On 09/22, Roland McGrath wrote: > > I think the only cases where you can have a ptrace stop followed by > actually taking the ret_from_sys_call path are tracehook_report_clone stops > (i.e. the stop inside a clone/fork/vfork syscall). If you last used > PTRACE_CONT or whatever and then hit PTRACE_EVENT_FORK et al, resuming with > PTRACE_SYSCALL will fail to hit the syscall-exit report for that fork/clone > syscall.
Yes, but this has nothing to do with utrace-ptrace. If we last used PTRACE_CONT, the tracee stops in utrace_resume() path before return to the user-mode, syscall_trace_leave() can't be called. > I added ptrace-tests/tests/syscall-from-clone.c for this case. Cool! Both tests fail. The 1st one is clear, ptrace_report_clone() is not finished yet. But the 2nd test-case reveals the problem: PTRACE_SINGLESTEP works exactly as I expected, but I didn't know that PTRACE_SINGLESTEP shouldn't bypass the syscall-exit stop! Oleg.
