From: Fabiano Ramos <ramos_fabiano@yahoo.com.br>
To: Daniel Jacobowitz <dan@debian.org>
Cc: OGAWA Hirofumi <hirofumi@mail.parknet.co.jp>,
Andi Kleen <ak@muc.de>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: Re: ptrace in 2.6.5
Date: Mon, 10 May 2004 21:40:54 -0300 [thread overview]
Message-ID: <1084236054.1763.25.camel@slack.domain.invalid> (raw)
In-Reply-To: <20040510225818.GA24796@nevyn.them.org>
On Mon, 2004-05-10 at 19:58, Daniel Jacobowitz wrote:
> On Tue, May 11, 2004 at 07:47:08AM +0900, OGAWA Hirofumi wrote:
> > OGAWA Hirofumi <hirofumi@mail.parknet.co.jp> writes:
> >
> > > So single-step exception happen *after* executed the "mov ...".
> > > Probably you need to use the breakpoint instead of single-step.
> >
> > Ah, sorry. Just use PTRACE_SYSCALL instead of PTRACE_SINGLESTEP.
> > It's will stop before/after does syscall.
>
> Doing it this way is pretty lousy - you have to inspect the code after
> every step to see if it's an int $0x80. Is there some reason not to
> report a trap on the syscall return path if single-stepping?
Strange thing. When entering a syscall, the int 0x80 does clear the
trap, but first it is saved into the stack. When the iret is executed,
the eflags is restored from the stack, thus single stepping is
re-enabled.
The question is: the int 0x80 can be seen as complex instructions that
is only completed after the iret. This way, I do not see why a debug
trap is not generated afer the int 0x80 and BEFORE the mov.
I reinvented the wheel and built a module that did the same thing as
a singlestep ptrace, and a the trap WAS generated after the int 0x80
completed, before the mov.
So I think it has sth to do with the debug trap handler.
I DO NOT BELIEVE THIS BEAVIOUR is right, since if it is not stopping
after the int 0x80, ptrace is not TRULLY singlestepping.
next prev parent reply other threads:[~2004-05-11 0:38 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <1UlcA-6lq-9@gated-at.bofh.it>
2004-05-10 18:49 ` ptrace in 2.6.5 Andi Kleen
2004-05-10 19:37 ` Davide Libenzi
2004-05-10 20:24 ` Fabiano Ramos
2004-05-10 21:49 ` OGAWA Hirofumi
2004-05-10 22:47 ` OGAWA Hirofumi
2004-05-10 22:58 ` Daniel Jacobowitz
2004-05-10 23:12 ` Davide Libenzi
2004-05-11 0:40 ` Fabiano Ramos [this message]
2004-05-11 6:14 ` Davide Libenzi
2004-05-11 6:27 ` Davide Libenzi
2004-05-11 6:41 ` Davide Libenzi
2004-05-11 14:07 ` Daniel Jacobowitz
2004-05-10 15:46 Fabiano Ramos
2004-05-10 16:10 ` Daniel Jacobowitz
2004-05-10 16:22 ` Fabiano Ramos
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1084236054.1763.25.camel@slack.domain.invalid \
--to=ramos_fabiano@yahoo.com.br \
--cc=ak@muc.de \
--cc=dan@debian.org \
--cc=hirofumi@mail.parknet.co.jp \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox