RV64和ARM64栈结构差异

RV64和ARM64栈结构差异

  • [1 RV64和ARM64栈结构差异示意图](#1 RV64和ARM64栈结构差异示意图)
    • [1.1 RV64和ARM64寄存器介绍](#1.1 RV64和ARM64寄存器介绍)
      • [1.1.1 RV64寄存器](#1.1.1 RV64寄存器)
      • [1.1.2 ARM64寄存器](#1.1.2 ARM64寄存器)
    • [1.2 RV64和ARM64栈结构差异示意图](#1.2 RV64和ARM64栈结构差异示意图)
  • [2 RV64和ARM64栈使用示例](#2 RV64和ARM64栈使用示例)
    • [2.1 测试的程序](#2.1 测试的程序)
    • [2.2 RV64反汇编的汇编程序](#2.2 RV64反汇编的汇编程序)
    • [2.3 ARM64反汇编的汇编程序](#2.3 ARM64反汇编的汇编程序)
    • [2.4 RV64和ARM64测试程序的栈结构图](#2.4 RV64和ARM64测试程序的栈结构图)
      • [2.4.1 RV64测试程序的栈结构图](#2.4.1 RV64测试程序的栈结构图)
      • [2.4.2 ARM64测试程序的栈结构图](#2.4.2 ARM64测试程序的栈结构图)
  • [3 异常时依据栈和当前寄存器推导调用栈的处理流程](#3 异常时依据栈和当前寄存器推导调用栈的处理流程)
    • [3.1 以RV64为例来介绍](#3.1 以RV64为例来介绍)
    • [3.2 以ARM64为例来介绍](#3.2 以ARM64为例来介绍)

为什么要写这篇文章呢,主要是为了区分一下在RV64(RISC-V)和ARM64两种不同处理器在函数调用过程中栈的结构性差异,当出现异常情况时如何根据栈以及异常时寄存器的情况如何推导出调用栈。

RISC-V调用规则
RV64函数调用流程分析
ARM64 程序调用标准
ARM64函数调用流程分析

1 RV64和ARM64栈结构差异示意图

1.1 RV64和ARM64寄存器介绍

1.1.1 RV64寄存器

1.1.2 ARM64寄存器


1.2 RV64和ARM64栈结构差异示意图

  • RV64的栈帧寄存器是s0,s0指向当前函数栈的栈底
  • ARM64的栈帧寄存器是x29,x29指向当前函数的栈顶

2 RV64和ARM64栈使用示例

2.1 测试的程序

c 复制代码
#include <stdio.h>
#include <string.h>

void test_fun_b(long m, long n, long x, long y)
{
        long c = 3;
        long d = 4;
                                                                                                                                                                                                           
        printf("The current function is %s c:%ld d:%ld\r\n", __func__, c, d); 

        c = c + d + m;
        d = c + d + n;
}

void test_fun_a(long m, long n, long x, long y)
{
        long b = 2;
        long c = 3;

        printf("The current function is %s b:%ld c:%ld\r\n", __func__, b, c);

        test_fun_b(b, c, 0, 2); 

        b = b + c + m;
        c = b + c + n;
}

int main(void)
{
        long a = 1;
        long b = 2;

        printf("The current function is %s a:%ld b:%ld\r\n", __func__, a, b); 

        test_fun_a(a, b, 0, 1); 

        a = a + b;
        b = a + b;

        return 0;
}

2.2 RV64反汇编的汇编程序

  • RV64的编译命令:riscv64-linux-gnu-gcc -Wl,--no-as-needed main.c -o rv_test
  • RV64的反汇编命令:riscv64-linux-gnu-objdump -S -d rv_test
c 复制代码
rv_test:     file format elf64-littleriscv


Disassembly of section .plt:

0000000000000520 <.plt>:
 520:	00002397          	auipc	t2,0x2
 524:	41c30333          	sub	t1,t1,t3
 528:	ae83be03          	ld	t3,-1304(t2) # 2008 <__TMC_END__>
 52c:	fd430313          	addi	t1,t1,-44
 530:	ae838293          	addi	t0,t2,-1304
 534:	00135313          	srli	t1,t1,0x1
 538:	0082b283          	ld	t0,8(t0)
 53c:	000e0067          	jr	t3

0000000000000540 <__libc_start_main@plt>:
 540:	00002e17          	auipc	t3,0x2
 544:	ad8e3e03          	ld	t3,-1320(t3) # 2018 <__libc_start_main@GLIBC_2.27>
 548:	000e0367          	jalr	t1,t3
 54c:	00000013          	nop

