From owner-svn-src-all@FreeBSD.ORG Sat Oct 26 03:21:55 2013 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 433F1AE6; Sat, 26 Oct 2013 03:21:55 +0000 (UTC) (envelope-from markj@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 195D72397; Sat, 26 Oct 2013 03:21:55 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.7/8.14.7) with ESMTP id r9Q3Lsf4074540; Sat, 26 Oct 2013 03:21:54 GMT (envelope-from markj@svn.freebsd.org) Received: (from markj@localhost) by svn.freebsd.org (8.14.7/8.14.5/Submit) id r9Q3LsSB074539; Sat, 26 Oct 2013 03:21:54 GMT (envelope-from markj@svn.freebsd.org) Message-Id: <201310260321.r9Q3LsSB074539@svn.freebsd.org> From: Mark Johnston Date: Sat, 26 Oct 2013 03:21:54 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r257143 - head/sys/cddl/contrib/opensolaris/uts/intel/dtrace X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 26 Oct 2013 03:21:55 -0000 Author: markj Date: Sat Oct 26 03:21:54 2013 New Revision: 257143 URL: http://svnweb.freebsd.org/changeset/base/257143 Log: Fix a couple of bugs in the fasttrap emulation of a "push %rbp" instruction: the code was trying to save the stack pointer rather than the frame pointer, and the arguments to copyout(9) were reversed, so nothing ended up being saved on the stack. This would cause process crashes when the pid provider was being used to instrument calls of a function starting with this instruction. Reported by: symbolics@gmx.com Tested by: symbolics@gmx.com (earlier version) MFC after: 2 weeks Modified: head/sys/cddl/contrib/opensolaris/uts/intel/dtrace/fasttrap_isa.c Modified: head/sys/cddl/contrib/opensolaris/uts/intel/dtrace/fasttrap_isa.c ============================================================================== --- head/sys/cddl/contrib/opensolaris/uts/intel/dtrace/fasttrap_isa.c Sat Oct 26 03:21:08 2013 (r257142) +++ head/sys/cddl/contrib/opensolaris/uts/intel/dtrace/fasttrap_isa.c Sat Oct 26 03:21:54 2013 (r257143) @@ -104,6 +104,7 @@ uwrite(proc_t *p, void *kaddr, size_t le #define r_rip r_eip #define r_rflags r_eflags #define r_rsp r_esp +#define r_rbp r_ebp #endif /* @@ -1394,29 +1395,27 @@ fasttrap_pid_probe(struct reg *rp) case FASTTRAP_T_PUSHL_EBP: { int ret = 0; - uintptr_t addr = 0; #ifdef __amd64 if (p->p_model == DATAMODEL_NATIVE) { - addr = rp->r_rsp - sizeof (uintptr_t); - ret = fasttrap_sulword((void *)addr, &rp->r_rsp); + rp->r_rsp -= sizeof (uintptr_t); + ret = fasttrap_sulword(&rp->r_rbp, (void *)rp->r_rsp); } else { #endif #ifdef __i386__ - addr = rp->r_rsp - sizeof (uint32_t); - ret = fasttrap_suword32((void *)addr, &rp->r_rsp); + rp->r_rsp -= sizeof (uint32_t); + ret = fasttrap_suword32(&rp->r_rbp, (void *)rp->r_rsp); #endif #ifdef __amd64 } #endif if (ret == -1) { - fasttrap_sigsegv(p, curthread, addr); + fasttrap_sigsegv(p, curthread, rp->r_rsp); new_pc = pc; break; } - rp->r_rsp = addr; new_pc = pc + tp->ftt_size; break; }