1 2 /*--------------------------------------------------------------------*/ 3 /*--- Take snapshots of client stacks. m_stacktrace.c ---*/ 4 /*--------------------------------------------------------------------*/ 5 6 /* 7 This file is part of Valgrind, a dynamic binary instrumentation 8 framework. 9 10 Copyright (C) 2000-2011 Julian Seward 11 jseward (at) acm.org 12 13 This program is free software; you can redistribute it and/or 14 modify it under the terms of the GNU General Public License as 15 published by the Free Software Foundation; either version 2 of the 16 License, or (at your option) any later version. 17 18 This program is distributed in the hope that it will be useful, but 19 WITHOUT ANY WARRANTY; without even the implied warranty of 20 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 21 General Public License for more details. 22 23 You should have received a copy of the GNU General Public License 24 along with this program; if not, write to the Free Software 25 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 26 02111-1307, USA. 27 28 The GNU General Public License is contained in the file COPYING. 29 */ 30 31 #include "pub_core_basics.h" 32 #include "pub_core_vki.h" 33 #include "pub_core_libcsetjmp.h" // to keep _threadstate.h happy 34 #include "pub_core_threadstate.h" 35 #include "pub_core_debuginfo.h" // XXX: circular dependency 36 #include "pub_core_aspacemgr.h" // For VG_(is_addressable)() 37 #include "pub_core_libcbase.h" 38 #include "pub_core_libcassert.h" 39 #include "pub_core_libcprint.h" 40 #include "pub_core_machine.h" 41 #include "pub_core_options.h" 42 #include "pub_core_stacks.h" // VG_(stack_limits) 43 #include "pub_core_stacktrace.h" 44 #include "pub_core_xarray.h" 45 #include "pub_core_clientstate.h" // VG_(client__dl_sysinfo_int80) 46 #include "pub_core_trampoline.h" 47 48 49 /*------------------------------------------------------------*/ 50 /*--- ---*/ 51 /*--- BEGIN platform-dependent unwinder worker functions ---*/ 52 /*--- ---*/ 53 /*------------------------------------------------------------*/ 54 55 /* Take a snapshot of the client's stack, putting up to 'max_n_ips' 56 IPs into 'ips'. In order to be thread-safe, we pass in the 57 thread's IP SP, FP if that's meaningful, and LR if that's 58 meaningful. Returns number of IPs put in 'ips'. 59 60 If you know what the thread ID for this stack is, send that as the 61 first parameter, else send zero. This helps generate better stack 62 traces on ppc64-linux and has no effect on other platforms. 63 */ 64 65 /* ------------------------ x86 ------------------------- */ 66 67 #if defined(VGP_x86_linux) || defined(VGP_x86_darwin) 68 69 UInt VG_(get_StackTrace_wrk) ( ThreadId tid_if_known, 70 /*OUT*/Addr* ips, UInt max_n_ips, 71 /*OUT*/Addr* sps, /*OUT*/Addr* fps, 72 UnwindStartRegs* startRegs, 73 Addr fp_max_orig ) 74 { 75 Bool debug = False; 76 Int i; 77 Addr fp_max; 78 UInt n_found = 0; 79 80 vg_assert(sizeof(Addr) == sizeof(UWord)); 81 vg_assert(sizeof(Addr) == sizeof(void*)); 82 83 D3UnwindRegs uregs; 84 uregs.xip = (Addr)startRegs->r_pc; 85 uregs.xsp = (Addr)startRegs->r_sp; 86 uregs.xbp = startRegs->misc.X86.r_ebp; 87 Addr fp_min = uregs.xsp; 88 89 /* Snaffle IPs from the client's stack into ips[0 .. max_n_ips-1], 90 stopping when the trail goes cold, which we guess to be 91 when FP is not a reasonable stack location. */ 92 93 // JRS 2002-sep-17: hack, to round up fp_max to the end of the 94 // current page, at least. Dunno if it helps. 95 // NJN 2002-sep-17: seems to -- stack traces look like 1.0.X again 96 fp_max = VG_PGROUNDUP(fp_max_orig); 97 if (fp_max >= sizeof(Addr)) 98 fp_max -= sizeof(Addr); 99 100 if (debug) 101 VG_(printf)("max_n_ips=%d fp_min=0x%lx fp_max_orig=0x%lx, " 102 "fp_max=0x%lx ip=0x%lx fp=0x%lx\n", 103 max_n_ips, fp_min, fp_max_orig, fp_max, 104 uregs.xip, uregs.xbp); 105 106 /* Assertion broken before main() is reached in pthreaded programs; the 107 * offending stack traces only have one item. --njn, 2002-aug-16 */ 108 /* vg_assert(fp_min <= fp_max);*/ 109 // On Darwin, this kicks in for pthread-related stack traces, so they're 110 // only 1 entry long which is wrong. 111 # if !defined(VGO_darwin) 112 if (fp_min + 512 >= fp_max) { 113 /* If the stack limits look bogus, don't poke around ... but 114 don't bomb out either. */ 115 if (sps) sps[0] = uregs.xsp; 116 if (fps) fps[0] = uregs.xbp; 117 ips[0] = uregs.xip; 118 return 1; 119 } 120 # endif 121 122 /* fp is %ebp. sp is %esp. ip is %eip. */ 123 124 if (sps) sps[0] = uregs.xsp; 125 if (fps) fps[0] = uregs.xbp; 126 ips[0] = uregs.xip; 127 i = 1; 128 129 /* Loop unwinding the stack. Note that the IP value we get on 130 * each pass (whether from CFI info or a stack frame) is a 131 * return address so is actually after the calling instruction 132 * in the calling function. 133 * 134 * Because of this we subtract one from the IP after each pass 135 * of the loop so that we find the right CFI block on the next 136 * pass - otherwise we can find the wrong CFI info if it happens 137 * to change after the calling instruction and that will mean 138 * that we will fail to unwind the next step. 139 * 140 * This most frequently happens at the end of a function when 141 * a tail call occurs and we wind up using the CFI info for the 142 * next function which is completely wrong. 143 */ 144 while (True) { 145 146 if (i >= max_n_ips) 147 break; 148 149 /* Try to derive a new (ip,sp,fp) triple from the current 150 set. */ 151 152 /* On x86, first try the old-fashioned method of following the 153 %ebp-chain. Code which doesn't use this (that is, compiled 154 with -fomit-frame-pointer) is not ABI compliant and so 155 relatively rare. Besides, trying the CFI first almost always 156 fails, and is expensive. */ 157 /* Deal with frames resulting from functions which begin "pushl% 158 ebp ; movl %esp, %ebp" which is the ABI-mandated preamble. */ 159 if (fp_min <= uregs.xbp && 160 uregs.xbp <= fp_max - 1 * sizeof(UWord)/*see comment below*/) 161 { 162 /* fp looks sane, so use it. */ 163 uregs.xip = (((UWord*)uregs.xbp)[1]); 164 // We stop if we hit a zero (the traditional end-of-stack 165 // marker) or a one -- these correspond to recorded IPs of 0 or -1. 166 // The latter because r8818 (in this file) changes the meaning of 167 // entries [1] and above in a stack trace, by subtracting 1 from 168 // them. Hence stacks that used to end with a zero value now end in 169 // -1 and so we must detect that too. 170 if (0 == uregs.xip || 1 == uregs.xip) break; 171 uregs.xsp = uregs.xbp + sizeof(Addr) /*saved %ebp*/ 172 + sizeof(Addr) /*ra*/; 173 uregs.xbp = (((UWord*)uregs.xbp)[0]); 174 if (sps) sps[i] = uregs.xsp; 175 if (fps) fps[i] = uregs.xbp; 176 ips[i++] = uregs.xip - 1; /* -1: refer to calling insn, not the RA */ 177 if (debug) 178 VG_(printf)(" ipsF[%d]=0x%08lx\n", i-1, ips[i-1]); 179 uregs.xip = uregs.xip - 1; 180 /* as per comment at the head of this loop */ 181 continue; 182 } 183 184 /* That didn't work out, so see if there is any CF info to hand 185 which can be used. */ 186 if ( VG_(use_CF_info)( &uregs, fp_min, fp_max ) ) { 187 if (0 == uregs.xip || 1 == uregs.xip) break; 188 if (sps) sps[i] = uregs.xsp; 189 if (fps) fps[i] = uregs.xbp; 190 ips[i++] = uregs.xip - 1; /* -1: refer to calling insn, not the RA */ 191 if (debug) 192 VG_(printf)(" ipsC[%d]=0x%08lx\n", i-1, ips[i-1]); 193 uregs.xip = uregs.xip - 1; 194 /* as per comment at the head of this loop */ 195 continue; 196 } 197 198 /* And, similarly, try for MSVC FPO unwind info. */ 199 if ( VG_(use_FPO_info)( &uregs.xip, &uregs.xsp, &uregs.xbp, 200 fp_min, fp_max ) ) { 201 if (0 == uregs.xip || 1 == uregs.xip) break; 202 if (sps) sps[i] = uregs.xsp; 203 if (fps) fps[i] = uregs.xbp; 204 ips[i++] = uregs.xip; 205 if (debug) 206 VG_(printf)(" ipsC[%d]=0x%08lx\n", i-1, ips[i-1]); 207 uregs.xip = uregs.xip - 1; 208 continue; 209 } 210 211 /* No luck. We have to give up. */ 212 break; 213 } 214 215 n_found = i; 216 return n_found; 217 } 218 219 #endif 220 221 /* ----------------------- amd64 ------------------------ */ 222 223 #if defined(VGP_amd64_linux) || defined(VGP_amd64_darwin) 224 225 UInt VG_(get_StackTrace_wrk) ( ThreadId tid_if_known, 226 /*OUT*/Addr* ips, UInt max_n_ips, 227 /*OUT*/Addr* sps, /*OUT*/Addr* fps, 228 UnwindStartRegs* startRegs, 229 Addr fp_max_orig ) 230 { 231 Bool debug = False; 232 Int i; 233 Addr fp_max; 234 UInt n_found = 0; 235 236 vg_assert(sizeof(Addr) == sizeof(UWord)); 237 vg_assert(sizeof(Addr) == sizeof(void*)); 238 239 D3UnwindRegs uregs; 240 uregs.xip = startRegs->r_pc; 241 uregs.xsp = startRegs->r_sp; 242 uregs.xbp = startRegs->misc.AMD64.r_rbp; 243 Addr fp_min = uregs.xsp; 244 245 /* Snaffle IPs from the client's stack into ips[0 .. max_n_ips-1], 246 stopping when the trail goes cold, which we guess to be 247 when FP is not a reasonable stack location. */ 248 249 // JRS 2002-sep-17: hack, to round up fp_max to the end of the 250 // current page, at least. Dunno if it helps. 251 // NJN 2002-sep-17: seems to -- stack traces look like 1.0.X again 252 fp_max = VG_PGROUNDUP(fp_max_orig); 253 if (fp_max >= sizeof(Addr)) 254 fp_max -= sizeof(Addr); 255 256 extern unsigned long nacl_head; 257 258 if (nacl_head && uregs.xip > nacl_head && uregs.xip < nacl_head + (1ULL << 32)) { 259 fp_min = nacl_head + 0x10000; 260 fp_max = nacl_head + (1ULL << 32) - 1; 261 } 262 263 264 if (debug) 265 VG_(printf)("max_n_ips=%d fp_min=0x%lx fp_max_orig=0x%lx, " 266 "fp_max=0x%lx ip=0x%lx fp=0x%lx\n", 267 max_n_ips, fp_min, fp_max_orig, fp_max, 268 uregs.xip, uregs.xbp); 269 270 /* Assertion broken before main() is reached in pthreaded programs; the 271 * offending stack traces only have one item. --njn, 2002-aug-16 */ 272 /* vg_assert(fp_min <= fp_max);*/ 273 // On Darwin, this kicks in for pthread-related stack traces, so they're 274 // only 1 entry long which is wrong. 275 # if !defined(VGO_darwin) 276 if (fp_min + 256 >= fp_max) { 277 /* If the stack limits look bogus, don't poke around ... but 278 don't bomb out either. */ 279 if (sps) sps[0] = uregs.xsp; 280 if (fps) fps[0] = uregs.xbp; 281 ips[0] = uregs.xip; 282 return 1; 283 } 284 # endif 285 286 /* fp is %rbp. sp is %rsp. ip is %rip. */ 287 288 ips[0] = uregs.xip; 289 if (sps) sps[0] = uregs.xsp; 290 if (fps) fps[0] = uregs.xbp; 291 i = 1; 292 293 /* Loop unwinding the stack. Note that the IP value we get on 294 * each pass (whether from CFI info or a stack frame) is a 295 * return address so is actually after the calling instruction 296 * in the calling function. 297 * 298 * Because of this we subtract one from the IP after each pass 299 * of the loop so that we find the right CFI block on the next 300 * pass - otherwise we can find the wrong CFI info if it happens 301 * to change after the calling instruction and that will mean 302 * that we will fail to unwind the next step. 303 * 304 * This most frequently happens at the end of a function when 305 * a tail call occurs and we wind up using the CFI info for the 306 * next function which is completely wrong. 307 */ 308 while (True) { 309 310 if (i >= max_n_ips) 311 break; 312 313 /* Try to derive a new (ip,sp,fp) triple from the current set. */ 314 315 /* First off, see if there is any CFI info to hand which can 316 be used. */ 317 if ( VG_(use_CF_info)( &uregs, fp_min, fp_max ) ) { 318 if (0 == uregs.xip || 1 == uregs.xip) break; 319 if (sps) sps[i] = uregs.xsp; 320 if (fps) fps[i] = uregs.xbp; 321 ips[i++] = uregs.xip - 1; /* -1: refer to calling insn, not the RA */ 322 if (debug) 323 VG_(printf)(" ipsC[%d]=%#08lx\n", i-1, ips[i-1]); 324 uregs.xip = uregs.xip - 1; /* as per comment at the head of this loop */ 325 continue; 326 } 327 328 /* If VG_(use_CF_info) fails, it won't modify ip/sp/fp, so 329 we can safely try the old-fashioned method. */ 330 /* This bit is supposed to deal with frames resulting from 331 functions which begin "pushq %rbp ; movq %rsp, %rbp". 332 Unfortunately, since we can't (easily) look at the insns at 333 the start of the fn, like GDB does, there's no reliable way 334 to tell. Hence the hack of first trying out CFI, and if that 335 fails, then use this as a fallback. */ 336 /* Note: re "- 1 * sizeof(UWord)", need to take account of the 337 fact that we are prodding at & ((UWord*)fp)[1] and so need to 338 adjust the limit check accordingly. Omitting this has been 339 observed to cause segfaults on rare occasions. */ 340 if (fp_min <= uregs.xbp && uregs.xbp <= fp_max - 1 * sizeof(UWord)) { 341 /* fp looks sane, so use it. */ 342 uregs.xip = (((UWord*)uregs.xbp)[1]); 343 if (0 == uregs.xip || 1 == uregs.xip) break; 344 uregs.xsp = uregs.xbp + sizeof(Addr) /*saved %rbp*/ 345 + sizeof(Addr) /*ra*/; 346 uregs.xbp = (((UWord*)uregs.xbp)[0]); 347 if (sps) sps[i] = uregs.xsp; 348 if (fps) fps[i] = uregs.xbp; 349 ips[i++] = uregs.xip - 1; /* -1: refer to calling insn, not the RA */ 350 if (debug) 351 VG_(printf)(" ipsF[%d]=%#08lx\n", i-1, ips[i-1]); 352 uregs.xip = uregs.xip - 1; /* as per comment at the head of this loop */ 353 continue; 354 } 355 356 /* Last-ditch hack (evidently GDB does something similar). We 357 are in the middle of nowhere and we have a nonsense value for 358 the frame pointer. If the stack pointer is still valid, 359 assume that what it points at is a return address. Yes, 360 desperate measures. Could do better here: 361 - check that the supposed return address is in 362 an executable page 363 - check that the supposed return address is just after a call insn 364 - given those two checks, don't just consider *sp as the return 365 address; instead scan a likely section of stack (eg sp .. sp+256) 366 and use suitable values found there. 367 */ 368 if (fp_min <= uregs.xsp && uregs.xsp < fp_max) { 369 uregs.xip = ((UWord*)uregs.xsp)[0]; 370 if (0 == uregs.xip || 1 == uregs.xip) break; 371 if (sps) sps[i] = uregs.xsp; 372 if (fps) fps[i] = uregs.xbp; 373 ips[i++] = uregs.xip == 0 374 ? 0 /* sp[0] == 0 ==> stuck at the bottom of a 375 thread stack */ 376 : uregs.xip - 1; 377 /* -1: refer to calling insn, not the RA */ 378 if (debug) 379 VG_(printf)(" ipsH[%d]=%#08lx\n", i-1, ips[i-1]); 380 uregs.xip = uregs.xip - 1; /* as per comment at the head of this loop */ 381 uregs.xsp += 8; 382 continue; 383 } 384 385 /* No luck at all. We have to give up. */ 386 break; 387 } 388 389 n_found = i; 390 return n_found; 391 } 392 393 #endif 394 395 /* -----------------------ppc32/64 ---------------------- */ 396 397 #if defined(VGP_ppc32_linux) || defined(VGP_ppc64_linux) 398 399 UInt VG_(get_StackTrace_wrk) ( ThreadId tid_if_known, 400 /*OUT*/Addr* ips, UInt max_n_ips, 401 /*OUT*/Addr* sps, /*OUT*/Addr* fps, 402 UnwindStartRegs* startRegs, 403 Addr fp_max_orig ) 404 { 405 Bool lr_is_first_RA = False; 406 # if defined(VG_PLAT_USES_PPCTOC) 407 Word redir_stack_size = 0; 408 Word redirs_used = 0; 409 # endif 410 411 Bool debug = False; 412 Int i; 413 Addr fp_max; 414 UInt n_found = 0; 415 416 vg_assert(sizeof(Addr) == sizeof(UWord)); 417 