0000000000000550 <printf@plt>:
 550:	00002e17          	auipc	t3,0x2
 554:	ad0e3e03          	ld	t3,-1328(t3) # 2020 <printf@GLIBC_2.27>
 558:	000e0367          	jalr	t1,t3
 55c:	00000013          	nop

Disassembly of section .text:

0000000000000560 <_start>:
 560:	02e000ef          	jal	ra,58e <load_gp>
 564:	87aa                	mv	a5,a0
 566:	00002517          	auipc	a0,0x2
 56a:	ad253503          	ld	a0,-1326(a0) # 2038 <_GLOBAL_OFFSET_TABLE_+0x10>
 56e:	6582                	ld	a1,0(sp)
 570:	0030                	addi	a2,sp,8
 572:	ff017113          	andi	sp,sp,-16
 576:	00000697          	auipc	a3,0x0
 57a:	21068693          	addi	a3,a3,528 # 786 <__libc_csu_init>
 57e:	00000717          	auipc	a4,0x0
 582:	26070713          	addi	a4,a4,608 # 7de <__libc_csu_fini>
 586:	880a                	mv	a6,sp
 588:	fb9ff0ef          	jal	ra,540 <__libc_start_main@plt>
 58c:	9002                	ebreak

000000000000058e <load_gp>:
 58e:	00002197          	auipc	gp,0x2
 592:	27218193          	addi	gp,gp,626 # 2800 <__global_pointer$>
 596:	8082                	ret
	...

000000000000059a <deregister_tm_clones>:
 59a:	00002517          	auipc	a0,0x2
 59e:	a6e50513          	addi	a0,a0,-1426 # 2008 <__TMC_END__>
 5a2:	00002797          	auipc	a5,0x2
 5a6:	a6678793          	addi	a5,a5,-1434 # 2008 <__TMC_END__>
 5aa:	00a78963          	beq	a5,a0,5bc <deregister_tm_clones+0x22>
 5ae:	00002317          	auipc	t1,0x2
 5b2:	a8233303          	ld	t1,-1406(t1) # 2030 <_ITM_deregisterTMCloneTable>
 5b6:	00030363          	beqz	t1,5bc <deregister_tm_clones+0x22>
 5ba:	8302                	jr	t1
 5bc:	8082                	ret

00000000000005be <register_tm_clones>:
 5be:	00002517          	auipc	a0,0x2
 5c2:	a4a50513          	addi	a0,a0,-1462 # 2008 <__TMC_END__>
 5c6:	00002797          	auipc	a5,0x2
 5ca:	a4278793          	addi	a5,a5,-1470 # 2008 <__TMC_END__>
 5ce:	8f89                	sub	a5,a5,a0
 5d0:	4037d713          	srai	a4,a5,0x3
 5d4:	03f7d593          	srli	a1,a5,0x3f
 5d8:	95ba                	add	a1,a1,a4
 5da:	8585                	srai	a1,a1,0x1
 5dc:	c981                	beqz	a1,5ec <register_tm_clones+0x2e>
 5de:	00002317          	auipc	t1,0x2
 5e2:	a6a33303          	ld	t1,-1430(t1) # 2048 <_ITM_registerTMCloneTable>
 5e6:	00030363          	beqz	t1,5ec <register_tm_clones+0x2e>
 5ea:	8302                	jr	t1
 5ec:	8082                	ret

00000000000005ee <__do_global_dtors_aux>:
 5ee:	1141                	addi	sp,sp,-16
 5f0:	e022                	sd	s0,0(sp)
 5f2:	00002417          	auipc	s0,0x2
 5f6:	a6240413          	addi	s0,s0,-1438 # 2054 <completed.6761>
 5fa:	00044783          	lbu	a5,0(s0)
 5fe:	e406                	sd	ra,8(sp)
 600:	e385                	bnez	a5,620 <__do_global_dtors_aux+0x32>
 602:	00002797          	auipc	a5,0x2
 606:	a3e7b783          	ld	a5,-1474(a5) # 2040 <__cxa_finalize@GLIBC_2.27>
 60a:	c791                	beqz	a5,616 <__do_global_dtors_aux+0x28>
 60c:	00002517          	auipc	a0,0x2
 610:	9f453503          	ld	a0,-1548(a0) # 2000 <__dso_handle>
 614:	9782                	jalr	a5
 616:	f85ff0ef          	jal	ra,59a <deregister_tm_clones>
 61a:	4785                	li	a5,1
 61c:	00f40023          	sb	a5,0(s0)
 620:	60a2                	ld	ra,8(sp)
 622:	6402                	ld	s0,0(sp)
 624:	0141                	addi	sp,sp,16
 626:	8082                	ret

