├── .gitignore ├── LICENSE ├── Makefile ├── README.md ├── checkStackUsage.py ├── pylint.cfg ├── requirements.txt └── tests ├── .gitignore ├── Makefile ├── a.c ├── b.c └── main.c /.gitignore: -------------------------------------------------------------------------------- 1 | .analysed 2 | .setup 3 | .venv/ 4 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright © 2021 Thanassis Tsiodras 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the “Software”), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: 6 | 7 | The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. 8 | 9 | THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 10 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | TARGET:= checkStackUsage.py 2 | PYTHON:=python3 3 | VENV:=.venv 4 | 5 | all: .setup .analysed test ## Check everything 6 | 7 | .analysed: ${TARGET} 8 | $(MAKE) flake8 9 | $(MAKE) pylint 10 | $(MAKE) mypy 11 | @touch $@ 12 | 13 | flake8: dev-install ## PEP8 compliance checks with Flake8 14 | @echo "============================================" 15 | @echo " Running flake8..." 16 | @echo "============================================" 17 | ${VENV}/bin/flake8 ${TARGET} 18 | 19 | pylint: dev-install ## Static analysis with Pylint 20 | @echo "============================================" 21 | @echo " Running pylint..." 22 | @echo "============================================" 23 | ${VENV}/bin/pylint --disable=I --rcfile=pylint.cfg ${TARGET} 24 | 25 | mypy: dev-install ## Type checking with mypy 26 | @echo "============================================" 27 | @echo " Running mypy..." 28 | @echo "============================================" 29 | ${VENV}/bin/mypy --ignore-missing-imports ${TARGET} 30 | 31 | dev-install: .setup | prereq 32 | 33 | prereq: 34 | @${PYTHON} -c 'import sys; sys.exit(1 if (sys.version_info.major<3 or sys.version_info.minor<5) else 0)' || { \ 35 | echo "=============================================" ; \ 36 | echo "[x] You need at least Python 3.5 to run this." ; \ 37 | echo "=============================================" ; \ 38 | exit 1 ; \ 39 | } 40 | 41 | .setup: requirements.txt 42 | @if [ ! -d ${VENV} ] ; then \ 43 | echo "[-] Installing VirtualEnv environment..." ; \ 44 | ${PYTHON} -m venv ${VENV} || exit 1 ; \ 45 | fi 46 | echo "[-] Installing packages inside environment..." ; \ 47 | . ${VENV}/bin/activate || exit 1 ; \ 48 | ${PYTHON} -m pip install -r requirements.txt || exit 1 49 | touch $@ 50 | 51 | test: ## Test proper functioning 52 | $(MAKE) -C tests/ 53 | 54 | clean: ## Cleanup artifacts 55 | rm -rf .cache/ .mypy_cache/ .analysed .setup __pycache__ \ 56 | tests/__pycache__ .pytest_cache/ .processed .coverage 57 | $(MAKE) -C tests/ clean 58 | 59 | help: ## Display this help section 60 | @awk 'BEGIN {FS = ":.*?## "} /^[a-zA-Z0-9_-]+:.*?## / {printf "\033[36m%-18s\033[0m %s\n", $$1, $$2}' $(MAKEFILE_LIST) 61 | .DEFAULT_GOAL := help 62 | 63 | define newline # a literal \n 64 | 65 | 66 | endef 67 | 68 | # Makefile debugging trick: 69 | # call print-VARIABLE to see the runtime value of any variable 70 | # (hardened a bit against some special characters appearing in the output) 71 | print-%: 72 | @echo '$*=$(subst ','\'',$(subst $(newline),\n,$($*)))' 73 | .PHONY: flake8 pylint mypy clean dev-install prereq 74 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | *(Detailed blog post [here](https://www.thanassis.space/stackusage.html) )* 2 | 3 | # Introduction 4 | 5 | This is a utility that computes the stack usage per function. It is 6 | particularly useful in embedded systems programming, where memory is at a 7 | premium - and also in safety-critical SW *(blowing up from a stack overflow 8 | while you operate medical equipment or fly in space is not exactly optimal)*. 9 | 10 | # In detail 11 | 12 | *(Detailed blog post [here](https://www.thanassis.space/stackusage.html) )* 13 | 14 | You can read many details about how this script works in the blog post 15 | linked above; but the executive summary is this: 16 | 17 | - We expect the source code compilation to use GCC's `-fstack-usage`. 18 | This generates `.su` files with the stack usage of each function 19 | **(in isolation)** stored per compilation unit. Simply put, `file.c` 20 | compiled with `-fstack-usage` will create `file.o` *and* `file.su`. 21 | 22 | - The script can then be launched like so: 23 | 24 | checkStackUsage.py binaryELF folderTreeContainingSUfiles 25 | 26 | For example, if after the build we have a tree like this: 27 | 28 | bin/ 29 | someBinary 30 | src/ 31 | file1.c 32 | file1.o 33 | file1.su 34 | lib1_src/ 35 | lib1.c 36 | lib1.o 37 | lib1.su 38 | lib2_src/ 39 | lib2.c 40 | lib2.o 41 | lib2.su 42 | 43 | ...we run this: 44 | 45 | checkStackUsage.py bin/someBinary src/ 46 | 47 | The script will scan all .su files in the `src` folder *(recursively, 48 | at any depth)* and collect the standalone use of stack for each function. 49 | 50 | It will then launch the appropriate `objdump` with option `-d` - to 51 | disassemble the code, and create the call graph. Simplistically, it 52 | detects patterns like this: 53 | 54 | : 55 | .... 56 | call 57 | 58 | ...and proceeds from there to create the entire call graph. 59 | It can then accumulate the use of all subordinate calls from each function, 60 | and therefore compute it's total stack usage. 61 | 62 | Output looks like this: 63 | 64 | 176: foo (foo(16),func(160)) 65 | 288: func (func(288)) 66 | 304: bar (bar(16),func(288)) 67 | 320: main (main(16),bar(16),func(288)) 68 | 69 | ...which means that function `foo` uses 176 bytes of stack; 16 because of 70 | itself, and 160 because it calls `func`. `main` uses 320 bytes, etc. 71 | 72 | Notice that `bar` also uses `func` - but reports a larger stack size for it 73 | in that call chain. Read section "Repeated functions" below, to see why; 74 | suffice to say, this is one of the few stack checkers that can cope with 75 | symbols defined more than once. 76 | 77 | # Platforms 78 | 79 | The script needs to spawn the right `objdump`. It uses 80 | `file` to detect the ELF signature, and uses appropriate regexes 81 | to match disassembly `call` forms for: 82 | 83 | - SPARC/LEONs (used in the European Space Agency missions) 84 | - x86/amd64 (both 32 and 64 bits) 85 | - 32-bit ARM 86 | 87 | Adding additional platforms is very easy - just tell the script what 88 | `objdump` flavor to use, and what regex to scan for to locate the 89 | call sequences; [relevant code is here](checkStackUsage.py#L198). 90 | 91 | # Repeated functions 92 | 93 | Each function can only have a specific stack usage - right? 94 | 95 | Sadly, no :-( 96 | 97 | Feast yourself on moronic - yet perfectly valid - C code like this: 98 | 99 | // a.c 100 | static int func() { ...} 101 | void foo() { func(); } 102 | 103 | // b.c 104 | static int func() { ...} 105 | void bar() { func(); } 106 | 107 | "Houston, we have a problem". While scanning the `.su` files for `a.c` 108 | and `b.c`, we find `func` twice - and due to the `static`, we want 109 | to use the right value on each call (from `foo`/`bar`) based on 110 | filescope. In effect, the .su files' content need to be read 111 | *prioritizing local static calls* when computing stack usage. 112 | 113 | # Hidden calls 114 | 115 | The scanning of `objdump` output for call sequences is the best we can do; 116 | but it's not perfect. For example, any calls made via function pointer 117 | indirections are "invisible" to this process. 118 | 119 | And since fp-based calls can do all sorts of shenanigans - e.g. 120 | reading the call endpoint from an array of functions via some 121 | algorithm - statically deducing which functions are actually called 122 | is tantamount to the halting problem. 123 | 124 | I am open to suggestions on this. 125 | 126 | # Static Analysis 127 | 128 | The script is written in Python - `make all` will check it with: 129 | 130 | - `flake8` (PEP8 compliance) 131 | - `pylint` (Static Analysis) 132 | - ...and `mypy` (static type checking). 133 | 134 | All dependencies to perform these checks will be automatically 135 | installed via `pip` in a local virtual environment (i.e. 136 | under folder `.venv`) the first time you invoke `make all`. 137 | 138 | # Test example 139 | 140 | The scenario of repeated functions is tested via `make test`; 141 | in my 64-bit Arch Linux I see this output: 142 | 143 | $ make test 144 | ... 145 | make[1]: Entering directory '/home/ttsiod/Github/checkStackUsage/tests' 146 | ============================================== 147 | 176: foo (foo(16),func(160)) 148 | 288: func (func(288)) 149 | 304: bar (bar(16),func(288)) 150 | 320: main (main(16),bar(16),func(288)) 151 | ============================================== 152 | 1. The output shown above must contain 4 lines 153 | 2. 'foo' and 'bar' must both be calling 'func' 154 | *but with different stack sizes in each*. 155 | 3. 'main' must be using the largest 'func' 156 | (i.e. be going through 'bar') 157 | 4. The reported sizes must properly accumulate 158 | ============================================== 159 | make[1]: Leaving directory '/home/ttsiod/Github/checkStackUsage/tests' 160 | 161 | Given the content of [a.c](tests/a.c), [b.c](tests/b.c) and 162 | [main.c](tests/main.c), the output looks good. Notice that for 163 | `func` we report the maximum of the two (the one reported by 164 | GCC inside `b.c`, when it is called by `bar`). 165 | 166 | # Feedback 167 | 168 | If you see something wrong in the script that isn't documented above, 169 | questions (and much better, pull requests) are most welcome. 170 | 171 | Thanassis Tsiodras, Dr.-Ing. 172 | ttsiodras_at-no-spam_thanks-gmail_dot-com 173 | 174 | -------------------------------------------------------------------------------- /checkStackUsage.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env pypy3 2 | """ 3 | Utility to detect recursive calls and calculate total stack usage per function 4 | (via following the call graph). 5 | 6 | Published under the GPL, (C) 2011 Thanassis Tsiodras 7 | Suggestions/comments: ttsiodras@gmail.com 8 | 9 | Updated to use GCC-based .su files (-fstack-usage) in 2021. 10 | """ 11 | 12 | import os 13 | import re 14 | import sys 15 | import operator 16 | 17 | from typing import Dict, Set, Optional, List, Tuple 18 | 19 | FunctionName = str 20 | FunctionNameToInt = Dict[FunctionName, int] 21 | 22 | # For each function, what is the set of functions it calls? 