vg_assert(sizeof(Addr) == sizeof(void*)); 418 419 Addr ip = (Addr)startRegs->r_pc; 420 Addr sp = (Addr)startRegs->r_sp; 421 Addr fp = sp; 422 # if defined(VGP_ppc32_linux) 423 Addr lr = startRegs->misc.PPC32.r_lr; 424 # elif defined(VGP_ppc64_linux) 425 Addr lr = startRegs->misc.PPC64.r_lr; 426 # endif 427 Addr fp_min = sp; 428 429 /* Snaffle IPs from the client's stack into ips[0 .. max_n_ips-1], 430 stopping when the trail goes cold, which we guess to be 431 when FP is not a reasonable stack location. */ 432 433 // JRS 2002-sep-17: hack, to round up fp_max to the end of the 434 // current page, at least. Dunno if it helps. 435 // NJN 2002-sep-17: seems to -- stack traces look like 1.0.X again 436 fp_max = VG_PGROUNDUP(fp_max_orig); 437 if (fp_max >= sizeof(Addr)) 438 fp_max -= sizeof(Addr); 439 440 if (debug) 441 VG_(printf)("max_n_ips=%d fp_min=0x%lx fp_max_orig=0x%lx, " 442 "fp_max=0x%lx ip=0x%lx fp=0x%lx\n", 443 max_n_ips, fp_min, fp_max_orig, fp_max, ip, fp); 444 445 /* Assertion broken before main() is reached in pthreaded programs; the 446 * offending stack traces only have one item. --njn, 2002-aug-16 */ 447 /* vg_assert(fp_min <= fp_max);*/ 448 if (fp_min + 512 >= fp_max) { 449 /* If the stack limits look bogus, don't poke around ... but 450 don't bomb out either. */ 451 if (sps) sps[0] = sp; 452 if (fps) fps[0] = fp; 453 ips[0] = ip; 454 return 1; 455 } 456 457 /* fp is %r1. ip is %cia. Note, ppc uses r1 as both the stack and 458 frame pointers. */ 459 460 # if defined(VGP_ppc64_linux) 461 redir_stack_size = VEX_GUEST_PPC64_REDIR_STACK_SIZE; 462 redirs_used = 0; 463 # endif 464 465 # if defined(VG_PLAT_USES_PPCTOC) 466 /* Deal with bogus LR values caused by function 467 interception/wrapping on ppc-TOC platforms; see comment on 468 similar code a few lines further down. */ 469 if (ULong_to_Ptr(lr) == (void*)&VG_(ppctoc_magic_redirect_return_stub) 470 && VG_(is_valid_tid)(tid_if_known)) { 471 Word hsp = VG_(threads)[tid_if_known].arch.vex.guest_REDIR_SP; 472 redirs_used++; 473 if (hsp >= 1 && hsp < redir_stack_size) 474 lr = VG_(threads)[tid_if_known] 475 .arch.vex.guest_REDIR_STACK[hsp-1]; 476 } 477 # endif 478 479 /* We have to determine whether or not LR currently holds this fn 480 (call it F)'s return address. It might not if F has previously 481 called some other function, hence overwriting LR with a pointer 482 to some part of F. Hence if LR and IP point to the same 483 function then we conclude LR does not hold this function's 484 return address; instead the LR at entry must have been saved in 485 the stack by F's prologue and so we must get it from there 486 instead. Note all this guff only applies to the innermost 487 frame. */ 488 lr_is_first_RA = False; 489 { 490 # define M_VG_ERRTXT 1000 491 UChar buf_lr[M_VG_ERRTXT], buf_ip[M_VG_ERRTXT]; 492 /* The following conditional looks grossly inefficient and 493 surely could be majorly improved, with not much effort. */ 494 if (VG_(get_fnname_raw) (lr, buf_lr, M_VG_ERRTXT)) 495 if (VG_(get_fnname_raw) (ip, buf_ip, M_VG_ERRTXT)) 496 if (VG_(strncmp)(buf_lr, buf_ip, M_VG_ERRTXT)) 497 lr_is_first_RA = True; 498 # undef M_VG_ERRTXT 499 } 500 501 if (sps) sps[0] = fp; /* NB. not sp */ 502 if (fps) fps[0] = fp; 503 ips[0] = ip; 504 i = 1; 505 506 if (fp_min <= fp && fp < fp_max-VG_WORDSIZE+1) { 507 508 /* initial FP is sane; keep going */ 509 fp = (((UWord*)fp)[0]); 510 511 while (True) { 512 513 /* On ppc64-linux (ppc64-elf, really), the lr save 514 slot is 2 words back from sp, whereas on ppc32-elf(?) it's 515 only one word back. */ 516 # if defined(VG_PLAT_USES_PPCTOC) 517 const Int lr_offset = 2; 518 # else 519 const Int lr_offset = 1; 520 # endif 521 522 if (i >= max_n_ips) 523 break; 524 525 /* Try to derive a new (ip,fp) pair