Re: [Crash-utility] Re:[RFC] Crash patch for DWARF CFI based unwind support

Rachita Kothiyal wrote: > This is because what crash is reporting is the stack address at which > the return address was pushed on stack, while what the dwarf based bt is > reporting is the CFA. In most cases, return address is stored at a location > (CFA - 8). That is why the offset of 0x8. > > The low-budget tracer's backtraces are different from the dwarf-tracer > because when the low-budget tracer is unwinding the stack by trying to read > kernel text addresses, it actually comes across many addresses which were > actually not pushed onto stack because of function calls. > Specially for the panic task on kdumps, where after 'crash_kexec' is called, > the registers are dumped onto stack(for creating NT_PRSTATUS section), this > becomes misleading for the low-budget tracer mechanism. Thats why we see > multiple crash_kexec entries in the backtrace. Static inline functions can > also aggrevate this problem. > > In other cases, stale frames on the stack can also mislead the low-budget > tracer. > > AFAICT, user_regs_struct register offsets are not the culprits here. > > Thanks > Rachita So, in other words, if we hardwire the user_regs_struct so that it uses the NT_PRSTATUS registers all the time, then we get the second (preferred/better) budget back trace when unwind is off. That being the case, I argue for hardwiring them all the time.