2 /*--------------------------------------------------------------------*/
3 /*--- Top level management of symbols and debugging information. ---*/
4 /*--- debuginfo.c ---*/
5 /*--------------------------------------------------------------------*/
8 This file is part of Valgrind, a dynamic binary instrumentation
11 Copyright (C) 2000-2010 Julian Seward
14 This program is free software; you can redistribute it and/or
15 modify it under the terms of the GNU General Public License as
16 published by the Free Software Foundation; either version 2 of the
17 License, or (at your option) any later version.
19 This program is distributed in the hope that it will be useful, but
20 WITHOUT ANY WARRANTY; without even the implied warranty of
21 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
22 General Public License for more details.
24 You should have received a copy of the GNU General Public License
25 along with this program; if not, write to the Free Software
26 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
29 The GNU General Public License is contained in the file COPYING.
32 #include "pub_core_basics.h"
33 #include "pub_core_vki.h"
34 #include "pub_core_libcsetjmp.h" // to keep _threadstate.h happy
35 #include "pub_core_threadstate.h"
36 #include "pub_core_debuginfo.h" /* self */
37 #include "pub_core_demangle.h"
38 #include "pub_core_libcbase.h"
39 #include "pub_core_libcassert.h"
40 #include "pub_core_libcprint.h"
41 #include "pub_core_libcfile.h"
42 #include "pub_core_libcproc.h" // VG_(getenv)
43 #include "pub_core_seqmatch.h"
44 #include "pub_core_options.h"
45 #include "pub_core_redir.h" // VG_(redir_notify_{new,delete}_SegInfo)
46 #include "pub_core_aspacemgr.h"
47 #include "pub_core_machine.h" // VG_PLAT_USES_PPCTOC
48 #include "pub_core_xarray.h"
49 #include "pub_core_oset.h"
50 #include "pub_core_stacktrace.h" // VG_(get_StackTrace) XXX: circular dependency
51 #include "pub_core_ume.h"
53 #include "priv_misc.h" /* dinfo_zalloc/free */
54 #include "priv_d3basics.h" /* ML_(pp_GX) */
55 #include "priv_tytypes.h"
56 #include "priv_storage.h"
57 #include "priv_readdwarf.h"
58 #include "priv_readstabs.h"
59 #if defined(VGO_linux)
60 # include "priv_readelf.h"
61 # include "priv_readdwarf3.h"
62 # include "priv_readpdb.h"
63 #elif defined(VGO_aix5)
64 # include "pub_core_debuglog.h"
65 # include "pub_core_libcproc.h"
66 # include "pub_core_libcfile.h"
67 # include "priv_readxcoff.h"
68 #elif defined(VGO_darwin)
69 # include "priv_readmacho.h"
70 # include "priv_readpdb.h"
74 /*------------------------------------------------------------*/
75 /*--- The _svma / _avma / _image / _bias naming scheme ---*/
76 /*------------------------------------------------------------*/
78 /* JRS 11 Jan 07: I find the different kinds of addresses involved in
79 debuginfo reading confusing. Recently I arrived at some
80 terminology which makes it clearer (to me, at least). There are 3
81 kinds of address used in the debuginfo reading process:
83 stated VMAs - the address where (eg) a .so says a symbol is, that
84 is, what it tells you if you consider the .so in
87 actual VMAs - the address where (eg) said symbol really wound up
88 after the .so was mapped into memory
90 image addresses - pointers into the copy of the .so (etc)
91 transiently mmaped aboard whilst we read its info
93 Additionally I use the term 'bias' to denote the difference
94 between stated and actual VMAs for a given entity.
96 This terminology is not used consistently, but a start has been
97 made. readelf.c and the call-frame info reader in readdwarf.c now
98 use it. Specifically, various variables and structure fields have
99 been annotated with _avma / _svma / _image / _bias. In places _img
100 is used instead of _image for the sake of brevity.
104 /*------------------------------------------------------------*/
106 /*------------------------------------------------------------*/
108 static void cfsi_cache__invalidate ( void );
111 /*------------------------------------------------------------*/
112 /*--- Root structure ---*/
113 /*------------------------------------------------------------*/
115 /* The root structure for the entire debug info system. It is a
116 linked list of DebugInfos. */
117 static DebugInfo* debugInfo_list = NULL;
120 /* Find 'di' in the debugInfo_list and move it one step closer the the
121 front of the list, so as to make subsequent searches for it
122 cheaper. When used in a controlled way, makes a major improvement
123 in some DebugInfo-search-intensive situations, most notably stack
124 unwinding on amd64-linux. */
125 static void move_DebugInfo_one_step_forward ( DebugInfo* di )
127 DebugInfo *di0, *di1, *di2;
128 if (di == debugInfo_list)
129 return; /* already at head of list */
130 vg_assert(di != NULL);
131 di0 = debugInfo_list;
135 if (di0 == NULL || di0 == di) break;
140 vg_assert(di0 == di);
141 if (di0 != NULL && di1 != NULL && di2 != NULL) {
143 /* di0 points to di, di1 to its predecessor, and di2 to di1's
144 predecessor. Swap di0 and di1, that is, move di0 one step
145 closer to the start of the list. */
146 vg_assert(di2->next == di1);
147 vg_assert(di1->next == di0);
154 if (di0 != NULL && di1 != NULL && di2 == NULL) {
155 /* it's second in the list. */
156 vg_assert(debugInfo_list == di1);
157 vg_assert(di1->next == di0);
158 di1->next = di0->next;
160 debugInfo_list = di0;
165 /*------------------------------------------------------------*/
166 /*--- Notification (acquire/discard) helpers ---*/
167 /*------------------------------------------------------------*/
169 /* Gives out unique abstract handles for allocated DebugInfos. See
170 comment in priv_storage.h, declaration of struct _DebugInfo, for
172 static ULong handle_counter = 1;
174 /* Allocate and zero out a new DebugInfo record. */
176 DebugInfo* alloc_DebugInfo( const UChar* filename,
177 const UChar* memname )
184 di = ML_(dinfo_zalloc)("di.debuginfo.aDI.1", sizeof(DebugInfo));
185 di->handle = handle_counter++;
186 di->filename = ML_(dinfo_strdup)("di.debuginfo.aDI.2", filename);
187 di->memname = memname ? ML_(dinfo_strdup)("di.debuginfo.aDI.3", memname)
190 /* Everything else -- pointers, sizes, arrays -- is zeroed by calloc.
191 Now set up the debugging-output flags. */
193 = VG_(string_match)( VG_(clo_trace_symtab_patt), filename )
194 || (memname && VG_(string_match)( VG_(clo_trace_symtab_patt),
197 di->trace_symtab = VG_(clo_trace_symtab);
198 di->trace_cfi = VG_(clo_trace_cfi);
199 di->ddump_syms = VG_(clo_debug_dump_syms);
200 di->ddump_line = VG_(clo_debug_dump_line);
201 di->ddump_frames = VG_(clo_debug_dump_frames);
208 /* Free a DebugInfo, and also all the stuff hanging off it. */
209 static void free_DebugInfo ( DebugInfo* di )
212 struct strchunk *chunk, *next;
216 vg_assert(di != NULL);
217 if (di->filename) ML_(dinfo_free)(di->filename);
218 if (di->symtab) ML_(dinfo_free)(di->symtab);
219 if (di->loctab) ML_(dinfo_free)(di->loctab);
220 if (di->cfsi) ML_(dinfo_free)(di->cfsi);
221 if (di->cfsi_exprs) VG_(deleteXA)(di->cfsi_exprs);
222 if (di->fpo) ML_(dinfo_free)(di->fpo);
224 for (chunk = di->strchunks; chunk != NULL; chunk = next) {
226 ML_(dinfo_free)(chunk);
229 /* Delete the two admin arrays. These lists exist primarily so
230 that we can visit each object exactly once when we need to
232 if (di->admin_tyents) {
233 n = VG_(sizeXA)(di->admin_tyents);
234 for (i = 0; i < n; i++) {
235 ent = (TyEnt*)VG_(indexXA)(di->admin_tyents, i);
236 /* Dump anything hanging off this ent */
237 ML_(TyEnt__make_EMPTY)(ent);
239 VG_(deleteXA)(di->admin_tyents);
240 di->admin_tyents = NULL;
243 if (di->admin_gexprs) {
244 n = VG_(sizeXA)(di->admin_gexprs);
245 for (i = 0; i < n; i++) {
246 gexpr = *(GExpr**)VG_(indexXA)(di->admin_gexprs, i);
247 ML_(dinfo_free)(gexpr);
249 VG_(deleteXA)(di->admin_gexprs);
250 di->admin_gexprs = NULL;
253 /* Dump the variable info. This is kinda complex: we must take
254 care not to free items which reside in either the admin lists
255 (as we have just freed them) or which reside in the DebugInfo's
258 for (i = 0; i < VG_(sizeXA)(di->varinfo); i++) {
259 OSet* scope = *(OSet**)VG_(indexXA)(di->varinfo, i);
260 if (!scope) continue;
261 /* iterate over all entries in 'scope' */
262 VG_(OSetGen_ResetIter)(scope);
264 DiAddrRange* arange = VG_(OSetGen_Next)(scope);
266 /* for each var in 'arange' */
267 vg_assert(arange->vars);
268 for (j = 0; j < VG_(sizeXA)( arange->vars ); j++) {
269 DiVariable* var = (DiVariable*)VG_(indexXA)(arange->vars,j);
271 /* Nothing to free in var: all the pointer fields refer
272 to stuff either on an admin list, or in
275 VG_(deleteXA)(arange->vars);
276 /* Don't free arange itself, as OSetGen_Destroy does
279 VG_(OSetGen_Destroy)(scope);
281 VG_(deleteXA)(di->varinfo);
288 /* 'si' is a member of debugInfo_list. Find it, remove it from the
289 list, notify m_redir that this has happened, and free all storage
292 static void discard_DebugInfo ( DebugInfo* di )
294 # if defined(VGP_ppc32_aix5)
295 HChar* reason = "__unload";
296 # elif defined(VGP_ppc64_aix5)
297 HChar* reason = "kunload64";
299 HChar* reason = "munmap";
302 DebugInfo** prev_next_ptr = &debugInfo_list;
303 DebugInfo* curr = debugInfo_list;
307 /* Found it; remove from list and free it. */
309 && (VG_(clo_verbosity) > 1 || VG_(clo_trace_redir)))
310 VG_(message)(Vg_DebugMsg,
311 "Discarding syms at %#lx-%#lx in %s due to %s()\n",
313 di->text_avma + di->text_size,
314 curr->filename ? curr->filename : (UChar*)"???",
316 vg_assert(*prev_next_ptr == curr);
317 *prev_next_ptr = curr->next;
318 if (curr->have_dinfo)
319 VG_(redir_notify_delete_DebugInfo)( curr );
320 free_DebugInfo(curr);
323 prev_next_ptr = &curr->next;
331 /* Repeatedly scan debugInfo_list, looking for DebugInfos with text
332 AVMAs intersecting [start,start+length), and call discard_DebugInfo
333 to get rid of them. This modifies the list, hence the multiple
334 iterations. Returns True iff any such DebugInfos were found.
336 static Bool discard_syms_in_range ( Addr start, SizeT length )
338 Bool anyFound = False;
345 curr = debugInfo_list;
349 if (curr->text_present
350 && curr->text_size > 0
351 && (start+length - 1 < curr->text_avma
352 || curr->text_avma + curr->text_size - 1 < start)) {
363 discard_DebugInfo( curr );
370 /* Does [s1,+len1) overlap [s2,+len2) ? Note: does not handle
371 wraparound at the end of the address space -- just asserts in that
373 static Bool ranges_overlap (Addr s1, SizeT len1, Addr s2, SizeT len2 )
376 if (len1 == 0 || len2 == 0)
380 /* Assert that we don't have wraparound. If we do it would imply
381 that file sections are getting mapped around the end of the
382 address space, which sounds unlikely. */
385 if (e1 < s2 || e2 < s1) return False;
390 /* Do the basic rx_ and rw_ mappings of the two DebugInfos overlap in
392 static Bool do_DebugInfos_overlap ( DebugInfo* di1, DebugInfo* di2 )
397 if (di1->have_rx_map && di2->have_rx_map
398 && ranges_overlap(di1->rx_map_avma, di1->rx_map_size,
399 di2->rx_map_avma, di2->rx_map_size))
402 if (di1->have_rx_map && di2->have_rw_map
403 && ranges_overlap(di1->rx_map_avma, di1->rx_map_size,
404 di2->rw_map_avma, di2->rw_map_size))
407 if (di1->have_rw_map && di2->have_rx_map
408 && ranges_overlap(di1->rw_map_avma, di1->rw_map_size,
409 di2->rx_map_avma, di2->rx_map_size))
412 if (di1->have_rw_map && di2->have_rw_map
413 && ranges_overlap(di1->rw_map_avma, di1->rw_map_size,
414 di2->rw_map_avma, di2->rw_map_size))
421 /* Discard all elements of debugInfo_list whose .mark bit is set.
423 static void discard_marked_DebugInfos ( void )
429 curr = debugInfo_list;
439 discard_DebugInfo( curr );
445 /* Discard any elements of debugInfo_list which overlap with diRef.
446 Clearly diRef must have its rx_ and rw_ mapping information set to
448 #if defined(VGO_aix5)
449 __attribute__((unused))
451 static void discard_DebugInfos_which_overlap_with ( DebugInfo* diRef )
454 /* Mark all the DebugInfos in debugInfo_list that need to be
455 deleted. First, clear all the mark bits; then set them if they
456 overlap with siRef. Since siRef itself is in this list we at
457 least expect its own mark bit to be set. */
458 for (di = debugInfo_list; di; di = di->next) {
459 di->mark = do_DebugInfos_overlap( di, diRef );
465 discard_marked_DebugInfos();
469 /* Find the existing DebugInfo for (memname,filename) or if not found,
470 create one. In the latter case memname and filename are strdup'd
471 into VG_AR_DINFO, and the new DebugInfo is added to
474 DebugInfo* find_or_create_DebugInfo_for ( UChar* filename, UChar* memname )
478 for (di = debugInfo_list; di; di = di->next) {
479 vg_assert(di->filename);
480 if (0==VG_(strcmp)(di->filename, filename)
481 && ( (memname && di->memname)
482 ? 0==VG_(strcmp)(memname, di->memname)
487 di = alloc_DebugInfo(filename, memname);
489 di->next = debugInfo_list;
496 /* Debuginfo reading for 'di' has just been successfully completed.
