Chris Jones jones.chris.g at gmail.com
Wed Jan 28 15:42:39 PST 2015

On Thu, Jan 22, 2015 at 9:03 PM, Kyle Huey <me at kylehuey.com> wrote:

> Why is this necessary?
>The "meta-reason" for that hack is that PTRACE_SYSEMU and PTRACE_SYSCALL
don't work the same way.  With PTRACE_SYSCALL, we get ptrace traps on both
syscall entry and exit.  But with PTRACE_SYSEMU, we only get a trap at the
emulated "entry".  One could argue that that inconsistency is a bug, but I
suspect things were implemented that way because having only one trap can
be a slight optimization for SYSEMU users like UML.  Or something.

We also need to "exit" emulated syscalls so that rr can inject real
syscalls on top of the original emulated one.  I don't remember the
details, but directly injecting a syscall without "finishing" the original
emulated one doesn't work.  (On x86, at least.)

We also use finish_emulated_syscall() to get tracees into a quiescent state
before deepforking, but I forget the details of that too, and it seems that
the wiki page that described it was deleted :/.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.mozilla.org/pipermail/rr-dev/attachments/20150128/bfe68e03/attachment.html>

More information about the rr-dev mailing list