From: Simon Marchi via Gdb-patches <gdb-patches@sourceware.org>
To: Tom de Vries <tdevries@suse.de>, gdb-patches@sourceware.org
Subject: Re: [PATCH][gdb/server] Don't overwrite fs/gs_base with -m32
Date: Wed, 20 Jan 2021 10:02:53 -0500 [thread overview]
Message-ID: <717c43f6-639a-ded4-d324-3ab97ce297e7@polymtl.ca> (raw)
In-Reply-To: <20210120125910.GA23080@delia>
On 2021-01-20 7:59 a.m., Tom de Vries wrote:
> Hi,
>
> Consider a minimal test-case test.c:
> ...
> int main (void) { return 0; }
> ...
> compiled with -m32:
> ...
> $ gcc test.c -m32
> ...
>
> When running the exec using gdbserver on openSUSE Factory (currently running a
> linux kernel version 5.10.5):
> ...
> $ gdbserver localhost:12345 a.out
> ...
> to which we connect in a gdb session, we run into a segfault in the inferior:
> ...
> $ gdb -batch -q -ex "target remote localhost:12345" -ex continue
> Program received signal SIGSEGV, Segmentation fault.
> 0xf7dd8bd2 in init_cacheinfo () at ../sysdeps/x86/cacheinfo.c:761
> ...
>
> The segfault is caused by gdbserver overwriting $gs_base with 0 using
> PTRACE_SETREGS. After it is overwritten, the next use of $gs in the inferior
> will trigger the segfault.
>
> Before linux kernel version 5.9, the value used by PTRACE_SETREGS for $gs_base
> was ignored, but starting version 5.9, the linux kernel has support for
> intel architecture extension FSGSBASE, which allows users to modify $gs_base,
> and consequently PTRACE_SETREGS can no longer ignore the $gs_base value.
>
> The overwrite of $gs_base with 0 is done by a memset in x86_fill_gregset,
> which was added in commit 9e0aa64f551 "Fix gdbserver qGetTLSAddr for
> x86_64 -m32". The memset intends to zero-extend 32-bit registers that are
> tracked in the regcache to 64-bit when writing them into the PTRACE_SETREGS
> data argument. But in addition, it overwrites other registers that are
> not tracked in the regcache, such as $gs_base.
>
> Fix the segfault by redoing the fix from commit 9e0aa64f551 in minimal form.
>
> Tested on x86_64-linux:
> - openSUSE Leap 15.2 (using kernel version 5.3.18):
> - native
> - gdbserver -m32
> - -m32
> - openSUSE Factory (using kernel version 5.10.5):
> - native
> - m32
>
> Any comments?
>
> Thanks,
> - Tom
This looks good as far as I can tell, but please wait for Markus' to chime in as
well.
Simon
next prev parent reply other threads:[~2021-01-20 15:03 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-01-20 12:59 Tom de Vries
2021-01-20 15:02 ` Simon Marchi via Gdb-patches [this message]
2021-01-20 15:21 ` Metzger, Markus T via Gdb-patches
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=717c43f6-639a-ded4-d324-3ab97ce297e7@polymtl.ca \
--to=gdb-patches@sourceware.org \
--cc=simon.marchi@polymtl.ca \
--cc=tdevries@suse.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox