Re: [RFC] DW_CFA_restore handling causes memory fault

[Frederic RISS <frederic.riss@st.com>]

[-- Attachment #1: Type: text/plain, Size: 1338 bytes --]

On Thu, 2005-11-17 at 11:32 -0800, Jim Blandy wrote:
> On 11/17/05, Frederic RISS <frederic.riss@st.com> wrote:
> > The current handling of DW_CFA_restore in dwarf2-frame.c doesn't check
> > if the value it tries to restore has actually been allocated. This
> > produces strange results (from undeterministic behavour to a GDB crash).
> > The attached patch tries to fix that by following the GCC 'convention'
> > that an unspecified register implies "same value".
> 
> This replicates what we would have done had that register's slot been
> allocated, but its value had been left unspecified --- right?

Yes, that's it. DWARF2_FRAME_REG_UNSPECIFIED describes an entry without
information, which is the case if we haven't allocated a slot in the
initial dwarf2_frame_state_reg_info. It turns out that GDB handles that
like DWARF2_FRAME_REG_SAME_VALUE in the unwinder, because that's what
GCC expects.

> > It's debatable wether the compiler is right to produce DW_CFA_restore
> > without specifying all the registers initial state in the CIE, but
> > that's another story, isn't it ?
> 
> Right; we're supposed to be prepared for mis-formed input.  It would
> be nice to have a brief comment explaining that the 'else' half of the
> 'if' does constitute questionable behavior on the part of the
> compiler.

Like in the attached patch ?


[-- Attachment #2: dwarf2.patch --]
[-- Type: text/x-patch, Size: 883 bytes --]

2005-11-17  Frédéric Riss  <frederic.riss@st.com>
        
                * dwarf2-frame.c: (execute_cfa_program): Don't access 
		past the allocated dwarf2_frame_state.initial.regs.


Index: dwarf2-frame.c
===================================================================
--- dwarf2-frame.c	(revision 98)
+++ dwarf2-frame.c	(working copy)
@@ -294,7 +294,13 @@
 	  gdb_assert (fs->initial.reg);
 	  reg = insn & 0x3f;
 	  dwarf2_frame_state_alloc_regs (&fs->regs, reg + 1);
-	  fs->regs.reg[reg] = fs->initial.reg[reg];
+	  if (reg < fs->initial.num_regs)
+	      fs->regs.reg[reg] = fs->initial.reg[reg];
+	  else 
+	      /* We certainly shouldn't get here. If we do, then the compiler
+		 generated frame information asking for the restoration
+		 of something that wasn't initialized. */
+	      fs->regs.reg[reg].how = DWARF2_FRAME_REG_UNSPECIFIED;
 	}
       else
 	{