from the current set. */ 526 527 if (fp_min <= fp && fp <= fp_max - lr_offset * sizeof(UWord)) { 528 /* fp looks sane, so use it. */ 529 530 if (i == 1 && lr_is_first_RA) 531 ip = lr; 532 else 533 ip = (((UWord*)fp)[lr_offset]); 534 535 # if defined(VG_PLAT_USES_PPCTOC) 536 /* Nasty hack to do with function replacement/wrapping on 537 ppc64-linux. If LR points to our magic return stub, 538 then we are in a wrapped or intercepted function, in 539 which LR has been messed with. The original LR will 540 have been pushed onto the thread's hidden REDIR stack 541 one down from the top (top element is the saved R2) and 542 so we should restore the value from there instead. 543 Since nested redirections can and do happen, we keep 544 track of the number of nested LRs used by the unwinding 545 so far with 'redirs_used'. */ 546 if (ip == (Addr)&VG_(ppctoc_magic_redirect_return_stub) 547 && VG_(is_valid_tid)(tid_if_known)) { 548 Word hsp = VG_(threads)[tid_if_known] 549 .arch.vex.guest_REDIR_SP; 550 hsp -= 2 * redirs_used; 551 redirs_used ++; 552 if (hsp >= 1 && hsp < redir_stack_size) 553 ip = VG_(threads)[tid_if_known] 554 .arch.vex.guest_REDIR_STACK[hsp-1]; 555 } 556 # endif 557 558 if (0 == ip || 1 == ip) break; 559 if (sps) sps[i] = fp; /* NB. not sp */ 560 if (fps) fps[i] = fp; 561 fp = (((UWord*)fp)[0]); 562 ips[i++] = ip - 1; /* -1: refer to calling insn, not the RA */ 563 if (debug) 564 VG_(printf)(" ipsF[%d]=%#08lx\n", i-1, ips[i-1]); 565 ip = ip - 1; /* ip is probably dead at this point, but 566 play safe, a la x86/amd64 above. See 567 extensive comments above. */ 568 continue; 569 } 570 571 /* No luck there. We have to give up. */ 572 break; 573 } 574 } 575 576 n_found = i; 577 return n_found; 578 } 579 580 #endif 581 582 /* ------------------------ arm ------------------------- */ 583 584 #if defined(VGP_arm_linux) 585 586 UInt VG_(get_StackTrace_wrk) ( ThreadId tid_if_known, 587 /*OUT*/Addr* ips, UInt max_n_ips, 588 /*OUT*/Addr* sps, /*OUT*/Addr* fps, 589 UnwindStartRegs* startRegs, 590 Addr fp_max_orig ) 591 { 592 Bool debug = False; 593 Int i; 594 Addr fp_max; 595 UInt n_found = 0; 596 597 vg_assert(sizeof(Addr) == sizeof(UWord)); 598 vg_assert(sizeof(Addr) == sizeof(void*)); 599 600 D3UnwindRegs uregs; 601 uregs.r15 = startRegs->r_pc & 0xFFFFFFFE; 602 uregs.r14 = startRegs->misc.ARM.r14; 603 uregs.r13 = startRegs->r_sp; 604 uregs.r12 = startRegs->misc.ARM.r12; 605 uregs.r11 = startRegs->misc.ARM.r11; 606 uregs.r7 = startRegs->misc.ARM.r7; 607 Addr fp_min = uregs.r13; 608 609 /* Snaffle IPs from the client's stack into ips[0 .. max_n_ips-1], 610 stopping when the trail goes cold, which we guess to be 611 when FP is not a reasonable stack location. */ 612 613 // JRS 2002-sep-17: hack, to round up fp_max to the end of the 614 // current page, at least. Dunno if it helps. 615 // NJN 2002-sep-17: seems to -- stack traces look like 1.0.X again 616 fp_max = VG_PGROUNDUP(fp_max_orig); 617 if (fp_max >= sizeof(Addr)) 618 fp_max -= sizeof(Addr); 619 620 if (debug) 621 VG_(printf)("\nmax_n_ips=%d fp_min=0x%lx fp_max_orig=0x%lx, " 622 "fp_max=0x%lx r15=0x%lx r13=0x%lx\n", 623 max_n_ips, fp_min, fp_max_orig, fp_max, 624 uregs.r15, uregs.r13); 625 626 /* Assertion broken before main() is reached in pthreaded programs; the 627 * offending stack traces only have one item. --njn, 2002-aug-16 */ 628 /* vg_assert(fp_min <= fp_max);*/ 629 // On Darwin, this kicks in for pthread-related stack traces, so they're 630 // only 1 entry long which is wrong. 631 if (fp_min + 512 >= fp_max) { 632 /* If the stack limits look bogus, don't poke around ... but 633 don't bomb out either. */ 634 if (sps) sps[0] = uregs.r13; 635 if (fps) fps[0] = 0; 636 ips[0] = uregs.r15; 637 return 1; 638 } 639 640 /* */ 641 642 if (sps) sps[0] = uregs.r13; 643 if (fps) fps[0] = 0; 644 ips[0] = uregs.r15; 645 i = 1; 646 647 /* Loop unwinding the stack. */ 648 649 while (True) { 650 if (debug) { 651 VG_(printf)("i: %d, r15: 0x%lx, r13: 0x%lx\n", 652 i, uregs.r15, uregs.r13); 653 } 654 655 if (i >= max_n_ips) 656 break; 657 658 if (VG_(use_CF_info)( &uregs, fp_min, fp_max )) { 659 if (sps) sps[i] = uregs.r13; 660 if (fps) fps[i] = 0; 661 ips[i++] = (uregs.r15 & 0xFFFFFFFE) - 1; 662 if (debug) 663 VG_(printf)("USING CFI: r15: 0x%lx, r13: 0x%lx\n", 664 uregs.r15, uregs.r13); 665 uregs.r15 = (uregs.r15 & 0xFFFFFFFE) - 1; 666 continue; 667 } 668 /* No luck. We have to give up. */ 669 break; 670 } 671 672 n_found = i; 673 return n_found; 674 } 675 676 #endif 677 678 /* ------------------------ s390x ------------------------- */ 679 #if defined(VGP_s390x_linux) 680 UInt VG_(get_StackTrace_wrk) ( ThreadId tid_if_known, 681 /*OUT*/Addr* ips, UInt max_n_ips, 682 /*OUT*/Addr* sps, /*OUT*/Addr* fps, 683 UnwindStartRegs* startRegs, 684 Addr fp_max_orig ) 685 { 686 Bool debug = False; 687 Int i; 688 Addr fp_max; 689 UInt n_found = 0; 690 691 vg_assert(sizeof(Addr) == sizeof(UWord)); 692 vg_assert(sizeof(Addr) == sizeof(void*)); 693 694 D3UnwindRegs uregs; 695 uregs.ia = startRegs->r_pc; 696 uregs.sp = startRegs->r_sp; 697 Addr fp_min = uregs.sp; 698 uregs.fp = startRegs->misc.S390X.r_fp; 699 uregs.lr = startRegs->misc.S390X.r_lr; 700 701 fp_max = VG_PGROUNDUP(fp_max_orig); 702 if (fp_max >= sizeof(Addr)) 703 fp_max -= sizeof(Addr); 704 705 if (debug) 706 VG_(printf)("max_n_ips=%d fp_min=0x%lx fp_max_orig=0x%lx, " 707 "fp_max=0x%lx IA=0x%lx SP=0x%lx FP=0x%lx\n", 708 max_n_ips, fp_min, fp_max_orig, fp_max, 709 uregs.ia, uregs.sp,uregs.fp); 710 711 /* The first frame is pretty obvious */ 712 ips[0] = uregs.ia; 713 if (sps) sps[0] = uregs.sp; 714 if (fps) fps[0] = uregs.fp; 715 i = 1; 716 717 /* for everything else we have to rely on the eh_frame. gcc defaults to 718 not create a backchain and all the other tools (like gdb) also have 719 to use the CFI. */ 720 while (True) { 721 if (i >= max_n_ips) 722 break; 723 724 if (VG_(use_CF_info)( &uregs, fp_min, fp_max )) { 725 if (sps) sps[i] = uregs.sp; 726 if (fps) fps[i] = uregs.fp; 727 ips[i++] = uregs.ia - 1; 728 uregs.ia = uregs.ia - 1; 729 continue; 730 } 731 /* A problem on the first frame? Lets assume it was a bad jump. 732 We will use the link register and the current stack and frame 733 pointers and see if we can use the CFI in the next round. */ 734 if (i == 1) { 735 if (sps) { 736 sps[i] = sps[0]; 737 uregs.sp = sps[0]; 738 } 739 if (fps) { 740 fps[i] = fps[0]; 741 uregs.fp = fps[0]; 742 } 743 uregs.ia = uregs.lr - 1; 744 ips[i++] = uregs.lr - 1; 745 continue; 746 } 747 748 /* No luck. We have to give up. */ 749 break; 750 } 751 752 n_found = i; 753 return n_found; 754 } 755 #endif 756 757 /*------------------------------------------------------------*/ 758 /*--- ---*/ 759 /*--- END platform-dependent unwinder worker functions ---*/ 760 /*--- ---*/ 761 /*------------------------------------------------------------*/ 762 763 /*------------------------------------------------------------*/ 764 /*--- Exported functions. ---*/ 765 /*------------------------------------------------------------*/ 766 767 UInt VG_(get_StackTrace) ( ThreadId tid, 768 /*OUT*/StackTrace ips, UInt max_n_ips, 769 /*OUT*/StackTrace sps, 770 /*OUT*/StackTrace fps, 771 Word first_ip_delta ) 772 { 773 /* Get the register values with which to start the unwind. */ 774 UnwindStartRegs startRegs; 775 VG_(memset)( &startRegs, 0, sizeof(startRegs) ); 776 VG_(get_UnwindStartRegs)( &startRegs, tid ); 777 778 Addr stack_highest_word = VG_(threads)[tid].client_stack_highest_word; 779 Addr stack_lowest_word = 0; 780 781 # if defined(VGP_x86_linux) 782 /* Nasty little hack to deal with syscalls - if libc is using its 783 _dl_sysinfo_int80 function for syscalls (the TLS version does), 784 then ip will always appear to be in that function when doing a 785 syscall, not the actual libc function doing the syscall. This 786 check sees if IP is within that function, and pops the return 787 address off the stack so that ip is placed within the library 788 function calling the syscall. This makes stack backtraces much 789 more useful. 790 791 The function is assumed to look like this (from glibc-2.3.6 sources): 792 _dl_sysinfo_int80: 793 int $0x80 794 ret 795 That is 3 (2+1) bytes long. We could be more thorough and check 796 the 3 bytes of the function are as expected, but I can't be 797 bothered. 798 */ 799 if (VG_(client__dl_sysinfo_int80) != 0 /* we know its address */ 800 && startRegs.r_pc >= VG_(client__dl_sysinfo_int80) 801 && startRegs.r_pc < VG_(client__dl_sysinfo_int80)+3 802 && VG_(am_is_valid_for_client)(startRegs.r_pc, sizeof(Addr), 803 VKI_PROT_READ)) { 804 startRegs.r_pc = (ULong) *(Addr*)(UWord)startRegs.r_sp; 805 startRegs.r_sp += (ULong) sizeof(Addr); 806 } 807 # endif 808 809 /* See if we can get a better idea of the stack limits */ 810 VG_(stack_limits)( (Addr)startRegs.r_sp, 811 &stack_lowest_word, &stack_highest_word ); 812 813 /* Take into account the first_ip_delta. */ 814 startRegs.r_pc += (Long)(Word)first_ip_delta; 815 816 if (0) 817 VG_(printf)("tid %d: stack_highest=0x%08lx ip=0x%010llx " 818 "sp=0x%010llx\n", 819 tid, stack_highest_word, 820 startRegs.r_pc, startRegs.r_sp); 821 822 return VG_(get_StackTrace_wrk)(tid, ips, max_n_ips, 823 sps, fps, 824 &startRegs, 825 stack_highest_word); 826 } 827 828 static void printIpDesc(UInt n, Addr ip, void* uu_opaque) 829 { 830 #define BUF_LEN 4096 831 832 static UChar buf[BUF_LEN]; 833 834 VG_(describe_IP)(ip, buf, BUF_LEN); 835 836 if (VG_(clo_xml)) { 837 VG_(printf_xml)(" %s\n", buf); 838 } else { 839 VG_(message)(Vg_UserMsg, " %s %s\n", ( n == 0 ? "at" : "by" ), buf); 840 } 841 } 842 843 /* Print a StackTrace. */ 844 void VG_(pp_StackTrace) ( StackTrace ips, UInt n_ips ) 845 { 846 vg_assert( n_ips > 0 ); 847 848 if (VG_(clo_xml)) 849 VG_(printf_xml)(" <stack>\n"); 850 851 VG_(apply_StackTrace)( printIpDesc, NULL, ips, n_ips ); 852 853 if (VG_(clo_xml)) 854 VG_(printf_xml)(" </stack>\n"); 855 } 856 857 /* Get and immediately print a StackTrace. */ 858 void VG_(get_and_pp_StackTrace) ( ThreadId tid, UInt max_n_ips ) 859 { 860 Addr ips[max_n_ips]; 861 UInt n_ips 862 = VG_(get_StackTrace)(tid, ips, max_n_ips, 863 NULL/*array to dump SP values in*/, 864 NULL/*array to dump FP values in*/, 865 0/*first_ip_delta*/); 866 VG_(pp_StackTrace)(ips, n_ips); 867 } 868 869 void VG_(apply_StackTrace)( 870 void(*action)(UInt n, Addr ip, void* opaque), 871 void* opaque, 872 StackTrace ips, UInt n_ips 873 ) 874 { 875 Bool main_done = False; 876 Int i = 0; 877 878 vg_assert(n_ips > 0); 879 do { 880 Addr ip = ips[i]; 881 882 // Stop after the first appearance of "main" or one of the other names 883 // (the appearance of which is a pretty good sign that we've gone past 884 // main without seeing it, for whatever reason) 885 if ( ! VG_(clo_show_below_main) ) { 886 Vg_FnNameKind kind = VG_(get_fnname_kind_from_IP)(ip); 887 if (Vg_FnNameMain == kind || Vg_FnNameBelowMain == kind) { 888 main_done = True; 889 } 890 } 891 892 // Act on the ip 893 action(i, ip, opaque); 894 895 i++; 896 } while (i < n_ips && !main_done); 897 898 #undef MYBUF_LEN 899 } 900 901 902 /*--------------------------------------------------------------------*/ 903 /*--- end ---*/ 904 /*--------------------------------------------------------------------*/ 905