From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 12913 invoked by alias); 5 Nov 2008 13:32:03 -0000 Received: (qmail 12823 invoked by uid 22791); 5 Nov 2008 13:32:01 -0000 X-Spam-Check-By: sourceware.org Received: from sibelius.xs4all.nl (HELO sibelius.xs4all.nl) (82.92.89.47) by sourceware.org (qpsmtpd/0.31) with ESMTP; Wed, 05 Nov 2008 13:30:53 +0000 Received: from brahms.sibelius.xs4all.nl (kettenis@localhost.sibelius.xs4all.nl [127.0.0.1]) by brahms.sibelius.xs4all.nl (8.14.3/8.14.3) with ESMTP id mA5DRnLe023755; Wed, 5 Nov 2008 14:27:49 +0100 (CET) Received: (from kettenis@localhost) by brahms.sibelius.xs4all.nl (8.14.3/8.14.3/Submit) id mA5DRm2R015460; Wed, 5 Nov 2008 14:27:49 +0100 (CET) Date: Wed, 05 Nov 2008 13:32:00 -0000 Message-Id: <200811051327.mA5DRm2R015460@brahms.sibelius.xs4all.nl> From: Mark Kettenis To: eliz@gnu.org CC: pedro@codesourcery.com, gdb-patches@sourceware.org, bauerman@br.ibm.com, sergiodj@linux.vnet.ibm.com In-reply-to: (message from Eli Zaretskii on Wed, 05 Nov 2008 06:09:28 +0200) Subject: Re: [PATCH 1/4] 'catch syscall' feature -- =?utf-8?q?=09Architecture-independent=09part?= References: <1225773079.24532.52.camel@miki> <1225836687.20764.21.camel@localhost.localdomain> <200811042230.27666.pedro@codesourcery.com> Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-patches-owner@sourceware.org X-SW-Source: 2008-11/txt/msg00076.txt.bz2 > Date: Wed, 05 Nov 2008 06:09:28 +0200 > From: Eli Zaretskii > > > From: Pedro Alves > > Date: Tue, 4 Nov 2008 22:30:27 +0000 > > Cc: Thiago Jung Bauermann , > > Eli Zaretskii , > > =?utf-8?q?S=C3=A9rgio_Durigan_J=C3=BAnior?= > > > > On Tuesday 04 November 2008 22:11:27, Thiago Jung Bauermann wrote: > > > El mar, 04-11-2008 a las 23:12 +0200, Eli Zaretskii escribió: > > > > Who said that a syscall is necessarily defined by some number? > > > > > > I assumed every OS used numbers to define syscalls ... > > > > > > > More generally, let's say I'd like to implement support for this on > > > > Windows -- how would I need to go about it? > > > > > > ... but from what you are saying it seems that in Windows it's > > > different. What's the proper datatype to represent a syscall there? > > > > Depends on what you're calling a syscall on Windows. > > > > If talking about userland->kernel calls, similarly to this > > new feature, an integer. > > > > http://www.metasploit.com/users/opcode/syscalls.html > > http://www.codeguru.com/cpp/w-p/system/devicedriverdevelopment/article.php/c8035 > > > > strace-like tracers on Windows are usually more interested in > > tracing calls to all kinds of dlls, and they usually do so by > > playing games with the import tables, I believe. > > I was thinking about the latter, as that is what is usually > interesting. I won't stop you from implementing this as a windows-specific feature, but I think we should reserve "catch syscall" for the case where you actually hand over control to the kernel (and therefore wouldn't be able to single-step instructions anymore). Mark