497 Check that the invariants stated in
498 "Comment_on_IMPORTANT_CFSI_REPRESENTATIONAL_INVARIANTS" in
499 priv_storage.h are observed. */
500 static void check_CFSI_related_invariants ( DebugInfo* di )
502 DebugInfo* di2 = NULL;
504 /* This fn isn't called until after debuginfo for this object has
505 been successfully read. And that shouldn't happen until we have
506 both a r-x and rw- mapping for the object. Hence: */
507 vg_assert(di->have_rx_map);
508 vg_assert(di->have_rw_map);
509 /* degenerate case: r-x section is empty */
510 if (di->rx_map_size == 0) {
511 vg_assert(di->cfsi == NULL);
514 /* normal case: r-x section is nonempty */
516 vg_assert(di->rx_map_size > 0);
518 for (di2 = debugInfo_list; di2; di2 = di2->next) {
521 if (di2->rx_map_size == 0)
523 vg_assert(di->rx_map_avma + di->rx_map_size <= di2->rx_map_avma
524 || di2->rx_map_avma + di2->rx_map_size <= di->rx_map_avma);
529 vg_assert(di->cfsi_minavma <= di->cfsi_maxavma); /* duh! */
530 vg_assert(di->cfsi_minavma >= di->rx_map_avma);
531 vg_assert(di->cfsi_maxavma < di->rx_map_avma + di->rx_map_size);
533 /* invariants (3) and (4) */
536 vg_assert(di->cfsi_used > 0);
537 vg_assert(di->cfsi_size > 0);
538 for (i = 0; i < di->cfsi_used; i++) {
539 DiCfSI* cfsi = &di->cfsi[i];
540 vg_assert(cfsi->len > 0);
541 vg_assert(cfsi->base >= di->cfsi_minavma);
542 vg_assert(cfsi->base + cfsi->len - 1 <= di->cfsi_maxavma);
544 DiCfSI* cfsip = &di->cfsi[i-1];
545 vg_assert(cfsip->base + cfsip->len <= cfsi->base);
549 vg_assert(di->cfsi_used == 0);
550 vg_assert(di->cfsi_size == 0);
555 /*--------------------------------------------------------------*/
557 /*--- TOP LEVEL: INITIALISE THE DEBUGINFO SYSTEM ---*/
559 /*--------------------------------------------------------------*/
561 void VG_(di_initialise) ( void )
563 /* There's actually very little to do here, since everything
564 centers around the DebugInfos in debugInfo_list, they are
565 created and destroyed on demand, and each one is treated more or
566 less independently. */
567 vg_assert(debugInfo_list == NULL);
569 /* flush the CFI fast query cache. */
570 cfsi_cache__invalidate();
574 /*--------------------------------------------------------------*/
576 /*--- TOP LEVEL: NOTIFICATION (ACQUIRE/DISCARD INFO) (LINUX) ---*/
578 /*--------------------------------------------------------------*/
580 #if defined(VGO_linux) || defined(VGO_darwin) || defined(VGO_l4re)
582 /* The debug info system is driven by notifications that a text
583 segment has been mapped in, or unmapped. When that happens it
584 tries to acquire/discard whatever info is available for the
585 corresponding object. This section contains the notification
588 /* Notify the debuginfo system about a new mapping. This is the way
589 new debug information gets loaded. If allow_SkFileV is True, it
590 will try load debug info if the mapping at 'a' belongs to Valgrind;
591 whereas normally (False) it will not do that. This allows us to
592 carefully control when the thing will read symbols from the
593 Valgrind executable itself.
595 If a call to VG_(di_notify_mmap) causes debug info to be read, then
596 the returned ULong is an abstract handle which can later be used to
597 refer to the debuginfo read as a result of this specific mapping,
598 in later queries to m_debuginfo. In this case the handle value
599 will be one or above. If the returned value is zero, no debug info
602 ULong VG_(di_notify_mmap)( Addr a, Bool allow_SkFileV )
604 NSegment const * seg;
606 Bool ok, is_rx_map, is_rw_map;
614 struct vg_stat statbuf;
616 /* In short, figure out if this mapping is of interest to us, and
617 if so, try to guess what ld.so is doing and when/if we should
619 seg = VG_(am_find_nsegment)(a);
623 VG_(printf)("di_notify_mmap-1: %#lx-%#lx %c%c%c\n",
624 seg->start, seg->end,
625 seg->hasR ? 'r' : '-',
626 seg->hasW ? 'w' : '-',seg->hasX ? 'x' : '-' );
627 #if defined(VGO_l4re)
628 VG_(printf)(" segment kind: %d (%s)\n", seg->kind,
629 vcap_segknd_str(seg->kind));
633 /* guaranteed by aspacemgr-linux.c, sane_NSegment() */
634 vg_assert(seg->end > seg->start);
636 /* Ignore non-file mappings */
637 if ( ! (seg->kind == SkFileC
638 || (seg->kind == SkFileV && allow_SkFileV)) )
641 /* If the file doesn't have a name, we're hosed. Give up. */
642 filename = VG_(am_get_filename)( (NSegment*)seg );
647 VG_(printf)("di_notify_mmap-2: %s\n", filename);
649 /* Only try to read debug information from regular files. */
650 statres = VG_(stat)(filename, &statbuf);
652 /* stat dereferences symlinks, so we don't expect it to succeed and
653 yet produce something that is a symlink. */
654 vg_assert(sr_isError(statres) || ! VKI_S_ISLNK(statbuf.mode));
656 /* Don't let the stat call fail silently. Filter out some known
657 sources of noise before complaining, though. */
658 if (sr_isError(statres)) {
660 Bool quiet = VG_(strstr)(filename, "/var/run/nscd/") != NULL;
661 if (!quiet && VG_(clo_verbosity) > 1) {
662 VG_(memset)(&fake_di, 0, sizeof(fake_di));
663 fake_di.filename = filename;
664 ML_(symerr)(&fake_di, True, "failed to stat64/stat this file");
669 /* Finally, the point of all this stattery: if it's not a regular file,
670 don't try to read debug info from it. */
671 if (! VKI_S_ISREG(statbuf.mode)) {
672 VG_(printf)("not a regular file\n");
676 /* no uses of statbuf below here. */
678 /* Now we have to guess if this is a text-like mapping, a data-like
679 mapping, neither or both. The rules are:
681 text if: x86-linux r and x
682 other-linux r and x and not w
684 data if: x86-linux r and w
685 other-linux r and w and not x
687 Background: On x86-linux, objects are typically mapped twice:
689 1b8fb000-1b8ff000 r-xp 00000000 08:02 4471477 vgpreload_memcheck.so
690 1b8ff000-1b900000 rw-p 00004000 08:02 4471477 vgpreload_memcheck.so
692 whereas ppc32-linux mysteriously does this:
694 118a6000-118ad000 r-xp 00000000 08:05 14209428 vgpreload_memcheck.so
695 118ad000-118b6000 ---p 00007000 08:05 14209428 vgpreload_memcheck.so
696 118b6000-118bd000 rwxp 00000000 08:05 14209428 vgpreload_memcheck.so
698 The third mapping should not be considered to have executable
699 code in. Therefore a test which works for both is: r and x and
700 NOT w. Reading symbols from the rwx segment -- which overlaps
701 the r-x segment in the file -- causes the redirection mechanism
702 to redirect to addresses in that third segment, which is wrong
705 JRS 28 Dec 05: unfortunately icc 8.1 on x86 has been seen to
706 produce executables with a single rwx segment rather than a
707 (r-x,rw-) pair. That means the rules have to be modified thusly:
709 x86-linux: consider if r and x
710 all others: consider if r and x and not w
712 2009 Aug 16: apply similar kludge to ppc32-linux.
713 See http://bugs.kde.org/show_bug.cgi?id=190820
715 There are two modes on s390x: with and without the noexec kernel
716 parameter. Together with some older kernels, this leads to several
726 # if defined(VGA_x86) || defined(VGA_ppc32)
727 is_rx_map = seg->hasR && seg->hasX;
728 is_rw_map = seg->hasR && seg->hasW;
729 # elif defined(VGA_amd64) || defined(VGA_ppc64) || defined(VGA_arm)
730 is_rx_map = seg->hasR && seg->hasX && !seg->hasW;
731 is_rw_map = seg->hasR && seg->hasW && !seg->hasX;
732 # elif defined(VGP_s390x_linux)
733 is_rx_map = seg->hasR && seg->hasX && !seg->hasW;
734 is_rw_map = seg->hasR && seg->hasW;
736 # error "Unknown platform"
740 VG_(printf)("di_notify_mmap-3: is_rx_map %d, is_rw_map %d\n",
741 (Int)is_rx_map, (Int)is_rw_map);
743 /* If it is neither text-ish nor data-ish, we're not interested. */
744 if (!(is_rx_map || is_rw_map))
747 /* Peer at the first few bytes of the file, to see if it is an ELF */
748 /* object file. Ignore the file if we do not have read permission. */
749 VG_(memset)(buf1k, 0, sizeof(buf1k));
750 oflags = VKI_O_RDONLY;
751 # if defined(VKI_O_LARGEFILE)
752 oflags |= VKI_O_LARGEFILE;
754 fd = VG_(open)( filename, oflags, 0 );
755 if (sr_isError(fd)) {
756 if (sr_Err(fd) != VKI_EACCES) {
758 VG_(memset)(&fake_di, 0, sizeof(fake_di));
759 fake_di.filename = filename;
760 ML_(symerr)(&fake_di, True, "can't open file to inspect ELF header");
764 nread = VG_(read)( sr_Res(fd), buf1k, sizeof(buf1k) );
765 VG_(close)( sr_Res(fd) );
771 VG_(memset)(&fake_di, 0, sizeof(fake_di));
772 fake_di.filename = filename;
773 ML_(symerr)(&fake_di, True, "can't read file to inspect ELF header");
776 vg_assert(nread > 0 && nread <= sizeof(buf1k) );
778 /* We're only interested in mappings of object files. */
779 // Nb: AIX5 doesn't use this file and so isn't represented here.
780 #if defined(VGO_linux) || defined(VGO_l4re)
781 if (!ML_(is_elf_object_file)( buf1k, (SizeT)nread ))
783 #elif defined(VGO_darwin)
784 if (!ML_(is_macho_object_file)( buf1k, (SizeT)nread ))
790 /* See if we have a DebugInfo for this filename. If not,
792 di = find_or_create_DebugInfo_for( filename, NULL/*membername*/ );
796 /* We have a text-like mapping. Note the details. */
797 if (!di->have_rx_map) {
798 di->have_rx_map = True;
800 di->rx_map_size = seg->end + 1 - seg->start;
801 di->rx_map_foff = seg->offset;
803 /* FIXME: complain about a second text-like mapping */
808 /* We have a data-like mapping. Note the details. */
809 if (!di->have_rw_map) {
810 di->have_rw_map = True;
812 di->rw_map_size = seg->end + 1 - seg->start;
813 di->rw_map_foff = seg->offset;
815 /* FIXME: complain about a second data-like mapping */
819 /* If we don't have an rx and rw mapping, or if we already have
820 debuginfo for this mapping for whatever reason, go no
822 if ( ! (di->have_rx_map && di->have_rw_map && !di->have_dinfo) )
825 /* Ok, so, finally, let's try to read the debuginfo. */
826 vg_assert(di->filename);
828 TRACE_SYMTAB("------ start ELF OBJECT "
829 "------------------------------\n");
830 TRACE_SYMTAB("------ name = %s\n", di->filename);
833 /* We're going to read symbols and debug info for the avma
834 ranges [rx_map_avma, +rx_map_size) and [rw_map_avma,
835 +rw_map_size). First get rid of any other DebugInfos which
836 overlap either of those ranges (to avoid total confusion). */
837 discard_DebugInfos_which_overlap_with( di );
839 /* .. and acquire new info. */
840 // Nb: AIX5 doesn't use this file and so isn't represented here.
841 #if defined(VGO_linux) || defined(VGO_l4re)
842 ok = ML_(read_elf_debug_info)( di );
843 #elif defined(VGO_darwin)
844 ok = ML_(read_macho_debug_info)( di );
851 TRACE_SYMTAB("\n------ Canonicalising the "
852 "acquired info ------\n");
853 /* invalidate the CFI unwind cache. */
854 cfsi_cache__invalidate();
855 /* prepare read data for use */
856 ML_(canonicaliseTables)( di );
857 /* notify m_redir about it */
858 TRACE_SYMTAB("\n------ Notifying m_redir ------\n");
859 VG_(redir_notify_new_DebugInfo)( di );
860 /* Note that we succeeded */
861 di->have_dinfo = True;
862 tl_assert(di->handle > 0);
863 di_handle = di->handle;
864 /* Check invariants listed in
865 Comment_on_IMPORTANT_REPRESENTATIONAL_INVARIANTS in
867 check_CFSI_related_invariants(di);
870 TRACE_SYMTAB("\n------ ELF reading failed ------\n");
871 /* Something went wrong (eg. bad ELF file). Should we delete
872 this DebugInfo? No - it contains info on the rw/rx
873 mappings, at least. */
875 vg_assert(di->have_dinfo == False);
879 TRACE_SYMTAB("------ name = %s\n", di->filename);
880 TRACE_SYMTAB("------ end ELF OBJECT "
881 "------------------------------\n");
888 /* Unmap is simpler - throw away any SegInfos intersecting
890 void VG_(di_notify_munmap)( Addr a, SizeT len )
893 if (0) VG_(printf)("DISCARD %#lx %#lx\n", a, a+len);
894 anyFound = discard_syms_in_range(a, len);
896 cfsi_cache__invalidate();
900 /* Uh, this doesn't do anything at all. IIRC glibc (or ld.so, I don't
901 remember) does a bunch of mprotects on itself, and if we follow
902 through here, it causes the debug info for that object to get
904 void VG_(di_notify_mprotect)( Addr a, SizeT len, UInt prot )
906 Bool exe_ok = toBool(prot & VKI_PROT_EXEC);
907 # if defined(VGA_x86)
908 exe_ok = exe_ok || toBool(prot & VKI_PROT_READ);
911 Bool anyFound = discard_syms_in_range(a, len);
913 cfsi_cache__invalidate();
917 /*--------- PDB (windows debug info) reading --------- */
919 /* this should really return ULong, as per VG_(di_notify_mmap). */
920 void VG_(di_notify_pdb_debuginfo)( Int fd_obj, Addr avma_obj,
922 PtrdiffT unknown_purpose__reloc )
924 Int i, r, sz_exename;
925 ULong obj_mtime, pdb_mtime;
926 Char exename[VKI_PATH_MAX];
927 Char* pdbname = NULL;
932 struct vg_stat stat_buf;
934 if (VG_(clo_verbosity) > 0) {
935 VG_(message)(Vg_UserMsg, "\n");
936 VG_(message)(Vg_UserMsg,
937 "LOAD_PDB_DEBUGINFO: clreq: fd=%d, avma=%#lx, total_size=%lu, "
939 fd_obj, avma_obj, total_size, unknown_purpose__reloc
943 /* 'fd' refers to the .exe/.dll we're dealing with. Get its modification
944 time into obj_mtime. */
945 r = VG_(fstat)(fd_obj, &stat_buf);
947 goto out; /* stat failed ?! */
949 obj_mtime = stat_buf.mtime;
951 /* and get its name into exename[]. */
952 vg_assert(VKI_PATH_MAX > 100); /* to ensure /proc/self/fd/%d is safe */
953 VG_(memset)(exename, 0, sizeof(exename));
954 VG_(sprintf)(exename, "/proc/self/fd/%d", fd_obj);
955 /* convert exename from a symlink to real name .. overwrites the
956 old contents of the buffer. Ick. */
957 sz_exename = VG_(readlink)(exename, exename, sizeof(exename)-2 );
958 if (sz_exename == -1)
959 goto out; /* readlink failed ?! */
960 vg_assert(sz_exename >= 0 && sz_exename < sizeof(exename));
961 vg_assert(exename[sizeof(exename)-1] == 0);
963 if (VG_(clo_verbosity) > 0) {
964 VG_(message)(Vg_UserMsg, "LOAD_PDB_DEBUGINFO: objname: %s\n", exename);
967 /* Try to get the PDB file name from the executable. */
968 pdbname = ML_(find_name_of_pdb_file)(exename);
