Re: [rfa] Handle amd64-linux %orig_rax

[Datoda <datoda at yahoo dot com>]

Here's the kernel version info:

godel:~/gdb-ftp/gdb-6.5.50.20061030/gdb$ uname -a
Linux godel 2.6.9-5.ELsmp #1 SMP Wed Jan 5 19:29:47 EST 2005 x86_64 x86_64 x86_64 GNU/Linux

It's EL4 and quite old. Do you know what kernel version would have Andi's patch?

 
----- Original Message ----
From: Daniel Jacobowitz <drow@false.org>
To: Andi Kleen <ak@suse.de>; Datoda <datoda@yahoo.com>; gdb-patches@sourceware.org
Sent: Tuesday, October 31, 2006 2:32:57 PM
Subject: Re: [rfa] Handle amd64-linux %orig_rax


On Tue, Oct 31, 2006 at 02:30:35PM -0500, Daniel Jacobowitz wrote:
> On Tue, Oct 31, 2006 at 08:11:20PM +0100, Andi Kleen wrote:
> > 
> > > Oh dear.  So if we set registers on the syscall exit path, the
> > > kernel/ISA may just eat them.  And we have no reliable way to know
> > > whether we're stopped on the syscall exit path.
> > 
> > If you're single stepping over it you can remember it from
> > one instruction before (check if the opcode is SYSCALL or SYSENTER,
> > these are unique 2 byte opcodes each)
> > 
> > If someone sets a breakpoint directly on the return point
> > and doesn't single step that wouldn't work, but then you shouldn't care about 
> > the previous register state anyways.
> 
> This case is usually SIGINT while inside a syscall, e.g. nanosleep. 
> That gives us a prompt, and if the user changes $rcx there, we write
> into the register - and later it gets overridden.  i.e. we're at the
> ptrace_stop call in kernel/signal.c:get_signal_to_deliver.
> 
> I'm not quite sure how we're getting into the problem case though?
> I'd have guessed we were in sysret_signal and that uses iret.

Datoda, what kernel version were you using?  I wonder if this fixed it
as a side effect:

Commit: 7bf36bbc5e0c09271f9efe22162f8cc3f8ebd3d2 
Author: Andi Kleen <ak@suse.de> Fri, 07 Apr 2006 19:50:00 +0200 

    [PATCH] x86_64: When user could have changed RIP always force IRET

-- 
Daniel Jacobowitz
CodeSourcery