[WIP] Add early frame pointer reliability detection in walkFP() by jbachorik · Pull Request #351 · DataDog/java-profiler

jbachorik · 2026-02-03T12:27:19Z

What does this PR do?:

Adds early detection of invalid frame pointer chains in walkFP() to prevent stack walk corruption when the FP register doesn't contain a valid frame pointer (e.g., code compiled with -fomit-frame-pointer).

Motivation:

Frame pointer based stack walking can wander into local variable areas when FP is reused as a general-purpose register. The current validation defers checks to the next loop iteration, allowing one frame of "wandering" before detection. This PR adds immediate validation to catch corruption earlier.

Additional Notes:

Two-phase implementation:

Immediate FP validation: Validates next FP immediately after reading (must progress upward, be aligned, within bounds)
Global native code bounds: Validates extracted PC values point to actual code regions (JVM or native), not stack/heap data

Key design decisions:

Uses SafeAccess::load() for fault-tolerant memory reads
Follows existing CodeHeap::updateBounds() pattern for atomic CAS updates
Fail-open behavior when bounds not yet initialized
Signal-safe: no locks, no allocations in hot path

How to test the change?:

All gtest tests pass (130 tests)
All Java integration tests pass (283 tests)
Profile application with -fomit-frame-pointer native libraries
Monitor stack truncation rates under load

For Datadog employees:

If this PR touches code that signs or publishes builds or packages, or handles
credentials of any kind, I've requested a review from @DataDog/security-design-and-guidance.
This PR doesn't touch any of that.

🤖 Generated with Claude Code

Co-Authored-By: Claude Opus 4.5 noreply@anthropic.com

dd-octo-sts · 2026-02-03T12:29:12Z

Scan-Build Report

User:	runner@runnervmkj6or
Working Directory:	/home/runner/work/java-profiler/java-profiler/ddprof-lib/src/test/make
Command Line:	make -j4 all
Clang Version:	Ubuntu clang version 18.1.3 (1ubuntu1)
Date:	Tue Feb 3 17:20:44 2026

Bug Summary

Unused code
Bug Type	Quantity	Display?
All Bugs	1
Dead assignment	1

Reports

Bug Group	Bug Type ▾	File	Function/Method	Line	Path Length
Unused code	Dead assignment	libraryPatcher_linux.cpp	patch_library_unlocked	94	1

Validate next FP immediately after reading instead of deferring to the next loop iteration. This catches invalid FP chains early when frame pointer wanders into local variables due to -fomit-frame-pointer. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

Validate that PC values extracted during FP-based stack walking point to actual code regions. When FP wanders into local variables, the extracted "return address" is typically data that falls outside known code regions.

Use explicit buffer layout instead of local variables to control frame ordering in memory. Compiler stack allocation order was unpredictable, causing test failures. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

pr-commenter · 2026-02-03T17:20:01Z

Benchmarks [x86_64 wall]

Parameters

	Baseline	Candidate
config	baseline	candidate
ddprof	1.37.0	1.38.0-jb_fp_sanitation-SNAPSHOT

See matching parameters

	Baseline	Candidate
alloc	off	off
cpu	off	off
iterations	5	5
java	"11.0.28"	"11.0.28"
memleak	off	off
modes	wall	wall
wall	on	on

Summary

Found 0 performance improvements and 1 performance regressions! Performance is the same for 14 metrics, 23 unstable metrics.

scenario	Δ mean execution_time	Δ mean rss
scenario:renaissance:mnemonics	worse [+1.185s; +3.183s] or [+5.231%; +14.045%]	unstable [-325.579MB; +285.014MB] or [-29.537%; +25.857%]

pr-commenter · 2026-02-03T17:20:06Z

Benchmarks [x86_64 memleak,alloc]

Parameters

	Baseline	Candidate
config	baseline	candidate
ddprof	1.37.0	1.38.0-jb_fp_sanitation-SNAPSHOT

See matching parameters

	Baseline	Candidate
alloc	on	on
cpu	off	off
iterations	5	5
java	"11.0.28"	"11.0.28"
memleak	on	on
modes	memleak,alloc	memleak,alloc
wall	off	off

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 14 metrics, 24 unstable metrics.

pr-commenter · 2026-02-03T17:20:27Z

Benchmarks [x86_64 cpu]

Parameters

	Baseline	Candidate
config	baseline	candidate
ddprof	1.37.0	1.38.0-jb_fp_sanitation-SNAPSHOT

See matching parameters

	Baseline	Candidate
alloc	off	off
cpu	on	on
iterations	5	5
java	"11.0.28"	"11.0.28"
memleak	off	off
modes	cpu	cpu
wall	off	off

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 15 metrics, 23 unstable metrics.

pr-commenter · 2026-02-03T17:20:32Z

Benchmarks [aarch64 wall]

Parameters

	Baseline	Candidate
config	baseline	candidate
ddprof	1.37.0	1.38.0-jb_fp_sanitation-SNAPSHOT

See matching parameters

	Baseline	Candidate
alloc	off	off
cpu	off	off
iterations	5	5
java	"11.0.28"	"11.0.28"
memleak	off	off
modes	wall	wall
wall	on	on

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 16 metrics, 22 unstable metrics.

pr-commenter · 2026-02-03T17:20:43Z

Benchmarks [aarch64 cpu,wall,alloc,memleak]

Parameters

	Baseline	Candidate
config	baseline	candidate
ddprof	1.37.0	1.38.0-jb_fp_sanitation-SNAPSHOT

See matching parameters

	Baseline	Candidate
alloc	on	on
cpu	on	on
iterations	5	5
java	"11.0.28"	"11.0.28"
memleak	on	on
modes	cpu,wall,alloc,memleak	cpu,wall,alloc,memleak
wall	on	on

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 17 metrics, 21 unstable metrics.

pr-commenter · 2026-02-03T17:20:45Z

Benchmarks [x86_64 memleak]

Parameters

	Baseline	Candidate
config	baseline	candidate
ddprof	1.37.0	1.38.0-jb_fp_sanitation-SNAPSHOT

See matching parameters

	Baseline	Candidate
alloc	off	off
cpu	off	off
iterations	5	5
java	"11.0.28"	"11.0.28"
memleak	on	on
modes	memleak	memleak
wall	off	off

Summary

Found 0 performance improvements and 1 performance regressions! Performance is the same for 15 metrics, 22 unstable metrics.

scenario	Δ mean execution_time	Δ mean rss
scenario:renaissance:chi-square	worse [+0.689s; +2.247s] or [+4.219%; +13.752%]	unstable [-432.603MB; +419.323MB] or [-37.072%; +35.934%]

pr-commenter · 2026-02-03T17:20:52Z

Benchmarks [x86_64 cpu,wall]

Parameters

	Baseline	Candidate
config	baseline	candidate
ddprof	1.37.0	1.38.0-jb_fp_sanitation-SNAPSHOT

See matching parameters

	Baseline	Candidate
alloc	off	off
cpu	on	on
iterations	5	5
java	"11.0.28"	"11.0.28"
memleak	off	off
modes	cpu,wall	cpu,wall
wall	on	on

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 14 metrics, 24 unstable metrics.

pr-commenter · 2026-02-03T17:20:53Z

Benchmarks [aarch64 memleak,alloc]

Parameters

	Baseline	Candidate
config	baseline	candidate
ddprof	1.37.0	1.38.0-jb_fp_sanitation-SNAPSHOT

See matching parameters

	Baseline	Candidate
alloc	on	on
cpu	off	off
iterations	5	5
java	"11.0.28"	"11.0.28"
memleak	on	on
modes	memleak,alloc	memleak,alloc
wall	off	off

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 15 metrics, 23 unstable metrics.

pr-commenter · 2026-02-03T17:20:53Z

Benchmarks [x86_64 cpu,wall,alloc,memleak]

Parameters

	Baseline	Candidate
config	baseline	candidate
ddprof	1.37.0	1.38.0-jb_fp_sanitation-SNAPSHOT

See matching parameters

	Baseline	Candidate
alloc	on	on
cpu	on	on
iterations	5	5
java	"11.0.28"	"11.0.28"
memleak	on	on
modes	cpu,wall,alloc,memleak	cpu,wall,alloc,memleak
wall	on	on

Summary

Found 1 performance improvements and 0 performance regressions! Performance is the same for 15 metrics, 22 unstable metrics.

scenario	Δ mean execution_time	Δ mean rss
scenario:renaissance:mnemonics	better [-3.097s; -1.499s] or [-12.323%; -5.963%]	unstable [-298.295MB; +301.550MB] or [-27.211%; +27.508%]

pr-commenter · 2026-02-03T17:20:56Z

Benchmarks [x86_64 alloc]

Parameters

	Baseline	Candidate
config	baseline	candidate
ddprof	1.37.0	1.38.0-jb_fp_sanitation-SNAPSHOT

See matching parameters

	Baseline	Candidate
alloc	on	on
cpu	off	off
iterations	5	5
java	"11.0.28"	"11.0.28"
memleak	off	off
modes	alloc	alloc
wall	off	off

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 14 metrics, 24 unstable metrics.

pr-commenter · 2026-02-03T17:21:12Z

Benchmarks [aarch64 alloc]

Parameters

	Baseline	Candidate
config	baseline	candidate
ddprof	1.37.0	1.38.0-jb_fp_sanitation-SNAPSHOT

See matching parameters

	Baseline	Candidate
alloc	on	on
cpu	off	off
iterations	5	5
java	"11.0.28"	"11.0.28"
memleak	off	off
modes	alloc	alloc
wall	off	off

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 15 metrics, 23 unstable metrics.

pr-commenter · 2026-02-03T17:21:16Z

Benchmarks [aarch64 cpu,wall]

