[bug 20412] PTRACE_SINGLESTEP'ing an instruction that calls user helpers never stops the child on ARM
Timo Juhani Lindfors
timo.lindfors at iki.fi
Sun Oct 17 16:07:55 EDT 2010
Hi,
[ Also available as https://bugzilla.kernel.org/show_bug.cgi?id=20412 ]
On ARM glibc contains
0x4009b864 <getchar+240>: sub pc, r3, #63 ; 0x3f
that jumps to the kernel provided user helper page to access __kernel_cmpxchg
at 0xffff0fc0. If I try to PTRACE_SINGLESTEP this instruction the child never
stops. Parent keeps wait()ing forever but child effectively escapes the tracing
completely and continues executing instructions without notifying the parent.
On ARM single stepping is done by adding a breakpoint to possible branch
targets of each instruction. I guess when ptrace_set_bpt() tries to
add_breakpoint() to this page it just fails? (There's even a comment that says
it can fail and that return value is not checked...)
Since all user helpers return to LR I think we could teach get_branch_address
to treat jumps to user helpers as instructions that branch to lr? The attached
patch works for me but I am not sure if it is a good solution.
More information about the linux-arm
mailing list