Hello,
main(){
__asm__("pushf\r\n"
"popf\r\n"
);
}
Single stepping through the "pushf" instruction and then attempting to
PTRACE_CONT will generate SIGTRAPs at each instruction. Although the
trap flag appears to not be set according to GETREG values, the pushf
will push a value with the TF bit on, which is then restored with
popf...
Here's an example of single stepping on a 2.6.8 and the trap flag
(uppercase letter means enabled):
8048351: push %ecx.
eax=bffff7cc ebx=40146adc ecx=bffff740 edx=00000001
esi=bffff7c4 edi=bffff750 ebp=bffff728 esp=bffff724
flags= [c] [P] [a] [z] [S] [T] [I] [df] [id]
8048352: pushf .
eax=bffff7cc ebx=40146adc ecx=bffff740 edx=00000001
esi=bffff7c4 edi=bffff750 ebp=bffff728 esp=bffff720
flags= [c] [P] [a] [z] [S] [T] [I] [df] [id]
8048353: popf .
eax=bffff7cc ebx=40146adc ecx=bffff740 edx=00000001
esi=bffff7c4 edi=bffff750 ebp=bffff728 esp=bffff724
flags= [c] [P] [a] [z] [S] [T] [I] [df] [id]
8048354: pop %ecx.
eax=bffff7cc ebx=40146adc ecx=bffff740 edx=00000001
esi=bffff7c4 edi=bffff750 ebp=bffff728 esp=bffff728
flags= [c] [P] [a] [z] [S] [T] [I] [df] [id]
and a 2.6.20
8048351: push %ecx.
eax=bfcff654 ebx=b7f52ff4 ecx=bfcff5d0 edx=00000001
esi=b7f80ce0 edi=00000000 ebp=bfcff5b8 esp=bfcff5b4
flags= [c] [P] [a] [z] [S] [t] [I] [df] [id] 286
8048352: pushf .
eax=bfcff654 ebx=b7f52ff4 ecx=bfcff5d0 edx=00000001
esi=b7f80ce0 edi=00000000 ebp=bfcff5b8 esp=bfcff5b0
flags= [c] [P] [a] [z] [S] [t] [I] [df] [id] 286
8048353: popf .
eax=bfcff654 ebx=b7f52ff4 ecx=bfcff5d0 edx=00000001
esi=b7f80ce0 edi=00000000 ebp=bfcff5b8 esp=bfcff5b4
flags= [c] [P] [a] [z] [S] [T] [I] [df] [id] 386
8048354: pop %ecx.
eax=bfcff654 ebx=b7f52ff4 ecx=bfcff5d0 edx=00000001
esi=b7f80ce0 edi=00000000 ebp=bfcff5b8 esp=bfcff5b8
flags= [c] [P] [a] [z] [S] [T] [I] [df] [id] 386
I'm not sure where along the line this was broken but it looks like
there were more than a few changes...