amd64-mpx: initialize BND register before performing inferior calls.
This patch initializes the BND registers before executing the inferior call. BND registers can be in arbitrary values at the moment of the inferior call. In case the function being called uses as part of the parameters BND register, e.g. when passing a pointer as parameter, the current value of the register will be used. This can cause boundary violations that are not due to a real bug or even desired by the user. In this sense the best to be done is set the BND registers to allow access to the whole memory, i.e. initialized state, before pushing the inferior call. 2017-03-07 Walfred Tedeschi <walfred.tedeschi@intel.com> gdb/ChangeLog: * i387-tdep.h (i387_reset_bnd_regs): Add function definition. * i387-tdep.c (i387_reset_bnd_regs): Add function implementation. * i386-tdep.c (i386_push_dummy_call): Call i387_reset_bnd_regs. * amd64-tdep (amd64_push_dummy_call): Call i387_reset_bnd_regs. gdb/testsuite/ChangeLog: * i386-mpx-call.c: New file. * i386-mpx-call.exp: New file. gdb/doc/ChangeLog: * Memory Protection Extensions: Add information about inferior calls.
This commit is contained in:
Walfred Tedeschi
parent
ea86f53442
commit
4a612d6f67
10 changed files with 599 additions and 0 deletions
|
|
@ -1,3 +1,8 @@
|
|||
2017-03-07 Walfred Tedeschi <walfred.tedeschi@intel.com>
|
||||
|
||||
* Memory Protection Extensions: Add information about inferior
|
||||
calls.
|
||||
|
||||
2017-02-20 Jan Kratochvil <jan.kratochvil@redhat.com>
|
||||
|
||||
* gdb.texinfo (Print Settings, Tail Call Frames): Rename DW_OP_GNU_*,
|
||||
|
|
|
|||
|
|
@ -22552,6 +22552,35 @@ whose bounds are to be changed, @var{lbound} and @var{ubound} are new values
|
|||
for lower and upper bounds respectively.
|
||||
@end table
|
||||
|
||||
When you call an inferior function on an Intel MPX enabled program,
|
||||
GDB sets the inferior's bound registers to the init (disabled) state
|
||||
before calling the function. As a consequence, bounds checks for the
|
||||
pointer arguments passed to the function will always pass.
|
||||
|
||||
This is necessary because when you call an inferior function, the
|
||||
program is usually in the middle of the execution of other function.
|
||||
Since at that point bound registers are in an arbitrary state, not
|
||||
clearing them would lead to random bound violations in the called
|
||||
function.
|
||||
|
||||
You can still examine the influence of the bound registers on the
|
||||
execution of the called function by stopping the execution of the
|
||||
called function at its prologue, setting bound registers, and
|
||||
continuing the execution. For example:
|
||||
|
||||
@smallexample
|
||||
$ break *upper
|
||||
Breakpoint 2 at 0x4009de: file i386-mpx-call.c, line 47.
|
||||
$ print upper (a, b, c, d, 1)
|
||||
Breakpoint 2, upper (a=0x0, b=0x6e0000005b, c=0x0, d=0x0, len=48)....
|
||||
$ print $bnd0
|
||||
{lbound = 0x0, ubound = ffffffff} : size -1
|
||||
@end smallexample
|
||||
|
||||
At this last step the value of bnd0 can be changed for investigation of bound
|
||||
violations caused along the execution of the call. In order to know how to
|
||||
set the bound registers or bound table for the call consult the ABI.
|
||||
|
||||
@node Alpha
|
||||
@subsection Alpha
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue