| blob | 4b9dbbab66e87562c26c4573107536b546521d1e |
1 /* Target-dependent code for AMD64.
3 Copyright (C) 2001-2023 Free Software Foundation, Inc.
5 Contributed by Jiri Smid, SuSE Labs.
7 This file is part of GDB.
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>. */
43 #include <algorithm>
54 /* Note that the AMD64 architecture was previously known as x86-64.
55 The latter is (forever) engraved into the canonical system name as
56 returned by config.guess, and used as the name for the AMD64 port
57 of GNU/Linux. The BSD's have renamed their ports to amd64; they
58 don't like to shout. For GDB we prefer the amd64_-prefix over the
59 x86_64_-prefix since it's so much easier to type. */
61 /* Register information. */
64 {
67 /* %r8 is indeed register number 8. */
71 /* %st0 is register number 24. */
75 /* %xmm0 is register number 40. */
79 };
82 {
87 };
90 {
95 };
98 {
103 };
106 {
111 };
114 {
116 };
119 {
122 };
125 {
134 };
137 {
146 };
153 };
156 "pkru"
157 };
159 /* DWARF Register Number Mapping as defined in the System V psABI,
160 section 3.6. */
163 {
164 /* General Purpose Registers RAX, RDX, RCX, RBX, RSI, RDI. */
169 /* Frame Pointer Register RBP. */
170 AMD64_RBP_REGNUM,
172 /* Stack Pointer Register RSP. */
173 AMD64_RSP_REGNUM,
175 /* Extended Integer Registers 8 - 15. */
185 /* Return Address RA. Mapped to RIP. */
186 AMD64_RIP_REGNUM,
188 /* SSE Registers 0 - 7. */
194 /* Extended SSE Registers 8 - 15. */
200 /* Floating Point Registers 0-7. */
206 /* MMX Registers 0 - 7.
207 We have to handle those registers specifically, as their register
208 number within GDB depends on the target (or they may even not be
209 available at all). */
212 /* Control and Status Flags Register. */
213 AMD64_EFLAGS_REGNUM,
215 /* Selector Registers. */
216 AMD64_ES_REGNUM,
217 AMD64_CS_REGNUM,
218 AMD64_SS_REGNUM,
219 AMD64_DS_REGNUM,
220 AMD64_FS_REGNUM,
221 AMD64_GS_REGNUM,
225 /* Segment Base Address Registers. */
231 /* Special Selector Registers. */
235 /* Floating Point Control Registers. */
236 AMD64_MXCSR_REGNUM,
237 AMD64_FCTRL_REGNUM,
238 AMD64_FSTAT_REGNUM
239 };
244 /* Convert DWARF register number REG to the appropriate register
245 number used by GDB. */
247 static int
249 {
262 }
264 /* Map architectural register numbers to gdb register numbers. */
267 {
283 AMD64_R15_REGNUM /* %r15 */
284 };
289 /* Convert architectural register number REG to the appropriate register
290 number used by GDB. */
292 static int
294 {
298 }
300 /* Register names for byte pseudo-registers. */
303 {
307 };
309 /* Number of lower byte registers. */
310 #define AMD64_NUM_LOWER_BYTE_REGS 16
312 /* Register names for word pseudo-registers. */
315 {
318 };
320 /* Register names for dword pseudo-registers. */
323 {
326 "eip"
327 };
329 /* Return the name of register REGNUM. */
333 {
347 else
349 }
354 {
358 {
361 /* Extract (always little endian). */
363 {
366 /* Special handling for AH, BH, CH, DH. */
368 }
369 else
371 }
373 {
377 }
378 else
380 }
382 static void
385 {
389 {
393 {
396 }
397 else
399 }
401 {
404 }
405 else
407 }
409 /* Implement the 'ax_pseudo_register_collect' gdbarch method. */
411 static int
414 {
418 {
423 else
426 }
428 {
433 }
434 else
436 }
438 \f
440 /* Register classes as defined in the psABI. */
442 enum amd64_reg_class
443 {
444 AMD64_INTEGER,
445 AMD64_SSE,
446 AMD64_SSEUP,
447 AMD64_X87,
448 AMD64_X87UP,
449 AMD64_COMPLEX_X87,
450 AMD64_NO_CLASS,
451 AMD64_MEMORY
452 };
454 /* Return the union class of CLASS1 and CLASS2. See the psABI for
455 details. */
457 static enum amd64_reg_class
459 {
460 /* Rule (a): If both classes are equal, this is the resulting class. */
464 /* Rule (b): If one of the classes is NO_CLASS, the resulting class
465 is the other class. */
471 /* Rule (c): If one of the classes is MEMORY, the result is MEMORY. */
475 /* Rule (d): If one of the classes is INTEGER, the result is INTEGER. */
479 /* Rule (e): If one of the classes is X87, X87UP, COMPLEX_X87 class,
480 MEMORY is used as class. */
486 /* Rule (f): Otherwise class SSE is used. */
488 }
492 /* Return true if TYPE is a structure or union with unaligned fields. */
494 static bool
496 {
499 {
501 {
504 /* Ignore static fields, empty fields (for example nested
505 empty structures), and bitfields (these are handled by
506 the caller). */
528 }
529 }
532 }
534 /* Classify field I of TYPE starting at BITOFFSET according to the rules for
535 structures and union types, and store the result in THECLASS. */
537 static void
541 {
549 /* Ignore static fields, or empty fields, for example nested
550 empty structures.*/
560 {
561 /* Each field of an object is classified recursively. */
566 }
573 /* This is a bit of an odd case: We have a field that would
574 normally fit in one of the two eightbytes, except that
575 it is placed in a way that this field straddles them.
