6a5f3d94cb
As there are several discussions for enabling perf breakpoint signal
testing on arm64 platform: arm64 needs to rely on single-step to execute
the breakpointed instruction and then reinstall the breakpoint exception
handler. But if we hook the breakpoint with a signal, the signal
handler will do the stepping rather than the breakpointed instruction,
this causes infinite loops as below:
Kernel space | Userspace
---------------------------------|--------------------------------
| __test_function() -> hit
| breakpoint
breakpoint_handler() |
`-> user_enable_single_step() |
do_signal() |
| sig_handler() -> Step one
| instruction and
| trap to kernel
single_step_handler() |
`-> reinstall_suspended_bps() |
| __test_function() -> hit
| breakpoint again and
| repeat up flow infinitely
As Will Deacon mentioned [1]: "that we require the overflow handler to
do the stepping on arm/arm64, which is relied upon by GDB/ptrace. The
hw_breakpoint code is a complete disaster so my preference would be to
rip out the perf part and just implement something directly in ptrace,
but it's a pretty horrible job". Though Will commented this on arm
architecture, but the comment also can apply on arm64 architecture.
For complete information, I searched online and found a few years back,
Wang Nan sent one patch 'arm64: Store breakpoint single step state into
pstate' [2]; the patch tried to resolve this issue by avoiding single
stepping in signal handler and defer to enable the signal stepping when
return to __test_function(). The fixing was not merged due to the
concern for missing to handle different usage cases.
Based on the info, the most feasible way is to skip Perf breakpoint
signal testing for arm64 and this could avoid the duplicate
investigation efforts when people see the failure. This patch skips
this case on arm64 platform, which is same with arm architecture.
[1] https://lkml.org/lkml/2018/11/15/205
[2] https://lkml.org/lkml/2015/12/23/477
Signed-off-by: Leo Yan <leo.yan@linaro.org>
Cc: Adrian Hunter <adrian.hunter@intel.com>
Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com>
Cc: Brajeswar Ghosh <brajeswar.linux@gmail.com>
Cc: Florian Fainelli <f.fainelli@gmail.com>
Cc: Jiri Olsa <jolsa@redhat.com>
Cc: Mark Rutland <mark.rutland@arm.com>
Cc: Michael Petlan <mpetlan@redhat.com>
Cc: Namhyung Kim <namhyung@kernel.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Song Liu <songliubraving@fb.com>
Cc: Souptick Joarder <jrdr.linux@gmail.com>
Cc: Will Deacon <will@kernel.org>
Link: http://lore.kernel.org/lkml/20191018085531.6348-3-leo.yan@linaro.org
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
311 lines
8.1 KiB
C
311 lines
8.1 KiB
C
// SPDX-License-Identifier: GPL-2.0
|
|
/*
|
|
* Inspired by breakpoint overflow test done by
|
|
* Vince Weaver <vincent.weaver@maine.edu> for perf_event_tests
|
|
* (git://github.com/deater/perf_event_tests)
|
|
*/
|
|
|
|
/*
|
|
* Powerpc needs __SANE_USERSPACE_TYPES__ before <linux/types.h> to select
|
|
* 'int-ll64.h' and avoid compile warnings when printing __u64 with %llu.
|
|
*/
|
|
#define __SANE_USERSPACE_TYPES__
|
|
|
|
#include <stdlib.h>
|
|
#include <stdio.h>
|
|
#include <unistd.h>
|
|
#include <string.h>
|
|
#include <sys/ioctl.h>
|
|
#include <time.h>
|
|
#include <fcntl.h>
|
|
#include <signal.h>
|
|
#include <sys/mman.h>
|
|
#include <linux/compiler.h>
|
|
#include <linux/hw_breakpoint.h>
|
|
|
|
#include "tests.h"
|
|
#include "debug.h"
|
|
#include "event.h"
|
|
#include "perf-sys.h"
|
|
#include "cloexec.h"
|
|
|
|
static int fd1;
|
|
static int fd2;
|
|
static int fd3;
|
|
static int overflows;
|
|
static int overflows_2;
|
|
|
|
volatile long the_var;
|
|
|
|
|
|
/*
|
|
* Use ASM to ensure watchpoint and breakpoint can be triggered
|
|
* at one instruction.
|
|
*/
|
|
#if defined (__x86_64__)
|
|
extern void __test_function(volatile long *ptr);
|
|
asm (
|
|
".globl __test_function\n"
|
|
"__test_function:\n"
|
|
"incq (%rdi)\n"
|
|
"ret\n");
|
|
#else
|
|
static void __test_function(volatile long *ptr)
|
|
{
|
|
*ptr = 0x1234;
|
|
}
|
|
#endif
|
|
|
|
static noinline int test_function(void)
|
|
{
|
|
__test_function(&the_var);
|
|
the_var++;
|
|
return time(NULL);
|
|
}
|
|
|
|
static void sig_handler_2(int signum __maybe_unused,
|
|
siginfo_t *oh __maybe_unused,
|
|
void *uc __maybe_unused)
|
|
{
|
|
overflows_2++;
|
|
if (overflows_2 > 10) {
|
|
ioctl(fd1, PERF_EVENT_IOC_DISABLE, 0);
|
|
ioctl(fd2, PERF_EVENT_IOC_DISABLE, 0);
|
|
ioctl(fd3, PERF_EVENT_IOC_DISABLE, 0);
|
|
}
|
|
}
|
|
|
|
static void sig_handler(int signum __maybe_unused,
|
|
siginfo_t *oh __maybe_unused,
|
|
void *uc __maybe_unused)
|
|
{
|
|
overflows++;
|
|
|
|
if (overflows > 10) {
|
|
/*
|
|
* This should be executed only once during
|
|
* this test, if we are here for the 10th
|
|
* time, consider this the recursive issue.
