From: Jan Kiszka <jan.kiszka@siemens.com>
To: Florian Bezdeka <florian.bezdeka@siemens.com>,
xenomai@lists.linux.dev, Philippe Gerum <rpm@xenomai.org>
Cc: rpm@xenomai.org, Clara Kowalsky <clara.kowalsky@siemens.com>
Subject: Re: [PATCH] arm64: dovetail: Fix undefinstr/break trap handling
Date: Mon, 28 Aug 2023 15:04:50 +0200 [thread overview]
Message-ID: <9cd49fec-3f65-47c9-91cc-d13754e29d94@siemens.com> (raw)
In-Reply-To: <92c6af9151c4b3d2a1737484487ff1ea55e5f131.camel@siemens.com>
On 28.08.23 14:52, Florian Bezdeka wrote:
> On Mon, 2023-08-28 at 14:33 +0200, Jan Kiszka wrote:
>> On 25.08.23 14:58, Florian Bezdeka wrote:
>>> When running an compat RT application on arm64 the break trap is
>>> handled via the undefined instruction trap.
>>>
>>> A possible call stack looks like this:
>>>
>>> Call trace:
>>> handle_inband_event+0x2d0/0x320
>>> inband_event_notify+0x28/0x50
>>> signal_wake_up_state+0x7c/0xa4
>>> complete_signal+0x104/0x2d0
>>> __send_signal_locked+0x1d0/0x3e4
>>> send_signal_locked+0xf0/0x140
>>> force_sig_info_to_task+0xa0/0x164
>>> force_sig_fault+0x64/0x94
>>> arm64_force_sig_fault+0x48/0x80
>>> send_user_sigtrap+0x50/0x8c
>>> aarch32_break_handler+0xac/0x1d0
>>> do_undefinstr+0x6c/0x360
>>> el0_undef+0x4c/0xd0
>>> el0t_32_sync_handler+0xd0/0x140
>>> el0t_32_sync+0x190/0x194
>>>
>>> The trap is never reported to the companion core at that stage so
>>> running_oob() in do_undefinstr() will always return true. As the
>>> following bailout happens before calling the compat breakpoint
>>> detection (aarch32_break_handler()) debugging the compat
>>> application does not work.
>>>
>>> In addition aarch32_break_handler() has to report the trap entry to the
>>> companion core.
>>>
>>> Reported-by: Clara Kowalsky <clara.kowalsky@siemens.com>
>>> Tested-by: Clara Kowalsky <clara.kowalsky@siemens.com>
>>> Signed-off-by: Florian Bezdeka <florian.bezdeka@siemens.com>
>>> ---
>>> arch/arm64/kernel/debug-monitors.c | 3 +++
>>> arch/arm64/kernel/traps.c | 7 -------
>>> 2 files changed, 3 insertions(+), 7 deletions(-)
>>>
>>> diff --git a/arch/arm64/kernel/debug-monitors.c b/arch/arm64/kernel/debug-monitors.c
>>> index 32271ed24ef5..ef7ac042a0a6 100644
>>> --- a/arch/arm64/kernel/debug-monitors.c
>>> +++ b/arch/arm64/kernel/debug-monitors.c
>>> @@ -373,7 +373,10 @@ int aarch32_break_handler(struct pt_regs *regs)
>>> if (!bp)
>>> return -EFAULT;
>>>
>>> + mark_trap_entry(ARM64_TRAP_UNDI, regs);
>>> send_user_sigtrap(TRAP_BRKPT);
>>> + mark_trap_exit(ARM64_TRAP_UNDI, regs);
>>> +
>>> return 0;
>>> }
>>> NOKPROBE_SYMBOL(aarch32_break_handler);
>>> diff --git a/arch/arm64/kernel/traps.c b/arch/arm64/kernel/traps.c
>>> index cc68be400244..9bf2f309248f 100644
>>> --- a/arch/arm64/kernel/traps.c
>>> +++ b/arch/arm64/kernel/traps.c
>>> @@ -489,13 +489,6 @@ void arm64_notify_segfault(unsigned long addr)
>>>
>>> void do_undefinstr(struct pt_regs *regs, unsigned long esr)
>>> {
>>> - /*
>>> - * If the companion core did not switched us to in-band
>>> - * context, we may assume that it has handled the trap.
>>> - */
>>> - if (running_oob())
>>> - return;
>>> -
>>> /* check for AArch32 breakpoint instructions */
>>> if (!aarch32_break_handler(regs))
>>> return;
>>
>> This is not against v6.5-dovetail-rebase, right? We likely need to start
>> from the top, then backport to stable.
>
> That applied for 6.1 and all other (lower) versions that are currently
> covered by our CI. Might need some lifting for 6.5, didn't check yet.
>
>>
>> Also note that this change came in via
>> https://source.denx.de/Xenomai/linux-dovetail/-/commit/2b2ccdaeb8116727cf4076960d664a3cedff0ac6,
>> so just dropping it will likely cause problems elsewhere. Should we
>> rather move that down in the handler?
>
> Well, as written in the commit message running_oob() will always return
> true for RT tasks so I'm quite sure that the invalid instruction
> handling was broken on arm64 for some time now. We bailed out even
> before sending the notification to the companion core.
>
> Moving it down might fix the compat case but native arm64 would stay
> broken. No?
>
Something looks still fishy, either in the original patch that
introduced the condition (I still don't get that special case) or now
with this change trying to restore things. I agree that also the
original change needed the notification to be delivered.
Philippe, can you help clarifying the logic behind
do_undefinstr/do_el0_undef?
Jan
--
Siemens AG, Technology
Linux Expert Center
next prev parent reply other threads:[~2023-08-28 13:04 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-08-25 12:58 [PATCH] arm64: dovetail: Fix undefinstr/break trap handling Florian Bezdeka
2023-08-28 12:33 ` Jan Kiszka
2023-08-28 12:52 ` Florian Bezdeka
2023-08-28 13:04 ` Jan Kiszka [this message]
2023-08-28 14:36 ` Philippe Gerum
2023-08-29 7:42 ` Florian Bezdeka
2023-09-01 13:29 ` Philippe Gerum
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=9cd49fec-3f65-47c9-91cc-d13754e29d94@siemens.com \
--to=jan.kiszka@siemens.com \
--cc=clara.kowalsky@siemens.com \
--cc=florian.bezdeka@siemens.com \
--cc=rpm@xenomai.org \
--cc=xenomai@lists.linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).