From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gdb-patches-return-45987-listarch-gdb-patches=sources.redhat.com@sourceware.org>
Received: (qmail 23975 invoked by alias); 31 Oct 2006 19:30:49 -0000
Received: (qmail 23961 invoked by uid 22791); 31 Oct 2006 19:30:48 -0000
X-Spam-Check-By: sourceware.org
Received: from nevyn.them.org (HELO nevyn.them.org) (66.93.172.17)     by sourceware.org (qpsmtpd/0.31.1) with ESMTP; Tue, 31 Oct 2006 19:30:39 +0000
Received: from drow by nevyn.them.org with local (Exim 4.54) 	id 1GezJj-0008L4-6F; Tue, 31 Oct 2006 14:30:35 -0500
Date: Tue, 31 Oct 2006 19:30:00 -0000
From: Daniel Jacobowitz <drow@false.org>
To: Andi Kleen <ak@suse.de>
Cc: Datoda <datoda@yahoo.com>, gdb-patches@sourceware.org
Subject: Re: [rfa] Handle amd64-linux %orig_rax
Message-ID: <20061031193035.GA31708@nevyn.them.org>
Mail-Followup-To: Andi Kleen <ak@suse.de>, Datoda <datoda@yahoo.com>, 	gdb-patches@sourceware.org
References: <20061031181702.73135.qmail@web53714.mail.yahoo.com> <200610311940.38617.ak@suse.de> <20061031184924.GA30569@nevyn.them.org> <200610312011.20880.ak@suse.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <200610312011.20880.ak@suse.de>
User-Agent: Mutt/1.5.13 (2006-08-11)
X-IsSubscribed: yes
Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Subscribe: <mailto:gdb-patches-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/gdb-patches/>
List-Post: <mailto:gdb-patches@sourceware.org>
List-Help: <mailto:gdb-patches-help@sourceware.org>, <http://sourceware.org/ml/#faqs>
Sender: gdb-patches-owner@sourceware.org
X-SW-Source: 2006-10/txt/msg00318.txt.bz2

On Tue, Oct 31, 2006 at 08:11:20PM +0100, Andi Kleen wrote:
> 
> > Oh dear.  So if we set registers on the syscall exit path, the
> > kernel/ISA may just eat them.  And we have no reliable way to know
> > whether we're stopped on the syscall exit path.
> 
> If you're single stepping over it you can remember it from
> one instruction before (check if the opcode is SYSCALL or SYSENTER,
> these are unique 2 byte opcodes each)
> 
> If someone sets a breakpoint directly on the return point
> and doesn't single step that wouldn't work, but then you shouldn't care about 
> the previous register state anyways.

This case is usually SIGINT while inside a syscall, e.g. nanosleep. 
That gives us a prompt, and if the user changes $rcx there, we write
into the register - and later it gets overridden.  i.e. we're at the
ptrace_stop call in kernel/signal.c:get_signal_to_deliver.

I'm not quite sure how we're getting into the problem case though?
I'd have guessed we were in sysret_signal and that uses iret.

-- 
Daniel Jacobowitz
CodeSourcery