23 | CallGraph = Dict[FunctionName, Optional[Set[FunctionName]]] 24 | 25 | # .su files data 26 | Filename = str 27 | SuData = Dict[FunctionName, List[Tuple[Filename, int]]] 28 | 29 | 30 | # findStackUsage will return a tuple: 31 | # - The total stack size used 32 | # - A list of pairs, of the functions/stacksizes, adding up to the final use. 33 | UsageResult = Tuple[int, List[Tuple[FunctionName, int]]] 34 | 35 | 36 | class Matcher: 37 | """regexp helper""" 38 | def __init__(self, pattern, flags=0): 39 | self._pattern = re.compile(pattern, flags) 40 | self._hit = None 41 | 42 | def match(self, line): 43 | self._hit = re.match(self._pattern, line) 44 | return self._hit 45 | 46 | def search(self, line): 47 | self._hit = re.search(self._pattern, line) 48 | return self._hit 49 | 50 | def group(self, idx): 51 | return self._hit.group(idx) 52 | 53 | 54 | def lookupStackSizeOfFunction( 55 | fn: FunctionName, 56 | fns: List[Tuple[FunctionName, int]], 57 | suData: SuData, 58 | stackUsagePerFunction: FunctionNameToInt) -> int: 59 | """ 60 | What do you do when you have moronic C code like this? 61 | 62 | === 63 | a.c 64 | === 65 | static int func() { ...} 66 | void foo() { func(); } 67 | 68 | === 69 | b.c 70 | === 71 | static int func() { ...} 72 | void bar() { func(); } 73 | 74 | You have a problem. There is only one entry in stackUsagePerFunction, 75 | since we assign as we scan the su files - but you basically want to 76 | use the right value, based on filescope (due to the static). 77 | In effect, the .su files need to be read *prioritizing local calls* 78 | when computing stack usage. 79 | 80 | So what we do is this: we have suData - a dictionary that stores 81 | per each function name, WHERE we found it (at which .su filenames) 82 | and what size it had in each of them. We scan that list, looking for 83 | the last filename in our call chain so far (i.e. the last of the 'fns'). 84 | 85 | And we then report the associated stack use. 86 | """ 87 | # If the call chain so far is empty, or our function is not in the 88 | # .su files (e.g. it comes from a library we linked with), then we 89 | # use the 'su-agnostic' information we got during our symbol scan. 90 | if not fns or fn not in suData: 91 | return stackUsagePerFunction[fn] 92 | 93 | # Otherwise, we first get the last function in the call chain... 94 | suFilename = None 95 | lastCallData = fns[-1] 96 | functionName = lastCallData[0] 97 | 98 | # ...and use the .su files information to get the file it lives in 99 | # Remember, SuData is a Dict[FunctionName, List[Tuple[Filename, int]]] 100 | suList = suData.get(functionName, []) 101 | if suList: 102 | suFilename = suList[0][0] # Get the filename part of the first tuple 103 | if not suFilename: 104 | return stackUsagePerFunction[fn] 105 | 106 | # Now that we have the filename of our last caller in the chain 107 | # that calls us, scan our OWN existence in the .su data, to find 108 | # the one that matches - thus prioritizing local calls! 109 | for elem in suData.get(fn, []): 110 | xFilename, xStackUsage = elem 111 | if xFilename == suFilename: 112 | return xStackUsage 113 | 114 | # ...otherwise (no match in the .su data) we use the 'su-agnostic' 115 | # information we got during our symbol scan. 116 | return stackUsagePerFunction[fn] 117 | 118 | 119 | def findStackUsage( 120 | fn: FunctionName, 121 | fns: List[Tuple[FunctionName, int]], 122 | suData: SuData, 123 | stackUsagePerFunction: FunctionNameToInt, 124 | callGraph: CallGraph, 125 | badSymbols: Set[FunctionName]) -> UsageResult: 126 | """ 127 | Calculate the total stack usage of the input function, 128 | taking into account who it calls. 129 | """ 130 | if fn in [x[0] for x in fns]: 131 | # So, what to do with recursive functions? 132 | # We just reached this point with fns looking like this: 133 | # [a, b, c, d, a] 134 | # A "baseline" answer is better than no answer; 135 | # so we let the parent series of calls accumulate to 136 | # as + bs + cs + ds 137 | # ...ie. the stack sizes of all others. 138 | # We therefore return 0 for this "last step" 139 | # and stop the recursion here. 140 | totalStackUsage = sum(x[1] for x in fns) 141 | if fn not in badSymbols: 142 | # Report recursive functions. 143 | badSymbols.add(fn) 144 | print("[x] Recursion detected:", fn, 'is called from', 145 | fns[-1][0], 'in this chain:', fns) 146 | return (totalStackUsage, fns[:]) 147 | 148 | if fn not in stackUsagePerFunction: 149 | # Unknown function, what else to do? Count it as 0 stack usage... 150 | totalStackUsage = sum(x[1] for x in fns) 151 | return (totalStackUsage, fns[:] + [(fn, 0)]) 152 | 153 | thisFunctionStackSize = lookupStackSizeOfFunction( 154 | fn, fns, suData, stackUsagePerFunction) 155 | calledFunctions = callGraph.get(fn, set()) 156 | 157 | # If we call noone else, stack usage is just our own stack usage 158 | if fn not in callGraph or not calledFunctions: 159 | totalStackUsage = sum(x[1] for x in fns) + thisFunctionStackSize 160 | res = (totalStackUsage, fns[:] + [(fn, thisFunctionStackSize)]) 161 | return res 162 | 163 | # Otherwise, we check the stack usage for each function we call 164 | totalStackUsage = 0 165 | maxStackPath = [] 166 | for x in sorted(calledFunctions): 167 | total, path = findStackUsage( 168 | x, 169 | fns[:] + [(fn, thisFunctionStackSize)], 170 | suData, 171 | stackUsagePerFunction, 172 | callGraph, 173 | badSymbols) 174 | if total > totalStackUsage: 175 | totalStackUsage = total 176 | maxStackPath = path 177 | return (totalStackUsage, maxStackPath[:]) 178 | 179 | 180 | def ParseCmdLineArgs(cross_prefix: str) -> Tuple[ 181 | str, str, Matcher, Matcher, Matcher]: 182 | if cross_prefix: 183 | objdump = cross_prefix + 'objdump' 184 | nm = cross_prefix + 'nm' 185 | functionNamePattern = Matcher(r'^(\S+) <([a-zA-Z0-9\._]+?)>:') 186 | callPattern = Matcher(r'^.*call\s+\S+\s+<([a-zA-Z0-9\._]+)>') 187 | stackUsagePattern = Matcher( 188 | r'^.*save.