0000000000000628 <frame_dummy>:
 628:	bf59                	j	5be <register_tm_clones>

000000000000062a <test_fun_b>:
 62a:	7139                	addi	sp,sp,-64
 62c:	fc06                	sd	ra,56(sp)
 62e:	f822                	sd	s0,48(sp)
 630:	0080                	addi	s0,sp,64
 632:	fca43c23          	sd	a0,-40(s0)
 636:	fcb43823          	sd	a1,-48(s0)
 63a:	fcc43423          	sd	a2,-56(s0)
 63e:	fcd43023          	sd	a3,-64(s0)
 642:	478d                	li	a5,3
 644:	fef43023          	sd	a5,-32(s0)
 648:	4791                	li	a5,4
 64a:	fef43423          	sd	a5,-24(s0)
 64e:	fe843683          	ld	a3,-24(s0)
 652:	fe043603          	ld	a2,-32(s0)
 656:	00000597          	auipc	a1,0x0
 65a:	21a58593          	addi	a1,a1,538 # 870 <__func__.2089>
 65e:	00000517          	auipc	a0,0x0
 662:	18250513          	addi	a0,a0,386 # 7e0 <__libc_csu_fini+0x2>
 666:	eebff0ef          	jal	ra,550 <printf@plt>
 66a:	fe043703          	ld	a4,-32(s0)
 66e:	fe843783          	ld	a5,-24(s0)
 672:	97ba                	add	a5,a5,a4
 674:	fd843703          	ld	a4,-40(s0)
 678:	97ba                	add	a5,a5,a4
 67a:	fef43023          	sd	a5,-32(s0)
 67e:	fe043703          	ld	a4,-32(s0)
 682:	fe843783          	ld	a5,-24(s0)
 686:	97ba                	add	a5,a5,a4
 688:	fd043703          	ld	a4,-48(s0)
 68c:	97ba                	add	a5,a5,a4
 68e:	fef43423          	sd	a5,-24(s0)
 692:	0001                	nop
 694:	70e2                	ld	ra,56(sp)
 696:	7442                	ld	s0,48(sp)
 698:	6121                	addi	sp,sp,64
 69a:	8082                	ret

000000000000069c <test_fun_a>:
 69c:	7139                	addi	sp,sp,-64
 69e:	fc06                	sd	ra,56(sp)
 6a0:	f822                	sd	s0,48(sp)
 6a2:	0080                	addi	s0,sp,64
 6a4:	fca43c23          	sd	a0,-40(s0)
 6a8:	fcb43823          	sd	a1,-48(s0)
 6ac:	fcc43423          	sd	a2,-56(s0)
 6b0:	fcd43023          	sd	a3,-64(s0)
 6b4:	4789                	li	a5,2
 6b6:	fef43023          	sd	a5,-32(s0)
 6ba:	478d                	li	a5,3
 6bc:	fef43423          	sd	a5,-24(s0)
 6c0:	fe843683          	ld	a3,-24(s0)
 6c4:	fe043603          	ld	a2,-32(s0)
 6c8:	00000597          	auipc	a1,0x0
 6cc:	1b858593          	addi	a1,a1,440 # 880 <__func__.2098>
 6d0:	00000517          	auipc	a0,0x0
 6d4:	14050513          	addi	a0,a0,320 # 810 <__libc_csu_fini+0x32>
 6d8:	e79ff0ef          	jal	ra,550 <printf@plt>
 6dc:	4689                	li	a3,2
 6de:	4601                	li	a2,0
 6e0:	fe843583          	ld	a1,-24(s0)
 6e4:	fe043503          	ld	a0,-32(s0)
 6e8:	f43ff0ef          	jal	ra,62a <test_fun_b>
 6ec:	fe043703          	ld	a4,-32(s0)
 6f0:	fe843783          	ld	a5,-24(s0)
 6f4:	97ba                	add	a5,a5,a4
 6f6:	fd843703          	ld	a4,-40(s0)
 6fa:	97ba                	add	a5,a5,a4
 6fc:	fef43023          	sd	a5,-32(s0)
 700:	fe043703          	ld	a4,-32(s0)
 704:	fe843783          	ld	a5,-24(s0)
 708:	97ba                	add	a5,a5,a4
 70a:	fd043703          	ld	a4,-48(s0)
 70e:	97ba                	add	a5,a5,a4
 710:	fef43423          	sd	a5,-24(s0)
 714:	0001                	nop
 716:	70e2                	ld	ra,56(sp)
 718:	7442                	ld	s0,48(sp)
 71a:	6121                	addi	sp,sp,64
 71c:	8082                	ret

000000000000071e <main>:
 71e:	1101                	addi	sp,sp,-32
 720:	ec06                	sd	ra,24(sp)
 722:	e822                	sd	s0,16(sp)
 724:	1000                	addi	s0,sp,32
 726:	4785                	li	a5,1
 728:	fef43023          	sd	a5,-32(s0)
 72c:	4789                	li	a5,2
 72e:	fef43423          	sd	a5,-24(s0)
 732:	fe843683          	ld	a3,-24(s0)
 736:	fe043603          	ld	a2,-32(s0)
 73a:	00000597          	auipc	a1,0x0
 73e:	15658593          	addi	a1,a1,342 # 890 <__func__.2104>
 742:	00000517          	auipc	a0,0x0
 746:	0fe50513          	addi	a0,a0,254 # 840 <__libc_csu_fini+0x62>
 74a:	e07ff0ef          	jal	ra,550 <printf@plt>
 74e:	4685                	li	a3,1
 750:	4601                	li	a2,0
 752:	fe843583          	ld	a1,-24(s0)
 756:	fe043503          	ld	a0,-32(s0)
 75a:	f43ff0ef          	jal	ra,69c <test_fun_a>
 75e:	fe043703          	ld	a4,-32(s0)
 762:	fe843783          	ld	a5,-24(s0)
 766:	97ba                	add	a5,a5,a4
 768:	fef43023          	sd	a5,-32(s0)
 76c:	fe843703          	ld	a4,-24(s0)
 770:	fe043783          	ld	a5,-32(s0)
 774:	97ba                	add	a5,a5,a4
 776:	fef43423          	sd	a5,-24(s0)
 77a:	4781                	li	a5,0
 77c:	853e                	mv	a0,a5
 77e:	60e2                	ld	ra,24(sp)
 780:	6442                	ld	s0,16(sp)
 782:	6105                	addi	sp,sp,32
 784:	8082                	ret

0000000000000786 <__libc_csu_init>:
 786:	7139                	addi	sp,sp,-64
 788:	f822                	sd	s0,48(sp)
 78a:	f04a                	sd	s2,32(sp)
 78c:	00001417          	auipc	s0,0x1
 790:	67440413          	addi	s0,s0,1652 # 1e00 <__frame_dummy_init_array_entry>
 794:	00001917          	auipc	s2,0x1
 798:	67490913          	addi	s2,s2,1652 # 1e08 <__do_global_dtors_aux_fini_array_entry>
 79c:	40890933          	sub	s2,s2,s0
 7a0:	fc06                	sd	ra,56(sp)
 7a2:	f426                	sd	s1,40(sp)
 7a4:	ec4e                	sd	s3,24(sp)
 7a6:	e852                	sd	s4,16(sp)
 7a8:	e456                	sd	s5,8(sp)
 7aa:	40395913          	srai	s2,s2,0x3
 7ae:	00090f63          	beqz	s2,7cc <__libc_csu_init+0x46>
 7b2:	89aa                	mv	s3,a0
 7b4:	8a2e                	mv	s4,a1
 7b6:	8ab2                	mv	s5,a2
 7b8:	4481                	li	s1,0
 7ba:	601c                	ld	a5,0(s0)
 7bc:	8656                	mv	a2,s5
 7be:	85d2                	mv	a1,s4
 7c0:	854e                	mv	a0,s3
 7c2:	0485                	addi	s1,s1,1
 7c4:	9782                	jalr	a5
 7c6:	0421                	addi	s0,s0,8
 7c8:	fe9919e3          	bne	s2,s1,7ba <__libc_csu_init+0x34>
 7cc:	70e2                	ld	ra,56(sp)
 7ce:	7442                	ld	s0,48(sp)
 7d0:	74a2                	ld	s1,40(sp)
 7d2:	7902                	ld	s2,32(sp)
 7d4:	69e2                	ld	s3,24(sp)
 7d6:	6a42                	ld	s4,16(sp)
 7d8:	6aa2                	ld	s5,8(sp)
 7da:	6121                	addi	sp,sp,64
 7dc:	8082                	ret

