From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 10067 invoked by alias); 21 Aug 2009 03:04:19 -0000 Received: (qmail 10059 invoked by uid 22791); 21 Aug 2009 03:04:18 -0000 X-SWARE-Spam-Status: No, hits=-1.1 required=5.0 tests=AWL,BAYES_00,J_CHICKENPOX_22,J_CHICKENPOX_25,SARE_MSGID_LONG40,SPF_PASS X-Spam-Check-By: sourceware.org Received: from mail-px0-f193.google.com (HELO mail-px0-f193.google.com) (209.85.216.193) by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Fri, 21 Aug 2009 03:04:12 +0000 Received: by pxi31 with SMTP id 31so986638pxi.24 for ; Thu, 20 Aug 2009 20:04:10 -0700 (PDT) MIME-Version: 1.0 Received: by 10.142.210.13 with SMTP id i13mr35629wfg.147.1250823850084; Thu, 20 Aug 2009 20:04:10 -0700 (PDT) In-Reply-To: References: <4A7BA1DE.6010103@vmware.com> <4A8097B4.2080709@vmware.com> <4A8A2ACD.9000208@vmware.com> From: Hui Zhu Date: Fri, 21 Aug 2009 03:23:00 -0000 Message-ID: Subject: Re: Bug in i386_process_record? To: Michael Snyder Cc: gdb-patches ml Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-IsSubscribed: yes Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-patches-owner@sourceware.org X-SW-Source: 2009-08/txt/msg00333.txt.bz2 On Tue, Aug 18, 2009 at 17:21, Hui Zhu wrote: > > On Tue, Aug 18, 2009 at 12:15, Michael Snyder wrote: > > Hui Zhu wrote: > >> > >> On Tue, Aug 11, 2009 at 05:57, Michael Snyder wro= te: > >>> > >>> Yes, this seems to be better. =A0It records only 4 bytes each time > >>> it is called. > >>> > >>> But there seems to be still an off-by-one error? =A0With the test > >>> program that I provided, we call memset with an argument of > >>> 1024, but we actually record 1025 bytes... this code gets hit > >>> 257 times, with the last time recording only 1 byte. > >>> > >>> > >> > >> Hi Michael, > >> > >> This issue is because: > >> > >> 0xb7edf4e7 : rep stos %eax,%es:(%edi) > >> 0xb7edf4e9 : mov =A0 =A0%edx,%ecx > >> 0xb7edf4eb : rep stos %al,%es:(%edi) > >> 0xb7edf4ed : mov =A0 =A00x8(%esp),%eax > >> 0xb7edf4f1 : pop =A0 =A0%edi > >> > >> If the memcpy size is not align with 4, it will handle by second rep s= tos. > >> Then rep stos will not execute if %ecx is 0. > >> i386_process_record doesn't check %ecx, so it get this error. > >> > >> I make a new patch for it. =A0Please help me review it. > > > > This seems much better. =A0Please give us a change log and post it for = review. > > > > By the way, I'm sorry, I only just realized that I posted two > > completely different bug reports with the exact same subject line. > > ;-( > > > > Don't worry about it. =A0Gmail handle it very well. =A0:) > > Thanks, > Hui > > 2009-08-18 =A0Hui Zhu =A0 > > =A0 =A0 =A0 =A0* record.c (i386_process_record): Remove some error code. > Oops, the changelog is not right. I make a new one. Thanks, Hui 2009-08-21 Hui Zhu * i386-tdep.c (i386_process_record): Fix the error of string ops instructions's handler. > --- > =A0i386-tdep.c | =A0 61 +++++++++++++++++++++++--------------------------= ----------- > =A01 file changed, 24 insertions(+), 37 deletions(-) > > --- a/i386-tdep.c > +++ b/i386-tdep.c > @@ -4441,50 +4441,37 @@ reswitch: > =A0 =A0 =A0 /* insS */ > =A0 =A0 case 0x6c: > =A0 =A0 case 0x6d: > - =A0 =A0 =A0if ((opcode & 1) =3D=3D 0) > - =A0 =A0 =A0 ir.ot =3D OT_BYTE; > - =A0 =A0 =A0else > - =A0 =A0 =A0 ir.ot =3D ir.dflag + OT_WORD; > =A0 =A0 =A0 regcache_raw_read_unsigned (ir.regcache, > - =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0ir.r= egmap[X86_RECORD_REDI_REGNUM], > + =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0ir.r= egmap[X86_RECORD_RECX_REGNUM], > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 &tmpu= longest); > - =A0 =A0 =A0if (!ir.aflag) > - =A0 =A0 =A0 =A0{ > - =A0 =A0 =A0 =A0 =A0tmpulongest &=3D 0xffff; > - =A0 =A0 =A0 =A0 =A0/* addr +=3D ((uint32_t) read_register (I386_ES_REGN= UM)) << 4; */ > - =A0 =A0 =A0 =A0 =A0if (record_debug) > - =A0 =A0 =A0 =A0 =A0 =A0printf_unfiltered (_("Process record ignores the= memory change " > - =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 "of ins= truction at address 0x%s because " > - =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 "it can= 't get the value of the segment " > - =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 "regist= er.\n"), > - =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 paddress (g= dbarch, ir.addr)); > - =A0 =A0 =A0 =A0} > - =A0 =A0 =A0if (prefixes & (PREFIX_REPZ | PREFIX_REPNZ)) > + =A0 =A0 =A0if (tmpulongest) > =A0 =A0 =A0 =A0 { > - =A0 =A0 =A0 =A0 =A0ULONGEST count, eflags; > + =A0 =A0 =A0 =A0 =A0if ((opcode & 1) =3D=3D 0) > + =A0 =A0 =A0 =A0 =A0 ir.ot =3D OT_BYTE; > + =A0 =A0 =A0 =A0 =A0else > + =A0 =A0 =A0 =A0 =A0 ir.ot =3D ir.dflag + OT_WORD; > =A0 =A0 =A0 =A0 =A0 regcache_raw_read_unsigned (ir.regcache, > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 = =A0 ir.regmap[X86_RECORD_REDI_REGNUM], > - =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0= =A0&count); > - =A0 =A0 =A0 =A0 =A0if (!ir.aflag) > - =A0 =A0 =A0 =A0 =A0 =A0count &=3D 0xffff; > - =A0 =A0 =A0 =A0 =A0regcache_raw_read_unsigned (ir.regcache, > - =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0= =A0ir.regmap[X86_RECORD_EFLAGS_REGNUM], > - =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0= =A0&eflags); > - =A0 =A0 =A0 =A0 =A0if ((eflags >> 10) & 0x1) > - =A0 =A0 =A0 =A0 =A0 =A0tmpulongest -=3D (count - 1) * (1 << ir.ot); > - =A0 =A0 =A0 =A0 =A0if (record_arch_list_add_mem (tmpulongest, count * (= 1 << ir.ot))) > - =A0 =A0 =A0 =A0 =A0 =A0return -1; > - =A0 =A0 =A0 =A0 =A0I386_RECORD_ARCH_LIST_ADD_REG (X86_RECORD_RECX_REGNU= M); > - =A0 =A0 =A0 =A0} > - =A0 =A0 =A0else > - =A0 =A0 =A0 =A0{ > + =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0= =A0&tmpulongest); > + =A0 =A0 =A0 =A0 =A0if (ir.aflag) > + =A0 =A0 =A0 =A0 =A0 =A0{ > + =A0 =A0 =A0 =A0 =A0 =A0 =A0/* addr +=3D ((uint32_t) read_register (I386= _ES_REGNUM)) << 4; */ > + =A0 =A0 =A0 =A0 =A0 =A0 =A0if (record_debug) > + =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0printf_unfiltered (_("Process record ign= ores the > memory change " > + =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0= "of instruction at address 0x%s because " > + =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0= "it can't get the value of the segment " > + =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0= "register.\n"), > + =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 pad= dress (gdbarch, ir.addr)); > + =A0 =A0 =A0 =A0 =A0 =A0} > + =A0 =A0 =A0 =A0 =A0if (prefixes & (PREFIX_REPZ | PREFIX_REPNZ)) > + =A0 =A0 =A0 =A0 =A0 =A0I386_RECORD_ARCH_LIST_ADD_REG (X86_RECORD_RECX_R= EGNUM); > =A0 =A0 =A0 =A0 =A0 if (record_arch_list_add_mem (tmpulongest, 1 << ir.ot= )) > =A0 =A0 =A0 =A0 =A0 =A0 return -1; > - =A0 =A0 =A0 =A0} > - =A0 =A0 =A0if (opcode =3D=3D 0xa4 || opcode =3D=3D 0xa5) > - =A0 =A0 =A0 =A0I386_RECORD_ARCH_LIST_ADD_REG (X86_RECORD_RESI_REGNUM); > - =A0 =A0 =A0I386_RECORD_ARCH_LIST_ADD_REG (X86_RECORD_REDI_REGNUM); > - =A0 =A0 =A0I386_RECORD_ARCH_LIST_ADD_REG (X86_RECORD_EFLAGS_REGNUM); > + =A0 =A0 =A0 =A0 =A0if (opcode =3D=3D 0xa4 || opcode =3D=3D 0xa5) > + =A0 =A0 =A0 =A0 =A0 =A0I386_RECORD_ARCH_LIST_ADD_REG (X86_RECORD_RESI_R= EGNUM); > + =A0 =A0 =A0 =A0 =A0I386_RECORD_ARCH_LIST_ADD_REG (X86_RECORD_REDI_REGNU= M); > + =A0 =A0 =A0 =A0 =A0I386_RECORD_ARCH_LIST_ADD_REG (X86_RECORD_EFLAGS_REG= NUM); > + =A0 =A0 =A0 } > =A0 =A0 =A0 break; > > =A0 =A0 =A0 /* cmpsS */