As on amd64, these registers hold the base address of the fs and gs
segments, respectively. For i386 these two registers are 32 bits.
gdb/ChangeLog:
* amd64-fbsd-nat.c (amd64_fbsd_nat_target::read_description):
Update calls to i386_target_description to add 'segments'
parameter.
* amd64-tdep.c (amd64_init_abi): Set tdep->fsbase_regnum. Don't
add segment base registers.
* arch/i386.c (i386_create_target_description): Add 'segments'
parameter to enable segment base registers.
* arch/i386.h (i386_create_target_description): Likewise.
* features/i386/32bit-segments.xml: New file.
* features/i386/32bit-segments.c: Generate.
* i386-fbsd-nat.c (i386_fbsd_nat_target::read_description): Update
call to i386_target_description to add 'segments' parameter.
* i386-fbsd-tdep.c (i386fbsd_core_read_description): Likewise.
* i386-go32-tdep.c (i386_go32_init_abi): Likewise.
* i386-linux-tdep.c (i386_linux_read_description): Likewise.
* i386-tdep.c (i386_validate_tdesc_p): Add segment base registers
if feature is present.
(i386_gdbarch_init): Pass I386_NUM_REGS to set_gdbarch_num_regs.
Add 'segments' parameter to call to i386_target_description.
(i386_target_description): Add 'segments' parameter to enable
segment base registers.
(_initialize_i386_tdep) [GDB_SELF_TEST]: Add 'segments' parameter
to call to i386_target_description.
* i386-tdep.h (struct gdbarch_tdep): Add 'fsbase_regnum'.
(enum i386_regnum): Add I386_FSBASE_REGNUM and I386_GSBASE_REGNUM.
Define I386_NUM_REGS.
(i386_target_description): Add 'segments' parameter to enable
segment base registers.
gdb/gdbserver/ChangeLog:
* linux-x86-tdesc.c (i386_linux_read_description): Update call to
i386_create_target_description for 'segments' parameter.
* lynx-i386-low.c (lynx_i386_arch_setup): Likewise.
* nto-x86-low.c (nto_x86_arch_setup): Likewise.
* win32-i386-low.c (i386_arch_setup): Likewise.
This commit applies all changes made after running the gdb/copyright.py
script.
Note that one file was flagged by the script, due to an invalid
copyright header
(gdb/unittests/basic_string_view/element_access/char/empty.cc).
As the file was copied from GCC's libstdc++-v3 testsuite, this commit
leaves this file untouched for the time being; a patch to fix the header
was sent to gcc-patches first.
gdb/ChangeLog:
Update copyright year range in all GDB files.
Running "maintenance selftest" on an amd64 build with AddressSanitizer
enabled, I get this:
==18126==ERROR: AddressSanitizer: dynamic-stack-buffer-overflow on address 0x7ffdf72397c1 at pc 0x7fb5f437b011 bp 0x7ffdf7239740 sp 0x7ffdf7238ee8
WRITE of size 8 at 0x7ffdf72397c1 thread T0
#0 0x7fb5f437b010 in __interceptor_memcpy /build/gcc/src/gcc/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:737
#1 0x55a1f899c1b3 in readable_regcache::raw_read(int, unsigned char*) /home/simark/src/binutils-gdb/gdb/regcache.c:530
#2 0x55a1f7db241b in amd64_pseudo_register_read_value /home/simark/src/binutils-gdb/gdb/amd64-tdep.c:384
#3 0x55a1f8413a2e in gdbarch_pseudo_register_read_value(gdbarch*, readable_regcache*, int) /home/simark/src/binutils-gdb/gdb/gdbarch.c:1992
#4 0x55a1f899c9d1 in readable_regcache::cooked_read(int, unsigned char*) /home/simark/src/binutils-gdb/gdb/regcache.c:636
#5 0x55a1f89a2251 in cooked_read_test /home/simark/src/binutils-gdb/gdb/regcache.c:1649
In amd64_pseudo_register_read_value, when we try to read the al
register, for example, we need to read rax and extract al from it. We
allocate a buffer of the size of al (1 byte):
gdb_byte *raw_buf = (gdb_byte *) alloca (register_size (gdbarch, regnum));
but read in it the whole rax value (8 bytes):
status = regcache->raw_read (gpnum, raw_buf);
Fix it by allocating a buffer correctly sized for the full register from
which the smaller register is extracted. The
amd64_pseudo_register_write function had the same problem.
gdb/ChangeLog:
* amd64-tdep.c (amd64_pseudo_register_read_value): Use
correctly-sized buffer with raw_read.
(amd64_pseudo_register_write): Use correctly-sized buffer for
raw_read/raw_write.
GDB is currently crashing anytime we try to access the fs_base/gs_base
registers, either to read them, or to write them. This can be observed
under various scenarios:
- Explicit reference to those registers (eg: print $fs_base) --
probably relatively rare;
- Calling a function in the inferior, with the crash happening
because we are trying to read those registers in order to save
their value ahead of making the function call;
- Just a plain "info registers";
The crash was introduced by the following commit:
| commit 48aeef91c2
| Date: Mon Jun 26 18:14:43 2017 -0700
| Subject: Include the fs_base and gs_base registers in amd64 target descriptions.
The Windows-nat implementation was unfortunately not prepared to deal
with those new registers. In particular, the way it fetches registers
is done by using a table where the index is the register number, and
the value at that index is the offset in the area in the thread's CONTEXT
data where the corresponding register value is stored.
For instance, in amd64-windows-nat.c, we can find the mappings static
array containing the following 57 elements in it:
#define context_offset(x) (offsetof (CONTEXT, x))
static const int mappings[] =
{
context_offset (Rax),
[...]
context_offset (FloatSave.MxCsr)
};
That array is then used by windows_fetch_one_register via:
char *context_offset = ((char *) &th->context) + mappings[r];
The problem is that fs_base's register number is 172, which is
well past the end of the mappings array (57 elements in total).
We end up getting an undefined offset, which happens to be so large
that it then causes the address where we try to read the register
value (a little bit later) to be invalid, thus crashing GDB with
a SEGV.
This patch side-steps the issue entirely by removing support for
those registers in GDB on x86_64-windows, because a look at the
CONTEXT structure indicates no support for getting those registers.
A more comprehensive fix would patch the potential buffer overflow
of the mappings array, but this can be done as a separate commit.
gdb/ChangeLog:
* gdb/amd64-tdep.h (amd64_create_target_description): Add
"segments" parameter.
* gdb/amd64-tdep.c (amd64_none_init_abi, amd64_x32_none_init_abi)
(_initialize_amd64_tdep): Update call to
amd64_create_target_description.
(amd64_target_description): Add "segments" parameter. Adjust
the implementation to use it.
* gdb/amd64-linux-tdep.c (amd64_linux_read_description): Update
call to amd64_create_target_description.
* gdb/amd64-windows-tdep.c (amd64_windows_init_abi): Likewise.
* gdb/arch/amd64.h (amd64_create_target_description): Add
"segments" register.
* gdb/arch/amd64.c (amd64_create_target_description): Add
"segments" parameter. Call create_feature_i386_64bit_segments
only if SEGMENTS is true.
* gdb/gdbserver/win32-i386-low.c (i386_arch_setup): Update
call to amd64_create_target_description.
Tested on x86_64-windows using AdaCore's testsuite (by Joel Brobecker
<brobecker at adacore dot com>).
Remove regcache_raw_write, update all callers to use regcache::raw_write
instead.
gdb/ChangeLog:
* regcache.h (regcache_raw_write): Remove, update callers to use
regcache::raw_write instead.
* regcache.c (regcache_raw_write): Remove.
Remove regcache_raw_read, update all callers to use
readable_regcache::raw_read instead.
gdb/ChangeLog:
* regcache.h (regcache_raw_read): Remove, update callers to use
readable_regcache::raw_read instead.
* regcache.c (regcache_raw_read): Remove.
For GNU/Linux on x86-64, if the target is using the xsave format for
passing the floating-point information from the inferior then there
currently exists a bug relating to the x87 control registers, and the
mxcsr register.
The xsave format allows different floating-point features to be lazily
enabled, a bit in the xsave format tells GDB which floating-point
features have been enabled, and which have not.
Currently in GDB, when reading the floating point state, we check the
xsave bit flags, if the feature is enabled then we read the feature
from the xsave buffer, and if the feature is not enabled, then we
supply the default value from within GDB.
Within GDB, when writing the floating point state, we first fetch the
xsave state from the target and then, for any feature that is not yet
enabled, we write the default values into the xsave buffer. Next we
compare the regcache value with the value in the xsave buffer, and, if
the value has changed we update the value in the xsave buffer, and
mark the feature enabled in the xsave bit flags.
The problem then, is that the x87 control registers were not following
this pattern. We assumed that these registers were always written out
by the kernel, and we always wrote them out to the xsave buffer (but
didn't enabled the feature). The result of this is that if the kernel
had not yet enabled the x87 feature then within GDB we would see
random values for the x87 floating point control registers, and if the
user tried to modify one of these register, that modification would be
lost.
Finally, the mxcsr register was also broken in the same way as the x87
control registers. The added complexity with this case is that the
mxcsr register is part of both the avx and sse floating point feature
set. When reading or writing this register we need to check that at
least one of these features is enabled.
This bug was present in native GDB, and within gdbserver. Both are
fixed with this commit.
gdb/ChangeLog:
* common/x86-xstate.h (I387_FCTRL_INIT_VAL): New constant.
(I387_MXCSR_INIT_VAL): New constant.
* amd64-tdep.c (amd64_supply_xsave): Only read state from xsave
buffer if it was supplied by the inferior.
* i387-tdep.c (i387_supply_fsave): Use I387_MXCSR_INIT_VAL.
(i387_xsave_get_clear_bv): New function.
(i387_supply_xsave): Only read x87 control registers from the
xsave buffer if the feature is enabled, and the state will have
been written, otherwise, provide a suitable default.
(i387_collect_xsave): Pre-clear all registers in xsave buffer,
including x87 control registers. Update control registers if they
have changed from the default value, and mark features as enabled
as required.
* i387-tdep.h (i387_xsave_get_clear_bv): Declare.
gdb/gdbserver/ChangeLog:
* i387-fp.c (i387_cache_to_xsave): Only write x87 control
registers to the cache if their values have changed.
(i387_xsave_to_cache): Provide default values for x87 control
registers when these features are available, but disabled.
* regcache.c (supply_register_by_name_zeroed): New function.
* regcache.h (supply_register_by_name_zeroed): Declare new
function.
gdb/testsuite/ChangeLog:
* gdb.arch/amd64-init-x87-values.S: New file.
* gdb.arch/amd64-init-x87-values.exp: New file.
With version 7.3 GCC supports new options
-mindirect-branch=<choice>
-mfunction-return=<choice>
The choices are:
keep behaves as before
thunk jumps through a thunk
thunk-external jumps through an external thunk
thunk-inline jumps through an inlined thunk
For thunk and thunk-external, GDB would, on a call to the thunk, step into
the thunk and then resume to its caller assuming that this is an
undebuggable function. On a return thunk, GDB would stop inside the
thunk.
Make GDB step through such thunks instead.
Before:
Temporary breakpoint 1, main ()
at gdb.base/step-indirect-call-thunk.c:37
37 x = apply (inc, 41);
(gdb) s
apply (op=0x80483e6 <inc>, x=41)
at gdb.base/step-indirect-call-thunk.c:29
29 return op (x);
(gdb)
30 }
After:
Temporary breakpoint 1, main ()
at gdb.base/step-indirect-call-thunk.c:37
37 x = apply (inc, 41);
(gdb) s
apply (op=0x80483e6 <inc>, x=41)
at gdb.base/step-indirect-call-thunk.c:29
29 return op (x);
(gdb)
inc (x=41) at gdb.base/step-indirect-call-thunk.c:23
23 return x + 1;
This is independent of the step-mode. In order to step into the thunk,
you would need to use stepi.
When stepping over an indirect call thunk, GDB would first step through
the thunk, then recognize that it stepped into a sub-routine and resume to
the caller (of the thunk). Not sure whether this is worth optimizing.
Thunk detection is implemented via gdbarch. I implemented the methods for
IA. Other architectures may run into unexpected fails.
The tests assume a fixed number of instruction steps to reach a thunk.
This depends on the compiler as well as the architecture. They may need
adjustments when we add support for more architectures. Or we can simply
drop those tests that cover being able to step into thunks using
instruction stepping.
When using an older GCC, the tests will fail to build and will be reported
as untested:
Running .../gdb.base/step-indirect-call-thunk.exp ...
gdb compile failed, \
gcc: error: unrecognized command line option '-mindirect-branch=thunk'
gcc: error: unrecognized command line option '-mfunction-return=thunk'
=== gdb Summary ===
# of untested testcases 1
gdb/
* infrun.c (process_event_stop_test): Call
gdbarch_in_indirect_branch_thunk.
* gdbarch.sh (in_indirect_branch_thunk): New.
* gdbarch.c: Regenerated.
* gdbarch.h: Regenerated.
* x86-tdep.h: New.
* x86-tdep.c: New.
* Makefile.in (ALL_TARGET_OBS): Add x86-tdep.o.
(HFILES_NO_SRCDIR): Add x86-tdep.h.
(ALLDEPFILES): Add x86-tdep.c.
* arch-utils.h (default_in_indirect_branch_thunk): New.
* arch-utils.c (default_in_indirect_branch_thunk): New.
* i386-tdep: Include x86-tdep.h.
(i386_in_indirect_branch_thunk): New.
(i386_elf_init_abi): Set in_indirect_branch_thunk gdbarch
function.
* amd64-tdep: Include x86-tdep.h.
(amd64_in_indirect_branch_thunk): New.
(amd64_init_abi): Set in_indirect_branch_thunk gdbarch function.
testsuite/
* gdb.base/step-indirect-call-thunk.exp: New.
* gdb.base/step-indirect-call-thunk.c: New.
* gdb.reverse/step-indirect-call-thunk.exp: New.
* gdb.reverse/step-indirect-call-thunk.c: New.
When a 64-bits (x86-64) gdbarch is created, it is first born as a
32-bits gdbarch in i386_gdbarch_init. The call gdbarch_init_osabi will
call the handler register for the selected (arch, osabi) pair, such as
amd64_linux_init_abi. The various amd64 handlers call amd64_init_abi,
which turns the gdbarch into a 64-bits one.
When selecting the i386:x86-64 architecture with no osabi, no such
handler is ever called, so the gdbarch stays (wrongfully) a 32-bits one.
My first idea was to manually call amd64_init_abi & al in
i386_gdbarch_init when the osabi is GDB_OSABI_NONE. However, this
doesn't work in a build of GDB where i386 is included as a target but
not amd64. My next option (implemented in this patch), is to allow
registering handlers for GDB_OSABI_NONE. I added two such handlers in
amd64-tdep.c, so now it works the same as for the "normal" osabis. It
required re-ordering things in gdbarch_init_osabi to allow running
handlers for GDB_OSABI_NONE.
Without this patch applied (but with the previous one*) :
(gdb) set osabi none
(gdb) set architecture i386:x86-64
The target architecture is assumed to be i386:x86-64
(gdb) p sizeof(void*)
$1 = 4
and now:
(gdb) set osabi none
(gdb) set architecture i386:x86-64
The target architecture is assumed to be i386:x86-64
(gdb) p sizeof(void*)
$1 = 8
* Before the previous patch, which fixed "set osabi none", this bug was
hidden because we didn't actually try to generate a gdbarch for no
osabi, it would always fall back on Linux. Generating the gdbarch for
amd64/linux did work.
gdb/ChangeLog:
PR gdb/22979
* amd64-tdep.c (amd64_none_init_abi): New function.
(amd64_x32_none_init_abi): New function.
(_initialize_amd64_tdep): Register handlers for x86-64 and
x64_32 with GDB_OSABI_NONE.
* osabi.c (gdbarch_init_osabi): Allow running handlers for the
GDB_OSABI_NONE osabi.
gdb/testsuite/ChangeLog:
PR gdb/22979
* gdb.arch/amd64-osabi.exp: New file.
In some cases passing an argument to a function on amd64, or attempting
to fetch the return value, can trigger an assertion failure within GDB.
An example of a type that would trigger such an error is:
struct foo_t
{
long double a;
struct {
struct {
/* Empty. */
} es1;
} s1;
};
GCC does permit empty structures, so we should probably support this.
The test that exposes this bug is in the next commit along with the
RiscV support.
gdb/ChangeLog:
* amd64-tdep.c (amd64_classify_aggregate): Ignore zero sized
fields within aggregates.
pseudo registers are either from raw registers or memory, so
gdbarch methods pseudo_register_read and pseudo_register_read_value
should have regcache object which only have read methods. In other
words, we should disallow writing to regcache in these two gdbarch
methods. In order to apply this restriction, this patch adds a new
class readable_regcache, derived from reg_buffer, and it only has
raw_read and cooked_read methods. regcache is derived from
readable_regcache. This patch also passes readable_regcache instead of
regcache to gdbarch methods pseudo_register_read and
pseudo_register_read_value.
This patch moves raw_read* and cooked_read* methods to readable_regcache,
which is straightforward. One thing not straightforward is that I split
regcache::xfer_part to readable_regcache::read_part and regcache::write_part,
because readable_regcache can only have methods to read.
readable_regcache is an abstract base class, and it has a pure virtual
function raw_update, because I don't want readable_regcache know where
these raw registers are from. They can be from either the target
(readwrite regcache) or the regcache itself (readonly regcache).
gdb:
2018-02-21 Yao Qi <yao.qi@linaro.org>
* aarch64-tdep.c (aarch64_pseudo_register_read_value): Change
parameter type to 'readable_regcache *'.
* amd64-tdep.c (amd64_pseudo_register_read_value): Likewise.
* arm-tdep.c (arm_neon_quad_read): Likewise.
(arm_pseudo_read): Likewise.
* avr-tdep.c (avr_pseudo_register_read): Likewise.
* bfin-tdep.c (bfin_pseudo_register_read): Likewise.
* frv-tdep.c (frv_pseudo_register_read): Likewise.
* gdbarch.c: Re-generated.
* gdbarch.h: Re-generated.
* gdbarch.sh (pseudo_register_read): Change parameter type to
'readable_regcache *'.
(pseudo_register_read_value): Likewise.
* h8300-tdep.c (pseudo_from_raw_register): Likewise.
(h8300_pseudo_register_read): Likewise.
* hppa-tdep.c (hppa_pseudo_register_read): Likewise.
* i386-tdep.c (i386_mmx_regnum_to_fp_regnum): Likewise.
(i386_pseudo_register_read_into_value): Likewise.
(i386_pseudo_register_read_value): Likewise.
* i386-tdep.h (i386_pseudo_register_read_into_value): Update
declaration.
* ia64-tdep.c (ia64_pseudo_register_read): Likewise.
* m32c-tdep.c (m32c_raw_read): Likewise.
(m32c_read_flg): Likewise.
(m32c_banked_register): Likewise.
(m32c_banked_read): Likewise.
(m32c_sb_read): Likewise.
(m32c_part_read): Likewise.
(m32c_cat_read): Likewise.
(m32c_r3r2r1r0_read): Likewise.
(m32c_pseudo_register_read): Likewise.
* m68hc11-tdep.c (m68hc11_pseudo_register_read): Likewise.
* mep-tdep.c (mep_pseudo_cr32_read): Likewise.
(mep_pseudo_cr64_read): Likewise.
(mep_pseudo_register_read): Likewise.
* mips-tdep.c (mips_pseudo_register_read): Likewise.
* msp430-tdep.c (msp430_pseudo_register_read): Likewise.
* nds32-tdep.c (nds32_pseudo_register_read): Likewise.
* regcache.c (regcache::raw_read): Move it to readable_regcache.
(regcache::cooked_read): Likewise.
(regcache::cooked_read_value): Likewise.
(regcache_cooked_read_signed):
(regcache::cooked_read): Likewise.
* regcache.h (readable_regcache): New class.
(regcache): Inherit readable_regcache. Move some methods to
readable_regcache.
* rl78-tdep.c (rl78_pseudo_register_read): Change
parameter type to 'readable_regcache *'.
* rs6000-tdep.c (do_regcache_raw_read): Remove.
(e500_pseudo_register_read): Change parameter type to
'readable_regcache *'.
(dfp_pseudo_register_read): Likewise.
(vsx_pseudo_register_read): Likewise.
(efpr_pseudo_register_read): Likewise.
* s390-tdep.c (s390_pseudo_register_read): Likewise.
* sh-tdep.c (sh_pseudo_register_read): Likewise.
* sh64-tdep.c (pseudo_register_read_portions): Likewise.
(sh64_pseudo_register_read): Likewise.
* sparc-tdep.c (sparc32_pseudo_register_read): Likewise.
* sparc64-tdep.c (sparc64_pseudo_register_read): Likewise.
* spu-tdep.c (spu_pseudo_register_read_spu): Likewise.
(spu_pseudo_register_read): Likewise.
* xtensa-tdep.c (xtensa_register_read_masked): Likewise.
(xtensa_pseudo_register_read): Likewise.
The patch later in this series will move regcache's raw_read and
cooked_read methods to a new class regcache_read, and regcache is
dervied from it. Also pass regcache_read instead of regcache to gdbarch
methods pseudo_register_read and pseudo_register_read_value. In order
to prepare for this change, this patch changes regcache_raw_read to
regcache->raw_read. On the other hand, since we are in C++, I prefer
using class method (regcache->raw_read).
gdb:
2018-01-22 Yao Qi <yao.qi@linaro.org>
* aarch64-tdep.c (aarch64_pseudo_read_value): Call regcache
method raw_read instead of regcache_raw_read.
* amd64-tdep.c (amd64_pseudo_register_read_value): Likewise.
* arm-tdep.c (arm_neon_quad_read): Likewise.
* avr-tdep.c (avr_pseudo_register_read): Likewise.
* bfin-tdep.c (bfin_pseudo_register_read): Likewise.
* frv-tdep.c (frv_pseudo_register_read): Likewise.
* h8300-tdep.c (h8300_pseudo_register_read): Likewise.
* i386-tdep.c (i386_mmx_regnum_to_fp_regnum): Likewise.
(i386_pseudo_register_read_into_value): Likewise.
* mep-tdep.c (mep_pseudo_cr32_read): Likewise.
* msp430-tdep.c (msp430_pseudo_register_read): Likewise.
* nds32-tdep.c (nds32_pseudo_register_read): Likewise.
* rl78-tdep.c (rl78_pseudo_register_read): Likewise.
* s390-linux-tdep.c (s390_pseudo_register_read): Likewise.
* sparc-tdep.c (sparc32_pseudo_register_read): Likewise.
* sparc64-tdep.c (sparc64_pseudo_register_read): Likewise.
* spu-tdep.c (spu_pseudo_register_read_spu): Likewise.
* xtensa-tdep.c (xtensa_pseudo_register_read): Likewise.
PR gdb/22499 is about a latent bug exposed by the switch to "maint set
target-non-stop on" by default on x86-64 GNU/Linux, a while ago. With
that on, GDB is also preferring to use displaced-stepping by default.
The testcase in the bug is failing because GDB ends up incorrectly
displaced-stepping over a RIP-relative VEX-encoded instruction, like
this:
0x00000000004007f5 <+15>: c5 fb 10 05 8b 01 00 00 vmovsd 0x18b(%rip),%xmm0 # 0x400988
While RIP-relative instructions need adjustment when relocated to the
scratch pad, GDB ends up just copying VEX-encoded instructions to the
scratch pad unmodified, with the end result that the inferior ends up
executing an instruction that fetches/writes memory from the wrong
address...
This patch teaches GDB about the VEX-encoding prefixes, fixing the
problem, and adds a testcase that fails without the GDB fix.
I think we may need a similar treatment for EVEX-encoded instructions,
but I didn't address that simply because I couldn't find any
EVEX-encoded RIP-relative instruction in the gas testsuite. In any
case, this commit is forward progress as-is already.
gdb/ChangeLog:
2017-12-04 Pedro Alves <palves@redhat.com>
PR gdb/22499
* amd64-tdep.c (amd64_insn::rex_offset): Rename to...
(amd64_insn::enc_prefix_offset): ... this, and tweak comment.
(vex2_prefix_p, vex3_prefix_p): New functions.
(amd64_get_insn_details): Adjust to rename. Also skip VEX2 and
VEX3 prefixes.
(fixup_riprel): Set VEX3.!B.
gdb/testsuite/ChangeLog:
2017-12-04 Pedro Alves <palves@redhat.com>
PR gdb/22499
* gdb.arch/amd64-disp-step-avx.S: New file.
* gdb.arch/amd64-disp-step-avx.exp: New file.
displaced_step_closure is a type defined in multiple -tdep.c files.
Trying to xfree it from the common code (infrun.c) is a problem when we
try to poison xfree for non-POD types. Because there can be multiple of
these types in the same build, this patch makes a hierarchy of classes
with a virtual destructor. When the common code deletes the object
through a displaced_step_closure pointer, it will invoke the right
destructor.
The amd64 used a last-member array with a variable size. That doesn't
work with new, so I changed it for an std::vector. Other architectures
which used a simple byte buffer as a closure now use a shared
buf_displaced_step_closure, a closure type that only contains a
gdb::byte_vector.
Reg-tested on the buildbot.
gdb/ChangeLog:
* infrun.h: Include common/byte-vector.h.
(struct displaced_step_closure): New struct.
(struct buf_displaced_step_closure): New struct.
* infrun.c (displaced_step_closure::~displaced_step_closure):
Provide default implementation.
(displaced_step_clear): Deallocate step closure with delete.
* aarch64-tdep.c (displaced_step_closure): Rename to ...
(aarch64_displaced_step_closure): ... this, extend
displaced_step_closure.
(aarch64_displaced_step_data) <dsc>: Change type to
aarch64_displaced_step_closure.
(aarch64_displaced_step_copy_insn): Adjust to type change, use
unique_ptr.
(aarch64_displaced_step_fixup): Add cast for displaced step
closure.
* amd64-tdep.c (displaced_step_closure): Rename to ...
(amd64_displaced_step_closure): ... this, extend
displaced_step_closure.
<insn_buf>: Change type to std::vector<gdb_byte>.
<max_len>: Remove.
(fixup_riprel): Change type of DSC parameter, adjust to type
change of insn_buf.
(fixup_displaced_copy): Change type of DSC parameter.
(amd64_displaced_step_copy_insn): Instantiate
amd64_displaced_step_closure.
(amd64_displaced_step_fixup): Add cast for closure type, adjust
to type change of insn_buf.
* arm-linux-tdep.c (arm_linux_cleanup_svc): Change type of
parameter DSC.
(arm_linux_copy_svc): Likewise.
(cleanup_kernel_helper_return): Likewise.
(arm_catch_kernel_helper_return): Likewise.
(arm_linux_displaced_step_copy_insn): Instantiate
arm_displaced_step_closure.
* arm-tdep.c (arm_pc_is_thumb): Add cast for closure.
(displaced_read_reg): Change type of parameter DSC.
(branch_write_pc): Likewise.
(load_write_pc): Likewise.
(alu_write_pc): Likewise.
(displaced_write_reg): Likewise.
(arm_copy_unmodified): Likewise.
(thumb_copy_unmodified_32bit): Likewise.
(thumb_copy_unmodified_16bit): Likewise.
(cleanup_preload): Likewise.
(install_preload): Likewise.
(arm_copy_preload): Likewise.
(thumb2_copy_preload): Likewise.
(install_preload_reg): Likewise.
(arm_copy_preload_reg): Likewise.
(cleanup_copro_load_store): Likewise.
(install_copro_load_store): Likewise.
(arm_copy_copro_load_store) Likewise.
(thumb2_copy_copro_load_store): Likewise.
(cleanup_branch): Likewise.
(install_b_bl_blx): Likewise.
(arm_copy_b_bl_blx): Likewise.
(thumb2_copy_b_bl_blx): Likewise.
(thumb_copy_b): Likewise.
(install_bx_blx_reg): Likewise.
(arm_copy_bx_blx_reg): Likewise.
(thumb_copy_bx_blx_reg): Likewise.
(cleanup_alu_imm): Likewise.
(arm_copy_alu_imm): Likewise.
(thumb2_copy_alu_imm): Likewise.
(cleanup_alu_reg): Likewise.
(install_alu_reg): Likewise.
(arm_copy_alu_reg): Likewise.
(thumb_copy_alu_reg): Likewise.
(cleanup_alu_shifted_reg): Likewise.
(install_alu_shifted_reg): Likewise.
(arm_copy_alu_shifted_reg): Likewise.
(cleanup_load): Likewise.
(cleanup_store): Likewise.
(arm_copy_extra_ld_st): Likewise.
(install_load_store): Likewise.
(thumb2_copy_load_literal): Likewise.
(thumb2_copy_load_reg_imm): Likewise.
(arm_copy_ldr_str_ldrb_strb): Likewise.
(cleanup_block_load_all): Likewise.
(cleanup_block_store_pc): Likewise.
(cleanup_block_load_pc): Likewise.
(arm_copy_block_xfer): Likewise.
(thumb2_copy_block_xfer): Likewise.
(cleanup_svc): Likewise.
(install_svc): Likewise.
(arm_copy_svc): Likewise.
(thumb_copy_svc): Likewise.
(arm_copy_undef): Likewise.
(thumb_32bit_copy_undef): Likewise.
(arm_copy_unpred): Likewise.