00000000000007de <__libc_csu_fini>:
 7de:	8082                	ret

2.3 ARM64反汇编的汇编程序

  • RV64的编译命令:aarch64-linux-gnu-gcc -Wl,--no-as-needed main.c -o a64_test
  • RV64的反汇编命令:aarch64-linux-gnu-objdump -S -d a64_test
c 复制代码
a64_test:     file format elf64-littleaarch64


Disassembly of section .init:

00000000000005d0 <_init>:
 5d0:	a9bf7bfd 	stp	x29, x30, [sp, #-16]!
 5d4:	910003fd 	mov	x29, sp
 5d8:	94000030 	bl	698 <call_weak_fn>
 5dc:	a8c17bfd 	ldp	x29, x30, [sp], #16
 5e0:	d65f03c0 	ret

Disassembly of section .plt:

00000000000005f0 <.plt>:
 5f0:	a9bf7bf0 	stp	x16, x30, [sp, #-16]!
 5f4:	90000090 	adrp	x16, 10000 <__FRAME_END__+0xf438>
 5f8:	f947ca11 	ldr	x17, [x16, #3984]
 5fc:	913e4210 	add	x16, x16, #0xf90
 600:	d61f0220 	br	x17
 604:	d503201f 	nop
 608:	d503201f 	nop
 60c:	d503201f 	nop

0000000000000610 <__cxa_finalize@plt>:
 610:	90000090 	adrp	x16, 10000 <__FRAME_END__+0xf438>
 614:	f947ce11 	ldr	x17, [x16, #3992]
 618:	913e6210 	add	x16, x16, #0xf98
 61c:	d61f0220 	br	x17

0000000000000620 <__libc_start_main@plt>:
 620:	90000090 	adrp	x16, 10000 <__FRAME_END__+0xf438>
 624:	f947d211 	ldr	x17, [x16, #4000]
 628:	913e8210 	add	x16, x16, #0xfa0
 62c:	d61f0220 	br	x17

0000000000000630 <__gmon_start__@plt>:
 630:	90000090 	adrp	x16, 10000 <__FRAME_END__+0xf438>
 634:	f947d611 	ldr	x17, [x16, #4008]
 638:	913ea210 	add	x16, x16, #0xfa8
 63c:	d61f0220 	br	x17

0000000000000640 <abort@plt>:
 640:	90000090 	adrp	x16, 10000 <__FRAME_END__+0xf438>
 644:	f947da11 	ldr	x17, [x16, #4016]
 648:	913ec210 	add	x16, x16, #0xfb0
 64c:	d61f0220 	br	x17

0000000000000650 <printf@plt>:
 650:	90000090 	adrp	x16, 10000 <__FRAME_END__+0xf438>
 654:	f947de11 	ldr	x17, [x16, #4024]
 658:	913ee210 	add	x16, x16, #0xfb8
 65c:	d61f0220 	br	x17

Disassembly of section .text:

0000000000000660 <_start>:
 660:	d280001d 	mov	x29, #0x0                   	// #0
 664:	d280001e 	mov	x30, #0x0                   	// #0
 668:	aa0003e5 	mov	x5, x0
 66c:	f94003e1 	ldr	x1, [sp]
 670:	910023e2 	add	x2, sp, #0x8
 674:	910003e6 	mov	x6, sp
 678:	90000080 	adrp	x0, 10000 <__FRAME_END__+0xf438>
 67c:	f947f800 	ldr	x0, [x0, #4080]
 680:	90000083 	adrp	x3, 10000 <__FRAME_END__+0xf438>
 684:	f947f463 	ldr	x3, [x3, #4072]
 688:	90000084 	adrp	x4, 10000 <__FRAME_END__+0xf438>
 68c:	f947e484 	ldr	x4, [x4, #4040]
 690:	97ffffe4 	bl	620 <__libc_start_main@plt>
 694:	97ffffeb 	bl	640 <abort@plt>

0000000000000698 <call_weak_fn>:
 698:	90000080 	adrp	x0, 10000 <__FRAME_END__+0xf438>
 69c:	f947f000 	ldr	x0, [x0, #4064]
 6a0:	b4000040 	cbz	x0, 6a8 <call_weak_fn+0x10>
 6a4:	17ffffe3 	b	630 <__gmon_start__@plt>
 6a8:	d65f03c0 	ret
 6ac:	d503201f 	nop

00000000000006b0 <deregister_tm_clones>:
 6b0:	b0000080 	adrp	x0, 11000 <__data_start>
 6b4:	91004000 	add	x0, x0, #0x10
 6b8:	b0000081 	adrp	x1, 11000 <__data_start>
 6bc:	91004021 	add	x1, x1, #0x10
 6c0:	eb00003f 	cmp	x1, x0
 6c4:	540000c0 	b.eq	6dc <deregister_tm_clones+0x2c>  // b.none
 6c8:	90000081 	adrp	x1, 10000 <__FRAME_END__+0xf438>
 6cc:	f947e821 	ldr	x1, [x1, #4048]
 6d0:	b4000061 	cbz	x1, 6dc <deregister_tm_clones+0x2c>
 6d4:	aa0103f0 	mov	x16, x1
 6d8:	d61f0200 	br	x16
 6dc:	d65f03c0 	ret

00000000000006e0 <register_tm_clones>:
 6e0:	b0000080 	adrp	x0, 11000 <__data_start>
 6e4:	91004000 	add	x0, x0, #0x10
 6e8:	b0000081 	adrp	x1, 11000 <__data_start>
 6ec:	91004021 	add	x1, x1, #0x10
 6f0:	cb000021 	sub	x1, x1, x0
 6f4:	d37ffc22 	lsr	x2, x1, #63
 6f8:	8b810c41 	add	x1, x2, x1, asr #3
 6fc:	eb8107ff 	cmp	xzr, x1, asr #1
 700:	9341fc21 	asr	x1, x1, #1
 704:	540000c0 	b.eq	71c <register_tm_clones+0x3c>  // b.none
 708:	90000082 	adrp	x2, 10000 <__FRAME_END__+0xf438>
 70c:	f947fc42 	ldr	x2, [x2, #4088]
 710:	b4000062 	cbz	x2, 71c <register_tm_clones+0x3c>
 714:	aa0203f0 	mov	x16, x2
 718:	d61f0200 	br	x16
 71c:	d65f03c0 	ret

0000000000000720 <__do_global_dtors_aux>:
 720:	a9be7bfd 	stp	x29, x30, [sp, #-32]!
 724:	910003fd 	mov	x29, sp
 728:	f9000bf3 	str	x19, [sp, #16]
 72c:	b0000093 	adrp	x19, 11000 <__data_start>
 730:	39404260 	ldrb	w0, [x19, #16]
 734:	35000140 	cbnz	w0, 75c <__do_global_dtors_aux+0x3c>
 738:	90000080 	adrp	x0, 10000 <__FRAME_END__+0xf438>
 73c:	f947ec00 	ldr	x0, [x0, #4056]
 740:	b4000080 	cbz	x0, 750 <__do_global_dtors_aux+0x30>
 744:	b0000080 	adrp	x0, 11000 <__data_start>
 748:	f9400400 	ldr	x0, [x0, #8]
 74c:	97ffffb1 	bl	610 <__cxa_finalize@plt>
 750:	97ffffd8 	bl	6b0 <deregister_tm_clones>
 754:	52800020 	mov	w0, #0x1                   	// #1
 758:	39004260 	strb	w0, [x19, #16]
 75c:	f9400bf3 	ldr	x19, [sp, #16]
 760:	a8c27bfd 	ldp	x29, x30, [sp], #32
 764:	d65f03c0 	ret

0000000000000768 <frame_dummy>:
 768:	17ffffde 	b	6e0 <register_tm_clones>

000000000000076c <test_fun_b>:
 76c:	a9bc7bfd 	stp	x29, x30, [sp, #-64]!
 770:	910003fd 	mov	x29, sp
 774:	f90017e0 	str	x0, [sp, #40]
 778:	f90013e1 	str	x1, [sp, #32]
 77c:	f9000fe2 	str	x2, [sp, #24]
 780:	f9000be3 	str	x3, [sp, #16]
 784:	d2800060 	mov	x0, #0x3                   	// #3
 788:	f9001be0 	str	x0, [sp, #48]
 78c:	d2800080 	mov	x0, #0x4                   	// #4
 790:	f9001fe0 	str	x0, [sp, #56]
 794:	f9401fe3 	ldr	x3, [sp, #56]
 798:	f9401be2 	ldr	x2, [sp, #48]
 79c:	90000000 	adrp	x0, 0 <_init-0x5d0>
 7a0:	9128a001 	add	x1, x0, #0xa28
 7a4:	90000000 	adrp	x0, 0 <_init-0x5d0>
 7a8:	91266000 	add	x0, x0, #0x998
 7ac:	97ffffa9 	bl	650 <printf@plt>
 7b0:	f9401be1 	ldr	x1, [sp, #48]
 7b4:	f9401fe0 	ldr	x0, [sp, #56]
 7b8:	8b000020 	add	x0, x1, x0
 7bc:	f94017e1 	ldr	x1, [sp, #40]
 7c0:	8b000020 	add	x0, x1, x0
 7c4:	f9001be0 	str	x0, [sp, #48]
 7c8:	f9401be1 	ldr	x1, [sp, #48]
 7cc:	f9401fe0 	ldr	x0, [sp, #56]
 7d0:	8b000020 	add	x0, x1, x0
 7d4:	f94013e1 	ldr	x1, [sp, #32]
 7d8:	8b000020 	add	x0, x1, x0
 7dc:	f9001fe0 	str	x0, [sp, #56]
 7e0:	d503201f 	nop
 7e4:	a8c47bfd 	ldp	x29, x30, [sp], #64
 7e8:	d65f03c0 	ret

00000000000007ec <test_fun_a>:
 7ec:	a9bc7bfd 	stp	x29, x30, [sp, #-64]!
 7f0:	910003fd 	mov	x29, sp
 7f4:	f90017e0 	str	x0, [sp, #40]
 7f8:	f90013e1 	str	x1, [sp, #32]
 7fc:	f9000fe2 	str	x2, [sp, #24]
 800:	f9000be3 	str	x3, [sp, #16]
 804:	d2800040 	mov	x0, #0x2                   	// #2
 808:	f9001be0 	str	x0, [sp, #48]
 80c:	d2800060 	mov	x0, #0x3                   	// #3
 810:	f9001fe0 	str	x0, [sp, #56]
 814:	f9401fe3 	ldr	x3, [sp, #56]
 818:	f9401be2 	ldr	x2, [sp, #48]
 81c:	90000000 	adrp	x0, 0 <_init-0x5d0>
 820:	9128e001 	add	x1, x0, #0xa38
 824:	90000000 	adrp	x0, 0 <_init-0x5d0>
 828:	91272000 	add	x0, x0, #0x9c8
 82c:	97ffff89 	bl	650 <printf@plt>
 830:	d2800043 	mov	x3, #0x2                   	// #2
 834:	d2800002 	mov	x2, #0x0                   	// #0
 838:	f9401fe1 	ldr	x1, [sp, #56]
 83c:	f9401be0 	ldr	x0, [sp, #48]
 840:	97ffffcb 	bl	76c <test_fun_b>
 844:	f9401be1 	ldr	x1, [sp, #48]
 848:	f9401fe0 	ldr	x0, [sp, #56]
 84c:	8b000020 	add	x0, x1, x0
 850:	f94017e1 	ldr	x1, [sp, #40]
 854:	8b000020 	add	x0, x1, x0
 858:	f9001be0 	str	x0, [sp, #48]
 85c:	f9401be1 	ldr	x1, [sp, #48]
 860:	f9401fe0 	ldr	x0, [sp, #56]
 864:	8b000020 	add	x0, x1, x0
 868:	f94013e1 	ldr	x1, [sp, #32]
 86c:	8b000020 	add	x0, x1, x0
 870:	f9001fe0 	str	x0, [sp, #56]
 874:	d503201f 	nop
 878:	a8c47bfd 	ldp	x29, x30, [sp], #64
 87c:	d65f03c0 	ret

