Hello, everyone.
It is another question, now I used kview to test, by rebuilding it in the
kdegraphics-3.5.4 with -finstrument-functions option. But I found that in
libkdeinit_kview.so, one function can have multiply profiling entry, for
example, kdemain function (located in kdegraphics-3.5.4/kview/main.cpp)
has three _cyg_profile_func_{enter,exit} pairs.
the return address after these entries are located at:
kdegraphics-3.5.4/kview/main.cpp:39
/usr/lib/qt-3.3/include/qapplication.h:501
kdegraphics-3.5.4/kview/main.cpp:45
I don't know why this happens, and can anyone help me ?
objdump content is below:
00016da0 <kdemain>:
16da0: 55 push %ebp
16da1: 89 e5 mov %esp,%ebp
16da3: 57 push %edi
16da4: bf 01 00 00 00 mov $0x1,%edi
16da9: 56 push %esi
16daa: 53 push %ebx
16dab: e8 67 33 ff ff call a117 <__i686.get_pc_thunk.bx>
16db0: 81 c3 80 35 00 00 add $0x3580,%ebx
16db6: 81 ec 9c 01 00 00 sub $0x19c,%esp
16dbc: 8b 45 04 mov 0x4(%ebp),%eax
16dbf: 89 44 24 04 mov %eax,0x4(%esp)
16dc3: 8b 83 9c ff ff ff mov 0xffffff9c(%ebx),%eax
16dc9: 89 04 24 mov %eax,(%esp)
16dcc: e8 43 28 ff ff call 9614
<__cyg_profile_func_enter <at> plt>
16dd1: 8d 83 f9 db ff ff lea 0xffffdbf9(%ebx),%eax
16dd7: 89 44 24 24 mov %eax,0x24(%esp)
16ddb: 8d 83 bc dc ff ff lea 0xffffdcbc(%ebx),%eax
16de1: 89 44 24 18 mov %eax,0x18(%esp)
16de5: 8d 83 e0 dc ff ff lea 0xffffdce0(%ebx),%eax
16deb: 89 44 24 10 mov %eax,0x10(%esp)
16def: 8d 83 0d dc ff ff lea 0xffffdc0d(%ebx),%eax
16df5: 89 44 24 0c mov %eax,0xc(%esp)
16df9: 8d 83 d0 ce ff ff lea 0xffffced0(%ebx),%eax
16dff: 8d 95 6c ff ff ff lea 0xffffff6c(%ebp),%edx
16e05: 89 44 24 08 mov %eax,0x8(%esp)
16e09: 8d 83 28 dc ff ff lea 0xffffdc28(%ebx),%eax
16e0f: 89 95 84 fe ff ff mov %edx,0xfffffe84(%ebp)
16e15: 89 14 24 mov %edx,(%esp)
16e18: 89 44 24 04 mov %eax,0x4(%esp)
16e1c: c7 44 24 20 00 00 00 movl $0x0,0x20(%esp)
16e23: 00
16e24: c7 44 24 1c 00 00 00 movl $0x0,0x1c(%esp)
16e2b: 00
16e2c: c7 44 24 14 01 00 00 movl $0x1,0x14(%esp)
16e33: 00
16e34: e8 ab 28 ff ff call 96e4
<_ZN10KAboutDataC1EPKcS1_S1_S1_iS1_S1_S1_S1_ <at> plt>
16e39: 8d 83 2e dc ff ff lea 0xffffdc2e(%ebx),%eax
16e3f: 89 44 24 0c mov %eax,0xc(%esp)
16e43: 8d 83 3c dc ff ff lea 0xffffdc3c(%ebx),%eax
16e49: 89 44 24 08 mov %eax,0x8(%esp)
16e4d: 8d 83 47 dc ff ff lea 0xffffdc47(%ebx),%eax
16e53: 89 44 24 04 mov %eax,0x4(%esp)
16e57: 8b 85 84 fe ff ff mov 0xfffffe84(%ebp),%eax
16e5d: c7 44 24 10 00 00 00 movl $0x0,0x10(%esp)
16e64: 00
16e65: 89 04 24 mov %eax,(%esp)
16e68: e8 17 23 ff ff call 9184
<_ZN10KAboutData9addAuthorEPKcS1_S1_S1_ <at> plt>
16e6d: 8b 95 84 fe ff ff mov 0xfffffe84(%ebp),%edx
16e73: 8d 83 56 dc ff ff lea 0xffffdc56(%ebx),%eax
16e79: 89 44 24 0c mov %eax,0xc(%esp)
16e7d: 8d 83 62 dc ff ff lea 0xffffdc62(%ebx),%eax
16e83: 89 44 24 08 mov %eax,0x8(%esp)
16e87: 8d 83 71 dc ff ff lea 0xffffdc71(%ebx),%eax
16e8d: 89 44 24 04 mov %eax,0x4(%esp)
16e91: 89 14 24 mov %edx,(%esp)
16e94: c7 44 24 10 00 00 00 movl $0x0,0x10(%esp)
16e9b: 00
16e9c: e8 e3 22 ff ff call 9184
<_ZN10KAboutData9addAuthorEPKcS1_S1_S1_ <at> plt>
16ea1: 8d 83 83 dc ff ff lea 0xffffdc83(%ebx),%eax
16ea7: 89 44 24 0c mov %eax,0xc(%esp)
16eab: 8d 83 94 dc ff ff lea 0xffffdc94(%ebx),%eax
16eb1: 89 44 24 04 mov %eax,0x4(%esp)
16eb5: 8b 85 84 fe ff ff mov 0xfffffe84(%ebp),%eax
16ebb: c7 44 24 10 00 00 00 movl $0x0,0x10(%esp)
16ec2: 00
16ec3: c7 44 24 08 00 00 00 movl $0x0,0x8(%esp)
16eca: 00
16ecb: 89 04 24 mov %eax,(%esp)
16ece: e8 b1 22 ff ff call 9184
<_ZN10KAboutData9addAuthorEPKcS1_S1_S1_ <at> plt>
16ed3: 8b 45 0c mov 0xc(%ebp),%eax
16ed6: 8b 95 84 fe ff ff mov 0xfffffe84(%ebp),%edx
16edc: c7 44 24 0c 00 00 00 movl $0x0,0xc(%esp)
16ee3: 00
16ee4: 89 44 24 04 mov %eax,0x4(%esp)
16ee8: 8b 45 08 mov 0x8(%ebp),%eax
16eeb: 89 54 24 08 mov %edx,0x8(%esp)
16eef: 89 04 24 mov %eax,(%esp)
16ef2: e8 fd 26 ff ff call 95f4
<_ZN12KCmdLineArgs4initEiPPcPK10KAboutDatab <at> plt>
16ef7: 8d 83 b4 03 00 00 lea 0x3b4(%ebx),%eax
16efd: 89 04 24 mov %eax,(%esp)
16f00: c7 44 24 0c 00 00 00 movl $0x0,0xc(%esp)
16f07: 00
16f08: c7 44 24 08 00 00 00 movl $0x0,0x8(%esp)
16f0f: 00
16f10: c7 44 24 04 00 00 00 movl $0x0,0x4(%esp)
16f17: 00
16f18: e8 c7 2c ff ff call 9be4
<_ZN12KCmdLineArgs17addCmdLineOptionsEPK15KCmdLineOptionsPKcS4_S4_ <at> plt>
16f1d: 8d 85 a0 fe ff ff lea 0xfffffea0(%ebp),%eax
16f23: 89 85 80 fe ff ff mov %eax,0xfffffe80(%ebp)
16f29: 89 04 24 mov %eax,(%esp)
16f2c: c7 44 24 08 01 00 00 movl $0x1,0x8(%esp)
16f33: 00
16f34: c7 44 24 04 01 00 00 movl $0x1,0x4(%esp)
16f3b: 00
16f3c: e8 23 24 ff ff call 9364
<_ZN12KApplicationC1Ebb <at> plt>
16f41: 8b 93 9c ff ff ff mov 0xffffff9c(%ebx),%edx
16f47: 8b 45 04 mov 0x4(%ebp),%eax
16f4a: 89 14 24 mov %edx,(%esp)
16f4d: 89 44 24 04 mov %eax,0x4(%esp)
16f51: e8 be 26 ff ff call 9614
<__cyg_profile_func_enter <at> plt>
16f56: 8b 45 04 mov 0x4(%ebp),%eax
16f59: 89 44 24 04 mov %eax,0x4(%esp)
16f5d: 8b 83 9c ff ff ff mov 0xffffff9c(%ebx),%eax
16f63: 89 04 24 mov %eax,(%esp)
16f66: e8 a9 26 ff ff call 9614
<__cyg_profile_func_enter <at> plt>
16f6b: 8b 93 9c ff ff ff mov 0xffffff9c(%ebx),%edx
16f71: 8b 45 04 mov 0x4(%ebp),%eax
16f74: 0f b6 b5 e4 fe ff ff movzbl 0xfffffee4(%ebp),%esi
16f7b: 89 14 24 mov %edx,(%esp)
16f7e: 89 44 24 04 mov %eax,0x4(%esp)
16f82: e8 0d 2b ff ff call 9a94
<__cyg_profile_func_exit <at> plt>
16f87: 8b 45 04 mov 0x4(%ebp),%eax
16f8a: 89 44 24 04 mov %eax,0x4(%esp)
16f8e: 8b 83 9c ff ff ff mov 0xffffff9c(%ebx),%eax