|
|
*
|
|
* We can get out of here by disable events,
|
|
* so no new SIGIO is delivered.
|
|
*/
|
|
ioctl(fd1, PERF_EVENT_IOC_DISABLE, 0);
|
|
ioctl(fd2, PERF_EVENT_IOC_DISABLE, 0);
|
|
ioctl(fd3, PERF_EVENT_IOC_DISABLE, 0);
|
|
}
|
|
}
|
|
|
|
static int __event(bool is_x, void *addr, int sig)
|
|
{
|
|
struct perf_event_attr pe;
|
|
int fd;
|
|
|
|
memset(&pe, 0, sizeof(struct perf_event_attr));
|
|
pe.type = PERF_TYPE_BREAKPOINT;
|
|
pe.size = sizeof(struct perf_event_attr);
|
|
|
|
pe.config = 0;
|
|
pe.bp_type = is_x ? HW_BREAKPOINT_X : HW_BREAKPOINT_W;
|
|
pe.bp_addr = (unsigned long) addr;
|
|
pe.bp_len = sizeof(long);
|
|
|
|
pe.sample_period = 1;
|
|
pe.sample_type = PERF_SAMPLE_IP;
|
|
pe.wakeup_events = 1;
|
|
|
|
pe.disabled = 1;
|
|
pe.exclude_kernel = 1;
|
|
pe.exclude_hv = 1;
|
|
|
|
fd = sys_perf_event_open(&pe, 0, -1, -1,
|
|
perf_event_open_cloexec_flag());
|
|
if (fd < 0) {
|
|
pr_debug("failed opening event %llx\n", pe.config);
|
|
return TEST_FAIL;
|
|
}
|
|
|
|
fcntl(fd, F_SETFL, O_RDWR|O_NONBLOCK|O_ASYNC);
|
|
fcntl(fd, F_SETSIG, sig);
|
|
fcntl(fd, F_SETOWN, getpid());
|
|
|
|
ioctl(fd, PERF_EVENT_IOC_RESET, 0);
|
|
|
|
return fd;
|
|
}
|
|
|
|
static int bp_event(void *addr, int sig)
|
|
{
|
|
return __event(true, addr, sig);
|
|
}
|
|
|
|
static int wp_event(void *addr, int sig)
|
|
{
|
|
return __event(false, addr, sig);
|
|
}
|
|
|
|
static long long bp_count(int fd)
|
|
{
|
|
long long count;
|
|
int ret;
|
|
|
|
ret = read(fd, &count, sizeof(long long));
|
|
if (ret != sizeof(long long)) {
|
|
pr_debug("failed to read: %d\n", ret);
|
|
return TEST_FAIL;
|
|
}
|
|
|
|
return count;
|
|
}
|
|
|
|
int test__bp_signal(struct test *test __maybe_unused, int subtest __maybe_unused)
|
|
{
|
|
struct sigaction sa;
|
|
long long count1, count2, count3;
|
|
|
|
/* setup SIGIO signal handler */
|
|
memset(&sa, 0, sizeof(struct sigaction));
|
|
sa.sa_sigaction = (void *) sig_handler;
|
|
sa.sa_flags = SA_SIGINFO;
|
|
|
|
if (sigaction(SIGIO, &sa, NULL) < 0) {
|
|
pr_debug("failed setting up signal handler\n");
|
|
return TEST_FAIL;
|
|
}
|
|
|
|
sa.sa_sigaction = (void *) sig_handler_2;
|
|
if (sigaction(SIGUSR1, &sa, NULL) < 0) {
|
|
pr_debug("failed setting up signal handler 2\n");
|
|
return TEST_FAIL;
|
|
}
|
|
|
|
/*
|
|
* We create following events:
|
|
*
|
|
* fd1 - breakpoint event on __test_function with SIGIO
|
|
* signal configured. We should get signal
|
|
* notification each time the breakpoint is hit
|
|
*
|
|
* fd2 - breakpoint event on sig_handler with SIGUSR1
|
|
* configured. We should get SIGUSR1 each time when
|
|
* breakpoint is hit
|
|
*
|
|
* fd3 - watchpoint event on __test_function with SIGIO
|
|
* configured.
