| /* SPDX-License-Identifier: GPL-2.0-only */ |
| /* |
| * linux/arch/arm/lib/backtrace-clang.S |
| * |
| * Copyright (C) 2019 Nathan Huckleberry |
| * |
| */ |
| #include <linux/kern_levels.h> |
| #include <linux/linkage.h> |
| #include <asm/assembler.h> |
| .text |
| |
| /* fp is 0 or stack frame */ |
| |
| #define frame r4 |
| #define sv_fp r5 |
| #define sv_pc r6 |
| #define mask r7 |
| #define sv_lr r8 |
| #define loglvl r9 |
| |
| ENTRY(c_backtrace) |
| |
| #if !defined(CONFIG_FRAME_POINTER) || !defined(CONFIG_PRINTK) |
| ret lr |
| ENDPROC(c_backtrace) |
| #else |
| |
| |
| /* |
| * Clang does not store pc or sp in function prologues so we don't know exactly |
| * where the function starts. |
| * |
| * We can treat the current frame's lr as the saved pc and the preceding |
| * frame's lr as the current frame's lr, but we can't trace the most recent |
| * call. Inserting a false stack frame allows us to reference the function |
| * called last in the stacktrace. |
| * |
| * If the call instruction was a bl we can look at the callers branch |
| * instruction to calculate the saved pc. We can recover the pc in most cases, |
| * but in cases such as calling function pointers we cannot. In this case, |
| * default to using the lr. This will be some address in the function, but will |
| * not be the function start. |
| * |
| * Unfortunately due to the stack frame layout we can't dump r0 - r3, but these |
| * are less frequently saved. |
| * |
| * Stack frame layout: |
| * <larger addresses> |
| * saved lr |
| * frame=> saved fp |
| * optionally saved caller registers (r4 - r10) |
| * optionally saved arguments (r0 - r3) |
| * <top of stack frame> |
| * <smaller addresses> |
| * |
| * Functions start with the following code sequence: |
| * corrected pc => stmfd sp!, {..., fp, lr} |
| * add fp, sp, #x |
| * stmfd sp!, {r0 - r3} (optional) |
| * |
| * |
| * |
| * |
| * |
| * |
| * The diagram below shows an example stack setup for dump_stack. |
| * |
| * The frame for c_backtrace has pointers to the code of dump_stack. This is |
| * why the frame of c_backtrace is used to for the pc calculation of |
| * dump_stack. This is why we must move back a frame to print dump_stack. |
| * |
| * The stored locals for dump_stack are in dump_stack's frame. This means that |
| * to fully print dump_stack's frame we need both the frame for dump_stack (for |
| * locals) and the frame that was called by dump_stack (for pc). |
| * |
| * To print locals we must know where the function start is. If we read the |
| * function prologue opcodes we can determine which variables are stored in the |
| * stack frame. |
| * |
| * To find the function start of dump_stack we can look at the stored LR of |
| * show_stack. It points at the instruction directly after the bl dump_stack. |
| * We can then read the offset from the bl opcode to determine where the branch |
| * takes us. The address calculated must be the start of dump_stack. |
| * |
| * c_backtrace frame dump_stack: |
| * {[LR] } ============| ... |
| * {[FP] } =======| | bl c_backtrace |
| * | |=> ... |
| * {[R4-R10]} | |
| * {[R0-R3] } | show_stack: |
| * dump_stack frame | ... |
| * {[LR] } =============| bl dump_stack |
| * {[FP] } <=======| |=> ... |
| * {[R4-R10]} |
| * {[R0-R3] } |
| */ |
| |
| stmfd sp!, {r4 - r9, fp, lr} @ Save an extra register |
| @ to ensure 8 byte alignment |
| movs frame, r0 @ if frame pointer is zero |
| beq no_frame @ we have no stack frames |
| mov loglvl, r2 |
| tst r1, #0x10 @ 26 or 32-bit mode? |
| moveq mask, #0xfc000003 |
| movne mask, #0 @ mask for 32-bit |
| |
| /* |
| * Switches the current frame to be the frame for dump_stack. |
| */ |
| add frame, sp, #24 @ switch to false frame |
| for_each_frame: tst frame, mask @ Check for address exceptions |
| bne no_frame |
| |
| /* |
| * sv_fp is the stack frame with the locals for the current considered |
| * function. |
| * |
| * sv_pc is the saved lr frame the frame above. This is a pointer to a code |
| * address within the current considered function, but it is not the function |
| * start. This value gets updated to be the function start later if it is |
| * possible. |
| */ |
| 1001: ldr sv_pc, [frame, #4] @ get saved 'pc' |
| 1002: ldr sv_fp, [frame, #0] @ get saved fp |
| |
| teq sv_fp, mask @ make sure next frame exists |
| beq no_frame |
| |
| /* |
| * sv_lr is the lr from the function that called the current function. This is |
| * a pointer to a code address in the current function's caller. sv_lr-4 is |
| * the instruction used to call the current function. |
| * |
| * This sv_lr can be used to calculate the function start if the function was |
| * called using a bl instruction. If the function start can be recovered sv_pc |
| * is overwritten with the function start. |
| * |
| * If the current function was called using a function pointer we cannot |
| * recover the function start and instead continue with sv_pc as an arbitrary |
| * value within the current function. If this is the case we cannot print |
| * registers for the current function, but the stacktrace is still printed |
| * properly. |
| */ |
| 1003: ldr sv_lr, [sv_fp, #4] @ get saved lr from next frame |
| |
| 1004: ldr r0, [sv_lr, #-4] @ get call instruction |
| ldr r3, .Lopcode+4 |
| and r2, r3, r0 @ is this a bl call |
| teq r2, r3 |
| bne finished_setup @ give up if it's not |
| and r0, #0xffffff @ get call offset 24-bit int |
| lsl r0, r0, #8 @ sign extend offset |
| asr r0, r0, #8 |
| ldr sv_pc, [sv_fp, #4] @ get lr address |
| add sv_pc, sv_pc, #-4 @ get call instruction address |
| add sv_pc, sv_pc, #8 @ take care of prefetch |
| add sv_pc, sv_pc, r0, lsl #2@ find function start |
| |
| finished_setup: |
| |
| bic sv_pc, sv_pc, mask @ mask PC/LR for the mode |
| |
| /* |
| * Print the function (sv_pc) and where it was called from (sv_lr). |
| */ |
| mov r0, sv_pc |
| |
| mov r1, sv_lr |
| mov r2, frame |
| bic r1, r1, mask @ mask PC/LR for the mode |
| mov r3, loglvl |
| bl dump_backtrace_entry |
| |
| /* |
| * Test if the function start is a stmfd instruction to determine which |
| * registers were stored in the function prologue. |
| * |
| * If we could not recover the sv_pc because we were called through a function |
| * pointer the comparison will fail and no registers will print. Unwinding will |
| * continue as if there had been no registers stored in this frame. |
| */ |
| 1005: ldr r1, [sv_pc, #0] @ if stmfd sp!, {..., fp, lr} |
| ldr r3, .Lopcode @ instruction exists, |
| teq r3, r1, lsr #11 |
| ldr r0, [frame] @ locals are stored in |
| @ the preceding frame |
| subeq r0, r0, #4 |
| mov r2, loglvl |
| bleq dump_backtrace_stm @ dump saved registers |
| |
| /* |
| * If we are out of frames or if the next frame is invalid. |
| */ |
| teq sv_fp, #0 @ zero saved fp means |
| beq no_frame @ no further frames |
| |
| cmp sv_fp, frame @ next frame must be |
| mov frame, sv_fp @ above the current frame |
| #ifdef CONFIG_IRQSTACKS |
| @ |
| @ Kernel stacks may be discontiguous in memory. If the next |
| @ frame is below the previous frame, accept it as long as it |
| @ lives in kernel memory. |
| @ |
| cmpls sv_fp, #PAGE_OFFSET |
| #endif |
| bhi for_each_frame |
| |
| 1006: adr r0, .Lbad |
| mov r1, loglvl |
| mov r2, frame |
| bl _printk |
| no_frame: ldmfd sp!, {r4 - r9, fp, pc} |
| ENDPROC(c_backtrace) |
| .pushsection __ex_table,"a" |
| .align 3 |
| .long 1001b, 1006b |
| .long 1002b, 1006b |
| .long 1003b, 1006b |
| .long 1004b, finished_setup |
| .long 1005b, 1006b |
| .popsection |
| |
| .Lbad: .asciz "%sBacktrace aborted due to bad frame pointer <%p>\n" |
| .align |
| .Lopcode: .word 0xe92d4800 >> 11 @ stmfd sp!, {... fp, lr} |
| .word 0x0b000000 @ bl if these bits are set |
| |
| #endif |