16f94: 89 04 24 mov %eax,(%esp)
16f97: e8 f8 2a ff ff call 9a94
<__cyg_profile_func_exit <at> plt>
16f9c: 89 f2 mov %esi,%edx
16f9e: 84 d2 test %dl,%dl
16fa0: 75 34 jne 16fd6 <kdemain+0x236>
16fa2: e9 86 00 00 00 jmp 1702d <kdemain+0x28d>
16fa7: c7 04 24 00 01 00 00 movl $0x100,(%esp)
16fae: 66 90 xchg %ax,%ax
16fb0: e8 1f 29 ff ff call 98d4 <_Znwj <at> plt>
16fb5: 89 c6 mov %eax,%esi
16fb7: 89 04 24 mov %eax,(%esp)
16fba: e8 65 28 ff ff call 9824 <_ZN5KViewC1Ev <at> plt>
16fbf: 89 7c 24 04 mov %edi,0x4(%esp)
16fc3: 83 c7 01 add $0x1,%edi
16fc6: c7 44 24 08 01 00 00 movl $0x1,0x8(%esp)
16fcd: 00
16fce: 89 34 24 mov %esi,(%esp)
16fd1: e8 1e 30 ff ff call 9ff4
<_ZN11KMainWindow7restoreEib <at> plt>
16fd6: 89 3c 24 mov %edi,(%esp)
16fd9: e8 16 29 ff ff call 98f4
<_ZN11KMainWindow13canBeRestoredEi <at> plt>
16fde: 84 c0 test %al,%al
16fe0: 75 c5 jne 16fa7 <kdemain+0x207>
16fe2: 8b 85 80 fe ff ff mov 0xfffffe80(%ebp),%eax
16fe8: 89 04 24 mov %eax,(%esp)
16feb: e8 74 2c ff ff call 9c64
<_ZN12QApplication4execEv <at> plt>
16ff0: 8b 95 80 fe ff ff mov 0xfffffe80(%ebp),%edx
16ff6: 89 14 24 mov %edx,(%esp)
16ff9: 89 c6 mov %eax,%esi
16ffb: e8 04 2d ff ff call 9d04
<_ZN12KApplicationD1Ev <at> plt>
17000: 8b 85 84 fe ff ff mov 0xfffffe84(%ebp),%eax
17006: 89 04 24 mov %eax,(%esp)
17009: e8 56 27 ff ff call 9764
<_ZN10KAboutDataD1Ev <at> plt>
1700e: 8b 45 04 mov 0x4(%ebp),%eax
17011: 8b 93 9c ff ff ff mov 0xffffff9c(%ebx),%edx
17017: 89 44 24 04 mov %eax,0x4(%esp)
1701b: 89 14 24 mov %edx,(%esp)
1701e: e8 71 2a ff ff call 9a94
<__cyg_profile_func_exit <at> plt>
17023: 8d 65 f4 lea 0xfffffff4(%ebp),%esp
17026: 89 f0 mov %esi,%eax
17028: 5b pop %ebx
17029: 5e pop %esi
1702a: 5f pop %edi
1702b: 5d pop %ebp
1702c: c3 ret
1702d: c7 04 24 00 00 00 00 movl $0x0,(%esp)
17034: e8 8b 27 ff ff call 97c4
<_ZN12KCmdLineArgs10parsedArgsEPKc <at> plt>
17039: c7 04 24 00 01 00 00 movl $0x100,(%esp)
17040: 89 85 8c fe ff ff mov %eax,0xfffffe8c(%ebp)
17046: e8 89 28 ff ff call 98d4 <_Znwj <at> plt>
1704b: 89 85 90 fe ff ff mov %eax,0xfffffe90(%ebp)
17051: 89 04 24 mov %eax,(%esp)
17054: e8 cb 27 ff ff call 9824 <_ZN5KViewC1Ev <at> plt>
17059: 8b 95 90 fe ff ff mov 0xfffffe90(%ebp),%edx
1705f: 8b 02 mov (%edx),%eax
17061: 89 14 24 mov %edx,(%esp)
17064: ff 90 bc 00 00 00 call *0xbc(%eax)
1706a: 8b 85 8c fe ff ff mov 0xfffffe8c(%ebp),%eax
17070: 89 04 24 mov %eax,(%esp)
17073: e8 6c 27 ff ff call 97e4
<_ZNK12KCmdLineArgs5countEv <at> plt>
17078: 85 c0 test %eax,%eax
1707a: 0f 8e dd 00 00 00 jle 1715d <kdemain+0x3bd>
17080: 8d 83 a3 dc ff ff lea 0xffffdca3(%ebx),%eax
17086: 8d 7d f0 lea 0xfffffff0(%ebp),%edi
17089: 89 44 24 04 mov %eax,0x4(%esp)
1708d: 8d 75 a0 lea 0xffffffa0(%ebp),%esi
17090: 89 3c 24 mov %edi,(%esp)
17093: e8 9c 22 ff ff call 9334 <_ZN7QStringC1EPKc <at> plt>
17098: 8b 95 8c fe ff ff mov 0xfffffe8c(%ebp),%edx
1709e: 89 34 24 mov %esi,(%esp)
170a1: c7 44 24 08 00 00 00 movl $0x0,0x8(%esp)
170a8: 00
170a9: 89 54 24 04 mov %edx,0x4(%esp)
170ad: e8 92 2d ff ff call 9e44
<_ZNK12KCmdLineArgs3urlEi <at> plt>
170b2: 83 ec 04 sub $0x4,%esp
170b5: 89 7c 24 04 mov %edi,0x4(%esp)
170b9: 89 34 24 mov %esi,(%esp)
170bc: e8 03 21 ff ff call 91c4
<_ZNK4KURLeqERK7QString <at> plt>
170c1: 89 34 24 mov %esi,(%esp)
170c4: 88 85 8b fe ff ff mov %al,0xfffffe8b(%ebp)
170ca: e8 55 2e ff ff call 9f24 <_ZN4KURLD1Ev <at> plt>
170cf: 8b 45 04 mov 0x4(%ebp),%eax
170d2: 89 44 24 04 mov %eax,0x4(%esp)
170d6: 8b 83 9c ff ff ff mov 0xffffff9c(%ebx),%eax
170dc: 89 04 24 mov %eax,(%esp)
170df: e8 30 25 ff ff call 9614
<__cyg_profile_func_enter <at> plt>
170e4: 8b 75 f0 mov 0xfffffff0(%ebp),%esi
170e7: 8b 45 04 mov 0x4(%ebp),%eax
170ea: 8b 93 9c ff ff ff mov 0xffffff9c(%ebx),%edx
170f0: 89 44 24 04 mov %eax,0x4(%esp)
170f4: 89 14 24 mov %edx,(%esp)
170f7: e8 18 25 ff ff call 9614
<__cyg_profile_func_enter <at> plt>
170fc: 8b 3e mov (%esi),%edi
170fe: 83 ef 01 sub $0x1,%edi
17101: 89 3e mov %edi,(%esi)
17103: 8b 45 04 mov 0x4(%ebp),%eax
17106: 89 44 24 04 mov %eax,0x4(%esp)
1710a: 8b 83 9c ff ff ff mov 0xffffff9c(%ebx),%eax
17110: 89 04 24 mov %eax,(%esp)
17113: e8 7c 29 ff ff call 9a94
<__cyg_profile_func_exit <at> plt>
17118: 85 ff test %edi,%edi
1711a: 75 15 jne 17131 <kdemain+0x391>
1711c: 8b 83 98 ff ff ff mov 0xffffff98(%ebx),%eax
17122: 8b 55 f0 mov 0xfffffff0(%ebp),%edx
17125: 3b 10 cmp (%eax),%edx
17127: 74 08 je 17131 <kdemain+0x391>
17129: 89 14 24 mov %edx,(%esp)
1712c: e8 e3 2b ff ff call 9d14
<_ZN11QStringData10deleteSelfEv <at> plt>
17131: 8b 45 04 mov 0x4(%ebp),%eax
17134: 8b 93 9c ff ff ff mov 0xffffff9c(%ebx),%edx
1713a: 89 44 24 04 mov %eax,0x4(%esp)
1713e: 89 14 24 mov %edx,(%esp)
17141: e8 4e 29 ff ff call 9a94
<__cyg_profile_func_exit <at> plt>
17146: 80 bd 8b fe ff ff 00 cmpb $0x0,0xfffffe8b(%ebp)
1714d: 74 21 je 17170 <kdemain+0x3d0>
1714f: 8b 85 90 fe ff ff mov 0xfffffe90(%ebp),%eax
17155: 89 04 24 mov %eax,(%esp)
17158: e8 17 23 ff ff call 9474
<_ZN5KView13loadFromStdinEv <at> plt>
1715d: 8b 95 8c fe ff ff mov 0xfffffe8c(%ebp),%edx
17163: 89 14 24 mov %edx,(%esp)
17166: e8 89 25 ff ff call 96f4
<_ZN12KCmdLineArgs5clearEv <at> plt>
1716b: e9 72 fe ff ff jmp 16fe2 <kdemain+0x242>
17170: 8b 95 8c fe ff ff mov 0xfffffe8c(%ebp),%edx
17176: 8d 75 c8 lea 0xffffffc8(%ebp),%esi
17179: 89 34 24 mov %esi,(%esp)
1717c: c7 44 24 08 00 00 00 movl $0x0,0x8(%esp)
17183: 00
17184: 89 54 24 04 mov %edx,0x4(%esp)
17188: e8 b7 2c ff ff call 9e44
<_ZNK12KCmdLineArgs3urlEi <at> plt>
1718d: 8b 85 90 fe ff ff mov 0xfffffe90(%ebp),%eax
17193: 83 ec 04 sub $0x4,%esp
17196: 89 74 24 04 mov %esi,0x4(%esp)
1719a: 89 04 24 mov %eax,(%esp)
1719d: e8 b2 25 ff ff call 9754
<_ZN5KView4loadERK4KURL <at> plt>
171a2: 89 34 24 mov %esi,(%esp)
171a5: e8 7a 2d ff ff call 9f24 <_ZN4KURLD1Ev <at> plt>
171aa: eb b1 jmp 1715d <kdemain+0x3bd>
171ac: 90 nop
171ad: 90 nop
171ae: 90 nop
171af: 90 nop
Best Wishes,
robert
2009/2/27 robert song <robertsong.linux@xxxxxxxxx>:
> 2009/2/27 Andrew Haley <aph@xxxxxxxxxx>:
>> robert song wrote:
>>> Andrew, thank you for your reply.
>>> Well, the source file can be modified to solve the problem, but I want
>>> to use one tool to record every address of the running applications
>>> built with -finstrument-sections option, without modifying the
>>> application source code itself.
>>
>> Try this:
>>
>> void
>> __cyg_profile_func_enter (void *this_fn, void *call_site)
>> {
>> Dl_info info;
>> dladdr(__builtin_return_address(0), &info);
>>
>
> It is a good idea to use __builtin_return_address(0) which will be located
> between the caller funtion start and end address.
>
> Thank you very much.
>
> besh wishes,
> robert
>
>> printf ("addr:%lx %p:%s\n", this_fn, info.dli_saddr, info.dli_sname);
>> }
>>
>> Link with -ldl.
>>
>>
>>> But now the address sometimes may be the PLT address of the application,
>>> and I don't have a good idea to deal with the problem.
>>>
>>> If the real address can be got in the __cyg_profile_func_enter()
>>> function in some way, it will be helpful to analyse.
>>>
>>> 2009/2/26 Andrew Haley <aph@xxxxxxxxxx>:
>>>> The shared library loader is trying to make the code as efficient as possible.
>>>> When you take the address of a symbol in main, the loader is forced to fix up
>>>> the reloc with a pointer into the PLT. This happens because at the time the
>>>> fixup is made, the symbol foo has not been resolved: it'll only be resolved
>>>> later when the first call to foo happens. So, we have to use the PLT address
>>>> because we don't yet know where foo is.
>>>>
>>>> Because of C's rule that the address of a function must be unique, every subsequent
>>>> reference to that symbol will return the PLT address, including the one used
>>>> in the call to __cyg_profile_func_enter().
>>>>
>>>> You can get around this by compiling main with -fpic and not globally initializing
>>>> ptr.
>>>>
>>>> void *ptr;
>>>>
>>>> int
>>>> main (int argc, char *argv[])
>>>> {
>>>> ptr = foo;
>>>>
>>>> cc -fpic -finstrument-functions -g -o main main.c tracer.c foo.so -Wl,-rpath `pwd`
>>>>
>>>> $ ./main
>>>> addr:40073c
>>>> addr:110634
>>>> addr:110634
>>>> addr:11066b
>>>> addr:11066b
>>>> addr:40073c
>>>>
>>>> Andrew.
>>>>
>>>>
>>
>>
>