0000000000000880 <main>:
 880:	a9be7bfd 	stp	x29, x30, [sp, #-32]!
 884:	910003fd 	mov	x29, sp
 888:	d2800020 	mov	x0, #0x1                   	// #1
 88c:	f9000be0 	str	x0, [sp, #16]
 890:	d2800040 	mov	x0, #0x2                   	// #2
 894:	f9000fe0 	str	x0, [sp, #24]
 898:	f9400fe3 	ldr	x3, [sp, #24]
 89c:	f9400be2 	ldr	x2, [sp, #16]
 8a0:	90000000 	adrp	x0, 0 <_init-0x5d0>
 8a4:	91292001 	add	x1, x0, #0xa48
 8a8:	90000000 	adrp	x0, 0 <_init-0x5d0>
 8ac:	9127e000 	add	x0, x0, #0x9f8
 8b0:	97ffff68 	bl	650 <printf@plt>
 8b4:	d2800023 	mov	x3, #0x1                   	// #1
 8b8:	d2800002 	mov	x2, #0x0                   	// #0
 8bc:	f9400fe1 	ldr	x1, [sp, #24]
 8c0:	f9400be0 	ldr	x0, [sp, #16]
 8c4:	97ffffca 	bl	7ec <test_fun_a>
 8c8:	f9400be1 	ldr	x1, [sp, #16]
 8cc:	f9400fe0 	ldr	x0, [sp, #24]
 8d0:	8b000020 	add	x0, x1, x0
 8d4:	f9000be0 	str	x0, [sp, #16]
 8d8:	f9400fe1 	ldr	x1, [sp, #24]
 8dc:	f9400be0 	ldr	x0, [sp, #16]
 8e0:	8b000020 	add	x0, x1, x0
 8e4:	f9000fe0 	str	x0, [sp, #24]
 8e8:	52800000 	mov	w0, #0x0                   	// #0
 8ec:	a8c27bfd 	ldp	x29, x30, [sp], #32
 8f0:	d65f03c0 	ret
 8f4:	d503201f 	nop

00000000000008f8 <__libc_csu_init>:
 8f8:	a9bc7bfd 	stp	x29, x30, [sp, #-64]!
 8fc:	910003fd 	mov	x29, sp
 900:	a90153f3 	stp	x19, x20, [sp, #16]
 904:	90000094 	adrp	x20, 10000 <__FRAME_END__+0xf438>
 908:	91362294 	add	x20, x20, #0xd88
 90c:	a9025bf5 	stp	x21, x22, [sp, #32]
 910:	90000095 	adrp	x21, 10000 <__FRAME_END__+0xf438>
 914:	913602b5 	add	x21, x21, #0xd80
 918:	cb150294 	sub	x20, x20, x21
 91c:	2a0003f6 	mov	w22, w0
 920:	a90363f7 	stp	x23, x24, [sp, #48]
 924:	aa0103f7 	mov	x23, x1
 928:	aa0203f8 	mov	x24, x2
 92c:	97ffff29 	bl	5d0 <_init>
 930:	eb940fff 	cmp	xzr, x20, asr #3
 934:	54000160 	b.eq	960 <__libc_csu_init+0x68>  // b.none
 938:	9343fe94 	asr	x20, x20, #3
 93c:	d2800013 	mov	x19, #0x0                   	// #0
 940:	f8737aa3 	ldr	x3, [x21, x19, lsl #3]
 944:	aa1803e2 	mov	x2, x24
 948:	91000673 	add	x19, x19, #0x1
 94c:	aa1703e1 	mov	x1, x23
 950:	2a1603e0 	mov	w0, w22
 954:	d63f0060 	blr	x3
 958:	eb13029f 	cmp	x20, x19
 95c:	54ffff21 	b.ne	940 <__libc_csu_init+0x48>  // b.any
 960:	a94153f3 	ldp	x19, x20, [sp, #16]
 964:	a9425bf5 	ldp	x21, x22, [sp, #32]
 968:	a94363f7 	ldp	x23, x24, [sp, #48]
 96c:	a8c47bfd 	ldp	x29, x30, [sp], #64
 970:	d65f03c0 	ret
 974:	d503201f 	nop

0000000000000978 <__libc_csu_fini>:
 978:	d65f03c0 	ret

Disassembly of section .fini:

000000000000097c <_fini>:
 97c:	a9bf7bfd 	stp	x29, x30, [sp, #-16]!
 980:	910003fd 	mov	x29, sp
 984:	a8c17bfd 	ldp	x29, x30, [sp], #16
 988:	d65f03c0 	ret

2.4 RV64和ARM64测试程序的栈结构图

2.4.1 RV64测试程序的栈结构图

2.4.2 ARM64测试程序的栈结构图

3 异常时依据栈和当前寄存器推导调用栈的处理流程

  • 首先要查看当前栈帧寄存器( FP )以及栈指针寄存器( SP )以及ra寄存器。对于arm64,其FP是x29寄存器,ra是x30寄存器;对于rv64来说,x8(s0)为其FP寄存器,x1为其ra寄存器。
  • 确认FP和SP就可以去依次去找到各个调用函数的调用过程,找到ra就可以确认当前函数的上一级调用者。

3.1 以RV64为例来介绍

3.2 以ARM64为例来介绍