int)cie_version);
3786          if (cie_version != 1 && cie_version != 3 && cie_version != 4) {
3787             how = "unexpected CIE version (not 1 nor 3 nor 4)";
3788             goto bad;
3789          }
3790 
3791          cie_augmentation = data;
3792          data = ML_(cur_plus)(data, 1 + ML_(cur_strlen)(cie_augmentation));
3793 
3794          if (di->trace_cfi || di->ddump_frames) {
3795             HChar* str = ML_(cur_read_strdup)(cie_augmentation, "di.rcid3.1");
3796             if (di->trace_cfi)
3797                VG_(printf)("cie.augment     = \"%s\"\n", str);
3798             if (di->ddump_frames)
3799                VG_(printf)("  Augmentation:          \"%s\"\n", str);
3800             ML_(dinfo_free)(str);
3801          }
3802 
3803          if (ML_(cur_read_UChar)(cie_augmentation) == 'e'
3804              && ML_(cur_read_UChar)
3805                    (ML_(cur_plus)(cie_augmentation, 1)) == 'h') {
3806             data = ML_(cur_plus)(data, sizeof(Addr));
3807             cie_augmentation = ML_(cur_plus)(cie_augmentation, 2);
3808          }
3809 
3810          if (cie_version >= 4) {
3811             if (ML_(cur_step_UChar)(&data) != sizeof(Addr)) {
3812                how = "unexpected address size";
3813                goto bad;
3814             }
3815             if (ML_(cur_step_UChar)(&data) != 0) {
3816                how = "unexpected non-zero segment size";
3817                goto bad;
3818             }
3819          }
3820 
3821          the_CIEs[this_CIE].code_a_f = step_leb128( &data, 0);
3822          if (di->trace_cfi)
3823             VG_(printf)("cie.code_af     = %d\n",
3824                         the_CIEs[this_CIE].code_a_f);
3825          if (di->ddump_frames)
3826             VG_(printf)("  Code alignment factor: %d\n",
3827                         (Int)the_CIEs[this_CIE].code_a_f);
3828 
3829          the_CIEs[this_CIE].data_a_f = step_leb128( &data, 1);
3830          if (di->trace_cfi)
3831             VG_(printf)("cie.data_af     = %d\n",
3832                         the_CIEs[this_CIE].data_a_f);
3833          if (di->ddump_frames)
3834             VG_(printf)("  Data alignment factor: %d\n",
3835                         (Int)the_CIEs[this_CIE].data_a_f);
3836 
3837          if (cie_version == 1) {
3838             the_CIEs[this_CIE].ra_reg = (Int)ML_(cur_step_UChar)(&data);
3839          } else {
3840             the_CIEs[this_CIE].ra_reg = step_leb128( &data, 0);
3841          }
3842          if (di->trace_cfi)
3843             VG_(printf)("cie.ra_reg      = %d\n",
3844                         the_CIEs[this_CIE].ra_reg);
3845          if (di->ddump_frames)
3846             VG_(printf)("  Return address column: %d\n",
3847                         (Int)the_CIEs[this_CIE].ra_reg);
3848 
3849          if (the_CIEs[this_CIE].ra_reg < 0
3850              || the_CIEs[this_CIE].ra_reg >= N_CFI_REGS) {
3851             how = "cie.ra_reg has implausible value";
3852             goto bad;
3853          }
3854 
3855          the_CIEs[this_CIE].saw_z_augmentation
3856             = ML_(cur_read_UChar)(cie_augmentation) == 'z';
3857          if (the_CIEs[this_CIE].saw_z_augmentation) {
3858             UInt length = step_leb128( &data, 0);
3859             the_CIEs[this_CIE].instrs = ML_(cur_plus)(data, length);
3860             cie_augmentation = ML_(cur_plus)(cie_augmentation, 1);
3861             if (di->ddump_frames) {
3862                UInt i;
3863                VG_(printf)("  Augmentation data:    ");
3864                for (i = 0; i < length; i++)
3865                   VG_(printf)(" %02x", (UInt)ML_(cur_read_UChar)
3866                                                 (ML_(cur_plus)(data, i)));
3867                VG_(printf)("\n");
3868             }
3869          } else {
3870             the_CIEs[this_CIE].instrs = DiCursor_INVALID;
3871          }
3872 
3873          the_CIEs[this_CIE].address_encoding = default_Addr_encoding();
3874 
