2025-09-02 –, Bonjour 50
A new method of creating user space stack tracing is being developed in the kernel that does not rely on frame pointers. This method is called SFrames. SFrames is a section in the ELF executable that holds two tables that can be used to look up the current instruction pointer in the first table (via a binary search) which takes you to the second table that tells the kernel how to find the return address for the current function. Then that address can be used to lookup the return address of that function creating a stack trace.
For the kernel to have access to these tables, which live in user space, it has to be able to handle a major page fault. That is because the table may still be on disk, and to read it, it has to be read into memory via the page fault handler. There's only two locations that generic code in the kernel can know if it's safe to handle a major page fault and that is when the task is entering or exiting the kernel.
As profilers usually trigger interrupts or NMIs to get the stack trace, including the kernel stack, it must defer the reading of the SFrames until the task goes back to user space. This talk will discuss the proposed implementation, the issues with handling deferred stack traces, and other various aspects that this new feature will provide.
Steven Rostedt currently works for Google on their Chromebook team. Steven is the main developer and maintainer of ftrace, the official tracer of the Linux kernel, as well as the user space tools trace-cmd, the ftrace tracing libraries and co-maintainer of KernelShark. Steven is one of the original developers of the Real Time patch (PREEMPT_RT) and continues his role leading the team that maintain the Real Time patch (PREEMPT_RT) stable releases. He also develops ktest.pl (in the kernel source) and created the Linux kernel "make localmodconfig" option.