*%sp, (-[0-9]{1,}), %sp') 189 | else: 190 | binarySignature = os.popen(f"file \"{sys.argv[-2]}\"").readlines()[0] 191 | 192 | x86 = Matcher(r'ELF 32-bit LSB.*80.86') 193 | x64 = Matcher(r'ELF 64-bit LSB.*x86-64') 194 | leon = Matcher(r'ELF 32-bit MSB.*SPARC') 195 | arm = Matcher(r'ELF 32-bit LSB.*ARM') 196 | 197 | if x86.search(binarySignature): 198 | objdump = 'objdump' 199 | nm = 'nm' 200 | functionNamePattern = Matcher(r'^(\S+) <([a-zA-Z0-9_]+?)>:') 201 | callPattern = Matcher(r'^.*call\s+\S+\s+<([a-zA-Z0-9_]+)>') 202 | stackUsagePattern = Matcher(r'^.*[add|sub]\s+\$(0x\S+),%esp') 203 | elif x64.search(binarySignature): 204 | objdump = 'objdump' 205 | nm = 'nm' 206 | functionNamePattern = Matcher(r'^(\S+) <([a-zA-Z0-9_]+?)>:') 207 | callPattern = Matcher(r'^.*callq?\s+\S+\s+<([a-zA-Z0-9_]+)>') 208 | stackUsagePattern = Matcher(r'^.*[add|sub]\s+\$(0x\S+),%rsp') 209 | elif leon.search(binarySignature): 210 | objdump = 'sparc-rtems5-objdump' 211 | nm = 'sparc-rtems5-nm' 212 | functionNamePattern = Matcher(r'^(\S+) <([a-zA-Z0-9_]+?)>:') 213 | callPattern = Matcher(r'^.*call\s+\S+\s+<([a-zA-Z0-9_]+)>') 214 | stackUsagePattern = Matcher( 215 | r'^.*save.*%sp, (-([0-9]{2}|[3-9])[0-9]{2}), %sp') 216 | elif arm.search(binarySignature): 217 | objdump = 'arm-eabi-objdump' 218 | nm = 'arm-eabi-nm' 219 | functionNamePattern = Matcher(r'^(\S+) <([a-zA-Z0-9_]+?)>:') 220 | callPattern = Matcher(r'^.*bl\s+\S+\s+<([a-zA-Z0-9_]+)>') 221 | stackUsagePattern = Matcher( 222 | r'^.*sub.*sp, (#[0-9][0-9]*)') 223 | else: 224 | print("Unknown signature:", binarySignature, "please use -cross") 225 | sys.exit(1) 226 | return objdump, nm, functionNamePattern, callPattern, stackUsagePattern 227 | 228 | 229 | def GetSizeOfSymbols(nm: str, elf_binary: str) -> Tuple[ 230 | FunctionNameToInt, FunctionNameToInt]: 231 | # Store .text symbol offsets and sizes (use nm) 232 | offsetOfSymbol = {} # type: FunctionNameToInt 233 | for line in os.popen( 234 | nm + " \"" + elf_binary + "\" | grep ' [Tt] '").readlines(): 235 | offsetData, unused, symbolData = line.split() 236 | offsetOfSymbol[symbolData] = int(offsetData, 16) 237 | sizeOfSymbol = {} 238 | lastOffset = 0 239 | lastSymbol = "" 240 | sortedSymbols = sorted( 241 | offsetOfSymbol.items(), key=operator.itemgetter(1)) 242 | for symbolStr, offsetInt in sortedSymbols: 243 | if lastSymbol != "": 244 | sizeOfSymbol[lastSymbol] = offsetInt - lastOffset 245 | lastSymbol = symbolStr 246 | lastOffset = offsetInt 247 | sizeOfSymbol[lastSymbol] = 2**31 # allow last .text symbol to roam free 248 | return sizeOfSymbol, offsetOfSymbol 249 | 250 | 251 | def GetCallGraph( 252 | objdump: str, 253 | offsetOfSymbol: FunctionNameToInt, sizeOfSymbol: FunctionNameToInt, 254 | functionNamePattern: Matcher, stackUsagePattern: Matcher, 255 | callPattern: Matcher) -> Tuple[CallGraph, FunctionNameToInt]: 256 | 257 | # Parse disassembly to create callgraph (use objdump -d) 258 | functionName = "" 259 | stackUsagePerFunction = {} # type: FunctionNameToInt 260 | callGraph = {} # type: CallGraph 261 | insideFunctionBody = False 262 | 263 | offsetPattern = Matcher(r'^([0-9A-Za-z]+):') 264 | for line in os.popen(objdump + " -d \"" + sys.argv[-2] + "\"").readlines(): 265 | # Have we matched a function name yet? 266 | if functionName != "": 267 | # Yes, update "insideFunctionBody" boolean by checking 268 | # the current offset against the length of this symbol, 269 | # stored in sizeOfSymbol[functionName] 270 | offset = offsetPattern.match(line) 271 | if offset: 272 | offset = int(offset.group(1), 16) 273 | if functionName in offsetOfSymbol: 274 | startOffset = offsetOfSymbol[functionName] 275 | insideFunctionBody = \ 276 | insideFunctionBody and \ 277 | (offset - startOffset) < sizeOfSymbol[functionName] 278 | 279 | # Check to see if we see a new function: 280 | # 08048be8 <_functionName>: 281 | fn = functionNamePattern.match(line) 282 | if fn: 283 | offset = int(fn.group(1), 16) 284 | functionName = fn.group(2) 285 | callGraph.setdefault(functionName, set()) 286 | # make sure this is the function we found with nm 287 | # UPDATE: no, can't do - if a symbol is of local file scope 288 | # (i.e. if it was declared with 'static') 289 | # then it may appear in multiple offsets!... 290 | # 291 | # if functionName in offsetOfSymbol: 292 | # if offsetOfSymbol[functionName] != offset: 293 | # print "Weird,", functionName, \ 294 | # "is not at offset reported by", nm 295 | # print hex(offsetOfSymbol[functionName]), hex(offset) 296 | insideFunctionBody = True 297 | foundFirstCall = False 298 | stackUsagePerFunction[functionName] = 0 299 | 300 | # If we're inside a function body 301 | # (i.e. offset is not out of symbol size range) 302 | if insideFunctionBody: 303 | # Check to see if we have a call 304 | # 8048c0a: e8 a1 03 00 00 call 8048fb0 305 | call = callPattern.match(line) 306 | if functionName != "" and call: 307 | foundFirstCall = True 308 | calledFunction = call.group(1) 309 | calledFunctions = callGraph[functionName] 310 | if calledFunctions is not None: 311 | calledFunctions.add(calledFunction) 312 | 313 | # Check to see if we have a stack reduction opcode 314 | # 8048bec: 83 ec 04 sub $0x46,%esp 315 | if functionName != "" and not foundFirstCall: 316 | stackMatch = stackUsagePattern.match(line) 317 | if stackMatch: 318 | value = stackMatch.group(1) 319 | if value.startswith("0x"): 320 | # sub $0x46,%esp 321 | value = int(stackMatch.group(1), 16) 322 | if value > 2147483647: 323 | # unfortunately, GCC may also write: 324 | # add $0xFFFFFF86,%esp 325 | value = 4294967296 - value 326 | elif value.startswith("#"): 327 | # sub sp, sp, #1024 328 | value = int(value[1:]) 329 | else: 330 | # save %sp, -104, %sp 331 | value = -int(value) 332 | assert( 333 | stackUsagePerFunction[functionName] is not None) 334 | stackUsagePerFunction[functionName] += value 335 | 336 | # for fn,v in stackUsagePerFunction.items(): 337 | # print fn,v 338 | # print "CALLS:", callGraph[fn] 339 | return callGraph, stackUsagePerFunction 340 | 341 | 342 | def ReadSU(fullPathToSuFile: str) -> Tuple[FunctionNameToInt, SuData]: 343 | stackUsagePerFunction = {} # type: FunctionNameToInt 344 | suData = {} # type: SuData 345 | # pylint: disable=R1732 346 | for line in open(fullPathToSuFile, encoding='utf-8'): 347 | data = line.strip().split() 348 | if len(data) == 3 and data[2] == 'static': 349 | try: 350 | functionName = data[0].split(':')[-1] 351 | functionStackUsage = int(data[1]) 352 | except ValueError: 353 | continue 354 | stackUsagePerFunction[functionName] = functionStackUsage 355 | suData.setdefault(functionName, []).append( 356 | (fullPathToSuFile, functionStackUsage)) 357 | return stackUsagePerFunction, suData 358 | 359 | 360 | def GetSizesFromSUfiles(root_path) -> Tuple[FunctionNameToInt, SuData]: 361 | stackUsagePerFunction = {} # type: FunctionNameToInt 362 | suData = {} # type: SuData 363 | for root, unused_dirs, files in os.walk(root_path): 364 | for f in files: 365 | if f.endswith('.su'): 366 | supf, sud = ReadSU(root + os.sep + f) 367 | for functionName, v1 in supf.items(): 368 | stackUsagePerFunction[functionName] = max( 369 | v1, stackUsagePerFunction.get(functionName, 0)) 370 | 371 | # We need to augment the list of .su if there's 372 | # a symbol that appears in two or more .su files. 373 | # SuData = Dict[FunctionName, List[Tuple[Filename, int]]] 374 | for functionName, v2 in sud.items(): 375 | suData.setdefault(functionName, []).extend(v2) 376 | return stackUsagePerFunction, suData 377 | 378 | 379 | def main() -> None: 380 | cross_prefix = '' 381 | try: 382 | idx = sys.argv.index("-cross") 383 | except ValueError: 384 | idx = -1 385 | if idx != -1: 386 | cross_prefix = sys.argv[idx + 1] 387 | del sys.argv[idx] 388 | del sys.argv[idx] 389 | 390 | chosenFunctionNames = [] 391 | if len(sys.argv) >= 4: 392 | chosenFunctionNames = sys.argv[3:] 393 | sys.argv = sys.argv[:3] 394 | 395 | if len(sys.argv) < 3 or not os.path.exists(sys.argv[-2]) \ 396 | or not os.path.isdir(sys.argv[-1]): 397 | print(f"Usage: {sys.argv[0]} [-cross PREFIX]" 398 | " ELFbinary root_path_for_su_files [functions...]") 399 | print("\nwhere the default prefix is:\n") 400 | print("\tarm-eabi- for ARM binaries") 401 | print("\tsparc-rtems5- for SPARC binaries") 402 | print("\t(no prefix) for x86/amd64 binaries") 403 | print("\nNote that if you use '-cross', SPARC opcodes are assumed.\n") 404 | sys.exit(1) 405 | 406 | objdump, nm, functionNamePattern, callPattern, stackUsagePattern = \ 407 | ParseCmdLineArgs(cross_prefix) 408 | sizeOfSymbol, offsetOfSymbol = GetSizeOfSymbols(nm, sys.argv[-2]) 409 | callGraph, stackUsagePerFunction = GetCallGraph( 410 | objdump, 411 | offsetOfSymbol, sizeOfSymbol, 412 | functionNamePattern, stackUsagePattern, callPattern) 413 | 414 | supf, suData = GetSizesFromSUfiles(sys.argv[-1]) 415 | alreadySeen = set() # type: Set[Filename] 416 | badSymbols = set() # type: Set[Filename] 417 | for k, v in supf.items(): 418 | if k in alreadySeen: 419 | badSymbols.add(k) 420 | alreadySeen.add(k) 421 | stackUsagePerFunction[k] = max( 422 | v, stackUsagePerFunction.get(k, 0)) 423 | 424 | # Then, navigate the graph to calculate stack needs per function 425 | results = [] 426 | for fn, value in stackUsagePerFunction.items(): 427 | if chosenFunctionNames and fn not in chosenFunctionNames: 428 | continue 429 | if value is not None: 430 | results.append( 431 | (fn, 432 | findStackUsage( 433 | fn, [], suData, stackUsagePerFunction, callGraph, 434 | badSymbols))) 435 | for fn, data in sorted(results, key=lambda x: x[1][0]): 436 | # pylint: disable=C0209 437 | print( 438 | "%10s: %s (%s)" % ( 439 | data[0], fn, ",".join( 440 | x[0] + "(" + str(x[1]) + ")" 441 | for x in data[1]))) 442 | 443 | 444 | if __name__ == "__main__": 445 | main() 446 | -------------------------------------------------------------------------------- /pylint.cfg: -------------------------------------------------------------------------------- 1 | [MASTER] 2 | 3 | # Specify a configuration file. 4 | #rcfile= 5 | 6 | # Python code to execute, usually for sys.path manipulation such as 7 | # pygtk.require(). 8 | #init-hook= 9 | 10 | # Add files or directories to the blacklist. They should be base names, not 11 | # paths. 12 | ignore=CVS 13 | 14 | # Pickle collected data for later comparisons. 15 | persistent=yes 16 | 17 | # List of plugins (as comma separated values of python modules names) to load, 18 | # usually to register additional checkers. 19 | load-plugins= 20 | 21 | # Use multiple processes to speed up Pylint. 