576 This has been seen with a structure containing an array.
578 The ABI is a bit unclear in this case, but we assume that
579 this field's class (stored in subclass[0]) must also be merged
580 into class[1]. In other words, our field has a piece stored
581 in the second eight-byte, and thus its class applies to
582 the second eight-byte as well.
584 In the case where the field length exceeds 8 bytes,
585 it should not be necessary to merge the field class
586 into class[1]. As LEN > 8, subclass[1] is necessarily
587 different from AMD64_NO_CLASS. If subclass[1] is equal
588 to subclass[0], then the normal class[1]/subclass[1]
589 merging will take care of everything. For subclass[1]
590 to be different from subclass[0], I can only see the case
591 where we have a SSE/SSEUP or X87/X87UP pair, which both
592 use up all 16 bytes of the aggregate, and are already
593 handled just fine (because each portion sits on its own
594 8-byte). */
598 }
600 /* Classify TYPE according to the rules for aggregate (structures and
601 arrays) and union types, and store the result in CLASS. */
603 static void
605 {
606 /* 1. If the size of an object is larger than two times eight bytes, or
607 it is a non-trivial C++ object, or it has unaligned fields, then it
608 has class memory.
610 It is important that the trivially_copyable check is before the
611 unaligned fields check, as C++ classes with virtual base classes
612 will have fields (for the virtual base classes) with non-constant
613 loc_bitpos attributes, which will cause an assert to trigger within
614 the unaligned field check. As classes with virtual bases are not
615 trivially copyable, checking that first avoids this problem. */
620 {
623 }
625 /* 2. Both eightbytes get initialized to class NO_CLASS. */
628 /* 3. Each field of an object is classified recursively so that
629 always two fields are considered. The resulting class is
630 calculated according to the classes of the fields in the
631 eightbyte: */
634 {
637 /* All fields in an array have the same type. */
641 }
642 else
643 {
646 /* Structure or union. */
652 }
654 /* 4. Then a post merger cleanup is done: */
656 /* Rule (a): If one of the classes is MEMORY, the whole argument is
657 passed in memory. */
661 /* Rule (b): If SSEUP is not preceded by SSE, it is converted to
662 SSE. */
667 }
669 /* Classify TYPE, and store the result in CLASS. */
671 static void
673 {
679 /* Arguments of types (signed and unsigned) _Bool, char, short, int,
680 long, long long, and pointers are in the INTEGER class. Similarly,
681 range types, used by languages such as Ada, are also in the INTEGER
682 class. */
690 /* Arguments of types _Float16, float, double, _Decimal32, _Decimal64 and
691 __m64 are in class SSE. */
694 /* FIXME: __m64 . */
697 /* Arguments of types __float128, _Decimal128 and __m128 are split into
698 two halves. The least significant ones belong to class SSE, the most
699 significant one to class SSEUP. */
701 /* FIXME: __float128, __m128. */
704 /* The 64-bit mantissa of arguments of type long double belongs to
705 class X87, the 16-bit exponent plus 6 bytes of padding belongs to
706 class X87UP. */
708 /* Class X87 and X87UP. */
711 /* Arguments of complex T - where T is one of the types _Float16, float or
712 double - get treated as if they are implemented as:
714 struct complexT {
715 T real;
716 T imag;
717 };
719 */
725 /* A variable of type complex long double is classified as type
726 COMPLEX_X87. */
730 /* Aggregates. */
734 }
736 static enum return_value_convention
740 {
751 /* 1. Classify the return type with the classification algorithm. */
754 /* 2. If the type has class MEMORY, then the caller provides space
755 for the return value and passes the address of this storage in
756 %rdi as if it were the first argument to the function. In effect,
757 this address becomes a hidden first argument.
759 On return %rax will contain the address that has been passed in
760 by the caller in %rdi. */
762 {
763 /* As indicated by the comment above, the ABI guarantees that we
764 can always find the return value just after the function has
765 returned. */
768 {
769 ULONGEST addr;
773 }
776 }
780 {
783 }
785 /* 8. If the class is COMPLEX_X87, the real part of the value is
786 returned in %st0 and the imaginary part in %st1. */
788 {
790 {
793 }
796 {
801 /* Fix up the tag word such that both %st(0) and %st(1) are
802 marked as valid. */
804 }
807 }
813 {
818 {
820 /* 3. If the class is INTEGER, the next available register
821 of the sequence %rax, %rdx is used. */
826 /* 4. If the class is SSE, the next available SSE register
827 of the sequence %xmm0, %xmm1 is used. */
832 /* 5. If the class is SSEUP, the eightbyte is passed in the
833 upper half of the last used SSE register. */
840 /* 6. If the class is X87, the value is returned on the X87
841 stack in %st0 as 80-bit x87 number. */
848 /* 7. If the class is X87UP, the value is returned together
849 with the previous X87 value in %st0. */
861 }
871 }
874 }
875 \f
877 static CORE_ADDR
880 {
882 {
888 AMD64_R9_REGNUM /* %r9 */
889 };
891 {
892 /* %xmm0 ... %xmm7 */
897 };
906 /* Reserve a register for the "hidden" argument. */
908 integer_reg++;
911 {
919 /* Classify argument. */
922 /* Calculate the number of integer and SSE registers needed for
923 this argument. */
925 {
927 needed_integer_regs++;
929 needed_sse_regs++;
930 }
932 /* Check whether enough registers are available, and if the
933 argument should be passed in registers at all. */
937 {
938 /* The argument will be passed on the stack. */
941 }
942 else
943 {
944 /* The argument will be passed in registers. */
951 {
956 {
976 }
982 }
983 }
984 }
986 /* Allocate space for the arguments on the stack. */
989 /* The psABI says that "The end of the input argument area shall be
990 aligned on a 16 byte boundary." */
993 /* Write out the arguments to the stack. */
995 {
1002 }
1004 /* The psABI says that "For calls that may call functions that use
1005 varargs or stdargs (prototype-less calls or calls to functions
1006 containing ellipsis (...) in the declaration) %al is used as
1007 hidden argument to specify the number of SSE registers used. */
1010 }
1012 static CORE_ADDR
1016 function_call_return_method return_method,
1017 CORE_ADDR struct_addr)
1018 {
1022 /* BND registers can be in arbitrary values at the moment of the
1023 inferior call. This can cause boundary violations that are not
1024 due to a real bug or even desired by the user. The best to be done
1025 is set the BND registers to allow access to the whole memory, INIT
1026 state, before pushing the inferior call. */
1029 /* Pass arguments. */
1032 /* Pass "hidden" argument". */
1034 {
1037 }
1039 /* Store return address. */
1044 /* Finally, update the stack pointer... */
1048 /* ...and fake a frame pointer. */
1052 }
1053 \f
1054 /* Displaced instruction handling. */
1056 /* A partially decoded instruction.
1057 This contains enough details for displaced stepping purposes. */
1059 struct amd64_insn
1060 {
1061 /* The number of opcode bytes. */
1063 /* The offset of the REX/VEX instruction encoding prefix or -1 if
1064 not present. */
1066 /* The offset to the first opcode byte. */
1068 /* The offset to the modrm byte or -1 if not present. */
1071 /* The raw instruction. */
1073 };
1075 struct amd64_displaced_step_copy_insn_closure
1077 {
1080 {}
1082 /* For rip-relative insns, saved copy of the reg we use instead of %rip. */
1085 ULONGEST tmp_save;
1087 /* Details of the instruction. */
1090 /* The possibly modified insn. */
1092 };
1094 /* WARNING: Keep onebyte_has_modrm, twobyte_has_modrm in sync with
1095 ../opcodes/i386-dis.c (until libopcodes exports them, or an alternative,
1096 at which point delete these in favor of libopcodes' versions). */
1099 /* 0 1 2 3 4 5 6 7 8 9 a b c d e f */
1100 /* ------------------------------- */
1117 /* ------------------------------- */
1118 /* 0 1 2 3 4 5 6 7 8 9 a b c d e f */
1119 };
1122 /* 0 1 2 3 4 5 6 7 8 9 a b c d e f */
1123 /* ------------------------------- */
1140 /* ------------------------------- */
1141 /* 0 1 2 3 4 5 6 7 8 9 a b c d e f */
1142 };
1146 static int
1148 {
1150 }
1152 /* True if PFX is the start of the 2-byte VEX prefix. */
1154 static bool
1156 {
1158 }
1160 /* True if PFX is the start of the 3-byte VEX prefix. */
1162 static bool
1164 {
1166 }
1168 /* Skip the legacy instruction prefixes in INSN.
1169 We assume INSN is properly sentineled so we don't have to worry
1170 about falling off the end of the buffer. */
1174 {
1176 {
1178 {
1194 }
1196 }
1199 }
1201 /* Return an integer register (other than RSP) that is unused as an input
1202 operand in INSN.
1203 In order to not require adding a rex prefix if the insn doesn't already
1204 have one, the result is restricted to RAX ... RDI, sans RSP.
1205 The register numbering of the result follows architecture ordering,
1206 e.g. RDI = 7. */
1208 static int
1210 {
1211 /* 1 bit for each reg */
1214 /* There can be at most 3 int regs used as inputs in an insn, and we have
1215 7 to choose from (RAX ... RDI, sans RSP).
1216 This allows us to take a conservative approach and keep things simple.
1217 E.g. By avoiding RAX, we don't have to specifically watch for opcodes
1218 that implicitly specify RAX. */
1220 /* Avoid RAX. */
1222 /* Similarily avoid RDX, implicit operand in divides. */
1224 /* Avoid RSP. */
1227 /* If the opcode is one byte long and there's no ModRM byte,
1228 assume the opcode specifies a register. */
1232 /* Mark used regs in the modrm/sib bytes. */
1234 {
1241 /* Assume the reg field of the modrm byte specifies a register. */
1245 {
1250 }
1251 else
1252 {
1254 }
1255 }
1260 /* Finally, find a free reg. */
1261 {
1265 {
1268 }
1270 /* We shouldn't get here. */
1272 }
1273 }
1275 /* Extract the details of INSN that we need. */
1277 static void
1279 {
1290 /* Skip legacy instruction prefixes. */
1293 /* Skip REX/VEX instruction encoding prefixes. */
1295 {
1298 }
1300 {
1301 /* Don't record the offset in this case because this prefix has
1302 no REX.B equivalent. */
1304 }
1306 {
1309 }
1314 {
1315 /* Two or three-byte opcode. */
1319 /* Check for three-byte opcode. */
1321 {
1334 }
1335 }
1336 else
1337 {
1338 /* One-byte opcode. */
1341 }
1344 {
1347 }
1348 }
1350 /* Update %rip-relative addressing in INSN.
1352 %rip-relative addressing only uses a 32-bit displacement.
1353 32 bits is not enough to be guaranteed to cover the distance between where
1354 the real instruction is and where its copy is.
1355 Convert the insn to use base+disp addressing.
1356 We set base = pc + insn_length so we can leave disp unchanged. */
1358 static void
1362 {
1365 CORE_ADDR rip_base;
1368 ULONGEST orig_value;
1370 /* Compute the rip-relative address. */
1375 /* We need a register to hold the address.
1376 Pick one not used in the insn.
1377 NOTE: arch_tmp_regno uses architecture ordering, e.g. RDI = 7. */
1381 /* Position of the not-B bit in the 3-byte VEX prefix (in byte 1). */
1384 /* REX.B should be unset (VEX.!B set) as we were using rip-relative
1385 addressing, but ensure it's unset (set for VEX) anyway, tmp_regno
1386 is not r8-r15. */
1388 {
1394 else
1396 }
1403 /* Convert the ModRM field to be base+disp. */
1413 }
1415 static void
1419 {
1423 {
1427 {
1428 /* The insn uses rip-relative addressing.
1429 Deal with it. */
1431 }
1432 }
1433 }
1435 displaced_step_copy_insn_closure_up
1439 {
1441 /* Extra space for sentinels so fixup_{riprel,displaced_copy} don't have to
1442 continually watch for running off the end of the buffer. */
1451 /* Set up the sentinel space so we don't have to worry about running
1452 off the end of the buffer. An excessive number of leading prefixes
1453 could otherwise cause this. */
1458 /* GDB may get control back after the insn after the syscall.
1459 Presumably this is a kernel bug.
1460 If this is a syscall, make sure there's a nop afterwards. */
1461 {
1466 }
1468 /* Modify the insn to cope with the address where it will be executed from.
1469 In particular, handle any rip-relative addressing. */
1478 /* This is a work around for a problem with g++ 4.8. */
1480 }
1482 static int
1484 {
1488 {
1489 /* jump near, absolute indirect (/4) */
1493 /* jump far, absolute indirect (/5) */
1496 }
1499 }
1501 /* Return non-zero if the instruction DETAILS is a jump, zero otherwise. */
1503 static int
1505 {
1508 /* jump short, relative. */
1512 /* jump near, relative. */
1517 }
1519 static int
1521 {
1525 {
1526 /* Call near, absolute indirect (/2) */
1530 /* Call far, absolute indirect (/3) */
1533 }
1536 }
1538 static int
1540 {
1541 /* NOTE: gcc can emit "repz ; ret". */
1545 {
1555 }
1556 }
1558 static int
1560 {
1566 /* call near, relative */
1571 }
1573 /* Return non-zero if INSN is a system call, and set *LENGTHP to its
1574 length in bytes. Otherwise, return zero. */
1576 static int
1578 {
1582 {
1585 }
1588 }
1590 /* Classify the instruction at ADDR using PRED.
1591 Throw an error if the memory can't be read. */
1593 static int
1596 {
1607 }
1609 /* The gdbarch insn_is_call method. */
1611 static int
1613 {
1615 }
1617 /* The gdbarch insn_is_ret method. */
1619 static int
1621 {
1623 }
1625 /* The gdbarch insn_is_jump method. */
1627 static int
1629 {
1631 }
1633 /* Fix up the state of registers and memory after having single-stepped
1634 a displaced instruction. */
1636 void
1641 {
1642 amd64_displaced_step_copy_insn_closure *dsc
1645 /* The offset we applied to the instruction's address. */
1654 /* If we used a tmp reg, restore it. */
1657 {
1661 }
1663 /* The list of issues to contend with here is taken from
1664 resume_execution in arch/x86/kernel/kprobes.c, Linux 2.6.28.
1665 Yay for Free Software! */
1667 /* Relocate the %rip back to the program's instruction stream,
1668 if necessary. */
1670 /* Except in the case of absolute or indirect jump or call
1671 instructions, or a return instruction, the new rip is relative to
1672 the displaced instruction; make it relative to the original insn.
1673 Well, signal handler returns don't need relocation either, but we use the
1674 value of %rip to recognize those; see below. */
1679 {
1684 /* A signal trampoline system call changes the %rip, resuming
1685 execution of the main program after the signal handler has
1686 returned. That makes them like 'return' instructions; we
1687 shouldn't relocate %rip.
1689 But most system calls don't, and we do need to relocate %rip.
1691 Our heuristic for distinguishing these cases: if stepping
1692 over the system call instruction left control directly after
1693 the instruction, the we relocate --- control almost certainly
1694 doesn't belong in the displaced copy. Otherwise, we assume
1695 the instruction has put control where it belongs, and leave
1696 it unrelocated. Goodness help us if there are PC-relative
1697 system calls. */
1699 /* GDB can get control back after the insn after the syscall.
1700 Presumably this is a kernel bug. Fixup ensures it's a nop, we
1701 add one to the length for it. */
1704 else
1705 {
1708 /* If we just stepped over a breakpoint insn, we don't backup
1709 the pc on purpose; this is to match behaviour without
1710 stepping. */
1717 }
1718 }
1720 /* If the instruction was PUSHFL, then the TF bit will be set in the
1721 pushed value, and should be cleared. We'll leave this for later,
1722 since GDB already messes up the TF flag when stepping over a
1723 pushfl. */
1725 /* If the instruction was a call, the return address now atop the
1726 stack is the address following the copied instruction. We need
1727 to make it the address following the original instruction. */
1729 {
1730 ULONGEST rsp;
1731 ULONGEST retaddr;
1742 }
1743 }
1745 /* If the instruction INSN uses RIP-relative addressing, return the
1746 offset into the raw INSN where the displacement to be adjusted is
1747 found. Returns 0 if the instruction doesn't use RIP-relative
1748 addressing. */
1750 static int
1752 {
1754 {
1758 {
1759 /* The displacement is found right after the ModRM byte. */
1761 }
1762 }
1765 }
1767 static void
1769 {
1772 }
1774 static void
1777 {
1780 /* Extra space for sentinels. */
1791 /* Set up the sentinel space so we don't have to worry about running
1792 off the end of the buffer. An excessive number of leading prefixes
1793 could otherwise cause this. */
1801 /* Skip legacy instruction prefixes. */
1804 /* Adjust calls with 32-bit relative addresses as push/jump, with
1805 the address pushed being the location where the original call in
1806 the user program would return to. */
1808 {
1810 CORE_ADDR ret_addr;
1813 /* Where "ret" in the original code will return to. */
1816 /* If pushing an address higher than or equal to 0x80000000,
1817 avoid 'pushq', as that sign extends its 32-bit operand, which
1818 would be incorrect. */
1820 {
1824 }
1825 else
1826 {
1846 }
1848 /* Push the push. */
1851 /* Convert the relative call to a relative jump. */
1854 /* Adjust the destination offset. */
1863 /* Write the adjusted jump into its displaced location. */
1866 }
1870 {
1871 /* Adjust jumps with 32-bit relative addresses. Calls are
1872 already handled above. */
1875 /* Adjust conditional jumps. */
1878 }
1881 {
1888 }
1890 /* Write the adjusted instruction into its displaced location. */
1892 }
1894 \f
1895 /* The maximum number of saved registers. This should include %rip. */
1896 #define AMD64_NUM_SAVED_REGS AMD64_NUM_GREGS
1898 struct amd64_frame_cache
1899 {
1900 /* Base address. */
1901 CORE_ADDR base;
1903 CORE_ADDR sp_offset;
1904 CORE_ADDR pc;
1906 /* Saved registers. */
1908 CORE_ADDR saved_sp;
1911 /* Do we have a frame? */
1913 };
1915 /* Initialize a frame cache. */
1917 static void
1919 {
1922 /* Base address. */
1928 /* Saved registers. We initialize these to -1 since zero is a valid
1929 offset (that's where %rbp is supposed to be stored).
1930 The values start out as being offsets, and are later converted to
1931 addresses (at which point -1 is interpreted as an address, still meaning
1932 "invalid"). */
1938 /* Frameless until proven otherwise. */
1940 }
1942 /* Allocate and initialize a frame cache. */
1946 {
1952 }
1954 /* GCC 4.4 and later, can put code in the prologue to realign the
1955 stack pointer. Check whether PC points to such code, and update
1956 CACHE accordingly. Return the first instruction after the code
1957 sequence or CURRENT_PC, whichever is smaller. If we don't
1958 recognize the code, return PC. */
1960 static CORE_ADDR
1963 {
1964 /* There are 2 code sequences to re-align stack before the frame
1965 gets set up:
1967 1. Use a caller-saved saved register:
1969 leaq 8(%rsp), %reg
1970 andq $-XXX, %rsp
1971 pushq -8(%reg)
1973 2. Use a callee-saved saved register:
1975 pushq %reg
1976 leaq 16(%rsp), %reg
1977 andq $-XXX, %rsp
1978 pushq -8(%reg)
1980 "andq $-XXX, %rsp" can be either 4 bytes or 7 bytes:
1982 0x48 0x83 0xe4 0xf0 andq $-16, %rsp
1983 0x48 0x81 0xe4 0x00 0xff 0xff 0xff andq $-256, %rsp
1984 */
1993 /* Check caller-saved saved register. The first instruction has
1994 to be "leaq 8(%rsp), %reg". */
1999 {
2000 /* MOD must be binary 10 and R/M must be binary 100. */
2004 /* REG has register number. */
2007 /* Check the REX.R bit. */
2012 }
2013 else
2014 {
2015 /* Check callee-saved saved register. The first instruction
2016 has to be "pushq %reg". */
2022 {
2023 /* Check the REX.B bit. */
2028 }
2029 else
2032 /* Get register. */
2035 offset++;
2037 /* The next instruction has to be "leaq 16(%rsp), %reg". */
2044 /* MOD must be binary 10 and R/M must be binary 100. */
2048 /* REG has register number. */
2051 /* Check the REX.R bit. */
2055 /* Registers in pushq and leaq have to be the same. */
2060 }
2062 /* Rigister can't be %rsp nor %rbp. */
2066 /* The next instruction has to be "andq $-XXX, %rsp". */
2075 /* The next instruction has to be "pushq -8(%reg)". */
2078 offset++;
2081 {
2082 /* Check the REX.B bit. */
2086 }
2087 else
2090 /* 8bit -8 is 0xf8. REG must be binary 110 and MOD must be binary
2091 01. */
2096 /* R/M has register. */
2099 /* Registers in leaq and pushq have to be the same. */
2107 }
2109 /* Similar to amd64_analyze_stack_align for x32. */
2111 static CORE_ADDR
2114 {
2115 /* There are 2 code sequences to re-align stack before the frame
2116 gets set up:
2118 1. Use a caller-saved saved register:
2120 leaq 8(%rsp), %reg
2121 andq $-XXX, %rsp
2122 pushq -8(%reg)
2124 or
2126 [addr32] leal 8(%rsp), %reg
2127 andl $-XXX, %esp
2128 [addr32] pushq -8(%reg)
2130 2. Use a callee-saved saved register:
2132 pushq %reg
2133 leaq 16(%rsp), %reg
2134 andq $-XXX, %rsp
2135 pushq -8(%reg)
2137 or
2139 pushq %reg
2140 [addr32] leal 16(%rsp), %reg
2141 andl $-XXX, %esp
2142 [addr32] pushq -8(%reg)
2144 "andq $-XXX, %rsp" can be either 4 bytes or 7 bytes:
2146 0x48 0x83 0xe4 0xf0 andq $-16, %rsp
2147 0x48 0x81 0xe4 0x00 0xff 0xff 0xff andq $-256, %rsp
2149 "andl $-XXX, %esp" can be either 3 bytes or 6 bytes:
2151 0x83 0xe4 0xf0 andl $-16, %esp
2152 0x81 0xe4 0x00 0xff 0xff 0xff andl $-256, %esp
2153 */
2162 /* Skip optional addr32 prefix. */
2165 /* Check caller-saved saved register. The first instruction has
2166 to be "leaq 8(%rsp), %reg" or "leal 8(%rsp), %reg". */
2171 {
2172 /* MOD must be binary 10 and R/M must be binary 100. */
2176 /* REG has register number. */
2179 /* Check the REX.R bit. */
2184 }
2185 else
2186 {
2187 /* Check callee-saved saved register. The first instruction
2188 has to be "pushq %reg". */
2192 {
2193 /* Check the REX.B bit. */
2198 }
2202 /* Get register. */
2205 offset++;
2207 /* Skip optional addr32 prefix. */
2209 offset++;
2211 /* The next instruction has to be "leaq 16(%rsp), %reg" or
2212 "leal 16(%rsp), %reg". */
2219 /* MOD must be binary 10 and R/M must be binary 100. */
2223 /* REG has register number. */
2226 /* Check the REX.R bit. */
2230 /* Registers in pushq and leaq have to be the same. */
2235 }
2237 /* Rigister can't be %rsp nor %rbp. */
2241 /* The next instruction may be "andq $-XXX, %rsp" or
2242 "andl $-XXX, %esp". */
2244 offset--;
2253 /* Skip optional addr32 prefix. */
2255 offset++;
2257 /* The next instruction has to be "pushq -8(%reg)". */
2260 offset++;
2263 {
2264 /* Check the REX.B bit. */
2268 }
2269 else
2272 /* 8bit -8 is 0xf8. REG must be binary 110 and MOD must be binary
2273 01. */
2278 /* R/M has register. */
2281 /* Registers in leaq and pushq have to be the same. */
2289 }
2291 /* Do a limited analysis of the prologue at PC and update CACHE
2292 accordingly. Bail out early if CURRENT_PC is reached. Return the
2293 address where the analysis stopped.
2295 We will handle only functions beginning with:
2297 pushq %rbp 0x55
2298 movq %rsp, %rbp 0x48 0x89 0xe5 (or 0x48 0x8b 0xec)
2300 or (for the X32 ABI):
2302 pushq %rbp 0x55
2303 movl %esp, %ebp 0x89 0xe5 (or 0x8b 0xec)
2305 The `endbr64` instruction can be found before these sequences, and will be
2306 skipped if found.
2308 Any function that doesn't start with one of these sequences will be
2309 assumed to have no prologue and thus no valid frame pointer in
2310 %rbp. */
2312 static CORE_ADDR
2316 {
2318 /* The `endbr64` instruction. */
2320 /* There are two variations of movq %rsp, %rbp. */
2323 /* Ditto for movl %esp, %ebp. */
2328 gdb_byte op;
2335 else
2340 /* Check for the `endbr64` instruction, skip it if found. */
2342 {
2349 }
2355 {
2356 /* Take into account that we've executed the `pushq %rbp' that
2357 starts this instruction sequence. */
2361 /* If that's all, return now. */
2367 /* Check for `movq %rsp, %rbp'. */
2370 {
2371 /* OK, we actually have a frame. */
2374 }
2376 /* For X32, also check for `movl %esp, %ebp'. */
2378 {
2381 {
2382 /* OK, we actually have a frame. */
2385 }
2386 }
2389 }
2392 }
2394 /* Work around false termination of prologue - GCC PR debug/48827.
2396 START_PC is the first instruction of a function, PC is its minimal already
2397 determined advanced address. Function returns PC if it has nothing to do.
2399 84 c0 test %al,%al
2400 74 23 je after
2401 <-- here is 0 lines advance - the false prologue end marker.
2402 0f 29 85 70 ff ff ff movaps %xmm0,-0x90(%rbp)
2403 0f 29 4d 80 movaps %xmm1,-0x80(%rbp)
2404 0f 29 55 90 movaps %xmm2,-0x70(%rbp)
2405 0f 29 5d a0 movaps %xmm3,-0x60(%rbp)
2406 0f 29 65 b0 movaps %xmm4,-0x50(%rbp)
2407 0f 29 6d c0 movaps %xmm5,-0x40(%rbp)
2408 0f 29 75 d0 movaps %xmm6,-0x30(%rbp)
2409 0f 29 7d e0 movaps %xmm7,-0x20(%rbp)
2410 after: */
2412 static CORE_ADDR
2414 {
2433 /* START_PC can be from overlayed memory, ignored here. */
2437 /* test %al,%al */
2440 /* je AFTER */
2446 {
2447 /* 0x0f 0x29 0b??000101 movaps %xmmreg?,-0x??(%rbp) */
2452 /* 0b01?????? */
2454 {
2455 /* 8-bit displacement. */
2457 }
2458 /* 0b10?????? */
2460 {
2461 /* 32-bit displacement. */
2463 }
2464 else
2466 }
2468 /* je AFTER */
2473 }
2475 /* Return PC of first real instruction. */
2477 static CORE_ADDR
2479 {
2481 CORE_ADDR pc;
2482 CORE_ADDR func_addr;
2485 {
2486 CORE_ADDR post_prologue_pc
2490 /* LLVM backend (Clang/Flang) always emits a line note before the
2491 prologue and another one after. We trust clang and newer Intel
2492 compilers to emit usable line notes. */
2499 }
2508 }
2509 \f
2511 /* Normal frames. */
2513 static void
2516 {
2525 cache);
2528 {
2529 /* We didn't find a valid frame. If we're at the start of a
2530 function, or somewhere half-way its prologue, the function's
2531 frame probably hasn't been fully setup yet. Try to
2532 reconstruct the base address for the stack frame by looking
2533 at the stack pointer. For truly "frameless" functions this
2534 might work too. */
2537 {
2538 /* Stack pointer has been saved. */
2542 /* We're halfway aligning the stack. */
2546 /* This will be added back below. */
2548 }
2549 else
2550 {
2554 }
2555 }
2556 else
2557 {
2560 }
2562 /* Now that we have the base address for the stack frame we can
2563 calculate the value of %rsp in the calling frame. */
2566 /* For normal frames, %rip is stored at 8(%rbp). If we don't have a
2567 frame we find it at the same offset from the reconstructed base
2568 address. If we're halfway aligning the stack, %rip is handled
2569 differently (see above). */
2573 /* Adjust all the saved registers such that they contain addresses
2574 instead of offsets. */
2580 }
2584 {
2593 try
2594 {
2596 }
2598 {
2601 }
2604 }
2606 static enum unwind_stop_reason
2609 {
2616 /* This marks the outermost frame. */
2621 }
2623 static void
2626 {
2633 {
2634 /* This marks the outermost frame. */
2636 }
2637 else
2639 }
2644 {
2659 }
2662 {
2664 NORMAL_FRAME,
2665 amd64_frame_unwind_stop_reason,
2666 amd64_frame_this_id,
2667 amd64_frame_prev_register,
2668 NULL,
2669 default_frame_sniffer
2670 };
2671 \f
2672 /* Generate a bytecode expression to get the value of the saved PC. */
2674 static void
2677 CORE_ADDR scope)
2678 {
2679 /* The following sequence assumes the traditional use of the base
2680 register. */
2686 }
2687 \f
2689 /* Signal trampolines. */
2691 /* FIXME: kettenis/20030419: Perhaps, we can unify the 32-bit and
2692 64-bit variants. This would require using identical frame caches
2693 on both platforms. */
2697 {
2702 CORE_ADDR addr;
2711 try
2712 {
2724 }
2726 {
2729 }
2733 }
2735 static enum unwind_stop_reason
2738 {
2746 }
2748 static void
2751 {
2758 {
2759 /* This marks the outermost frame. */
2761 }
2762 else
2764 }
2769 {
2770 /* Make sure we've initialized the cache. */
2774 }
2776 static int
2778 frame_info_ptr this_frame,
2780 {
2784 /* We shouldn't even bother if we don't have a sigcontext_addr
2785 handler. */
2790 {
2793 }
2796 {
2802 }
2805 }
2808 {
2810 SIGTRAMP_FRAME,
2811 amd64_sigtramp_frame_unwind_stop_reason,
2812 amd64_sigtramp_frame_this_id,
2813 amd64_sigtramp_frame_prev_register,
2814 NULL,
2815 amd64_sigtramp_frame_sniffer
2816 };
2817 \f
2819 static CORE_ADDR
2821 {
2826 }
2829 {
2831 amd64_frame_base_address,
2832 amd64_frame_base_address,
2833 amd64_frame_base_address
2834 };
2836 /* Normal frames, but in a function epilogue. */
2838 /* Implement the stack_frame_destroyed_p gdbarch method.
2840 The epilogue is defined here as the 'ret' instruction, which will
2841 follow any instruction such as 'leave' or 'pop %ebp' that destroys
2842 the function's stack frame. */
2844 static int
2846 {
2847 gdb_byte insn;
2856 }
2858 static int
2860 frame_info_ptr this_frame,
2862 {
2867 /* We're not in the inner frame, so assume we're not in an epilogue. */
2870 bool unwind_valid_p
2873 {
2875 /* Don't override the symtab unwinders, skip
2876 "amd64 epilogue override". */
2878 }
2879 else
2880 {
2882 /* "amd64 epilogue override" unwinder already ran, skip
2883 "amd64 epilogue". */
2885 }
2887 /* Check whether we're in an epilogue. */
2889 }
2891 static int
2893 frame_info_ptr this_frame,
2895 {
2898 }
2900 static int
2902 frame_info_ptr this_frame,
2904 {
2907 }
2911 {
2923 try
2924 {
2925 /* Cache base will be %rsp plus cache->sp_offset (-8). */
2930 /* Cache pc will be the frame func. */
2933 /* The previous value of %rsp is cache->base plus 16. */
2936 /* The saved %rip will be at cache->base plus 8. */
2940 }
2942 {
2945 }
2948 }
2950 static enum unwind_stop_reason
2953 {
2961 }
2963 static void
2967 {
2969 this_cache);
2973 else
2975 }
2978 {
2980 NORMAL_FRAME,
2981 amd64_epilogue_frame_unwind_stop_reason,
2982 amd64_epilogue_frame_this_id,
2983 amd64_frame_prev_register,
2984 NULL,
2985 amd64_epilogue_override_frame_sniffer
2986 };
2989 {
2991 NORMAL_FRAME,
2992 amd64_epilogue_frame_unwind_stop_reason,
2993 amd64_epilogue_frame_this_id,
2994 amd64_frame_prev_register,
2995 NULL,
2996 amd64_epilogue_frame_sniffer
2997 };
2999 static struct frame_id
3001 {
3002 CORE_ADDR fp;
3007 }
3009 /* 16 byte align the SP per frame requirements. */
3011 static CORE_ADDR
3013 {
3015 }
3016 \f
3018 /* Supply register REGNUM from the buffer specified by FPREGS and LEN
3019 in the floating-point register set REGSET to register cache
3020 REGCACHE. If REGNUM is -1, do this for all registers in REGSET. */
3022 static void
3025 {
3031 }
3033 /* Collect register REGNUM from the register cache REGCACHE and store
3034 it in the buffer specified by FPREGS and LEN as described by the
3035 floating-point register set REGSET. If REGNUM is -1, do this for
3036 all registers in REGSET. */
3038 static void
3042 {
3048 }
3051 {
3053 };
3054 \f
3056 /* Figure out where the longjmp will land. Slurp the jmp_buf out of
3057 %rdi. We expect its value to be a pointer to the jmp_buf structure
3058 from which we extract the address that we will land at. This
3059 address is copied into PC. This routine returns non-zero on
3060 success. */
3062 static int
3064 {
3066 CORE_ADDR jb_addr;
3072 /* If JB_PC_OFFSET is -1, we have no way to find out where the
3073 longjmp will land. */
3078 jb_addr= extract_typed_address
3086 }
3089 {
3096 };
3098 /* Implement the "in_indirect_branch_thunk" gdbarch function. */
3100 static bool
3102 {
3104 AMD64_RAX_REGNUM,
3105 AMD64_RIP_REGNUM);
3106 }
3108 void
3111 {
3117 NULL };
3119 NULL };
3121 /* AMD64 generally uses `fxsave' instead of `fsave' for saving its
3122 floating-point registers. */
3134 {
3148 }
3151 {
3155 }
3158 {
3162 }
3165 {
3167 }
3170 {
3174 }
3179 /* Avoid wiring in the MMX registers for now. */
3183 amd64_pseudo_register_read_value);
3186 amd64_ax_pseudo_register_collect);
3190 /* AMD64 has an FPU and 16 SSE registers. */
3194 /* This is what all the fuss is about. */
3199 /* In contrast to the i386, on AMD64 a `long double' actually takes
3200 up 128 bits, even though it's still based on the i387 extended
3201 floating-point format which has only 80 significant bits. */
3206 /* Register numbers of various important registers. */
3212 /* The "default" register numbering scheme for AMD64 is referred to
3213 as the "DWARF Register Number Mapping" in the System V psABI.
3214 The preferred debugging format for all known AMD64 targets is
3215 actually DWARF2, and GCC doesn't seem to support DWARF (that is
3216 DWARF-1), but we provide the same mapping just in case. This
3217 mapping is also used for stabs, which GCC does support. */
3221 /* We don't override SDB_REG_RO_REGNUM, since COFF doesn't seem to
3222 be in use on any of the supported AMD64 targets. */
3224 /* Call dummy code. */
3241 /* Hook the function epilogue frame unwinder. This unwinder is
3242 appended to the list first, so that it supersedes the other
3243 unwinders in function epilogues. */
3248 /* Hook the prologue-based frame unwinders. */
3259 /* SystemTap variables and functions. */
3263 stap_register_indirection_prefixes);
3265 stap_register_indirection_suffixes);
3267 i386_stap_is_single_operand);
3269 i386_stap_parse_special_token);
3275 amd64_in_indirect_branch_thunk);
3278 }
3280 /* Initialize ARCH for x86-64, no osabi. */
3282 static void
3284 {
3287 }
3291 {
3295 {
3301 }
3304 }
3306 void
3309 {
3319 }
3321 /* Initialize ARCH for x64-32, no osabi. */
3323 static void
3325 {
3328 }
3330 /* Return the target description for a specified XSAVE feature mask. */
3334 {
3347 segments);
3350 }
3353 void
3355 {
3357 amd64_none_init_abi);
3359 amd64_x32_none_init_abi);
3360 }
3361 \f
3363 /* The 64-bit FXSAVE format differs from the 32-bit format in the
3364 sense that the instruction pointer and data pointer are simply
3365 64-bit offsets into the code segment and the data segment instead
3366 of a selector offset pair. The functions below store the upper 32
3367 bits of these pointers (instead of just the 16-bits of the segment
3368 selector). */
3370 /* Fill register REGNUM in REGCACHE with the appropriate
3371 floating-point or SSE register value from *FXSAVE. If REGNUM is
3372 -1, do this for all registers. This function masks off any of the
3373 reserved bits in *FXSAVE. */
3375 void
3378 {
3386 {
3393 }
3394 }
3396 /* Similar to amd64_supply_fxsave, but use XSAVE extended state. */
3398 void
3401 {
3409 {
3411 ULONGEST clear_bv;
3415 /* If the FISEG and FOSEG registers have not been initialised yet
3416 (their CLEAR_BV bit is set) then their default values of zero will
3417 have already been setup by I387_SUPPLY_XSAVE. */
3419 {
3424 }
3425 }
3426 }
3428 /* Fill register REGNUM (if it is a floating-point or SSE register) in
3429 *FXSAVE with the value from REGCACHE. If REGNUM is -1, do this for
3430 all registers. This function doesn't touch any of the reserved
3431 bits in *FXSAVE. */
3433 void
3436 {
3444 {
3449 }
3450 }
3452 /* Similar to amd64_collect_fxsave, but use XSAVE extended state. */
3454 void
3457 {
3465 {
3472 }
3473 }