Date: Fri, 13 Dec 2019 12:30:03 +0530 From: karnajit wangkhem <karnajitw@gmail.com> To: freebsd-hackers@freebsd.org Subject: Re: State of register edx on valgrind-freebsd after syscall Message-ID: <CAB6rxaR50Fnk8rYAqemEtbhM3fu%2BCS_y-NwyYgOh0gr9toR71g@mail.gmail.com> In-Reply-To: <CAB6rxaT%2BB0dzCOVpUmM0THMfD5NU4zE_TWMSrvy44q7EEEr5VA@mail.gmail.com> References: <CAB6rxaT%2BB0dzCOVpUmM0THMfD5NU4zE_TWMSrvy44q7EEEr5VA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi All,
Closing on this thread, I got the issue behind this some time back, but
still have to check on a proper fix.
syscall-x86-freebsd.S:
movl %eax, OFFSET_x86_EAX(%ecx) /* save EAX to vex */
movl %edx, OFFSET_x86_EDX(%ecx) /* save EDX to vex */
<<<
We have to probably identify between a syscall that will return a single
word(write syscall) or a double word(lseek).
Regards,
Karan
On Tue, Dec 3, 2019 at 1:06 PM karnajit wangkhem <karnajitw@gmail.com>
wrote:
> Hi All,
>
> Below is the valgrind-freebsd I used
>
> https://www.freshports.org/devel/valgrind
>
> https://bitbucket.org/stass/valgrind-freebsd/get/ce1acb28953f.tar.gz?dummy=/
>
> $ ./valgrind --version
> valgrind-3.10.1
>
> Please consider the following assembly
> ============================================================
> .section .data
> .long 0 /* Valgrind segfaults without this dummy */
> .section .text
> .global _start
> STR0:
> .ascii "Hello World\n"
> kernel:
> int $0x80
> ret
> _start:
> mov $2, %ebx /* Store value 2, 3, 4 in reg ebx, ecx, edx */
> mov $3, %ecx
> mov $4, %edx
> push $12 /* Push arguments on stack as per x86 freebsd
> convention */
> push $STR0
> push $1
> mov $4, %eax /* write syscall no == 4 */
> call kernel
> add %ebx, %eax /* Now lets add all the GP registers */
> add %ecx, %eax
> add %edx, %eax
> push %eax /* We expect 4(edx) + 3(ecx) + 2(ebx) + 12(eax) ==
> 21 */
> mov $1, %eax /* Perform exit syscall */
> call kernel
> ============================================================
>
> compile:
> $ clang --target=i386-unknown-freebsd10.3 -nostdlib -nostdinc reg_minimal.s
>
> $ ./a.out
> Hello World
> $ echo $?
> 21
>
> $ ./valgrind ./a.out
> ==69326== Memcheck, a memory error detector
> ==69326== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
> ==69326== Using Valgrind-3.10.1 and LibVEX; rerun with -h for copyright
> info
> ==69326== Command: ./a.out
> ==69326==
> Hello World
> ==69326==
> ==69326== HEAP SUMMARY:
> ==69326== in use at exit: 0 bytes in 0 blocks
> ==69326== total heap usage: 0 allocs, 0 frees, 0 bytes allocated
> ==69326==
> ==69326== All heap blocks were freed -- no leaks are possible
> ==69326==
> ==69326== For counts of detected and suppressed errors, rerun with: -v
> ==69326== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)
>
> $ echo $?
> 177 <<<<<<<<<< This is
> wrong
>
> Now, if we modify the code slightly to return %edx instead, the return
> value will looks like this
>
> $ echo $?
> 160
>
> So, the reason why eax + ebx + ecx + edx returned 177 instead of 21 was
> because register edx has been clobbered by valgrind instrumentation of
> syscall.
>
> In case of linux, the syscall calling convention is bit different and we
> need to pass the arguments in registers ebx, ecx, edx, but even after the
> syscall, these register value holds the same argument values
> (valgrind-linux valgrind-3.7.0).
>
> Could someone give a pointer to which part of the freebsd-valgrind code
> could be responsible for this bug? Or if possible where I can fix this?
>
> Regards,
> Karan
>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAB6rxaR50Fnk8rYAqemEtbhM3fu%2BCS_y-NwyYgOh0gr9toR71g>