|
From: Sky D. <sdn...@ya...> - 2011-04-04 15:19:14
|
Hi all, I have used VG_(track_die_mem_stack) to track the SP change. I know that when C function is called, arguments will be pushed into stack firstly and secondly the function will be called. After the call, the callee will restore SP to the call point, and the caller is responsible in discarding the arguments passed to callee and restoring SP to the same location before calling functions. My problem is that VG_(track_die_mem_stack) can only be triggered when callee return, it seems that can't be triggered when caller try to add N*sizeof(Argument) to restore SP to previous location. Example: void f(Bingo* p1, Bingo* p2); Before calling function f, SP is BE857508, and then caller pushes two arguments into stack, the address of p2 is BE857504 and the address of p1 is BE857500. After that, function f is called, and when f returns, SP is back to BE857500, then caller will let SP add 2 * 4 to restore to before state, so SP will be BE857508. My instrumentation of VG_(track_die_mem_stack) is only triggered when SP back to BE857500, but will not be triggered when caller restore SP to BE857508. How can I track the SP change made by caller after function returning because I want to analyze the passing arguments. I hope I will explain my problem clearly, if there is any doubt in question, please let me know. Thank you for your patience in reading, it is crucial for me! Thank you in advance. Any suggestion will be appreciated! Xuefeng Dai |
|
From: John R. <jr...@bi...> - 2011-04-04 15:30:46
|
> I have used VG_(track_die_mem_stack) to track the SP change. I know that when C function is called, arguments will be pushed into stack firstly and secondly the function will be called. After the call, the callee will restore SP to the call point, and the caller is responsible in discarding the > arguments passed to callee and restoring SP to the same location before calling functions. That's the old way. Current gcc 4.6 (and all gcc 4.x.y, I believe) use MOVL ...,+n(%esp) or MOVL ...,-m(%ebp) instead of PUSH. All allocation is done at entry using SUBL $sz_frame,%esp. This is easily verified by using any disassembler, or with gdb $ gdb my_app (gdb) b main (gdb) run <arguments_to_my_app> (gdb) x/20i main (gdb) x/20i Thus in any given subroutine there are only two changes to SP: at entry, and at exit. -- |