From: John Baldwin <jhb@FreeBSD.org>
To: Simon Marchi <simark@simark.ca>, Carl Love <cel@us.ibm.com>,
gdb-patches@sourceware.org
Cc: Rogerio Alves <rogealve@br.ibm.com>
Subject: Re: [PATCH] gdb fix for catch-syscall.exp
Date: Tue, 23 Nov 2021 14:34:08 -0800 [thread overview]
Message-ID: <ebc71ee1-7c1a-2550-3433-2a416268e71c@FreeBSD.org> (raw)
In-Reply-To: <cd52ec02-cf21-3962-e281-46a1851d4fa7@simark.ca>
On 11/23/21 12:34 PM, Simon Marchi wrote:
>> Note that the thread/process that calls execve() does still "return"
>> from the kernel, it just returns to the entry point of the executable
>> with the contents of the user address space wiped. I'm not quite sure
>> how Linux treats this, but on FreeBSD at least this "return" is treated
>> as a successful return from the execve system call. In fact, I think
>> Linux on at least amd64 reports two events: one for an "execve" event and
>> one for the system call return event judging by a commit made in FreeBSD
>> to emulate ptrace() for Linux binaries:
>>
>> https://cgit.freebsd.org/src/commit/?id=6e66030c4c05331f9b0adf87c31f2f233dd3ae1f
>
> Yes, that's what I see on Linux too. With an x86-64 binary:
>
>
> $ ./gdb -q --data-directory=data-directory m64
> Reading symbols from m64...
> (gdb) catch syscall execve
> Catchpoint 1 (syscall 'execve' [59])
> (gdb) r
> Starting program: /home/smarchi/build/binutils-gdb-all-targets/gdb/m64
>
> Catchpoint 1 (call to syscall execve), 0x00007ffff7ea92fb in execve () at ../sysdeps/unix/syscall-template.S:78
> 78 ../sysdeps/unix/syscall-template.S: No such file or directory.
> (gdb) c
> Continuing.
> process 3592054 is executing new program: /home/smarchi/build/binutils-gdb-all-targets/gdb/m64
>
> Catchpoint 1 (returned from syscall execve), 0x00007ffff7fd0100 in _start () from /lib64/ld-linux-x86-64.so.2
>
> and an x86 binary (on an actual x86 kernel, not on top of an x86-64
> kernel):
>
>
> $ ./gdb -q -nx --data-directory=data-directory ./a.out
> Reading symbols from ./a.out...
> (gdb) catch syscall execve
> Catchpoint 1 (syscall 'execve' [11])
> (gdb) r
> Starting program: /home/simark/build/binutils-gdb/gdb/a.out
>
> Catchpoint 1 (call to syscall execve), 0xb7fddcb0 in __kernel_vsyscall ()
> (gdb) c
> Continuing.
> process 3734 is executing new program: /home/simark/build/binutils-gdb/gdb/a.out
>
> Catchpoint 1 (returned from syscall execve), 0xb7fdec60 in ?? () from /lib/ld-linux.so.2
>
> In both cases, we see the execve syscall return at the entry point of
> the dynamic linker/loader. I tested on aarch64 too, same thing.
>
> I indeed see that on powerpc we don't get the return:
>
> $ ./gdb -q -nx --data-directory=data-directory ./a.out
> Reading symbols from ./a.out...
> (gdb) catch syscall execve
> Catchpoint 1 (syscall 'execve' [11])
> (gdb) r
> Starting program: /home/simark/build/binutils-gdb/gdb/a.out
>
> Catchpoint 1 (call to syscall execve), 0x00007ffff7e6f18c in execve () from /lib64/libc.so.6
> (gdb) c
> Continuing.
> process 98693 is executing new program: /home/simark/build/binutils-gdb/gdb/a.out
>
> Catchpoint 1 (call to syscall execve), 0x00007ffff7e6f18c in execve () from /lib64/libc.so.6
>
> The behavior on powerpc sounds like a bug to me, and adjusting the test
> like this patch did just covers it up. It doesn't make sense for that
> behavior to be different per arch, for the same OS.
>
> If you all agree that it's a bug, I would suggest reverting this patch
> and making a patch that kfails the test when on powerpc. And ideally,
> someone should dig to understand why we don't see the return on powerpc
> (and fix it), but I'm not here to tell what other people should work on
> :).
I do think this is likely a kernel bug. In FreeBSD's case we report a single
event for both the syscall exit and exec event (but set flags to indicate that
both events are present.. in practice for GDB I think this means that on
FreeBSD we only report the exec event. Not sure if it would be more correct
to report two events to the core in that case.) I do think that a given OS
should probably be consistent here across architectures.
--
John Baldwin
next prev parent reply other threads:[~2021-11-23 22:34 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-11-17 23:30 Carl Love via Gdb-patches
2021-11-18 15:23 ` Tom Tromey
2021-11-18 18:10 ` Simon Marchi
2021-11-20 0:27 ` Carl Love via Gdb-patches
2021-11-22 1:07 ` Simon Marchi via Gdb-patches
2021-11-22 18:16 ` Carl Love via Gdb-patches
2021-11-22 17:01 ` John Baldwin
2021-11-23 20:34 ` Simon Marchi
2021-11-23 22:34 ` John Baldwin [this message]
2021-11-24 17:46 ` Carl Love via Gdb-patches
2021-11-24 17:51 ` John Baldwin
2021-11-24 1:15 ` Carl Love via Gdb-patches
2021-11-24 19:29 ` Simon Marchi
2021-11-29 16:46 ` Carl Love via Gdb-patches
2021-12-02 16:32 ` Ping " Carl Love via Gdb-patches
2021-12-10 18:36 ` Simon Marchi
2021-12-10 19:59 ` [PATCH v2] " Carl Love via Gdb-patches
2021-12-11 0:21 ` Simon Marchi via Gdb-patches
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ebc71ee1-7c1a-2550-3433-2a416268e71c@FreeBSD.org \
--to=jhb@freebsd.org \
--cc=cel@us.ibm.com \
--cc=gdb-patches@sourceware.org \
--cc=rogealve@br.ibm.com \
--cc=simark@simark.ca \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox