|
From: Philippe W. <phi...@sk...> - 2010-06-02 21:19:19
|
> I still do not understand why vgdb can "force" the process to execute code by just changing > the program counter. Is this PC change detected by the kernel and interpreted as a request > to put the process back into user context (if it was waiting in a syscall), as it is needed > to result in execution of the code? My understanding: the kernel scheduler job is to make a process sleep or run basically by saving or restoring the registers of the process to put asleep or to resume. When the process is stopped by ptrace, the SETREGS ptrace modifies the saved registers of the stopped process. When the is process is continued, the kernel restores these saved registers and ensures the processor starts executing instructions at the restored program counter. But this just a guess, I did not look at the linux kernel code. Philippe |