17846 – read memory from _dl_debug_state returns 0xcc instead of 0xf3

Bug 17846 - read memory from _dl_debug_state returns 0xcc instead of 0xf3

Summary: read memory from _dl_debug_state returns 0xcc instead of 0xf3

Status:	RESOLVED INVALID

Alias:	None

Product:	gdb
Classification:	Unclassified
Component:	gdb (show other bugs)
Version:	7.8

Importance:	P2 normal
Target Milestone:	---
Assignee:	Not yet assigned to anyone

URL:
Keywords:

Depends on:
Blocks:

Reported:	2015-01-15 15:21 UTC by ganzmatthias
Modified:	2015-01-15 17:33 UTC (History)
CC List:	2 users (show)

See Also:
Host:
Target:
Build:
Last reconfirmed:

Attachments
Small example to reproduce the issue with some information about my environment (5.53 KB, application/x-tar) 2015-01-15 15:21 UTC, ganzmatthias	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description ganzmatthias 2015-01-15 15:21:01 UTC

Created attachment 8065 [details]
Small example to reproduce the issue with some information about my environment

When trying to read one byte from _dl_debug_state (I try to read and analyse arbitrary code loaded into my memory) the behavior of my program is different depending on whether I run it with gdb or not.

Memory at symbol _dl_debug_state (which is at a fixed address 0x7ffff7dea970 for my system) starts with the values 0xf3 c3. Which corresponds to a "repz ret" instruction. When i try to read the very first byte of this symbol I read 0xCC (which corresponds to a int3 instruction) instead of 0xF3.

However when I inspect the memory address with gdb as following, I get the correct value 0xf3.

(gdb) x/1bx 0x7ffff7dea970
0x7ffff7dea970 <_dl_debug_state>:	0xf3

But my program accidentally seems to read the trap instruction instead of the actual memory value.

The attached archive contains a small example, the compiled binary and a log how to reproduce the issue.

If I run the binary on its own everything is fine but if it is run within gdb I get the previously described error.

Comment 1 Gary Benson 2015-01-15 16:32:55 UTC

This is not a bug.  GDB implements breakpoints by overwriting whatever is at the relevant addresses with int3 instructions on x86 when the inferior program is running.  When the inferior stops the int3 instructions are replaced with whatever was there before.  So, when your program is running you see 0xCC at that address, but when you stop it you see 0xF3.

Comment 2 Pedro Alves 2015-01-15 16:35:40 UTC

In addition, from GDB, you'll also see 0xF3 when the program is running, as GDB hides its own breakpoints from the user.

Comment 3 ganzmatthias 2015-01-15 17:02:13 UTC

(In reply to Gary Benson from comment #1)
> This is not a bug.  GDB implements breakpoints by overwriting whatever is at
> the relevant addresses with int3 instructions on x86 when the inferior
> program is running.  When the inferior stops the int3 instructions are
> replaced with whatever was there before.  So, when your program is running
> you see 0xCC at that address, but when you stop it you see 0xF3.



> So, when your program is running
> you see 0xCC at that address, but when you stop it you see 0xF3.

So I can not reliably debug programs which read code which may contain breakpoints (either created by me during the debug session or created by gdb internaly)?

Comment 4 Pedro Alves 2015-01-15 17:33:41 UTC

I don't know what you mean by reliably.  What would you like GDB to do?