970 vg_assert(VG_(strlen)(pdbname) >= 5); /* 5 = strlen("X.pdb") */
971 /* So we successfully extracted a name from the PE file. But it's
972 likely to be of the form
973 e:\foo\bar\xyzzy\wibble.pdb
974 and we need to change it into something we can actually open
975 in Wine-world, which basically means turning it into
976 $HOME/.wine/drive_e/foo/bar/xyzzy/wibble.pdb
977 We also take into account $WINEPREFIX, if it is set.
978 For the moment, if the name isn't fully qualified, just forget it
979 (we'd have to root around to find where the pdb actually is)
981 /* Change all the backslashes to forward slashes */
982 for (i = 0; pdbname[i]; i++) {
983 if (pdbname[i] == '\\')
987 = ('a' <= VG_(tolower)(pdbname[0]) && VG_(tolower)(pdbname[0]) <= 'z')
989 && pdbname[2] == '/';
990 HChar* home = VG_(getenv)("HOME");
991 HChar* wpfx = VG_(getenv)("WINEPREFIX");
992 if (is_quald && wpfx) {
993 /* Change e:/foo/bar/xyzzy/wibble.pdb
994 to $WINEPREFIX/drive_e/foo/bar/xyzzy/wibble.pdb
996 Int mashedSzB = VG_(strlen)(pdbname) + VG_(strlen)(wpfx) + 50/*misc*/;
997 HChar* mashed = ML_(dinfo_zalloc)("di.debuginfo.dnpdi.1", mashedSzB);
998 VG_(sprintf)(mashed, "%s/drive_%c%s",
999 wpfx, pdbname[0], &pdbname[2]);
1000 vg_assert(mashed[mashedSzB-1] == 0);
1001 ML_(dinfo_free)(pdbname);
1004 else if (is_quald && home && !wpfx) {
1005 /* Change e:/foo/bar/xyzzy/wibble.pdb
1006 to $HOME/.wine/drive_e/foo/bar/xyzzy/wibble.pdb
1008 Int mashedSzB = VG_(strlen)(pdbname) + VG_(strlen)(home) + 50/*misc*/;
1009 HChar* mashed = ML_(dinfo_zalloc)("di.debuginfo.dnpdi.2", mashedSzB);
1010 VG_(sprintf)(mashed, "%s/.wine/drive_%c%s",
1011 home, pdbname[0], &pdbname[2]);
1012 vg_assert(mashed[mashedSzB-1] == 0);
1013 ML_(dinfo_free)(pdbname);
1016 /* It's not a fully qualified path, or neither $HOME nor $WINE
1017 are set (strange). Give up. */
1018 ML_(dinfo_free)(pdbname);
1023 /* Try s/exe/pdb/ if we don't have a valid pdbname. */
1025 /* Try to find a matching PDB file from which to read debuginfo.
1026 Windows PE files have symbol tables and line number information,
1027 but MSVC doesn't seem to use them. */
1028 /* Why +5 ? Because in the worst case, we could find a dot as the
1029 last character of pdbname, and we'd then put "pdb" right after
1030 it, hence extending it a bit. */
1031 pdbname = ML_(dinfo_zalloc)("di.debuginfo.lpd1", sz_exename+5);
1032 VG_(strcpy)(pdbname, exename);
1033 vg_assert(pdbname[sz_exename+5-1] == 0);
1034 dot = VG_(strrchr)(pdbname, '.');
1036 goto out; /* there's no dot in the exe's name ?! */
1038 goto out; /* hmm, path ends in "." */
1040 if ('A' <= dot[1] && dot[1] <= 'Z')
1041 VG_(strcpy)(dot, ".PDB");
1043 VG_(strcpy)(dot, ".pdb");
1045 vg_assert(pdbname[sz_exename+5-1] == 0);
1048 /* See if we can find it, and check it's in-dateness. */
1049 sres = VG_(stat)(pdbname, &stat_buf);
1050 if (sr_isError(sres)) {
1051 VG_(message)(Vg_UserMsg, "Warning: Missing or un-stat-able %s\n",
1053 if (VG_(clo_verbosity) > 0)
1054 VG_(message)(Vg_UserMsg, "LOAD_PDB_DEBUGINFO: missing: %s\n", pdbname);
1057 pdb_mtime = stat_buf.mtime;
1058 if (obj_mtime > pdb_mtime + 60UL) {
1059 /* PDB file is older than PE file - ignore it or we will either
1060 (a) print wrong stack traces or more likely (b) crash. */
1061 VG_(message)(Vg_UserMsg,
1062 "Warning: %s (mtime = %llu)\n"
1063 " is older than %s (mtime = %llu)\n",
1064 pdbname, pdb_mtime, exename, obj_mtime);
1067 sres = VG_(open)(pdbname, VKI_O_RDONLY, 0);
1068 if (sr_isError(sres)) {
1069 VG_(message)(Vg_UserMsg, "Warning: Can't open %s\n", pdbname);
1073 /* Looks promising; go on to try and read stuff from it. But don't
1074 mmap the file. Instead mmap free space and read the file into
1075 it. This is because files on CIFS filesystems that are mounted
1076 '-o directio' can't be mmap'd, and that mount option is needed
1077 to make CIFS work reliably. (See
1078 http://www.nabble.com/Corrupted-data-on-write-to-
1079 Windows-2003-Server-t2782623.html)
1080 This is slower, but at least it works reliably. */
1081 fd_pdbimage = sr_Res(sres);
1082 n_pdbimage = stat_buf.size;
1083 if (n_pdbimage == 0 || n_pdbimage > 0x7FFFFFFF) {
1084 // 0x7FFFFFFF: why? Because the VG_(read) just below only
1085 // can deal with a signed int as the size of data to read,
1086 // so we can't reliably check for read failure for files
1087 // greater than that size. Hence just skip them; we're
1088 // unlikely to encounter a PDB that large anyway.
1089 VG_(close)(fd_pdbimage);
1092 sres = VG_(am_mmap_anon_float_valgrind)( n_pdbimage );
1093 if (sr_isError(sres)) {
1094 VG_(close)(fd_pdbimage);
1098 void* pdbimage = (void*)sr_Res(sres);
1099 r = VG_(read)( fd_pdbimage, pdbimage, (Int)n_pdbimage );
1100 if (r < 0 || r != (Int)n_pdbimage) {
1101 VG_(am_munmap_valgrind)( (Addr)pdbimage, n_pdbimage );
1102 VG_(close)(fd_pdbimage);
1106 if (VG_(clo_verbosity) > 0)
1107 VG_(message)(Vg_UserMsg, "LOAD_PDB_DEBUGINFO: pdbname: %s\n", pdbname);
1109 /* play safe; always invalidate the CFI cache. I don't know if
1110 this is necessary, but anyway .. */
1111 cfsi_cache__invalidate();
1112 /* dump old info for this range, if any */
1113 discard_syms_in_range( avma_obj, total_size );
1115 { DebugInfo* di = find_or_create_DebugInfo_for(exename, NULL/*membername*/ );
1117 /* this di must be new, since we just nuked any old stuff in the range */
1118 vg_assert(di && !di->have_rx_map && !di->have_rw_map);
1119 vg_assert(!di->have_dinfo);
1121 /* don't set up any of the di-> fields; let
1122 ML_(read_pdb_debug_info) do it. */
1123 ML_(read_pdb_debug_info)( di, avma_obj, unknown_purpose__reloc,
1124 pdbimage, n_pdbimage, pdbname, pdb_mtime );
1125 // JRS fixme: take notice of return value from read_pdb_debug_info,
1126 // and handle failure
1127 vg_assert(di->have_dinfo); // fails if PDB read failed
1128 VG_(am_munmap_valgrind)( (Addr)pdbimage, n_pdbimage );
1129 VG_(close)(fd_pdbimage);
1131 if (VG_(clo_verbosity) > 0) {
1132 VG_(message)(Vg_UserMsg, "LOAD_PDB_DEBUGINFO: done: "
1133 "%lu syms, %lu src locs, %lu fpo recs\n",
1134 di->symtab_used, di->loctab_used, di->fpo_size);
1139 if (pdbname) ML_(dinfo_free)(pdbname);
1142 #endif /* defined(VGO_linux) || defined(VGO_darwin) */
1145 /*-------------------------------------------------------------*/
1147 /*--- TOP LEVEL: NOTIFICATION (ACQUIRE/DISCARD INFO) (AIX5) ---*/
1149 /*-------------------------------------------------------------*/
1151 #if defined(VGO_aix5)
1153 /* The supplied parameters describe a code segment and its associated
1154 data segment, that have recently been mapped in -- so we need to
1155 read debug info for it -- or conversely, have recently been dumped,
1156 in which case the relevant debug info has to be unloaded. */
1158 ULong VG_(di_aix5_notify_segchange)(
1170 /* play safe; always invalidate the CFI cache. Not
1171 that it should be used on AIX, but still .. */
1172 cfsi_cache__invalidate();
1178 di = find_or_create_DebugInfo_for( file_name, mem_name );
1182 di->text_present = True;
1183 di->text_svma = 0; /* don't know yet */
1184 di->text_bias = 0; /* don't know yet */
1185 di->text_avma = code_start;
1186 di->text_size = code_len;
1189 di->data_present = True;
1190 di->data_svma = 0; /* don't know yet */
1191 di->data_bias = 0; /* don't know yet */
1192 di->data_avma = data_start;
1193 di->data_size = data_len;
1196 /* These need to be filled in in order to keep various
1197 assertions in storage.c happy. In particular see
1198 "Comment_Regarding_Text_Range_Checks" in that file. */
1199 di->have_rx_map = True;
1200 di->rx_map_avma = code_start;
1201 di->rx_map_size = code_len;
1202 di->have_rw_map = True;
1203 di->rw_map_avma = data_start;
1204 di->rw_map_size = data_len;
1206 ok = ML_(read_xcoff_debug_info) ( di, is_mainexe );
1209 /* prepare read data for use */
1210 ML_(canonicaliseTables)( di );
1211 /* notify m_redir about it */
1212 VG_(redir_notify_new_DebugInfo)( di );
1213 /* Note that we succeeded */
1214 di->have_dinfo = True;
1217 /* Check invariants listed in
1218 Comment_on_IMPORTANT_REPRESENTATIONAL_INVARIANTS in
1220 check_CFSI_related_invariants(di);
1222 /* Something went wrong (eg. bad XCOFF file). */
1223 discard_DebugInfo( di );
1229 /* Dump all the debugInfos whose text segments intersect
1230 code_start/code_len. */
1231 /* CFI cache is always invalidated at start of this routine.
1232 Hence it's safe to ignore the return value of
1233 discard_syms_in_range. */
1235 (void)discard_syms_in_range( code_start, code_len );
1243 #endif /* defined(VGO_aix5) */
1246 /*------------------------------------------------------------*/
1248 /*--- TOP LEVEL: QUERYING EXISTING DEBUG INFO ---*/
1250 /*------------------------------------------------------------*/
1252 void VG_(di_discard_ALL_debuginfo)( void )
1254 DebugInfo *di, *di2;
1255 di = debugInfo_list;
1258 VG_(printf)("XXX rm %p\n", di);
1259 free_DebugInfo( di );
1265 /*------------------------------------------------------------*/
1266 /*--- Use of symbol table & location info to create ---*/
1267 /*--- plausible-looking stack dumps. ---*/
1268 /*------------------------------------------------------------*/
1270 /* Search all symtabs that we know about to locate ptr. If found, set
1271 *pdi to the relevant DebugInfo, and *symno to the symtab entry
1272 *number within that. If not found, *psi is set to NULL.
1273 If findText==True, only text symbols are searched for.
1274 If findText==False, only data symbols are searched for.
1276 static void search_all_symtabs ( Addr ptr, /*OUT*/DebugInfo** pdi,
1278 Bool match_anywhere_in_sym,
1285 for (di = debugInfo_list; di != NULL; di = di->next) {
1288 /* Consider any symbol in the r-x mapped area to be text.
1289 See Comment_Regarding_Text_Range_Checks in storage.c for
1291 inRange = di->have_rx_map
1292 && di->rx_map_size > 0
1293 && di->rx_map_avma <= ptr
1294 && ptr < di->rx_map_avma + di->rx_map_size;
1296 inRange = (di->data_present
1297 && di->data_size > 0
1298 && di->data_avma <= ptr
1299 && ptr < di->data_avma + di->data_size)
1302 && di->sdata_size > 0
1303 && di->sdata_avma <= ptr
1304 && ptr < di->sdata_avma + di->sdata_size)
1308 && di->bss_avma <= ptr
1309 && ptr < di->bss_avma + di->bss_size)
1312 && di->sbss_size > 0
1313 && di->sbss_avma <= ptr
1314 && ptr < di->sbss_avma + di->sbss_size)
1317 && di->rodata_size > 0
1318 && di->rodata_avma <= ptr
1319 && ptr < di->rodata_avma + di->rodata_size);
1322 if (!inRange) continue;
1324 sno = ML_(search_one_symtab) (
1325 di, ptr, match_anywhere_in_sym, findText );
1326 if (sno == -1) goto not_found;
1337 /* Search all loctabs that we know about to locate ptr. If found, set
1338 *pdi to the relevant DebugInfo, and *locno to the loctab entry
1339 *number within that. If not found, *pdi is set to NULL. */
1340 static void search_all_loctabs ( Addr ptr, /*OUT*/DebugInfo** pdi,
1341 /*OUT*/Word* locno )
1345 for (di = debugInfo_list; di != NULL; di = di->next) {
1346 if (di->text_present
1347 && di->text_size > 0
1348 && di->text_avma <= ptr
1349 && ptr < di->text_avma + di->text_size) {
1350 lno = ML_(search_one_loctab) ( di, ptr );
1351 if (lno == -1) goto not_found;
1362 /* The whole point of this whole big deal: map a code address to a
1363 plausible symbol name. Returns False if no idea; otherwise True.
1364 Caller supplies buf and nbuf. If do_cxx_demangling is False, don't do
1365 C++ demangling, regardless of VG_(clo_demangle) -- probably because the
1366 call has come from VG_(get_fnname_raw)(). findText
1367 indicates whether we're looking for a text symbol or a data symbol
1368 -- caller must choose one kind or the other. */
1370 Bool get_sym_name ( Bool do_cxx_demangling, Bool do_z_demangling,
1371 Bool do_below_main_renaming,
1372 Addr a, Char* buf, Int nbuf,
1373 Bool match_anywhere_in_sym, Bool show_offset,
1374 Bool findText, /*OUT*/PtrdiffT* offsetP )
1380 search_all_symtabs ( a, &di, &sno, match_anywhere_in_sym, findText );
1384 VG_(demangle) ( do_cxx_demangling, do_z_demangling,
1385 di->symtab[sno].name, buf, nbuf );
1387 /* Do the below-main hack */
1388 // To reduce the endless nuisance of multiple different names
1389 // for "the frame below main()" screwing up the testsuite, change all
1390 // known incarnations of said into a single name, "(below main)", if
1391 // --show-below-main=yes.
