Lines Matching full:ebp
54 // a heuristic for recovering of the EBP chain after a scan for return address.
71 { "$ebp", NULL, true,
72 StackFrameX86::CONTEXT_VALID_EBP, &MDRawContextX86::ebp },
203 // Set up the dictionary for the PostfixEvaluator. %ebp and %esp are used
208 dictionary["$ebp"] = last_frame->context.ebp;
282 // value of %ebp can be recovered from a location in its stack frame,
285 // Functions that fall into this category use the %ebp register for
287 // %ebp before returning. These functions create their stack frame
297 // saved return address. The saved value of %ebp to be restored for
305 // least, save %ebp. For this reason, in addition to those given above
314 "$ebp $esp .cbCalleeParams + .cbSavedRegs + 8 - ^ = "
317 // The function corresponding to the last frame doesn't use %ebp at
322 // frame pointer (%ebp) is used at all, so it is not saved anywhere
324 // Because %ebp wasn't used in the callee, whatever value it has
331 // %ebp value, because these frames do not save (or use) %ebp.
342 // operators are found, then current %ebp must be valid and it is the only
347 // used. Instead .raSearchStart must be calculated based on %ebp.
349 // at the saved return address (ebp + 4).
354 raSearchStart = last_frame->context.ebp + 4;
371 // with stack frame info, and %ebp is pointing to non-stack memory, so
394 // Since this stack frame did not use %ebp in a traditional way,
399 // %ebp values of 0, trust that the end of the stack has been
401 if (dictionary["$eip"] != 0 || dictionary["$ebp"] != 0) {
436 // When trying to recover the previous value of the frame pointer (%ebp),
442 // would have saved %ebp early.
443 uint32_t ebp = dictionary["$ebp"];
447 // indication for skipped frames is when the value of %ebp is lower than
450 (trust != StackFrame::FRAME_TRUST_CFI && ebp <= raSearchStart + offset);
453 if (has_skipped_frames || !memory_->GetMemoryAtAddress(ebp, &value)) {
461 if (!memory_->GetMemoryAtAddress(location, &ebp))
464 if (memory_->GetMemoryAtAddress(ebp, &value)) {
466 // (the stack). Prefer it as a recovered %ebp result.
467 dictionary["$ebp"] = ebp;
483 frame->context.ebp = dictionary["$ebp"];
537 uint32_t last_ebp = last_frame->context.ebp;
539 // Assume that the standard %ebp-using x86 calling convention is in
546 // PUSHes the calling routine's frame pointer (%ebp) onto the stack
547 // before copying the stack pointer (%esp) to the frame pointer (%ebp).
569 // We couldn't read the memory %ebp refers to. It may be that %ebp
586 // Try to restore the %ebp chain. The caller %ebp should be stored at a
588 // A valid caller %ebp must be greater than the address where it is stored
594 // The restored %ebp chain doesn't appear to be valid.
595 // Assume that %ebp is unchanged.
610 frame->context.ebp = caller_ebp;
