Thread (6 messages) 6 messages, 3 authors, 2018-04-04

Re: [PATCH] powerpc: Clear branch trap (MSR.BE) before delivering SIGTRAP

From: Matt Evans <hidden>
Date: 2018-03-29 11:54:39 

Hi Michael,

On 28 Mar 2018, at 11:36, Matt Evans [off-list ref] wrote:
=20
Howdy Michael,
=20
quoted
On 28 Mar 2018, at 06:54, Michael Ellerman [off-list ref] =
wrote:
quoted
=20
Matt Evans [off-list ref] writes:
=20
quoted
When using SIG_DBG_BRANCH_TRACING, MSR.BE is left enabled in the
user context when single_step_exception() prepares the SIGTRAP
delivery.  The resulting branch-trap-within-the-SIGTRAP-handler
isn't healthy.
=20
Commit 2538c2d08f46141550a1e68819efa8fe31c6e3dc broke this, by
replacing an MSR mask operation of ~(MSR_SE | MSR_BE) with a call
to clear_single_step() which only clears MSR_SE.
=20
This patch adds a new helper, clear_br_trace(), which clears the
debug trap before invoking the signal handler.  This helper is a
NOP for BookE as SIG_DBG_BRANCH_TRACING isn't supported on BookE.
=20
Signed-off-by: Matt Evans <redacted>
=20
Hi Matt!
=20
It seems we might not be regularly testing this code :}
=20
I know, rite? ;-)
=20
quoted
How did you hit/find the bug? And do you have a test case by any =
chance?
quoted
=20
I found the test code at the bottom of:
https://lwn.net/Articles/114587/
=20
But it didn't immediately work.
=20
I'm using this feature as part of a debug harness I wrote to log a =
program=E2=80=99s control flow (to create a =E2=80=9Cknown good=E2=80=9D =
pattern to compare a PPC interpreter against).  So at least the feature =
has /one/ user.  ;-)
=20
The symptoms of the bug are that if you use single-stepping you get a =
sequence of SIGTRAPs representing each instruction completion (good), =
but if you use branch tracing the process just dies with SIGTRAP (looks =
like it=E2=80=99s never caught by the signal handler).  What=E2=80=99s =
really happening is that there /is/ a signal delivered to the handler, =
but (because branch tracing is left on) that then causes a second debug =
exception from the handler itself, i.e. whilst SIGTRAP=E2=80=99s masked.
=20
OK, let me have a dig to reduce my program to something very basic and =
I=E2=80=99ll post something =E2=80=94 sorry, I should=E2=80=99ve got a =
PoC ready before.  (I did start out inspired by that post you linked to, =
but IIRC I don=E2=80=99t think it worked out of the box for me either.)


I=E2=80=99ve put a simple SIG_DBG_BRANCH_TRACING test program here:

	http://ozlabs.org/~matt/files/sig_dbg_brtrace_test.c

It=E2=80=99s commented regarding expected output.  I=E2=80=99ve only =
tested this on a G4 =E2=80=94 it should work on PPC64 too but the ISA =
says support for branch tracing is optional for an implementation.  =
I=E2=80=99d be interested in what POWERx does.  :)


Cheers,


Matt
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help