1
2 /*--------------------------------------------------------------------*/
3 /*--- Take snapshots of client stacks. m_stacktrace.c ---*/
4 /*--------------------------------------------------------------------*/
5
6 /*
7 This file is part of Valgrind, a dynamic binary instrumentation
8 framework.
9
10 Copyright (C) 2000-2011 Julian Seward
11 jseward@acm.org
12
13 This program is free software; you can redistribute it and/or
14 modify it under the terms of the GNU General Public License as
15 published by the Free Software Foundation; either version 2 of the
16 License, or (at your option) any later version.
17
18 This program is distributed in the hope that it will be useful, but
19 WITHOUT ANY WARRANTY; without even the implied warranty of
20 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 General Public License for more details.
22
23 You should have received a copy of the GNU General Public License
24 along with this program; if not, write to the Free Software
25 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
26 02111-1307, USA.
27
28 The GNU General Public License is contained in the file COPYING.
29 */
30
31 #include "pub_core_basics.h"
32 #include "pub_core_vki.h"
33 #include "pub_core_libcsetjmp.h" // to keep _threadstate.h happy
34 #include "pub_core_threadstate.h"
35 #include "pub_core_debuginfo.h" // XXX: circular dependency
36 #include "pub_core_aspacemgr.h" // For VG_(is_addressable)()
37 #include "pub_core_libcbase.h"
38 #include "pub_core_libcassert.h"
39 #include "pub_core_libcprint.h"
40 #include "pub_core_machine.h"
41 #include "pub_core_options.h"
42 #include "pub_core_stacks.h" // VG_(stack_limits)
43 #include "pub_core_stacktrace.h"
44 #include "pub_core_xarray.h"
45 #include "pub_core_clientstate.h" // VG_(client__dl_sysinfo_int80)
46 #include "pub_core_trampoline.h"
47
48
49 /*------------------------------------------------------------*/
50 /*--- ---*/
51 /*--- BEGIN platform-dependent unwinder worker functions ---*/
52 /*--- ---*/
53 /*------------------------------------------------------------*/
54
55 /* Take a snapshot of the client's stack, putting up to 'max_n_ips'
56 IPs into 'ips'. In order to be thread-safe, we pass in the
57 thread's IP SP, FP if that's meaningful, and LR if that's
58 meaningful. Returns number of IPs put in 'ips'.
59
60 If you know what the thread ID for this stack is, send that as the
61 first parameter, else send zero. This helps generate better stack
62 traces on ppc64-linux and has no effect on other platforms.
63 */
64
65 /* ------------------------ x86 ------------------------- */
66
67 #if defined(VGP_x86_linux) || defined(VGP_x86_darwin)
68
VG_(get_StackTrace_wrk)69 UInt VG_(get_StackTrace_wrk) ( ThreadId tid_if_known,
70 /*OUT*/Addr* ips, UInt max_n_ips,
71 /*OUT*/Addr* sps, /*OUT*/Addr* fps,
72 UnwindStartRegs* startRegs,
73 Addr fp_max_orig )
74 {
75 Bool debug = False;
76 Int i;
77 Addr fp_max;
78 UInt n_found = 0;
79
80 vg_assert(sizeof(Addr) == sizeof(UWord));
81 vg_assert(sizeof(Addr) == sizeof(void*));
82
83 D3UnwindRegs uregs;
84 uregs.xip = (Addr)startRegs->r_pc;
85 uregs.xsp = (Addr)startRegs->r_sp;
86 uregs.xbp = startRegs->misc.X86.r_ebp;
87 Addr fp_min = uregs.xsp;
88
89 /* Snaffle IPs from the client's stack into ips[0 .. max_n_ips-1],
90 stopping when the trail goes cold, which we guess to be
91 when FP is not a reasonable stack location. */
92
93 // JRS 2002-sep-17: hack, to round up fp_max to the end of the
94 // current page, at least. Dunno if it helps.
95 // NJN 2002-sep-17: seems to -- stack traces look like 1.0.X again
96 fp_max = VG_PGROUNDUP(fp_max_orig);
97 if (fp_max >= sizeof(Addr))
98 fp_max -= sizeof(Addr);
99
100 if (debug)
101 VG_(printf)("max_n_ips=%d fp_min=0x%lx fp_max_orig=0x%lx, "
102 "fp_max=0x%lx ip=0x%lx fp=0x%lx\n",
103 max_n_ips, fp_min, fp_max_orig, fp_max,
104 uregs.xip, uregs.xbp);
105
106 /* Assertion broken before main() is reached in pthreaded programs; the
107 * offending stack traces only have one item. --njn, 2002-aug-16 */
108 /* vg_assert(fp_min <= fp_max);*/
109 // On Darwin, this kicks in for pthread-related stack traces, so they're
110 // only 1 entry long which is wrong.
