This is the mail archive of the libc-help@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: More on %gs:0x0


On Mon, 2009-08-24 at 19:25 +0100, Mark Seaborn wrote:
> Amittai Aviram <amittai.aviram@yale.edu> wrote:
> 
> > Here is a follow-up to my previous query.  My question remains this:   
> > how do values get into %gs:0x0?
> 
> > The final step will show me zillions of instances of moving data from  
> > location %gs:0x0 to a general purpose register, but not a single  
> > instance of moving data _into_ location %gs:0x0.  How does anything  
> > except 0 ever get into %gs:0x0?
> 
> I'd suggest reading Ulrich Drepper's document about the TLS ABIs -
> http://people.redhat.com/drepper/tls.pdf - and also read about how
> segment registers work on i386.
[...]

Thanks!  I also find it puzzling why glibc's ___printf_fp would fetch a
value from an address that is 32 _below_ the start of the TLB:

ï805bfff:       65 8b 1d 00 00 00 00    mov    %gs:0x0,%ebx
805c006:       b8 e0 ff ff ff          mov    $0xffffffe0,%eax
805c00b:       89 9d f8 fe ff ff       mov    %ebx,-0x108(%ebp)
805c011:       8b 04 03                mov    (%ebx,%eax,1),%eax
805c014:       8b 00                   mov    (%eax),%eax

The first line above fetches the TLB start address (let's call it
tlb_start).  The next instruction loads -32 into eax.  In the fourth
instruction, the value found at the location tlb_start - 32 is loaded
into eax.  Why would the library refer to an address with a negative
offset (or index, in this case) from tlb_start?  Thanks.

Amittai

ï
-  
Amittai F. Aviram
Graduate Student
Computer Science
Yale University
New Haven, CT 06520
203 772 0639 (home) | 646 483 2639 (cell) | 203 432 6492






Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]