(arm_decode_misc_memhint_neon): Likewise.
(arm_decode_unconditional): Likewise.
(arm_decode_miscellaneous): Likewise.
(arm_decode_dp_misc): Likewise.
(arm_decode_ld_st_word_ubyte): Likewise.
(arm_decode_media): Likewise.
(arm_decode_b_bl_ldmstm): Likewise.
(arm_decode_ext_reg_ld_st): Likewise.
(thumb2_decode_dp_shift_reg): Likewise.
(thumb2_decode_ext_reg_ld_st): Likewise.
(arm_decode_svc_copro): Likewise.
(thumb2_decode_svc_copro): Likewise.
(install_pc_relative): Likewise.
(thumb_copy_pc_relative_16bit): Likewise.
(thumb_decode_pc_relative_16bit): Likewise.
(thumb_copy_pc_relative_32bit): Likewise.
(thumb_copy_16bit_ldr_literal): Likewise.
(thumb_copy_cbnz_cbz): Likewise.
(thumb2_copy_table_branch): Likewise.
(cleanup_pop_pc_16bit_all): Likewise.
(thumb_copy_pop_pc_16bit): Likewise.
(thumb_process_displaced_16bit_insn): Likewise.
(decode_thumb_32bit_ld_mem_hints): Likewise.
(thumb_process_displaced_32bit_insn): Likewise.
(thumb_process_displaced_insn): Likewise.
(arm_process_displaced_insn): Likewise.
(arm_displaced_init_closure): Likewise.
(arm_displaced_step_fixup): Add cast for closure.
* arm-tdep.h: Include infrun.h.
(displaced_step_closure): Rename to ...
(arm_displaced_step_closure): ... this, extend
displaced_step_closure.
<u::svc::copy_svc_os>: Change type of parameter DSC.
<cleanup>: Likewise.
(arm_process_displaced_insn): Likewise.
(arm_displaced_init_closure): Likewise.
(displaced_read_reg): Likewise.
(displaced_write_reg): Likewise.
* i386-linux-tdep.c (i386_linux_displaced_step_copy_insn):
Adjust.
* i386-tdep.h: Include infrun.h.
(i386_displaced_step_closure): New typedef.
* i386-tdep.c (i386_displaced_step_copy_insn): Use
i386_displaced_step_closure.
(i386_displaced_step_fixup): Adjust.
* rs6000-tdep.c (ppc_displaced_step_closure): New typedef.
(ppc_displaced_step_copy_insn): Use ppc_displaced_step_closure
and unique_ptr.
(ppc_displaced_step_fixup): Adjust.
* s390-linux-tdep.c (s390_displaced_step_closure): New typedef.
(s390_displaced_step_copy_insn): Use s390_displaced_step_closure
and unique_ptr.
(s390_displaced_step_fixup): Adjust.
Ref: https://sourceware.org/ml/gdb-patches/2017-07/msg00162.html
Debugging x86-64 GNU/Linux programs currently crashes GDB in
tdesc_use_registers during gdbarch initialization:
Program received signal SIGSEGV, Segmentation fault.
0x0000000001093eaf in htab_remove_elt_with_hash (htab=0x2ef9fa0, element=0x26af960, hash=557151073) at src/libiberty/hashtab.c:728
728 if (*slot == HTAB_EMPTY_ENTRY)
(top-gdb) p slot
$1 = (void **) 0x0
(top-gdb) bt
#0 0x0000000001093eaf in htab_remove_elt_with_hash (htab=0x2ef9fa0, element=0x26af960, hash=557151073) at src/libiberty/hashtab.c:728
#1 0x0000000001093e79 in htab_remove_elt (htab=0x2ef9fa0, element=0x26af960) at src/libiberty/hashtab.c:714
#2 0x00000000009121b0 in tdesc_use_registers (gdbarch=0x3001240, target_desc=0x2659cb0, early_data=0x2881cb0)
at src/gdb/target-descriptions.c:1328
#3 0x000000000047c93e in i386_gdbarch_init (info=..., arches=0x0) at src/gdb/i386-tdep.c:8634
#4 0x0000000000818d5f in gdbarch_find_by_info (info=...) at src/gdb/gdbarch.c:5394
#5 0x00000000007198a8 in set_gdbarch_from_file (abfd=0x2f48250) at src/gdb/arch-utils.c:618
#6 0x00000000007f21cb in exec_file_attach (filename=0x7fffffffddb0 "/home/pedro/gdb/tests/threads", from_tty=1) at src/gdb/exec.c:380
#7 0x0000000000865c18 in catch_command_errors_const (command=0x7f1d83 <exec_file_attach(char const*, int)>, arg=0x7fffffffddb0 "/home/pedro/gdb/tests/threads",
from_tty=1) at src/gdb/main.c:403
#8 0x00000000008669cf in captured_main_1 (context=0x7fffffffd860) at src/gdb/main.c:1035
#9 0x0000000000866de2 in captured_main (data=0x7fffffffd860) at src/gdb/main.c:1142
#10 0x0000000000866e24 in gdb_main (args=0x7fffffffd860) at src/gdb/main.c:1160
#11 0x000000000041312d in main (argc=3, argv=0x7fffffffd968) at src/gdb/gdb.c:32
The direct cause of the crash is that we tried to remove an element
from the hash which supposedly exists, but does not. (htab_remove_elt
shouldn't really crash in this case, but that's secondary.)
The real problem is that early_data passed to tdesc_use_registers
includes regs from a target description that is not the target_desc,
which violates its assumptions. The registers in question are the
fs_base/gs_base registers, added by amd64_init_abi:
tdesc_numbered_register (feature, tdesc_data_segments,
AMD64_FSBASE_REGNUM, "fs_base");
tdesc_numbered_register (feature, tdesc_data_segments,
AMD64_GSBASE_REGNUM, "gs_base");
and that happens because amd64_linux_init_abi uses amd64_init_abi as
helper, but they don't coordinate on which fallback tdesc to use.
amd64_init_abi does:
if (! tdesc_has_registers (tdesc))
tdesc = tdesc_amd64;
and then adds the fs_base/gs_base registers of the "tdesc_amd64" tdesc
to the tdesc_arch_data.
After amd64_init_abi returns, amd64_linux_init_abi does:
if (! tdesc_has_registers (tdesc))
tdesc = tdesc_amd64_linux;
tdep->tdesc = tdesc;
and we end up tdesc_amd64_linux installed in tdep->tdesc.
The fix is to make sure that amd64_linux_init_abi and amd64_init_abi
agree on default tdesc, by adding a "default tdesc" parameter to
amd64_init_abi, instead of having amd64_init_abi hardcode a default.
With this, amd64_init_abi creates the fs_base/gs_base registers using
the tdesc_amd64_linux tdesc.
Tested on x86-64 GNU/Linux, -m64. I don't have an x32 setup handy.
Thanks to John Baldwin, Yao Qi and Simon Marchi for the investigation.
gdb/ChangeLog:
2017-07-13 Pedro Alves <palves@redhat.com>
* amd64-darwin-tdep.c (x86_darwin_init_abi_64): Pass tdesc_amd64
as default tdesc.
* amd64-dicos-tdep.c (amd64_dicos_init_abi):
* amd64-fbsd-tdep.c (amd64fbsd_init_abi):
* amd64-linux-tdep.c (amd64_linux_init_abi): Pass
tdesc_amd64_linux as default tdesc. Get final tdesc from the
tdep.
(amd64_x32_linux_init_abi): Pass tdesc_x32_linux as default tdesc.
Get final tdesc from the tdep.
