From: Peter Maydell <peter.maydell@linaro.org>
To: Christoffer Dall <christoffer.dall@arm.com>
Cc: "Marc Zyngier" <maz@kernel.org>,
"Daniel P . Berrangé" <berrange@redhat.com>,
"Heinrich Schuchardt" <xypron.glpk@gmx.de>,
"lkml - Kernel Mailing List" <linux-kernel@vger.kernel.org>,
"Stefan Hajnoczi" <stefanha@redhat.com>,
kvmarm@lists.cs.columbia.edu,
arm-mail-list <linux-arm-kernel@lists.infradead.org>
Subject: Re: [PATCH 1/1] KVM: inject data abort if instruction cannot be decoded
Date: Thu, 5 Sep 2019 09:32:23 +0100 [thread overview]
Message-ID: <CAFEAcA-3ne3Z0dwz9C9kJmk36_AdNJRuqgB1jzFJ0WUB2NT_iQ@mail.gmail.com> (raw)
In-Reply-To: <20190905082503.GB4320@e113682-lin.lund.arm.com>
On Thu, 5 Sep 2019 at 09:25, Christoffer Dall <christoffer.dall@arm.com> wrote:
>
> On Thu, Sep 05, 2019 at 09:16:54AM +0100, Peter Maydell wrote:
> > This is true, but the problem is that barfing out to userspace
> > makes it harder to debug the guest because it means that
> > the VM is immediately destroyed, whereas AIUI if we
> > inject some kind of exception then (assuming you're set up
> > to do kernel-debug via gdbstub) you can actually examine
> > the offending guest code with a debugger because at least
> > your VM is still around to inspect...
> >
>
> Is it really going to be easier to debug a guest that sees behavior
> which may not be architecturally correct? For example, seeing a data
> abort on an access to an MMIO region because the guest used a strange
> instruction?
Yeah, a data abort is not ideal. You could UNDEF the insn, which
probably is more likely to result in getting control in the
debugger I suppose.
As for whether it's going to be easier to debug, for the
user who reported this in the first place it certainly was.
(Consider even a simple Linux guest not under a debugger --
if we UNDEF the insn the guest kernel will print a helpful
backtrace so you can tell where the problem is; at the moment
we just print a register dump from the host kernel, which is a
lot less informative.)
> I appreaciate that the current way we handle this is confusing and has
> led many people down a rabbit hole, so we should do better.
>
> Would a better approach not be to return to userspace saying, "we can't
> handle this in the kernel, you decide", without printing the dubious
> kernel error message.
Printing the message in the kernel is the best clue we give
the user at the moment that they've run into this problem;
I would be wary of removing it (even if we decide to also
do something else).
> Then user space could suspend the VM and print a
> lenghty explanation of all the possible problems there could be, or
> re-inject something back into the guest, or whatever, for a particular
> environment.
In theory I guess so. In practice that's not what userspace
currently in the wild does, and injecting an exception from
userspace is a bit awkward (I dunno if kvmtool does it,
QEMU only needs to in really obscure circumstances and
was buggy in how it tried to do it until very recently)...
thanks
-- PMM
next prev parent reply other threads:[~2019-09-05 8:32 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-09-04 18:07 [PATCH 1/1] KVM: inject data abort if instruction cannot be decoded Heinrich Schuchardt
2019-09-05 8:03 ` Marc Zyngier
2019-09-05 8:16 ` Peter Maydell
2019-09-05 8:25 ` Christoffer Dall
2019-09-05 8:32 ` Peter Maydell [this message]
2019-09-05 8:48 ` Heinrich Schuchardt
2019-09-05 8:52 ` Marc Zyngier
2019-09-05 8:56 ` Peter Maydell
2019-09-05 9:15 ` Marc Zyngier
2019-09-05 9:22 ` Christoffer Dall
2019-09-05 13:09 ` Marc Zyngier
2019-09-06 8:00 ` Christoffer Dall
2019-09-06 12:08 ` Alexander Graf
2019-09-06 12:34 ` Marc Zyngier
2019-09-06 13:02 ` [UNVERIFIED SENDER] " Alexander Graf
2019-09-06 13:12 ` Christoffer Dall
2019-09-06 13:16 ` Alexander Graf
2019-09-06 13:31 ` Peter Maydell
2019-09-06 13:41 ` Alexander Graf
2019-09-06 13:50 ` Peter Maydell
2019-09-06 14:12 ` Alexander Graf
2019-09-06 13:44 ` Christoffer Dall
2019-09-05 13:25 ` Heinrich Schuchardt
2019-09-06 7:58 ` Christoffer Dall
2019-09-05 8:28 ` Heinrich Schuchardt
2019-09-05 9:11 ` Marc Zyngier
2019-09-05 9:20 ` Stefan Hajnoczi
2019-09-05 9:23 ` Daniel P. Berrangé
2019-09-05 12:01 ` Heinrich Schuchardt
2019-09-05 12:16 ` Christoffer Dall
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAFEAcA-3ne3Z0dwz9C9kJmk36_AdNJRuqgB1jzFJ0WUB2NT_iQ@mail.gmail.com \
--to=peter.maydell@linaro.org \
--cc=berrange@redhat.com \
--cc=christoffer.dall@arm.com \
--cc=kvmarm@lists.cs.columbia.edu \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=maz@kernel.org \
--cc=stefanha@redhat.com \
--cc=xypron.glpk@gmx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).