22 | jobs=1 23 | 24 | # Allow loading of arbitrary C extensions. Extensions are imported into the 25 | # active Python interpreter and may run arbitrary code. 26 | unsafe-load-any-extension=no 27 | 28 | # A comma-separated list of package or module names from where C extensions may 29 | # be loaded. Extensions are loading into the active Python interpreter and may 30 | # run arbitrary code 31 | extension-pkg-whitelist=lxml,clang 32 | 33 | # Allow optimization of some AST trees. This will activate a peephole AST 34 | # optimizer, which will apply various small optimizations. For instance, it can 35 | # be used to obtain the result of joining multiple strings with the addition 36 | # operator. Joining a lot of strings can lead to a maximum recursion error in 37 | # Pylint and this flag can prevent that. It has one side effect, the resulting 38 | # AST will be different than the one from reality. 39 | optimize-ast=no 40 | 41 | 42 | [MESSAGES CONTROL] 43 | 44 | # Only show warnings with the listed confidence levels. Leave empty to show 45 | # all. Valid levels: HIGH, INFERENCE, INFERENCE_FAILURE, UNDEFINED 46 | confidence= 47 | 48 | # Enable the message, report, category or checker with the given id(s). You can 49 | # either give multiple identifier separated by comma (,) or put this option 50 | # multiple time (only on the command line, not in the configuration file where 51 | # it should appear only once). See also the "--disable" option for examples. 52 | #enable= 53 | 54 | # Disable the message, report, category or checker with the given id(s). You 55 | # can either give multiple identifiers separated by comma (,) or put this 56 | # option multiple times (only on the command line, not in the configuration 57 | # file where it should appear only once).You can also use "--disable=all" to 58 | # disable everything first and then reenable specific checks. For example, if 59 | # you want to run only the similarities checker, you can use "--disable=all 60 | # --enable=similarities". If you want to run only the classes checker, but have 61 | # no Warning level messages displayed, use"--disable=all --enable=classes 62 | # --disable=W" 63 | disable=coerce-method,nonzero-method,buffer-builtin,unichr-builtin,reload-builtin,using-cmp-argument,reduce-builtin,filter-builtin-not-iterating,zip-builtin-not-iterating,raising-string,long-builtin,backtick,long-suffix,delslice-method,suppressed-message,cmp-method,old-octal-literal,basestring-builtin,metaclass-assignment,print-statement,execfile-builtin,round-builtin,oct-method,standarderror-builtin,hex-method,import-star-module-level,indexing-exception,map-builtin-not-iterating,old-ne-operator,setslice-method,input-builtin,apply-builtin,range-builtin-not-iterating,xrange-builtin,parameter-unpacking,no-absolute-import,old-raise-syntax,dict-iter-method,unicode-builtin,unpacking-in-except,old-division,file-builtin,next-method-called,useless-suppression,raw_input-builtin,intern-builtin,getslice-method,dict-view-method,cmp-builtin,coerce-builtin,line-too-long,missing-docstring,protected-access,global-statement,too-many-arguments,too-many-branches,too-many-locals,bare-except,invalid-name,too-many-statements,broad-except,too-many-instance-attributes,too-many-public-methods,too-few-public-methods,similarities,no-else-return,fixme,relative-beyond-top-level,import-outside-toplevel,too-many-nested-blocks 64 | 65 | never-returning-functions=dmt.commonPy.utility.panic,sys.exit 66 | 67 | [REPORTS] 68 | 69 | # Set the output format. Available formats are text, parseable, colorized, msvs 70 | # (visual studio) and html. You can also give a reporter class, eg 71 | # mypackage.mymodule.MyReporterClass. 72 | output-format=text 73 | 74 | # Put messages in a separate file for each module / package specified on the 75 | # command line instead of printing them on stdout. Reports (if any) will be 76 | # written in a file name "pylint_global.[txt|html]". 77 | files-output=no 78 | 79 | # Tells whether to display a full report or only the messages 80 | reports=yes 81 | 82 | # Python expression which should return a note less than 10 (10 is the highest 83 | # note). You have access to the variables errors warning, statement which 84 | # respectively contain the number of errors / warnings messages and the total 85 | # number of statements analyzed. This is used by the global evaluation report 86 | # (RP0004). 87 | evaluation=10.0 - ((float(5 * error + warning + refactor + convention) / statement) * 10) 88 | 89 | # Template used to display messages. This is a python new-style format string 90 | # used to format the message information. See doc for all details 91 | #msg-template= 92 | 93 | 94 | [BASIC] 95 | 96 | # List of builtins function names that should not be used, separated by a comma 97 | bad-functions=map,filter 98 | 99 | # Good variable names which should always be accepted, separated by a comma 100 | good-names=i,j,k,ex,Run,_ 101 | 102 | # Bad variable names which should always be refused, separated by a comma 103 | bad-names=foo,bar,baz,toto,tutu,tata 104 | 105 | # Colon-delimited sets of names that determine each other's naming style when 106 | # the name regexes allow several styles. 107 | name-group= 108 | 109 | # Include a hint for the correct naming format with invalid-name 110 | include-naming-hint=no 111 | 112 | # Regular expression matching correct module names 113 | module-rgx=(([a-z_][A-Za-z0-9_]*)|([A-Z][a-zA-Z0-9]+))$ 114 | 115 | # Naming hint for module names 116 | module-name-hint=(([a-z_][a-z0-9_]*)|([A-Z][a-zA-Z0-9]+))$ 117 | 118 | # Regular expression matching correct constant names 119 | const-rgx=(([a-zA-Z_][a-zA-Z0-9_]*)|(__.*__))$ 120 | 121 | # Naming hint for constant names 122 | const-name-hint=(([a-zA-Z_][A-Z0-9_]*)|(__.