* amd64-nbsd-tdep.c (amd64nbsd_init_abi): Pass tdesc_amd64 as
default tdesc.
* amd64-obsd-tdep.c (amd64obsd_init_abi): Likewise.
* amd64-sol2-tdep.c (amd64_sol2_init_abi): Likewise.
* amd64-tdep.c (amd64_init_abi): Add 'default_tdesc' parameter.
Use it as default tdesc.
(amd64_x32_init_abi): Add 'default_tdesc' parameter, and pass it
down to amd_init_abi. No longer handle fallback tdesc here.
* amd64-tdep.h (tdesc_x32): Declare.
(amd64_init_abi, amd64_x32_init_abi): Add 'default_tdesc'
parameter.
* amd64-windows-tdep.c (amd64_windows_init_abi): Pass tdesc_amd64
as default tdesc.
This patch initializes the BND registers before executing the inferior
call. BND registers can be in arbitrary values at the moment of the
inferior call. In case the function being called uses as part of the
parameters BND register, e.g. when passing a pointer as parameter, the
current value of the register will be used. This can cause boundary
violations that are not due to a real bug or even desired by the user.
In this sense the best to be done is set the BND registers to allow
access to the whole memory, i.e. initialized state, before pushing the
inferior call.
2017-03-07 Walfred Tedeschi <walfred.tedeschi@intel.com>
gdb/ChangeLog:
* i387-tdep.h (i387_reset_bnd_regs): Add function definition.
* i387-tdep.c (i387_reset_bnd_regs): Add function implementation.
* i386-tdep.c (i386_push_dummy_call): Call i387_reset_bnd_regs.
* amd64-tdep (amd64_push_dummy_call): Call i387_reset_bnd_regs.
gdb/testsuite/ChangeLog:
* i386-mpx-call.c: New file.
* i386-mpx-call.exp: New file.
gdb/doc/ChangeLog:
* Memory Protection Extensions: Add information about inferior
calls.
This patch allows examination of the registers FS_BASE and GS_BASE
for Linux Systems running on 64bit. Tests for simple read and write
of the new registers is also added with this patch.
2017-01-27 Walfred Tedeschi <walfred.tedeschi@intel.com>
Richard Henderson <rth@redhat.com>
gdb/ChangeLog:
* amd64-linux-nat.c (PTRACE_ARCH_PRCTL): New define.
(amd64_linux_fetch_inferior_registers): Add case to fetch FS_BASE
GS_BASE for older kernels.
(amd64_linux_store_inferior_registers): Add case to store FS_BASE
GS_BASE for older kernels.
* amd64-linux-tdep.c (amd64_linux_gregset_reg_offset): Add FS_BASE
and GS_BASE to the offset table.
(amd64_linux_register_reggroup_p): Add FS_BASE and GS_BASE to the
system register group.
* amd64-nat.c (amd64_native_gregset_reg_offset): Implements case
for older kernels.
* amd64-tdep.c (amd64_init_abi): Add segment registers for the
amd64 ABI.
* amd64-tdep.h (amd64_regnum): Add AMD64_FSBASE_REGNUM and
AMD64_GSBASE_REGNUM.
(AMD64_NUM_REGS): Set to AMD64_GSBASE_REGNUM + 1.
* features/Makefile (amd64-linux.dat, amd64-avx-linux.dat)
(amd64-mpx-linux.dat, amd64-avx512-linux.dat, x32-linux.dat)
(x32-avx-linux.dat, x32-avx512-linux.dat): Add
i386/64bit-segments.xml in those rules.
* features/i386/64bit-segments.xml: New file.
* features/i386/amd64-avx-mpx-linux.xml: Add 64bit-segments.xml.
* features/i386/amd64-avx-linux.xml: Add 64bit-segments.xml.
* features/i386/amd64-avx512-linux.xml: Add 64bit-segments.xml.
* features/i386/amd64-mpx-linux.xml: Add 64bit-segments.xml.
* features/i386/x32-avx512-linux.xml: Add 64bit-segments.xml.
* features/i386/x32-avx-linux.xml: Add 64bit-segments.xml.
* features/i386/amd64-linux.xml: Add 64bit-segments.xml.
* features/i386/amd64-avx-linux.c: Regenerated.
* features/i386/amd64-avx-mpx-linux.c: Regenerated.
* features/i386/amd64-avx-mpx.c: Regenerated.
* features/i386/amd64-avx512-linux.c: Regenerated.
* features/i386/amd64-linux.c: Regenerated.
* features/i386/amd64-mpx-linux.c: Regenerated.
* features/i386/i386-avx-mpx-linux.c: Regenerated.
* features/i386/i386-avx-mpx.c: Regenerated.
* features/i386/x32-avx-linux.c: Regenerated.
* features/i386/x32-avx512-linux.c: Regenerated.
* regformats/i386/amd64-avx-linux.dat: Regenerated.
* regformats/i386/amd64-avx-mpx-linux.dat: Regenerated.
* regformats/i386/amd64-avx512-linux.dat: Regenerated.
* regformats/i386/amd64-linux.dat: Regenerated.
* regformats/i386/amd64-mpx-linux.dat: Regenerated.
* regformats/i386/x32-avx-linux.dat: Regenerated.
* regformats/i386/x32-avx512-linux.dat: Regenerated.
* regformats/i386/x32-linux.dat: Regenerated.
gdb/doc/ChangeLog:
* gdb.texinfo (i386 Features): Add system segment registers
as feature.
gdb/gdbserver/ChangeLog:
* linux-x86-low.c (x86_64_regmap): Add fs_base and gs_base
to the register table.
(x86_fill_gregset): Add support for old kernels for the
fs_base and gs_base system registers.
(x86_store_gregset): Likewise.
* configure.srv (srv_i386_64bit_xmlfiles): Add 64bit-segments.xml.
gdb/testsuite/ChangeLog:
* gdb.arch/amd64-gs_base.c: New file.
* gdb.arch/amd64-gs_base.exp: New file.
Change-Id: I2e0eeb93058a2320d4d3b045082643cfe4aff963
Signed-off-by: Walfred Tedeschi <walfred.tedeschi@intel.com>
This applies the second part of GDB's End of Year Procedure, which
updates the copyright year range in all of GDB's files.
gdb/ChangeLog:
Update copyright year range in all GDB files.
Running the fast tracepoints tests against x32 gdbserver exposes a
latent bug. E.g.,:
(gdb)
continue
Continuing.
Reading /media/sf_host-pedro/gdb/mygit/build-ubuntu-x32/gdb/testsuite/outputs/gdb.trace/change-loc/change-loc-2.sl from remote target...
Thread 1 "change-loc" received signal SIGSEGV, Segmentation fault.
func4 () at /home/pedro/gdb/src/gdb/testsuite/gdb.trace/change-loc.h:24
24 }
(gdb) FAIL: gdb.trace/change-loc.exp: 1 ftrace: continue to marker 2
The test sets a fast tracepoint on a shared library. On x32, shared
libraries end up loaded somewhere in the upper 2GB of the 4GB address
space x32 has access to. When gdbserver needs to copy an instruction
to execute it in the jump pad, it asks gdb to relocate/adjust it, with
the qRelocInsn packet. gdb converts "call" instructions into a "push
$<2GB-4GB addr> + jmp" sequence, however, the "pushq" instruction sign
extends its operand, so later when the called function returns, it
returns to an incorrectly sign-extended address. E.g.,
0xfffffffffabc0000 instead of 0xfabc0000, resulting in the
segmentation fault.
Fix this by converting calls at such addresses to "sub + mov + jmp"
sequences instead.
gdb/ChangeLog:
2016-08-19 Pedro Alves <palves@redhat.com>
* amd64-tdep.c (amd64_relocate_instruction) <callq>: Handle return
addresses over 0x7fffffff.
The current MPX target descriptions assume that MPX is always combined
with AVX, however that's not correct. We can have machines with MPX
and without AVX; or machines with AVX and without MPX.
This patch adds new target descriptions for machines that support
both MPX and AVX, as duplicates of the existing MPX descriptions.
The following commit will remove AVX from the MPX-only descriptions.
2016-04-16 Walfred Tedeschi <walfred.tedeschi@intel.com>
gdb/ChangeLog:
* amd64-linux-tdep.c (features/i386/amd64-avx-mpx-linux.c):
New include.
(amd64_linux_core_read_description): Add case for
X86_XSTATE_AVX_MPX_MASK.
(_initialize_amd64_linux_tdep): Call initialize_tdesc_amd64_avx_mpx_linux.
* amd64-linux-tdep.h (tdesc_amd64_avx_mpx_linux): New definition.
* amd64-tdep.c (features/i386/amd64-avx-mpx.c): New include.
(amd64_target_description): Add case for X86_XSTATE_AVX_MPX_MASK.
(_initialize_amd64_tdep): Call initialize_tdesc_amd64_avx_mpx.
* common/x86-xstate.h (X86_XSTATE_MPX_MASK): Remove AVX bits.
(X86_XSTATE_AVX_MPX_MASK): New case.
* features/Makefile (i386/i386-avx-mpx, i386/i386-avx-mpx-linux)
(i386/amd64-avx-mpx, i386/amd64-avx-mpx-linux): New rules.
(i386/i386-avx-mpx-expedite, i386/i386-avx-mpx-linux-expedite)
(i386/amd64-avx-mpx-expedite, i386/amd64-avx-mpx-linux-expedite):
New expedites.
* i386-linux-tdep.c (features/i386/i386-avx-mpx-linux.c): New
include.
(i386_linux_core_read_description): Add case
X86_XSTATE_AVX_MPX_MASK.
(_initialize_i386_linux_tdep): Call
initialize_tdesc_i386_avx_mpx_linux.
* i386-linux-tdep.h (tdesc_i386_avx_mpx_linux): New include.
* i386-tdep.c (features/i386/i386-avx-mpx.c): New include.
(i386_target_description): Add case for X86_XSTATE_AVX_MPX_MASK.
* x86-linux-nat.c (x86_linux_read_description): Add case for
X86_XSTATE_AVX_MPX_MASK.
* features/i386/amd64-avx-mpx-linux.xml: New file.
* features/i386/i386-avx-mpx-linux.xml: New file.
* features/i386/i386-avx-mpx.xml: New file.
* features/i386/amd64-avx-mpx.xml: New file.
* features/i386/amd64-avx-mpx-linux.c: Generated.
* features/i386/amd64-avx-mpx.c: Generated.
* features/i386/i386-avx-mpx-linux.c: Generated.
* features/i386/i386-avx-mpx.c: Generated.
* regformats/i386/amd64-avx-mpx-linux.dat: Generated.
* regformats/i386/amd64-avx-mpx.dat: Generated.
* regformats/i386/i386-avx-mpx-linux.dat: Generated.
* regformats/i386/i386-avx-mpx.dat: Generated.
gdb/gdbserver/ChangeLog:
* Makefile.in (clean): Add removal for i386-avx-mpx.c,
i386-avx-mpx-linux.c, amd64-avx-mpx.c and amd64-avx-mpx-linux.c.
(i386-avx-mpx.c, i386-avx-mpx-linux.c, amd64-avx-mpx.c)
(amd64-avx-mpx-linux.c): New rules.
(amd64-avx-mpx-linux-ipa.o, i386-avx-mpx-linux-ipa.o): New rule.
* configure.srv (srv_i386_regobj): Add i386-avx-mpx.o.
(srv_i386_linux_regobj): Add i386-avx-mpx-linux.o.
(srv_amd64_regobj): Add amd64-avx-mpx.o.
(srv_amd64_linux_regobj): Add amd64-avx-mpx-linux.o.
(srv_i386_xmlfiles): Add i386/i386-avx-mpx.xml.
(srv_amd64_xmlfiles): Add i386/amd64-avx-mpx.xml.
(srv_i386_linux_xmlfiles): Add i386/i386-avx-mpx-linux.xml.
(srv_amd64_linux_xmlfiles): Add i386/amd64-avx-mpx-linux.xml.
(ipa_i386_linux_regobj): Add i386-avx-mpx-linux-ipa.o.
(ipa_amd64_linux_regobj): Add amd64-avx-mpx-linux-ipa.o.
* linux-x86-low.c (x86_linux_read_description): Add case for
X86_XSTATE_AVX_MPX_MASK.
(x86_get_ipa_tdesc_idx): Add cases for avx_mpx.
(initialize_low_arch): Call init_registers_amd64_avx_mpx_linux and
init_registers_i386_avx_mpx_linux.
* linux-i386-ipa.c (get_ipa_tdesc): Add case for avx_mpx.
(initialize_low_tracepoint): Call
init_registers_i386_avx_mpx_linux.
* linux-amd64-ipa.c (get_ipa_tdesc): Add case for avx_mpx.
(initialize_low_tracepoint): Call
init_registers_amd64_avx_mpx_linux.
* linux-x86-tdesc.h (X86_TDESC_AVX_MPX): New enum value.
(init_registers_amd64_avx_mpx_linux, tdesc_amd64_avx_mpx_linux)
(init_registers_i386_avx_mpx_linux, tdesc_i386_avx_mpx_linux): New
declarations.
Making all-stop run on top of non-stop caused a small regression
in behavior. This was observed on x86_64-linux. The attached testcase
is in C whereas the investigation was done with an Ada program,
but it's the same scenario, and using a C testcase allows wider testing.
Basically: I am debugging a single-threaded program, and currently
stopped inside a function provided by a shared-library, at a line
calling a subprogram provided by a second shared library, and trying
to "next" over that function call.
Before we changed the default all-stop behavior, we had:
7 Impl_Initialize; -- Stop here and try "next" over this line
(gdb) n
8 return 5; <<-- OK
But now, "next" just stops much earlier:
(gdb) n
0x00007ffff7bd8560 in impl.initialize@plt () from /[...]/lib/libpck.so
What happens is that next stops at a call instruction, which calls
the function's PLT, and GDB fails to notice that the inferior stepped
into a subroutine, and so decides that we're done. We can see another
symptom of the same issue by looking at the backtrace at the point
GDB stopped:
(gdb) bt
#0 0x00007ffff7bd8560 in impl.initialize@plt ()
from /[...]/lib/libpck.so
#1 0x00000000f7bd86f9 in ?? ()
#2 0x00007fffffffdf50 in ?? ()
#3 0x0000000000401893 in a () at /[...]/a.adb:7
Backtrace stopped: frame did not save the PC
With a functioning GDB, the backtrace looks like the following instead:
#0 0x00007ffff7bd8560 in impl.initialize@plt ()
from /[...]/lib/libpck.so
#1 0x00007ffff7bd86f9 in sub () at /[...]/pck.adb:7
#2 0x0000000000401893 in a () at /[...]/a.adb:7
Note how, for frame #1, the address looks quite similar, except
for the high-order bits not being set:
#1 0x00007ffff7bd86f9 in sub () at /[...]/pck.adb:7 <<<-- OK
#1 0x00000000f7bd86f9 in ?? () <<<-- WRONG
^^^^
||||
Wrong
Investigating this further led me to displaced stepping.