1392 if ( do_below_main_renaming && ! VG_(clo_show_below_main) &&
1393 Vg_FnNameBelowMain == VG_(get_fnname_kind)(buf) )
1395 VG_(strncpy_safely)(buf, "(below main)", nbuf);
1397 offset = a - di->symtab[sno].addr;
1398 if (offsetP) *offsetP = offset;
1400 if (show_offset && offset != 0) {
1402 Char* symend = buf + VG_(strlen)(buf);
1403 Char* end = buf + nbuf;
1406 len = VG_(sprintf)(buf2, "%c%ld",
1407 offset < 0 ? '-' : '+',
1408 offset < 0 ? -offset : offset);
1409 vg_assert(len < (Int)sizeof(buf2));
1411 if (len < (end - symend)) {
1413 VG_(memcpy)(symend, cp, len+1);
1417 buf[nbuf-1] = 0; /* paranoia */
1422 /* ppc64-linux only: find the TOC pointer (R2 value) that should be in
1423 force at the entry point address of the function containing
1424 guest_code_addr. Returns 0 if not known. */
1425 Addr VG_(get_tocptr) ( Addr guest_code_addr )
1429 search_all_symtabs ( guest_code_addr,
1431 True/*match_anywhere_in_fun*/,
1432 True/*consider text symbols only*/ );
1436 return si->symtab[sno].tocptr;
1439 /* This is available to tools... always demangle C++ names,
1440 match anywhere in function, but don't show offsets. */
1441 Bool VG_(get_fnname) ( Addr a, Char* buf, Int nbuf )
1443 return get_sym_name ( /*C++-demangle*/True, /*Z-demangle*/True,
1444 /*below-main-renaming*/True,
1446 /*match_anywhere_in_fun*/True,
1447 /*show offset?*/False,
1448 /*text syms only*/True,
1452 /* This is available to tools... always demangle C++ names,
1453 match anywhere in function, and show offset if nonzero. */
1454 Bool VG_(get_fnname_w_offset) ( Addr a, Char* buf, Int nbuf )
1456 return get_sym_name ( /*C++-demangle*/True, /*Z-demangle*/True,
1457 /*below-main-renaming*/True,
1459 /*match_anywhere_in_fun*/True,
1460 /*show offset?*/True,
1461 /*text syms only*/True,
1465 /* This is available to tools... always demangle C++ names,
1466 only succeed if 'a' matches first instruction of function,
1467 and don't show offsets. */
1468 Bool VG_(get_fnname_if_entry) ( Addr a, Char* buf, Int nbuf )
1470 return get_sym_name ( /*C++-demangle*/True, /*Z-demangle*/True,
1471 /*below-main-renaming*/True,
1473 /*match_anywhere_in_fun*/False,
1474 /*show offset?*/False,
1475 /*text syms only*/True,
1479 /* This is only available to core... don't C++-demangle, don't Z-demangle,
1480 don't rename below-main, match anywhere in function, and don't show
1482 Bool VG_(get_fnname_raw) ( Addr a, Char* buf, Int nbuf )
1484 return get_sym_name ( /*C++-demangle*/False, /*Z-demangle*/False,
1485 /*below-main-renaming*/False,
1487 /*match_anywhere_in_fun*/True,
1488 /*show offset?*/False,
1489 /*text syms only*/True,
1493 /* This is only available to core... don't demangle C++ names, but do
1494 do Z-demangling and below-main-renaming, match anywhere in function, and
1495 don't show offsets. */
1496 Bool VG_(get_fnname_no_cxx_demangle) ( Addr a, Char* buf, Int nbuf )
1498 return get_sym_name ( /*C++-demangle*/False, /*Z-demangle*/True,
1499 /*below-main-renaming*/True,
1501 /*match_anywhere_in_fun*/True,
1502 /*show offset?*/False,
1503 /*text syms only*/True,
1507 Vg_FnNameKind VG_(get_fnname_kind) ( Char* name )
1509 if (VG_STREQ("main", name)) {
1510 return Vg_FnNameMain;
1513 # if defined(VGO_linux) || defined(VGO_l4re)
1514 VG_STREQ("__libc_start_main", name) || // glibc glibness
1515 VG_STREQ("generic_start_main", name) || // Yellow Dog doggedness
1516 # elif defined(VGO_aix5)
1517 VG_STREQ("__start", name) || // AIX aches
1518 # elif defined(VGO_darwin)
1519 // See readmacho.c for an explanation of this.
1520 VG_STREQ("start_according_to_valgrind", name) || // Darwin, darling
1522 # error "Unknown OS"
1525 return Vg_FnNameBelowMain;
1528 return Vg_FnNameNormal;
1532 Vg_FnNameKind VG_(get_fnname_kind_from_IP) ( Addr ip )
1534 // We don't need a big buffer; all the special names are small.
1538 // We don't demangle, because it's faster not to, and the special names
1539 // we're looking for won't be demangled.
1540 if (VG_(get_fnname_raw) ( ip, buf, BUFLEN )) {
1541 buf[BUFLEN-1] = '\0'; // paranoia
1542 return VG_(get_fnname_kind)(buf);
1544 return Vg_FnNameNormal; // Don't know the name, treat it as normal.
1548 /* Looks up data_addr in the collection of data symbols, and if found
1549 puts its name (or as much as will fit) into dname[0 .. n_dname-1],
1550 which is guaranteed to be zero terminated. Also data_addr's offset
1551 from the symbol start is put into *offset. */
1552 Bool VG_(get_datasym_and_offset)( Addr data_addr,
1553 /*OUT*/Char* dname, Int n_dname,
1554 /*OUT*/PtrdiffT* offset )
1557 vg_assert(n_dname > 1);
1558 ok = get_sym_name ( /*C++-demangle*/False, /*Z-demangle*/False,
1559 /*below-main-renaming*/False,
1560 data_addr, dname, n_dname,
1561 /*match_anywhere_in_sym*/True,
1562 /*show offset?*/False,
1563 /*data syms only please*/False,
1567 dname[n_dname-1] = 0;
1571 /* Map a code address to the name of a shared object file or the
1572 executable. Returns False if no idea; otherwise True. Doesn't
1573 require debug info. Caller supplies buf and nbuf. */
1574 Bool VG_(get_objname) ( Addr a, Char* buf, Int nbuf )
1578 const NSegment *seg;
1580 vg_assert(nbuf > 0);
1581 /* Look in the debugInfo_list to find the name. In most cases we
1582 expect this to produce a result. */
1583 for (di = debugInfo_list; di != NULL; di = di->next) {
1584 if (di->text_present
1585 && di->text_size > 0
1586 && di->text_avma <= a
1587 && a < di->text_avma + di->text_size) {
1588 VG_(strncpy_safely)(buf, di->filename, nbuf);
1590 used = VG_(strlen)(buf);
1592 VG_(strncpy_safely)(&buf[used], "(", nbuf-used);
1593 used = VG_(strlen)(buf);
1595 VG_(strncpy_safely)(&buf[used], di->memname, nbuf-used);
1596 used = VG_(strlen)(buf);
1598 VG_(strncpy_safely)(&buf[used], ")", nbuf-used);
1604 /* Last-ditch fallback position: if we don't find the address in
1605 the debugInfo_list, ask the address space manager whether it
1606 knows the name of the file associated with this mapping. This
1607 allows us to print the names of exe/dll files in the stack trace
1608 when running programs under wine. */
1609 if ( (seg = VG_(am_find_nsegment(a))) != NULL
1610 && (filename = VG_(am_get_filename)(seg)) != NULL ) {
1611 VG_(strncpy_safely)(buf, filename, nbuf);
1617 /* Map a code address to its DebugInfo. Returns NULL if not found. Doesn't
1618 require debug info. */
1619 DebugInfo* VG_(find_DebugInfo) ( Addr a )
1621 static UWord n_search = 0;
1624 for (di = debugInfo_list; di != NULL; di = di->next) {
1625 if (di->text_present
1626 && di->text_size > 0
1627 && di->text_avma <= a
1628 && a < di->text_avma + di->text_size) {
1629 if (0 == (n_search & 0xF))
1630 move_DebugInfo_one_step_forward( di );
1637 /* Map a code address to a filename. Returns True if successful. */
1638 Bool VG_(get_filename)( Addr a, Char* filename, Int n_filename )
1642 search_all_loctabs ( a, &si, &locno );
1645 VG_(strncpy_safely)(filename, si->loctab[locno].filename, n_filename);
1649 /* Map a code address to a line number. Returns True if successful. */
1650 Bool VG_(get_linenum)( Addr a, UInt* lineno )
1654 search_all_loctabs ( a, &si, &locno );
1657 *lineno = si->loctab[locno].lineno;
1662 /* Map a code address to a filename/line number/dir name info.
1663 See prototype for detailed description of behaviour.
1665 Bool VG_(get_filename_linenum) ( Addr a,
1666 /*OUT*/Char* filename, Int n_filename,
1667 /*OUT*/Char* dirname, Int n_dirname,
1668 /*OUT*/Bool* dirname_available,
1669 /*OUT*/UInt* lineno )
1674 vg_assert( (dirname == NULL && dirname_available == NULL)
1676 (dirname != NULL && dirname_available != NULL) );
1678 search_all_loctabs ( a, &si, &locno );
1680 if (dirname_available) {
1681 *dirname_available = False;
1687 VG_(strncpy_safely)(filename, si->loctab[locno].filename, n_filename);
1688 *lineno = si->loctab[locno].lineno;
1691 /* caller wants directory info too .. */
1692 vg_assert(n_dirname > 0);
1693 if (si->loctab[locno].dirname) {
1694 /* .. and we have some */
1695 *dirname_available = True;
1696 VG_(strncpy_safely)(dirname, si->loctab[locno].dirname,
1699 /* .. but we don't have any */
1700 *dirname_available = False;
1709 /* Map a function name to its entry point and toc pointer. Is done by
1710 sequential search of all symbol tables, so is very slow. To
1711 mitigate the worst performance effects, you may specify a soname
1712 pattern, and only objects matching that pattern are searched.
1713 Therefore specify "*" to search all the objects. On TOC-afflicted
1714 platforms, a symbol is deemed to be found only if it has a nonzero
1716 Bool VG_(lookup_symbol_SLOW)(UChar* sopatt, UChar* name,
1717 Addr* pEnt, Addr* pToc)
1719 Bool require_pToc = False;
1723 # if defined(VG_PLAT_USES_PPCTOC)
1724 require_pToc = True;
1726 for (si = debugInfo_list; si; si = si->next) {
1728 VG_(printf)("lookup_symbol_SLOW: considering %s\n", si->soname);
1729 if (!VG_(string_match)(sopatt, si->soname)) {
1731 VG_(printf)(" ... skip\n");
1734 for (i = 0; i < si->symtab_used; i++) {
1735 if (0==VG_(strcmp)(name, si->symtab[i].name)
1736 && (require_pToc ? si->symtab[i].tocptr : True)) {
1737 *pEnt = si->symtab[i].addr;
1738 *pToc = si->symtab[i].tocptr;
1747 /* VG_(describe_IP): print into buf info on code address, function
1748 name and filename. */
1750 /* Copy str into buf starting at n, but not going past buf[n_buf-1]
1751 and always ensuring that buf is zero-terminated. */
1753 static Int putStr ( Int n, Int n_buf, Char* buf, Char* str )
1755 vg_assert(n_buf > 0);
1756 vg_assert(n >= 0 && n < n_buf);
1757 for (; n < n_buf-1 && *str != 0; n++,str++)
1759 vg_assert(n >= 0 && n < n_buf);
1764 /* Same as putStr, but escaping chars for XML output, and
1765 also not adding more than count chars to n_buf. */
1767 static Int putStrEsc ( Int n, Int n_buf, Int count, Char* buf, Char* str )
1770 vg_assert(n_buf > 0);
1771 vg_assert(count >= 0 && count < n_buf);
1772 vg_assert(n >= 0 && n < n_buf);
1773 for (; *str != 0; str++) {
1774 vg_assert(count >= 0);
1779 if (count < 5) goto done;
1780 n = putStr( n, n_buf, buf, "&");
1784 if (count < 4) goto done;
1785 n = putStr( n, n_buf, buf, "<");
1789 if (count < 4) goto done;
1790 n = putStr( n, n_buf, buf, ">");
1794 if (count < 1) goto done;
1797 n = putStr( n, n_buf, buf, alt );
1803 vg_assert(count >= 0); /* should not go -ve in loop */
1804 vg_assert(n >= 0 && n < n_buf);
1808 Char* VG_(describe_IP)(Addr eip, Char* buf, Int n_buf)
1810 # define APPEND(_str) \
1811 n = putStr(n, n_buf, buf, _str)
1812 # define APPEND_ESC(_count,_str) \
1813 n = putStrEsc(n, n_buf, (_count), buf, (_str))
1814 # define BUF_LEN 4096
1820 static UChar buf_fn[BUF_LEN];
1821 static UChar buf_obj[BUF_LEN];
1822 static UChar buf_srcloc[BUF_LEN];
1823 static UChar buf_dirname[BUF_LEN];
1824 buf_fn[0] = buf_obj[0] = buf_srcloc[0] = buf_dirname[0] = 0;
1826 Bool know_dirinfo = False;
1827 Bool know_fnname = VG_(clo_sym_offsets)
1828 ? VG_(get_fnname_w_offset) (eip, buf_fn, BUF_LEN)
1829 : VG_(get_fnname) (eip, buf_fn, BUF_LEN);
1830 Bool know_objname = VG_(get_objname)(eip, buf_obj, BUF_LEN);
1831 Bool know_srcloc = VG_(get_filename_linenum)(
1833 buf_srcloc, BUF_LEN,
1834 buf_dirname, BUF_LEN, &know_dirinfo,
1838 buf_fn [ sizeof(buf_fn)-1 ] = 0;
1839 buf_obj [ sizeof(buf_obj)-1 ] = 0;
1840 buf_srcloc [ sizeof(buf_srcloc)-1 ] = 0;
1841 buf_dirname[ sizeof(buf_dirname)-1 ] = 0;
1845 Bool human_readable = True;
1846 HChar* maybe_newline = human_readable ? "\n " : "";
1847 HChar* maybe_newline2 = human_readable ? "\n " : "";
1849 /* Print in XML format, dumping in as much info as we know.
1850 Ensure all tags are balanced even if the individual strings
1851 are too long. Allocate 1/10 of BUF_LEN to the object name,
1852 6/10s to the function name, 1/10 to the directory name and
1853 1/10 to the file name, leaving 1/10 for all the fixed-length
1856 VG_(sprintf)(ibuf,"<ip>0x%llX</ip>", (ULong)eip);
1857 APPEND(maybe_newline);
1860 APPEND(maybe_newline);
1862 APPEND_ESC(1*BUF_LEN/10, buf_obj);
1866 APPEND(maybe_newline);
1868 APPEND_ESC(6*BUF_LEN/10, buf_fn);
1873 APPEND(maybe_newline);
1875 APPEND_ESC(1*BUF_LEN/10, buf_dirname);
1878 APPEND(maybe_newline);
1880 APPEND_ESC(1*BUF_LEN/10, buf_srcloc);
1882 APPEND(maybe_newline);
1884 VG_(sprintf)(ibuf,"%d",lineno);
1888 APPEND(maybe_newline2);
1893 /* Print for humans to read */
1897 // 0x80483BF: really (a.c:20)
1898 // 0x80483BF: really (in /foo/a.out)
1899 // 0x80483BF: really (in ???)
1900 // 0x80483BF: ??? (in /foo/a.out)
1901 // 0x80483BF: ??? (a.c:20)
1904 VG_(sprintf)(ibuf,"0x%llX: ", (ULong)eip);
1914 // Get the directory name, if any, possibly pruned, into dirname.
1915 UChar* dirname = NULL;
1916 if (VG_(clo_n_fullpath_after) > 0) {
1918 dirname = buf_dirname;
1919 // Remove leading prefixes from the dirname.
1920 // If user supplied --fullpath-after=foo, this will remove
1921 // a leading string which matches '.*foo' (not greedy).
