Re: [PATCH 04/15] perf: Add ability to dump user regs

From: Jiri Olsa
Date: Wed Mar 28 2012 - 13:03:19 EST

Next message: Karol Lewandowski: "Re: [PATCH v4 2/2] regulator: add device tree support for max8997"
Previous message: David Howells: "[GIT PULL] UAPI: Disintegrate User API from kernel headers"
In reply to: Frederic Weisbecker: "Re: [PATCH 04/15] perf: Add ability to dump user regs"
Next in thread: Frederic Weisbecker: "Re: [PATCH 04/15] perf: Add ability to dump user regs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Mar 28, 2012 at 06:06:13PM +0200, Frederic Weisbecker wrote:
> On Wed, Mar 28, 2012 at 11:12:30AM -0400, Frank Ch. Eigler wrote:
> > Hi, Jiri -
> >
> > > [...]
> > > > [...] Upon a normal syscall entry to the kernel, not
> > > > all user registers are saved explicitly for such easy retrieval. The
> > > > others may be spilled to the stack by gcc during the various sys_*
> > > > functions or elsewhere. [...]
> > >
> > > Are you reffering to x86_64 where only portion of registers
> > > is stored by SAVE_ARGS macro? Seems like 32 bits stores the
> > > whole pt_regs.
> >
> > I believe that's the right area. I'm not sure even the 32-bit variant
> > is complete enough, for example exempting MMX/SSE registers. These
> > may also contain spilled registers before long.
> >
> >
> > > Generally you could need all the registers to start the unwind, but
> > > I was assuming that for most cases the stack pointer and instruction
> > > pointer should be enough.. but I might be wrong here.
> >
> > Yeah; the question is how much is missed besides those "most cases".
> >
> >
> > > > To recover these registers at run time, we found that the kernel
> > > > stack itself has to be partially unwound [... Without that, it ...]
> > > > may accidentally pass garbage data to perf userspace. Correcting
> > > > this could require a kernel-space libunwind.
> >
> > > AFAIK not going to happen any time soon ;)
> >
> > Understood. Then the code needs to ensure that it does not purport to
> > pass register values that it does not know. (Back when we were at
> > this stage in systemtap, we got some reasonable backtraces even
> > without kernel unwinding, ie. tolerating missing registers.)
>
> Right.
>
> I think in normal syscall case we save rdi, rsi, rdx, rax and rip.
> If we take the syscall slow path we save rbx, rbp, r12-15.
>
> Unfortunately we don't save rsp, which must be the most important
> for cfi unwinding.

hm, I think we always have stack pointer

should be saved by cpu itself together with other control
regs like: ip cs eflags sp ss

For syscalls, we also have the ones stored by SAVE_ARGS
The rest of the registers (SAVE_REST) are available
only for the sake of the syscall_trace_enter during
the slow path, but it's poped out before executing
the actuall syscall.

jirka

>
> We probably need to check what is saved in irqs (set_irq_regs())
> and exceptions as well.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Karol Lewandowski: "Re: [PATCH v4 2/2] regulator: add device tree support for max8997"
Previous message: David Howells: "[GIT PULL] UAPI: Disintegrate User API from kernel headers"
In reply to: Frederic Weisbecker: "Re: [PATCH 04/15] perf: Add ability to dump user regs"
Next in thread: Frederic Weisbecker: "Re: [PATCH 04/15] perf: Add ability to dump user regs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]