Hello Lianbo,
> The number of instructions disassembled by gdb is: spn->value - sp->value, which is much more than actually needed.
> Can you please replace it with this one?
> + sprintf(buf1, "disassemble 0x%lx, 0x%lx", sp->value, spn->value);
What about just doing "disassemble __slab_free":
Also fine to me.
+/*
+ * With CONFIG_SLAB_FREELIST_HARDENED, freelist_ptr's are crypted with xor's,
+ * and for recent release with an additionnal bswap. Some releases prio to 5.7.0
+ * may be using the additionnal bswap. The only easy and reliable way to tell is
+ * to inspect assembly code (eg. "__slab_free") for a bswap instruction.
+ */
+static int
+freelist_ptr_bswap_x86(void)
+{
+ char buf1[BUFSIZE];
+ char buf2[BUFSIZE];
+ char *arglist[MAXARGS];
+ int found;
+ sprintf(buf1, "disassemble __slab_free");
+ open_tmpfile();
+ gdb_pass_through(buf1, pc->tmpfile, GNU_RETURN_ON_ERROR);
It could be good to check the return value of gdb_pass_through(). For example:
if (!gdb_pass_through(buf1, pc->tmpfile, GNU_RETURN_ON_ERROR)) {
close_tmpfile();
return FALSE.
}
+ rewind(pc->tmpfile);
+ found = FALSE;
+ while (fgets(buf2, BUFSIZE, pc->tmpfile)) {
+ if (parse_line(buf2, arglist) < 3)
+ continue;
+ if (STREQ(arglist[2], "bswap")) {
+ found = TRUE;
+ //break;
Here, the above break is still needed.
Thanks.
Lianbo
+ }
+ }
+ close_tmpfile();
+ return found;
+}
Thanks,
Georges