1922 for (i = 0; i < VG_(clo_n_fullpath_after); i++) {
1923 UChar* prefix = VG_(clo_fullpath_after)[i];
1924 UChar* str = VG_(strstr)(dirname, prefix);
1926 dirname = str + VG_(strlen)(prefix);
1930 /* remove leading "./" */
1931 if (dirname[0] == '.' && dirname[1] == '/')
1934 // do we have any interesting directory name to show? If so
1936 if (dirname && dirname[0] != 0) {
1942 VG_(sprintf)(ibuf,"%d",lineno);
1945 } else if (know_objname) {
1949 } else if (know_fnname) {
1950 // Nb: do this in two steps because "??)" is a trigraph!
1964 /*--------------------------------------------------------------*/
1966 /*--- TOP LEVEL: FOR UNWINDING THE STACK USING ---*/
1967 /*--- DWARF3 .eh_frame INFO ---*/
1969 /*--------------------------------------------------------------*/
1971 /* Gather up all the constant pieces of info needed to evaluate
1972 a CfiExpr into one convenient struct. */
1975 D3UnwindRegs* uregs;
1976 Addr min_accessible;
1977 Addr max_accessible;
1981 /* Evaluate the CfiExpr rooted at ix in exprs given the context eec.
1982 *ok is set to False on failure, but not to True on success. The
1983 caller must set it to True before calling. */
1984 __attribute__((noinline))
1986 UWord evalCfiExpr ( XArray* exprs, Int ix,
1987 CfiExprEvalContext* eec, Bool* ok )
1992 vg_assert(sizeof(Addr) == sizeof(UWord));
1993 e = VG_(indexXA)( exprs, ix );
1996 wL = evalCfiExpr( exprs, e->Cex.Binop.ixL, eec, ok );
1997 if (!(*ok)) return 0;
1998 wR = evalCfiExpr( exprs, e->Cex.Binop.ixR, eec, ok );
1999 if (!(*ok)) return 0;
2000 switch (e->Cex.Binop.op) {
2001 case Cop_Add: return wL + wR;
2002 case Cop_Sub: return wL - wR;
2003 case Cop_And: return wL & wR;
2004 case Cop_Mul: return wL * wR;
2005 default: goto unhandled;
2009 switch (e->Cex.CfiReg.reg) {
2010 # if defined(VGA_x86) || defined(VGA_amd64)
2011 case Creg_IA_IP: return eec->uregs->xip;
2012 case Creg_IA_SP: return eec->uregs->xsp;
2013 case Creg_IA_BP: return eec->uregs->xbp;
2014 # elif defined(VGA_arm)
2015 case Creg_ARM_R15: return eec->uregs->r15;
2016 case Creg_ARM_R14: return eec->uregs->r14;
2017 case Creg_ARM_R13: return eec->uregs->r13;
2018 case Creg_ARM_R12: return eec->uregs->r12;
2019 # elif defined(VGA_s390x)
2020 case Creg_IA_IP: return eec->uregs->ia;
2021 case Creg_IA_SP: return eec->uregs->sp;
2022 case Creg_IA_BP: return eec->uregs->fp;
2023 case Creg_S390_R14: return eec->uregs->lr;
2024 # elif defined(VGA_ppc32) || defined(VGA_ppc64)
2026 # error "Unsupported arch"
2028 default: goto unhandled;
2032 return e->Cex.Const.con;
2034 a = evalCfiExpr( exprs, e->Cex.Deref.ixAddr, eec, ok );
2035 if (!(*ok)) return 0;
2036 if (a < eec->min_accessible
2037 || (a + sizeof(UWord) - 1) > eec->max_accessible) {
2041 /* let's hope it doesn't trap! */
2042 return * ((UWord*)a);
2048 VG_(printf)("\n\nevalCfiExpr: unhandled\n");
2049 ML_(ppCfiExpr)( exprs, ix );
2057 /* Search all the DebugInfos in the entire system, to find the DiCfSI
2058 that pertains to 'ip'.
2060 If found, set *diP to the DebugInfo in which it resides, and
2061 *ixP to the index in that DebugInfo's cfsi array.
2063 If not found, set *diP to (DebugInfo*)1 and *ixP to zero.
2065 __attribute__((noinline))
2066 static void find_DiCfSI ( /*OUT*/DebugInfo** diP,
2073 static UWord n_search = 0;
2074 static UWord n_steps = 0;
2077 if (0) VG_(printf)("search for %#lx\n", ip);
2079 for (di = debugInfo_list; di != NULL; di = di->next) {
2083 /* Use the per-DebugInfo summary address ranges to skip
2084 inapplicable DebugInfos quickly. */
2085 if (di->cfsi_used == 0)
2087 if (ip < di->cfsi_minavma || ip > di->cfsi_maxavma)
2090 /* It might be in this DebugInfo. Search it. */
2091 j = ML_(search_one_cfitab)( di, ip );
2092 vg_assert(j >= -1 && j < (Word)di->cfsi_used);
2096 break; /* found it */
2102 /* we didn't find it. */
2103 *diP = (DebugInfo*)1;
2109 /* ensure that di is 4-aligned (at least), so it can't possibly
2110 be equal to (DebugInfo*)1. */
2111 vg_assert(di && VG_IS_4_ALIGNED(di));
2112 vg_assert(i >= 0 && i < di->cfsi_used);
2116 /* Start of performance-enhancing hack: once every 64 (chosen
2117 hackily after profiling) successful searches, move the found
2118 DebugInfo one step closer to the start of the list. This
2119 makes future searches cheaper. For starting konqueror on
2120 amd64, this in fact reduces the total amount of searching
2121 done by the above find-the-right-DebugInfo loop by more than
2123 if ((n_search & 0xF) == 0) {
2124 /* Move di one step closer to the start of the list. */
2125 move_DebugInfo_one_step_forward( di );
2127 /* End of performance-enhancing hack. */
2129 if (0 && ((n_search & 0x7FFFF) == 0))
2130 VG_(printf)("find_DiCfSI: %lu searches, "
2131 "%lu DebugInfos looked at\n",
2139 /* Now follows a mechanism for caching queries to find_DiCfSI, since
2140 they are extremely frequent on amd64-linux, during stack unwinding.
2142 Each cache entry binds an ip value to a (di, ix) pair. Possible
2145 di is non-null, ix >= 0 ==> cache slot in use, "di->cfsi[ix]"
2146 di is (DebugInfo*)1 ==> cache slot in use, no associated di
2147 di is NULL ==> cache slot not in use
2149 Hence simply zeroing out the entire cache invalidates all
2152 Why not map ip values directly to DiCfSI*'s? Because this would
2153 cause problems if/when the cfsi array is moved due to resizing.
2154 Instead we cache .cfsi array index value, which should be invariant
2155 across resizing. (That said, I don't think the current
2156 implementation will resize whilst during queries, since the DiCfSI
2157 records are added all at once, when the debuginfo for an object is
2158 read, and is not changed ever thereafter. */
2160 #define N_CFSI_CACHE 511
2163 struct { Addr ip; DebugInfo* di; Word ix; }
2166 static CFSICacheEnt cfsi_cache[N_CFSI_CACHE];
2168 static void cfsi_cache__invalidate ( void ) {
2169 VG_(memset)(&cfsi_cache, 0, sizeof(cfsi_cache));
2173 static inline CFSICacheEnt* cfsi_cache__find ( Addr ip )
2175 UWord hash = ip % N_CFSI_CACHE;
2176 CFSICacheEnt* ce = &cfsi_cache[hash];
2177 static UWord n_q = 0, n_m = 0;
2180 if (0 && 0 == (n_q & 0x1FFFFF))
2181 VG_(printf)("QQQ %lu %lu\n", n_q, n_m);
2183 if (LIKELY(ce->ip == ip) && LIKELY(ce->di != NULL)) {
2184 /* found an entry in the cache .. */
2186 /* not found in cache. Search and update. */
2189 find_DiCfSI( &ce->di, &ce->ix, ip );
2192 if (UNLIKELY(ce->di == (DebugInfo*)1)) {
2193 /* no DiCfSI for this address */
2196 /* found a DiCfSI for this address */
2203 static Addr compute_cfa ( D3UnwindRegs* uregs,
2204 Addr min_accessible, Addr max_accessible,
2205 DebugInfo* di, DiCfSI* cfsi )
2207 CfiExprEvalContext eec;
2211 /* Compute the CFA. */
2213 switch (cfsi->cfa_how) {
2214 # if defined(VGA_x86) || defined(VGA_amd64)
2216 cfa = cfsi->cfa_off + uregs->xsp;
2219 cfa = cfsi->cfa_off + uregs->xbp;
2221 # elif defined(VGA_arm)
2222 case CFIC_ARM_R13REL:
2223 cfa = cfsi->cfa_off + uregs->r13;
2225 case CFIC_ARM_R12REL:
2226 cfa = cfsi->cfa_off + uregs->r12;
2228 case CFIC_ARM_R11REL:
2229 cfa = cfsi->cfa_off + uregs->r11;
2231 case CFIC_ARM_R7REL:
2232 cfa = cfsi->cfa_off + uregs->r7;
2234 # elif defined(VGA_s390x)
2236 cfa = cfsi->cfa_off + uregs->sp;
2238 case CFIR_MEMCFAREL:
2240 Addr a = uregs->sp + cfsi->cfa_off;
2241 if (a < min_accessible || a > max_accessible-sizeof(Addr))
2250 cfa = cfsi->cfa_off + uregs->fp;
2252 # elif defined(VGA_ppc32) || defined(VGA_ppc64)
2254 # error "Unsupported arch"
2256 case CFIC_EXPR: /* available on all archs */
2258 VG_(printf)("CFIC_EXPR: ");
2259 ML_(ppCfiExpr)(di->cfsi_exprs, cfsi->cfa_off);
2263 eec.min_accessible = min_accessible;
2264 eec.max_accessible = max_accessible;
2266 cfa = evalCfiExpr(di->cfsi_exprs, cfsi->cfa_off, &eec, &ok );
2276 /* Get the call frame address (CFA) given an IP/SP/FP triple. */
2277 /* NOTE: This function may rearrange the order of entries in the
2279 Addr ML_(get_CFA) ( Addr ip, Addr sp, Addr fp,
2280 Addr min_accessible, Addr max_accessible )
2284 DiCfSI* cfsi __attribute__((unused));
2286 ce = cfsi_cache__find(ip);
2288 if (UNLIKELY(ce == NULL))
2289 return 0; /* no info. Nothing we can do. */
2292 cfsi = &di->cfsi[ ce->ix ];
2294 /* Temporary impedance-matching kludge so that this keeps working
2295 on x86-linux and amd64-linux. */
2296 # if defined(VGA_x86) || defined(VGA_amd64)
2297 { D3UnwindRegs uregs;
2301 return compute_cfa(&uregs,
2302 min_accessible, max_accessible, di, cfsi);
2304 #elif defined(VGA_s390x)
2305 { D3UnwindRegs uregs;
2309 return compute_cfa(&uregs,
2310 min_accessible, max_accessible, di, cfsi);
2314 return 0; /* indicates failure */
2319 /* The main function for DWARF2/3 CFI-based stack unwinding. Given a
2320 set of registers in UREGS, modify it to hold the register values
2321 for the previous frame, if possible. Returns True if successful.
2322 If not successful, *UREGS is not changed.
2324 For x86 and amd64, the unwound registers are: {E,R}IP,
2327 For arm, the unwound registers are: R7 R11 R12 R13 R14 R15.
2329 Bool VG_(use_CF_info) ( /*MOD*/D3UnwindRegs* uregsHere,
2330 Addr min_accessible,
2331 Addr max_accessible )
2334 DiCfSI* cfsi = NULL;
2335 Addr cfa, ipHere = 0;
2337 CfiExprEvalContext eec __attribute__((unused));
2338 D3UnwindRegs uregsPrev;
2340 # if defined(VGA_x86) || defined(VGA_amd64)
2341 ipHere = uregsHere->xip;
2342 # elif defined(VGA_arm)
2343 ipHere = uregsHere->r15;
2344 # elif defined(VGA_s390x)
2345 ipHere = uregsHere->ia;
2346 # elif defined(VGA_ppc32) || defined(VGA_ppc64)
2348 # error "Unknown arch"
2350 ce = cfsi_cache__find(ipHere);
2352 if (UNLIKELY(ce == NULL))
2353 return False; /* no info. Nothing we can do. */
2356 cfsi = &di->cfsi[ ce->ix ];
2359 VG_(printf)("found cfisi: ");
2360 ML_(ppDiCfSI)(di->cfsi_exprs, cfsi);
2363 VG_(bzero_inline)(&uregsPrev, sizeof(uregsPrev));
2365 /* First compute the CFA. */
2366 cfa = compute_cfa(uregsHere,
2367 min_accessible, max_accessible, di, cfsi);
2368 if (UNLIKELY(cfa == 0))
2371 /* Now we know the CFA, use it to roll back the registers we're
2374 # define COMPUTE(_prev, _here, _how, _off) \
2377 case CFIR_UNKNOWN: \
2380 _prev = _here; break; \
2381 case CFIR_MEMCFAREL: { \
2382 Addr a = cfa + (Word)_off; \
2383 if (a < min_accessible \
2384 || a > max_accessible-sizeof(Addr)) \
2386 _prev = *(Addr*)a; \
2390 _prev = cfa + (Word)_off; \
2394 ML_(ppCfiExpr)(di->cfsi_exprs,_off); \
2395 eec.uregs = uregsHere; \
2396 eec.min_accessible = min_accessible; \
2397 eec.max_accessible = max_accessible; \
2399 _prev = evalCfiExpr(di->cfsi_exprs, _off, &eec, &ok ); \
2400 if (!ok) return False; \
2407 # if defined(VGA_x86) || defined(VGA_amd64)
2408 COMPUTE(uregsPrev.xip, uregsHere->xip, cfsi->ra_how, cfsi->ra_off);
2409 COMPUTE(uregsPrev.xsp, uregsHere->xsp, cfsi->sp_how, cfsi->sp_off);
2410 COMPUTE(uregsPrev.xbp, uregsHere->xbp, cfsi->bp_how, cfsi->bp_off);
2411 # elif defined(VGA_arm)
2412 COMPUTE(uregsPrev.r15, uregsHere->r15, cfsi->ra_how, cfsi->ra_off);
2413 COMPUTE(uregsPrev.r14, uregsHere->r14, cfsi->r14_how, cfsi->r14_off);
2414 COMPUTE(uregsPrev.r13, uregsHere->r13, cfsi->r13_how, cfsi->r13_off);
2415 COMPUTE(uregsPrev.r12, uregsHere->r12, cfsi->r12_how, cfsi->r12_off);
2416 COMPUTE(uregsPrev.r11, uregsHere->r11, cfsi->r11_how, cfsi->r11_off);
2417 COMPUTE(uregsPrev.r7, uregsHere->r7, cfsi->r7_how, cfsi->r7_off);
2418 # elif defined(VGA_s390x)
2419 COMPUTE(uregsPrev.ia, uregsHere->ia, cfsi->ra_how, cfsi->ra_off);
2420 COMPUTE(uregsPrev.sp, uregsHere->sp, cfsi->sp_how, cfsi->sp_off);
2421 COMPUTE(uregsPrev.fp, uregsHere->fp, cfsi->fp_how, cfsi->fp_off);
2422 # elif defined(VGA_ppc32) || defined(VGA_ppc64)
2424 # error "Unknown arch"
2429 *uregsHere = uregsPrev;
2434 /*--------------------------------------------------------------*/
2436 /*--- TOP LEVEL: FOR UNWINDING THE STACK USING ---*/
2437 /*--- MSVC FPO INFO ---*/
2439 /*--------------------------------------------------------------*/
2441 Bool VG_(use_FPO_info) ( /*MOD*/Addr* ipP,
2444 Addr min_accessible,
2445 Addr max_accessible )
2449 FPO_DATA* fpo = NULL;
2452 static UWord n_search = 0;
2453 static UWord n_steps = 0;
2456 if (0) VG_(printf)("search FPO for %#lx\n", *ipP);
2458 for (di = debugInfo_list; di != NULL; di = di->next) {
2461 /* Use the per-DebugInfo summary address ranges to skip
2462 inapplicable DebugInfos quickly. */
2463 if (di->fpo == NULL)
2465 if (*ipP < di->fpo_minavma || *ipP > di->fpo_maxavma)
2468 i = ML_(search_one_fpotab)( di, *ipP );
2472 /* debug printing only */
2473 VG_(printf)("look for %#lx size %ld i %ld\n",
2474 *ipP, di->fpo_size, i);
2475 for (j = 0; j < di->fpo_size; j++)
2476 VG_(printf)("[%02ld] %#x %d\n",
2477 j, di->fpo[j].ulOffStart, di->fpo[j].cbProcSize);
2479 vg_assert(i >= 0 && i < di->fpo_size);
2488 if (0 && ((n_search & 0x7FFFF) == 0))
2489 VG_(printf)("VG_(use_FPO_info): %lu searches, "
2490 "%lu DebugInfos looked at\n",
2494 /* Start of performance-enhancing hack: once every 64 (chosen
2495 hackily after profiling) successful searches, move the found
2496 DebugInfo one step closer to the start of the list. This makes
2497 future searches cheaper. For starting konqueror on amd64, this
2498 in fact reduces the total amount of searching done by the above
2499 find-the-right-DebugInfo loop by more than a factor of 20. */
2500 if ((n_search & 0x3F) == 0) {
2501 /* Move si one step closer to the start of the list. */
2502 //move_DebugInfo_one_step_forward( di );
2504 /* End of performance-enhancing hack. */
2507 VG_(printf)("found fpo: ");
2514 4*.cbRegs {%edi, %esi, %ebp, %ebx}
2520 Typical code looks like:
2521 sub $4*.cdwLocals,%esp
2522 Alternative to above for >=4KB (and sometimes for smaller):
2524 call __chkstk # WinNT performs page-by-page probe!
