svn commit: r238669 - head/sys/amd64/amd64
Konstantin Belousov
kib at FreeBSD.org
Sat Jul 21 13:06:38 UTC 2012
Author: kib
Date: Sat Jul 21 13:06:37 2012
New Revision: 238669
URL: http://svn.freebsd.org/changeset/base/238669
Log:
The PT_I386_{GET,SET}XMMREGS and PT_{GET,SET}XSTATE operate on the
stopped threads. Implementation assumes that the thread's FPU context
is spilled into the PCB due to stop. This is mostly true, except when
FPU state for the thread is not initialized. Then the requests operate
on the garbage state which is currently left in the PCB, causing
confusion.
The situation is indeed observed after a signal delivery and before
#NM fault on execution of any FPU instruction in the signal handler,
since sendsig(9) drops FPU state for current thread, clearing
PCB_FPUINITDONE. When inspecting context state for the signal handler,
debugger sees the FPU state of the main program context instead of the
clear state supposed to be provided to handler.
Fix this by forcing clean FPU state in PCB user FPU save area by
performing getfpuregs(9) before accessing user FPU save area in
ptrace_machdep.c.
Note: this change will be merged to i386 kernel as well, where it is
much more important, since e.g. gdb on i386 uses PT_I386_GETXMMREGS to
inspect FPU context on CPUs that support SSE. Amd64 version of gdb
uses PT_GETFPREGS to inspect both 64 and 32 bit processes, which does
not exhibit the bug.
Reported by: bde
MFC after: 1 week
Modified:
head/sys/amd64/amd64/ptrace_machdep.c
Modified: head/sys/amd64/amd64/ptrace_machdep.c
==============================================================================
--- head/sys/amd64/amd64/ptrace_machdep.c Sat Jul 21 13:05:34 2012 (r238668)
+++ head/sys/amd64/amd64/ptrace_machdep.c Sat Jul 21 13:06:37 2012 (r238669)
@@ -50,6 +50,7 @@ cpu_ptrace_xstate(struct thread *td, int
switch (req) {
case PT_GETXSTATE:
+ fpugetregs(td);
savefpu = (char *)(get_pcb_user_save_td(td) + 1);
error = copyout(savefpu, addr,
cpu_max_ext_state_size - sizeof(struct savefpu));
@@ -62,8 +63,10 @@ cpu_ptrace_xstate(struct thread *td, int
}
savefpu = malloc(data, M_TEMP, M_WAITOK);
error = copyin(addr, savefpu, data);
- if (error == 0)
+ if (error == 0) {
+ fpugetregs(td);
error = fpusetxstate(td, savefpu, data);
+ }
free(savefpu, M_TEMP);
break;
@@ -89,11 +92,13 @@ cpu32_ptrace(struct thread *td, int req,
switch (req) {
case PT_I386_GETXMMREGS:
+ fpugetregs(td);
error = copyout(get_pcb_user_save_td(td), addr,
sizeof(*fpstate));
break;
case PT_I386_SETXMMREGS:
+ fpugetregs(td);
fpstate = get_pcb_user_save_td(td);
error = copyin(addr, fpstate, sizeof(*fpstate));
fpstate->sv_env.en_mxcsr &= cpu_mxcsr_mask;
More information about the svn-src-head
mailing list