From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 19266 invoked by alias); 10 Oct 2011 01:41:33 -0000 Received: (qmail 19253 invoked by uid 22791); 10 Oct 2011 01:41:31 -0000 X-SWARE-Spam-Status: No, hits=-1.5 required=5.0 tests=AWL,BAYES_00,TW_XF X-Spam-Check-By: sourceware.org Received: from relay1.mentorg.com (HELO relay1.mentorg.com) (192.94.38.131) by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Mon, 10 Oct 2011 01:41:15 +0000 Received: from nat-jpt.mentorg.com ([192.94.33.2] helo=PR1-MAIL.mgc.mentorg.com) by relay1.mentorg.com with esmtp id 1RD4ri-0007WA-Gn from Yao_Qi@mentor.com ; Sun, 09 Oct 2011 18:41:14 -0700 Received: from [127.0.0.1] ([172.16.63.104]) by PR1-MAIL.mgc.mentorg.com with Microsoft SMTPSVC(6.0.3790.1830); Mon, 10 Oct 2011 10:41:12 +0900 Message-ID: <4E924D2F.8020009@codesourcery.com> Date: Mon, 10 Oct 2011 01:41:00 -0000 From: Yao Qi User-Agent: Mozilla/5.0 (X11; Linux i686; rv:6.0.2) Gecko/20110906 Thunderbird/6.0.2 MIME-Version: 1.0 To: Ulrich Weigand CC: "gdb-patches@sourceware.org" Subject: Re: [try 2nd 5/8] Displaced stepping for Thumb 32-bit insns References: <201109141339.p8EDddLk024568@d06av02.portsmouth.uk.ibm.com> In-Reply-To: <201109141339.p8EDddLk024568@d06av02.portsmouth.uk.ibm.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-IsSubscribed: yes Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-patches-owner@sourceware.org X-SW-Source: 2011-10/txt/msg00246.txt.bz2 On 09/14/2011 09:39 PM, Ulrich Weigand wrote: >> > 6. Failures in gdb.base/watchpoint-solib.exp gdb.mi/mi-simplerun.exp. >> > They are caused by displaced stepping instruction `mov r12, #imm`. >> > This instruction should be unmodified-copied to scratch, and execute, >> > but experiment shows we can't. I have a local patch that can control >> > displaced stepping on instructions' level. Once I turn it on for `mov >> > r12, #imm`, these tests will fail. The reason is still unknown to me. >> > >> > 7. Accessing some high addresses. Some instructions (alu_imm) may >> > set PC to a hight address, such as 0xffffxxxx, and displaced stepping of >> > this kind instruction should be handled differently. > I'm afraid I don't quite understand those last two points. Could you > elaborate what exactly is going wrong? > I don't have much details on hand for problem #6, but I can explain problem #7 a little bit here. There are some kernel helpers on ARM in a high page (0xffffXXXX), and application can access them like this, (gdb) disassemble 0x400eaba4,+4 Dump of assembler code from 0x400eaba4 to 0x400eaba8: => 0x400eaba4: sub pc, r0, #31 End of assembler dump. (gdb) p/x $r0 $2 = 0xffff0fff We have some bits in gdb to handle it (arm-linux-tdep.c:arm_catch_kernel_helper_return). The problem here is that when inferior stops at such high address, gdb stops stepping and inserts a step-resume breakpoint, as shown in this log below, displaced: stepping insn e240f01f at 40021ba4 displaced: copying immediate ALU insn e240f01f displaced: read r0 value ffff0fff displaced: read r1 value 0d696914 displaced: read r0 value ffff0fff displaced: read pc value 40021bac displaced: writing r0 value 40021bac displaced: writing r1 value ffff0fff displaced: writing insn e241001f at 000083ac displaced: copy 0x40021ba4->0x83ac: displaced: check mode of 40021ba4 instead of 000083ac displaced: displaced pc to 0x83ac displaced: restored process 2067 0x83ac displaced: read r0 value ffff0fe0 displaced: writing r0 value ffff0fff displaced: writing r1 value 0d696914 displaced: writing pc ffff0fe0 infrun: stop_pc = 0xffff0fe0 infrun: stepped into undebuggable function Obviously, it is not what we want here. What we want here is to continue stepping, and then arm_catch_kernel_helper_return has the chance to handle PC at high address, and make everything correct. -- Yao (齐尧)