* Peter Zijlstra <[email protected]> wrote:
> On Tue, Dec 01, 2015 at 05:11:25PM +0100, Ingo Molnar wrote:
> >
> > * Peter Zijlstra <[email protected]> wrote:
> >
> > > > so I think the problem here is that the RSP does not match up to the
> > > > RIP. We
> > > > can either pass along the original RIP+RSP, or the fixed up one - but
> > > > what we
> > > > do currently is that we pass along only half of it - which corrupts
> > > > dwarf
> > > > unwinding state that doesn't tolerate such errors.
> > >
> > > Still not sure what that gets you. Then you get a sample at a known wrong
> > > location, why would you want that?
> >
> > Well, we'd at least get a valid call trace - which the 'mixed' one isn't?
> > I.e.
> > this only matters with --call-graph.
> >
> > But yeah, with my suggestion we'd essentially fall back from cycles:pp to
> > cycles:p, ideally we'd want to have real_rsp. Does the hardware provide
> > that?
>
> No, no real_rsp.
>
> > User-space cannot compute that reliably I think, what if the 'real'
> > instruction
> > was manipulating RSP in more complex ways than doing a CALL?
>
> I'm not really too aware of these asm details :/
So the way I understand it is that dwarf unwind relies on having consistent
pairs
of {RIP,RSP}, to be able to look at the precise instruction, look up the
debuginfo
what the function-internal stack offset at that instruction is (as there's no
RBP
frame information available so the stack offset varies).
That method really relies on having precise {RIP,RSP} pairs - it may otherwise
lose its notion of where the next return address on the stack is, and the
backtrace goes off into la-la-land. I suppose such broken callchains were how
Wangnan noticed the problem?
( As a comparison, RBP based backtraces only rely on having an exact RBP
available
as a starting point, that will define the next backtrace link and the next RBP
value. That is why we can do the backtrace walk in the kernel. )
There are other ways a dwarf unwind can fail: for example if there's no dwarf
debuginfo available for the binary in question, or if the stack snapshot we did
is
too small to find the next link in the backtrace. But having an off-by-few RIP
is
enough to throw the backtrace off at the very first step.
> Jiri, what is in PERF_SAMPLE_REGS_USER.IP ? from a quick reading that is
> whatever is returned from task_pt_regs(current), not the perf_data.regs.ip
> field
> which contains the corrected IP.
>
> Should the uwinder then not use PERF_SAMPLE_REGS_USER.{IP,SP} for a
> consistent
> unwind?
Yeah, if we have the real RIP belonging to that RSP value, then all should be
golden. That way the unwinder can find the next link. (If all the other
conditions
for a successful backtrace are also there.)
Thanks,
Ingo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