As we are "next"-ing from a location where a breakpoint is inserted,
we need to step out of it, and since we're on non-stop mode, we need
to do it using displaced stepping. And looking at
amd64-tdep.c:amd64_displaced_step_fixup, I found the code that handles
the return address:
regcache_cooked_read_unsigned (regs, AMD64_RSP_REGNUM, &rsp);
retaddr = read_memory_unsigned_integer (rsp, retaddr_len, byte_order);
retaddr = (retaddr - insn_offset) & 0xffffffffUL;
The mask used to compute retaddr looks wrong to me, keeping only
4 bytes instead of 8, and explains why the high order bits of
the backtrace are unset. What happens is that, after the displaced
stepping has completed, GDB restores that return address at the location
where the program expects it. But because the top half bits of
the address have been masked out, the return address is now invalid.
The incorrect behavior of the "next" command and the backtrace at
that location are the first symptoms of that. Another symptom is
that this actually alters the behavior of the program, where a "cont"
from there soon leads to a SEGV when the inferior tries to jump back
to that incorrect return address:
(gdb) c
Continuing.
Program received signal SIGSEGV, Segmentation fault.
0x00000000f7bd86f9 in ?? ()
^^^^^^^^^^^^^^^^^^
This patch fixes the issue by using a mask that seems more appropriate
for this architecture.
gdb/ChangeLog:
* amd64-tdep.c (amd64_displaced_step_fixup): Fix the mask used to
compute RETADDR.
gdb/testsuite/ChangeLog:
* gdb.base/dso2dso-dso2.c, gdb.base/dso2dso-dso2.h,
gdb.base/dso2dso-dso1.c, gdb.base/dso2dso-dso1.h, gdb.base/dso2dso.c,
gdb.base/dso2dso.exp: New files.
Tested on x86_64-linux, no regression.
We concluded that gdbarch_in_function_epilogue_p is misnamed, since it
returns true if the given PC is one instruction after the one that
destroyed the stack (which isn't necessarily inside an epilogue),
therefore it should be renamed to stack_frame_destroyed_p.
I also took the liberty of renaming the arch-specific implementations to
*_stack_frame_destroyed_p as well for consistency.
gdb:
2015-05-26 Martin Galvan <martin.galvan@tallertechnologies.com>
* amd64-tdep.c: Replace in_function_epilogue_p with
stack_frame_destroyed_p throughout.
* arch-utils.c: Ditto.
* arch-utils.h: Ditto.
* arm-tdep.c: Ditto.
* breakpoint.c: Ditto.
* gdbarch.sh: Ditto.
* hppa-tdep.c: Ditto.
* i386-tdep.c: Ditto.
* mips-tdep.c: Ditto.
* nios2-tdep.c: Ditto.
* rs6000-tdep.c: Ditto.
* s390-linux-tdep.c: Ditto.
* score-tdep.c: Ditto.
* sh-tdep.c: Ditto.
* sparc-tdep.c: Ditto.
* sparc-tdep.h: Ditto.
* sparc64-tdep.c: Ditto.
* spu-tdep.c: Ditto.
* tic6x-tdep.c: Ditto.
* tilegx-tdep.c: Ditto.
* xstormy16-tdep.c: Ditto.
* gdbarch.c, gdbarch.h: Re-generated.
Recognize NT_X86_XSTATE notes in FreeBSD process cores. Recent
FreeBSD versions include a note containing the XSAVE state for each
thread in the process when XSAVE is in use. The note stores a copy of
the current XSAVE mask in a reserved section of the machine-defined
XSAVE state at the same offset as Linux's NT_X86_XSTATE note.
For native processes, use the PT_GETXSTATE_INFO ptrace request to
determine if XSAVE is enabled, and if so the active XSAVE state mask
(that is, the value of %xcr0 for the target process) as well as the
size of XSAVE state area. Use the PT_GETXSTATE and PT_SETXSTATE requests
to fetch and store the XSAVE state, respectively, in the BSD x86
native targets.
In addition, the FreeBSD amd64 and i386 native targets now include
"read_description" target methods to determine the correct x86 target
description for the current XSAVE mask. On FreeBSD amd64 this also
properly returns an i386 target description for 32-bit binaries which
allows the 64-bit GDB to run 32-bit binaries.
Note that the ptrace changes are in the BSD native targets, not the
FreeBSD-specific native targets since that is where the other ptrace
register accesses occur. Of the other BSDs, NetBSD and DragonFly use
XSAVE in the kernel but do not currently export the extended state via
ptrace(2). OpenBSD does not currently support XSAVE.
bfd/ChangeLog:
* elf.c (elfcore_grok_note): Recognize NT_X86_XSTATE on
FreeBSD.
(elfcore_write_xstatereg): Use correct note name on FreeBSD.
gdb/ChangeLog:
* amd64-tdep.c (amd64_target_description): New function.
* amd64-tdep.h: Export amd64_target_description and tdesc_amd64.
* amd64bsd-nat.c [PT_GETXSTATE_INFO]: New variable amd64bsd_xsave_len.
(amd64bsd_fetch_inferior_registers) [PT_GETXSTATE_INFO]: Handle
x86 extended save area.
(amd64bsd_store_inferior_registers) [PT_GETXSTATE_INFO]: Likewise.
* amd64bsd-nat.h: Export amd64bsd_xsave_len.
* amd64fbsd-nat.c (amd64fbsd_read_description): New function.
(_initialize_amd64fbsd_nat): Set "to_read_description" to
"amd64fbsd_read_description".
* amd64fbsd-tdep.c (amd64fbsd_core_read_description): New function.
(amd64fbsd_supply_xstateregset): New function.
(amd64fbsd_collect_xstateregset): New function.
Add "amd64fbsd_xstateregset".
(amd64fbsd_iterate_over_regset_sections): New function.
(amd64fbsd_init_abi): Set "xsave_xcr0_offset" to
"I386_FBSD_XSAVE_XCR0_OFFSET".
Add "iterate_over_regset_sections" gdbarch method.
Add "core_read_description" gdbarch method.
* i386-tdep.c (i386_target_description): New function.
* i386-tdep.h: Export i386_target_description and tdesc_i386.
* i386bsd-nat.c [PT_GETXSTATE_INFO]: New variable i386bsd_xsave_len.
(i386bsd_fetch_inferior_registers) [PT_GETXSTATE_INFO]: Handle
x86 extended save area.
(i386bsd_store_inferior_registers) [PT_GETXSTATE_INFO]: Likewise.
* i386bsd-nat.h: Export i386bsd_xsave_len.
* i386fbsd-nat.c (i386fbsd_read_description): New function.
(_initialize_i386fbsd_nat): Set "to_read_description" to
"i386fbsd_read_description".
* i386fbsd-tdep.c (i386fbsd_core_read_xcr0): New function.
(i386fbsd_core_read_description): New function.
(i386fbsd_supply_xstateregset): New function.
(i386fbsd_collect_xstateregset): New function.
Add "i386fbsd_xstateregset".
(i386fbsd_iterate_over_regset_sections): New function.
(i386fbsd4_init_abi): Set "xsave_xcr0_offset" to
"I386_FBSD_XSAVE_XCR0_OFFSET".
Add "iterate_over_regset_sections" gdbarch method.
Add "core_read_description" gdbarch method.
* i386fbsd-tdep.h: New file.