llvm
diff --git a/‎llvm/lib/DebugInfo/DWARF/DWARFVerifier.cpp‎
Lines changed: 80 additions & 0 deletions b/‎llvm/lib/DebugInfo/DWARF/DWARFVerifier.cpp‎
Lines changed: 80 additions & 0 deletions
@@ -851,6 +851,86 @@ unsigned DWARFVerifier::verifyDebugInfoAttribute(const DWARFDie &Die,
     }
     break;
   }
+  case DW_AT_LLVM_stmt_sequence: {
+    // Make sure the offset in the DW_AT_LLVM_stmt_sequence attribute is valid
+    // and points to a valid sequence offset in the line table.
+    auto SectionOffset = AttrValue.Value.getAsSectionOffset();
+    if (!SectionOffset) {
+      ReportError("Invalid DW_AT_LLVM_stmt_sequence encoding",
+                  "DIE has invalid DW_AT_LLVM_stmt_sequence encoding");
+      break;
+    }
+    if (*SectionOffset >= U->getLineSection().Data.size()) {
+      ReportError(
+          "DW_AT_LLVM_stmt_sequence offset out of bounds",
+          "DW_AT_LLVM_stmt_sequence offset is beyond .debug_line bounds: " +
+              llvm::formatv("{0:x8}", *SectionOffset));
+      break;
+    }
+
+    // Get the line table for this unit to validate bounds
+    const auto *LineTable = DCtx.getLineTableForUnit(U);
+    if (!LineTable) {
+      ReportError("DW_AT_LLVM_stmt_sequence without line table",
+                  "DIE has DW_AT_LLVM_stmt_sequence but compile unit has no "
+                  "line table");
+      break;
+    }
+
+    // Get the DW_AT_stmt_list offset from the compile unit DIE
+    DWARFDie CUDie = U->getUnitDIE();
+    auto StmtListOffset = toSectionOffset(CUDie.find(DW_AT_stmt_list));
+    if (!StmtListOffset) {
+      ReportError("DW_AT_LLVM_stmt_sequence without DW_AT_stmt_list",
+                  "DIE has DW_AT_LLVM_stmt_sequence but compile unit has no "
+                  "DW_AT_stmt_list");
+      break;
+    }
+
+    const int8_t DwarfOffset =
+        LineTable->Prologue.getFormParams().getDwarfOffsetByteSize();
+    // Calculate the bounds of this specific line table
+    uint64_t LineTableStart = *StmtListOffset;
+    uint64_t PrologueLength = LineTable->Prologue.PrologueLength;
+    uint64_t TotalLength = LineTable->Prologue.TotalLength;
+    uint64_t LineTableEnd = LineTableStart + TotalLength + DwarfOffset;
+
+    // See DWARF definition for this, the following three do not
+    // count toward prologue length. Calculate SequencesStart correctly
+    // according to DWARF specification:
+    uint64_t InitialLengthSize = DwarfOffset;
+    // Version field is always 2 bytes
+    uint64_t VersionSize = 2;
+    uint64_t PrologueLengthSize = DwarfOffset;
+    uint64_t SequencesStart = LineTableStart + InitialLengthSize + VersionSize +
+                              PrologueLengthSize + PrologueLength;
+
+    // Check if the offset is within the bounds of this specific line table
+    if (*SectionOffset < SequencesStart || *SectionOffset >= LineTableEnd) {
+      ReportError("DW_AT_LLVM_stmt_sequence offset out of line table bounds",
+                  "DW_AT_LLVM_stmt_sequence offset " +
+                      llvm::formatv("{0:x8}", *SectionOffset) +
+                      " is not within the line table bounds [" +
+                      llvm::formatv("{0:x8}", SequencesStart) + ", " +
+                      llvm::formatv("{0:x8}", LineTableEnd) + ")");
+      break;
+    }
+
+    // Check if the offset matches any of the sequence offset.
+    auto It =
+        std::find_if(LineTable->Sequences.begin(), LineTable->Sequences.end(),
+                     [SectionOffset](const auto &Sequence) {
+                       return Sequence.StmtSeqOffset == *SectionOffset;
+                     });
+
+    if (It == LineTable->Sequences.end())
+      ReportError(
+          "Invalid DW_AT_LLVM_stmt_sequence offset",
+          "DW_AT_LLVM_stmt_sequence offset " +
+              llvm::formatv("{0:x8}", *SectionOffset) +
+              " does not point to a valid sequence offset in the line table");
+    break;
+  }
   default:
     break;
   }