USER_REGS inconsistency in the presence of PEBS - current status

USER_REGS inconsistency in the presence of PEBS - current status

[Markus Stange]

Hi all,

I'd like to follow up to a thread from 2018 titled "PEBS level 2/3
breaks dwarf unwinding! [WAS: Re: Broken dwarf unwinding - wrong stack
pointer register value?]"
https://lore.kernel.org/lkml/6310843.N4ooJGWzKY@agathebauer/T/

In that email thread, it was determined that the kernel will overwrite
the RIP value in the user registers with the "earlier value" from
PEBS, making it inconsistent with the other register values in
USER_REGS and also inconsistent with the USER_STACK memory.
This means that, any time the instruction pointer is near a push/pop
instruction, RIP and RSP are at the risk of being inconsistent with
each other. These inconsistencies break DWARF unwinding.
For example, if RIP points *before* a push instruction, and RSP has
the value *after* that push instruction, and the DWARF unwind rule for
RIP says "The return address is at the top of the stack" but RSP
already reflects the push, then the wrong return address is read.

There was a proposed patch in the referenced thread. Has something
like it been considered for inclusion in the kernel? Has any other
work on this issue happened since the discussion?

I ran into this problem today, with a perf.data file captured on a
system with a 5.15 kernel.

Markus

Re: USER_REGS inconsistency in the presence of PEBS - current status

[Milian Wolff]

On Samstag, 23. Juli 2022 21:36:31 CEST Markus Stange wrote:
> Hi all,

Hey Markus!

> I'd like to follow up to a thread from 2018 titled "PEBS level 2/3
> breaks dwarf unwinding! [WAS: Re: Broken dwarf unwinding - wrong stack
> pointer register value?]"
> https://lore.kernel.org/lkml/6310843.N4ooJGWzKY@agathebauer/T/
> 
> In that email thread, it was determined that the kernel will overwrite
> the RIP value in the user registers with the "earlier value" from
> PEBS, making it inconsistent with the other register values in
> USER_REGS and also inconsistent with the USER_STACK memory.
> This means that, any time the instruction pointer is near a push/pop
> instruction, RIP and RSP are at the risk of being inconsistent with
> each other. These inconsistencies break DWARF unwinding.
> For example, if RIP points *before* a push instruction, and RSP has
> the value *after* that push instruction, and the DWARF unwind rule for
> RIP says "The return address is at the top of the stack" but RSP
> already reflects the push, then the wrong return address is read.
> 
> There was a proposed patch in the referenced thread. Has something
> like it been considered for inclusion in the kernel? Has any other
> work on this issue happened since the discussion?

I have not had any chance to further work on this feature. I fear others have 
not (knowingly) run into this and thus noone else saw the need to fix this 
issue. I for one would still very much welcome an improvement to this 
situation, as it regularly leads to broken backtraces in my profiling 
setups...

> I ran into this problem today, with a perf.data file captured on a
> system with a 5.15 kernel.

I don't think it's kernel specific, afair any kernel will exhibit the broken 
behavior when you use DWARF unwinding and PEBS.

Cheers

-- 
Milian Wolff
http://milianw.de