Parameters

	Baseline	Candidate
config	baseline	candidate
ddprof	1.37.0	1.38.0-jb_fp_sanitation-SNAPSHOT

See matching parameters

	Baseline	Candidate
alloc	off	off
cpu	on	on
iterations	5	5
java	"11.0.28"	"11.0.28"
memleak	off	off
modes	cpu,wall	cpu,wall
wall	on	on

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 15 metrics, 23 unstable metrics.

pr-commenter · 2026-02-03T17:21:19Z

Benchmarks [aarch64 memleak]

Parameters

	Baseline	Candidate
config	baseline	candidate
ddprof	1.37.0	1.38.0-jb_fp_sanitation-SNAPSHOT

See matching parameters

	Baseline	Candidate
alloc	off	off
cpu	off	off
iterations	5	5
java	"11.0.28"	"11.0.28"
memleak	on	on
modes	memleak	memleak
wall	off	off

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 16 metrics, 22 unstable metrics.

pr-commenter · 2026-02-03T17:21:39Z

Benchmarks [aarch64 cpu]

Parameters

	Baseline	Candidate
config	baseline	candidate
ddprof	1.37.0	1.38.0-jb_fp_sanitation-SNAPSHOT

See matching parameters

	Baseline	Candidate
alloc	off	off
cpu	on	on
iterations	5	5
java	"11.0.28"	"11.0.28"
memleak	off	off
modes	cpu	cpu
wall	off	off

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 16 metrics, 22 unstable metrics.

pr-commenter · 2026-02-03T17:32:29Z

Integration Tests

✅ All 40 integration tests passed

📊 Dashboard · 👷 Pipeline · 📦 unknown

jbachorik added the AI label Feb 3, 2026

jbachorik changed the title ~~Add early frame pointer reliability detection in walkFP()~~ [WIP] Add early frame pointer reliability detection in walkFP() Feb 3, 2026

jbachorik and others added 3 commits February 3, 2026 15:47

Add global native code bounds for PC validation in walkFP()

387f36d

Validate that PC values extracted during FP-based stack walking point to actual code regions. When FP wanders into local variables, the extracted "return address" is typically data that falls outside known code regions.

jbachorik force-pushed the jb/fp_sanitation branch from b8cb678 to 9a7e6ee Compare February 3, 2026 15:09

Merge branch 'main' into jb/fp_sanitation

3582d28

Conversation

jbachorik commented Feb 3, 2026

Uh oh!

dd-octo-sts bot commented Feb 3, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Scan-Build Report

Bug Summary

Reports

Uh oh!

pr-commenter bot commented Feb 3, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Benchmarks [x86_64 wall]

Parameters

Summary

Uh oh!

pr-commenter bot commented Feb 3, 2026

Benchmarks [x86_64 memleak,alloc]

Parameters

Summary

Uh oh!

pr-commenter bot commented Feb 3, 2026

Benchmarks [x86_64 cpu]

Parameters

Summary

Uh oh!

pr-commenter bot commented Feb 3, 2026

Benchmarks [aarch64 wall]

Parameters

Summary

Uh oh!

pr-commenter bot commented Feb 3, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Benchmarks [aarch64 cpu,wall,alloc,memleak]

Parameters

Summary

Uh oh!

pr-commenter bot commented Feb 3, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Benchmarks [x86_64 memleak]

Parameters

Summary

Uh oh!

pr-commenter bot commented Feb 3, 2026

Benchmarks [x86_64 cpu,wall]

Parameters

Summary

Uh oh!

pr-commenter bot commented Feb 3, 2026

Benchmarks [aarch64 memleak,alloc]

Parameters

Summary

Uh oh!

pr-commenter bot commented Feb 3, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Benchmarks [x86_64 cpu,wall,alloc,memleak]

Parameters

Summary

Uh oh!

pr-commenter bot commented Feb 3, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Benchmarks [x86_64 alloc]

Parameters

Summary

Uh oh!

pr-commenter bot commented Feb 3, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Benchmarks [aarch64 alloc]

Parameters

Summary

Uh oh!

pr-commenter bot commented Feb 3, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Benchmarks [aarch64 cpu,wall]

Parameters

Summary

Uh oh!

pr-commenter bot commented Feb 3, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Benchmarks [aarch64 memleak]

Parameters

dd-octo-sts bot commented Feb 3, 2026 •

edited

Loading

pr-commenter bot commented Feb 3, 2026 •

edited

Loading

pr-commenter bot commented Feb 3, 2026 •

edited

Loading

pr-commenter bot commented Feb 3, 2026 •

edited

Loading

pr-commenter bot commented Feb 3, 2026 •

edited

Loading

pr-commenter bot commented Feb 3, 2026 •

edited

Loading

pr-commenter bot commented Feb 3, 2026 •

edited

Loading

pr-commenter bot commented Feb 3, 2026 •

edited

Loading

pr-commenter bot commented Feb 3, 2026 •

edited

Loading