This is the mail archive of the
gdb-prs@sourceware.org
mailing list for the GDB project.
[Bug record/20300] New: Reverse-Stepping over a syscall in x64 program does not update registers
- From: "dev.burbrink at gmail dot com" <sourceware-bugzilla at sourceware dot org>
- To: gdb-prs at sourceware dot org
- Date: Sat, 25 Jun 2016 19:51:59 +0000
- Subject: [Bug record/20300] New: Reverse-Stepping over a syscall in x64 program does not update registers
- Auto-submitted: auto-generated
https://sourceware.org/bugzilla/show_bug.cgi?id=20300
Bug ID: 20300
Summary: Reverse-Stepping over a syscall in x64 program does
not update registers
Product: gdb
Version: HEAD
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: record
Assignee: unassigned at sourceware dot org
Reporter: dev.burbrink at gmail dot com
Target Milestone: ---
Created attachment 9363
--> https://sourceware.org/bugzilla/attachment.cgi?id=9363&action=edit
Archive of GDB output when reverse stepping over read syscall: x86 (works), x64
(doesn't work)
Bug:
In x64, reverse-stepping over a read syscall does not appear to properly update
the registers, in particular: EAX.
I have witnessed this issue is present in the current master branch of GDB as
of June 24, 2016 (GDB version 7.11.50.20160623-git).
To Reproduce:
I have attached two example outputs of single stepping through a read()
syscall.
The first is an x86 example output that shows the desired behavior. Upon
stepping over the sysenter instruction, EAX changed from 3 (value for read
syscall) to 0x14 (number of bytes read). Upon reverse-stepping to undo the
sysenter, EAX is properly restored to the value 3.
The second is example that shows the unexpected behavior for x64. Upon stepping
over the syscall instruction, EAX changed from 0 (value for read syscall) to
0x14 (number of bytes read). Upon reverse-stepping to undo the syscall, EAX
still contains the value 0x14.
My exact test program used to get these outputs can be found at
https://github.com/dev-burbrink/pydslice/blob/master/examples/read-abrt.c with
corresponding GDB command file
https://github.com/dev-burbrink/pydslice/blob/master/examples/read-abrt-debug.gdb
.
Context:
PyDSlice is a GDB Python extension for creating dynamic slices off of recorded
programs in GDB. Its goal is to isolate the instructions that lead to the value
of specified memory addresses / registers. It supports automatically
calculating slices to determine the cause of program crashes. read-abrt.c is a
sample program that attempts to cause a SIGABRT by overflowing the stack via a
call to read(). For an x86 version of read-abrt.c, PyDSlice is able to pinpoint
the sysenter read call as the cause of the stack overflow. On x64, this issue
prevents PyDSlice from detecting the read syscall as the cause of the stack
overflow.
--
You are receiving this mail because:
You are on the CC list for the bug.