From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 48) id C8EFE3858C53; Mon, 20 Nov 2023 15:44:40 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org C8EFE3858C53 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1700495080; bh=4SaF1Q32ycFO5RynVLwSTAro/p/2bIJyiFG4HOOVf8s=; h=From:To:Subject:Date:In-Reply-To:References:From; b=M1LHZ93G0aCt+A27NbqRHdgBtLfJVGIcVgsOo2sEyepLtlUDx1XDUrrmeC4D7V6AG Dy/La7fkVfxKlieYwOpaImkJEjlmA2ybrjJeyCEyoWVCGpgoxgPFGweOD3u9++9NY6 4QZdAeqXepLhXwW6G2VWdDiEx/5TBVu7KBv6/2Ek= From: "vries at gcc dot gnu.org" To: gdb-prs@sourceware.org Subject: [Bug tdep/28623] Missing catching return of execve syscall of PowerPC Date: Mon, 20 Nov 2023 15:44:39 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: gdb X-Bugzilla-Component: tdep X-Bugzilla-Version: HEAD X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: vries at gcc dot gnu.org X-Bugzilla-Status: NEW X-Bugzilla-Resolution: X-Bugzilla-Priority: P2 X-Bugzilla-Assigned-To: unassigned at sourceware dot org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: http://sourceware.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 List-Id: https://sourceware.org/bugzilla/show_bug.cgi?id=3D28623 --- Comment #9 from Tom de Vries --- (In reply to ulrich.weigand from comment #7) > This is certainly better, but still somewhat fragile in that it still > requires the platform back-end to reliably detect that it cannot detect t= he > system call number. On some targets (e.g. s390x) that read the system ca= ll > number from memory as immediate operand of the syscall instruction, you m= ay > encounter the even worse scenario that after an execve you *do* detect a > syscall but it is wrong (because at that same location in memory the new > executable also contains a syscall instruction, but a different one) ... >=20 I've updated the patch such that the cached value always overrides the gdbarch_get_syscall_number result, so that shouldn't be an issue anymore. [ Btw, I've looked at s390_linux_get_syscall_number and observed the same problem as for arm: accessing memory in a way that may throw memory errors.= =20 Instead the safe_ memory access variants should be used, and -1 returned. ] > I still think ideally we should be able to make use of the PTRACE_EVENT_E= XEC > reported by the kernel. If I'm reading kernel code correctly, we should = be > getting the following sequence of ptrace events: > - syscall SIGTRAP - before execve > - PTRACE_EVENT_EXEC > - syscall SIGTRAP - after execve >=20 > So maybe processing of PTRACE_EVENT_EXEC should set a flag that if syscall > traps are active, the immediate next such event in the current process > should not even attempt to call gdbarch_get_syscall_number, but simply > assume that it is a return of the immediately preceding execve syscall. I've implemented this as a followup patch on the caching one. I've posted an RFC here ( https://sourceware.org/pipermail/gdb-patches/2023-November/204275.html ). --=20 You are receiving this mail because: You are on the CC list for the bug.=