Before we start talking about what the contents of an unwind-table are, here are some of the questions I had when I first started investigating on unwind tables.
What are unwind-tables?
There are 2 steps involved in unwinding the call stack, i.e:-
1. Adding to the stack pointer the amount it was decreased by(to make space for the local variables)
2. Popping from the stack FP(Frame Pointer) and LR(the link register / R14) and putting LR's value into PC(the program counter)
Now let's compare the above 2 steps with what actually is in the unwind-tables by the following command:
By running the above, I got:
The above seems to be unwinding the stack exactly how we imagined it to be if, the following pointers are kept in mind:-
1. finish - the finish instruction puts the value in r14 into PC
2. VSP - The VSP stands for the Virtual Stack Pointer, which is essentially a copy of the actual Stack Pointer.
To understand more about the output, I would suggest reading the Documentation which explains in a whole lot detail the exact format of the uwind information.
What are unwind-tables?
Unwind Tables are tables that are prepared by the compilers, consisting of information on how the call stack should be unwounded. (Unwounding refers to the removal of the stack frames on the call stack)
When are unwind tables used?
- To unwind the call stack in the event of an exception
- To unwind the call stack when using backtrace()
On the Intel machine, the unwind-tables are stored in the '.eh_frame' section of the ELF file, whereas on the ARM machine, the unwind-tables are stored in the '.EXIDX' and '.EXTAB' sections of the ELF file.
Now that we know a bit about unwind tables, let us take an example of what exactly is contained in the sections mentioned above.
P.S :- The example shown below is that for a virtual Linux environment on an ARM machine. I have used the arm-gcc compiler I installed using the instructions at http://www.cnx-software.com/2011/03/28/installing-linaro-arm-cross-toolchain-on-ubuntu/.
I have not yet been able to figure the format of unwind tables on an Intel machine but it is something that I intend to do in the near future.
Moving on, Let's see what the unwind-table looks like for the C code below:
To compile and then disassemble the object file, run the commands below:
A part of the assembly code for the above C code is:
There are 2 steps involved in unwinding the call stack, i.e:-
1. Adding to the stack pointer the amount it was decreased by(to make space for the local variables)
2. Popping from the stack FP(Frame Pointer) and LR(the link register / R14) and putting LR's value into PC(the program counter)
Now let's compare the above 2 steps with what actually is in the unwind-tables by the following command:
The above seems to be unwinding the stack exactly how we imagined it to be if, the following pointers are kept in mind:-
1. finish - the finish instruction puts the value in r14 into PC
2. VSP - The VSP stands for the Virtual Stack Pointer, which is essentially a copy of the actual Stack Pointer.
To understand more about the output, I would suggest reading the Documentation which explains in a whole lot detail the exact format of the uwind information.
No comments:
Post a Comment