This is the mail archive of the gdb-prs@sourceware.org mailing list for the GDB project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[Bug record/20300] New: Reverse-Stepping over a syscall in x64 program does not update registers


https://sourceware.org/bugzilla/show_bug.cgi?id=20300

            Bug ID: 20300
           Summary: Reverse-Stepping over a syscall in x64 program does
                    not update registers
           Product: gdb
           Version: HEAD
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: record
          Assignee: unassigned at sourceware dot org
          Reporter: dev.burbrink at gmail dot com
  Target Milestone: ---

Created attachment 9363
  --> https://sourceware.org/bugzilla/attachment.cgi?id=9363&action=edit
Archive of GDB output when reverse stepping over read syscall: x86 (works), x64
(doesn't work)

Bug:
In x64, reverse-stepping over a read syscall does not appear to properly update
the registers, in particular: EAX.

I have witnessed this issue is present in the current master branch of GDB as
of June 24, 2016 (GDB version 7.11.50.20160623-git).

To Reproduce:
I have attached two example outputs of single stepping through a read()
syscall. 

The first is an x86 example output that shows the desired behavior. Upon
stepping over the sysenter instruction, EAX changed from 3 (value for read
syscall) to 0x14 (number of bytes read). Upon reverse-stepping to undo the
sysenter, EAX is properly restored to the value 3.

The second is example that shows the unexpected behavior for x64. Upon stepping
over the syscall instruction, EAX changed from 0 (value for read syscall) to
0x14 (number of bytes read). Upon reverse-stepping to undo the syscall, EAX
still contains the value 0x14.

My exact test program used to get these outputs can be found at
https://github.com/dev-burbrink/pydslice/blob/master/examples/read-abrt.c with
corresponding GDB command file
https://github.com/dev-burbrink/pydslice/blob/master/examples/read-abrt-debug.gdb
. 

Context:
PyDSlice is a GDB Python extension for creating dynamic slices off of recorded
programs in GDB. Its goal is to isolate the instructions that lead to the value
of specified memory addresses / registers. It supports automatically
calculating slices to determine the cause of program crashes. read-abrt.c is a
sample program that attempts to cause a SIGABRT by overflowing the stack via a
call to read(). For an x86 version of read-abrt.c, PyDSlice is able to pinpoint
the sysenter read call as the cause of the stack overflow. On x64, this issue
prevents PyDSlice from detecting the read syscall as the cause of the stack
overflow.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]