111 # if !defined(VGO_darwin)
112 if (fp_min + 512 >= fp_max) {
113 /* If the stack limits look bogus, don't poke around ... but
114 don't bomb out either. */
115 if (sps) sps[0] = uregs.xsp;
116 if (fps) fps[0] = uregs.xbp;
117 ips[0] = uregs.xip;
118 return 1;
119 }
120 # endif
121
122 /* fp is %ebp. sp is %esp. ip is %eip. */
123
124 if (sps) sps[0] = uregs.xsp;
125 if (fps) fps[0] = uregs.xbp;
126 ips[0] = uregs.xip;
127 i = 1;
128
129 /* Loop unwinding the stack. Note that the IP value we get on
130 * each pass (whether from CFI info or a stack frame) is a
131 * return address so is actually after the calling instruction
132 * in the calling function.
133 *
134 * Because of this we subtract one from the IP after each pass
135 * of the loop so that we find the right CFI block on the next
136 * pass - otherwise we can find the wrong CFI info if it happens
137 * to change after the calling instruction and that will mean
138 * that we will fail to unwind the next step.
139 *
140 * This most frequently happens at the end of a function when
141 * a tail call occurs and we wind up using the CFI info for the
142 * next function which is completely wrong.
143 */
144 while (True) {
145
146 if (i >= max_n_ips)
147 break;
148
149 /* Try to derive a new (ip,sp,fp) triple from the current
150 set. */
151
152 /* On x86, first try the old-fashioned method of following the
153 %ebp-chain. Code which doesn't use this (that is, compiled
154 with -fomit-frame-pointer) is not ABI compliant and so
155 relatively rare. Besides, trying the CFI first almost always
156 fails, and is expensive. */
157 /* Deal with frames resulting from functions which begin "pushl%
158 ebp ; movl %esp, %ebp" which is the ABI-mandated preamble. */
159 if (fp_min <= uregs.xbp &&
160 uregs.xbp <= fp_max - 1 * sizeof(UWord)/*see comment below*/)
161 {
162 /* fp looks sane, so use it. */
163 uregs.xip = (((UWord*)uregs.xbp)[1]);
164 // We stop if we hit a zero (the traditional end-of-stack
165 // marker) or a one -- these correspond to recorded IPs of 0 or -1.
166 // The latter because r8818 (in this file) changes the meaning of
167 // entries [1] and above in a stack trace, by subtracting 1 from
168 // them. Hence stacks that used to end with a zero value now end in
169 // -1 and so we must detect that too.
170 if (0 == uregs.xip || 1 == uregs.xip) break;
171 uregs.xsp = uregs.xbp + sizeof(Addr) /*saved %ebp*/
172 + sizeof(Addr) /*ra*/;
173 uregs.xbp = (((UWord*)uregs.xbp)[0]);
174 if (sps) sps[i] = uregs.xsp;
175 if (fps) fps[i] = uregs.xbp;
176 ips[i++] = uregs.xip - 1; /* -1: refer to calling insn, not the RA */
177 if (debug)
178 VG_(printf)(" ipsF[%d]=0x%08lx\n", i-1, ips[i-1]);
179 uregs.xip = uregs.xip - 1;
180 /* as per comment at the head of this loop */
181 continue;
182 }
183
184 /* That didn't work out, so see if there is any CF info to hand
185 which can be used. */
186 if ( VG_(use_CF_info)( &uregs, fp_min, fp_max ) ) {
187 if (0 == uregs.xip || 1 == uregs.xip) break;
188 if (sps) sps[i] = uregs.xsp;
189 if (fps) fps[i] = uregs.xbp;
190 ips[i++] = uregs.xip - 1; /* -1: refer to calling insn, not the RA */
191 if (debug)
192 VG_(printf)(" ipsC[%d]=0x%08lx\n", i-1, ips[i-1]);
193 uregs.xip = uregs.xip - 1;
194 /* as per comment at the head of this loop */
195 continue;
196 }
197
198 /* And, similarly, try for MSVC FPO unwind info. */
199 if ( VG_(use_FPO_info)( &uregs.xip, &uregs.xsp, &uregs.xbp,
200 fp_min, fp_max ) ) {
201 if (0 == uregs.xip || 1 == uregs.xip) break;
202 if (sps) sps[i] = uregs.xsp;
203 if (fps) fps[i] = uregs.xbp;
204 ips[i++] = uregs.xip;
205 if (debug)
206 VG_(printf)(" ipsC[%d]=0x%08lx\n", i-1, ips[i-1]);
207 uregs.xip = uregs.xip - 1;
208 continue;
209 }
210
211 /* No luck. We have to give up. */
212 break;
213 }
214
215 n_found = i;
216 return n_found;
217 }
218
219 #endif
220
221 /* ----------------------- amd64 ------------------------ */
222
223 #if defined(VGP_amd64_linux) || defined(VGP_amd64_darwin)
224
VG_(get_StackTrace_wrk)225 UInt VG_(get_StackTrace_wrk) ( ThreadId tid_if_known,
226 /*OUT*/Addr* ips, UInt max_n_ips,
227 /*OUT*/Addr* sps, /*OUT*/Addr* fps,
228 UnwindStartRegs* startRegs,
229 Addr fp_max_orig )
230 {
231 Bool debug = False;
232 Int i;
233 Addr fp_max;
234 UInt n_found = 0;
235
236 vg_assert(sizeof(Addr) == sizeof(UWord));
237 vg_assert(sizeof(Addr) == sizeof(void*));
238
239 D3UnwindRegs uregs;
240 uregs.xip = startRegs->r_pc;
241 uregs.xsp = startRegs->r_sp;
242 uregs.xbp = startRegs->misc.AMD64.r_rbp;
243 Addr fp_min = uregs.xsp;
244
245 /* Snaffle IPs from the client's stack into ips[0 .. max_n_ips-1],
246 stopping when the trail goes cold, which we guess to be
247 when FP is not a reasonable stack location. */
248
249 // JRS 2002-sep-17: hack, to round up fp_max to the end of the
250 // current page, at least. Dunno if it helps.
251 // NJN 2002-sep-17: seems to -- stack traces look like 1.0.X again
252 fp_max = VG_PGROUNDUP(fp_max_orig);
253 if (fp_max >= sizeof(Addr))
254 fp_max -= sizeof(Addr);
255
256 extern unsigned long nacl_head;
257
258 if (nacl_head && uregs.xip > nacl_head && uregs.xip < nacl_head + (1ULL << 32)) {
259 fp_min = nacl_head + 0x10000;
260 fp_max = nacl_head + (1ULL << 32) - 1;
261 }
262
263
264 if (debug)
265 VG_(printf)("max_n_ips=%d fp_min=0x%lx fp_max_orig=0x%lx, "
266 "fp_max=0x%lx ip=0x%lx fp=0x%lx\n",
267 max_n_ips, fp_min, fp_max_orig, fp_max,
268 uregs.xip, uregs.xbp);
269
270 /* Assertion broken before main() is reached in pthreaded programs; the
271 * offending stack traces only have one item. --njn, 2002-aug-16 */
272 /* vg_assert(fp_min <= fp_max);*/
273 // On Darwin, this kicks in for pthread-related stack traces, so they're
274 // only 1 entry long which is wrong.
275 # if !defined(VGO_darwin)
276 if (fp_min + 256 >= fp_max) {
277 /* If the stack limits look bogus, don't poke around ... but
278 don't bomb out either. */
279 if (sps) sps[0] = uregs.xsp;
280 if (fps) fps[0] = uregs.xbp;
281 ips[0] = uregs.xip;
282 return 1;
283 }
284 # endif
285
286 /* fp is %rbp. sp is %rsp. ip is %rip. */
287
288 ips[0] = uregs.xip;
289 if (sps) sps[0] = uregs.xsp;
290 if (fps) fps[0] = uregs.xbp;
291 i = 1;
292
293 /* Loop unwinding the stack. Note that the IP value we get on
294 * each pass (whether from CFI info or a stack frame) is a
295 * return address so is actually after the calling instruction
296 * in the calling function.
297 *
298 * Because of this we subtract one from the IP after each pass
299 * of the loop so that we find the right CFI block on the next
300 * pass - otherwise we can find the wrong CFI info if it happens
301 * to change after the calling instruction and that will mean
302 * that we will fail to unwind the next step.
303 *
304 * This most frequently happens at the end of a function when
305 * a tail call occurs and we wind up using the CFI info for the
306 * next function which is completely wrong.
307 */
308 while (True) {
309
310 if (i >= max_n_ips)
311 break;
312
313 /* Try to derive a new (ip,sp,fp) triple from the current set. */
314
315 /* First off, see if there is any CFI info to hand which can
316 be used. */
317 if ( VG_(use_CF_info)( &uregs, fp_min, fp_max ) ) {
318 if (0 == uregs.xip || 1 == uregs.xip) break;
319 if (sps) sps[i] = uregs.xsp;
320 if (fps) fps[i] = uregs.xbp;
321 ips[i++] = uregs.xip - 1; /* -1: refer to calling insn, not the RA */
322 if (debug)
323 VG_(printf)(" ipsC[%d]=%#08lx\n", i-1, ips[i-1]);
324 uregs.xip = uregs.xip - 1; /* as per comment at the head of this loop */
325 continue;
326 }
327
328 /* If VG_(use_CF_info) fails, it won't modify ip/sp/fp, so
329 we can safely try the old-fashioned method. */
330 /* This bit is supposed to deal with frames resulting from
331 functions which begin "pushq %rbp ; movq %rsp, %rbp".
332 Unfortunately, since we can't (easily) look at the insns at
333 the start of the fn, like GDB does, there's no reliable way
334 to tell. Hence the hack of first trying out CFI, and if that
335 fails, then use this as a fallback. */
336 /* Note: re "- 1 * sizeof(UWord)", need to take account of the
337 fact that we are prodding at & ((UWord*)fp)[1] and so need to
338 adjust the limit check accordingly. Omitting this has been
339 observed to cause segfaults on rare occasions. */
340 if (fp_min <= uregs.xbp && uregs.xbp <= fp_max - 1 * sizeof(UWord)) {
341 /* fp looks sane, so use it. */
342 uregs.xip = (((UWord*)uregs.xbp)[1]);
343 if (0 == uregs.xip || 1 == uregs.xip) break;
344 uregs.xsp = uregs.xbp + sizeof(Addr) /*saved %rbp*/
345 + sizeof(Addr) /*ra*/;
346 uregs.xbp = (((UWord*)uregs.xbp)[0]);
347 if (sps) sps[i] = uregs.xsp;
348 if (fps) fps[i] = uregs.xbp;
349 ips[i++] = uregs.xip - 1; /* -1: refer to calling insn, not the RA */
350 if (debug)
351 VG_(printf)(" ipsF[%d]=%#08lx\n", i-1, ips[i-1]);
352 uregs.xip = uregs.xip - 1; /* as per comment at the head of this loop */
353 continue;
354 }
355
356 /* Last-ditch hack (evidently GDB does something similar). We
357 are in the middle of nowhere and we have a nonsense value for
358 the frame pointer. If the stack pointer is still valid,
359 assume that what it points at is a return address. Yes,
360 desperate measures. Could do better here:
361 - check that the supposed return address is in
362 an executable page
363 - check that the supposed return address is just after a call insn
364 - given those two checks, don't just consider *sp as the return
365 address; instead scan a likely section of stack (eg sp .. sp+256)
366 and use suitable values found there.
367 */
368 if (fp_min <= uregs.xsp && uregs.xsp < fp_max) {
369 uregs.xip = ((UWord*)uregs.xsp)[0];
370 if (0 == uregs.xip || 1 == uregs.xip) break;
371 if (sps) sps[i] = uregs.xsp;
372 if (fps) fps[i] = uregs.xbp;
373 ips[i++] = uregs.xip == 0
374 ? 0 /* sp[0] == 0 ==> stuck at the bottom of a
375 thread stack */
376 : uregs.xip - 1;
377 /* -1: refer to calling insn, not the RA */
378 if (debug)
379 VG_(printf)(" ipsH[%d]=%#08lx\n", i-1, ips[i-1]);
380 uregs.xip = uregs.xip - 1; /* as per comment at the head of this loop */
381 uregs.xsp += 8;
382 continue;
383 }
384
385 /* No luck at all. We have to give up. */
386 break;
387 }
388
389 n_found = i;
390 return n_found;
391 }
392
393 #endif
394
395 /* -----------------------ppc32/64 ---------------------- */
396
397 #if defined(VGP_ppc32_linux) || defined(VGP_ppc64_linux)
398
VG_(get_StackTrace_wrk)399 UInt VG_(get_StackTrace_wrk) ( ThreadId tid_if_known,
400 /*OUT*/Addr* ips, UInt max_n_ips,
401 /*OUT*/Addr* sps, /*OUT*/Addr* fps,
402 UnwindStartRegs* startRegs,
403 Addr fp_max_orig )
404 {
405 Bool lr_is_first_RA = False;
406 # if defined(VG_PLAT_USES_PPCTOC)
407 Word redir_stack_size = 0;
408 Word redirs_used = 0;
409 # endif
410
411 Bool debug = False;
412 Int i;
413 Addr fp_max;
414 UInt n_found = 0;
415
416 vg_assert(sizeof(Addr) == sizeof(UWord));
417 vg_assert(sizeof(Addr) == sizeof(void*));
418
419 Addr ip = (Addr)startRegs->r_pc;
420 Addr sp = (Addr)startRegs->r_sp;
421 Addr fp = sp;
422 # if defined(VGP_ppc32_linux)
423 Addr lr = startRegs->misc.PPC32.r_lr;
424 # elif defined(VGP_ppc64_linux)
425 Addr lr = startRegs->misc.PPC64.r_lr;
426 # endif
427 Addr fp_min = sp;
428
429 /* Snaffle IPs from the client's stack into ips[0 .. max_n_ips-1],
430 stopping when the trail goes cold, which we guess to be
431 when FP is not a reasonable stack location. */
432
433 // JRS 2002-sep-17: hack, to round up fp_max to the end of the
434 // current page, at least. Dunno if it helps.
435 // NJN 2002-sep-17: seems to -- stack traces look like 1.0.X again
436 fp_max = VG_PGROUNDUP(fp_max_orig);
437 if (fp_max >= sizeof(Addr))
438 fp_max -= sizeof(Addr);
439
440 if (debug)
441 VG_(printf)("max_n_ips=%d fp_min=0x%lx fp_max_orig=0x%lx, "
442 "fp_max=0x%lx ip=0x%lx fp=0x%lx\n",
443 max_n_ips, fp_min, fp_max_orig, fp_max, ip, fp);
444
445 /* Assertion broken before main() is reached in pthreaded programs; the
446 * offending stack traces only have one item. --njn, 2002-aug-16 */
447 /* vg_assert(fp_min <= fp_max);*/
448 if (fp_min + 512 >= fp_max) {
449 /* If the stack limits look bogus, don't poke around ... but
450 don't bomb out either. */
451 if (sps) sps[0] = sp;
452 if (fps) fps[0] = fp;
453 ips[0] = ip;
454 return 1;
455 }
456
457 /* fp is %r1. ip is %cia. Note, ppc uses r1 as both the stack and
458 frame pointers. */
459
460 # if defined(VGP_ppc64_linux)
461 redir_stack_size = VEX_GUEST_PPC64_REDIR_STACK_SIZE;
462 redirs_used = 0;
463 # endif
464
465 # if defined(VG_PLAT_USES_PPCTOC)
466 /* Deal with bogus LR values caused by function
467 interception/wrapping on ppc-TOC platforms; see comment on
468 similar code a few lines further down. */
469 if (ULong_to_Ptr(lr) == (void*)&VG_(ppctoc_magic_redirect_return_stub)
470 && VG_(is_valid_tid)(tid_if_known)) {
471 Word hsp = VG_(threads)[tid_if_known].arch.vex.guest_REDIR_SP;
472 redirs_used++;
473 if (hsp >= 1 && hsp < redir_stack_size)
474 lr = VG_(threads)[tid_if_known]
475 .arch.vex.guest_REDIR_STACK[hsp-1];
476 }
477 # endif
478
479 /* We have to determine whether or not LR currently holds this fn
480 (call it F)'s return address. It might not if F has previously
481 called some other function, hence overwriting LR with a pointer
482 to some part of F. Hence if LR and IP point to the same
483 function then we conclude LR does not hold this function's
484 return address; instead the LR at entry must have been saved in
485 the stack by F's prologue and so we must get it from there
486 instead. Note all this guff only applies to the innermost
487 frame. */
488 lr_is_first_RA = False;
489 {
490 # define M_VG_ERRTXT 1000
491 UChar buf_lr[M_VG_ERRTXT], buf_ip[M_VG_ERRTXT];
492 /* The following conditional looks grossly inefficient and
493 surely could be majorly improved, with not much effort. */
494 if (VG_(get_fnname_raw) (lr, buf_lr, M_VG_ERRTXT))
495 if (VG_(get_fnname_raw) (ip, buf_ip, M_VG_ERRTXT))
496 if (VG_(strncmp)(buf_lr, buf_ip, M_VG_ERRTXT))
497 lr_is_first_RA = True;
498 # undef M_VG_ERRTXT
499 }
500
501 if (sps) sps[0] = fp; /* NB. not sp */
502 if (fps) fps[0] = fp;
503 ips[0] = ip;
504 i = 1;
505
506 if (fp_min <= fp && fp < fp_max-VG_WORDSIZE+1) {
507
508 /* initial FP is sane; keep going */
509 fp = (((UWord*)fp)[0]);
510
511 while (True) {
512
513 /* On ppc64-linux (ppc64-elf, really), the lr save
514 slot is 2 words back from sp, whereas on ppc32-elf(?) it's
515 only one word back. */
516 # if defined(VG_PLAT_USES_PPCTOC)
517 const Int lr_offset = 2;
518 # else
519 const Int lr_offset = 1;
520 # endif
521
522 if (i >= max_n_ips)
523 break;
524
525 /* Try to derive a new (ip,fp) pair from the current set. */
526
527 if (fp_min <= fp && fp <= fp_max - lr_offset * sizeof(UWord)) {
528 /* fp looks sane, so use it. */
529
530 if (i == 1 && lr_is_first_RA)
531 ip = lr;
532 else
533 ip = (((UWord*)fp)[lr_offset]);
534
535 # if defined(VG_PLAT_USES_PPCTOC)
536 /* Nasty hack to do with function replacement/wrapping on
537 ppc64-linux. If LR points to our magic return stub,
538 then we are in a wrapped or intercepted function, in
539 which LR has been messed with. The original LR will
540 have been pushed onto the thread's hidden REDIR stack
541 one down from the top (top element is the saved R2) and
542 so we should restore the value from there instead.
