Re: Finding stack frames on ix86

From: Andi Kleen (ak@suse.de)
Date: Tue May 09 2000 - 16:22:24 EST

Next message: Mikael Grahn: "VM performance..."
Previous message: Linda Walsh: "RE: (MAC/DAC) RE: Future Linux devel. Kernels"
Next in thread: Marc Lehmann: "Re: Finding stack frames on ix86"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> I'm doing some work on SGI's kdb and I need a sanity check on an
> algorithm for finding the kernel stack frames on ix86.
>
> 1) Given the PC, find the start of the function.
>
> 2) If the function starts with pushl %ebp, movl %esp,%ebp then it was
> compiled with frame pointers, use ebp to get the stack frame.
> Special cases if the PC is in the first two instructions or there
> was a breakpoint in the first two instructions.

This is not safe with gcc-current, which schedules instruction
prologues. There could be instructions moved in between the pushl
and the movl

>
> 3) No frame pointer. Scan up the stack looking for addresses that are
> within the .text or .text.init sections, I have section data. If
> the code just before that address is "call address", "call *%reg" or
> "call *address(,%eax,4)" then assume that this is the return EIP.

If you do that please make it output the module name and the
offset for module addresses: kdb normally only knows about global
symbols in module, so for static functions you get
last_global_symbol+offset. When last_global_symbol is in a different
module getting the real function name can be interesting. With
modul name+offset it is easy to find.

> (1) and (2) should always be safe. (3) will have false positives if it
> finds an old return address still on stack, part of an old frame that
> has not been overwritten yet. AFAICT there is nothing I can do about
> that. Are there any cases where (3) would miss a frame, i.e. where a
> routine is not entered via one of the 3 versions of call?

With gcc-current you can get jmp $address (tail call optimization).

Some assembly code also uses pushl $address ; .... ; ret tricks
(but that's fortunately seldom because it usually causes pipeline stalls)

Have you checked gdb sources? Iirc there went years of work into his
backtracer.

-Andi

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Mikael Grahn: "VM performance..."
Previous message: Linda Walsh: "RE: (MAC/DAC) RE: Future Linux devel. Kernels"
Next in thread: Marc Lehmann: "Re: Finding stack frames on ix86"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Mon May 15 2000 - 21:00:14 EST