*__))$ 123 | 124 | # Regular expression matching correct class names 125 | class-rgx=[A-Z_][a-zA-Z0-9]+$ 126 | 127 | # Naming hint for class names 128 | class-name-hint=[A-Z_][a-zA-Z0-9]+$ 129 | 130 | # Regular expression matching correct method names 131 | method-rgx=[a-zA-Z_][a-zA-Z0-9_]{2,30}$ 132 | 133 | # Naming hint for method names 134 | method-name-hint=[a-z_][a-z0-9_]{2,30}$ 135 | 136 | # Regular expression matching correct argument names 137 | argument-rgx=[a-z_][A-Za-z0-9_]{2,30}$ 138 | 139 | # Naming hint for argument names 140 | argument-name-hint=[a-z_][A-Za-z0-9_]{2,30}$ 141 | 142 | # Regular expression matching correct class attribute names 143 | class-attribute-rgx=([A-Za-z_][A-Za-z0-9_]{2,30}|(__.*__))$ 144 | 145 | # Naming hint for class attribute names 146 | class-attribute-name-hint=([A-Za-z_][A-Za-z0-9_]{2,30}|(__.*__))$ 147 | 148 | # Regular expression matching correct inline iteration names 149 | inlinevar-rgx=[A-Za-z_][A-Za-z0-9_]*$ 150 | 151 | # Naming hint for inline iteration names 152 | inlinevar-name-hint=[A-Za-z_][A-Za-z0-9_]*$ 153 | 154 | # Regular expression matching correct function names 155 | function-rgx=[A-Za-z_][A-Za-z0-9_]{2,30}$ 156 | 157 | # Naming hint for function names 158 | function-name-hint=[a-z_][a-z0-9_]{2,30}$ 159 | 160 | # Regular expression matching correct attribute names 161 | attr-rgx=[a-z_][A-Za-z0-9_]{2,30}$ 162 | 163 | # Naming hint for attribute names 164 | attr-name-hint=[a-z_][a-z0-9_]{2,30}$ 165 | 166 | # Regular expression matching correct variable names 167 | variable-rgx=[a-z_][A-Za-z0-9_]{2,30}$ 168 | 169 | # Naming hint for variable names 170 | variable-name-hint=[a-z_][a-z0-9_]{2,30}$ 171 | 172 | # Regular expression which should only match function or class names that do 173 | # not require a docstring. 174 | no-docstring-rgx=^_ 175 | 176 | # Minimum line length for functions/classes that require docstrings, shorter 177 | # ones are exempt. 178 | docstring-min-length=-1 179 | 180 | 181 | [ELIF] 182 | 183 | # Maximum number of nested blocks for function / method body 184 | max-nested-blocks=5 185 | 186 | 187 | [SIMILARITIES] 188 | 189 | # Minimum lines number of a similarity. 190 | min-similarity-lines=4 191 | 192 | # Ignore comments when computing similarities. 193 | ignore-comments=yes 194 | 195 | # Ignore docstrings when computing similarities. 196 | ignore-docstrings=yes 197 | 198 | # Ignore imports when computing similarities. 199 | ignore-imports=no 200 | 201 | 202 | [FORMAT] 203 | 204 | # Maximum number of characters on a single line. 205 | max-line-length=140 206 | 207 | # Regexp for a line that is allowed to be longer than the limit. 208 | ignore-long-lines=^\s*(# )??$ 209 | 210 | # Allow the body of an if to be on the same line as the test if there is no 211 | # else. 212 | single-line-if-stmt=no 213 | 214 | # List of optional constructs for which whitespace checking is disabled. `dict- 215 | # separator` is used to allow tabulation in dicts, etc.: {1 : 1,\n222: 2}. 216 | # `trailing-comma` allows a space between comma and closing bracket: (a, ). 217 | # `empty-line` allows space-only lines. 218 | no-space-check=trailing-comma,dict-separator 219 | 220 | # Maximum number of lines in a module 221 | max-module-lines=1000 222 | 223 | # String used as indentation unit. This is usually " " (4 spaces) or "\t" (1 224 | # tab). 225 | indent-string=' ' 226 | 227 | # Number of spaces of indent required inside a hanging or continued line. 228 | indent-after-paren=4 229 | 230 | # Expected format of line ending, e.g. empty (any line ending), LF or CRLF. 231 | expected-line-ending-format= 232 | 233 | 234 | [VARIABLES] 235 | 236 | # Tells whether we should check for unused import in __init__ files. 237 | init-import=no 238 | 239 | # A regular expression matching the name of dummy variables (i.e. expectedly 240 | # not used). 241 | dummy-variables-rgx=_$|dummy|unused.*$|__* 242 | 243 | # List of additional names supposed to be defined in builtins. Remember that 244 | # you should avoid to define new builtins when possible. 245 | additional-builtins= 246 | 247 | # List of strings which can identify a callback function by name. A callback 248 | # name must start or end with one of those strings. 249 | callbacks=cb_,_cb 250 | 251 | 252 | [MISCELLANEOUS] 253 | 254 | # List of note tags to take in consideration, separated by a comma. 255 | notes=FIXME,XXX,TODO 256 | 257 | 258 | [SPELLING] 259 | 260 | # Spelling dictionary name. Available dictionaries: none. To make it working 261 | # install python-enchant package. 262 | spelling-dict= 263 | 264 | # List of comma separated words that should not be checked. 265 | spelling-ignore-words= 266 | 267 | # A path to a file that contains private dictionary; one word per line. 268 | spelling-private-dict-file= 269 | 270 | # Tells whether to store unknown words to indicated private dictionary in 271 | # --spelling-private-dict-file option instead of raising a message. 272 | spelling-store-unknown-words=no 273 | 274 | 275 | [TYPECHECK] 276 | 277 | # Tells whether missing members accessed in mixin class should be ignored. A 278 | # mixin class is detected if its name ends with "mixin" (case insensitive). 279 | ignore-mixin-members=yes 280 | 281 | # List of module names for which member attributes should not be checked 282 | # (useful for modules/projects where namespaces are manipulated during runtime 283 | # and thus existing member attributes cannot be deduced by static analysis. It 284 | # supports qualified module names, as well as Unix pattern matching. 