Re: ptrace in 2.6.5

From: Davide Libenzi
Date: Mon May 10 2004 - 14:40:06 EST

Next message: Marcel Holtmann: "Re: [PATCH] hci-usb bugfix"
Previous message: Bartlomiej Zolnierkiewicz: "Re: Linux 2.6.6 "IDE cache-flush at shutdown fixes""
In reply to: Andi Kleen: "Re: ptrace in 2.6.5"
Next in thread: Fabiano Ramos: "Re: ptrace in 2.6.5"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 10 May 2004, Andi Kleen wrote:

> Fabiano Ramos <ramos_fabiano@xxxxxxxxxxxx> writes:
>
> > Hi All.
> >
> > Is ptrace(), in singlestep mode, required to stop after a int 0x80?
> > When tracing a sequence like
> >
> > mov ...
> > int 0x80
> > mov ....
> >
> > ptrace would notify the tracer after the two movs, but not after the
> > int 0x80. I want to know if it is a bug or the expected behaviour.
>
> What happens is that after the int 0x80 the CPU is in ring 0 (you
> don't get an trace event in that mode unless you use a kernel debugger).
> Then when the kernel returns the last instruction executed before it is an
> IRET. But the IRET is also executed still in ring 0 and you should not get
> an event for it (you can not even access its code from user space).
>
> So it's expected behaviour.

IIRC, it's the "int" instruction that automatically clears the TF bit from
flags. The next "iret" will restore the caller flags and re-enable the TF bit.

- Davide

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Marcel Holtmann: "Re: [PATCH] hci-usb bugfix"
Previous message: Bartlomiej Zolnierkiewicz: "Re: Linux 2.6.6 "IDE cache-flush at shutdown fixes""
In reply to: Andi Kleen: "Re: ptrace in 2.6.5"
Next in thread: Fabiano Ramos: "Re: ptrace in 2.6.5"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]