From: Peter Feiner <pfeiner@google.com>
To: kvm@vger.kernel.org, drjones@redhat.com, pbonzini@redhat.com
Cc: pfeiner@google.com
Subject: [kvm-unit-tests v2 3/8] x86: realmode: fix test_sgdt_sidt overflow
Date: Wed, 2 Mar 2016 17:09:33 -0800 [thread overview]
Message-ID: <1456967378-6367-4-git-send-email-pfeiner@google.com> (raw)
In-Reply-To: <1456967378-6367-1-git-send-email-pfeiner@google.com>
In real mode, both sgdt and sidt write 6 bytes to the given memory
address: 2 byte limit, 3 byte address, 1 zero byte. However, the test
was only allocating 4 bytes. Given an inopportune stack layout, the
output was being overwritten and the assertion failed.
I discovered this problem when compiling with -fno-omit-stack-pointer.
Signed-off-by: Peter Feiner <pfeiner@google.com>
---
x86/realmode.c | 23 ++++++++++++-----------
1 file changed, 12 insertions(+), 11 deletions(-)
diff --git a/x86/realmode.c b/x86/realmode.c
index 09e6aa7..6411654 100644
--- a/x86/realmode.c
+++ b/x86/realmode.c
@@ -116,16 +116,18 @@ struct regs {
u32 eip, eflags;
};
+struct table_descr {
+ u16 limit;
+ void *base;
+} __attribute__((packed));
+
static u64 gdt[] = {
0,
0x00cf9b000000ffffull, // flat 32-bit code segment
0x00cf93000000ffffull, // flat 32-bit data segment
};
-static struct {
- u16 limit;
- void *base;
-} __attribute__((packed)) gdt_descr = {
+static struct table_descr gdt_descr = {
sizeof(gdt) - 1,
gdt,
};
@@ -1417,21 +1419,23 @@ static void test_ss_base_for_esp_ebp(void)
report("ss relative addressing (2)", R_AX | R_BX, outregs.ebx == 0x87654321);
}
+extern unsigned long long r_gdt[];
+
static void test_sgdt_sidt(void)
{
MK_INSN(sgdt, "sgdtw (%eax)");
MK_INSN(sidt, "sidtw (%eax)");
- unsigned x, y;
+ struct table_descr x, y;
inregs.eax = (unsigned)&y;
asm volatile("sgdtw %0" : "=m"(x));
exec_in_big_real_mode(&insn_sgdt);
- report("sgdt", 0, x == y);
+ report("sgdt", 0, x.limit == y.limit && x.base == y.base);
inregs.eax = (unsigned)&y;
asm volatile("sidtw %0" : "=m"(x));
exec_in_big_real_mode(&insn_sidt);
- report("sidt", 0, x == y);
+ report("sidt", 0, x.limit == y.limit && x.base == y.base);
}
static void test_sahf(void)
@@ -1734,10 +1738,7 @@ void realmode_start(void)
unsigned long long r_gdt[] = { 0, 0x9b000000ffff, 0x93000000ffff };
-struct __attribute__((packed)) {
- unsigned short limit;
- void *base;
-} r_gdt_descr = { sizeof(r_gdt) - 1, &r_gdt };
+struct table_descr r_gdt_descr = { sizeof(r_gdt) - 1, &r_gdt };
asm(
".section .init \n\t"
--
2.7.0.rc3.207.g0ac5344
next prev parent reply other threads:[~2016-03-03 1:09 UTC|newest]
Thread overview: 65+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-03-01 21:27 [kvm-unit-tests 0/5] Debugging aids Peter Feiner
2016-03-01 21:27 ` [kvm-unit-tests 1/5] lib: print failing assert cond Peter Feiner
2016-03-02 15:04 ` Andrew Jones
2016-03-01 21:27 ` [kvm-unit-tests 2/5] lib: backtrace printing Peter Feiner
2016-03-01 22:58 ` Peter Feiner
2016-03-01 23:07 ` Peter Feiner
2016-03-01 21:27 ` [kvm-unit-tests 3/5] x86: lib: debug dump on unhandled exceptions Peter Feiner
2016-03-01 21:27 ` [kvm-unit-tests 4/5] lib: dump stack on abort() Peter Feiner
2016-03-01 21:29 ` Peter Feiner
2016-03-01 21:27 ` [kvm-unit-tests 5/5] scripts: pretty print stack traces Peter Feiner
2016-03-01 21:34 ` Paolo Bonzini
2016-03-03 9:35 ` Andrew Jones
2016-03-03 12:57 ` Paolo Bonzini
2016-03-03 13:38 ` Andrew Jones
2016-03-03 1:09 ` [kvm-unit-tests v2 0/8] Debugging aids Peter Feiner
2016-03-03 1:09 ` [kvm-unit-tests v2 1/8] x86: emulator: asm fixes Peter Feiner
2016-03-03 1:09 ` [kvm-unit-tests v2 2/8] x86: emulator: disable test_lldt Peter Feiner
2016-03-03 1:09 ` Peter Feiner [this message]
2016-03-03 1:09 ` [kvm-unit-tests v2 4/8] x86: eventinj: make test work with -O0 Peter Feiner
2016-03-03 12:53 ` Paolo Bonzini
2016-03-03 1:09 ` [kvm-unit-tests v2 5/8] lib: backtrace printing Peter Feiner
2016-03-03 9:17 ` Andrew Jones
2016-03-03 17:01 ` Peter Feiner
2016-03-03 17:56 ` Andrew Jones
2016-03-03 1:09 ` [kvm-unit-tests v2 6/8] x86: lib: debug dump on unhandled exceptions Peter Feiner
2016-03-03 1:09 ` [kvm-unit-tests v2 7/8] lib: dump stack on abort() Peter Feiner
2016-03-03 9:19 ` Andrew Jones
2016-03-03 1:09 ` [kvm-unit-tests v2 8/8] scripts: pretty print stack traces Peter Feiner
2016-03-03 9:54 ` Andrew Jones
2016-03-03 12:58 ` [kvm-unit-tests v2 0/8] Debugging aids Paolo Bonzini
2016-03-03 20:48 ` [kvm-unit-tests v3 0/4] " Peter Feiner
2016-03-03 20:48 ` [kvm-unit-tests v3 1/4] lib: backtrace printing Peter Feiner
2016-03-04 10:15 ` Andrew Jones
2016-03-03 20:48 ` [kvm-unit-tests v3 2/4] x86: lib: debug dump on unhandled exceptions Peter Feiner
2016-03-03 20:48 ` [kvm-unit-tests v3 3/4] lib: dump stack on failed assert() Peter Feiner
2016-03-04 10:25 ` Andrew Jones
2016-03-03 20:48 ` [kvm-unit-tests v3 4/4] scripts: pretty print stack traces Peter Feiner
2016-03-04 10:24 ` Andrew Jones
2016-03-04 16:55 ` Peter Feiner
2016-03-04 18:43 ` Andrew Jones
2016-03-04 19:33 ` [PATCH kvm-unit-tests v4 0/6] Debugging aids Peter Feiner
2016-03-04 19:33 ` [PATCH kvm-unit-tests v4 1/5] lib: backtrace printing Peter Feiner
2016-03-04 19:33 ` [PATCH kvm-unit-tests v4 2/5] x86: lib: debug dump on unhandled exceptions Peter Feiner
2016-03-04 19:33 ` [PATCH kvm-unit-tests v4 3/5] lib: dump stack on failed assert() Peter Feiner
2016-03-04 19:34 ` [PATCH kvm-unit-tests v4 4/5] scripts: pretty print stack traces Peter Feiner
2016-03-04 19:34 ` [PATCH kvm-unit-tests v4 5/5] scripts: automatically pretty print stacks Peter Feiner
2016-03-05 11:29 ` Andrew Jones
2016-03-07 17:48 ` Peter Feiner
2016-03-04 19:37 ` [PATCH kvm-unit-tests v4 0/6] Debugging aids Peter Feiner
2016-03-07 17:46 ` [PATCH kvm-unit-tests v5 0/5] " Peter Feiner
2016-03-07 17:46 ` [PATCH kvm-unit-tests v5 1/5] lib: backtrace printing Peter Feiner
2016-03-08 4:24 ` Andrew Jones
2016-03-11 0:31 ` Peter Feiner
2016-03-07 17:46 ` [PATCH kvm-unit-tests v5 2/5] x86: lib: debug dump on unhandled exceptions Peter Feiner
2016-03-07 17:46 ` [PATCH kvm-unit-tests v5 3/5] lib: dump stack on failed assert() Peter Feiner
2016-03-07 17:46 ` [PATCH kvm-unit-tests v5 4/5] scripts: pretty print stack traces Peter Feiner
2016-03-07 17:46 ` [PATCH kvm-unit-tests v5 5/5] scripts: automatically pretty print stacks Peter Feiner
2016-03-08 4:31 ` [PATCH kvm-unit-tests v5 0/5] Debugging aids Andrew Jones
2016-03-11 0:47 ` [PATCH kvm-unit-tests v6 " Peter Feiner
2016-03-11 0:47 ` [PATCH kvm-unit-tests v6 1/5] lib: backtrace printing Peter Feiner
2016-03-11 0:47 ` [PATCH kvm-unit-tests v6 2/5] x86: lib: debug dump on unhandled exceptions Peter Feiner
2016-03-11 0:47 ` [PATCH kvm-unit-tests v6 3/5] lib: dump stack on failed assert() Peter Feiner
2016-03-11 0:47 ` [PATCH kvm-unit-tests v6 4/5] scripts: pretty print stack traces Peter Feiner
2016-03-11 0:47 ` [PATCH kvm-unit-tests v6 5/5] scripts: automatically pretty print stacks Peter Feiner
2016-03-11 2:41 ` [PATCH kvm-unit-tests v6 0/5] Debugging aids Andrew Jones
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1456967378-6367-4-git-send-email-pfeiner@google.com \
--to=pfeiner@google.com \
--cc=drjones@redhat.com \
--cc=kvm@vger.kernel.org \
--cc=pbonzini@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.