tl;dr: after 27d6b4d14f5c3ab21c4aef87dd04055a2d7adf14 ptracer modifications to orig_ax in a syscall entry trace stop are not honored and this breaks our code. rr, a userspace record and replay debugger[0], redirects syscalls of its ptracee through an in-process LD_PRELOAD-injected solib. To do this, it ptraces the tracee to a syscall entry event, and then, if the syscall instruction is not our redirected syscall instruction, it examines the tracee's code and pattern matches against a set of syscall invocations that it knows how to rewrite. If that succeeds, rr hijacks[1] the current syscall entry by setting orig_ax to something innocuous like SYS_gettid, runs the hijacked syscall, and then restores program state to before the syscall entry trace event and allows the tracee to execute forwards, through the newly patched code and into our injected solib. Before 27d6b4d14f5c3ab21c4aef87dd04055a2d7adf14 modifications to orig_ax were honored by x86's syscall_enter_trace[2]. The generic arch code however does not honor any modifications to the syscall number[3] (presumably because on most architectures syscall results clobber the first argument and not the syscall number, so there is no equivalent to orig_rax). Note that the above is just one example of when rr changes the syscall number this way. This is done in many places in our code and rr is largely broken on 5.9-rc1 at the moment because of this bug. - Kyle [0] https://rr-project.org/ [1] https://github.com/mozilla/rr/blob/cd61ba22ccc05b426691312784674c0eb8e654ef/src/Task.cc#L872 [2] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/arch/x86/entry/common.c?h=v5.8&id=bcf876870b95592b52519ed4aafcf9d95999bc9c#n204 [3] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/kernel/entry/common.c?h=v5.8&id=27d6b4d14f5c3ab21c4aef87dd04055a2d7adf14#n44