285 | ignored-modules= 286 | 287 | # List of classes names for which member attributes should not be checked 288 | # (useful for classes with attributes dynamically set). This supports can work 289 | # with qualified names. 290 | ignored-classes= 291 | TokenKind 292 | 293 | # List of members which are set dynamically and missed by pylint inference 294 | # system, and so shouldn't trigger E1101 when accessed. Python regular 295 | # expressions are accepted. 296 | generated-members= 297 | 298 | 299 | [LOGGING] 300 | 301 | # Logging modules to check that the string format arguments are in logging 302 | # function parameter format 303 | logging-modules=logging 304 | 305 | 306 | [CLASSES] 307 | 308 | # List of method names used to declare (i.e. assign) instance attributes. 309 | defining-attr-methods=__init__,__new__,setUp 310 | 311 | # List of valid names for the first argument in a class method. 312 | valid-classmethod-first-arg=cls 313 | 314 | # List of valid names for the first argument in a metaclass class method. 315 | valid-metaclass-classmethod-first-arg=mcs 316 | 317 | # List of member names, which should be excluded from the protected access 318 | # warning. 319 | exclude-protected=_asdict,_fields,_replace,_source,_make 320 | 321 | 322 | [IMPORTS] 323 | 324 | # Deprecated modules which should not be used, separated by a comma 325 | deprecated-modules=optparse 326 | 327 | # Create a graph of every (i.e. internal and external) dependencies in the 328 | # given file (report RP0402 must not be disabled) 329 | import-graph= 330 | 331 | # Create a graph of external dependencies in the given file (report RP0402 must 332 | # not be disabled) 333 | ext-import-graph= 334 | 335 | # Create a graph of internal dependencies in the given file (report RP0402 must 336 | # not be disabled) 337 | int-import-graph= 338 | 339 | 340 | [DESIGN] 341 | 342 | # Maximum number of arguments for function / method 343 | max-args=5 344 | 345 | # Argument names that match this expression will be ignored. Default to name 346 | # with leading underscore 347 | ignored-argument-names=_.*|unused.*|dummy.* 348 | 349 | # Maximum number of locals for function / method body 350 | max-locals=15 351 | 352 | # Maximum number of return / yield for function / method body 353 | max-returns=6 354 | 355 | # Maximum number of branch for function / method body 356 | max-branches=12 357 | 358 | # Maximum number of statements in function / method body 359 | max-statements=50 360 | 361 | # Maximum number of parents for a class (see R0901). 362 | max-parents=7 363 | 364 | # Maximum number of attributes for a class (see R0902). 365 | max-attributes=7 366 | 367 | # Minimum number of public methods for a class (see R0903). 368 | min-public-methods=2 369 | 370 | # Maximum number of public methods for a class (see R0904). 371 | max-public-methods=20 372 | 373 | # Maximum number of boolean expressions in a if statement 374 | max-bool-expr=5 375 | 376 | 377 | [EXCEPTIONS] 378 | 379 | # Exceptions that will emit a warning when being caught. Defaults to 380 | # "Exception" 381 | overgeneral-exceptions=Exception 382 | -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- 1 | flake8>=3.9.0 2 | pylint>=2.6.2 3 | mypy>=0.812 4 | -------------------------------------------------------------------------------- /tests/.gitignore: -------------------------------------------------------------------------------- 1 | *.o 2 | *.su 3 | main 4 | -------------------------------------------------------------------------------- /tests/Makefile: -------------------------------------------------------------------------------- 1 | OBJ:=$(patsubst %.c, %.o, $(wildcard *.c)) 2 | CFLAGS:=-fstack-usage 3 | TARGET:=main 4 | CC?=gcc 5 | 6 | all: ${TARGET} 7 | @echo "==============================================" 8 | @../checkStackUsage.py $< . 2>&1 | \ 9 | grep -E '(func|foo|bar|main) ' 10 | @echo "==============================================" 11 | @echo "1. The output shown above must contain 4 lines" 12 | @echo "2. 'foo' and 'bar' must both be calling 'func'" 13 | @echo " *but with different stack sizes in each*." 14 | @echo "3. 'main' must be using the largest 'func'" 15 | @echo " (i.e. be going through 'bar')" 16 | @echo "4. The reported sizes must properly accumulate" 17 | @echo "==============================================" 18 | 19 | ${TARGET}: ${OBJ} 20 | ${CC} -o $@ ${CFLAGS} $^ 21 | 22 | clean: 23 | rm -f ${OBJ} ${TARGET} *.su 24 | -------------------------------------------------------------------------------- /tests/a.c: -------------------------------------------------------------------------------- 1 | #include 2 | 3 | static void func() 4 | { 5 | char a[128]; 6 | memset(a, ' ', sizeof(a)); 7 | } 8 | 9 | void foo() 10 | { 11 | func(); 12 | } 13 | -------------------------------------------------------------------------------- /tests/b.c: -------------------------------------------------------------------------------- 1 | #include 2 | 3 | static void func() 4 | { 5 | char b[256]; 6 | memset(b, ' ', sizeof(b)); 7 | } 8 | 9 | void bar() 10 | { 11 | func(); 12 | } 13 | -------------------------------------------------------------------------------- /tests/main.c: -------------------------------------------------------------------------------- 1 | extern void foo(); 2 | extern void bar(); 3 | 4 | int main() 5 | { 6 | foo(); 7 | bar(); 8 | } 9 | --------------------------------------------------------------------------------