543 Since nested redirections can and do happen, we keep
544 track of the number of nested LRs used by the unwinding
545 so far with 'redirs_used'. */
546 if (ip == (Addr)&VG_(ppctoc_magic_redirect_return_stub)
547 && VG_(is_valid_tid)(tid_if_known)) {
548 Word hsp = VG_(threads)[tid_if_known]
549 .arch.vex.guest_REDIR_SP;
550 hsp -= 2 * redirs_used;
551 redirs_used ++;
552 if (hsp >= 1 && hsp < redir_stack_size)
553 ip = VG_(threads)[tid_if_known]
554 .arch.vex.guest_REDIR_STACK[hsp-1];
555 }
556 # endif
557
558 if (0 == ip || 1 == ip) break;
559 if (sps) sps[i] = fp; /* NB. not sp */
560 if (fps) fps[i] = fp;
561 fp = (((UWord*)fp)[0]);
562 ips[i++] = ip - 1; /* -1: refer to calling insn, not the RA */
563 if (debug)
564 VG_(printf)(" ipsF[%d]=%#08lx\n", i-1, ips[i-1]);
565 ip = ip - 1; /* ip is probably dead at this point, but
566 play safe, a la x86/amd64 above. See
567 extensive comments above. */
568 continue;
569 }
570
571 /* No luck there. We have to give up. */
572 break;
573 }
574 }
575
576 n_found = i;
577 return n_found;
578 }
579
580 #endif
581
582 /* ------------------------ arm ------------------------- */
583
584 #if defined(VGP_arm_linux)
585
VG_(get_StackTrace_wrk)586 UInt VG_(get_StackTrace_wrk) ( ThreadId tid_if_known,
587 /*OUT*/Addr* ips, UInt max_n_ips,
588 /*OUT*/Addr* sps, /*OUT*/Addr* fps,
589 UnwindStartRegs* startRegs,
590 Addr fp_max_orig )
591 {
592 Bool debug = False;
593 Int i;
594 Addr fp_max;
595 UInt n_found = 0;
596
597 vg_assert(sizeof(Addr) == sizeof(UWord));
598 vg_assert(sizeof(Addr) == sizeof(void*));
599
600 D3UnwindRegs uregs;
601 uregs.r15 = startRegs->r_pc & 0xFFFFFFFE;
602 uregs.r14 = startRegs->misc.ARM.r14;
603 uregs.r13 = startRegs->r_sp;
604 uregs.r12 = startRegs->misc.ARM.r12;
605 uregs.r11 = startRegs->misc.ARM.r11;
606 uregs.r7 = startRegs->misc.ARM.r7;
607 Addr fp_min = uregs.r13;
608
609 /* Snaffle IPs from the client's stack into ips[0 .. max_n_ips-1],
610 stopping when the trail goes cold, which we guess to be
611 when FP is not a reasonable stack location. */
612
613 // JRS 2002-sep-17: hack, to round up fp_max to the end of the
614 // current page, at least. Dunno if it helps.
615 // NJN 2002-sep-17: seems to -- stack traces look like 1.0.X again
616 fp_max = VG_PGROUNDUP(fp_max_orig);
617 if (fp_max >= sizeof(Addr))
618 fp_max -= sizeof(Addr);
619
620 if (debug)
621 VG_(printf)("\nmax_n_ips=%d fp_min=0x%lx fp_max_orig=0x%lx, "
622 "fp_max=0x%lx r15=0x%lx r13=0x%lx\n",
623 max_n_ips, fp_min, fp_max_orig, fp_max,
624 uregs.r15, uregs.r13);
625
626 /* Assertion broken before main() is reached in pthreaded programs; the
627 * offending stack traces only have one item. --njn, 2002-aug-16 */
628 /* vg_assert(fp_min <= fp_max);*/
629 // On Darwin, this kicks in for pthread-related stack traces, so they're
630 // only 1 entry long which is wrong.
631 if (fp_min + 512 >= fp_max) {
632 /* If the stack limits look bogus, don't poke around ... but
633 don't bomb out either. */
634 if (sps) sps[0] = uregs.r13;
635 if (fps) fps[0] = 0;
636 ips[0] = uregs.r15;
637 return 1;
638 }
639
640 /* */
641
642 if (sps) sps[0] = uregs.r13;
643 if (fps) fps[0] = 0;
644 ips[0] = uregs.r15;
645 i = 1;
646
647 /* Loop unwinding the stack. */
648
649 while (True) {
650 if (debug) {
651 VG_(printf)("i: %d, r15: 0x%lx, r13: 0x%lx\n",
652 i, uregs.r15, uregs.r13);
653 }
654
655 if (i >= max_n_ips)
656 break;
657
658 if (VG_(use_CF_info)( &uregs, fp_min, fp_max )) {
659 if (sps) sps[i] = uregs.r13;
660 if (fps) fps[i] = 0;
661 ips[i++] = (uregs.r15 & 0xFFFFFFFE) - 1;
662 if (debug)
663 VG_(printf)("USING CFI: r15: 0x%lx, r13: 0x%lx\n",
664 uregs.r15, uregs.r13);
665 uregs.r15 = (uregs.r15 & 0xFFFFFFFE) - 1;
666 continue;
667 }
668 /* No luck. We have to give up. */
669 break;
670 }
671
672 n_found = i;
673 return n_found;
674 }
675
676 #endif
677
678 /* ------------------------ s390x ------------------------- */
679 #if defined(VGP_s390x_linux)
VG_(get_StackTrace_wrk)680 UInt VG_(get_StackTrace_wrk) ( ThreadId tid_if_known,
681 /*OUT*/Addr* ips, UInt max_n_ips,
682 /*OUT*/Addr* sps, /*OUT*/Addr* fps,
683 UnwindStartRegs* startRegs,
684 Addr fp_max_orig )
685 {
686 Bool debug = False;
687 Int i;
688 Addr fp_max;
689 UInt n_found = 0;
690
691 vg_assert(sizeof(Addr) == sizeof(UWord));
692 vg_assert(sizeof(Addr) == sizeof(void*));
693
694 D3UnwindRegs uregs;
695 uregs.ia = startRegs->r_pc;
696 uregs.sp = startRegs->r_sp;
697 Addr fp_min = uregs.sp;
698 uregs.fp = startRegs->misc.S390X.r_fp;
699 uregs.lr = startRegs->misc.S390X.r_lr;
700
701 fp_max = VG_PGROUNDUP(fp_max_orig);
702 if (fp_max >= sizeof(Addr))
703 fp_max -= sizeof(Addr);
704
705 if (debug)
706 VG_(printf)("max_n_ips=%d fp_min=0x%lx fp_max_orig=0x%lx, "
707 "fp_max=0x%lx IA=0x%lx SP=0x%lx FP=0x%lx\n",
708 max_n_ips, fp_min, fp_max_orig, fp_max,
709 uregs.ia, uregs.sp,uregs.fp);
710
711 /* The first frame is pretty obvious */
712 ips[0] = uregs.ia;
713 if (sps) sps[0] = uregs.sp;
714 if (fps) fps[0] = uregs.fp;
715 i = 1;
716
717 /* for everything else we have to rely on the eh_frame. gcc defaults to
718 not create a backchain and all the other tools (like gdb) also have
719 to use the CFI. */
720 while (True) {
721 if (i >= max_n_ips)
722 break;
723
724 if (VG_(use_CF_info)( &uregs, fp_min, fp_max )) {
725 if (sps) sps[i] = uregs.sp;
726 if (fps) fps[i] = uregs.fp;
727 ips[i++] = uregs.ia - 1;
728 uregs.ia = uregs.ia - 1;
729 continue;
730 }
731 /* A problem on the first frame? Lets assume it was a bad jump.
732 We will use the link register and the current stack and frame
733 pointers and see if we can use the CFI in the next round. */
734 if (i == 1) {
735 if (sps) {
736 sps[i] = sps[0];
737 uregs.sp = sps[0];
738 }
739 if (fps) {
740 fps[i] = fps[0];
741 uregs.fp = fps[0];
742 }
743 uregs.ia = uregs.lr - 1;
744 ips[i++] = uregs.lr - 1;
745 continue;
746 }
747
748 /* No luck. We have to give up. */
749 break;
750 }
751
752 n_found = i;
753 return n_found;
754 }
755 #endif
756
757 /*------------------------------------------------------------*/
758 /*--- ---*/
759 /*--- END platform-dependent unwinder worker functions ---*/
760 /*--- ---*/
761 /*------------------------------------------------------------*/
762
763 /*------------------------------------------------------------*/
764 /*--- Exported functions. ---*/
765 /*------------------------------------------------------------*/
766
VG_(get_StackTrace)767 UInt VG_(get_StackTrace) ( ThreadId tid,
768 /*OUT*/StackTrace ips, UInt max_n_ips,
769 /*OUT*/StackTrace sps,
770 /*OUT*/StackTrace fps,
771 Word first_ip_delta )
772 {
773 /* Get the register values with which to start the unwind. */
774 UnwindStartRegs startRegs;
775 VG_(memset)( &startRegs, 0, sizeof(startRegs) );
776 VG_(get_UnwindStartRegs)( &startRegs, tid );
777
778 Addr stack_highest_word = VG_(threads)[tid].client_stack_highest_word;
779 Addr stack_lowest_word = 0;
780
781 # if defined(VGP_x86_linux)
782 /* Nasty little hack to deal with syscalls - if libc is using its
783 _dl_sysinfo_int80 function for syscalls (the TLS version does),
784 then ip will always appear to be in that function when doing a
785 syscall, not the actual libc function doing the syscall. This
786 check sees if IP is within that function, and pops the return
787 address off the stack so that ip is placed within the library
788 function calling the syscall. This makes stack backtraces much
789 more useful.
790
791 The function is assumed to look like this (from glibc-2.3.6 sources):
792 _dl_sysinfo_int80:
793 int $0x80
794 ret
795 That is 3 (2+1) bytes long. We could be more thorough and check
796 the 3 bytes of the function are as expected, but I can't be
797 bothered.
798 */
799 if (VG_(client__dl_sysinfo_int80) != 0 /* we know its address */
800 && startRegs.r_pc >= VG_(client__dl_sysinfo_int80)
801 && startRegs.r_pc < VG_(client__dl_sysinfo_int80)+3
802 && VG_(am_is_valid_for_client)(startRegs.r_pc, sizeof(Addr),
803 VKI_PROT_READ)) {
804 startRegs.r_pc = (ULong) *(Addr*)(UWord)startRegs.r_sp;
805 startRegs.r_sp += (ULong) sizeof(Addr);
806 }
807 # endif
808
809 /* See if we can get a better idea of the stack limits */
810 VG_(stack_limits)( (Addr)startRegs.r_sp,
811 &stack_lowest_word, &stack_highest_word );
812
813 /* Take into account the first_ip_delta. */
814 startRegs.r_pc += (Long)(Word)first_ip_delta;
815
816 if (0)
817 VG_(printf)("tid %d: stack_highest=0x%08lx ip=0x%010llx "
818 "sp=0x%010llx\n",
819 tid, stack_highest_word,
820 startRegs.r_pc, startRegs.r_sp);
821
822 return VG_(get_StackTrace_wrk)(tid, ips, max_n_ips,
823 sps, fps,
824 &startRegs,
825 stack_highest_word);
826 }
827
printIpDesc(UInt n,Addr ip,void * uu_opaque)828 static void printIpDesc(UInt n, Addr ip, void* uu_opaque)
829 {
830 #define BUF_LEN 4096
831
832 static UChar buf[BUF_LEN];
833
834 VG_(describe_IP)(ip, buf, BUF_LEN);
835
836 if (VG_(clo_xml)) {
837 VG_(printf_xml)(" %s\n", buf);
838 } else {
839 VG_(message)(Vg_UserMsg, " %s %s\n", ( n == 0 ? "at" : "by" ), buf);
840 }
841 }
842
843 /* Print a StackTrace. */
VG_(pp_StackTrace)844 void VG_(pp_StackTrace) ( StackTrace ips, UInt n_ips )
845 {
846 vg_assert( n_ips > 0 );
847
848 if (VG_(clo_xml))
849 VG_(printf_xml)(" <stack>\n");
850
851 VG_(apply_StackTrace)( printIpDesc, NULL, ips, n_ips );
852
853 if (VG_(clo_xml))
854 VG_(printf_xml)(" </stack>\n");
855 }
856
857 /* Get and immediately print a StackTrace. */
VG_(get_and_pp_StackTrace)858 void VG_(get_and_pp_StackTrace) ( ThreadId tid, UInt max_n_ips )
859 {
860 Addr ips[max_n_ips];
861 UInt n_ips
862 = VG_(get_StackTrace)(tid, ips, max_n_ips,
863 NULL/*array to dump SP values in*/,
864 NULL/*array to dump FP values in*/,
865 0/*first_ip_delta*/);
866 VG_(pp_StackTrace)(ips, n_ips);
867 }
868
VG_(apply_StackTrace)869 void VG_(apply_StackTrace)(
870 void(*action)(UInt n, Addr ip, void* opaque),
871 void* opaque,
872 StackTrace ips, UInt n_ips
873 )
874 {
875 Bool main_done = False;
876 Int i = 0;
877
878 vg_assert(n_ips > 0);
879 do {
880 Addr ip = ips[i];
881
882 // Stop after the first appearance of "main" or one of the other names
883 // (the appearance of which is a pretty good sign that we've gone past
884 // main without seeing it, for whatever reason)
885 if ( ! VG_(clo_show_below_main) ) {
886 Vg_FnNameKind kind = VG_(get_fnname_kind_from_IP)(ip);
887 if (Vg_FnNameMain == kind || Vg_FnNameBelowMain == kind) {
888 main_done = True;
889 }
890 }
891
892 // Act on the ip
893 action(i, ip, opaque);
894
895 i++;
896 } while (i < n_ips && !main_done);
897
898 #undef MYBUF_LEN
899 }
900
901
902 /*--------------------------------------------------------------------*/
903 /*--- end ---*/
904 /*--------------------------------------------------------------------*/
905