|
|
*
|
|
* Following processing should happen:
|
|
* Exec: Action: Result:
|
|
* incq (%rdi) - fd1 event breakpoint hit -> count1 == 1
|
|
* - SIGIO is delivered
|
|
* sig_handler - fd2 event breakpoint hit -> count2 == 1
|
|
* - SIGUSR1 is delivered
|
|
* sig_handler_2 -> overflows_2 == 1 (nested signal)
|
|
* sys_rt_sigreturn - return from sig_handler_2
|
|
* overflows++ -> overflows = 1
|
|
* sys_rt_sigreturn - return from sig_handler
|
|
* incq (%rdi) - fd3 event watchpoint hit -> count3 == 1 (wp and bp in one insn)
|
|
* - SIGIO is delivered
|
|
* sig_handler - fd2 event breakpoint hit -> count2 == 2
|
|
* - SIGUSR1 is delivered
|
|
* sig_handler_2 -> overflows_2 == 2 (nested signal)
|
|
* sys_rt_sigreturn - return from sig_handler_2
|
|
* overflows++ -> overflows = 2
|
|
* sys_rt_sigreturn - return from sig_handler
|
|
* the_var++ - fd3 event watchpoint hit -> count3 == 2 (standalone watchpoint)
|
|
* - SIGIO is delivered
|
|
* sig_handler - fd2 event breakpoint hit -> count2 == 3
|
|
* - SIGUSR1 is delivered
|
|
* sig_handler_2 -> overflows_2 == 3 (nested signal)
|
|
* sys_rt_sigreturn - return from sig_handler_2
|
|
* overflows++ -> overflows == 3
|
|
* sys_rt_sigreturn - return from sig_handler
|
|
*
|
|
* The test case check following error conditions:
|
|
* - we get stuck in signal handler because of debug
|
|
* exception being triggered receursively due to
|
|
* the wrong RF EFLAG management
|
|
*
|
|
* - we never trigger the sig_handler breakpoint due
|
|
* to the rong RF EFLAG management
|
|
*
|
|
*/
|
|
|
|
fd1 = bp_event(__test_function, SIGIO);
|
|
fd2 = bp_event(sig_handler, SIGUSR1);
|
|
fd3 = wp_event((void *)&the_var, SIGIO);
|
|
|
|
ioctl(fd1, PERF_EVENT_IOC_ENABLE, 0);
|
|
ioctl(fd2, PERF_EVENT_IOC_ENABLE, 0);
|
|
ioctl(fd3, PERF_EVENT_IOC_ENABLE, 0);
|
|
|
|
/*
|
|
* Kick off the test by trigering 'fd1'
|
|
* breakpoint.
|
|
*/
|
|
test_function();
|
|
|
|
ioctl(fd1, PERF_EVENT_IOC_DISABLE, 0);
|
|
ioctl(fd2, PERF_EVENT_IOC_DISABLE, 0);
|
|
ioctl(fd3, PERF_EVENT_IOC_DISABLE, 0);
|
|
|
|
count1 = bp_count(fd1);
|
|
count2 = bp_count(fd2);
|
|
count3 = bp_count(fd3);
|
|
|
|
close(fd1);
|
|
close(fd2);
|
|
close(fd3);
|
|
|
|
pr_debug("count1 %lld, count2 %lld, count3 %lld, overflow %d, overflows_2 %d\n",
|
|
count1, count2, count3, overflows, overflows_2);
|
|
|
|
if (count1 != 1) {
|
|
if (count1 == 11)
|
|
pr_debug("failed: RF EFLAG recursion issue detected\n");
|
|
else
|
|
pr_debug("failed: wrong count for bp1%lld\n", count1);
|
|
}
|
|
|
|
if (overflows != 3)
|
|
pr_debug("failed: wrong overflow hit\n");
|
|
|
|
if (overflows_2 != 3)
|
|
pr_debug("failed: wrong overflow_2 hit\n");
|
|
|
|
if (count2 != 3)
|
|
pr_debug("failed: wrong count for bp2\n");
|
|
|
|
if (count3 != 2)
|
|
pr_debug("failed: wrong count for bp3\n");
|
|
|
|
return count1 == 1 && overflows == 3 && count2 == 3 && overflows_2 == 3 && count3 == 2 ?
|
|
TEST_OK : TEST_FAIL;
|
|
}
|
|
|
|
bool test__bp_signal_is_supported(void)
|
|
{
|
|
/*
|
|
* PowerPC and S390 do not support creation of instruction
|
|
* breakpoints using the perf_event interface.
|
|
*
|
|
* ARM requires explicit rounding down of the instruction
|
|
* pointer in Thumb mode, and then requires the single-step
|
|
* to be handled explicitly in the overflow handler to avoid
|
|
* stepping into the SIGIO handler and getting stuck on the
|
|
* breakpointed instruction.
|
|
*
|
|
* Since arm64 has the same issue with arm for the single-step
|
|
* handling, this case also gets suck on the breakpointed
|
|
* instruction.
|
|
*
|
|
* Just disable the test for these architectures until these
|
|
* issues are resolved.
|
|
*/
|
|
#if defined(__powerpc__) || defined(__s390x__) || defined(__arm__) || \
|
|
defined(__aarch64__)
|
|
return false;
|
|
#else
|
|
return true;
|
|
#endif
|
|
}
|