2525 __chkstk is much like alloc(), except that on return
2526 %eax= 5+ &CALL. Thus it could be used as part of
2527 Position Independent Code to locate the Global Offset Table.
2531 Other once-only instructions often scheduled >here<.
2534 If the pc is within the first .cbProlog bytes of the function,
2535 then you must disassemble to see how many registers have been pushed,
2536 because instructions in the prolog may be scheduled for performance.
2537 The order of PUSH is always %ebx, %ebp, %esi, %edi, with trailing
2538 registers not pushed when .cbRegs < 4. This seems somewhat strange
2539 because %ebp is the register whose usage you want to minimize,
2540 yet it is in the first half of the PUSH list.
2542 I don't know what happens when the compiler constructs an outgoing CALL.
2543 %esp could move if outgoing parameters are PUSHed, and this affects
2544 traceback for errors during the PUSHes. */
2548 *ipP = *(Addr *)(spHere + 4*(fpo->cbRegs + fpo->cdwLocals));
2549 *spP = spHere + 4*(fpo->cbRegs + fpo->cdwLocals + 1
2551 *fpP = *(Addr *)(spHere + 4*2);
2556 /*--------------------------------------------------------------*/
2558 /*--- TOP LEVEL: GENERATE DESCRIPTION OF DATA ADDRESSES ---*/
2559 /*--- FROM DWARF3 DEBUG INFO ---*/
2561 /*--------------------------------------------------------------*/
2563 /* Try to make p2XA(dst, fmt, args..) turn into
2564 VG_(xaprintf_no_f_c)(dst, fmt, args) without having to resort to
2565 vararg macros. As usual with everything to do with varargs, it's
2568 //#define p2XA(dstxa, format, args...)
2569 // VG_(xaprintf_no_f_c)(dstxa, format, ##args)
2571 #define p2XA VG_(xaprintf_no_f_c)
2573 /* Add a zero-terminating byte to DST, which must be an XArray* of
2575 static void zterm_XA ( XArray* dst )
2578 (void) VG_(addBytesToXA)( dst, &zero, 1 );
2582 /* Evaluate the location expression/list for var, to see whether or
2583 not data_addr falls within the variable. If so also return the
2584 offset of data_addr from the start of the variable. Note that
2585 regs, which supplies ip,sp,fp values, will be NULL for global
2586 variables, and non-NULL for local variables. */
2587 static Bool data_address_is_in_var ( /*OUT*/PtrdiffT* offset,
2588 XArray* /* TyEnt */ tyents,
2592 const DebugInfo* di )
2599 vg_assert(var->name);
2600 vg_assert(var->gexpr);
2602 /* Figure out how big the variable is. */
2603 mul = ML_(sizeOfType)(tyents, var->typeR);
2604 /* If this var has a type whose size is unknown, zero, or
2605 impossibly large, it should never have been added. ML_(addVar)
2606 should have rejected it. */
2607 vg_assert(mul.b == True);
2608 vg_assert(mul.ul > 0);
2609 if (sizeof(void*) == 4) vg_assert(mul.ul < (1ULL << 32));
2610 /* After this point, we assume we can truncate mul.ul to a host word
2611 safely (without loss of info). */
2613 var_szB = (SizeT)mul.ul; /* NB: truncate to host word */
2616 VG_(printf)("VVVV: data_address_%#lx_is_in_var: %s :: ",
2617 data_addr, var->name );
2618 ML_(pp_TyEnt_C_ishly)( tyents, var->typeR );
2622 /* ignore zero-sized vars; they can never match anything. */
2625 VG_(printf)("VVVV: -> Fail (variable is zero sized)\n");
2629 res = ML_(evaluate_GX)( var->gexpr, var->fbGX, regs, di );
2632 VG_(printf)("VVVV: -> ");
2633 ML_(pp_GXResult)( res );
2637 if (res.kind == GXR_Addr
2638 && res.word <= data_addr
2639 && data_addr < res.word + var_szB) {
2640 *offset = data_addr - res.word;
2648 /* Format the acquired information into DN(AME)1 and DN(AME)2, which
2649 are XArray*s of HChar, that have been initialised by the caller.
2650 Resulting strings will be zero terminated. Information is
2651 formatted in an understandable way. Not so easy. If frameNo is
2652 -1, this is assumed to be a global variable; else a local
2654 static void format_message ( /*MOD*/XArray* /* of HChar */ dn1,
2655 /*MOD*/XArray* /* of HChar */ dn2,
2658 PtrdiffT var_offset,
2659 PtrdiffT residual_offset,
2660 XArray* /*UChar*/ described,
2664 Bool have_descr, have_srcloc;
2665 Bool xml = VG_(clo_xml);
2666 UChar* vo_plural = var_offset == 1 ? "" : "s";
2667 UChar* ro_plural = residual_offset == 1 ? "" : "s";
2668 UChar* basetag = "auxwhat"; /* a constant */
2669 UChar tagL[32], tagR[32], xagL[32], xagR[32];
2672 vg_assert(0); /* Not allowed */
2674 else if (frameNo == -1) {
2675 vg_assert(tid == VG_INVALID_THREADID);
2677 else /* (frameNo >= 0) */ {
2678 vg_assert(tid != VG_INVALID_THREADID);
2681 vg_assert(dn1 && dn2);
2682 vg_assert(described);
2683 vg_assert(var && var->name);
2684 have_descr = VG_(sizeXA)(described) > 0
2685 && *(UChar*)VG_(indexXA)(described,0) != '\0';
2686 have_srcloc = var->fileName && var->lineNo > 0;
2688 tagL[0] = tagR[0] = xagL[0] = xagR[0] = 0;
2690 VG_(sprintf)(tagL, "<%s>", basetag); // <auxwhat>
2691 VG_(sprintf)(tagR, "</%s>", basetag); // </auxwhat>
2692 VG_(sprintf)(xagL, "<x%s>", basetag); // <xauxwhat>
2693 VG_(sprintf)(xagR, "</x%s>", basetag); // </xauxwhat>
2696 # define TAGL(_xa) p2XA(_xa, "%s", tagL)
2697 # define TAGR(_xa) p2XA(_xa, "%s", tagR)
2698 # define XAGL(_xa) p2XA(_xa, "%s", xagL)
2699 # define XAGR(_xa) p2XA(_xa, "%s", xagR)
2700 # define TXTL(_xa) p2XA(_xa, "%s", "<text>")
2701 # define TXTR(_xa) p2XA(_xa, "%s", "</text>")
2703 /* ------ local cases ------ */
2705 if ( frameNo >= 0 && (!have_srcloc) && (!have_descr) ) {
2706 /* no srcloc, no description:
2707 Location 0x7fefff6cf is 543 bytes inside local var "a",
2708 in frame #1 of thread 1
2713 "Location 0x%lx is %lu byte%s inside local var \"%t\",",
2714 data_addr, var_offset, vo_plural, var->name );
2718 "in frame #%d of thread %d", frameNo, (Int)tid );
2722 "Location 0x%lx is %lu byte%s inside local var \"%s\",",
2723 data_addr, var_offset, vo_plural, var->name );
2725 "in frame #%d of thread %d", frameNo, (Int)tid );
2729 if ( frameNo >= 0 && have_srcloc && (!have_descr) ) {
2731 Location 0x7fefff6cf is 543 bytes inside local var "a"
2732 declared at dsyms7.c:17, in frame #1 of thread 1
2737 "Location 0x%lx is %lu byte%s inside local var \"%t\"",
2738 data_addr, var_offset, vo_plural, var->name );
2743 "declared at %t:%d, in frame #%d of thread %d",
2744 var->fileName, var->lineNo, frameNo, (Int)tid );
2746 // FIXME: also do <dir>
2748 " <file>%t</file> <line>%d</line> ",
2749 var->fileName, var->lineNo );
2753 "Location 0x%lx is %lu byte%s inside local var \"%s\"",
2754 data_addr, var_offset, vo_plural, var->name );
2756 "declared at %s:%d, in frame #%d of thread %d",
2757 var->fileName, var->lineNo, frameNo, (Int)tid );
2761 if ( frameNo >= 0 && (!have_srcloc) && have_descr ) {
2763 Location 0x7fefff6cf is 2 bytes inside a[3].xyzzy[21].c2
2764 in frame #1 of thread 1
2769 "Location 0x%lx is %lu byte%s inside %t%t",
2770 data_addr, residual_offset, ro_plural, var->name,
2771 (HChar*)(VG_(indexXA)(described,0)) );
2775 "in frame #%d of thread %d", frameNo, (Int)tid );
2779 "Location 0x%lx is %lu byte%s inside %s%s",
2780 data_addr, residual_offset, ro_plural, var->name,
2781 (HChar*)(VG_(indexXA)(described,0)) );
2783 "in frame #%d of thread %d", frameNo, (Int)tid );
2787 if ( frameNo >= 0 && have_srcloc && have_descr ) {
2788 /* Location 0x7fefff6cf is 2 bytes inside a[3].xyzzy[21].c2,
2789 declared at dsyms7.c:17, in frame #1 of thread 1 */
2793 "Location 0x%lx is %lu byte%s inside %t%t,",
2794 data_addr, residual_offset, ro_plural, var->name,
2795 (HChar*)(VG_(indexXA)(described,0)) );
2800 "declared at %t:%d, in frame #%d of thread %d",
2801 var->fileName, var->lineNo, frameNo, (Int)tid );
2803 // FIXME: also do <dir>
2805 " <file>%t</file> <line>%d</line> ",
2806 var->fileName, var->lineNo );
2810 "Location 0x%lx is %lu byte%s inside %s%s,",
2811 data_addr, residual_offset, ro_plural, var->name,
2812 (HChar*)(VG_(indexXA)(described,0)) );
2814 "declared at %s:%d, in frame #%d of thread %d",
2815 var->fileName, var->lineNo, frameNo, (Int)tid );
2819 /* ------ global cases ------ */
2820 if ( frameNo >= -1 && (!have_srcloc) && (!have_descr) ) {
2821 /* no srcloc, no description:
2822 Location 0x7fefff6cf is 543 bytes inside global var "a"
2827 "Location 0x%lx is %lu byte%s inside global var \"%t\"",
2828 data_addr, var_offset, vo_plural, var->name );
2832 "Location 0x%lx is %lu byte%s inside global var \"%s\"",
2833 data_addr, var_offset, vo_plural, var->name );
2837 if ( frameNo >= -1 && have_srcloc && (!have_descr) ) {
2839 Location 0x7fefff6cf is 543 bytes inside global var "a"
2840 declared at dsyms7.c:17
2845 "Location 0x%lx is %lu byte%s inside global var \"%t\"",
2846 data_addr, var_offset, vo_plural, var->name );
2851 "declared at %t:%d",
2852 var->fileName, var->lineNo);
2854 // FIXME: also do <dir>
2856 " <file>%t</file> <line>%d</line> ",
2857 var->fileName, var->lineNo );
2861 "Location 0x%lx is %lu byte%s inside global var \"%s\"",
2862 data_addr, var_offset, vo_plural, var->name );
2864 "declared at %s:%d",
2865 var->fileName, var->lineNo);
2869 if ( frameNo >= -1 && (!have_srcloc) && have_descr ) {
2871 Location 0x7fefff6cf is 2 bytes inside a[3].xyzzy[21].c2,
2877 "Location 0x%lx is %lu byte%s inside %t%t,",
2878 data_addr, residual_offset, ro_plural, var->name,
2879 (HChar*)(VG_(indexXA)(described,0)) );
2883 "a global variable");
2887 "Location 0x%lx is %lu byte%s inside %s%s,",
2888 data_addr, residual_offset, ro_plural, var->name,
2889 (char*)(VG_(indexXA)(described,0)) );
2891 "a global variable");
2895 if ( frameNo >= -1 && have_srcloc && have_descr ) {
2896 /* Location 0x7fefff6cf is 2 bytes inside a[3].xyzzy[21].c2,
2897 a global variable declared at dsyms7.c:17 */
2901 "Location 0x%lx is %lu byte%s inside %t%t,",
2902 data_addr, residual_offset, ro_plural, var->name,
2903 (HChar*)(VG_(indexXA)(described,0)) );
2908 "a global variable declared at %t:%d",
2909 var->fileName, var->lineNo);
2911 // FIXME: also do <dir>
2913 " <file>%t</file> <line>%d</line> ",
2914 var->fileName, var->lineNo );
2918 "Location 0x%lx is %lu byte%s inside %s%s,",
2919 data_addr, residual_offset, ro_plural, var->name,
2920 (HChar*)(VG_(indexXA)(described,0)) );
2922 "a global variable declared at %s:%d",
2923 var->fileName, var->lineNo);
2929 /* Zero terminate both strings */
2942 /* Determine if data_addr is a local variable in the frame
2943 characterised by (ip,sp,fp), and if so write its description at the
2944 ends of DNAME{1,2}, which are XArray*s of HChar, that have been
2945 initialised by the caller, zero terminate both, and return True.
2946 If it's not a local variable in said frame, return False. */
2948 Bool consider_vars_in_frame ( /*MOD*/XArray* /* of HChar */ dname1,
2949 /*MOD*/XArray* /* of HChar */ dname2,
2951 Addr ip, Addr sp, Addr fp,
2952 /* shown to user: */
2953 ThreadId tid, Int frameNo )
2960 static UInt n_search = 0;
2961 static UInt n_steps = 0;
2964 VG_(printf)("QQQQ: cvif: ip,sp,fp %#lx,%#lx,%#lx\n", ip,sp,fp);
2965 /* first, find the DebugInfo that pertains to 'ip'. */
2966 for (di = debugInfo_list; di; di = di->next) {
2968 /* text segment missing? unlikely, but handle it .. */
2969 if (!di->text_present || di->text_size == 0)
2971 /* Ok. So does this text mapping bracket the ip? */
2972 if (di->text_avma <= ip && ip < di->text_avma + di->text_size)
2976 /* Didn't find it. Strange -- means ip is a code address outside
2977 of any mapped text segment. Unlikely but not impossible -- app
2978 could be generating code to run. */
2982 if (0 && ((n_search & 0x1) == 0))
2983 VG_(printf)("consider_vars_in_frame: %u searches, "
2984 "%u DebugInfos looked at\n",
2986 /* Start of performance-enhancing hack: once every ??? (chosen
2987 hackily after profiling) successful searches, move the found
2988 DebugInfo one step closer to the start of the list. This makes
2989 future searches cheaper. */
2990 if ((n_search & 0xFFFF) == 0) {
2991 /* Move si one step closer to the start of the list. */
2992 move_DebugInfo_one_step_forward( di );
2994 /* End of performance-enhancing hack. */
2996 /* any var info at all? */
3000 /* Work through the scopes from most deeply nested outwards,
3001 looking for code address ranges that bracket 'ip'. The
3002 variables on each such address range found are in scope right
3003 now. Don't descend to level zero as that is the global
3009 /* "for each scope, working outwards ..." */
3010 for (i = VG_(sizeXA)(di->varinfo) - 1; i >= 1; i--) {
3013 DiAddrRange* arange;
3015 = *(OSet**)VG_(indexXA)( di->varinfo, i );
3017 VG_(printf)("QQQQ: considering scope %ld\n", (Word)i);
3020 /* Find the set of variables in this scope that
3021 bracket the program counter. */
3022 arange = VG_(OSetGen_LookupWithCmp)(
3024 ML_(cmp_for_DiAddrRange_range)
3029 vg_assert(arange->aMin <= arange->aMax);
3030 /* It must bracket the ip we asked for, else
3031 ML_(cmp_for_DiAddrRange_range) is somehow broken. */
3032 vg_assert(arange->aMin <= ip && ip <= arange->aMax);
3033 /* It must have an attached XArray of DiVariables. */
3034 vars = arange->vars;
3036 /* But it mustn't cover the entire address range. We only
3037 expect that to happen for the global scope (level 0), which
3038 we're not looking at here. Except, it may cover the entire
3039 address range, but in that case the vars array must be
3041 vg_assert(! (arange->aMin == (Addr)0
3042 && arange->aMax == ~(Addr)0
3043 && VG_(sizeXA)(vars) > 0) );
3044 for (j = 0; j < VG_(sizeXA)( vars ); j++) {
3045 DiVariable* var = (DiVariable*)VG_(indexXA)( vars, j );
3048 VG_(printf)("QQQQ: var:name=%s %#lx-%#lx %#lx\n",
3049 var->name,arange->aMin,arange->aMax,ip);
3050 if (data_address_is_in_var( &offset, di->admin_tyents,
3053 PtrdiffT residual_offset = 0;
3054 XArray* described = ML_(describe_type)( &residual_offset,
3056 var->typeR, offset );
3057 format_message( dname1, dname2,
3058 data_addr, var, offset, residual_offset,
3059 described, frameNo, tid );
3060 VG_(deleteXA)( described );
3069 /* Try to form some description of DATA_ADDR by looking at the DWARF3
3070 debug info we have. This considers all global variables, and all
3071 frames in the stacks of all threads. Result is written at the ends
3072 of DNAME{1,2}V, which are XArray*s of HChar, that have been
3073 initialised by the caller, and True is returned. If no description
3074 is created, False is returned. Regardless of the return value,
3075 DNAME{1,2}V are guaranteed to be zero terminated after the call.
3077 Note that after the call, DNAME{1,2} may have more than one
3078 trailing zero, so callers should establish the useful text length
3079 using VG_(strlen) on the contents, rather than VG_(sizeXA) on the
3082 Bool VG_(get_data_description)(
3083 /*MOD*/ void* /* really, XArray* of HChar */ dname1v,
3084 /*MOD*/ void* /* really, XArray* of HChar */ dname2v,
3089 Addr ips[N_FRAMES], sps[N_FRAMES], fps[N_FRAMES];
3092 Addr stack_min, stack_max;
3098 XArray* dname1 = (XArray*)dname1v;
3099 XArray* dname2 = (XArray*)dname2v;
3101 if (0) VG_(printf)("get_data_description: dataaddr %#lx\n", data_addr);
3102 /* First, see if data_addr is (or is part of) a global variable.
3103 Loop over the DebugInfos we have. Check data_addr against the
3104 outermost scope of all of them, as that should be a global
3106 for (di = debugInfo_list; di != NULL; di = di->next) {
3110 DiAddrRange* global_arange;
3114 /* text segment missing? unlikely, but handle it .. */
3115 if (!di->text_present || di->text_size == 0)
3117 /* any var info at all? */
3120 /* perhaps this object didn't contribute any vars at all? */
3121 if (VG_(sizeXA)( di->varinfo ) == 0)
3123 global_scope = *(OSet**)VG_(indexXA)( di->varinfo, 0 );
3124 vg_assert(global_scope);
3125 gs_size = VG_(OSetGen_Size)( global_scope );
3126 /* The global scope might be completely empty if this
3127 compilation unit declared locals but nothing global. */
3130 /* But if it isn't empty, then it must contain exactly one
3131 element, which covers the entire address range. */
3132 vg_assert(gs_size == 1);
3133 /* Fish out the global scope and check it is as expected. */
3136 = VG_(OSetGen_Lookup)( global_scope, &zero );
3137 /* The global range from (Addr)0 to ~(Addr)0 must exist */
3138 vg_assert(global_arange);
3139 vg_assert(global_arange->aMin == (Addr)0
3140 && global_arange->aMax == ~(Addr)0);
3141 /* Any vars in this range? */
3142 if (!global_arange->vars)
3144 /* Ok, there are some vars in the global scope of this
3145 DebugInfo. Wade through them and see if the data addresses
3146 of any of them bracket data_addr. */
3147 vars = global_arange->vars;
3148 for (i = 0; i < VG_(sizeXA)( vars ); i++) {
3150 DiVariable* var = (DiVariable*)VG_(indexXA)( vars, i );
3151 vg_assert(var->name);
3152 /* Note we use a NULL RegSummary* here. It can't make any
3153 sense for a global variable to have a location expression
3154 which depends on a SP/FP/IP value. So don't supply any.
3155 This means, if the evaluation of the location
3156 expression/list requires a register, we have to let it
3158 if (data_address_is_in_var( &offset, di->admin_tyents, var,
3159 NULL/* RegSummary* */,
3161 PtrdiffT residual_offset = 0;
3162 XArray* described = ML_(describe_type)( &residual_offset,
3164 var->typeR, offset );
3165 format_message( dname1, dname2,
3166 data_addr, var, offset, residual_offset,
3167 described, -1/*frameNo*/,
3168 VG_INVALID_THREADID );
3169 VG_(deleteXA)( described );
3177 /* Ok, well it's not a global variable. So now let's snoop around
3178 in the stacks of all the threads. First try to figure out which
3179 thread's stack data_addr is in. */
3181 /* --- KLUDGE --- Try examining the top frame of all thread stacks.
3182 This finds variables which are not stack allocated but are not
3183 globally visible either; specifically it appears to pick up
3184 variables which are visible only within a compilation unit.
3185 These will have the address range of the compilation unit and
3186 tend to live at Scope level 1. */
3187 VG_(thread_stack_reset_iter)(&tid);
3188 while ( VG_(thread_stack_next)(&tid, &stack_min, &stack_max) ) {
3189 if (stack_min >= stack_max)
3190 continue; /* ignore obviously stupid cases */
3191 if (consider_vars_in_frame( dname1, dname2,
3195 VG_(get_FP)(tid), tid, 0 )) {
3201 /* --- end KLUDGE --- */
3203 /* Perhaps it's on a thread's stack? */
3205 VG_(thread_stack_reset_iter)(&tid);
3206 while ( VG_(thread_stack_next)(&tid, &stack_min, &stack_max) ) {
3207 if (stack_min >= stack_max)
3208 continue; /* ignore obviously stupid cases */
3209 if (stack_min - VG_STACK_REDZONE_SZB <= data_addr
3210 && data_addr <= stack_max) {
3221 /* We conclude data_addr is in thread tid's stack. Unwind the
3222 stack to get a bunch of (ip,sp,fp) triples describing the
3223 frames, and for each frame, consider the local variables. */
3224 n_frames = VG_(get_StackTrace)( tid, ips, N_FRAMES,
3225 sps, fps, 0/*first_ip_delta*/ );
3227 /* As a result of KLUDGE above, starting the loop at j = 0
3228 duplicates examination of the top frame and so isn't necessary.
3230 vg_assert(n_frames >= 0 && n_frames <= N_FRAMES);
3231 for (j = 0; j < n_frames; j++) {
3232 if (consider_vars_in_frame( dname1, dname2,
3235 sps[j], fps[j], tid, j )) {
3240 /* Now, it appears that gcc sometimes appears to produce
3241 location lists whose ranges don't actually cover the call
3242 instruction, even though the address of the variable in
3243 question is passed as a parameter in the call. AFAICS this
3244 is simply a bug in gcc - how can the variable be claimed not
3245 exist in memory (on the stack) for the duration of a call in
3246 which its address is passed? But anyway, in the particular
3247 case I investigated (memcheck/tests/varinfo6.c, call to croak
3248 on line 2999, local var budget declared at line 3115
3249 appearing not to exist across the call to mainSort on line
3250 3143, "gcc.orig (GCC) 3.4.4 20050721 (Red Hat 3.4.4-2)" on
3251 amd64), the variable's location list does claim it exists
3252 starting at the first byte of the first instruction after the
3253 call instruction. So, call consider_vars_in_frame a second
3254 time, but this time add 1 to the IP. GDB handles this
3255 example with no difficulty, which leads me to believe that
3256 either (1) I misunderstood something, or (2) GDB has an
3257 equivalent kludge. */
3258 if (j > 0 /* this is a non-innermost frame */
3259 && consider_vars_in_frame( dname1, dname2,
3262 sps[j], fps[j], tid, j )) {
3269 /* We didn't find anything useful. */
3277 //////////////////////////////////////////////////////////////////
3279 // Support for other kinds of queries to the Dwarf3 var info //
3281 //////////////////////////////////////////////////////////////////
3283 /* Figure out if the variable 'var' has a location that is linearly
3284 dependent on a stack pointer value, or a frame pointer value, and
3285 if it is, add a description of it to 'blocks'. Otherwise ignore
3286 it. If 'arrays_only' is True, also ignore it unless it has an
3290 void analyse_deps ( /*MOD*/XArray* /* of FrameBlock */ blocks,
3291 XArray* /* TyEnt */ tyents,
3292 Addr ip, const DebugInfo* di, DiVariable* var,
3295 GXResult res_sp_6k, res_sp_7k, res_fp_6k, res_fp_7k;
3303 VG_(printf)("adeps: var %s\n", var->name );
3305 /* Figure out how big the variable is. */
3306 mul = ML_(sizeOfType)(tyents, var->typeR);
3307 /* If this var has a type whose size is unknown, zero, or
3308 impossibly large, it should never have been added. ML_(addVar)
3309 should have rejected it. */
3310 vg_assert(mul.b == True);
3311 vg_assert(mul.ul > 0);
3312 if (sizeof(void*) == 4) vg_assert(mul.ul < (1ULL << 32));
3313 /* After this point, we assume we can truncate mul.ul to a host word
3314 safely (without loss of info). */
3316 /* skip if non-array and we're only interested in arrays */
3317 ty = ML_(TyEnts__index_by_cuOff)( tyents, NULL, var->typeR );
3319 vg_assert(ty->tag == Te_UNKNOWN || ML_(TyEnt__is_type)(ty));
3320 if (ty->tag == Te_UNKNOWN)
3321 return; /* perhaps we should complain in this case? */
3322 isVec = ty->tag == Te_TyArray;
3323 if (arrays_only && !isVec)
3326 if (0) {ML_(pp_TyEnt_C_ishly)(tyents, var->typeR);
3327 VG_(printf)(" %s\n", var->name);}
3329 /* Do some test evaluations of the variable's location expression,
3330 in order to guess whether it is sp-relative, fp-relative, or
3331 none. A crude hack, which can be interpreted roughly as finding
3332 the first derivative of the location expression w.r.t. the
3333 supplied frame and stack pointer values. */
3337 res_sp_6k = ML_(evaluate_GX)( var->gexpr, var->fbGX, ®s, di );
3342 res_sp_7k = ML_(evaluate_GX)( var->gexpr, var->fbGX, ®s, di );
3347 res_fp_6k = ML_(evaluate_GX)( var->gexpr, var->fbGX, ®s, di );
3352 res_fp_7k = ML_(evaluate_GX)( var->gexpr, var->fbGX, ®s, di );
3354 vg_assert(res_sp_6k.kind == res_sp_7k.kind);
3355 vg_assert(res_sp_6k.kind == res_fp_6k.kind);
3356 vg_assert(res_sp_6k.kind == res_fp_7k.kind);
3358 if (res_sp_6k.kind == GXR_Addr) {
3361 UWord sp_delta = res_sp_7k.word - res_sp_6k.word;
3362 UWord fp_delta = res_fp_7k.word - res_fp_6k.word;
3363 tl_assert(sp_delta == 0 || sp_delta == 1024);
3364 tl_assert(fp_delta == 0 || fp_delta == 1024);
3366 if (sp_delta == 0 && fp_delta == 0) {
3367 /* depends neither on sp nor fp, so it can't be a stack
3368 local. Ignore it. */
3371 if (sp_delta == 1024 && fp_delta == 0) {
3372 regs.sp = regs.fp = 0;
3374 res = ML_(evaluate_GX)( var->gexpr, var->fbGX, ®s, di );
3375 tl_assert(res.kind == GXR_Addr);
3377 VG_(printf)(" %5ld .. %5ld (sp) %s\n",
3378 res.word, res.word + ((UWord)mul.ul) - 1, var->name);
3379 block.base = res.word;
3380 block.szB = (SizeT)mul.ul;
3382 block.isVec = isVec;
3383 VG_(memset)( &block.name[0], 0, sizeof(block.name) );
3385 VG_(strncpy)( &block.name[0], var->name, sizeof(block.name)-1 );
3386 block.name[ sizeof(block.name)-1 ] = 0;
3387 VG_(addToXA)( blocks, &block );
3390 if (sp_delta == 0 && fp_delta == 1024) {
3391 regs.sp = regs.fp = 0;
3393 res = ML_(evaluate_GX)( var->gexpr, var->fbGX, ®s, di );
3394 tl_assert(res.kind == GXR_Addr);
3396 VG_(printf)(" %5ld .. %5ld (FP) %s\n",
3397 res.word, res.word + ((UWord)mul.ul) - 1, var->name);
3398 block.base = res.word;
3399 block.szB = (SizeT)mul.ul;
3400 block.spRel = False;
3401 block.isVec = isVec;
3402 VG_(memset)( &block.name[0], 0, sizeof(block.name) );
3404 VG_(strncpy)( &block.name[0], var->name, sizeof(block.name)-1 );
3405 block.name[ sizeof(block.name)-1 ] = 0;
3406 VG_(addToXA)( blocks, &block );
3415 /* Get an XArray of StackBlock which describe the stack (auto) blocks
3416 for this ip. The caller is expected to free the XArray at some
3417 point. If 'arrays_only' is True, only array-typed blocks are
3418 returned; otherwise blocks of all types are returned. */
3420 void* /* really, XArray* of StackBlock */
3421 VG_(di_get_stack_blocks_at_ip)( Addr ip, Bool arrays_only )
3423 /* This is a derivation of consider_vars_in_frame() above. */
3428 XArray* res = VG_(newXA)( ML_(dinfo_zalloc), "di.debuginfo.dgsbai.1",
3430 sizeof(StackBlock) );
3432 static UInt n_search = 0;
3433 static UInt n_steps = 0;
3436 VG_(printf)("QQQQ: dgsbai: ip %#lx\n", ip);
3437 /* first, find the DebugInfo that pertains to 'ip'. */
3438 for (di = debugInfo_list; di; di = di->next) {
3440 /* text segment missing? unlikely, but handle it .. */
3441 if (!di->text_present || di->text_size == 0)
3443 /* Ok. So does this text mapping bracket the ip? */
3444 if (di->text_avma <= ip && ip < di->text_avma + di->text_size)
3448 /* Didn't find it. Strange -- means ip is a code address outside
3449 of any mapped text segment. Unlikely but not impossible -- app
3450 could be generating code to run. */
3452 return res; /* currently empty */
3454 if (0 && ((n_search & 0x1) == 0))
3455 VG_(printf)("VG_(di_get_stack_blocks_at_ip): %u searches, "
3456 "%u DebugInfos looked at\n",
3458 /* Start of performance-enhancing hack: once every ??? (chosen
3459 hackily after profiling) successful searches, move the found
3460 DebugInfo one step closer to the start of the list. This makes
3461 future searches cheaper. */
3462 if ((n_search & 0xFFFF) == 0) {
3463 /* Move si one step closer to the start of the list. */
3464 move_DebugInfo_one_step_forward( di );
3466 /* End of performance-enhancing hack. */
3468 /* any var info at all? */
3470 return res; /* currently empty */
3472 /* Work through the scopes from most deeply nested outwards,
3473 looking for code address ranges that bracket 'ip'. The
3474 variables on each such address range found are in scope right
3475 now. Don't descend to level zero as that is the global
3478 /* "for each scope, working outwards ..." */
3479 for (i = VG_(sizeXA)(di->varinfo) - 1; i >= 1; i--) {
3482 DiAddrRange* arange;
3484 = *(OSet**)VG_(indexXA)( di->varinfo, i );
3486 VG_(printf)("QQQQ: considering scope %ld\n", (Word)i);
3489 /* Find the set of variables in this scope that
3490 bracket the program counter. */
3491 arange = VG_(OSetGen_LookupWithCmp)(
3493 ML_(cmp_for_DiAddrRange_range)
3498 vg_assert(arange->aMin <= arange->aMax);
3499 /* It must bracket the ip we asked for, else
3500 ML_(cmp_for_DiAddrRange_range) is somehow broken. */
3501 vg_assert(arange->aMin <= ip && ip <= arange->aMax);
3502 /* It must have an attached XArray of DiVariables. */
3503 vars = arange->vars;
3505 /* But it mustn't cover the entire address range. We only
3506 expect that to happen for the global scope (level 0), which
3507 we're not looking at here. Except, it may cover the entire
3508 address range, but in that case the vars array must be
3510 vg_assert(! (arange->aMin == (Addr)0
3511 && arange->aMax == ~(Addr)0
3512 && VG_(sizeXA)(vars) > 0) );
3513 for (j = 0; j < VG_(sizeXA)( vars ); j++) {
3514 DiVariable* var = (DiVariable*)VG_(indexXA)( vars, j );
3516 VG_(printf)("QQQQ: var:name=%s %#lx-%#lx %#lx\n",
3517 var->name,arange->aMin,arange->aMax,ip);
3518 analyse_deps( res, di->admin_tyents, ip,
3519 di, var, arrays_only );
3527 /* Get an array of GlobalBlock which describe the global blocks owned
3528 by the shared object characterised by the given di_handle. Asserts
3529 if the handle is invalid. The caller is responsible for freeing
3530 the array at some point. If 'arrays_only' is True, only
3531 array-typed blocks are returned; otherwise blocks of all types are
3534 void* /* really, XArray* of GlobalBlock */
3535 VG_(di_get_global_blocks_from_dihandle) ( ULong di_handle,
3538 /* This is a derivation of consider_vars_in_frame() above. */
3541 XArray* gvars; /* XArray* of GlobalBlock */
3542 Word nScopes, scopeIx;
3544 /* The first thing to do is find the DebugInfo that
3545 pertains to 'di_handle'. */
3546 tl_assert(di_handle > 0);
3547 for (di = debugInfo_list; di; di = di->next) {
3548 if (di->handle == di_handle)
3552 /* If this fails, we were unable to find any DebugInfo with the
3553 given handle. This is considered an error on the part of the
3555 tl_assert(di != NULL);
3557 /* we'll put the collected variables in here. */
3558 gvars = VG_(newXA)( ML_(dinfo_zalloc), "di.debuginfo.dggbfd.1",
3559 ML_(dinfo_free), sizeof(GlobalBlock) );
3562 /* any var info at all? */
3566 /* we'll iterate over all the variables we can find, even if
3567 it seems senseless to visit stack-allocated variables */
3568 /* Iterate over all scopes */
3569 nScopes = VG_(sizeXA)( di->varinfo );
3570 for (scopeIx = 0; scopeIx < nScopes; scopeIx++) {
3572 /* Iterate over each (code) address range at the current scope */
3574 OSet* /* of DiAddrInfo */ scope
3575 = *(OSet**)VG_(indexXA)( di->varinfo, scopeIx );
3577 VG_(OSetGen_ResetIter)(scope);
3578 while ( (range = VG_(OSetGen_Next)(scope)) ) {
3580 /* Iterate over each variable in the current address range */
3582 tl_assert(range->vars);
3583 nVars = VG_(sizeXA)( range->vars );
3584 for (varIx = 0; varIx < nVars; varIx++) {
3591 DiVariable* var = VG_(indexXA)( range->vars, varIx );
3592 tl_assert(var->name);
3593 if (0) VG_(printf)("at depth %ld var %s ", scopeIx, var->name );
3595 /* Now figure out if this variable has a constant address
3596 (that is, independent of FP, SP, phase of moon, etc),
3597 and if so, what the address is. Any variable with a
3598 constant address is deemed to be a global so we collect
3600 if (0) { VG_(printf)("EVAL: "); ML_(pp_GX)(var->gexpr);
3601 VG_(printf)("\n"); }
3602 res = ML_(evaluate_trivial_GX)( var->gexpr, di );
3604 /* Not a constant address => not interesting */
3605 if (res.kind != GXR_Addr) {
3606 if (0) VG_(printf)("FAIL\n");
3610 /* Ok, it's a constant address. See if we want to collect
3612 if (0) VG_(printf)("%#lx\n", res.word);
3614 /* Figure out how big the variable is. */
3615 mul = ML_(sizeOfType)(di->admin_tyents, var->typeR);
3617 /* If this var has a type whose size is unknown, zero, or
3618 impossibly large, it should never have been added.
3619 ML_(addVar) should have rejected it. */
3620 vg_assert(mul.b == True);
3621 vg_assert(mul.ul > 0);
3622 if (sizeof(void*) == 4) vg_assert(mul.ul < (1ULL << 32));
3623 /* After this point, we assume we can truncate mul.ul to a
3624 host word safely (without loss of info). */
3626 /* skip if non-array and we're only interested in
3628 ty = ML_(TyEnts__index_by_cuOff)( di->admin_tyents, NULL,
3631 vg_assert(ty->tag == Te_UNKNOWN || ML_(TyEnt__is_type)(ty));
3632 if (ty->tag == Te_UNKNOWN)
3633 continue; /* perhaps we should complain in this case? */
3635 isVec = ty->tag == Te_TyArray;
3636 if (arrays_only && !isVec) continue;
3638 /* Ok, so collect it! */
3639 tl_assert(var->name);
3640 tl_assert(di->soname);
3641 if (0) VG_(printf)("XXXX %s %s %d\n", var->name,
3642 var->fileName?(HChar*)var->fileName
3644 VG_(memset)(&gb, 0, sizeof(gb));
3646 gb.szB = (SizeT)mul.ul;
3648 VG_(strncpy)(&gb.name[0], var->name, sizeof(gb.name)-1);
3649 VG_(strncpy)(&gb.soname[0], di->soname, sizeof(gb.soname)-1);
3650 tl_assert(gb.name[ sizeof(gb.name)-1 ] == 0);
3651 tl_assert(gb.soname[ sizeof(gb.soname)-1 ] == 0);
3653 VG_(addToXA)( gvars, &gb );
3655 } /* for (varIx = 0; varIx < nVars; varIx++) */
3657 } /* while ( (range = VG_(OSetGen_Next)(scope)) ) */
3659 } /* for (scopeIx = 0; scopeIx < nScopes; scopeIx++) */
3665 /*------------------------------------------------------------*/
3666 /*--- DebugInfo accessor functions ---*/
3667 /*------------------------------------------------------------*/
3669 const DebugInfo* VG_(next_DebugInfo)(const DebugInfo* di)
3672 return debugInfo_list;
3676 Addr VG_(DebugInfo_get_text_avma)(const DebugInfo* di)
3678 return di->text_present ? di->text_avma : 0;
3681 SizeT VG_(DebugInfo_get_text_size)(const DebugInfo* di)
3683 return di->text_present ? di->text_size : 0;
3686 Addr VG_(DebugInfo_get_plt_avma)(const DebugInfo* di)
3688 return di->plt_present ? di->plt_avma : 0;
3691 SizeT VG_(DebugInfo_get_plt_size)(const DebugInfo* di)
3693 return di->plt_present ? di->plt_size : 0;
3696 Addr VG_(DebugInfo_get_gotplt_avma)(const DebugInfo* di)
3698 return di->gotplt_present ? di->gotplt_avma : 0;
3701 SizeT VG_(DebugInfo_get_gotplt_size)(const DebugInfo* di)
3703 return di->gotplt_present ? di->gotplt_size : 0;
3706 const UChar* VG_(DebugInfo_get_soname)(const DebugInfo* di)
3711 const UChar* VG_(DebugInfo_get_filename)(const DebugInfo* di)
3713 return di->filename;
3716 PtrdiffT VG_(DebugInfo_get_text_bias)(const DebugInfo* di)
3718 return di->text_present ? di->text_bias : 0;
3721 Int VG_(DebugInfo_syms_howmany) ( const DebugInfo *si )
3723 return si->symtab_used;
3726 void VG_(DebugInfo_syms_getidx) ( const DebugInfo *si,
3729 /*OUT*/Addr* tocptr,
3731 /*OUT*/HChar** name,
3732 /*OUT*/Bool* isText,
3733 /*OUT*/Bool* isIFunc )
3735 vg_assert(idx >= 0 && idx < si->symtab_used);
3736 if (avma) *avma = si->symtab[idx].addr;
3737 if (tocptr) *tocptr = si->symtab[idx].tocptr;
3738 if (size) *size = si->symtab[idx].size;
3739 if (name) *name = (HChar*)si->symtab[idx].name;
3740 if (isText) *isText = si->symtab[idx].isText;
3741 if (isIFunc) *isIFunc = si->symtab[idx].isIFunc;
3745 /*------------------------------------------------------------*/
3746 /*--- SectKind query functions ---*/
3747 /*------------------------------------------------------------*/
3749 /* Convert a VgSectKind to a string, which must be copied if you want
3751 const HChar* VG_(pp_SectKind)( VgSectKind kind )
3754 case Vg_SectUnknown: return "Unknown";
3755 case Vg_SectText: return "Text";
3756 case Vg_SectData: return "Data";
3757 case Vg_SectBSS: return "BSS";
3758 case Vg_SectGOT: return "GOT";
3759 case Vg_SectPLT: return "PLT";
3760 case Vg_SectOPD: return "OPD";
3761 case Vg_SectGOTPLT: return "GOTPLT";
3762 default: vg_assert(0);
3766 /* Given an address 'a', make a guess of which section of which object
3767 it comes from. If name is non-NULL, then the last n_name-1
3768 characters of the object's name is put in name[0 .. n_name-2], and
3769 name[n_name-1] is set to zero (guaranteed zero terminated). */
3771 VgSectKind VG_(DebugInfo_sect_kind)( /*OUT*/UChar* name, SizeT n_name,
3775 VgSectKind res = Vg_SectUnknown;
3777 for (di = debugInfo_list; di != NULL; di = di->next) {
3781 "addr=%#lx di=%p %s got=%#lx,%ld plt=%#lx,%ld "
3782 "data=%#lx,%ld bss=%#lx,%ld\n",
3783 a, di, di->filename,
3784 di->got_avma, di->got_size,
3785 di->plt_avma, di->plt_size,
3786 di->data_avma, di->data_size,
3787 di->bss_avma, di->bss_size);
3789 if (di->text_present
3790 && di->text_size > 0
3791 && a >= di->text_avma && a < di->text_avma + di->text_size) {
3795 if (di->data_present
3796 && di->data_size > 0
3797 && a >= di->data_avma && a < di->data_avma + di->data_size) {
3801 if (di->sdata_present
3802 && di->sdata_size > 0
3803 && a >= di->sdata_avma && a < di->sdata_avma + di->sdata_size) {
3809 && a >= di->bss_avma && a < di->bss_avma + di->bss_size) {
3813 if (di->sbss_present
3814 && di->sbss_size > 0
3815 && a >= di->sbss_avma && a < di->sbss_avma + di->sbss_size) {
3821 && a >= di->plt_avma && a < di->plt_avma + di->plt_size) {
3827 && a >= di->got_avma && a < di->got_avma + di->got_size) {
3831 if (di->gotplt_present
3832 && di->gotplt_size > 0
3833 && a >= di->gotplt_avma && a < di->gotplt_avma + di->gotplt_size) {
3834 res = Vg_SectGOTPLT;
3839 && a >= di->opd_avma && a < di->opd_avma + di->opd_size) {
3843 /* we could also check for .eh_frame, if anyone really cares */
3846 vg_assert( (di == NULL && res == Vg_SectUnknown)
3847 || (di != NULL && res != Vg_SectUnknown) );
3851 vg_assert(n_name >= 8);
3853 if (di && di->filename) {
3855 Int fnlen = VG_(strlen)(di->filename);
3856 Int start_at = 1 + fnlen - n_name;
3857 if (start_at < 0) start_at = 0;
3858 vg_assert(start_at < fnlen);
3859 i = start_at; j = 0;
3861 vg_assert(j >= 0 && j < n_name);
3862 vg_assert(i >= 0 && i <= fnlen);
3863 name[j] = di->filename[i];
3864 if (di->filename[i] == 0) break;
3867 vg_assert(i == fnlen);
3869 VG_(snprintf)(name, n_name, "%s", "???");
3879 /*--------------------------------------------------------------------*/
3881 /*--------------------------------------------------------------------*/