From patchwork Mon Dec 11 22:53:43 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alan Modra X-Patchwork-Id: 24882 Received: (qmail 113439 invoked by alias); 11 Dec 2017 22:53:53 -0000 Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-patches-owner@sourceware.org Delivered-To: mailing list gdb-patches@sourceware.org Received: (qmail 113427 invoked by uid 89); 11 Dec 2017 22:53:53 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-24.4 required=5.0 tests=AWL, BAYES_00, FREEMAIL_FROM, GIT_PATCH_0, GIT_PATCH_1, GIT_PATCH_2, GIT_PATCH_3, RCVD_IN_DNSWL_NONE, SPF_PASS, UNSUBSCRIBE_BODY autolearn=ham version=3.3.2 spammy=Patterns, reversing X-HELO: mail-pg0-f68.google.com Received: from mail-pg0-f68.google.com (HELO mail-pg0-f68.google.com) (74.125.83.68) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Mon, 11 Dec 2017 22:53:51 +0000 Received: by mail-pg0-f68.google.com with SMTP id w7so11993324pgv.6 for ; Mon, 11 Dec 2017 14:53:50 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:subject:message-id:mime-version :content-disposition:user-agent; bh=vUE43ITXCQfqyMkXbAL70h5VSaa7OUl5YBOBfpQvjZ4=; b=UpU6X4kJELsiWOx1PUGlDcnZm65aF+AcwavpljbKmpY+xe6NbOyCxcRKPnc7K7uElg 60WkG7kQzwD5NlbJcTGwgC+zafFKIODeDEcZvIra/qh5xpGc31cxJ3P6TE1YIygicpDE CNHUy55pUK0OZOijCm025V3+NQJE1moq4wU1E0B93LriJo6hFhhSL7xsp97KmoET9zpy FlRnJCmCjSXNhrv73VmNjgjNiKjjVYjV4qvT9u8T14Bpr8sCjf4H4/viB0cMtDK3KUXq Y//02IRQQCUyV9++lHECtaz543aQP0AX1W0KpfMS1UpgJUDHJPQ15BU1ZuNXgpS7oZqg H8iA== X-Gm-Message-State: AKGB3mLt5+BEKDuGHD8hYGyoL95uW+jwolWkktFvUUZ1YKSsxJucWpy0 rTo0j1GcvLErboaLN3+r7wllvw== X-Google-Smtp-Source: ACJfBouHGlS1Nl/T66Qr+82yfecvr/dm7Jz518ggX7Ek9bMyt86TVnM1fhcDgD2M010HUnuSc9csfw== X-Received: by 10.99.51.196 with SMTP id z187mr131276pgz.178.1513032828885; Mon, 11 Dec 2017 14:53:48 -0800 (PST) Received: from bubble.grove.modra.org (CPE-58-175-244-173.hdcz1.win.bigpond.net.au. [58.175.244.173]) by smtp.gmail.com with ESMTPSA id 69sm28432105pft.11.2017.12.11.14.53.47 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 11 Dec 2017 14:53:47 -0800 (PST) Received: by bubble.grove.modra.org (Postfix, from userid 1000) id C7A43C18D1; Tue, 12 Dec 2017 09:23:43 +1030 (ACDT) Date: Tue, 12 Dec 2017 09:23:43 +1030 From: Alan Modra To: gdb-patches@sourceware.org Subject: [PATCH] PR22576, ppc64_skip_trampoline_code uses wrong r2 for EXEC_REVERSE Message-ID: <20171211225343.GC11374@bubble.grove.modra.org> MIME-Version: 1.0 Content-Disposition: inline User-Agent: Mutt/1.5.24 (2015-08-30) The TOC pointer register, r2, on powerpc64 is generally not mentioned in debug info. It is saved and restored by call linkage code, and set to the callee value either by call stub code (ELFv1) or in the callee global entry point code (ELFv2). A call stub uses the caller TOC pointer to access the PLT. So for gdb to read the correct PLT entry in order to determine the destination of the trampoline, gdb needs to know the caller r2. When skipping over trampolines in the normal forward direction the caller r2 is simply the current value of r2 (at the start of the trampoline). However, when reversing over trampolines the current value of r2 is that for the callee. Using that value results in wild reads of memory rather than the correct PLT entry. This patch corrects the value of r2 by using the value saved on the stack for reverse execution. Note that in reverse execution mode it isn't really necessary for skip_trampoline_code to return the actual destination, so we're doing a little more work than needed here. Any non-zero return value would do (and it would be nicer if the interface was changed to return the start of the stub). Tested powerpc64le-linux and powerpc64-linux. OK to apply? PR 22576 * ppc64-tdep.c (ppc64_plt_entry_point): Rewrite to take TOC-relative PLT offset, and retrieve r2 from stack when executing in reverse. (ppc64_standard_linkage1_target): Drop pc param. Calculate offset rather than PLT address. (ppc64_standard_linkage2_target): Likewise. (ppc64_standard_linkage3_target): Likewise. (ppc64_standard_linkage4_target): Likewise. (ppc64_skip_trampoline_code_1): Adjust to suit. diff --git a/gdb/ChangeLog b/gdb/ChangeLog index 78fd713..f81bcff 100644 --- a/gdb/ChangeLog +++ b/gdb/ChangeLog @@ -1,3 +1,15 @@ +2017-12-12 Alan Modra + + PR 22576 + * ppc64-tdep.c (ppc64_plt_entry_point): Rewrite to take TOC-relative + PLT offset, and retrieve r2 from stack when executing in reverse. + (ppc64_standard_linkage1_target): Drop pc param. Calculate offset + rather than PLT address. + (ppc64_standard_linkage2_target): Likewise. + (ppc64_standard_linkage3_target): Likewise. + (ppc64_standard_linkage4_target): Likewise. + (ppc64_skip_trampoline_code_1): Adjust to suit. + 2017-12-11 Pedro Alves * defs.h (elf_sym_fns_lazy_psyms, elf_sym_fns_gdb_index) diff --git a/gdb/ppc64-tdep.c b/gdb/ppc64-tdep.c index 563d253..0de4eed 100644 --- a/gdb/ppc64-tdep.c +++ b/gdb/ppc64-tdep.c @@ -49,15 +49,30 @@ | (((spr) & 0x3e0) << 6) \ | (((xo) & 0x3ff) << 1)) -/* If PLT is the address of a 64-bit PowerPC PLT entry, - return the function's entry point. */ +/* PLT_OFF is the TOC-relative offset of a 64-bit PowerPC PLT entry. + Return the function's entry point. */ static CORE_ADDR -ppc64_plt_entry_point (struct gdbarch *gdbarch, CORE_ADDR plt) +ppc64_plt_entry_point (struct frame_info *frame, CORE_ADDR plt_off) { + struct gdbarch *gdbarch = get_frame_arch (frame); enum bfd_endian byte_order = gdbarch_byte_order (gdbarch); + struct gdbarch_tdep *tdep = gdbarch_tdep (gdbarch); + CORE_ADDR tocp; + + if (execution_direction == EXEC_REVERSE) + { + /* If executing in reverse, r2 will have been stored to the stack. */ + CORE_ADDR sp = get_frame_register_unsigned (frame, + tdep->ppc_gp0_regnum + 1); + unsigned int sp_off = tdep->elf_abi == POWERPC_ELF_V1 ? 40 : 24; + tocp = read_memory_unsigned_integer (sp + sp_off, 8, byte_order); + } + else + tocp = get_frame_register_unsigned (frame, tdep->ppc_gp0_regnum + 2); + /* The first word of the PLT entry is the function entry point. */ - return (CORE_ADDR) read_memory_unsigned_integer (plt, 8, byte_order); + return read_memory_unsigned_integer (tocp + plt_off, 8, byte_order); } /* Patterns for the standard linkage functions. These are built by @@ -377,74 +392,44 @@ static struct ppc_insn_pattern ppc64_standard_linkage8[] = the linkage function. */ /* If the current thread is about to execute a series of instructions - at PC matching the ppc64_standard_linkage pattern, and INSN is the result + matching the ppc64_standard_linkage pattern, and INSN is the result from that pattern match, return the code address to which the standard linkage function will send them. (This doesn't deal with dynamic linker lazy symbol resolution stubs.) */ static CORE_ADDR -ppc64_standard_linkage1_target (struct frame_info *frame, - CORE_ADDR pc, unsigned int *insn) +ppc64_standard_linkage1_target (struct frame_info *frame, unsigned int *insn) { - struct gdbarch *gdbarch = get_frame_arch (frame); - struct gdbarch_tdep *tdep = gdbarch_tdep (gdbarch); - - /* The address of the PLT entry this linkage function references. */ - CORE_ADDR plt - = ((CORE_ADDR) get_frame_register_unsigned (frame, - tdep->ppc_gp0_regnum + 2) - + (ppc_insn_d_field (insn[0]) << 16) - + ppc_insn_ds_field (insn[2])); + CORE_ADDR plt_off = ((ppc_insn_d_field (insn[0]) << 16) + + ppc_insn_ds_field (insn[2])); - return ppc64_plt_entry_point (gdbarch, plt); + return ppc64_plt_entry_point (frame, plt_off); } static CORE_ADDR -ppc64_standard_linkage2_target (struct frame_info *frame, - CORE_ADDR pc, unsigned int *insn) +ppc64_standard_linkage2_target (struct frame_info *frame, unsigned int *insn) { - struct gdbarch *gdbarch = get_frame_arch (frame); - struct gdbarch_tdep *tdep = gdbarch_tdep (gdbarch); - - /* The address of the PLT entry this linkage function references. */ - CORE_ADDR plt - = ((CORE_ADDR) get_frame_register_unsigned (frame, - tdep->ppc_gp0_regnum + 2) - + (ppc_insn_d_field (insn[1]) << 16) - + ppc_insn_ds_field (insn[3])); + CORE_ADDR plt_off = ((ppc_insn_d_field (insn[1]) << 16) + + ppc_insn_ds_field (insn[3])); - return ppc64_plt_entry_point (gdbarch, plt); + return ppc64_plt_entry_point (frame, plt_off); } static CORE_ADDR -ppc64_standard_linkage3_target (struct frame_info *frame, - CORE_ADDR pc, unsigned int *insn) +ppc64_standard_linkage3_target (struct frame_info *frame, unsigned int *insn) { - struct gdbarch *gdbarch = get_frame_arch (frame); - struct gdbarch_tdep *tdep = gdbarch_tdep (gdbarch); + CORE_ADDR plt_off = ppc_insn_ds_field (insn[1]); - /* The address of the PLT entry this linkage function references. */ - CORE_ADDR plt - = ((CORE_ADDR) get_frame_register_unsigned (frame, - tdep->ppc_gp0_regnum + 2) - + ppc_insn_ds_field (insn[1])); - - return ppc64_plt_entry_point (gdbarch, plt); + return ppc64_plt_entry_point (frame, plt_off); } static CORE_ADDR -ppc64_standard_linkage4_target (struct frame_info *frame, - CORE_ADDR pc, unsigned int *insn) +ppc64_standard_linkage4_target (struct frame_info *frame, unsigned int *insn) { - struct gdbarch *gdbarch = get_frame_arch (frame); - struct gdbarch_tdep *tdep = gdbarch_tdep (gdbarch); - - CORE_ADDR plt - = ((CORE_ADDR) get_frame_register_unsigned (frame, tdep->ppc_gp0_regnum + 2) - + (ppc_insn_d_field (insn[1]) << 16) - + ppc_insn_ds_field (insn[2])); + CORE_ADDR plt_off = ((ppc_insn_d_field (insn[1]) << 16) + + ppc_insn_ds_field (insn[2])); - return ppc64_plt_entry_point (gdbarch, plt); + return ppc64_plt_entry_point (frame, plt_off); } @@ -480,39 +465,39 @@ ppc64_skip_trampoline_code_1 (struct frame_info *frame, CORE_ADDR pc) { if (i < ARRAY_SIZE (ppc64_standard_linkage8) - 1 && ppc_insns_match_pattern (frame, pc, ppc64_standard_linkage8, insns)) - pc = ppc64_standard_linkage4_target (frame, pc, insns); + pc = ppc64_standard_linkage4_target (frame, insns); else if (i < ARRAY_SIZE (ppc64_standard_linkage7) - 1 && ppc_insns_match_pattern (frame, pc, ppc64_standard_linkage7, insns)) - pc = ppc64_standard_linkage3_target (frame, pc, insns); + pc = ppc64_standard_linkage3_target (frame, insns); else if (i < ARRAY_SIZE (ppc64_standard_linkage6) - 1 && ppc_insns_match_pattern (frame, pc, ppc64_standard_linkage6, insns)) - pc = ppc64_standard_linkage4_target (frame, pc, insns); + pc = ppc64_standard_linkage4_target (frame, insns); else if (i < ARRAY_SIZE (ppc64_standard_linkage5) - 1 && ppc_insns_match_pattern (frame, pc, ppc64_standard_linkage5, insns) && (insns[8] != 0 || insns[9] != 0)) - pc = ppc64_standard_linkage3_target (frame, pc, insns); + pc = ppc64_standard_linkage3_target (frame, insns); else if (i < ARRAY_SIZE (ppc64_standard_linkage4) - 1 && ppc_insns_match_pattern (frame, pc, ppc64_standard_linkage4, insns) && (insns[9] != 0 || insns[10] != 0)) - pc = ppc64_standard_linkage4_target (frame, pc, insns); + pc = ppc64_standard_linkage4_target (frame, insns); else if (i < ARRAY_SIZE (ppc64_standard_linkage3) - 1 && ppc_insns_match_pattern (frame, pc, ppc64_standard_linkage3, insns) && (insns[8] != 0 || insns[9] != 0)) - pc = ppc64_standard_linkage3_target (frame, pc, insns); + pc = ppc64_standard_linkage3_target (frame, insns); else if (i < ARRAY_SIZE (ppc64_standard_linkage2) - 1 && ppc_insns_match_pattern (frame, pc, ppc64_standard_linkage2, insns) && (insns[10] != 0 || insns[11] != 0)) - pc = ppc64_standard_linkage2_target (frame, pc, insns); + pc = ppc64_standard_linkage2_target (frame, insns); else if (i < ARRAY_SIZE (ppc64_standard_linkage1) - 1 && ppc_insns_match_pattern (frame, pc, ppc64_standard_linkage1, insns)) - pc = ppc64_standard_linkage1_target (frame, pc, insns); + pc = ppc64_standard_linkage1_target (frame, insns); else { /* Scan backward one more instructions if doesn't match. */