From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from simark.ca by simark.ca with LMTP id OacnK1/tu2naMjAAWB0awg (envelope-from ) for ; Thu, 19 Mar 2026 08:34:39 -0400 Authentication-Results: simark.ca; dkim=pass (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=Ptfsla6r; dkim-atps=neutral Received: by simark.ca (Postfix, from userid 112) id ABD5A1E0C3; Thu, 19 Mar 2026 08:34:39 -0400 (EDT) X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-25) on simark.ca X-Spam-Level: X-Spam-Status: No, score=-3.4 required=5.0 tests=ARC_SIGNED,ARC_VALID,BAYES_00, DKIMWL_WL_HIGH,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI, RCVD_IN_DNSWL_MED,RCVD_IN_VALIDITY_CERTIFIED_BLOCKED, RCVD_IN_VALIDITY_RPBL_BLOCKED,RCVD_IN_VALIDITY_SAFE_BLOCKED autolearn=ham autolearn_force=no version=4.0.1 Received: from vm01.sourceware.org (vm01.sourceware.org [38.145.34.32]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519 server-signature ECDSA (prime256v1) server-digest SHA256) (No client certificate requested) by simark.ca (Postfix) with ESMTPS id B11051E04F for ; Thu, 19 Mar 2026 08:34:38 -0400 (EDT) Received: from vm01.sourceware.org (localhost [127.0.0.1]) by sourceware.org (Postfix) with ESMTP id CD4364B19694 for ; Thu, 19 Mar 2026 12:34:37 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org CD4364B19694 Authentication-Results: sourceware.org; dkim=pass (1024-bit key, unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=Ptfsla6r Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by sourceware.org (Postfix) with ESMTP id 605E54B1A2F7 for ; Thu, 19 Mar 2026 12:34:09 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 605E54B1A2F7 Authentication-Results: sourceware.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=redhat.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 605E54B1A2F7 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1773923649; cv=none; b=tp3BCoskMboru/9NAQb+NoDfkJaitaDeozlqt8rZ0Yi+ygwzcLMCAexkzuIf3mmNrCpdsQj3X9FMdiLxD1bGnI8+l1NbY88C7eqI3bexOIkPNWNkRUA2I7Ci1RCYzroMQ56LwwGEGacJIWhUPDcLXA+bCMElgyJwMwH99POm7N4= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1773923649; c=relaxed/simple; bh=+d3YbbnGIkh6aJBYMDMyC0glU1J/JSRg/7tCm4OfW7g=; h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version; b=s7/6tT5LY+JitG+tARu4uiikAv/HcDqiwbMZ1TKCGmnfYI+BOJMmw6LpmKO+z7uWsZFpEpoGvtViHTgMNWYjBAgDs1JioV/mviYdDvbH3ReUCcDv70SAFkE1QPDnnHMlH0WjGQJqGtbRgOURDMPNL5CW0j+CoEWf6yA0ctn4pCE= ARC-Authentication-Results: i=1; server2.sourceware.org DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 605E54B1A2F7 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1773923649; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=Kc/ENdc+lXN90IjBCtGIi1b+5FeLPbzJjty3xnz1x2A=; b=Ptfsla6rvoJ2fIDLJYH1Cc5eqpZtNknJbonnToBsH6Np6cKEQdo0y9hhs2CY4HBAMuFsEz tTKjANpOs4Cm9UPVEkWayI+F1Yt2tyenA7cAsi4JUkbpi7ozzWiaeZVzFapIFrz7Fe2qYN k7p/NPjABI3yPc28nu10WOVWuslnNDA= Received: from mail-wm1-f71.google.com (mail-wm1-f71.google.com [209.85.128.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-393-ClPTaWxOMRmOJpxwQzxykw-1; Thu, 19 Mar 2026 08:34:07 -0400 X-MC-Unique: ClPTaWxOMRmOJpxwQzxykw-1 X-Mimecast-MFC-AGG-ID: ClPTaWxOMRmOJpxwQzxykw_1773923647 Received: by mail-wm1-f71.google.com with SMTP id 5b1f17b1804b1-48539bda3dcso9823915e9.2 for ; Thu, 19 Mar 2026 05:34:07 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1773923646; x=1774528446; h=mime-version:message-id:date:references:in-reply-to:subject:to:from :x-gm-gg:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=Kc/ENdc+lXN90IjBCtGIi1b+5FeLPbzJjty3xnz1x2A=; b=UmDdr5s4h0DjxQJolBrfKFLf127ZLCEcWByv+6bwvmo95l/01jjRFgqgYoZdxKZOTT f399h6ymzZHdENZBFGIQmWLW/VxQeBu4vFb7/ivsBx2vGmkGaVNAx+JVOWYXX3YoBck2 QdQ5QSx/k4Snc0J8n3jwWBjRirBp75mGngEHQC7xQ4A+/yC1WfsVT4t2/oriq13n1rTH uhiMzYLTBlowfyuckaeXM1A4ZymW+43V/6tJnQWbEp6+9FwsvoDwTlnJKzkmF36fgziL ydfWyItrQ065cvQyUoj2kbiwfeONeC3/t3hTb9VYoUFeII8Swrlp3XveuvqUMUDPHyLl 4Tww== X-Forwarded-Encrypted: i=1; AJvYcCWECjF5eIC14/xsOe/P2t/bCPo52Gg09+ybualQPUBFtuLK1eCzsUQUlmGoN/i7YvPrAsbeBPkM6xBAGw==@sourceware.org X-Gm-Message-State: AOJu0YyrDwPggb9G53vgZaOx5F8vcojzy3dE64KhHEkKvDO3IorFiMqf +7NDfmMY6aHJ6XDvHPLxSMH99AY2oyQ8sUP8iQqchA22GFMmNJiyN1prE0DYIFBepwNKKbfqkQJ WAffhb+tyK0apgWnc4K5Cg6xAKm7pMEjXgyoGmnvB626hvMRbQ92s1t7Ab5m7y77RqPiRbmA= X-Gm-Gg: ATEYQzwT0cfUYaMJWTHU3HY5vIOp0f2jYbB6Wvll2+/Rem2Xkln/8fdciuIOobRWDJI dD8OTtOLUj5q+yTMuDvNLv61qGw2vQMD1VA/mk0jeS71SqPSWHTo++bc9USbrbNPxemxXRqKA1j MjxQEHp/vwRXoCDbGnhjZTHbYtGPbvVYJycFX600Gu1/JGleHat6a5K5v5uPWjsW35oBHbn+E43 pxd68bLWBIWwZ/XfoKbLBiXjUWnl0SqzjkAk3jZdqkkWVBk+d8JBgCrNseJBpAK8efJYIHBAjPy gfcUw03iri+bIJvmZ6xHGXAADtYqGjhp3KR5fLg3jOjzHDFb1CDFcYwGz1XBL+2KBPr8neAXFXu YEI0/OUzbui3usqpp/ZPwfPPTAX7MOpf/mfReT6Iml2Q= X-Received: by 2002:a05:600c:8b2e:b0:485:2a4b:7bc3 with SMTP id 5b1f17b1804b1-486f4440fb2mr109928985e9.4.1773923646234; Thu, 19 Mar 2026 05:34:06 -0700 (PDT) X-Received: by 2002:a05:600c:8b2e:b0:485:2a4b:7bc3 with SMTP id 5b1f17b1804b1-486f4440fb2mr109928495e9.4.1773923645626; Thu, 19 Mar 2026 05:34:05 -0700 (PDT) Received: from localhost (92.40.184.48.threembb.co.uk. [92.40.184.48]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-486f8b949e1sm110761785e9.9.2026.03.19.05.34.05 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 19 Mar 2026 05:34:05 -0700 (PDT) From: Andrew Burgess To: Tom de Vries , gdb-patches@sourceware.org Subject: Re: [PATCH] [gdb/tdep] Fix unrelocated pc in i386_displaced_step_fixup In-Reply-To: <20260317071925.3543-1-tdevries@suse.de> References: <20260317071925.3543-1-tdevries@suse.de> Date: Thu, 19 Mar 2026 12:34:03 +0000 Message-ID: <87h5qc577o.fsf@redhat.com> MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-MFC-PROC-ID: DUz63Irb8YUxMrHwxiK32lh4QywJAuCYGLU8IlowVHo_1773923647 X-Mimecast-Originator: redhat.com Content-Type: text/plain X-BeenThere: gdb-patches@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Gdb-patches mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: gdb-patches-bounces~public-inbox=simark.ca@sourceware.org Hi Tom, Thanks for fixing this. Just a couple of minor notes: Tom de Vries writes: > With test-case gdb.threads/next-fork-other-thread.exp and target board > unix/-m32 I run into: > ... > (gdb) next^M > [Switching to Thread 0xf643ab40 (LWP 3267939)]^M > ^M > Thread 5 "next-fork-other" hit Breakpoint 1, main () at \ > next-fork-other-thread.c:73^M > 73 alarm (60);^M > (gdb) FAIL: $exp: fork_func=fork: target-non-stop=off: non-stop=off: \ > displaced-stepping=on: i=$n: next to break here > ... Please can you clean up the log output to remove ^M line endings when quoting it in commit messages. Commit messages are written once, but read possibly multiple times, so it is right that we invest more effort when writing them in order to make them easier to read. Leaving the ^M endings in place just adds unnecessary noise. > > Before we go into how this happens, let's first look at the inferior. > > In main, 4 threads are started with the same thread function, leaving all 5 > threads in a loop: > - the main thread is stuck in a loop calling sleep, and gdb steps through this > loop using next > - the other, non-main threads are stuck in a loop where each thread: > - forks off a child process that exits immediately > - waits for the child process to exit > - calls sleep > > The FAIL happens as follows (following snippets from this gdb.log [1]). > > One of the non-main threads enters __syscall_cancel_arch to do a sycall ( > either to sleep, or to wait). > > Then the non-main thread stops: > ... > [infrun] handle_signal_stop: [2937316.2937324.0] hit another thread's \ > single-step breakpoint^M > [infrun] handle_signal_stop: delayed software breakpoint trap, ignoring^M > [infrun] switch_back_to_stepped_thread: need to step [2937316.2937324.0] \ > over single-step breakpoint^M > ... > because we "hit another thread's single-step breakpoint". > > AFAIU, this is because of the main thread stepping through > __syscall_cancel_arch. > > To handle this, we're going to try displaced stepping. > > The syscall instruction is copied: > ... > [displaced] displaced_step_prepare_throw: original insn 0xf7cdce69: \ > cd 80 int $0x80^M > [displaced] prepare: selected buffer at 0x80490d2^M > ... > to a buffer at _start+2: > ... > 080490d0 <_start>: > 80490d0: 31 ed xor %ebp,%ebp > 80490d2: 5e pop %esi > ... > and we're going to resume execution there. > > However, right after resuming we get a GDB_SIGNAL_CHLD for the same thread. > > Part of handling that is finalizing the displaced stepping: > ... > [displaced] finish: restored 2937316.2937324.0 0x80490d2^M > [displaced] i386_displaced_step_fixup: fixup (0xf7cdce69, 0x80490d2), \ > insn = 0xcd 0x80 ...^M > [displaced] i386_displaced_step_fixup: syscall changed %eip; not relocating^M > [infrun] handle_signal_stop: stop_pc=0x80490d2^M > ... > > The stop pc is 0x80490d2, the address of the copied instruction. In other > words, we've stopped without making progress. > > The problem is that the address is in the displaced stepping buffer, and needs > relocating, but instead we have "syscall changed %eip; not relocating". > > The code in i386_displaced_step_fixup doesn't recognize this situation: > ... > if (i386_syscall_p (insn, &insn_len) > && pc != to + (insn - insn_start) + insn_len > /* GDB can get control back after the insn after the syscall. > Presumably this is a kernel bug. > i386_displaced_step_copy_insn ensures it's a nop, > we add one to the length for it. */ > && pc != to + (insn - insn_start) + insn_len + 1) > displaced_debug_printf ("syscall changed %%eip; not relocating"); > ... > > It only handles the cases where the stop pc is: > - the address after the syscall insn, or > - the address after the nop after the syscall insn > > So, instead of relocating the stop pc back to the original 0xf7cdce69, it > stays 0x80490d2. After resuming at that address, the thread: > - executes the syscall, > - executes the rest of _start, > - enters main, and > - runs into the breakpoint at the start of main. > > Since commit cf141dd8ccd ("gdb: fix reg corruption from displaced stepping on > amd64"), we do handle the "pc == to" case in amd64_displaced_step_fixup: > ... > if (amd64_syscall_p (insn_details, &insn_len) > /* GDB can get control back after the insn after the syscall. > Presumably this is a kernel bug. Fixup ensures its a nop, we > add one to the length for it. */ > && (pc < to || pc > (to + insn_len + 1))) > displaced_debug_printf ("syscall changed %%rip; not relocating"); > ... > > Fix this in the same way. > > Tested on x86_64-linux, with target board unix/-m32. > > On openSUSE Tumbleweed (kernel version 6.19.7), this patch fixes the test-case. > > On openSUSE Leap 16.0 (kernel version 6.12.0), we still run into PR29040. I still see these failures: FAIL: gdb.threads/next-fork-other-thread.exp: fork_func=fork: target-non-stop=off: non-stop=off: displaced-stepping=auto: i=4: next to other line FAIL: gdb.threads/next-fork-other-thread.exp: fork_func=fork: target-non-stop=off: non-stop=off: displaced-stepping=on: i=2: next to other line FAIL: gdb.threads/next-fork-other-thread.exp: fork_func=fork: target-non-stop=off: non-stop=off: displaced-stepping=off: i=4: next to for loop The first two are described by PR gdb/29040, but the third is a different error message, but I don't know if the third failure is a consequence of the first two failures or not. Still I do think the fix you are proposing here is correct, so with the commit message cleaned up: Approved-By: Andrew Burgess Thanks, Andrew > > Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=33997 > > [1] https://sourceware.org/bugzilla/attachment.cgi?id=16660 > --- > gdb/i386-tdep.c | 3 +-- > 1 file changed, 1 insertion(+), 2 deletions(-) > > diff --git a/gdb/i386-tdep.c b/gdb/i386-tdep.c > index b9013e183c2..93357b41b10 100644 > --- a/gdb/i386-tdep.c > +++ b/gdb/i386-tdep.c > @@ -813,12 +813,11 @@ i386_displaced_step_fixup (struct gdbarch *gdbarch, > it unrelocated. Goodness help us if there are PC-relative > system calls. */ > if (i386_syscall_p (insn, &insn_len) > - && pc != to + (insn - insn_start) + insn_len > /* GDB can get control back after the insn after the syscall. > Presumably this is a kernel bug. > i386_displaced_step_copy_insn ensures it's a nop, > we add one to the length for it. */ > - && pc != to + (insn - insn_start) + insn_len + 1) > + && (pc < to || pc > to + (insn - insn_start) + insn_len + 1)) > displaced_debug_printf ("syscall changed %%eip; not relocating"); > else > { > > base-commit: 9cc83ec0ce9b4b75e8cd2b0c46f23d4cbf4b2f2b > -- > 2.51.0