3875          while (ML_(cur_read_UChar)(cie_augmentation)) {
3876             switch (ML_(cur_read_UChar)(cie_augmentation)) {
3877                case 'L':
3878                   data = ML_(cur_plus)(data, 1);
3879                   cie_augmentation = ML_(cur_plus)(cie_augmentation, 1);
3880                   break;
3881                case 'R':
3882                   the_CIEs[this_CIE].address_encoding
3883                      = ML_(cur_step_UChar)(&data);
3884                   cie_augmentation = ML_(cur_plus)(cie_augmentation, 1);
3885                   break;
3886                case 'P':
3887                   data = ML_(cur_plus)(data, size_of_encoded_Addr(
3888                                                 ML_(cur_read_UChar)(data) ));
3889                   data = ML_(cur_plus)(data, 1);
3890                   cie_augmentation = ML_(cur_plus)(cie_augmentation, 1);
3891                   break;
3892                case 'S':
3893                   cie_augmentation = ML_(cur_plus)(cie_augmentation, 1);
3894                   break;
3895                default:
3896                   if (!ML_(cur_is_valid)(the_CIEs[this_CIE].instrs)) {
3897                      how = "unhandled cie.augmentation";
3898                      goto bad;
3899                   }
3900                   data = the_CIEs[this_CIE].instrs;
3901                   goto done_augmentation;
3902             }
3903          }
3904 
3905         done_augmentation:
3906 
3907          if (di->trace_cfi)
3908             VG_(printf)("cie.encoding    = 0x%x\n",
3909                         the_CIEs[this_CIE].address_encoding);
3910 
3911          the_CIEs[this_CIE].instrs = data;
3912          the_CIEs[this_CIE].ilen   = ML_(cur_minus)(ciefde_start, data)
3913                                      + (Long)ciefde_len + (Long)sizeof(UInt);
3914          if (di->trace_cfi) {
3915             //VG_(printf)("cie.instrs      = %p\n", the_CIEs[this_CIE].instrs);
3916             VG_(printf)("cie.ilen        = %d\n", the_CIEs[this_CIE].ilen);
3917 	 }
3918 
3919          if (the_CIEs[this_CIE].ilen < 0
3920              || the_CIEs[this_CIE].ilen > frame_size) {
3921             how = "implausible # cie initial insns";
3922             goto bad;
3923          }
3924 
3925          data = ML_(cur_plus)(data, the_CIEs[this_CIE].ilen);
3926 
3927          /* Show the CIE's instructions (the preamble for each FDE
3928             that uses this CIE). */
3929          if (di->ddump_frames)
3930             VG_(printf)("\n");
3931 
3932          if (di->trace_cfi || di->ddump_frames) {
3933             AddressDecodingInfo adi;
3934             adi.encoding      = the_CIEs[this_CIE].address_encoding;
3935             adi.ehframe_image = frame_image;
3936             adi.ehframe_avma  = frame_avma;
3937             adi.text_bias     = di->text_debug_bias;
3938             adi.got_avma      = di->got_avma;
3939             show_CF_instructions( the_CIEs[this_CIE].instrs,
3940                                   the_CIEs[this_CIE].ilen, &adi,
3941                                   the_CIEs[this_CIE].code_a_f,
3942                                   the_CIEs[this_CIE].data_a_f );
3943          }
3944 
3945          if (di->ddump_frames)
3946             VG_(printf)("\n");
3947 
3948       } else {
3949 
3950          AddressDecodingInfo adi;
3951          UnwindContext ctx, restore_ctx;
3952          Int      cie;
3953          ULong    look_for;
3954          Bool     ok;
3955          Addr     fde_initloc;
3956          UWord    fde_arange;
3957          DiCursor fde_instrs;
3958          Int      fde_ilen;
3959 
3960          /* --------- FDE --------- */
3961 
3962          /* Find the relevant CIE.  The CIE we want is located
3963             cie_pointer bytes back from here. */
3964 
3965          /* re sizeof(UInt) / sizeof(ULong), matches XXX above. */
3966          if (is_ehframe)
3967             look_for = ML_(cur_minus)(data, frame_image)
3968                        - (dw64 ? sizeof(ULong) : sizeof(UInt))
3969                        - cie_pointer;
3970          else
3971             look_for = cie_pointer;
3972 
3973          for (cie = 0; cie < n_CIEs; cie++) {
3974             if (0) VG_(printf)("look for %llu   %llu\n",
3975                                look_for, the_CIEs[cie].offset );
3976             if (the_CIEs[cie].offset == look_for)
3977                break;
3978 	 }
3979          vg_assert(cie >= 0 && cie <= n_CIEs);
3980          if (cie == n_CIEs) {
3981             how = "FDE refers to not-findable CIE";
3982             goto bad;
3983 	 }
3984 
3985          adi.encoding      = the_CIEs[cie].address_encoding;
3986          adi.ehframe_image = frame_image;
3987          adi.ehframe_avma  = frame_avma;
3988          adi.text_bias     = di->text_debug_bias;
3989          adi.got_avma      = di->got_avma;
3990          fde_initloc = step_encoded_Addr(&adi, &data);
3991          if (di->trace_cfi)
3992             VG_(printf)("fde.initloc     = %#lx\n", fde_initloc);
3993 
3994          adi.encoding      = the_CIEs[cie].address_encoding & 0xf;
3995          adi.ehframe_image = frame_image;
3996          adi.ehframe_avma  = frame_avma;
3997          adi.text_bias     = di->text_debug_bias;
3998          adi.got_avma      = di->got_avma;
3999 
4000          /* WAS (incorrectly):
4001             fde_arange = read_encoded_Addr(&nbytes, &adi, data);
4002             data += nbytes;
4003             The following corresponds to what binutils/dwarf.c does:
4004          */
4005          { UInt ptr_size = size_of_encoded_Addr( adi.encoding );
4006            switch (ptr_size) {
4007               case 8: case 4: case 2: case 1:
4008                  fde_arange
4009                     = (UWord)step_le_u_encoded_literal(&data, ptr_size);
4010                  break;
4011               default:
4012                  how = "unknown arange field encoding in FDE";
4013                  goto bad;
4014            }
4015          }
4016 
4017          if (di->trace_cfi)
4018             VG_(printf)("fde.arangec     = %#lx\n", fde_arange);
4019 
4020          if (di->ddump_frames)
4021             VG_(printf)("%08lx %08lx %08lx FDE cie=%08lx pc=%08lx..%08lx\n",
4022                         (Addr)ML_(cur_minus)(ciefde_start, frame_image),
4023                         (Addr)ciefde_len,
4024                         (Addr)(UWord)cie_pointer,
4025                         (Addr)look_for,
4026                         ((Addr)fde_initloc) - di->text_debug_bias,
4027                         ((Addr)fde_initloc) - di->text_debug_bias + fde_arange);
4028 
4029          if (the_CIEs[cie].saw_z_augmentation) {
4030             UInt length = step_leb128( &data, 0);
4031             if (di->ddump_frames && (length > 0)) {
4032                UInt i;
4033                VG_(printf)("  Augmentation data:    ");
4034                for (i = 0; i < length; i++)
4035                   VG_(printf)(" %02x", (UInt)ML_(cur_read_UChar)
4036                                                 (ML_(cur_plus)(data, i)));
4037                VG_(printf)("\n\n");
4038             }
4039             data = ML_(cur_plus)(data, length);
4040          }
4041 
4042          fde_instrs = data;
4043          fde_ilen   = ML_(cur_minus)(ciefde_start, data)
4044                       + (Long)ciefde_len + (Long)sizeof(UInt);
4045          if (di->trace_cfi) {
4046             //VG_(printf)("fde.instrs      = %p\n", fde_instrs);
4047             VG_(printf)("fde.ilen        = %d\n", (Int)fde_ilen);
4048 	 }
4049 
4050          if (fde_ilen < 0 || fde_ilen > frame_size) {
4051             how = "implausible # fde insns";
4052             goto bad;
4053          }
4054 
4055 	 data = ML_(cur_plus)(data, fde_ilen);
4056 
4057          /* If this object's DebugInfo* had some DiCFSIs from a
4058             previous .eh_frame or .debug_frame read, we must check
4059             that we're not adding a duplicate. */
4060          if (cfsi_used_orig > 0) {
4061             Addr a_mid_lo, a_mid_hi;
4062             Word mid, size,
4063                  lo = 0,
4064                  hi = cfsi_used_orig-1;
4065             while (True) {
4066                /* current unsearched space is from lo to hi, inclusive. */
4067                if (lo > hi) break; /* not found */
4068                mid      = (lo + hi) / 2;
4069                a_mid_lo = di->cfsi_rd[mid].base;
4070                size     = di->cfsi_rd[mid].len;
4071                a_mid_hi = a_mid_lo + size - 1;
4072                vg_assert(a_mid_hi >= a_mid_lo);
4073                if (fde_initloc + fde_arange <= a_mid_lo) {
4074                   hi = mid-1; continue;
4075                }
4076                if (fde_initloc > a_mid_hi) { lo = mid+1; continue; }
4077                break;
4078             }
4079 
4080             /* The range this .debug_frame FDE covers has been already
4081                covered in .eh_frame section.  Don't add it from .debug_frame
4082                section again.  */
4083             if (lo <= hi)
4084                continue;
4085          }
4086 
4087          adi.encoding      = the_CIEs[cie].address_encoding;
4088          adi.ehframe_image = frame_image;
4089          adi.ehframe_avma  = frame_avma;
4090          adi.text_bias     = di->text_debug_bias;
4091          adi.got_avma      = di->got_avma;
4092 
4093          if (di->trace_cfi)
4094             show_CF_instructions( fde_instrs, fde_ilen, &adi,
4095                                   the_CIEs[cie].code_a_f,
4096                                   the_CIEs[cie].data_a_f );
4097 
4098 	 initUnwindContext(&ctx);
4099          ctx.code_a_f = the_CIEs[cie].code_a_f;
4100          ctx.data_a_f = the_CIEs[cie].data_a_f;
4101          ctx.initloc  = fde_initloc;
4102          ctx.ra_reg   = the_CIEs[cie].ra_reg;
4103          ctx.exprs    = VG_(newXA)( ML_(dinfo_zalloc), "di.rcid.1",
4104                                     ML_(dinfo_free),
4105                                     sizeof(CfiExpr) );
4106 
4107 	 /* Run the CIE's instructions.  Ugly hack: if
4108             --debug-dump=frames is in effect, suppress output for
4109             these instructions since they will already have been shown
4110             at the time the CIE was first encountered.  Note, not
4111             thread safe - if this reader is ever made threaded, should
4112             fix properly. */
4113 	 { Bool hack = di->ddump_frames;
4114            di->ddump_frames = False;
4115            initUnwindContext(&restore_ctx);
4116            ok = run_CF_instructions(
4117                    di, False, &ctx, the_CIEs[cie].instrs,
4118                    the_CIEs[cie].ilen, 0, NULL, &adi
4119                 );
4120            di->ddump_frames = hack;
4121          }
4122          /* And now run the instructions for the FDE, starting from
4123             the state created by running the CIE preamble
4124             instructions. */
4125          if (ok) {
4126             restore_ctx = ctx;
4127 	    ok = run_CF_instructions(
4128                     di, True, &ctx, fde_instrs, fde_ilen, fde_arange,
4129                     &restore_ctx, &adi
4130                  );
4131             if (di->ddump_frames)
4132                VG_(printf)("\n");
4133 	 }
4134 
4135          VG_(deleteXA)( ctx.exprs );
4136       }
4137    }
4138 
4139    return;
4140 
4141    bad:
4142     if (!VG_(clo_xml) && VG_(clo_verbosity) > 1)
4143        VG_(message)(Vg_UserMsg,
4144                     "Warning: %s in DWARF2 CFI reading\n", how);
4145     return;
4146 }
4147 
4148 #endif // defined(VGO_linux) || defined(VGO_darwin) || defined(VGO_solaris)
4149 
4150 /*--------------------------------------------------------------------*/
4151 /*--- end                                                          ---*/
4152 /*--------------------------------------------------------------------*/
4153