Ping? Is there any interest in this patch?
Cheers, Steve On 14/10/2010, at 2:18 PM, Steve Bennett wrote: > When ARM OABI compat mode is enabled on Linux, a process that has > received a signal and is sitting on a kernel trampoline. > Detect this case so that the process can be traced. > > Note: There is probably a much better test for this case. > > Signed-off-by: Steve Bennett <[email protected]> > --- > syscall.c | 27 +++++++++++++++++++-------- > 1 files changed, 19 insertions(+), 8 deletions(-) > > diff --git a/syscall.c b/syscall.c > index a742571..a4461fe 100644 > --- a/syscall.c > +++ b/syscall.c > @@ -1040,14 +1040,20 @@ get_scno(struct tcb *tcp) > /* > * Get the ARM-mode system call number > */ > - errno = 0; > - scno = ptrace(PTRACE_PEEKTEXT, tcp->pid, (void > *)(regs.ARM_pc - 4), NULL); > - if (errno) > - return -1; > - > - if (scno == 0 && (tcp->flags & TCB_WAITEXECVE)) { > - tcp->flags &= ~TCB_WAITEXECVE; > - return 0; > + > + /* We may be in syscall_restart via a kernel trampoline. > + * In this case pc[-4] won't be useful. > + * Use a dodgy test for this case. > + */ > + if ((regs.ARM_pc & 0xffff0000) == 0xffff0000) { > + /* restart syscall is 0 */ > + scno = 0x0f900000; > + } > + else { > + errno = 0; > + scno = ptrace(PTRACE_PEEKTEXT, tcp->pid, (void > *)(regs.ARM_pc - 4), NULL); > + if (errno) > + return -1; > } > > /* Handle the EABI syscall convention. We do not > @@ -1079,6 +1085,11 @@ get_scno(struct tcb *tcp) > } else > set_personality(0); > > + if (scno == 0 && (tcp->flags & TCB_WAITEXECVE)) { > + tcp->flags &= ~TCB_WAITEXECVE; > + return 0; > + } > + > if (tcp->flags & TCB_INSYSCALL) { > fprintf(stderr, "pid %d stray syscall entry\n", > tcp->pid); > tcp->flags &= ~TCB_INSYSCALL; > -- > 1.5.5.3 > > -- µWeb: Embedded Web Framework - http://uweb.workware.net.au/ WorkWare Systems Pty Ltd W: www.workware.net.au P: +61 434 921 300 E: [email protected] F: +61 7 3391 6002 ------------------------------------------------------------------------------ All of the data generated in your IT infrastructure is seriously valuable. Why? It contains a definitive record of application performance, security threats, fraudulent activity, and more. Splunk takes this data and makes sense of it. IT sense. And common sense. http://p.sf.net/sfu/splunk-d2d-c2 _______________________________________________ Strace-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/strace-devel
