Certain Registers in amd64 Unavailable to Developers
Shawn Webb
lattera at gmail.com
Tue Jan 17 02:41:33 UTC 2012
Hey stable@,
First off, I'm not too sure if this is the right mailing list (maybe
freebsd-hackers@?). Sorry if it is. This is just the mailing list I
subscribe to, so I thought I'd start here.
Anyways, I'm looking at the regs struct (machine/reg.h) on FreeBSD
9-stable amd64. It appears that struct doesn't contain registers such
as edi and esi. However, FreeBSD amd64's syscall calling convention
mandates their use. I'm using ptrace to get and set the registers.
Anyone know how to grab those registers?
Sample code that shows using edi, esi on amd64 and calls the exit syscall:
[shawn at fbsd-sec ~/tmp]$ uname -a
FreeBSD fbsd-sec 9.0-PRERELEASE FreeBSD 9.0-PRERELEASE #1: Thu Dec 15
06:17:41 MST 2011 shawn at fbsd-sec:/usr/obj/usr/src/sys/SEC amd64
[shawn at fbsd-sec ~/tmp]$ gdb ./test
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "amd64-marcel-freebsd"...(no debugging
symbols found)...
(gdb) disass _start
Dump of assembler code for function _start:
0x0000000000400080 <_start+0>: mov $0x1,%edi
0x0000000000400085 <_start+5>: mov $0x5,%esi
0x000000000040008a <_start+10>: syscall
End of assembler dump.
(gdb) run
Starting program: /usr/home/shawn/tmp/test
Program exited with code 05.
(gdb) exit
Undefined command: "exit". Try "help".
(gdb) [shawn at fbsd-sec ~/tmp]$ file test
test: ELF 64-bit LSB executable, x86-64, version 1 (FreeBSD),
statically linked, not stripped
Thanks,
Shawn
More information about the freebsd-stable
mailing list