WO2023016485A1 - Method for acquiring function call information, and apparatus, electronic device and medium - Google Patents

Method for acquiring function call information, and apparatus, electronic device and medium Download PDF

Info

Publication number
WO2023016485A1
WO2023016485A1 PCT/CN2022/111410 CN2022111410W WO2023016485A1 WO 2023016485 A1 WO2023016485 A1 WO 2023016485A1 CN 2022111410 W CN2022111410 W CN 2022111410W WO 2023016485 A1 WO2023016485 A1 WO 2023016485A1
Authority
WO
WIPO (PCT)
Prior art keywords
address
function
stack
call
code
Prior art date
Application number
PCT/CN2022/111410
Other languages
French (fr)
Chinese (zh)
Inventor
杨俊杰
王楠
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Publication of WO2023016485A1 publication Critical patent/WO2023016485A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Preventing errors by testing or debugging software

Definitions

  • Embodiments of the present disclosure mainly relate to the field of computer technology, especially operating system technology. More specifically, the embodiments of the present disclosure relate to a method, an apparatus, an electronic device, a computer-readable storage medium, and a computer program product for acquiring function call information.
  • Call Trace refers to printing out the current function call stack when a problem occurs in the program to help locate the cause of the program error.
  • backtrace a method called backtrace is used when locating the cause of a program error, which starts from the leaf function of the program function call relationship, and derives the complete function call relationship based on the register information and the call stack.
  • the backtrace method cannot be used for the situation where the processor core hangs and causes a program error.
  • Embodiments of the present disclosure provide technical solutions for acquiring function call information.
  • a method for obtaining function call information including: obtaining a first call return address from a call stack, where the first call return address is within the address range of the code of the first function; Based on the first call return address, determine a first call code in the code of the first function, the first call code indicates that the second function is called by the first function; and obtain the start of the code of the second function from the first call code address.
  • the code of the function is stored in the address range of the code segment determined by the compiler in the memory, so the code of calling the second function of the first function as the caller and the return address after calling are also stored in the address range of the code segment, and the start address of the code of the second function refers to the address of the first code of the second function in the code segment.
  • the return address after the first function calls the second function is pushed onto the call stack.
  • the method for obtaining function call information can obtain the return address of the first function call and the second function from the call stack, and obtain the first call to call the second function code, and then determine the start address of the code of the second function indicated in the first calling code, thereby obtaining the function calling information. Therefore, the method according to the present disclosure can analyze the call stack to obtain function call information without register data, thereby expanding the accuracy and scope of application of locating the cause of program errors.
  • obtaining the first call return address from the call stack may include: searching the call stack for a first address within an address range of a code segment, where the code segment includes codes of the first function and the second function; determining whether a previous code of the code at the first address is a jump instruction; and when the previous code is a jump instruction, obtaining the first address as a first call return address. In this way, it can be checked whether the first address obtained from the call stack belongs to the return address of the function call, thereby improving reliability and robustness.
  • searching the call stack for the first address within the address range of the code segment may include: starting from a predetermined offset relative to the bottom address of the call stack, from a high address to a low address in the call stack Finds the first address in the code segment's address range. In this way, the position of the stack frame of the root function in the call stack can be effectively determined according to the specific implementation of the operating system, thereby improving the efficiency of finding the return address of the function.
  • the call stack includes a first stack frame of the first function and a second stack frame of the second function, and the second stack frame includes adjacently stored first call return addresses and stack addresses of the first stack frame
  • the method according to the first aspect may further include: determining whether the second function calls the third function; and when it is determined that the second function calls the third function, based on the stack address of the second stack frame, from the third function
  • the second call return address is obtained in the third stack frame, and the second call return address is within the address range of the code of the second function; based on the second call return address, the second call code is determined in the code of the second function, and the second
  • the call code indicates that the third function is called by the second function; and the start address of the code of the third function is acquired from the second call code.
  • determining whether the second function determines whether the third function is called may include: determining whether there is a first stack address within the address range of the code of the second stack frame at the first stack address relative to the stack address of the second stack frame Two addresses and whether there is a stack address of the second stack frame at the second stack frame address relative to the stack address of the second stack frame; if there is the second address at the first stack address and at the second stack address There is a stack address of the second stack frame at the location, determining whether the previous code of the code at the second address is a jump instruction; and if the previous code is a jump instruction, determining that the second function calls the third function and obtaining The second address is used as the return address of the second call. In this way, it can be effectively determined whether the currently parsed function is a leaf function in the function call, that is, whether to call other functions, until all the function call information is parsed.
  • the method according to the first aspect may further include: obtaining the stack address of the first stack frame from the second stack frame based on the stack address of the first call return address stored in the call stack; Obtaining the size of the second stack frame from the start address of the code; and determining the stack address of the second stack frame based on the stack address of the first stack frame and the size of the second stack frame. In this way, the stack address of the stack frame of the called function can be effectively determined, so as to obtain further function calling relationships.
  • the method according to the first aspect may further include: using the first call return address to obtain the identifier of the first function from the symbol table; and using the start address of the code of the second function to obtain the identifier of the second function from the symbol table logo. In this way, the identifier of the function can be obtained from the address of the code of the function to obtain more understandable function call information.
  • the method according to the first aspect may further comprise presenting at least one of: an identification of the first function, an identification of the second function, and a storage address of the first calling code indicating that the first function calls the second function .
  • an apparatus for obtaining function call information including: a first call return address obtaining unit configured to obtain the first call return address from the call stack, the first call return The address is within the address range of the code of the first function; the call code determination unit is configured to determine a first call code in the code of the first function based on the first call return address, the first call code indicates that it is called by the first function the second function; and a called function code address obtaining unit configured to obtain the start address of the code of the second function from the first calling code.
  • the first call return address acquisition unit may also be configured to: search the call stack for the first address within the address range of the code segment, the code segment including the codes of the first function and the second function ; Determine whether the previous code of the code at the first address is a jump instruction; and when it is determined that the previous code is a jump instruction, obtain the first address as the first call return address.
  • the first call return address obtaining unit can also be configured to: start from a predetermined offset relative to the stack bottom address of the call stack, and search the code segment in the call stack from a high address to a low address The first address in the range of addresses.
  • the call stack includes a first stack frame of the first function and a second stack frame of the second function, and the second stack frame includes adjacently stored first call return addresses and stack addresses of the first stack frame.
  • the apparatus according to the second aspect may further include a function call determining unit configured to determine whether the second function calls the third function.
  • the device may further include a second call address returning unit configured to, when it is determined that the second function calls the third function, based on the stack address of the second stack frame, from the first Obtain the return address of the second call in the three stack frames, and the return address of the second call is within the address range of the code of the second function; based on the return address of the second call, determine the second call code in the code of the second function, and the second call
  • the code indicates that the third function is called by the second function; and the starting address of the code of the third function is obtained from the second calling code.
  • the function call determination unit may also be configured to: determine whether there is a first stack address within the address range of the code of the second function at the first stack address relative to the stack address of the second stack frame Two addresses, and whether there is a stack address of the second stack frame at the second stack frame address relative to the stack address of the second stack frame; if the second address exists at the first stack address and at the second stack address There is a stack address of the second stack frame, determining whether the last code of the code at the second address is a jump instruction; and if the last code is a jump instruction, determining that the second function calls the third function and obtaining the first The second address is used as the return address of the second call.
  • the apparatus may further include a stack frame address determining unit, and the stack frame address determining unit may be configured to: based on the stack address of the first call return address stored in the call stack, from the second Obtain the stack address of the first stack frame in the stack frame; obtain the size of the second stack frame based on the start address of the code of the second function; and determine the size of the second stack frame based on the stack address of the first stack frame and the size of the second stack frame The stack address of the second stack frame.
  • the apparatus according to the second aspect may further include a function identification determining unit, and the function identification determining unit may be configured to: obtain the identification of the first function from the symbol table using the first call return address; and use the second The starting address of the code of the function obtains the identification of the second function from the symbol table.
  • the apparatus according to the second aspect may further include a presentation unit configured to present at least one of the following: an identification of the first function, an identification of the second function, and an indication indicating that the first function calls the second The storage address of the first calling code of the second function.
  • an electronic device including a processor and a memory, the processor includes a plurality of processing cores, at least one of the processing cores is configured to execute instructions in the memory, such that The electronic device performs the method according to the first aspect of the present disclosure.
  • a computer-readable storage medium on which one or more computer instructions are stored, wherein the one or more computer instructions are executed by a processor to cause the processor to perform the first method according to the present disclosure.
  • a computer program product comprising machine-executable instructions which, when executed by a device, cause the device to perform the method according to the first aspect of the present disclosure.
  • Figure 1 shows a schematic diagram of an example environment in which various embodiments of the present disclosure can be implemented
  • Figure 2 shows a schematic diagram of another example environment in which various embodiments of the present disclosure can be implemented
  • FIG. 3 shows a schematic flowchart of an overall process for obtaining function call information according to an embodiment of the present disclosure
  • FIG. 4 shows an example schematic diagram of a call stack according to an embodiment of the present disclosure
  • Figure 5 shows a more detailed schematic diagram of a call stack according to an embodiment of the present disclosure
  • FIG. 6 shows a schematic flowchart of a process for obtaining function call information according to an embodiment of the present disclosure
  • FIG. 7 shows a schematic flowchart of a process for obtaining a call return address according to an embodiment of the present disclosure
  • FIG. 8 shows a schematic diagram of parsing a call stack in combination with code segments according to an embodiment of the present disclosure
  • FIG. 9 shows a schematic flowchart of a process for determining whether a function is a leaf function according to an embodiment of the present disclosure
  • FIG. 10 shows a schematic flowchart of a process for further obtaining function call information according to an embodiment of the present disclosure
  • Fig. 11 shows a schematic block diagram of an apparatus for obtaining function call information according to an embodiment of the present disclosure.
  • Figure 12 shows a schematic block diagram of an example device that may be used to implement embodiments of the present disclosure.
  • Embodiments of the present disclosure provide a solution for obtaining function call information.
  • the method for obtaining function call information can search the call stack for the return address of the function call within the address range of the code segment, and use the return address in the
  • the code segment determines codes that call other functions, thereby determining the called function, and obtaining function call information.
  • the scheme can obtain function call information without register data, thereby expanding the accuracy and applicable scope of locating program error causes.
  • FIG. 1 shows a schematic diagram of an example environment 100 in which various embodiments of the present disclosure can be implemented.
  • the environment 100 is a computing device running computer programs, and is divided into three layers: a hardware layer 110 , an operating system layer 130 , and an application layer 150 .
  • the hardware layer 110 includes a central processing unit (CPU) 111 , a memory 112 , a storage device 113 , an output/output (I/O) device 114 , and a display 115 .
  • CPU 111 may have one or more processor cores that execute codes or instructions of computer programs loaded from memory 112.
  • the memory 112 stores resources required by the computer when it is running, including data such as assembly codes, variables, heaps, and stacks obtained after compiling computer programs.
  • assembly code is assembly code that can be for architectures such as ARM, x86, MIPS, or variants thereof.
  • Storage device 113 may be used for persistent storage of data.
  • I/O Input/output
  • the display 115 can be used to present the program running results or other information related to the program to the user.
  • the hardware layer 110 may include more or less hardware devices described above, and other hardware devices not described herein.
  • the operating system layer 130 is connected between the hardware layer 110 and the application layer 150 and provides an interface for the user to interact with the hardware.
  • the application layer 150 can access various modules in the operating system through the system call interface 151.
  • the operating system layer 130 includes a software support layer 121 , a function realization layer 133 and a kernel subsystem 141 .
  • the software support layer 121 includes an architecture module 122 , a memory manager 126 , a file system 127 , a block device management 128 , a character device management 129 , a network subsystem 131 , and a network interface 132 .
  • the function realization layer 133 includes multitasking 134 , virtual memory 135 , file/directory 136 , device access 137 , and interconnection 138 .
  • the kernel subsystem 141 includes process management 141 , memory management 142 , file system 143 , device control, network 145 and so on. It should be understood that the operating system layer 110 may include more or less modules described above, and
  • the architecture module 122 includes a stack trace module (StackTrace) 123 .
  • the stack trace module 123 is used to analyze the call stack related to the computer program.
  • a computer program When a computer program is executed, a thread executed by the CPU core is generated, and a call stack is allocated for the thread in the memory 112 , and the call stack stores stack frames corresponding to functions of the thread.
  • the function call information is stored in the stack frame in a conventional manner.
  • the stack frames of the functions are allocated on the call stack according to the calling sequence in the direction from the high address to the low address of the memory.
  • the function call information of the thread can be obtained by parsing the call stack.
  • the stack trace module 123 includes a backtrace module 124 .
  • the reverse backtrace module can analyze the call stack from the top (low address) of the call stack by obtaining the data in the register, such as the program counter and the stack frame address, so as to trace back the function call information. In cases where register data cannot be obtained, the reverse backtrace module will not be available.
  • the stack trace module 123 also includes a reverse backtrace module 125 .
  • the reverse backtrace module 125 can start to parse the call stack from the bottom (high address) of the call stack, and does not need to use the register data of the CPU 111.
  • the backtrace module 124 and the reverse backtrace module 125 used to obtain function call information are implemented in the operating system layer software support layer 121, which belong to the basic functions of the operating system kernel, and can be realized by functions in the function implementation layer 133 and the kernel subsystem layer 141. Called by any module when it needs to get function call information.
  • FIG. 2 shows a schematic diagram of another example environment 200 in which various embodiments of the present disclosure can be implemented.
  • Environment 200 includes CPU 210, operating system kernel 230, and user-level processes 250.
  • Operating system kernel 230 includes TRAPS module 231, stack trace module 223, architecture 222, thread scheduler 231, kernel threads 232-1 and 232-2, process 233, and data related to threads and processes, such as thread control blocks, code , global variables, heap, stack, etc.
  • User-level process 250 is on top of the operating system kernel and includes processes 251 and 252, where each process may have one or more threads, such as thread A and thread B. In some embodiments, multiple threads in the same process can share code, global variables, and heap, and have their own call stacks.
  • the number of cores, processes, and threads of the CPU 210 is not limited to the numbers shown in the figure, the CPU 210 may include more or fewer cores, and the operating system kernel 230 and user-level processes 250 may include more More or fewer processes and threads.
  • the stack trace module 223 includes a backtrace module 224 and a reverse backtrace module 225 .
  • Embodiments of the present disclosure may be implemented in a reverse backtrace module 225 in a stack trace module (stacktrace) 223 of the operating system kernel 230 .
  • the reverse backtrace module according to the embodiment of the present disclosure can parse the call stack to obtain function call information when the traditional backtrace module is unavailable.
  • the thread scheduler 231 can schedule processes or threads to execute on a certain core, and when a CPU core hang event occurs, the TRAPS module 231 in the operating system kernel 230 can detect the event. In this case, the reverse backtrace module in the stack trace module 223 can be called to obtain the function call information of the process or thread on the CPU core.
  • FIG. 3 shows a schematic flowchart of an overall process 300 for obtaining function call information according to an embodiment of the present disclosure.
  • a CPU core hang occurs.
  • the CPU core triggers a non-maskable interrupt (NMI), and the NMI is reported to the TRAPS module 231 of the operating system kernel.
  • NMI non-maskable interrupt
  • the TRAPS module 231 determines the number of the CPU core where the hang occurred, and determines the number of the working CPU core that will be used to execute the reverse backtrace method.
  • kernel memory is dumped. Because the data on memory, CPU, I/O and other devices are dynamic and volatile, that is to say, the data will be lost after being used or an exception occurs. In order to obtain these data for analysis, such as debugging a program, it is necessary to dump the data in the memory into a static form (such as a file). Therefore, kernel memory can be dumped by saving the data in the kernel address space as a file. Then, at block 310, a thread control block (TCB) of the kernel process is obtained.
  • TTB thread control block
  • the thread control block description describes threads, including, for example, thread identifiers, thread states, corresponding code and data addresses of threads, resource lists of threads, priorities of threads, CPU context saving information, signals for communication between threads, and the like.
  • the user plane memory is dumped. That is, save the data in the address space of the user address as a file. Since different users have different address spaces, at block 314, the same user plane address space is constructed. Thus, when analyzing user-level programs, all user-level programs have a unified address space. Then, at block 316, a user plane thread control block 316 is obtained. Similarly, user-plane thread control block descriptions correspond to user-level threads.
  • a reverse backtrace method is executed.
  • the reverse backtrace method can obtain function call information when the CPU hangs.
  • function call information is logged. Function call information can be used to locate where and why a program fails.
  • a reverse backtrace method is described below with reference to FIGS. 4 to 10 .
  • the address space of a thread includes the code segment, symbol start block (BSS) segment, data segment, heap, stack, etc. related to the thread. Multiple threads of the same process can share the code segment, symbol start block (BSS) segment, data segment, and heap.
  • the code segment is also called a text segment, and refers to a memory area used to store program execution code (such as assembly code). The address range and size of this part of the area have been determined before the program runs. Codes of functions executed in a process or a thread are stored in a code segment segment and have respective address ranges.
  • the BSS segment is a memory area used to store uninitialized global variables in the program.
  • the data segment is a memory area used to store initialized global variables in the program.
  • BSS segment and data segment belong to static memory allocation.
  • the heap is used to store a dynamically allocated memory segment during the running of a process or thread. Its size is not fixed and can be dynamically expanded or reduced.
  • the stack is used to store program runtime and function call information and temporarily created local variables.
  • FIG. 4 shows an example diagram of a call stack of a thread according to an embodiment of the present disclosure.
  • the call stack 400 may include an area 410 for storing command line parameters and environment variables and a stack frame area 420 according to the direction from high address to low address.
  • the location of the highest address of the call stack may be referred to as the stack bottom 401 , and the location of the lowest address may be referred to as the stack top 402 .
  • region 410 may have a different size, eg, 200 bytes.
  • a register of the CPU may store the stack address of the top 402 of the call stack, and this register may be called a stack top pointer.
  • the stack frame of the function of the thread is stored in the stack frame area 420 following the area 410 .
  • a stack frame is allocated for the called function in the direction from high address to low address.
  • a stack frame of an appropriate size is allocated for the function according to the code of the called function.
  • the thread's stack frame area 420 includes a stack frame 422 of the A function as the root function.
  • the stack frame of the B function is allocated below the stack frame 422 of A, that is, in a lower address range.
  • a leaf function is a function that does not call any other functions. It can be seen that when function calls are generated iteratively, the thread's call stack 400 grows from high addresses to low addresses. That is to say, the top address of the stack stored by the top pointer of the stack grows downward. After the call ends, the stack frames in the call stack will be recycled in turn. Therefore, the stack has the characteristics of first-in-first-out and can be used to save/restore the call site.
  • FIG. 5 shows a more detailed schematic diagram of a call stack 500 according to an embodiment of the present disclosure.
  • the stack frame 510 of the function A is allocated from the high address of the call stack 500, and data is stored in the stack frame according to the specific implementation of the operating system.
  • the size of the stack frame 514 may be specified by the compiler in the code of the A function.
  • the first code of the assembly code of function A may specify the size of the stack frame, and modify the top pointer of the call stack 500 to point to the top of the stack frame 514 .
  • the top address of a stack frame is also referred to as the stack address (FP) of the stack frame.
  • the stack frame 510 of the A function includes a local variable area 514 of the A function, and the local variable area 514 includes the variables int a_s3, int a_s2, and int a_s1 declared in the A function.
  • the variable int a_s3 declared later is pushed into the call stack 500, followed by int a_s2 and int a_s1.
  • the stack frame 514 also includes 514 and a parameter passing area 516 .
  • the call parameters 1 and 2 when calling the B function, such as executing a jump instruction in the memory, can be pushed into the call stack 500, and according to the ABI, the latter parameter 2 is pushed into the call stack 500 first , and push parameter 1. Parameters 1 and 2 in the parameter transfer area 516 can be accessed by the code of function B.
  • the stack frame 520 of the B function when jumping to the code of the B function, the stack frame 520 of the B function is allocated in the call stack 500 .
  • the size of the stack frame of the B function can be specified by the compiler in the first code of the assembly code of the A function, and correspondingly, the stack top pointer is updated to the stack address of the stack frame 520 .
  • the execution environment of the function A because the function B is called by the function A, the execution environment of the function A, that is, the register data of the CPU, is first stored in the stack frame 520 . As shown in the figure, the execution environment of function A is stored in the call information area 522 of the stack frame 520 .
  • the call information area 522 includes the return address after the call, the stack address of the stack frame of the calling function, and other registers to be saved.
  • the return address may be derived from a specific register of the CPU that stores the address of the next instruction (eg, in the ARM architecture, the LR register) to the instruction next to the currently executing instruction (eg, stored in the PC register).
  • the next line of code that calls the B function is "Printf("A ⁇ n")", therefore, the address of the code for Printf("A ⁇ n") stored in that particular register is pushed onto the stack frame 520.
  • the top pointer register stores the address of the top of the call stack 500 .
  • the stack top address of the call stack 500 is equal to the stack address of the stack frame 510 . Therefore, by pushing the stack top pointer into the stack frame 520, the stack frame address FP of the A function is stored in the call information area 522, as shown by the arrow in the figure. In addition, other register data may be pushed into the call information area 522 according to specific implementations.
  • the stack frame 520 also includes a local variable area 524 and a parameter passing area 526 . Their contents and generation methods are similar to the stack frame 510 of A, and will not be repeated here.
  • the B function also calls the C function.
  • the content and generation method of the stack frame 530 of the C function are similar to the stack frame 520 of the B function, and will not be repeated here. It should be noted that the C function in the above sample code does not call any other functions. Therefore, the stack frame 530 includes the call information area 532 and the local variable area 534, but does not include the call parameter area 526 (indicated by a dotted line).
  • FIG. 6 shows a schematic flowchart of a process 600 for obtaining function call information according to an embodiment of the present disclosure.
  • a reverse backtrace method can be implemented to obtain function call information.
  • the return address of the first call is obtained from the call stack, and the return address of the first call is within the address range of the code of the first function (for example, function A).
  • the call stack in memory has been dumped, and the bottom address of the call stack is obtained by using a thread control block. It should be understood that the code segment stores codes of all functions of the thread. Therefore, the return address of the function call is within the address range of the code segment.
  • the return address of the first call can be obtained by scanning the call stack, which is described with reference to FIG. 7 and FIG. 8 .
  • FIG. 7 shows a schematic flowchart of a process 700 for obtaining a call return address according to an embodiment of the present disclosure.
  • Fig. 8 shows a schematic diagram of parsing a call stack in combination with code segments according to an embodiment of the present disclosure.
  • a first address within the address range of code segment 820 is looked up in call stack 810 .
  • the call stack 810 sequentially includes a stack frame 802 of a first function and a stack frame 804 of a second function from a high address to a low address.
  • call stack 810 may also include stack frames for more functions.
  • the first function is the root function in the call stack 810, starting from the root function's stack frame 802 to find addresses within the address range of the code segment.
  • the stack frame 802 of the root function is located at the bottom of the stack frame area.
  • command line and environment variables 809 are included between the bottom of the stack frame and the stack frame area.
  • the call stack is searched for a first address within the address range of the code segment from a high address to a low address.
  • the search can be started from the bottom of the stack frame 802 (that is, the highest address) across the command line and the environment variable 809 .
  • the bottom address of the stack can be obtained from the thread control block, so the return address of the function call can be searched from the bottom of the call stack, so the register data of the CPU is not needed.
  • an address within the address range of the code segment 820 it may be checked whether the address is a return address of a function call.
  • the first address may be obtained as the return address of the first call.
  • the address located in the code segment 820 found in the call stack 810 points to the assembly code 821 of Printf("A ⁇ n").
  • the found address can be offset, for example, minus 4 (that is, the address is 4 bytes of data) to locate the previous code 822 .
  • the code 822 is the code to jump to the second function, therefore, the address found in the call stack 810 can be determined as the return address 806 of the first call. If the previous code is not a jump instruction, the found address is not the function call return address.
  • a first call code 822 is determined in the code of the first function, the first call code 822 indicating that the second function was called by the first function.
  • the previous code of the code at the return address may be determined as the code 822 in which the first function calls the second function.
  • the starting address of the code of the second function is obtained from the first calling code 822 .
  • the first call code 822 includes the storage address in the code segment of the start code of the second function.
  • the start address of the code of the called function can be obtained by analyzing the code of the first function calling the second function.
  • the function call information that the first function calls the second function can be determined.
  • the identifier of the first function may be obtained from the symbol table using the return address of the first call
  • the identifier of the second function may be obtained from the symbol table 830 using the start address of the code of the second function.
  • the symbol table 830 is generated by the compiler and includes each identifier in the program source code and associated information, such as data type, scope, and memory address.
  • the identifier of the first function and the memory address range of the code thereof can be queried from the matching table 830 by using the first call return address 806, because the first call return address is within the address range of the code of the first function.
  • the start address of the code of the second function may also be used to obtain the identifier of the second function and the memory address range of the code thereof.
  • an identification of the first function, an identification of the second function, and a storage address of code where the first function calls the second function may be presented. Thus, it can help to locate the cause of the program error.
  • the call stack 810 may also be iteratively parsed to obtain further function call information. Therefore, it is necessary to determine whether the second function further calls the third function, that is, determine whether the second function is a leaf function.
  • FIG. 9 shows a schematic flowchart of a process 900 for determining whether a function is a leaf function according to an embodiment of the present disclosure.
  • the call stack 810 includes a stack frame 802 of the first function and a stack frame 804 of the second function, and the stack frame 804 of the second function includes a return address 806 of the first call and a stack address 808 of the first stack frame.
  • the return address 816 of the second function calling the third function is stored in the information area of the stack frame of the third function , and store the stack address 818 of the stack frame 804 of the second function, wherein the return address 816 is within the address range of the code segment of the second function.
  • the above information is stored at a specific location in the third stack frame 814 after the second stack frame 804 .
  • the second address may be stored in the first 4 bytes immediately adjacent to the second stack frame 804, that is, the stack frame 814 of the third function.
  • the second address may also be stored at other offset positions relative to the stack address of the second stack frame 804, for example, the second address is stored in the 5th to 8th bytes after the stack address of the second stack frame 804 , which is not limited in the present disclosure.
  • the stack address of the second stack frame 804 may be stored in the 5th to 8th bytes after the second stack frame 804 .
  • the stack address of the second stack frame 804 may also be stored at other offsets relative to the stack address of the second stack frame 804, for example, the 1st to 4th after the stack address of the second stack frame 804 bytes store the stack address of the second stack frame 804, which is not limited in the present disclosure.
  • previous code is not a jump instruction, it indicates that the second address is not the return address of the function call, and the second function is a leaf function, so there is no need to continue parsing the call stack. If the previous code is a jump instruction, indicating that the found second address is the return address of the function call, then at block 940, determine that the second function calls the third function, and obtain the second address as the return address of the second call.
  • FIG. 10 shows a schematic flowchart of a process 1000 for further obtaining function call information according to an embodiment of the present disclosure.
  • the call stack is further iteratively parsed in response to the called function (eg, the second function) further calling other functions (eg, the third function).
  • a second call return address 816 is obtained from the third stack frame 814 of the third function, the second call return address being within the address range of the code of the second function.
  • the stack address of the second stack frame 804 can be obtained by subtracting the size of the second stack frame from the stack address of the first stack frame 802 to obtain the stack address of the second stack frame 804 .
  • the first return call address 806 and the stack address of the first stack frame are stored adjacently, or separated by a predetermined offset according to the specific implementation of the operating system. Therefore, the stack address 808 of the first stack frame can be obtained from the second stack frame 804 based on the stack address storing the first call return address 806 in the call stack. Additionally, the size of the second stack frame 804 may be determined based on the code of the second function.
  • the address range to the code of the second function is obtained from the symbol table 830 by using the start address of the code of the second function already obtained in block 630 .
  • the start code of the function in the code segment includes stack frame allocation code
  • the stack frame allocation code includes the stack frame size.
  • the size of the second stack frame 804 can be obtained based on the start address of the code of the second function.
  • the stack address of the second stack frame is obtained by subtracting the size of the second stack frame from the stack address of the first stack frame.
  • the call information area of the third stack frame can be accessed, including the return address of the third function after being called by the second function, that is, the return address of the second call 816, and the return address of the second call.
  • the stack address of the second stack frame is 818.
  • the starting address of the code of the third function is obtained from the code calling the third function.
  • the call information of the second function calling the third function is further obtained.
  • the third function is a leaf function.
  • the manner of determining that the third function is a leaf function is similar to the method described with reference to FIG. 9 , and will not be repeated here.
  • the method 1000 may be executed iteratively until no further function calls are resolved.
  • the addresses of the codes of the parsed functions can be used to obtain the identifiers of these functions from the symbol table.
  • information such as the location where the call occurs and the addresses and sizes of the code segments of all functions can also be obtained through the return address of the call. By presenting this information to the user, it can help locate where and why the program went wrong.
  • the method for acquiring function call information according to an embodiment of the present disclosure has been described above with reference to FIGS. 3 to 10 .
  • the method provided by the present disclosure can obtain the function call information without the register data of the CPU core, so it is suitable for when the CPU core hangs and cannot Locate the cause of the program error when accessing register data.
  • Fig. 11 shows a schematic block diagram of an apparatus 1100 for acquiring function call information according to an embodiment of the present disclosure.
  • the apparatus 1100 includes a first call return address obtaining unit 1110 , a calling code determining unit 1120 and a called function code address obtaining unit 1130 .
  • the first call return address obtaining unit 1110 is configured to obtain the first call return address from the call stack, and the first call return address is within the address range of the code of the first function.
  • the call code determining unit 1120 is configured to determine a first call code in the code of the first function based on the first call return address, the first call code indicates that the second function is called by the first function.
  • the called function code address obtaining unit 1130 is configured to obtain the start address of the code of the second function from the first calling code.
  • the first call return address obtaining unit 1110 may also be configured to: search the call stack for the first address within the address range of the code segment, the code segment including the first function and the second function code; determine whether a previous code of the code at the first address is a jump instruction; and when it is determined that the previous code is a jump instruction, obtain the first address as a first call return address.
  • the first call return address obtaining unit 1110 can also be configured to: start from a predetermined offset relative to the stack bottom address of the call stack, and search the code in the call stack from a high address to a low address The first address in the segment's address range.
  • the call stack includes a first stack frame of the first function and a second stack frame of the second function, and the second stack frame includes adjacently stored first call return address and stack address of the first stack frame.
  • the apparatus 1100 may further include a function call determining unit configured to determine whether the second function calls the third function.
  • the device may further include a second call address returning unit configured to, when it is determined that the second function calls the third function, based on the stack address of the second stack frame, from the first Obtain the return address of the second call in the three stack frames, and the return address of the second call is within the address range of the code of the second function; based on the return address of the second call, determine the second call code in the code of the second function, and the second call
  • the code indicates that the third function is called by the second function; and the starting address of the code of the third function is obtained from the second calling code.
  • the function call determination unit may also be configured to: determine whether there is a first stack address within the address range of the code of the second function at the first stack address relative to the stack address of the second stack frame Two addresses, and whether there is a stack address of the second stack frame at the second stack frame address relative to the stack address of the second stack frame; if the second address exists at the first stack address and at the second stack address There is a stack address of the second stack frame, determining whether the last code of the code at the second address is a jump instruction; and if the last code is a jump instruction, determining that the second function calls the third function and obtaining the first The second address is used as the return address of the second call.
  • the apparatus 1100 may further include a stack frame address determination unit.
  • the stack frame address determination unit may be configured to: obtain the stack address of the first stack frame from the second stack frame based on the stack address of the first call return address stored in the call stack; based on the start of the code of the second function address, acquiring the size of the second stack frame; and determining the stack address of the second stack frame based on the stack address of the first stack frame and the size of the second stack frame.
  • the apparatus 1100 may further include a function identification determination unit, and the function identification determination unit may be configured to: use the first call return address to obtain the identification of the first function from the symbol table; and use the code of the second function The start address obtains the identity of the second function from the symbol table.
  • the apparatus 1100 may further include a presentation unit configured to present at least one of the following: an identifier of the first function, an identifier of the second function, and a first function indicating that the first function calls the second function - The storage address of the calling code.
  • FIG. 12 shows a schematic block diagram of an example device 1200 that may be used to implement embodiments of the present disclosure.
  • the device 1200 may be used to implement the processes shown in FIG. 3 , FIG. 6 , FIG. 7 , FIG. 9 , and FIG. 10 and the apparatus shown in FIG. 11 .
  • the device 1200 includes a central processing unit (CPU) 1201, which may include a plurality of cores, each of which may be programmed according to computer program instructions stored in a read-only memory (ROM) 1202 or from a storage unit 1208.
  • Computer program instructions loaded into random access memory (RAM) 1203 to perform various appropriate actions and processes.
  • RAM 1203 various programs and data necessary for the operation of the device 1200 can also be stored.
  • the CPU 1201, ROM 1202, and RAM 1203 are connected to each other through a bus 1204.
  • An input/output (I/O) interface 1205 is also connected to the bus 1204 .
  • I/O input/output
  • the I/O interface 1205 includes: an input unit 1206, such as a keyboard, a mouse, etc.; an output unit 1207, such as various types of displays, speakers, etc.; a storage unit 1208, such as a magnetic disk, an optical disk, etc. ; and a communication unit 1209, such as a network card, a modem, a wireless communication transceiver, and the like.
  • the communication unit 1209 allows the device 1200 to exchange information/data with other devices through a computer network such as the Internet and/or various telecommunication networks.
  • methods 300 , 600 , 700 , 900 , and 1000 may be executed by one or more cores in the processing unit 1201 .
  • methods 300 , 600 , 700 , 900 , 1000 may be implemented as a computer software program tangibly embodied on a machine-readable medium, such as storage unit 1208 .
  • part or all of the computer program may be loaded and/or installed on the device 1200 via the ROM 1202 and/or the communication unit 1209.
  • a computer program is loaded into RAM 1203 and executed by CPU 1201 or a core of the CPU, one or more actions of methods 300, 600, 700, 900, 1000 described above may be performed.
  • the present disclosure may be a method, apparatus, system and/or computer program product.
  • a computer program product may include a computer-readable storage medium having computer-readable program instructions thereon for carrying out various aspects of the present disclosure.
  • a computer readable storage medium may be a tangible device that can retain and store instructions for use by an instruction execution device.
  • a computer readable storage medium may be, for example, but is not limited to, an electrical storage device, a magnetic storage device, an optical storage device, an electromagnetic storage device, a semiconductor storage device, or any suitable combination of the foregoing.
  • Computer-readable storage media include: portable computer diskettes, hard disks, random access memory (RAM), read-only memory (ROM), erasable programmable read-only memory (EPROM), or flash memory), static random access memory (SRAM), compact disc read only memory (CD-ROM), digital versatile disc (DVD), memory stick, floppy disk, mechanically encoded device, such as a printer with instructions stored thereon A hole card or a raised structure in a groove, and any suitable combination of the above.
  • RAM random access memory
  • ROM read-only memory
  • EPROM erasable programmable read-only memory
  • flash memory static random access memory
  • SRAM static random access memory
  • CD-ROM compact disc read only memory
  • DVD digital versatile disc
  • memory stick floppy disk
  • mechanically encoded device such as a printer with instructions stored thereon
  • a hole card or a raised structure in a groove and any suitable combination of the above.
  • computer-readable storage media are not to be construed as transient signals per se, such as radio waves or other freely propagating electromagnetic waves, electromagnetic waves propagating through waveguides or other transmission media (e.g., pulses of light through fiber optic cables), or transmitted electrical signals.
  • Computer-readable program instructions described herein may be downloaded from a computer-readable storage medium to a respective computing/processing device, or downloaded to an external computer or external storage device over a network, such as the Internet, a local area network, a wide area network, and/or a wireless network.
  • the network may include copper transmission cables, fiber optic transmission, wireless transmission, routers, firewalls, switches, gateway computers, and/or edge servers.
  • a network adapter card or a network interface in each computing/processing device receives computer-readable program instructions from the network and forwards the computer-readable program instructions for storage in a computer-readable storage medium in each computing/processing device .
  • Computer program instructions for performing the operations of the present disclosure may be assembly instructions, instruction set architecture (ISA) instructions, machine instructions, machine-dependent instructions, microcode, firmware instructions, state setting data, or Source or object code written in any combination, including object-oriented programming languages—such as Smalltalk, C++, etc., and conventional procedural programming languages—such as “C” or similar programming languages.
  • Computer readable program instructions may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer, or entirely on the remote computer or server implement.
  • the remote computer can be connected to the user computer through any kind of network, including a local area network (LAN) or a wide area network (WAN), or it can be connected to an external computer (such as via the Internet using an Internet service provider). connect).
  • LAN local area network
  • WAN wide area network
  • an electronic circuit such as a programmable logic circuit, field programmable gate array (FPGA), or programmable logic array (PLA)
  • FPGA field programmable gate array
  • PDA programmable logic array
  • These computer readable program instructions may be provided to a processing unit of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine such that when executed by the processing unit of the computer or other programmable data processing apparatus , producing an apparatus for realizing the functions/actions specified in one or more blocks in the flowchart and/or block diagram.
  • These computer-readable program instructions can also be stored in a computer-readable storage medium, and these instructions cause computers, programmable data processing devices and/or other devices to work in a specific way, so that the computer-readable medium storing instructions includes An article of manufacture comprising instructions for implementing various aspects of the functions/acts specified in one or more blocks in flowcharts and/or block diagrams.
  • each block in a flowchart or block diagram may represent a module, a program segment, or a portion of an instruction that contains one or more executable instruction.
  • the functions noted in the block may occur out of the order noted in the figures. For example, two blocks in succession may, in fact, be executed substantially concurrently, or they may sometimes be executed in the reverse order, depending upon the functionality involved.
  • each block of the block diagrams and/or flowchart illustrations, and combinations of blocks in the block diagrams and/or flowchart illustrations can be implemented by a dedicated hardware-based system that performs the specified function or action , or may be implemented by a combination of dedicated hardware and computer instructions.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Quality & Reliability (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Executing Machine-Instructions (AREA)

Abstract

A method (600) for acquiring function call information. The method comprises: acquiring a first call return address from a call stack, wherein the first call return address is within an address range of codes of a first function (610); determining a first call code from among the codes of the first function on the basis of the first call return address, wherein the first call code indicates that a second function is called by the first function (620); and acquiring a starting address of codes of the second function from the first call code (630). Also provided are a corresponding apparatus (1100), a device (1200) and a medium. Function call information can be acquired without register data, thereby improving the accuracy of locating the cause of a program error, and expanding the application range of the present disclosure.

Description

用于获取函数调用信息的方法、装置、电子设备和介质Method, device, electronic device and medium for obtaining function call information 技术领域technical field
本公开的实施例主要涉及计算机技术领域,尤其是操作***技术。更具体地,本公开的实施例涉及用于获取函数调用信息的方法、装置、电子设备、计算机可读存储介质以及计算机程序产品。Embodiments of the present disclosure mainly relate to the field of computer technology, especially operating system technology. More specifically, the embodiments of the present disclosure relate to a method, an apparatus, an electronic device, a computer-readable storage medium, and a computer program product for acquiring function call information.
背景技术Background technique
在程序开发和维护中,当程序出错(例如,崩溃)后需要查看程序中的函数的调用关系(也称为Call Trace)。Call Trace是指在程序发生问题时把当前函数调用栈打印出来,帮助定位程序出错的原因。In program development and maintenance, when a program fails (for example, crashes), it is necessary to view the calling relationship of functions in the program (also called Call Trace). Call Trace refers to printing out the current function call stack when a problem occurs in the program to help locate the cause of the program error.
通常,在定位程序出错原因时会使用称为backtrace的方法,其从程序函数调用关系的叶子函数开始,根据寄存器信息和调用栈来推导完整的函数调用关系。然而,对于处理器核挂死导致程序出错的情形,无法获取到处理器核中的寄存器信息,因此也将无法使用backtrace的方法。Usually, a method called backtrace is used when locating the cause of a program error, which starts from the leaf function of the program function call relationship, and derives the complete function call relationship based on the register information and the call stack. However, for the situation where the processor core hangs and causes a program error, the register information in the processor core cannot be obtained, so the backtrace method cannot be used.
发明内容Contents of the invention
本公开的实施例提供了用于获取函数调用信息的技术方案。Embodiments of the present disclosure provide technical solutions for acquiring function call information.
根据本公开的第一方面,提供了一种用于获取函数调用信息的方法,包括:从调用栈中获取第一调用返回地址,第一调用返回地址在第一函数的代码的地址范围内;基于第一调用返回地址,在第一函数的代码中确定第一调用代码,第一调用代码指示由第一函数调用第二函数;以及从第一调用代码中获取第二函数的代码的起始地址。According to the first aspect of the present disclosure, there is provided a method for obtaining function call information, including: obtaining a first call return address from a call stack, where the first call return address is within the address range of the code of the first function; Based on the first call return address, determine a first call code in the code of the first function, the first call code indicates that the second function is called by the first function; and obtain the start of the code of the second function from the first call code address.
根据本公开的实施例,函数的代码被存储在存储器中由编译器确定的代码段的地址范围内,因而作为调用者的第一函数的调用第二函数的代码、以及调用后的返回地址也存储在代码段的地址范围内,并且第二函数的代码的起始地址是指第二函数的首条代码在代码段中的地址。此外,当发生函数调用时,第一函数调用第二函数后的返回地址被压入调用栈。According to the embodiment of the present disclosure, the code of the function is stored in the address range of the code segment determined by the compiler in the memory, so the code of calling the second function of the first function as the caller and the return address after calling are also stored in the address range of the code segment, and the start address of the code of the second function refers to the address of the first code of the second function in the code segment. In addition, when a function call occurs, the return address after the first function calls the second function is pushed onto the call stack.
利用代码段地址范围内的函数代码和压栈机制,根据本公开的获取函数调用信息的方法能够从调用栈获取到第一函数调用第二函数的返回地址,得到调用第二函数的第一调用代码,进而确定在第一调用代码中指示的第二函数的代码的起始地址,由此获取到函数调用信息。因此,根据本公开的方法能够在不需要寄存器数据的情况下解析调用栈而得到函数调用信息,从而扩大了定位程序出错原因的准确性和适用范围。Using the function code and stack push mechanism within the address range of the code segment, the method for obtaining function call information according to the present disclosure can obtain the return address of the first function call and the second function from the call stack, and obtain the first call to call the second function code, and then determine the start address of the code of the second function indicated in the first calling code, thereby obtaining the function calling information. Therefore, the method according to the present disclosure can analyze the call stack to obtain function call information without register data, thereby expanding the accuracy and scope of application of locating the cause of program errors.
在一些实施例中,从调用栈中获取第一调用返回地址可以包括:在调用栈中查找在代码段的地址范围内的第一地址,该代码段包括第一函数和第二函数的代码;确定第一地址处的代码的上一条代码是否为跳转指令;以及当该上一条代码为跳转指令时,获取该第一地址作为第一调用返回地址。以此方式,能够检验从调用栈获取的第一地址是否属于函数调用的返回地址,从而提高可靠性和健壮性。In some embodiments, obtaining the first call return address from the call stack may include: searching the call stack for a first address within an address range of a code segment, where the code segment includes codes of the first function and the second function; determining whether a previous code of the code at the first address is a jump instruction; and when the previous code is a jump instruction, obtaining the first address as a first call return address. In this way, it can be checked whether the first address obtained from the call stack belongs to the return address of the function call, thereby improving reliability and robustness.
在一些实施例中,在调用栈中查找在代码段的地址范围内的第一地址可以包括:从相对于调用栈的栈底地址的预定偏移处开始,从高地址到低地址在调用栈中查找在代码段的地址范围内的第一地址。以此方式,能够根据操作***的具体实现方式,有效地确定调用栈中的 根函数的栈帧的位置,从而提高查找函数返回地址的效率。In some embodiments, searching the call stack for the first address within the address range of the code segment may include: starting from a predetermined offset relative to the bottom address of the call stack, from a high address to a low address in the call stack Finds the first address in the code segment's address range. In this way, the position of the stack frame of the root function in the call stack can be effectively determined according to the specific implementation of the operating system, thereby improving the efficiency of finding the return address of the function.
在一些实施例中,调用栈包括第一函数的第一栈帧和第二函数的第二栈帧,第二栈帧包括相邻存储的第一调用返回地址和第一栈帧的栈地址,根据第一方面的方法还可以包括:确定第二函数是否调用了第三函数;以及当确定第二函数调用了所述第三函数时,基于第二栈帧的栈地址,从第三函数的第三栈帧中获取第二调用返回地址,第二调用返回地址在第二函数的代码的地址范围内;基于第二调用返回地址,在第二函数的代码中确定第二调用代码,第二调用代码指示由第二函数调用第三函数;以及从第二调用代码获取第三函数的代码的起始地址。以此方式,能够迭代地从调用栈获取函数调用关系。In some embodiments, the call stack includes a first stack frame of the first function and a second stack frame of the second function, and the second stack frame includes adjacently stored first call return addresses and stack addresses of the first stack frame, The method according to the first aspect may further include: determining whether the second function calls the third function; and when it is determined that the second function calls the third function, based on the stack address of the second stack frame, from the third function The second call return address is obtained in the third stack frame, and the second call return address is within the address range of the code of the second function; based on the second call return address, the second call code is determined in the code of the second function, and the second The call code indicates that the third function is called by the second function; and the start address of the code of the third function is acquired from the second call code. In this way, function call relationships can be obtained iteratively from the call stack.
在一些实施例中,确定第二函数确定是否调用了第三函数可以包括:确定相对于第二栈帧的栈地址的第一栈地址处是否存在位于第二函数的代码的地址范围内的第二地址并且在相对于所述第二栈帧的栈地址的第二栈帧地址处是否存在第二栈帧的栈地址;如果在第一栈地址处存在该第二地址并且在第二栈地址处存在第二栈帧的栈地址,确定该第二地址处的代码的上一条代码是否为跳转指令;以及如果该上一条代码为跳转指令,确定第二函数调用了第三函数并且获取该第二地址作为第二调用返回地址。以此方式,能够有效地确定当前解析到的函数是否为函数调用中的叶子函数,即,是否调用其他函数,直到解析出所有函数调用信息为止。In some embodiments, determining whether the second function determines whether the third function is called may include: determining whether there is a first stack address within the address range of the code of the second stack frame at the first stack address relative to the stack address of the second stack frame Two addresses and whether there is a stack address of the second stack frame at the second stack frame address relative to the stack address of the second stack frame; if there is the second address at the first stack address and at the second stack address There is a stack address of the second stack frame at the location, determining whether the previous code of the code at the second address is a jump instruction; and if the previous code is a jump instruction, determining that the second function calls the third function and obtaining The second address is used as the return address of the second call. In this way, it can be effectively determined whether the currently parsed function is a leaf function in the function call, that is, whether to call other functions, until all the function call information is parsed.
在一些实施例中,根据第一方面的方法还可以包括:基于调用栈中存储的第一调用返回地址的栈地址,从第二栈帧中获取第一栈帧的栈地址;基于第二函数的代码的起始地址,获取第二栈帧的大小;以及基于所述第一栈帧的栈地址和所述第二栈帧的大小,确定第二栈帧的栈地址。以此方式,能够有效确定被调用函数的栈帧的栈地址,以便获取进一步的函数调用关系。In some embodiments, the method according to the first aspect may further include: obtaining the stack address of the first stack frame from the second stack frame based on the stack address of the first call return address stored in the call stack; Obtaining the size of the second stack frame from the start address of the code; and determining the stack address of the second stack frame based on the stack address of the first stack frame and the size of the second stack frame. In this way, the stack address of the stack frame of the called function can be effectively determined, so as to obtain further function calling relationships.
在一些实施例中,根据第一方面的方法还可以包括:使用第一调用返回地址从符号表获取第一函数的标识;以及使用第二函数的代码的起始地址从符号表获取第二函数的标识。以此方式,能够从函数的代码的地址获取函数的标识,以得到更容易理解的函数调用信息。In some embodiments, the method according to the first aspect may further include: using the first call return address to obtain the identifier of the first function from the symbol table; and using the start address of the code of the second function to obtain the identifier of the second function from the symbol table logo. In this way, the identifier of the function can be obtained from the address of the code of the function to obtain more understandable function call information.
在一些实施例中,根据第一方面的方法还可以包括呈现以下至少一项:第一函数的标识,第二函数的标识,以及指示第一函数调用第二函数的第一调用代码的存储地址。In some embodiments, the method according to the first aspect may further comprise presenting at least one of: an identification of the first function, an identification of the second function, and a storage address of the first calling code indicating that the first function calls the second function .
根据本公开的第二方面,提供了一种用于获取函数调用信息的装置,包括:第一调用返回地址获取单元,被配置用于从调用栈中获取第一调用返回地址,第一调用返回地址在第一函数的代码的地址范围内;调用代码确定单元,被配置用于基于第一调用返回地址在第一函数的代码中确定第一调用代码,第一调用代码指示由第一函数调用第二函数;以及被调函数代码地址获取单元,被配置用于从第一调用代码中获取第二函数的代码的起始地址。According to a second aspect of the present disclosure, there is provided an apparatus for obtaining function call information, including: a first call return address obtaining unit configured to obtain the first call return address from the call stack, the first call return The address is within the address range of the code of the first function; the call code determination unit is configured to determine a first call code in the code of the first function based on the first call return address, the first call code indicates that it is called by the first function the second function; and a called function code address obtaining unit configured to obtain the start address of the code of the second function from the first calling code.
在一些实施例中,第一调用返回地址获取单元还可以被配置用于:在调用栈中查找在代码段的地址范围内的第一地址,该代码段包括第一函数和第二函数的代码;确定第一地址处的代码的上一条代码是否为跳转指令;以及当确定该上一条代码为跳转指令时,获取该第一地址作为第一调用返回地址。In some embodiments, the first call return address acquisition unit may also be configured to: search the call stack for the first address within the address range of the code segment, the code segment including the codes of the first function and the second function ; Determine whether the previous code of the code at the first address is a jump instruction; and when it is determined that the previous code is a jump instruction, obtain the first address as the first call return address.
在一些实施例中,第一调用返回地址获取单元还可以被配置用于:从相对于调用栈的栈底地址的预定偏移处开始,从高地址到低地址在调用栈中查找在代码段的地址范围内的第一地址。In some embodiments, the first call return address obtaining unit can also be configured to: start from a predetermined offset relative to the stack bottom address of the call stack, and search the code segment in the call stack from a high address to a low address The first address in the range of addresses.
在一些实施例中,调用栈包括第一函数的第一栈帧和第二函数的第二栈帧,第二栈帧包 括相邻存储的第一调用返回地址和第一栈帧的栈地址。根据第二方面的装置还可以包括函数调用确定单元,该函数调用单元被配置用于确定第二函数是否调用了第三函数。该装置还可以包括第二调用地址返回单元,该第二调用地址返回单元被配置用于当确定第二函数调用了第三函数时,基于第二栈帧的栈地址,从第三函数的第三栈帧中获取第二调用返回地址,第二调用返回地址在第二函数的代码的地址范围内;基于第二调用返回地址,在第二函数的代码中确定第二调用代码,第二调用代码指示由第二函数调用第三函数;以及从第二调用代码获取所述第三函数的代码的起始地址。In some embodiments, the call stack includes a first stack frame of the first function and a second stack frame of the second function, and the second stack frame includes adjacently stored first call return addresses and stack addresses of the first stack frame. The apparatus according to the second aspect may further include a function call determining unit configured to determine whether the second function calls the third function. The device may further include a second call address returning unit configured to, when it is determined that the second function calls the third function, based on the stack address of the second stack frame, from the first Obtain the return address of the second call in the three stack frames, and the return address of the second call is within the address range of the code of the second function; based on the return address of the second call, determine the second call code in the code of the second function, and the second call The code indicates that the third function is called by the second function; and the starting address of the code of the third function is obtained from the second calling code.
在一些实施例中,函数调用确定单元还可以被配置用于:确定在相对于所述第二栈帧的栈地址的第一栈地址处是否存在位于第二函数的代码的地址范围内的第二地址、并且在相对于所述第二栈帧的栈地址的第二栈帧地址处是否存在第二栈帧的栈地址;如果第一栈地址处存在该第二地址并且第二栈地址处存在第二栈帧的栈地址,确定该第二地址处的代码的上一条代码是否为跳转指令;以及如果该上一条代码为跳转指令,确定第二函数调用了第三函数并且获取第二地址作为第二调用返回地址。In some embodiments, the function call determination unit may also be configured to: determine whether there is a first stack address within the address range of the code of the second function at the first stack address relative to the stack address of the second stack frame Two addresses, and whether there is a stack address of the second stack frame at the second stack frame address relative to the stack address of the second stack frame; if the second address exists at the first stack address and at the second stack address There is a stack address of the second stack frame, determining whether the last code of the code at the second address is a jump instruction; and if the last code is a jump instruction, determining that the second function calls the third function and obtaining the first The second address is used as the return address of the second call.
在一些实施例中,根据第二方面的装置还可以包括栈帧地址确定单元,栈帧地址确定单元可以被配置用于:基于调用栈中存储的第一调用返回地址的栈地址,从第二栈帧中获取第一栈帧的栈地址;基于第二函数的代码的起始地址,获取第二栈帧的大小;以及基于第一栈帧的栈地址和第二栈帧的大小,确定第二栈帧的栈地址。In some embodiments, the apparatus according to the second aspect may further include a stack frame address determining unit, and the stack frame address determining unit may be configured to: based on the stack address of the first call return address stored in the call stack, from the second Obtain the stack address of the first stack frame in the stack frame; obtain the size of the second stack frame based on the start address of the code of the second function; and determine the size of the second stack frame based on the stack address of the first stack frame and the size of the second stack frame The stack address of the second stack frame.
在一些实施例中,根据第二方面的装置还可以包括函数标识确定单元,函数标识确定单元可以被配置用于:使用第一调用返回地址从符号表获取第一函数的标识;以及使用第二函数的代码的起始地址从符号表获取第二函数的标识。In some embodiments, the apparatus according to the second aspect may further include a function identification determining unit, and the function identification determining unit may be configured to: obtain the identification of the first function from the symbol table using the first call return address; and use the second The starting address of the code of the function obtains the identification of the second function from the symbol table.
在一些实施例中,根据第二方面的装置还可以包括呈现单元,呈现单元可以被配置用于呈现以下至少一项:第一函数的标识,第二函数的标识,以及指示第一函数调用第二函数的第一调用代码的存储地址。In some embodiments, the apparatus according to the second aspect may further include a presentation unit configured to present at least one of the following: an identification of the first function, an identification of the second function, and an indication indicating that the first function calls the second The storage address of the first calling code of the second function.
根据本公开的第三方面,提供了一种电子设备,包括处理器和存储器,处理器包括多个处理核,多个处理核中的至少一个处理核被配置用于执行存储器中的指令,使得该电子设备执行根据本公开的第一方面的方法。According to a third aspect of the present disclosure, an electronic device is provided, including a processor and a memory, the processor includes a plurality of processing cores, at least one of the processing cores is configured to execute instructions in the memory, such that The electronic device performs the method according to the first aspect of the present disclosure.
根据本公开的第四方面,提供了一种计算机可读存储介质,其上存储有一条或多条计算机指令,其中一条或多条计算机指令被处理器执行使该处理器执行根据本公开的第一方面的方法。According to a fourth aspect of the present disclosure, there is provided a computer-readable storage medium, on which one or more computer instructions are stored, wherein the one or more computer instructions are executed by a processor to cause the processor to perform the first method according to the present disclosure. One way.
根据本公开的第五方面,提供了一种计算机程序产品,包括机器可执行指令,该机器可执行指令在由设备执行时使所述设备执行根据本申请公开的第一方面所述的方法。According to a fifth aspect of the present disclosure, there is provided a computer program product comprising machine-executable instructions which, when executed by a device, cause the device to perform the method according to the first aspect of the present disclosure.
附图说明Description of drawings
结合附图并参考以下详细说明,本申请公开各实施例的上述和其他特征、优点及方面将变得更加明显。在附图中,相同或相似的附图标注表示相同或相似的元素,其中:The above and other features, advantages and aspects of the various embodiments disclosed in the present application will become more apparent with reference to the following detailed description when taken in conjunction with the accompanying drawings. In the drawings, the same or similar reference numerals indicate the same or similar elements, wherein:
图1示出了本公开的多个实施例能够在其中实现的示例环境的示意图;Figure 1 shows a schematic diagram of an example environment in which various embodiments of the present disclosure can be implemented;
图2示出了本公开的多个实施例能够在其中实现的另一示例环境的示意图;Figure 2 shows a schematic diagram of another example environment in which various embodiments of the present disclosure can be implemented;
图3示出了根据本公开的实施例的用于获取函数调用信息的总体流程的示意流程图;FIG. 3 shows a schematic flowchart of an overall process for obtaining function call information according to an embodiment of the present disclosure;
图4示出了根据本公开的实施例的调用栈的示例示意图;FIG. 4 shows an example schematic diagram of a call stack according to an embodiment of the present disclosure;
图5示出了根据本公开的实施例的调用栈的更详细的示意图;Figure 5 shows a more detailed schematic diagram of a call stack according to an embodiment of the present disclosure;
图6示出了根据本公开的实施例的用于获取函数调用信息的过程的示意流程图;FIG. 6 shows a schematic flowchart of a process for obtaining function call information according to an embodiment of the present disclosure;
图7示出了根据本公开的实施例的用于获取调用返回地址的过程的示意流程图;FIG. 7 shows a schematic flowchart of a process for obtaining a call return address according to an embodiment of the present disclosure;
图8示出了根据本公开的实施例的结合代码段来解析调用栈的示意图;FIG. 8 shows a schematic diagram of parsing a call stack in combination with code segments according to an embodiment of the present disclosure;
图9示出了根据本公开的实施例的用于确定函数是否为叶子函数的过程的示意流程图;FIG. 9 shows a schematic flowchart of a process for determining whether a function is a leaf function according to an embodiment of the present disclosure;
图10示出了根据本公开的实施例的用于进一步获取函数调用信息的过程的示意流程图;FIG. 10 shows a schematic flowchart of a process for further obtaining function call information according to an embodiment of the present disclosure;
图11示出了根据本公开的实施例的用于获取函数调用信息的装置的示意框图;以及Fig. 11 shows a schematic block diagram of an apparatus for obtaining function call information according to an embodiment of the present disclosure; and
图12示出了可以用来实施本公开的实施例的示例设备的示意性框图。Figure 12 shows a schematic block diagram of an example device that may be used to implement embodiments of the present disclosure.
具体实施方式Detailed ways
下面将参照附图更详细地描述本公开的实施例。虽然附图中显示了本公开的某些实施例,然而应当理解的是,本公开可以通过各种形式来实现,而且不应该被解释为限于这里阐述的实施例,相反提供这些实施例是为了更加透彻和完整地理解本公开。应当理解的是,本公开的附图及实施例仅用于示例性作用,并非用于限制本公开的保护范围。Embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. Although certain embodiments of the present disclosure are shown in the drawings, it should be understood that the disclosure may be embodied in various forms and should not be construed as limited to the embodiments set forth herein; A more thorough and complete understanding of the present disclosure. It should be understood that the drawings and embodiments of the present disclosure are for exemplary purposes only, and are not intended to limit the protection scope of the present disclosure.
在本公开的实施例的描述中,术语“包括”及其类似用语应当理解为开放性包含,即“包括但不限于”。术语“基于”应当理解为“至少部分地基于”。术语“一个实施例”或“该实施例”应当理解为“至少一个实施例”。术语“第一”、“第二”等等可以指代不同的或相同的对象。下文还可能包括其他明确的和隐含的定义。In the description of the embodiments of the present disclosure, the term "comprising" and its similar expressions should be interpreted as an open inclusion, that is, "including but not limited to". The term "based on" should be understood as "based at least in part on". The term "one embodiment" or "the embodiment" should be read as "at least one embodiment". The terms "first", "second", etc. may refer to different or the same object. Other definitions, both express and implied, may also be included below.
如上文所讨论的,在程序开发和维护中,当程序出错后需要查看程序中的函数的调用关系,以便能够定位程序出错的原因。传统的方案通过获取寄存器中数据,例如,程序计数器、栈帧地址,由此回溯函数调用信息。然而,在一些情况下(例如,处理器核挂死),寄存器数据不可用,因此在缺少入口数据的情况下,传统方法无法获取到函数调用信息。As discussed above, in program development and maintenance, when a program error occurs, it is necessary to check the calling relationship of functions in the program, so as to be able to locate the cause of the program error. The traditional solution obtains the data in the register, such as the program counter and the address of the stack frame, so as to trace back the function call information. However, in some cases (for example, the processor core hangs), the register data is not available, so in the absence of entry data, the traditional method cannot obtain the function call information.
本公开的实施例提供了一种用于获取函数调用信息的方案。利用代码段地址范围内的函数代码和压栈机制,根据本公开的实施例的获取函数调用信息的方法能够在调用栈中查找属于代码段地址范围内的函数调用返回地址,利用该返回地址在代码段确定调用其他函数的代码,由此确定被调用的函数,从而获取到函数调用信息。该方案能够在不需要寄存器数据的情况下获取函数调用信息,从而扩大了定位程序出错原因的准确性和适用范围。以下参照图1至12详细描述本公开的一些示例实施例。Embodiments of the present disclosure provide a solution for obtaining function call information. Using the function code within the address range of the code segment and the push mechanism, the method for obtaining function call information according to the embodiment of the present disclosure can search the call stack for the return address of the function call within the address range of the code segment, and use the return address in the The code segment determines codes that call other functions, thereby determining the called function, and obtaining function call information. The scheme can obtain function call information without register data, thereby expanding the accuracy and applicable scope of locating program error causes. Some example embodiments of the present disclosure are described in detail below with reference to FIGS. 1 to 12 .
图1示出了本公开的多个实施例能够在其中实现的示例环境100的示意图。环境100是运行计算机程序的计算设备,分为三个层级:硬件层110、操作***层130、应用层150。硬件层110包括中央处理单元(CPU)111、内存112、存储设备113、输出/输出(I/O)设备114、显示器115。CPU 111可以具有一个或多个处理器核,处理器核执行从内存112加载的计算机程序的代码或指令。内存112存储计算机运行时所需的资源,包括例如计算机程序被编译后得到的汇编代码、变量、堆、栈等数据。取决于环境,汇编代码是可以是ARM、x86、MIPS等体系结构或其各种变体的汇编代码。存储设备113可以用于持久性存储数据。输入/输出(I/O)设备可以包括例如鼠标、键盘、USB设备等。显示器115可以用于向用户呈现程序运行结果或与程序有关的其他信息。应理解,硬件层110可以包括以上描述的更多或更少的硬件设备、以及未在本文中描述的其他硬件设备等。FIG. 1 shows a schematic diagram of an example environment 100 in which various embodiments of the present disclosure can be implemented. The environment 100 is a computing device running computer programs, and is divided into three layers: a hardware layer 110 , an operating system layer 130 , and an application layer 150 . The hardware layer 110 includes a central processing unit (CPU) 111 , a memory 112 , a storage device 113 , an output/output (I/O) device 114 , and a display 115 . CPU 111 may have one or more processor cores that execute codes or instructions of computer programs loaded from memory 112. The memory 112 stores resources required by the computer when it is running, including data such as assembly codes, variables, heaps, and stacks obtained after compiling computer programs. Depending on the environment, assembly code is assembly code that can be for architectures such as ARM, x86, MIPS, or variants thereof. Storage device 113 may be used for persistent storage of data. Input/output (I/O) devices may include, for example, mice, keyboards, USB devices, and the like. The display 115 can be used to present the program running results or other information related to the program to the user. It should be understood that the hardware layer 110 may include more or less hardware devices described above, and other hardware devices not described herein.
操作***层130对接在硬件层110和应用层150之间,提供用户与硬件交互的界面。应 用层150可以通过***调用接口151来访问操作***中的各个模块。操作***层130包括软件支持层121、功能实现层133和内核子***141。软件支持层121包括体系机构模块122、内存管理器126、文件***127、块设备管理128、字符设备管理129、网络子***131、网络接口132。功能实现层133包括多任务134、虚拟内存135、文件/目录136、设备访问137、互联性138。内核子***141包括进程管理141、内存管理142、文件***143、设备控制、网络145等。应理解,操作***层110可以包括以上描述的更多或更少的模块、以及未在本文中描述的其他模块等。The operating system layer 130 is connected between the hardware layer 110 and the application layer 150 and provides an interface for the user to interact with the hardware. The application layer 150 can access various modules in the operating system through the system call interface 151. The operating system layer 130 includes a software support layer 121 , a function realization layer 133 and a kernel subsystem 141 . The software support layer 121 includes an architecture module 122 , a memory manager 126 , a file system 127 , a block device management 128 , a character device management 129 , a network subsystem 131 , and a network interface 132 . The function realization layer 133 includes multitasking 134 , virtual memory 135 , file/directory 136 , device access 137 , and interconnection 138 . The kernel subsystem 141 includes process management 141 , memory management 142 , file system 143 , device control, network 145 and so on. It should be understood that the operating system layer 110 may include more or less modules described above, and other modules not described herein.
如图1所示,体系结构模块122包括栈跟踪模块(StackTrace)123。栈跟踪模块123用于解析与计算机程序有关的调用栈。在计算机程序被执行时,生成由CPU核执行的线程,并且在内存112中为线程分配调用栈,调用栈存储与线程的函数对应的栈帧。取决于操作***的实现,当发生函数调用时,函数调用信息按照约定方式被存储到栈帧中。在一些实施例中,按照内存的高地址到低地址的方向,根据调用顺序在调用栈中分配函数的栈帧。可以通过解析调用栈来获取线程的函数调用信息。As shown in FIG. 1 , the architecture module 122 includes a stack trace module (StackTrace) 123 . The stack trace module 123 is used to analyze the call stack related to the computer program. When a computer program is executed, a thread executed by the CPU core is generated, and a call stack is allocated for the thread in the memory 112 , and the call stack stores stack frames corresponding to functions of the thread. Depending on the implementation of the operating system, when a function call occurs, the function call information is stored in the stack frame in a conventional manner. In some embodiments, the stack frames of the functions are allocated on the call stack according to the calling sequence in the direction from the high address to the low address of the memory. The function call information of the thread can be obtained by parsing the call stack.
栈跟踪模块123包括backtrace模块124。反向backtrace模块可以通过获取寄存器中数据,例如,程序计数器、栈帧地址,从调用栈的顶部(低地址)开始解析调用栈,由此回溯函数调用信息。在无法获取寄存器数据的情况下,反向backtrace模块将不可用。根据本公开的实施例,栈跟踪模块123还包括反向backtrace模块125。反向backtrace模块125可以从调用栈的底部(高地址)开始来解析调用栈,并且不需要使用CPU 111的寄存器数据。另外,用于获取函数调用信息backtrace模块124和反向backtrace模块125被实现在操作***层软件支持层121,属于操作***内核的基本功能,可以由功能实现层133和内核子***层141中的任何模块在需要获取函数调用信息时调用。The stack trace module 123 includes a backtrace module 124 . The reverse backtrace module can analyze the call stack from the top (low address) of the call stack by obtaining the data in the register, such as the program counter and the stack frame address, so as to trace back the function call information. In cases where register data cannot be obtained, the reverse backtrace module will not be available. According to an embodiment of the present disclosure, the stack trace module 123 also includes a reverse backtrace module 125 . The reverse backtrace module 125 can start to parse the call stack from the bottom (high address) of the call stack, and does not need to use the register data of the CPU 111. In addition, the backtrace module 124 and the reverse backtrace module 125 used to obtain function call information are implemented in the operating system layer software support layer 121, which belong to the basic functions of the operating system kernel, and can be realized by functions in the function implementation layer 133 and the kernel subsystem layer 141. Called by any module when it needs to get function call information.
图2示出了本公开的多个实施例能够在其中实现的另一示例环境200的示意图。环境200包括CPU 210、操作***内核230和用户级进程250。操作***内核230包括TRAPS模块231、栈跟踪模块223、体系结构222、线程调度器231、内核线程232-1和232-2、进程233以及与线程和进程有关的数据,例如线程控制块、代码、全局变量、堆、栈等。用户级进程250在操作***内核之上,包括进程251和252,其中每个进程可以具有一个或更多个线程,例如线程A和线程B。在一些实施例中,在同一进程中的多个线程可以共享代码、全局变量和堆,并且具有各自的调用栈。应理解,CPU的210的核的数目、进程和线程的数目不限于图中示出的数目,CPU 210可以包括更多或更少的核心,并且操作***内核230和用户级进程250可以包括更多或更少的进程和线程。FIG. 2 shows a schematic diagram of another example environment 200 in which various embodiments of the present disclosure can be implemented. Environment 200 includes CPU 210, operating system kernel 230, and user-level processes 250. Operating system kernel 230 includes TRAPS module 231, stack trace module 223, architecture 222, thread scheduler 231, kernel threads 232-1 and 232-2, process 233, and data related to threads and processes, such as thread control blocks, code , global variables, heap, stack, etc. User-level process 250 is on top of the operating system kernel and includes processes 251 and 252, where each process may have one or more threads, such as thread A and thread B. In some embodiments, multiple threads in the same process can share code, global variables, and heap, and have their own call stacks. It should be understood that the number of cores, processes, and threads of the CPU 210 is not limited to the numbers shown in the figure, the CPU 210 may include more or fewer cores, and the operating system kernel 230 and user-level processes 250 may include more More or fewer processes and threads.
如图2所示,栈跟踪模块223包括backtrace模块224和反向backtrace模块225。本公开的实施例可以被实现在操作***内核230的栈跟踪模块(stacktrace)223中的反向backtrace模块225中。如上所述,根据本公开的实施例的反向backtrace模块能够在传统的backtrace模块不可用时,解析调用栈来获取函数调用信息。As shown in FIG. 2 , the stack trace module 223 includes a backtrace module 224 and a reverse backtrace module 225 . Embodiments of the present disclosure may be implemented in a reverse backtrace module 225 in a stack trace module (stacktrace) 223 of the operating system kernel 230 . As mentioned above, the reverse backtrace module according to the embodiment of the present disclosure can parse the call stack to obtain function call information when the traditional backtrace module is unavailable.
在一些实施例中,线程调度器231可以调度进程或线程在某一个核上执行,当发生CPU核挂死的事件时,操作***内核230中的TRAPS模块231能够检测到该事件。在这种情况下,可以调用栈跟踪模块223中的反向backtrace模块来获取该CPU核心上的进程或线程的函数调用信息。In some embodiments, the thread scheduler 231 can schedule processes or threads to execute on a certain core, and when a CPU core hang event occurs, the TRAPS module 231 in the operating system kernel 230 can detect the event. In this case, the reverse backtrace module in the stack trace module 223 can be called to obtain the function call information of the process or thread on the CPU core.
图3示出了根据本公开的实施例的用于获取函数调用信息的总体流程300的示意流程图。 在流程300开始处发生了CPU核挂死。在框302,该CPU核触发不可屏蔽中断(NMI),并且NMI被上报到操作***内核的TRAPS模块231。FIG. 3 shows a schematic flowchart of an overall process 300 for obtaining function call information according to an embodiment of the present disclosure. At the beginning of process 300 a CPU core hang occurs. In block 302, the CPU core triggers a non-maskable interrupt (NMI), and the NMI is reported to the TRAPS module 231 of the operating system kernel.
然后,在框304,TRAPS模块231确定发生挂死的CPU核号,并且确定将用于执行反向backtrace方法的工作CPU核号。Then, at block 304 , the TRAPS module 231 determines the number of the CPU core where the hang occurred, and determines the number of the working CPU core that will be used to execute the reverse backtrace method.
在框306,判断发生CPU核挂死时操作***处于用户态还是内核态。当确定处于内核态时,在框308,转储(dump)内核内存。由于在内存、CPU、I/O等设备上的数据都是动态易失的,也就是说数据使用完或者发生异常就会丢掉。为了得到这些数据以便分析,例如调试程序,需要将内存中的数据转储为静态(例如文件)的形式。因此,可以通过将内核地址空间中的数据保存为文件的形式来转储内核内存。然后,在框310,获取内核进程的线程控制块(TCB)。线程控制块描述描述线程,包括例如线程标识符、线程状态、线程相应的代码和数据地址、线程的资源清单、线程的优先级、CPU现场保护信息、用于线程之间的通信的信号等。当确定处于用户态时,在框312,转储用户面内存。也就是说,将用户地址地址空间中的数据保存为文件。由于不同的用户拥有不同的地址空间,因此在框314,构造相同用户面地址空间。由此,在分析用户级程序时,所有用户级程序具有统一的地址空间。然后,在框316,获取用户面线程控制块316。类似地,用户面线程控制块描述对应用户级线程。In block 306, it is determined whether the operating system is in the user state or the kernel state when the CPU core hangs up. When it is determined to be in kernel mode, at block 308, kernel memory is dumped. Because the data on memory, CPU, I/O and other devices are dynamic and volatile, that is to say, the data will be lost after being used or an exception occurs. In order to obtain these data for analysis, such as debugging a program, it is necessary to dump the data in the memory into a static form (such as a file). Therefore, kernel memory can be dumped by saving the data in the kernel address space as a file. Then, at block 310, a thread control block (TCB) of the kernel process is obtained. The thread control block description describes threads, including, for example, thread identifiers, thread states, corresponding code and data addresses of threads, resource lists of threads, priorities of threads, CPU context saving information, signals for communication between threads, and the like. When it is determined to be in the user mode, at block 312, the user plane memory is dumped. That is, save the data in the address space of the user address as a file. Since different users have different address spaces, at block 314, the same user plane address space is constructed. Thus, when analyzing user-level programs, all user-level programs have a unified address space. Then, at block 316, a user plane thread control block 316 is obtained. Similarly, user-plane thread control block descriptions correspond to user-level threads.
在获取到经转储的内存数据和对应的线程控制块之后,在框318,执行反向backtrace方法。如上所述,根据本公开的实施例的反向backtrace方法能够在CPU挂死的情况下获取函数调用信息。在框320,记录函数调用信息。函数调用信息可以被用于定位程序发生问题的位置和原因。After obtaining the dumped memory data and the corresponding thread control block, at block 318, a reverse backtrace method is executed. As mentioned above, the reverse backtrace method according to the embodiment of the present disclosure can obtain function call information when the CPU hangs. At block 320, function call information is logged. Function call information can be used to locate where and why a program fails.
以下参照图4至图10描述根据本公开的实施例的反向backtrace方法。在描述反向backtrace方法之前说明线程数据是如何存储在内存中是有帮助的。线程的地址空间包括与该线程有关的代码段、符号起始块(BSS)段、数据段、堆、栈等。同一进程的多个线程可以共享代码段、符号起始块(BSS)段、数据段、堆。代码段也被称为文本段,指代用于存放程序执行代码(例如汇编代码)的内存区域。这部分区域的地址范围和大小在程序运行前就已经确定。在进程或线程中被执行的函数的代码被存储在代码段段中,并且具有各自的地址范围。BSS段是用来存放程序中未初始化的全局变量的一块内存区域。数据段是用来存放程序中已初始化的全局变量的一块内存区域。BSS段和数据段属于静态内存分配。堆是用于存放进程或线程运行中被动态分配的内存段,它的大小并不固定,可以动态扩张或缩减。栈用于存储程序运行时和函数调用信息和临时创建的局部变量。A reverse backtrace method according to an embodiment of the present disclosure is described below with reference to FIGS. 4 to 10 . Before describing the reverse backtrace method, it is helpful to explain how thread data is stored in memory. The address space of a thread includes the code segment, symbol start block (BSS) segment, data segment, heap, stack, etc. related to the thread. Multiple threads of the same process can share the code segment, symbol start block (BSS) segment, data segment, and heap. The code segment is also called a text segment, and refers to a memory area used to store program execution code (such as assembly code). The address range and size of this part of the area have been determined before the program runs. Codes of functions executed in a process or a thread are stored in a code segment segment and have respective address ranges. The BSS segment is a memory area used to store uninitialized global variables in the program. The data segment is a memory area used to store initialized global variables in the program. BSS segment and data segment belong to static memory allocation. The heap is used to store a dynamically allocated memory segment during the running of a process or thread. Its size is not fixed and can be dynamically expanded or reduced. The stack is used to store program runtime and function call information and temporarily created local variables.
图4示出了根据本公开的实施例的线程的调用栈的示例示意图。在一些实施例中,调用栈400按照从高地址到低地址的方向可以包括用于存储命令行参数和环境变量的区域410和栈帧区420。FIG. 4 shows an example diagram of a call stack of a thread according to an embodiment of the present disclosure. In some embodiments, the call stack 400 may include an area 410 for storing command line parameters and environment variables and a stack frame area 420 according to the direction from high address to low address.
调用栈的最高地址的位置可以被称为栈底401,最低地址的位置可以被称为栈顶402。根据体系结构的不同,区域410可以具有不同的大小,例如,200个字节。在一些实施例中,CPU的中一个寄存器可以保存调用栈的栈顶402的栈地址,该寄存器可以被称为栈顶指针。The location of the highest address of the call stack may be referred to as the stack bottom 401 , and the location of the lowest address may be referred to as the stack top 402 . Depending on the architecture, region 410 may have a different size, eg, 200 bytes. In some embodiments, a register of the CPU may store the stack address of the top 402 of the call stack, and this register may be called a stack top pointer.
在区域410之后的栈帧区420中存储有线程的函数的栈帧。在线程的执行过程中,每当调用函数时,按照从高地址到低地址的方向,为被调用的函数分配栈帧。函数被调用时,根据被调用函数的代码,为该函数分配适当大小的栈帧。作为示例,该线程的栈帧区420包括作为根函数的A函数的栈帧422。当A函数调用B函数时,在A的栈帧422的下方,即更低 的地址范围内,分配B函数的栈帧。类似地,当B函数进一步调用其他函数时,将在B函数的栈帧的下方,分配被调用函数的栈帧,以此类推,直到叶子函数的栈帧426。叶子函数是指未调用任何其他函数的函数。可以看出,当迭代地产生函数调用时,线程的调用栈400是从高地址向低地址生长的。也就是说,栈顶指针所存储的栈顶地址向下生长。待到调用结束后,调用栈中的栈帧也会被依次回收。因此,栈具有先进先出的特点,可以用于保存/恢复调用现场。The stack frame of the function of the thread is stored in the stack frame area 420 following the area 410 . During the execution of the thread, whenever a function is called, a stack frame is allocated for the called function in the direction from high address to low address. When a function is called, a stack frame of an appropriate size is allocated for the function according to the code of the called function. As an example, the thread's stack frame area 420 includes a stack frame 422 of the A function as the root function. When the A function calls the B function, the stack frame of the B function is allocated below the stack frame 422 of A, that is, in a lower address range. Similarly, when the B function further calls other functions, the stack frame of the called function will be allocated below the stack frame of the B function, and so on until the stack frame 426 of the leaf function. A leaf function is a function that does not call any other functions. It can be seen that when function calls are generated iteratively, the thread's call stack 400 grows from high addresses to low addresses. That is to say, the top address of the stack stored by the top pointer of the stack grows downward. After the call ends, the stack frames in the call stack will be recycled in turn. Therefore, the stack has the characteristics of first-in-first-out and can be used to save/restore the call site.
提供以下示例性代码,并结合图5来描述调用栈400的示例性布局。The following exemplary code is provided, and an exemplary layout of the call stack 400 is described in conjunction with FIG. 5 .
Figure PCTCN2022111410-appb-000001
Figure PCTCN2022111410-appb-000001
上述示例性代码描述了在线程的执行过程中A函数调用B函数,B函数调用C函数的过程。图5示出了根据本公开的实施例的调用栈500的更详细的示意图。The above exemplary codes describe the process in which the A function calls the B function and the B function calls the C function during the execution of the thread. FIG. 5 shows a more detailed schematic diagram of a call stack 500 according to an embodiment of the present disclosure.
在函数A被执行时,从调用栈500的高地址处分配A函数的栈帧510,并且根据操作***的具体实现方式在栈帧中存储数据。在一些实施例中,栈帧514的大小可以A函数的代码 中由编译器指定。例如,A函数的汇编代码的第一条代码可以指定栈帧大小,并且将调用栈500的栈顶指针修改为指向栈帧514的顶部。在本文中,栈帧的顶部地址也被称为该栈帧的栈地址(FP)。When function A is executed, the stack frame 510 of the function A is allocated from the high address of the call stack 500, and data is stored in the stack frame according to the specific implementation of the operating system. In some embodiments, the size of the stack frame 514 may be specified by the compiler in the code of the A function. For example, the first code of the assembly code of function A may specify the size of the stack frame, and modify the top pointer of the call stack 500 to point to the top of the stack frame 514 . In this paper, the top address of a stack frame is also referred to as the stack address (FP) of the stack frame.
如图所示,A函数的栈帧510包括A函数的局部变量区514,局部变量区514包括A函数中声明的变量int a_s3、int a_s2、int a_s1。根据操作***的应用程序二进制接口(ABI),将在后声明的变量int a_s3压入调用栈500,然后压入int a_s2和int a_s1。栈帧514还包括514还包括参数传递区516。在一些实施例中,当调用B函数,例如执行到内存中的跳转指令时,调用参数1和2可以被压入调用栈500,根据ABI,在后的参数2被先压入调用栈500,然后压入参数1。参数传递区516中的参数1和2可以被函数B的代码访问。As shown in the figure, the stack frame 510 of the A function includes a local variable area 514 of the A function, and the local variable area 514 includes the variables int a_s3, int a_s2, and int a_s1 declared in the A function. According to the Application Binary Interface (ABI) of the operating system, the variable int a_s3 declared later is pushed into the call stack 500, followed by int a_s2 and int a_s1. The stack frame 514 also includes 514 and a parameter passing area 516 . In some embodiments, when calling the B function, such as executing a jump instruction in the memory, the call parameters 1 and 2 can be pushed into the call stack 500, and according to the ABI, the latter parameter 2 is pushed into the call stack 500 first , and push parameter 1. Parameters 1 and 2 in the parameter transfer area 516 can be accessed by the code of function B.
在一些实施例中,跳转到B函数的代码时,在调用栈500中分配B函数的栈帧520。类似地,B函数的栈帧大小可以在A函数的汇编代码的第一条代码由编译器指定,相应地,栈顶指针更新为栈帧520的栈地址。在一些实施例中,由于B函数被A函数调用,所以首先在栈帧520中存储A函数的执行环境,即CPU的寄存器数据。如图所示,A函数的执行环境被存储在栈帧520的调用信息区522。In some embodiments, when jumping to the code of the B function, the stack frame 520 of the B function is allocated in the call stack 500 . Similarly, the size of the stack frame of the B function can be specified by the compiler in the first code of the assembly code of the A function, and correspondingly, the stack top pointer is updated to the stack address of the stack frame 520 . In some embodiments, because the function B is called by the function A, the execution environment of the function A, that is, the register data of the CPU, is first stored in the stack frame 520 . As shown in the figure, the execution environment of function A is stored in the call information area 522 of the stack frame 520 .
在一些实施例中,调用信息区522包括调用后的返回地址、调用函数的栈帧的栈地址和其他要保存的寄存器。返回地址可以来源于CPU的特定寄存器,该特定寄存器存储当前执行指令(例如,存储在PC寄存器中)的下一条指令的地址(例如,在ARM体系结构中,LR寄存器)。参照上述示例代码,调用B函数的下一条代码是“Printf(“A\n”)”,因此,存储在该特定寄存器中的Printf(“A\n”)的代码的地址被压入栈帧520。如上所述,栈顶指针寄存器存储调用栈500的栈顶地址。此时,调用栈500的栈顶地址等于栈帧510的栈地址。因此,通过将栈顶指针压入栈帧520,在调用信息区522存储了A函数的栈帧地址FP,如图中的箭头所示。此外,根据具体实现,可以将其他寄存器数据压入调用信息区522。In some embodiments, the call information area 522 includes the return address after the call, the stack address of the stack frame of the calling function, and other registers to be saved. The return address may be derived from a specific register of the CPU that stores the address of the next instruction (eg, in the ARM architecture, the LR register) to the instruction next to the currently executing instruction (eg, stored in the PC register). Referring to the above example code, the next line of code that calls the B function is "Printf("A\n")", therefore, the address of the code for Printf("A\n") stored in that particular register is pushed onto the stack frame 520. As mentioned above, the top pointer register stores the address of the top of the call stack 500 . At this time, the stack top address of the call stack 500 is equal to the stack address of the stack frame 510 . Therefore, by pushing the stack top pointer into the stack frame 520, the stack frame address FP of the A function is stored in the call information area 522, as shown by the arrow in the figure. In addition, other register data may be pushed into the call information area 522 according to specific implementations.
类似地,栈帧520还包括局部变量区524和参数传递区526。它们的内容和生成方式与A的栈帧510类似,在此不再赘述。Similarly, the stack frame 520 also includes a local variable area 524 and a parameter passing area 526 . Their contents and generation methods are similar to the stack frame 510 of A, and will not be repeated here.
根据如上代码,B函数还调用了C函数。C函数的栈帧530的内容和生成方式与B函数的栈帧520类似,在此也不再赘述。需要注意的是,上述示例代码中的C函数未调用任何其他函数。因此在栈帧530包括调用信息区532和局部变量区534,不包含调用参数区526(以虚线表示)。According to the above code, the B function also calls the C function. The content and generation method of the stack frame 530 of the C function are similar to the stack frame 520 of the B function, and will not be repeated here. It should be noted that the C function in the above sample code does not call any other functions. Therefore, the stack frame 530 includes the call information area 532 and the local variable area 534, but does not include the call parameter area 526 (indicated by a dotted line).
图6示出了根据本公开的实施例的用于获取函数调用信息的过程600的示意流程图。通过执行过程600,可以实现反向backtrace方法,获取函数调用信息。FIG. 6 shows a schematic flowchart of a process 600 for obtaining function call information according to an embodiment of the present disclosure. By executing the process 600, a reverse backtrace method can be implemented to obtain function call information.
在框610,从调用栈中获取第一调用返回地址,第一调用返回地址在第一函数(例如A函数)的代码的地址范围内。在一些实施例中,内存中的调用栈已经被转储,并且通过使用线程控制块来获取到调用栈的栈底地址。应理解,代码段存储了线程的所有函数的代码。因此,函数调用的返回地址在代码段的地址范围内。可以通过扫描调用栈来获取该第一调用返回地址,参考图7和图8描述。In block 610, the return address of the first call is obtained from the call stack, and the return address of the first call is within the address range of the code of the first function (for example, function A). In some embodiments, the call stack in memory has been dumped, and the bottom address of the call stack is obtained by using a thread control block. It should be understood that the code segment stores codes of all functions of the thread. Therefore, the return address of the function call is within the address range of the code segment. The return address of the first call can be obtained by scanning the call stack, which is described with reference to FIG. 7 and FIG. 8 .
图7示出了根据本公开的实施例的用于获取调用返回地址的过程700的示意流程图。图8示出了根据本公开的实施例的结合代码段来解析调用栈的示意图。FIG. 7 shows a schematic flowchart of a process 700 for obtaining a call return address according to an embodiment of the present disclosure. Fig. 8 shows a schematic diagram of parsing a call stack in combination with code segments according to an embodiment of the present disclosure.
在框710,在调用栈810中查找在代码段820的地址范围内的第一地址。参照图8,调用栈810从高地址到低地址依次包括第一函数的栈帧802和第二函数的栈帧804。尽管图8未 示出,调用栈810还可以包括更多的函数的栈帧。在一些实施例中,第一函数是调用栈810中的根函数,从根函数的栈帧802开始来查找在代码段的地址范围内的地址。根函数的栈帧802位于栈帧区的底部。At block 710 , a first address within the address range of code segment 820 is looked up in call stack 810 . Referring to FIG. 8 , the call stack 810 sequentially includes a stack frame 802 of a first function and a stack frame 804 of a second function from a high address to a low address. Although not shown in FIG. 8, call stack 810 may also include stack frames for more functions. In some embodiments, the first function is the root function in the call stack 810, starting from the root function's stack frame 802 to find addresses within the address range of the code segment. The stack frame 802 of the root function is located at the bottom of the stack frame area.
如上所述,在栈帧底部和栈帧区之间包括命令行和环境变量809。在一些实施例中,从相对于调用栈的栈底地址的预定偏移处801开始,从高地址到低地址在调用栈中查找在代码段的地址范围内的第一地址。由此,可以跨过命令行和环境变量809,从栈帧802的底部(即最高地址处)开始查找。栈底地址可以从线程控制块获取,因而可以从调用栈的栈底开始查找函数调用的返回地址,所以不需要CPU的寄存器数据。As mentioned above, command line and environment variables 809 are included between the bottom of the stack frame and the stack frame area. In some embodiments, starting at a predetermined offset 801 relative to the bottom address of the call stack, the call stack is searched for a first address within the address range of the code segment from a high address to a low address. Thus, the search can be started from the bottom of the stack frame 802 (that is, the highest address) across the command line and the environment variable 809 . The bottom address of the stack can be obtained from the thread control block, so the return address of the function call can be searched from the bottom of the call stack, so the register data of the CPU is not needed.
当查找到位于代码段820的地址范围内的地址时,可以检查该地址是否为函数调用的返回地址。在框720,判断第一地址处的代码的上一条代码是否为跳转指令。如果上一条代码不是跳转指令,表明查找到的第一地址不是函数调用的返回地址,继续查找。When an address within the address range of the code segment 820 is found, it may be checked whether the address is a return address of a function call. In block 720, it is determined whether the previous code of the code at the first address is a jump instruction. If the previous code is not a jump instruction, it indicates that the first address found is not the return address of the function call, and the search is continued.
如果上一条代码是跳转指令,表明查找到的第一地址是函数调用的返回地址,则在框730,可以获取第一地址作为第一调用返回地址。作为示例,如图8所示,在调用栈810查找到的位于代码段820内的地址,该地址指向Printf(“A\n”)的汇编代码821。这时,可以对查找到地址进行偏移,例如,减4(即地址为4字节数据)以定位到上一个代码822。代码822为跳转到第二函数的代码,因此,在调用栈810中查找到的地址可以被确定为第一调用返回地址806。如果上一条代码不是跳转指令,则查找到的地址不是函数调用返回地址。If the previous code is a jump instruction, indicating that the found first address is the return address of the function call, then in block 730, the first address may be obtained as the return address of the first call. As an example, as shown in FIG. 8 , the address located in the code segment 820 found in the call stack 810 points to the assembly code 821 of Printf("A\n"). At this time, the found address can be offset, for example, minus 4 (that is, the address is 4 bytes of data) to locate the previous code 822 . The code 822 is the code to jump to the second function, therefore, the address found in the call stack 810 can be determined as the return address 806 of the first call. If the previous code is not a jump instruction, the found address is not the function call return address.
通过图7所示的方法700,以此方式,能够检验从调用栈获取的第一地址是否属于函数调用的返回地址,从而提高了可靠性和健壮性。Through the method 700 shown in FIG. 7 , in this way, it can be checked whether the first address obtained from the call stack belongs to the return address of the function call, thereby improving reliability and robustness.
继续参考图6,在框620,基于第一调用返回地址806,在第一函数的代码中确定第一调用代码822,该第一调用代码822指示由第一函数调用第二函数。在一些实施例中,可以将返回地址处的代码的上一条代码确定为第一函数调用第二函数的代码822。Continuing with FIG. 6 , at block 620 , based on the first call return address 806 , a first call code 822 is determined in the code of the first function, the first call code 822 indicating that the second function was called by the first function. In some embodiments, the previous code of the code at the return address may be determined as the code 822 in which the first function calls the second function.
在框630,从第一调用代码822获取第二函数的代码的起始地址。第一调用代码822包括第二函数的起始代码在代码段中的存储地址。通过解析第一函数调用第二函数的代码可以获取被调函数的代码的起始地址。由此,可以确定第一函数调用第二函数的函数调用信息。At block 630 , the starting address of the code of the second function is obtained from the first calling code 822 . The first call code 822 includes the storage address in the code segment of the start code of the second function. The start address of the code of the called function can be obtained by analyzing the code of the first function calling the second function. Thus, the function call information that the first function calls the second function can be determined.
在一些实施例中,可以使用第一调用返回地址从符号表获取第一函数的标识,并且使用所述第二函数的代码的起始地址从符号表830获取第二函数的标识。符号表830是由编译器生成的,包括程序源代码中的每个标识符和相关联的信息,例如数据类型、作用域以及内存地址。可以使用第一调用返回地址806从符合表830查询到第一函数的标识及其代码的内存地址范围,这是因为第一调用返回地址在第一函数的代码的地址范围内。同样,也可以使用第二函数的代码的起始地址从获取第二函数的标识及其代码的内存地址范围。In some embodiments, the identifier of the first function may be obtained from the symbol table using the return address of the first call, and the identifier of the second function may be obtained from the symbol table 830 using the start address of the code of the second function. The symbol table 830 is generated by the compiler and includes each identifier in the program source code and associated information, such as data type, scope, and memory address. The identifier of the first function and the memory address range of the code thereof can be queried from the matching table 830 by using the first call return address 806, because the first call return address is within the address range of the code of the first function. Similarly, the start address of the code of the second function may also be used to obtain the identifier of the second function and the memory address range of the code thereof.
在一些实施例中,可以呈现第一函数的标识、第二函数的标识以及第一函数调用第二函数的代码的存储地址。由此,可以帮助定位程序出错的原因。In some embodiments, an identification of the first function, an identification of the second function, and a storage address of code where the first function calls the second function may be presented. Thus, it can help to locate the cause of the program error.
在一些实施例中,还可以迭代地解析调用栈810以获取进一步的函数调用信息。为此,需要确定第二函数是否进一步调用了第三函数,即,确定第二函数是否为叶子函数。In some embodiments, the call stack 810 may also be iteratively parsed to obtain further function call information. Therefore, it is necessary to determine whether the second function further calls the third function, that is, determine whether the second function is a leaf function.
图9示出了根据本公开的实施例的用于确定函数是否为叶子函数的过程900的示意流程图。如图8所示,调用栈810包括第一函数的栈帧802和第二函数的栈帧804,第二函数的栈帧804包括第一调用返回地址806和第一栈帧的栈地址808。应理解,根据函数调用的压栈过程,如果第二函数调用了其他函数,例如第三函数,则在第三函数的栈帧的信息区中存 储有第二函数调用第三函数的返回地址816,并且存储有第二函数的栈帧804的栈地址818,其中返回地址816在第二函数的代码段的地址范围内。在这种情况下,取决于操作***的具体实现,在第二栈帧804后的第三栈帧814中特定位置处存储有上述信息。FIG. 9 shows a schematic flowchart of a process 900 for determining whether a function is a leaf function according to an embodiment of the present disclosure. As shown in FIG. 8 , the call stack 810 includes a stack frame 802 of the first function and a stack frame 804 of the second function, and the stack frame 804 of the second function includes a return address 806 of the first call and a stack address 808 of the first stack frame. It should be understood that, according to the push process of the function call, if the second function calls other functions, such as the third function, then the return address 816 of the second function calling the third function is stored in the information area of the stack frame of the third function , and store the stack address 818 of the stack frame 804 of the second function, wherein the return address 816 is within the address range of the code segment of the second function. In this case, depending on the specific implementation of the operating system, the above information is stored at a specific location in the third stack frame 814 after the second stack frame 804 .
在框910,确定相对于第二栈帧804的栈地址的第一栈地址处是否存在位于第二函数的代码的地址范围内的第二地址。例如,取决于操作***的具体实现,可以在紧邻着第二栈帧804,即,第三函数的栈帧814的前4个字节存储第二地址。在一些实施例中,也可以在相对于第二栈帧804的栈地址的其他偏移位置处,例如,在第二栈帧804的栈地址之后第5至8个字节存储该第二地址,本公开对此不做限制。At block 910 , it is determined whether there is a second address within the address range of code of the second function at the first stack address relative to the stack address of the second stack frame 804 . For example, depending on the specific implementation of the operating system, the second address may be stored in the first 4 bytes immediately adjacent to the second stack frame 804, that is, the stack frame 814 of the third function. In some embodiments, the second address may also be stored at other offset positions relative to the stack address of the second stack frame 804, for example, the second address is stored in the 5th to 8th bytes after the stack address of the second stack frame 804 , which is not limited in the present disclosure.
如果在第一栈地址处不存在这样的第二地址,则表明第二栈帧804之后没有其他函数的栈帧,即,第二函数没有调用第三函数,是叶子函数,因此不需要继续解析调用栈。如果存在这样的第二地址,在框920,确定在相对于第二栈帧804的栈地址的的第二栈地址处是否存在第二栈帧的栈地址。例如,取决于操作***的具体实现,可以在第二栈帧804之后的第5至8个字节存储第二栈帧804的栈地址。在一些实施例中,也可以在相对于第二栈帧804的栈地址的其他偏移处存储第二栈帧804的栈地址,例如,在第二栈帧804的栈地址之后第1至4个字节存储第二栈帧804的栈地址,本公开对此不做限制。If there is no such second address at the first stack address, it indicates that there are no stack frames of other functions after the second stack frame 804, that is, the second function does not call the third function and is a leaf function, so it is not necessary to continue parsing call stack. If such a second address exists, at block 920 it is determined whether the stack address of the second stack frame exists at the second stack address relative to the stack address of the second stack frame 804 . For example, depending on the specific implementation of the operating system, the stack address of the second stack frame 804 may be stored in the 5th to 8th bytes after the second stack frame 804 . In some embodiments, the stack address of the second stack frame 804 may also be stored at other offsets relative to the stack address of the second stack frame 804, for example, the 1st to 4th after the stack address of the second stack frame 804 bytes store the stack address of the second stack frame 804, which is not limited in the present disclosure.
如果在该第二栈地址处不存在这样的栈地址,则表明第二函数没有调用第三函数,是叶子函数,不需要继续解析调用栈。如果存在这样的栈地址,进一步地,在框930,确定第二地址处的代码的上一条代码是否为跳转指令。该步骤与框720描述的操作类似,不再赘述。If there is no such stack address at the second stack address, it indicates that the second function does not call the third function, it is a leaf function, and there is no need to continue parsing the call stack. If there is such a stack address, further, at block 930, it is determined whether a code preceding the code at the second address is a jump instruction. This step is similar to the operation described in block 720 and will not be repeated here.
如果该上一条代码不是跳转指令,表明第二地址不是函数调用的返回地址,第二函数是叶子函数,不需要继续解析调用栈。如果上一条代码是跳转指令,表明查找到的第二地址是函数调用的返回地址,则在框940,确定第二函数调用第三函数,并且获取第二地址作为第二调用返回地址。If the previous code is not a jump instruction, it indicates that the second address is not the return address of the function call, and the second function is a leaf function, so there is no need to continue parsing the call stack. If the previous code is a jump instruction, indicating that the found second address is the return address of the function call, then at block 940, determine that the second function calls the third function, and obtain the second address as the return address of the second call.
图10示出了根据本公开的实施例的用于进一步获取函数调用信息的过程1000的示意流程图。响应于被调用的函数(例如第二函数)进一步调用其他函数(例如第三函数),进一步迭代地解析调用栈。FIG. 10 shows a schematic flowchart of a process 1000 for further obtaining function call information according to an embodiment of the present disclosure. The call stack is further iteratively parsed in response to the called function (eg, the second function) further calling other functions (eg, the third function).
在框1010,基于第二栈帧804的栈地址,从第三函数的第三栈帧814中获取第二调用返回地址816,第二调用返回地址在第二函数的代码的地址范围内。At block 1010, based on the stack address of the second stack frame 804, a second call return address 816 is obtained from the third stack frame 814 of the third function, the second call return address being within the address range of the code of the second function.
在一些实施例中,第二栈帧804的栈地址可以通过从第一栈帧802的栈地址减去第二栈帧的大小来得到第二栈帧804的栈地址。参考图8,第一返回调用地址806和第一栈帧的栈地址是相邻存储的,或者根据操作***的具体实现而相隔预定偏移。因此,可以基于调用栈中存储第一调用返回地址806的栈地址,从第二栈帧804获取第一栈帧的栈地址808。另外,第二栈帧804的大小可以基于第二函数的代码来确定。具体地,使用在框630已经获取的第二函数的代码的起始地址,从符号表830获取到第二函数的代码的地址范围。在一些实施例中,在代码段中的函数的起始代码包括栈帧分配代码,栈帧分配代码包括栈帧大小。由此,可以基于第二函数的代码的起始地址,获取第二栈帧804的大小。由此,通过从第一栈帧的栈地址减去第二栈帧的大小来得到第二栈帧的栈地址。In some embodiments, the stack address of the second stack frame 804 can be obtained by subtracting the size of the second stack frame from the stack address of the first stack frame 802 to obtain the stack address of the second stack frame 804 . Referring to FIG. 8, the first return call address 806 and the stack address of the first stack frame are stored adjacently, or separated by a predetermined offset according to the specific implementation of the operating system. Therefore, the stack address 808 of the first stack frame can be obtained from the second stack frame 804 based on the stack address storing the first call return address 806 in the call stack. Additionally, the size of the second stack frame 804 may be determined based on the code of the second function. Specifically, the address range to the code of the second function is obtained from the symbol table 830 by using the start address of the code of the second function already obtained in block 630 . In some embodiments, the start code of the function in the code segment includes stack frame allocation code, and the stack frame allocation code includes the stack frame size. Thus, the size of the second stack frame 804 can be obtained based on the start address of the code of the second function. Thus, the stack address of the second stack frame is obtained by subtracting the size of the second stack frame from the stack address of the first stack frame.
参考图8,根据第二栈帧的栈地址,就能访问到第三栈帧的调用信息区,包括第三函数被第二函数调用后的返回地址,即第二调用返回地址816,以及第二栈帧的栈地址818。Referring to FIG. 8, according to the stack address of the second stack frame, the call information area of the third stack frame can be accessed, including the return address of the third function after being called by the second function, that is, the return address of the second call 816, and the return address of the second call. The stack address of the second stack frame is 818.
与方法600的框620类似,在框1020,基于第二调用返回地址,在第二函数的代码中确 定由第二函数调用第三函数的代码。Similar to block 620 of method 600, at block 1020, based on the second call return address, it is determined in the code of the second function that the code of the third function is called by the second function.
与方法600的框630类似,在框1030,从调用第三函数的代码获取第三函数的代码的起始地址。由此,通过解析调用栈,进一步获取了第二函数调用第三函数的调用信息。Similar to block 630 of method 600, at block 1030, the starting address of the code of the third function is obtained from the code calling the third function. Thus, by analyzing the call stack, the call information of the second function calling the third function is further obtained.
然后,在框1040,确定第三函数是否是叶子函数。确定第三函数是为叶子函数的方式与参考图9描述的方法类似,在此不再赘述。Then, at block 1040, it is determined whether the third function is a leaf function. The manner of determining that the third function is a leaf function is similar to the method described with reference to FIG. 9 , and will not be repeated here.
如果确定第三函数是叶子函数,则在框1050,完成解析得到函数调用信息。如果确定第三函数不是叶子函数,即,调用了第四函数,则方法1000可以被迭代地执行,直到解析到没有进一步的函数调用为止。If it is determined that the third function is a leaf function, then at block 1050, complete parsing to obtain function call information. If it is determined that the third function is not a leaf function, that is, the fourth function is called, the method 1000 may be executed iteratively until no further function calls are resolved.
在一些实施例中,可以使用解析得到的函数的代码的地址,从符号表获取这些函数的标识。在一些实施例中,还可以通过调用返回地址来获取到发生调用的位置、以及所有函数的代码段的地址和大小等信息。通过向用户呈现这些信息,可以帮助定位程序出错的位置和原因。In some embodiments, the addresses of the codes of the parsed functions can be used to obtain the identifiers of these functions from the symbol table. In some embodiments, information such as the location where the call occurs and the addresses and sizes of the code segments of all functions can also be obtained through the return address of the call. By presenting this information to the user, it can help locate where and why the program went wrong.
以上参考图3至图10描述了根据本公开的实施例的获取函数调用信息的方法。相比于以CPU核的寄存器数据作为入口数据来获取函数调用信息的传统方法,本公开提供的方法不需要CPU核的寄存器数据就能够获取函数调用信息,因此适用于在CPU核挂死而无法访问寄存器数据的情况下定位程序出错的原因。The method for acquiring function call information according to an embodiment of the present disclosure has been described above with reference to FIGS. 3 to 10 . Compared with the traditional method of obtaining function call information by using the register data of the CPU core as the entry data, the method provided by the present disclosure can obtain the function call information without the register data of the CPU core, so it is suitable for when the CPU core hangs and cannot Locate the cause of the program error when accessing register data.
图11示出了根据本公开的实施例的用于获取函数调用信息的装置1100的示意框图。装置1100包括第一调用返回地址获取单元1110、调用代码确定单元1120和被调函数代码地址获取单元1130。Fig. 11 shows a schematic block diagram of an apparatus 1100 for acquiring function call information according to an embodiment of the present disclosure. The apparatus 1100 includes a first call return address obtaining unit 1110 , a calling code determining unit 1120 and a called function code address obtaining unit 1130 .
第一调用返回地址获取单元1110被配置用于从调用栈中获取第一调用返回地址,第一调用返回地址在第一函数的代码的地址范围内。调用代码确定单元1120被配置用于基于第一调用返回地址在第一函数的代码中确定第一调用代码,第一调用代码指示由第一函数调用第二函数。被调函数代码地址获取单元1130被配置用于从第一调用代码中获取第二函数的代码的起始地址。The first call return address obtaining unit 1110 is configured to obtain the first call return address from the call stack, and the first call return address is within the address range of the code of the first function. The call code determining unit 1120 is configured to determine a first call code in the code of the first function based on the first call return address, the first call code indicates that the second function is called by the first function. The called function code address obtaining unit 1130 is configured to obtain the start address of the code of the second function from the first calling code.
在一些实施例中,第一调用返回地址获取单元1110还可以被配置用于:在调用栈中查找在代码段的地址范围内的第一地址,该代码段包括第一函数和第二函数的代码;确定第一地址处的代码的上一条代码是否为跳转指令;以及当确定该上一条代码为跳转指令时,获取该第一地址作为第一调用返回地址。In some embodiments, the first call return address obtaining unit 1110 may also be configured to: search the call stack for the first address within the address range of the code segment, the code segment including the first function and the second function code; determine whether a previous code of the code at the first address is a jump instruction; and when it is determined that the previous code is a jump instruction, obtain the first address as a first call return address.
在一些实施例中,第一调用返回地址获取单元1110还可以被配置用于:从相对于调用栈的栈底地址的预定偏移处开始,从高地址到低地址在调用栈中查找在代码段的地址范围内的第一地址。In some embodiments, the first call return address obtaining unit 1110 can also be configured to: start from a predetermined offset relative to the stack bottom address of the call stack, and search the code in the call stack from a high address to a low address The first address in the segment's address range.
在一些实施例中,调用栈包括第一函数的第一栈帧和第二函数的第二栈帧,第二栈帧包括相邻存储的第一调用返回地址和第一栈帧的栈地址。装置1100还可以包括函数调用确定单元,该函数调用单元被配置用于确定第二函数是否调用了第三函数。该装置还可以包括第二调用地址返回单元,该第二调用地址返回单元被配置用于当确定第二函数调用了第三函数时,基于第二栈帧的栈地址,从第三函数的第三栈帧中获取第二调用返回地址,第二调用返回地址在第二函数的代码的地址范围内;基于第二调用返回地址,在第二函数的代码中确定第二调用代码,第二调用代码指示由第二函数调用第三函数;以及从第二调用代码获取所述第三函数的代码的起始地址。In some embodiments, the call stack includes a first stack frame of the first function and a second stack frame of the second function, and the second stack frame includes adjacently stored first call return address and stack address of the first stack frame. The apparatus 1100 may further include a function call determining unit configured to determine whether the second function calls the third function. The device may further include a second call address returning unit configured to, when it is determined that the second function calls the third function, based on the stack address of the second stack frame, from the first Obtain the return address of the second call in the three stack frames, and the return address of the second call is within the address range of the code of the second function; based on the return address of the second call, determine the second call code in the code of the second function, and the second call The code indicates that the third function is called by the second function; and the starting address of the code of the third function is obtained from the second calling code.
在一些实施例中,函数调用确定单元还可以被配置用于:确定在相对于所述第二栈帧的栈地址的第一栈地址处是否存在位于第二函数的代码的地址范围内的第二地址、并且在相对于所述第二栈帧的栈地址的第二栈帧地址处是否存在第二栈帧的栈地址;如果第一栈地址处存在该第二地址并且第二栈地址处存在第二栈帧的栈地址,确定该第二地址处的代码的上一条代码是否为跳转指令;以及如果该上一条代码为跳转指令,确定第二函数调用了第三函数并且获取第二地址作为第二调用返回地址。In some embodiments, the function call determination unit may also be configured to: determine whether there is a first stack address within the address range of the code of the second function at the first stack address relative to the stack address of the second stack frame Two addresses, and whether there is a stack address of the second stack frame at the second stack frame address relative to the stack address of the second stack frame; if the second address exists at the first stack address and at the second stack address There is a stack address of the second stack frame, determining whether the last code of the code at the second address is a jump instruction; and if the last code is a jump instruction, determining that the second function calls the third function and obtaining the first The second address is used as the return address of the second call.
在一些实施例中,装置1100还可以包括栈帧地址确定单元。栈帧地址确定单元可以被配置用于:基于调用栈中存储的第一调用返回地址的栈地址,从第二栈帧中获取第一栈帧的栈地址;基于第二函数的代码的起始地址,获取第二栈帧的大小;以及基于第一栈帧的栈地址和第二栈帧的大小,确定第二栈帧的栈地址。In some embodiments, the apparatus 1100 may further include a stack frame address determination unit. The stack frame address determination unit may be configured to: obtain the stack address of the first stack frame from the second stack frame based on the stack address of the first call return address stored in the call stack; based on the start of the code of the second function address, acquiring the size of the second stack frame; and determining the stack address of the second stack frame based on the stack address of the first stack frame and the size of the second stack frame.
在一些实施例中,装置1100还可以包括函数标识确定单元,函数标识确定单元可以被配置用于:使用第一调用返回地址从符号表获取第一函数的标识;以及使用第二函数的代码的起始地址从符号表获取第二函数的标识。In some embodiments, the apparatus 1100 may further include a function identification determination unit, and the function identification determination unit may be configured to: use the first call return address to obtain the identification of the first function from the symbol table; and use the code of the second function The start address obtains the identity of the second function from the symbol table.
在一些实施例中,装置1100还可以包括呈现单元,呈现单元可以被配置用于呈现以下至少一项:第一函数的标识,第二函数的标识,以及指示第一函数调用第二函数的第一调用代码的存储地址。In some embodiments, the apparatus 1100 may further include a presentation unit configured to present at least one of the following: an identifier of the first function, an identifier of the second function, and a first function indicating that the first function calls the second function - The storage address of the calling code.
图12示出了可以用来实施本公开的实施例的示例设备1200的示意性框图。设备1200可以用于实现如图3、图6、图7、图9、图10所示的过程以及如图11所示的装置。如图所示,设备1200包括中央处理单元(CPU)1201,中央处理单元1201可以包括多个核,每个核可以根据存储在只读存储器(ROM)1202中的计算机程序指令或者从存储单元1208加载到随机访问存储器(RAM)1203中的计算机程序指令,来执行各种适当的动作和处理。在RAM 1203中,还可存储设备1200操作所需的各种程序和数据。CPU 1201、ROM 1202以及RAM 1203通过总线1204彼此相连。输入/输出(I/O)接口1205也连接至总线1204。FIG. 12 shows a schematic block diagram of an example device 1200 that may be used to implement embodiments of the present disclosure. The device 1200 may be used to implement the processes shown in FIG. 3 , FIG. 6 , FIG. 7 , FIG. 9 , and FIG. 10 and the apparatus shown in FIG. 11 . As shown, the device 1200 includes a central processing unit (CPU) 1201, which may include a plurality of cores, each of which may be programmed according to computer program instructions stored in a read-only memory (ROM) 1202 or from a storage unit 1208. Computer program instructions loaded into random access memory (RAM) 1203 to perform various appropriate actions and processes. In the RAM 1203, various programs and data necessary for the operation of the device 1200 can also be stored. The CPU 1201, ROM 1202, and RAM 1203 are connected to each other through a bus 1204. An input/output (I/O) interface 1205 is also connected to the bus 1204 .
设备1200中的多个部件连接至I/O接口1205,包括:输入单元1206,例如键盘、鼠标等;输出单元1207,例如各种类型的显示器、扬声器等;存储单元1208,例如磁盘、光盘等;以及通信单元1209,例如网卡、调制解调器、无线通信收发机等。通信单元1209允许设备1200通过诸如因特网的计算机网络和/或各种电信网络与其他设备交换信息/数据。Multiple components in the device 1200 are connected to the I/O interface 1205, including: an input unit 1206, such as a keyboard, a mouse, etc.; an output unit 1207, such as various types of displays, speakers, etc.; a storage unit 1208, such as a magnetic disk, an optical disk, etc. ; and a communication unit 1209, such as a network card, a modem, a wireless communication transceiver, and the like. The communication unit 1209 allows the device 1200 to exchange information/data with other devices through a computer network such as the Internet and/or various telecommunication networks.
上文所描述的各个过程和处理,例如方法300、600、700、900、1000可由处理单元1201中的一个或多个核来执行。例如,在一些实施例中,方法300、600、700、900、1000可被实现为计算机软件程序,其被有形地包含于机器可读介质,例如存储单元1208。在一些实施例中,计算机程序的部分或者全部可以经由ROM 1202和/或通信单元1209而被载入和/或安装到设备1200上。当计算机程序被加载到RAM 1203并由CPU 1201或CPU的核执行时,可以执行上文描述的方法300、600、700、900、1000的一个或多个动作。Various procedures and processes described above, such as methods 300 , 600 , 700 , 900 , and 1000 may be executed by one or more cores in the processing unit 1201 . For example, in some embodiments, methods 300 , 600 , 700 , 900 , 1000 may be implemented as a computer software program tangibly embodied on a machine-readable medium, such as storage unit 1208 . In some embodiments, part or all of the computer program may be loaded and/or installed on the device 1200 via the ROM 1202 and/or the communication unit 1209. When a computer program is loaded into RAM 1203 and executed by CPU 1201 or a core of the CPU, one or more actions of methods 300, 600, 700, 900, 1000 described above may be performed.
本公开可以是方法、装置、***和/或计算机程序产品。计算机程序产品可以包括计算机可读存储介质,其上载有用于执行本公开的各个方面的计算机可读程序指令。The present disclosure may be a method, apparatus, system and/or computer program product. A computer program product may include a computer-readable storage medium having computer-readable program instructions thereon for carrying out various aspects of the present disclosure.
计算机可读存储介质可以是可以保持和存储由指令执行设备使用的指令的有形设备。计算机可读存储介质例如可以是――但不限于――电存储设备、磁存储设备、光存储设备、电磁存储设备、半导体存储设备或者上述的任意合适的组合。计算机可读存储介质的更具体的例子(非穷举的列表)包括:便携式计算机盘、硬盘、随机存取存储器(RAM)、只读存储 器(ROM)、可擦式可编程只读存储器(EPROM或闪存)、静态随机存取存储器(SRAM)、便携式压缩盘只读存储器(CD-ROM)、数字多功能盘(DVD)、记忆棒、软盘、机械编码设备、例如其上存储有指令的打孔卡或凹槽内凸起结构、以及上述的任意合适的组合。这里所使用的计算机可读存储介质不被解释为瞬时信号本身,诸如无线电波或者其他自由传播的电磁波、通过波导或其他传输媒介传播的电磁波(例如,通过光纤电缆的光脉冲)、或者通过电线传输的电信号。A computer readable storage medium may be a tangible device that can retain and store instructions for use by an instruction execution device. A computer readable storage medium may be, for example, but is not limited to, an electrical storage device, a magnetic storage device, an optical storage device, an electromagnetic storage device, a semiconductor storage device, or any suitable combination of the foregoing. More specific examples (a non-exhaustive list) of computer-readable storage media include: portable computer diskettes, hard disks, random access memory (RAM), read-only memory (ROM), erasable programmable read-only memory (EPROM), or flash memory), static random access memory (SRAM), compact disc read only memory (CD-ROM), digital versatile disc (DVD), memory stick, floppy disk, mechanically encoded device, such as a printer with instructions stored thereon A hole card or a raised structure in a groove, and any suitable combination of the above. As used herein, computer-readable storage media are not to be construed as transient signals per se, such as radio waves or other freely propagating electromagnetic waves, electromagnetic waves propagating through waveguides or other transmission media (e.g., pulses of light through fiber optic cables), or transmitted electrical signals.
这里所描述的计算机可读程序指令可以从计算机可读存储介质下载到各个计算/处理设备,或者通过网络、例如因特网、局域网、广域网和/或无线网下载到外部计算机或外部存储设备。网络可以包括铜传输电缆、光纤传输、无线传输、路由器、防火墙、交换机、网关计算机和/或边缘服务器。每个计算/处理设备中的网络适配卡或者网络接口从网络接收计算机可读程序指令,并转发该计算机可读程序指令,以供存储在各个计算/处理设备中的计算机可读存储介质中。Computer-readable program instructions described herein may be downloaded from a computer-readable storage medium to a respective computing/processing device, or downloaded to an external computer or external storage device over a network, such as the Internet, a local area network, a wide area network, and/or a wireless network. The network may include copper transmission cables, fiber optic transmission, wireless transmission, routers, firewalls, switches, gateway computers, and/or edge servers. A network adapter card or a network interface in each computing/processing device receives computer-readable program instructions from the network and forwards the computer-readable program instructions for storage in a computer-readable storage medium in each computing/processing device .
用于执行本公开操作的计算机程序指令可以是汇编指令、指令集架构(ISA)指令、机器指令、机器相关指令、微代码、固件指令、状态设置数据、或者以一种或多种编程语言的任意组合编写的源代码或目标代码,编程语言包括面向对象的编程语言—诸如Smalltalk、C++等,以及常规的过程式编程语言—诸如“C”语言或类似的编程语言。计算机可读程序指令可以完全地在用户计算机上执行、部分地在用户计算机上执行、作为一个独立的软件包执行、部分在用户计算机上部分在远程计算机上执行、或者完全在远程计算机或服务器上执行。在涉及远程计算机的情形中,远程计算机可以通过任意种类的网络—包括局域网(LAN)或广域网(WAN)—连接到用户计算机,或者,可以连接到外部计算机(例如利用因特网服务提供商来通过因特网连接)。在一些实施例中,通过利用计算机可读程序指令的状态信息来个性化定制电子电路,例如可编程逻辑电路、现场可编程门阵列(FPGA)或可编程逻辑阵列(PLA),该电子电路可以执行计算机可读程序指令,从而实现本公开的各个方面。Computer program instructions for performing the operations of the present disclosure may be assembly instructions, instruction set architecture (ISA) instructions, machine instructions, machine-dependent instructions, microcode, firmware instructions, state setting data, or Source or object code written in any combination, including object-oriented programming languages—such as Smalltalk, C++, etc., and conventional procedural programming languages—such as “C” or similar programming languages. Computer readable program instructions may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer, or entirely on the remote computer or server implement. In cases involving a remote computer, the remote computer can be connected to the user computer through any kind of network, including a local area network (LAN) or a wide area network (WAN), or it can be connected to an external computer (such as via the Internet using an Internet service provider). connect). In some embodiments, an electronic circuit, such as a programmable logic circuit, field programmable gate array (FPGA), or programmable logic array (PLA), can be customized by utilizing state information of computer-readable program instructions, which can Various aspects of the present disclosure are implemented by executing computer readable program instructions.
这里参照根据本公开实施例的方法、装置(***)和计算机程序产品的流程图和/或框图描述了本公开的各个方面。应当理解,流程图和/或框图的每个方框以及流程图和/或框图中各方框的组合,都可以由计算机可读程序指令实现。Aspects of the present disclosure are described herein with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the disclosure. It should be understood that each block of the flowcharts and/or block diagrams, and combinations of blocks in the flowcharts and/or block diagrams, can be implemented by computer-readable program instructions.
这些计算机可读程序指令可以提供给通用计算机、专用计算机或其它可编程数据处理装置的处理单元,从而生产出一种机器,使得这些指令在通过计算机或其它可编程数据处理装置的处理单元执行时,产生了实现流程图和/或框图中的一个或多个方框中规定的功能/动作的装置。也可以把这些计算机可读程序指令存储在计算机可读存储介质中,这些指令使得计算机、可编程数据处理装置和/或其他设备以特定方式工作,从而,存储有指令的计算机可读介质则包括一个制造品,其包括实现流程图和/或框图中的一个或多个方框中规定的功能/动作的各个方面的指令。These computer readable program instructions may be provided to a processing unit of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine such that when executed by the processing unit of the computer or other programmable data processing apparatus , producing an apparatus for realizing the functions/actions specified in one or more blocks in the flowchart and/or block diagram. These computer-readable program instructions can also be stored in a computer-readable storage medium, and these instructions cause computers, programmable data processing devices and/or other devices to work in a specific way, so that the computer-readable medium storing instructions includes An article of manufacture comprising instructions for implementing various aspects of the functions/acts specified in one or more blocks in flowcharts and/or block diagrams.
也可以把计算机可读程序指令加载到计算机、其它可编程数据处理装置、或其它设备上,使得在计算机、其它可编程数据处理装置或其它设备上执行一系列操作步骤,以产生计算机实现的过程,从而使得在计算机、其它可编程数据处理装置、或其它设备上执行的指令实现流程图和/或框图中的一个或多个方框中规定的功能/动作。It is also possible to load computer-readable program instructions into a computer, other programmable data processing device, or other equipment, so that a series of operational steps are performed on the computer, other programmable data processing device, or other equipment to produce a computer-implemented process , so that instructions executed on computers, other programmable data processing devices, or other devices implement the functions/actions specified in one or more blocks in the flowcharts and/or block diagrams.
附图中的流程图和框图显示了根据本公开的多个实施例的***、方法和计算机程序产品的可能实现的体系架构、功能和操作。在这点上,流程图或框图中的每个方框可以代表一个 模块、程序段或指令的一部分,模块、程序段或指令的一部分包含一个或多个用于实现规定的逻辑功能的可执行指令。在有些作为替换的实现中,方框中所标注的功能也可以以不同于附图中所标注的顺序发生。例如,两个连续的方框实际上可以基本并行地执行,它们有时也可以按相反的顺序执行,这依所涉及的功能而定。也要注意的是,框图和/或流程图中的每个方框、以及框图和/或流程图中的方框的组合,可以用执行规定的功能或动作的专用的基于硬件的***来实现,或者可以用专用硬件与计算机指令的组合来实现。The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in a flowchart or block diagram may represent a module, a program segment, or a portion of an instruction that contains one or more executable instruction. In some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks in succession may, in fact, be executed substantially concurrently, or they may sometimes be executed in the reverse order, depending upon the functionality involved. It should also be noted that each block of the block diagrams and/or flowchart illustrations, and combinations of blocks in the block diagrams and/or flowchart illustrations, can be implemented by a dedicated hardware-based system that performs the specified function or action , or may be implemented by a combination of dedicated hardware and computer instructions.
以上已经描述了本公开的各实施方式,上述说明是示例性的,并非穷尽性的,并且也不限于所披露的各实施方式。在不偏离所说明的各实施方式的范围和精神的情况下,对于本技术领域的普通技术人员来说许多修改和变更都是显而易见的。本文中所用术语的选择,旨在最好地解释各实施方式的原理、实际应用或对市场中的技术的改进,或者使本技术领域的其他普通技术人员能理解本文披露的各实施方式。While various embodiments of the present disclosure have been described above, the foregoing description is illustrative, not exhaustive, and is not limited to the disclosed embodiments. Many modifications and alterations will be apparent to those of ordinary skill in the art without departing from the scope and spirit of the described embodiments. The choice of terminology used herein aims to best explain the principle of each embodiment, practical application or improvement of technology in the market, or to enable other ordinary skilled in the art to understand each embodiment disclosed herein.

Claims (19)

  1. 一种用于获取函数调用信息的方法,包括:A method for obtaining function call information, comprising:
    从调用栈中获取第一调用返回地址,所述第一调用返回地址在第一函数的代码的地址范围内;Obtaining a first call return address from a call stack, where the first call return address is within the address range of the code of the first function;
    基于所述第一调用返回地址,在所述第一函数的代码中确定第一调用代码,所述第一调用代码指示由所述第一函数调用第二函数;以及determining a first call code in code of the first function based on the first call return address, the first call code indicating that a second function is called by the first function; and
    从所述第一调用代码中获取所述第二函数的代码的起始地址。Obtain the start address of the code of the second function from the first calling code.
  2. 根据权利要求1所述的方法,其中从所述调用栈中获取所述第一调用返回地址包括:The method according to claim 1, wherein obtaining the return address of the first call from the call stack comprises:
    在所述调用栈中查找在代码段的地址范围内的第一地址,所述代码段包括所述第一函数和所述第二函数的代码;finding a first address within the address range of a code segment in the call stack, the code segment including code for the first function and the second function;
    确定所述第一地址处的代码的上一条代码是否为跳转指令;以及determining whether a previous code of the code at the first address is a jump instruction; and
    当所述上一条代码为跳转指令时,获取所述第一地址作为所述第一调用返回地址。When the last code is a jump instruction, the first address is obtained as the first call return address.
  3. 根据权利要求2所述的方法,其中在所述调用栈中查找在代码段的地址范围内的第一地址包括:The method of claim 2, wherein finding a first address in the call stack within the address range of the code segment comprises:
    从相对于所述调用栈的栈底地址的预定偏移处开始,从高地址到低地址在所述调用栈中查找在所述代码段的地址范围内的所述第一地址。Starting from a predetermined offset relative to a bottom address of the call stack, searching the call stack for the first address within the address range of the code segment from a high address to a low address.
  4. 根据权利要求1所述的方法,其中所述调用栈包括所述第一函数的第一栈帧和所述第二函数的第二栈帧,所述第二栈帧包括相邻存储的所述第一调用返回地址和所述第一栈帧的栈地址,所述方法还包括:The method of claim 1, wherein the call stack includes a first stack frame of the first function and a second stack frame of the second function, the second stack frame including the adjacently stored The first call return address and the stack address of the first stack frame, the method also includes:
    确定所述第二函数是否调用了第三函数;以及determining whether the second function calls a third function; and
    当确定所述第二函数调用了所述第三函数时,When it is determined that the second function calls the third function,
    基于所述第二栈帧的栈地址,从所述第三函数的第三栈帧中获取所述第二调用返回地址,所述第二调用返回地址在所述第二函数的代码的地址范围内;Based on the stack address of the second stack frame, the second call return address is obtained from the third stack frame of the third function, and the second call return address is within the address range of the code of the second function Inside;
    基于所述第二调用返回地址,在所述第二函数的代码中确定第二调用代码,所述第二调用代码指示由所述第二函数调用所述第三函数;以及determining a second call code in code of the second function based on the second call return address, the second call code indicating that the third function is called by the second function; and
    从所述第二调用代码中获取所述第三函数的代码的起始地址。Obtain the start address of the code of the third function from the second calling code.
  5. 根据权利要求4所述的方法,其中确定所述第二函数确定是否调用了第三函数包括:The method of claim 4, wherein determining whether the second function determines whether a third function has been called comprises:
    确定相对于所述第二栈帧的栈地址的第一栈地址处是否存在位于所述第二函数的代码的地址范围内的第二地址并且在相对于所述第二栈帧的栈地址的的第二栈地址处是否存在所述第二栈帧的栈地址;determining whether there is a second address within the address range of the code of the second function at the first stack address relative to the stack address of the second stack frame and at the stack address relative to the second stack frame Whether there is a stack address of the second stack frame at the second stack address of ;
    如果在所述第一栈地址处存在所述第二地址并且在所述第二栈地址处存在所述第二栈帧的栈地址,确定所述第二地址处的代码的上一条代码是否为跳转指令;以及If the second address exists at the first stack address and the stack address of the second stack frame exists at the second stack address, determining whether a previous code of the code at the second address is jump instructions; and
    如果所述上一条代码为跳转指令,确定所述第二函数调用了所述第三函数,并且获取所述第二地址作为所述第二调用返回地址。If the last code is a jump instruction, it is determined that the second function calls the third function, and the second address is obtained as the return address of the second call.
  6. 根据权利要求4所述的方法,还包括:The method according to claim 4, further comprising:
    基于所述调用栈中存储的所述第一调用返回地址的栈地址,从所述第二栈帧中获取所述第一栈帧的栈地址;Obtaining the stack address of the first stack frame from the second stack frame based on the stack address of the first call return address stored in the call stack;
    基于所述第二函数的代码的起始地址,获取所述第二栈帧的大小;以及Acquiring the size of the second stack frame based on the start address of the code of the second function; and
    基于所述第一栈帧的栈地址和所述第二栈帧的大小,确定所述第二栈帧的栈地址。Based on the stack address of the first stack frame and the size of the second stack frame, determine the stack address of the second stack frame.
  7. 根据权利要求1所述的方法,还包括:The method according to claim 1, further comprising:
    使用所述第一调用返回地址从符号表获取所述第一函数的标识;以及obtaining an identifier of the first function from a symbol table using the first call return address; and
    使用所述第二函数的代码的起始地址从所述符号表获取所述第二函数的标识。The identifier of the second function is obtained from the symbol table using the starting address of the code of the second function.
  8. 根据权利要求6所述的方法,还包括:呈现以下至少一项:The method of claim 6, further comprising presenting at least one of:
    所述第一函数的标识,the identity of the first function,
    所述第二函数的标识,以及an identification of the second function, and
    指示所述第一函数调用所述第二函数的所述第一调用代码的存储地址。Instructing the first function to call the storage address of the first calling code of the second function.
  9. 一种用于获取函数调用信息的装置,包括:A device for obtaining function call information, comprising:
    第一调用返回地址获取单元,被配置用于从调用栈中获取第一调用返回地址,所述第一调用返回地址在第一函数的代码的地址范围内;A first call return address obtaining unit configured to obtain a first call return address from the call stack, the first call return address being within the address range of the code of the first function;
    调用代码确定单元,被配置用于基于所述第一调用返回地址在所述第一函数的代码中确定第一调用代码,所述第一调用代码指示由所述第一函数调用第二函数;以及a call code determining unit configured to determine a first call code in code of the first function based on the first call return address, the first call code indicating that a second function is called by the first function; as well as
    被调函数代码地址获取单元,被配置用于从所述第一调用代码中获取所述第二函数的代码的起始地址。The called function code address obtaining unit is configured to obtain the start address of the code of the second function from the first calling code.
  10. 根据权利要求9所述的装置,其中所述第一调用返回地址获取单元被配置用于:The device according to claim 9, wherein the first call return address obtaining unit is configured to:
    在所述调用栈中查找在代码段的地址范围内的第一地址,所述代码段包括所述第一函数和所述第二函数的代码;finding a first address within the address range of a code segment in the call stack, the code segment including code for the first function and the second function;
    确定所述第一地址处的代码的上一条代码是否为跳转指令;以及determining whether a previous code of the code at the first address is a jump instruction; and
    当确定所述上一条代码为跳转指令时,获取所述第一地址作为所述第一调用返回地址。When it is determined that the last piece of code is a jump instruction, the first address is acquired as the first call return address.
  11. 根据权利要求9所述的装置,其中所述第一调用返回地址获取单元还被配置用于:The device according to claim 9, wherein the first call return address obtaining unit is further configured to:
    从相对于所述调用栈的栈底地址的预定偏移处开始,从高地址到低地址在所述调用栈中查找在所述代码段的地址范围内的所述第一地址。Starting from a predetermined offset relative to a stack bottom address of the call stack, the first address within the address range of the code segment is searched in the call stack from a high address to a low address.
  12. 根据权利要求9所述的装置,其中所述调用栈包括所述第一函数的第一栈帧和所述第二函数的第二栈帧,所述第二栈帧包括相邻存储的所述第一调用返回地址和所述第一栈帧的栈地址,所述装置还包括:The apparatus of claim 9, wherein the call stack includes a first stack frame of the first function and a second stack frame of the second function, the second stack frame including the adjacently stored The first call return address and the stack address of the first stack frame, the device also includes:
    函数调用确定单元,被配置用于确定所述第二函数是否调用了第三函数;以及a function call determination unit configured to determine whether the second function calls a third function; and
    第二调用地址返回单元,被配置用于当确定所述第二函数调用了所述第三函数时,a second call address return unit configured to, when it is determined that the second function calls the third function,
    基于所述第二栈帧的栈地址,从所述第三函数的第三栈帧中获取所述第二调用返回地址,所述第二调用返回地址在所述第二函数的代码的地址范围内;Obtaining the second call return address from the third stack frame of the third function based on the stack address of the second stack frame, where the second call return address is within the address range of the code of the second function Inside;
    基于所述第二调用返回地址,在所述第二函数的代码中确定第二调用代码,所述第二调用代码指示由所述第二函数调用所述第三函数;以及determining a second call code in code of the second function based on the second call return address, the second call code indicating that the third function is called by the second function; and
    从所述第二调用代码中获取所述第三函数的代码的起始地址。Obtain the start address of the code of the third function from the second calling code.
  13. 根据权利要求12所述的装置,其中函数调用确定单元还被配置用于:The apparatus according to claim 12, wherein the function call determination unit is further configured to:
    确定相对于所述第二栈帧的栈地址的第一栈地址处是否存在位于所述第二函数的代码的地址范围内的第二地址并且在相对于所述第二栈帧的栈地址的第二栈帧地址处是否存在所述第二栈帧的栈地址;determining whether there is a second address within the address range of the code of the second function at the first stack address relative to the stack address of the second stack frame and at the stack address relative to the second stack frame Whether there is a stack address of the second stack frame at the address of the second stack frame;
    如果在所述第一栈地址处存在所述第二地址并且在所述第二栈地址处存在所述第二栈帧的栈地址,确定所述第二地址处的代码的上一条代码是否为跳转指令;以及If the second address exists at the first stack address and the stack address of the second stack frame exists at the second stack address, determining whether a previous code of the code at the second address is jump instructions; and
    如果所述上一条代码为跳转指令,确定所述第二函数调用了所述第三函数并且获取所述 第二地址作为所述第二调用返回地址。If the last piece of code is a jump instruction, determine that the second function calls the third function and obtain the second address as the second call return address.
  14. 根据权利要求12所述的装置,还包括栈帧地址确定单元,所述栈帧地址确定单元被配置用于:The device according to claim 12, further comprising a stack frame address determining unit configured to:
    基于所述调用栈中存储的所述第一调用返回地址的栈地址,从所述第二栈帧中获取所述第一栈帧的栈地址;Obtaining the stack address of the first stack frame from the second stack frame based on the stack address of the first call return address stored in the call stack;
    基于所述第二函数的代码的起始地址,获取所述第二栈帧的大小;以及Acquiring the size of the second stack frame based on the start address of the code of the second function; and
    基于所述第一栈帧的栈地址和所述第二栈帧的大小,确定所述第二栈帧的栈地址。Based on the stack address of the first stack frame and the size of the second stack frame, determine the stack address of the second stack frame.
  15. 根据权利要求9所述的装置,还包括函数标识确定单元,所述函数标识确定单元被配置用于:The device according to claim 9, further comprising a function identification determining unit configured to:
    使用所述第一调用返回地址从符号表获取所述第一函数的标识;以及obtaining an identifier of the first function from a symbol table using the first call return address; and
    使用所述第二函数的代码的起始地址从所述符号表获取所述第二函数的标识。The identifier of the second function is obtained from the symbol table using the starting address of the code of the second function.
  16. 根据权利要求15所述的装置,还包括呈现单元,所述呈现单元被配置用于呈现以下至少一项:The apparatus according to claim 15, further comprising a presentation unit configured to present at least one of the following:
    所述第一函数的标识,the identity of the first function,
    所述第二函数的标识,以及an identification of the second function, and
    指示所述第一函数调用所述第二函数的所述第一调用代码的存储地址。Instructing the first function to call the storage address of the first calling code of the second function.
  17. 一种电子设备,包括An electronic device comprising
    处理器,所述处理器包括多个处理核;以及a processor comprising a plurality of processing cores; and
    存储器;memory;
    所述多个处理核中的至少一个处理核被配置用于执行所述存储器中的指令,使得所述电子设备执行根据权利要求1至8中任一项所述的方法。At least one processing core among the plurality of processing cores is configured to execute instructions in the memory, so that the electronic device executes the method according to any one of claims 1-8.
  18. 一种计算机可读存储介质,其上存储有一条或多条计算机指令,其中一条或多条计算机指令被处理器执行使所述处理器执行根据权利要求1至8中任一项所述的方法。A computer-readable storage medium on which one or more computer instructions are stored, wherein one or more computer instructions are executed by a processor to cause the processor to perform the method according to any one of claims 1 to 8 .
  19. 一种计算机程序产品,包括机器可执行指令,所述机器可执行指令在由设备执行时使所述设备执行根据权利要求1至8中任一项所述的方法。A computer program product comprising machine-executable instructions which, when executed by a device, cause the device to perform a method according to any one of claims 1 to 8.
PCT/CN2022/111410 2021-08-12 2022-08-10 Method for acquiring function call information, and apparatus, electronic device and medium WO2023016485A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202110926882.4A CN115705294B (en) 2021-08-12 2021-08-12 Method, device, electronic equipment and medium for acquiring function call information
CN202110926882.4 2021-08-12

Publications (1)

Publication Number Publication Date
WO2023016485A1 true WO2023016485A1 (en) 2023-02-16

Family

ID=85181018

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2022/111410 WO2023016485A1 (en) 2021-08-12 2022-08-10 Method for acquiring function call information, and apparatus, electronic device and medium

Country Status (2)

Country Link
CN (1) CN115705294B (en)
WO (1) WO2023016485A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117171058A (en) * 2023-11-03 2023-12-05 睿思芯科(深圳)技术有限公司 Call chain real-time tracking method, system and related equipment

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060212844A1 (en) * 2005-03-18 2006-09-21 Microsoft Corporation Method and apparatus for hybrid stack walking
CN101539883A (en) * 2009-05-05 2009-09-23 北京和利时***工程有限公司 Error tracking method of embedded system and device thereof
CN102109975A (en) * 2009-12-24 2011-06-29 华为技术有限公司 Method, device and system for determining function call relationship
US20130042223A1 (en) * 2011-08-10 2013-02-14 Nintendo Company Ltd. Methods and/or systems for determining a series of return callstacks
CN103019707A (en) * 2012-11-30 2013-04-03 华为技术有限公司 Call stack analyzing and processing method and device
CN103559123A (en) * 2013-10-24 2014-02-05 烽火通信科技股份有限公司 Function call stack analyzing method and device based on VxWorks operation system

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100570581C (en) * 2008-04-09 2009-12-16 中兴通讯股份有限公司 The method and apparatus of localization of fault
CN103019787B (en) * 2012-12-14 2016-08-10 华为技术有限公司 Function calling relationship determines method, hot patch upgrade method and device
CN105468965A (en) * 2014-08-21 2016-04-06 西安慧泽知识产权运营管理有限公司 Dynamic stack memory management method
CN106933733B (en) * 2015-12-30 2020-03-10 华为技术有限公司 Method and device for determining memory leak position
WO2020073200A1 (en) * 2018-10-09 2020-04-16 华为技术有限公司 Program debugging method and system
US11188470B2 (en) * 2019-05-22 2021-11-30 Vdoo Connected Trust Ltd. Dynamic identification of stack frames

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060212844A1 (en) * 2005-03-18 2006-09-21 Microsoft Corporation Method and apparatus for hybrid stack walking
CN101539883A (en) * 2009-05-05 2009-09-23 北京和利时***工程有限公司 Error tracking method of embedded system and device thereof
CN102109975A (en) * 2009-12-24 2011-06-29 华为技术有限公司 Method, device and system for determining function call relationship
US20130042223A1 (en) * 2011-08-10 2013-02-14 Nintendo Company Ltd. Methods and/or systems for determining a series of return callstacks
CN103019707A (en) * 2012-11-30 2013-04-03 华为技术有限公司 Call stack analyzing and processing method and device
CN103559123A (en) * 2013-10-24 2014-02-05 烽火通信科技股份有限公司 Function call stack analyzing method and device based on VxWorks operation system

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117171058A (en) * 2023-11-03 2023-12-05 睿思芯科(深圳)技术有限公司 Call chain real-time tracking method, system and related equipment
CN117171058B (en) * 2023-11-03 2024-02-20 睿思芯科(深圳)技术有限公司 Call chain real-time tracking method, system and related equipment

Also Published As

Publication number Publication date
CN115705294A (en) 2023-02-17
CN115705294B (en) 2024-07-05

Similar Documents

Publication Publication Date Title
US8533418B2 (en) Memory allocation with identification of requesting loadable kernel module
US8245081B2 (en) Error reporting through observation correlation
US20210390182A1 (en) Automatic mitigation of corrupted or compromised compute resources
JP2021002317A (en) Method, apparatus, device and storage medium for upgrading application
US8073673B2 (en) Emulated memory management
US20120102462A1 (en) Parallel test execution
US10747638B2 (en) Computing memory health metrics
US11768757B2 (en) Kernel debugging system and method
US8615743B2 (en) Adaptive compiled code
US20090276205A1 (en) Stablizing operation of an emulated system
WO2022148086A1 (en) Information processing method and apparatus, and device and storage medium
US20070074172A1 (en) Software problem administration
WO2023016485A1 (en) Method for acquiring function call information, and apparatus, electronic device and medium
CN113760306A (en) Method and device for installing software, electronic equipment and storage medium
US8392469B2 (en) Model based distributed application management
CN114816772B (en) Debugging method, debugging system and computing device for application running based on compatible layer
US6732355B1 (en) Method and device for generating registration data at compilation to enable trace of stack
US20120159247A1 (en) Automatically changing parts in response to tests
CN111352631A (en) Interface compatibility detection method and device
US9836315B1 (en) De-referenced package execution
RU2639235C2 (en) Free from blocking flow transfer of data to executed code
US10102109B2 (en) Exception resolution in a software development session
US8327338B2 (en) Overlay identification of data processing target structure
US20240103853A1 (en) Code maintenance system
US20230074230A1 (en) Automatic generation of exporter configuration rules

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22855465

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE