From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 1605 invoked by alias); 1 Nov 2006 15:10:19 -0000 Received: (qmail 1594 invoked by uid 22791); 1 Nov 2006 15:10:17 -0000 X-Spam-Check-By: sourceware.org Received: from web53704.mail.yahoo.com (HELO web53704.mail.yahoo.com) (206.190.37.25) by sourceware.org (qpsmtpd/0.31) with SMTP; Wed, 01 Nov 2006 15:10:12 +0000 Received: (qmail 95759 invoked by uid 60001); 1 Nov 2006 15:10:10 -0000 Message-ID: <20061101151010.95757.qmail@web53704.mail.yahoo.com> Received: from [192.52.57.34] by web53704.mail.yahoo.com via HTTP; Wed, 01 Nov 2006 07:10:10 PST Date: Wed, 01 Nov 2006 15:10:00 -0000 From: Datoda Subject: Re: [rfa] Handle amd64-linux %orig_rax To: Daniel Jacobowitz , Andi Kleen , gdb-patches@sourceware.org MIME-Version: 1.0 Content-Type: text/plain; charset=ascii Content-Transfer-Encoding: quoted-printable X-IsSubscribed: yes Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm Precedence: bulk List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-patches-owner@sourceware.org X-SW-Source: 2006-11/txt/msg00003.txt.bz2 Here's the kernel version info: godel:~/gdb-ftp/gdb-6.5.50.20061030/gdb$ uname -a Linux godel 2.6.9-5.ELsmp #1 SMP Wed Jan 5 19:29:47 EST 2005 x86_64 x86_64 = x86_64 GNU/Linux It's EL4 and quite old. Do you know what kernel version would have Andi's p= atch? =20 ----- Original Message ---- From: Daniel Jacobowitz To: Andi Kleen ; Datoda ; gdb-patches@sourcew= are.org Sent: Tuesday, October 31, 2006 2:32:57 PM Subject: Re: [rfa] Handle amd64-linux %orig_rax On Tue, Oct 31, 2006 at 02:30:35PM -0500, Daniel Jacobowitz wrote: > On Tue, Oct 31, 2006 at 08:11:20PM +0100, Andi Kleen wrote: > >=20 > > > Oh dear. So if we set registers on the syscall exit path, the > > > kernel/ISA may just eat them. And we have no reliable way to know > > > whether we're stopped on the syscall exit path. > >=20 > > If you're single stepping over it you can remember it from > > one instruction before (check if the opcode is SYSCALL or SYSENTER, > > these are unique 2 byte opcodes each) > >=20 > > If someone sets a breakpoint directly on the return point > > and doesn't single step that wouldn't work, but then you shouldn't care= about=20 > > the previous register state anyways. >=20 > This case is usually SIGINT while inside a syscall, e.g. nanosleep.=20 > That gives us a prompt, and if the user changes $rcx there, we write > into the register - and later it gets overridden. i.e. we're at the > ptrace_stop call in kernel/signal.c:get_signal_to_deliver. >=20 > I'm not quite sure how we're getting into the problem case though? > I'd have guessed we were in sysret_signal and that uses iret. Datoda, what kernel version were you using? I wonder if this fixed it as a side effect: Commit: 7bf36bbc5e0c09271f9efe22162f8cc3f8ebd3d2=20 Author: Andi Kleen Fri, 07 Apr 2006 19:50:00 +0200=20 [PATCH] x86_64: When user could have changed RIP always force IRET --=20 Daniel Jacobowitz CodeSourcery