original_syscallno

Robert O'Callahan robert at ocallahan.org
Mon Nov 10 18:24:38 PST 2014


On Tue, Nov 11, 2014 at 1:03 PM, Kyle Huey <me at kylehuey.com> wrote:

> The comment in Registers.h says
>
> > /**
> >  * This pseudo-register holds the system-call number when we get ptrace
> >  * enter-system-call and exit-system-call events. Setting it changes
> >  * the system-call executed when resuming after an enter-system-call
> >  * event.
> >  */
>
> Does that mean that we sometimes change which syscall we're executing
> when we get an enter-syscall-event?  Why do we do this?
>

I see three callers to set_original_syscallno:
* destroy_buffers does it for real. The current syscall is SYS_exit but we
need to do some work in the context of the exiting task before it exits, so
we smash the syscall number to something safe (SYS_gettid), complete the
syscall, do the work we need to do, and then do another SYS_exit for real.
* record_signal does it, but see the comment there; we're only restoring an
original syscallno that is sometimes lost for unclear reasons.
* maybe_restart_syscall does it when we're resuming an interrupted syscall.
I don't understand that case all that well.

Rob
-- 
oIo otoeololo oyooouo otohoaoto oaonoyooonoeo owohooo oioso oaonogoroyo
owoiotoho oao oboroootohoeoro oooro osoiosotoeoro owoiololo oboeo
osouobojoeocoto otooo ojouodogomoeonoto.o oAogoaoiono,o oaonoyooonoeo
owohooo
osoaoyoso otooo oao oboroootohoeoro oooro osoiosotoeoro,o o‘oRoaocoao,o’o
oioso
oaonosowoeoroaoboloeo otooo otohoeo ocooouoroto.o oAonodo oaonoyooonoeo
owohooo
osoaoyoso,o o‘oYooouo ofooooolo!o’o owoiololo oboeo oiono odoaonogoeoro
ooofo
otohoeo ofoioroeo ooofo ohoeololo.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.mozilla.org/pipermail/rr-dev/attachments/20141111/f632d0ad/attachment.html>


More information about the rr-dev mailing list