aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJason Wessel <jason.wessel@windriver.com>2007-07-06 05:39:50 -0400
committerLinus Torvalds <torvalds@woody.linux-foundation.org>2007-07-06 13:23:43 -0400
commit1e2e99f0e4aa6363e8515ed17011c210c8f1b52a (patch)
tree2c7d7ba0277849e0b1414ab712923a08a8e48643
parentef7320edb1dd2cf6c969d1dcef4a9499a42f24da (diff)
i386: fix regression, endless loop in ptrace singlestep over an int80
The commit 635cf99a80f4ebee59d70eb64bb85ce829e4591f introduced a regression. Executing a ptrace single step after certain int80 accesses will infinitely loop and never advance the PC. The TIF_SINGLESTEP check should be done on the return from the syscall and not before it. I loops on each single step on the pop right after the int80 which writes out to the console. At that point you can issue as many single steps as you want and it will not advance any further. The test case is below: /* Test whether singlestep through an int80 syscall works. */ #define _GNU_SOURCE #include <stdio.h> #include <unistd.h> #include <fcntl.h> #include <sys/ptrace.h> #include <sys/wait.h> #include <sys/mman.h> #include <asm/user.h> #include <string.h> static int child, status; static struct user_regs_struct regs; static void do_child() { char str[80] = "child: int80 test\n"; ptrace(PTRACE_TRACEME, 0, 0, 0); kill(getpid(), SIGUSR1); write(fileno(stdout),str,strlen(str)); asm ("int $0x80" : : "a" (20)); /* getpid */ } static void do_parent() { unsigned long eip, expected = 0; again: waitpid(child, &status, 0); if (WIFEXITED(status) || WIFSIGNALED(status)) return; if (WIFSTOPPED(status)) { ptrace(PTRACE_GETREGS, child, 0, &regs); eip = regs.eip; if (expected) fprintf(stderr, "child stop @ %08lx, expected %08lx %s\n", eip, expected, eip == expected ? "" : " <== ERROR"); if (*(unsigned short *)eip == 0x80cd) { fprintf(stderr, "int 0x80 at %08x\n", (unsigned int)eip); expected = eip + 2; } else expected = 0; ptrace(PTRACE_SINGLESTEP, child, NULL, NULL); } goto again; } int main(int argc, char * const argv[]) { child = fork(); if (child) do_parent(); else do_child(); return 0; } Signed-off-by: Jason Wessel <jason.wessel@windriver.com> Cc: Jeremy Fitzhardinge <jeremy@goop.org> Cc: <stable@kernel.org> Cc: Chuck Ebbert <76306.1226@compuserve.com> Acked-by: Andi Kleen <ak@suse.de> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-rw-r--r--arch/i386/kernel/entry.S8
1 files changed, 4 insertions, 4 deletions
diff --git a/arch/i386/kernel/entry.S b/arch/i386/kernel/entry.S
index b1f16ee65e4d..3c3c220488c9 100644
--- a/arch/i386/kernel/entry.S
+++ b/arch/i386/kernel/entry.S
@@ -367,10 +367,6 @@ ENTRY(system_call)
367 CFI_ADJUST_CFA_OFFSET 4 367 CFI_ADJUST_CFA_OFFSET 4
368 SAVE_ALL 368 SAVE_ALL
369 GET_THREAD_INFO(%ebp) 369 GET_THREAD_INFO(%ebp)
370 testl $TF_MASK,PT_EFLAGS(%esp)
371 jz no_singlestep
372 orl $_TIF_SINGLESTEP,TI_flags(%ebp)
373no_singlestep:
374 # system call tracing in operation / emulation 370 # system call tracing in operation / emulation
375 /* Note, _TIF_SECCOMP is bit number 8, and so it needs testw and not testb */ 371 /* Note, _TIF_SECCOMP is bit number 8, and so it needs testw and not testb */
376 testw $(_TIF_SYSCALL_EMU|_TIF_SYSCALL_TRACE|_TIF_SECCOMP|_TIF_SYSCALL_AUDIT),TI_flags(%ebp) 372 testw $(_TIF_SYSCALL_EMU|_TIF_SYSCALL_TRACE|_TIF_SECCOMP|_TIF_SYSCALL_AUDIT),TI_flags(%ebp)
@@ -385,6 +381,10 @@ syscall_exit:
385 # setting need_resched or sigpending 381 # setting need_resched or sigpending
386 # between sampling and the iret 382 # between sampling and the iret
387 TRACE_IRQS_OFF 383 TRACE_IRQS_OFF
384 testl $TF_MASK,PT_EFLAGS(%esp) # If tracing set singlestep flag on exit
385 jz no_singlestep
386 orl $_TIF_SINGLESTEP,TI_flags(%ebp)
387no_singlestep:
388 movl TI_flags(%ebp), %ecx 388 movl TI_flags(%ebp), %ecx
389 testw $_TIF_ALLWORK_MASK, %cx # current->work 389 testw $_TIF_ALLWORK_MASK, %cx # current->work
390 jne syscall_exit_work 390 jne syscall_exit_work