<div dir="ltr">If function is built with framepointer, then EBP + 4 == return address of the caller of then present function. Because by convention, the entire function usually don't touch the EBP's value, so with respect to that, u can always retrieve the return address of the caller. (which is what this function does).<div>
<br></div><div>and u ask if is not compiled inline? Then __builtin_return_address() become a function itself? Then u are getting the caller of "__builtin_return_address". That was not the original intention. Its purpose is to get the caller address of the current function.</div>
</div><div class="gmail_extra"><br><br><div class="gmail_quote">On Thu, Jul 31, 2014 at 9:05 AM, Xin Tong <span dir="ltr"><<a href="mailto:trent.tong@gmail.com" target="_blank">trent.tong@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div class="gmail_default"><div class="gmail_default"><font face="courier new, monospace">In that case, the __builtin_return_address(level) level > 1 is not possible either ? what if the kernel uses this ?</font></div>
<span class="HOEnZb"><font color="#888888">
<div class="gmail_default"><font face="courier new, monospace"><br></font></div><div class="gmail_default"><font face="courier new, monospace">Xin </font></div></font></span></div></div><div class="HOEnZb"><div class="h5">
<div class="gmail_extra"><br><br><div class="gmail_quote">
On Wed, Jul 30, 2014 at 8:00 PM, Peter Teoh <span dir="ltr"><<a href="mailto:htmldeveloper@gmail.com" target="_blank">htmldeveloper@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr"><br><div class="gmail_extra"><br><br><div class="gmail_quote"><div>On Thu, Jul 31, 2014 at 12:59 AM, Xin Tong <span dir="ltr"><<a href="mailto:trent.tong@gmail.com" target="_blank">trent.tong@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div style="font-family:'courier new',monospace">why can not <span style="font-family:arial,sans-serif;font-size:12.8px">__builtin_return_address() be made *never* inline and use current level+1 to get the return address of the function of interest. For any stack introspection, having 1 more level will not hurt functionality. </span></div>
</div></blockquote><div><br></div></div><div>Actually, the answer for your remark is "impossible" - in the case when the kernel is compiled without frame pointer. (CONFIG_FRAME_POINTER=n) which is true for certain variant of RHEL / CentOS. Without the availability of EBP on the stack, there is no way to know when to stop reading the stack to retrieve the previous stackframe. Of course u can statically walk the disassembly of the function and see how much stack space the particular function has allocated. But that requires implementing a disassembler in the kernel.<br>
</div><div><div><br> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">
<div style="font-family:'courier new',monospace"><br></div><div style="font-family:'courier new',monospace">given its explanation below </div><div style="font-family:'courier new',monospace">
<br></div><div style="font-family:'courier new',monospace"><span style="color:rgb(0,0,0);font-family:'Times New Roman';font-size:medium">— Built-in Function: void * </span><b style="color:rgb(0,0,0);font-family:'Times New Roman';font-size:medium">__builtin_return_address</b><span style="color:rgb(0,0,0);font-family:'Times New Roman';font-size:medium"> (</span><var style="color:rgb(0,0,0);font-family:'Times New Roman';font-size:medium">unsigned int level</var><span style="color:rgb(0,0,0);font-family:'Times New Roman';font-size:medium">)</span><var style="color:rgb(0,0,0);font-family:'Times New Roman';font-size:medium"><a name="14789f33f272ba48_14789eeca4e322e4_14788377b2c29c0a_index-g_t_005f_005fbuiltin_005freturn_005faddress-3207"></a></var><br style="color:rgb(0,0,0);font-family:'Times New Roman';font-size:medium">
<blockquote style="color:rgb(0,0,0);font-family:'Times New Roman';font-size:medium"><p>This function returns the return address of the current function, or of one of its callers. The <var>level</var> argument is number of frames to scan up the call stack. A value of <code>0</code> yields the return address of the current function, a value of <code>1</code> yields the return address of the caller of the current function, and so forth. When inlining the expected behavior is that the function returns the address of the function that is returned to. To work around this behavior use the <code>noinline</code> function attribute.</p>
<p><br></p></blockquote></div></div><br></blockquote></div></div><span><font color="#888888"><br clear="all"><br>-- <br>Regards,<br>Peter Teoh
</font></span></div></div>
</blockquote></div><br></div>
</div></div></blockquote></div><br><br clear="all"><div><br></div>-- <br>Regards,<br>Peter Teoh
</div>