From patchwork Tue Sep 30 16:42:44 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 38164 Return-Path: X-Original-To: linaro@patches.linaro.org Delivered-To: linaro@patches.linaro.org Received: from mail-lb0-f198.google.com (mail-lb0-f198.google.com [209.85.217.198]) by ip-10-151-82-157.ec2.internal (Postfix) with ESMTPS id E61BB2032C for ; Tue, 30 Sep 2014 16:44:59 +0000 (UTC) Received: by mail-lb0-f198.google.com with SMTP id b6sf723786lbj.5 for ; Tue, 30 Sep 2014 09:44:58 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:delivered-to:from:to:date:message-id:cc:subject :precedence:list-id:list-unsubscribe:list-post:list-help :list-subscribe:mime-version:sender:errors-to:x-original-sender :x-original-authentication-results:mailing-list:list-archive :content-type:content-transfer-encoding; bh=99GcGtyn6J3MxF/yFtVDbQw4sLDloaQqc6oD9xaOdX8=; b=mA7/j/QI+93rsJJz7AJzjxIbWzvG3hzE46b9nnT/63tAgOeW33HNcGRMye1li0S/yS xgIh+s/PbIOJ0WOL3Fe5xCRAOuLkAwo6urJyolXW/LzgxbIR2Ma4HV8Cq14/sQBWWdBF co5wMqx0BScv9OlrCvqrtPIlhhFXHZnIlydjB4HNfJhLmYPs8ANKAQ6N8Dw90eRvZ+s3 Yc/1HwIjhC+4+U8fR8gneVKh9vPk7FsXZ6K9RA7mEoVIN/ZDND/kp0ntPnmo8pAn7+AK N8NVPgrxWnPmuICIjz0yBHZy+iKfNPPcKmzPQ1WtRzwebE2N5UPz2QWbs5CsJXfVYxsh OG/w== X-Gm-Message-State: ALoCoQmp8K0QdzWrTo8cMxwOuUJ2gzzZvXCvVDg9qJeHM28LMtfdB5KXno/nTaefoNdzM4vVEQHb X-Received: by 10.194.57.237 with SMTP id l13mr277329wjq.7.1412095498645; Tue, 30 Sep 2014 09:44:58 -0700 (PDT) X-BeenThere: patchwork-forward@linaro.org Received: by 10.152.28.73 with SMTP id z9ls62656lag.55.gmail; Tue, 30 Sep 2014 09:44:58 -0700 (PDT) X-Received: by 10.112.13.232 with SMTP id k8mr44961208lbc.81.1412095498479; Tue, 30 Sep 2014 09:44:58 -0700 (PDT) Received: from mail-la0-f47.google.com (mail-la0-f47.google.com [209.85.215.47]) by mx.google.com with ESMTPS id z8si17055589lbf.132.2014.09.30.09.44.58 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 30 Sep 2014 09:44:58 -0700 (PDT) Received-SPF: pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 209.85.215.47 as permitted sender) client-ip=209.85.215.47; Received: by mail-la0-f47.google.com with SMTP id mc6so20929565lab.34 for ; Tue, 30 Sep 2014 09:44:58 -0700 (PDT) X-Received: by 10.152.22.137 with SMTP id d9mr49222876laf.29.1412095498381; Tue, 30 Sep 2014 09:44:58 -0700 (PDT) X-Forwarded-To: patchwork-forward@linaro.org X-Forwarded-For: patch@linaro.org patchwork-forward@linaro.org Delivered-To: patch@linaro.org Received: by 10.112.130.169 with SMTP id of9csp382959lbb; Tue, 30 Sep 2014 09:44:57 -0700 (PDT) X-Received: by 10.224.121.80 with SMTP id g16mr51097401qar.64.1412095496770; Tue, 30 Sep 2014 09:44:56 -0700 (PDT) Received: from lists.xen.org (lists.xen.org. [50.57.142.19]) by mx.google.com with ESMTPS id k7si18993602qao.25.2014.09.30.09.44.55 for (version=TLSv1 cipher=RC4-SHA bits=128/128); Tue, 30 Sep 2014 09:44:55 -0700 (PDT) Received-SPF: none (google.com: xen-devel-bounces@lists.xen.org does not designate permitted sender hosts) client-ip=50.57.142.19; Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1XZ0Vs-0002Gm-6N; Tue, 30 Sep 2014 16:42:56 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1XZ0Vp-0002GV-SR for xen-devel@lists.xenproject.org; Tue, 30 Sep 2014 16:42:54 +0000 Received: from [193.109.254.147:56366] by server-7.bemta-14.messagelabs.com id 63/32-13362-D8DDA245; Tue, 30 Sep 2014 16:42:53 +0000 X-Env-Sender: julien.grall@linaro.org X-Msg-Ref: server-5.tower-27.messagelabs.com!1412095372!7906360!1 X-Originating-IP: [74.125.82.46] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.12.2; banners=-,-,- X-VirusChecked: Checked Received: (qmail 1523 invoked from network); 30 Sep 2014 16:42:52 -0000 Received: from mail-wg0-f46.google.com (HELO mail-wg0-f46.google.com) (74.125.82.46) by server-5.tower-27.messagelabs.com with RC4-SHA encrypted SMTP; 30 Sep 2014 16:42:52 -0000 Received: by mail-wg0-f46.google.com with SMTP id k14so5406706wgh.5 for ; Tue, 30 Sep 2014 09:42:51 -0700 (PDT) X-Received: by 10.194.157.135 with SMTP id wm7mr13968691wjb.117.1412095371729; Tue, 30 Sep 2014 09:42:51 -0700 (PDT) Received: from belegaer.uk.xensource.com ([185.25.64.249]) by mx.google.com with ESMTPSA id q2sm15702919wiy.23.2014.09.30.09.42.50 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 30 Sep 2014 09:42:50 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Tue, 30 Sep 2014 17:42:44 +0100 Message-Id: <1412095364-2498-1-git-send-email-julien.grall@linaro.org> X-Mailer: git-send-email 1.7.10.4 Cc: stefano.stabellini@citrix.com, Julien Grall , tim@xen.org, ian.campbell@citrix.com Subject: [Xen-devel] [PATCH v4 for 4.5] xen/arm: Correctly support WARN_ON X-BeenThere: xen-devel@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Post: , List-Help: , List-Subscribe: , MIME-Version: 1.0 Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org X-Removed-Original-Auth: Dkim didn't pass. X-Original-Sender: julien.grall@linaro.org X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 209.85.215.47 as permitted sender) smtp.mail=patch+caf_=patchwork-forward=linaro.org@linaro.org Mailing-list: list patchwork-forward@linaro.org; contact patchwork-forward+owners@linaro.org X-Google-Group-Id: 836684582541 List-Archive: Currently the hypervisor will hang if it hits a WARN_ON. The implemention uses an undefined instruction, made ourself because ARM doesn't provide one, to implement BUG/ASSERT/WARN_ON, and sets up the different tables (one for each type) which contain useful information. This is based on the x86 implementation (include/asm-x86/bug.h). Unfortunately the structure can't be shared because many ARM{32,64} gcc versions doesn't correctly support %c. The support of executing a function in an exception handler is also keep unimplemented on ARM. Therefore, dump_execution_state is implement as WARN() The current opcode used to go in exception mode may not be undefined on ARM64. Use the instruction "brk" to generate a software debug exception. Signed-off-by: Julien Grall --- This is a bug fix for Xen 4.5. It make WARN_ON working correctly when it has been hit in the hypervisor. Changes in v4: - Check if the regs represents an hyp mode view rather than checking HCR_EL2.TGE and MDCR_EL2.TDE. Changes in v3: - Typoes - Uppercase first letter of each word of do_unexpected_trap - Check that PC is effectly a multiple of 4 for ARM32 - Make BUG_ON/WARN/ASSERT working during early boot (i.e when a current is not correctly set) - Check that HCR.EL2.TGE and MDCR_EL2.TDE are not set - Replace regs->pc by the local variable pc in arch/arm/arm32/traps.c Changes in v2: - Missing static in do_bug_frame prototype - Add support for ARM64 by using the instruction brk - Implement dump_execution_state as WARN --- xen/arch/arm/arm32/traps.c | 23 +++++++++ xen/arch/arm/traps.c | 107 ++++++++++++++++++++++++++++++++++++++- xen/arch/arm/xen.lds.S | 8 +++ xen/include/asm-arm/arm32/bug.h | 13 +++++ xen/include/asm-arm/arm64/bug.h | 10 ++++ xen/include/asm-arm/bug.h | 77 ++++++++++++++++++++++++++-- xen/include/asm-arm/debugger.h | 2 +- xen/include/asm-arm/processor.h | 18 ++++++- 8 files changed, 252 insertions(+), 6 deletions(-) create mode 100644 xen/include/asm-arm/arm32/bug.h create mode 100644 xen/include/asm-arm/arm64/bug.h diff --git a/xen/arch/arm/arm32/traps.c b/xen/arch/arm/arm32/traps.c index ff0b945..f8cf864 100644 --- a/xen/arch/arm/arm32/traps.c +++ b/xen/arch/arm/arm32/traps.c @@ -18,6 +18,7 @@ #include #include +#include #include @@ -25,6 +26,28 @@ asmlinkage void do_trap_undefined_instruction(struct cpu_user_regs *regs) { + uint32_t pc = regs->pc; + uint32_t instr; + + if ( !is_kernel_text(pc) && + (system_state >= SYS_STATE_active || !is_kernel_inittext(pc)) ) + goto die; + + /* PC should be always a multiple of 4, as Xen is using ARM instruction set */ + if ( regs->pc & 0x3 ) + goto die; + + instr = *((uint32_t *)pc); + if ( instr != BUG_OPCODE ) + goto die; + + if ( do_bug_frame(regs, pc) ) + goto die; + + regs->pc += 4; + return; + +die: do_unexpected_trap("Undefined Instruction", regs); } diff --git a/xen/arch/arm/traps.c b/xen/arch/arm/traps.c index 4b4b4e0..f6fc8f8 100644 --- a/xen/arch/arm/traps.c +++ b/xen/arch/arm/traps.c @@ -32,6 +32,7 @@ #include #include #include +#include #include #include #include @@ -1050,6 +1051,102 @@ void do_unexpected_trap(const char *msg, struct cpu_user_regs *regs) panic("CPU%d: Unexpected Trap: %s\n", smp_processor_id(), msg); } +int do_bug_frame(struct cpu_user_regs *regs, vaddr_t pc) +{ + const struct bug_frame *bug; + const char *prefix = "", *filename, *predicate; + unsigned long fixup; + int id, lineno; + static const struct bug_frame *const stop_frames[] = { + __stop_bug_frames_0, + __stop_bug_frames_1, + __stop_bug_frames_2, + NULL + }; + + for ( bug = __start_bug_frames, id = 0; stop_frames[id]; ++bug ) + { + while ( unlikely(bug == stop_frames[id]) ) + ++id; + + if ( ((vaddr_t)bug_loc(bug)) == pc ) + break; + } + + if ( !stop_frames[id] ) + return -ENOENT; + + /* WARN, BUG or ASSERT: decode the filename pointer and line number. */ + filename = bug_file(bug); + if ( !is_kernel(filename) ) + return -EINVAL; + fixup = strlen(filename); + if ( fixup > 50 ) + { + filename += fixup - 47; + prefix = "..."; + } + lineno = bug_line(bug); + + switch ( id ) + { + case BUGFRAME_warn: + printk("Xen WARN at %s%s:%d\n", prefix, filename, lineno); + show_execution_state(regs); + return 0; + + case BUGFRAME_bug: + printk("Xen BUG at %s%s:%d\n", prefix, filename, lineno); + + if ( debugger_trap_fatal(TRAP_invalid_op, regs) ) + return 0; + + show_execution_state(regs); + panic("Xen BUG at %s%s:%d", prefix, filename, lineno); + + case BUGFRAME_assert: + /* ASSERT: decode the predicate string pointer. */ + predicate = bug_msg(bug); + if ( !is_kernel(predicate) ) + predicate = ""; + + printk("Assertion '%s' failed at %s%s:%d\n", + predicate, prefix, filename, lineno); + if ( debugger_trap_fatal(TRAP_invalid_op, regs) ) + return 0; + show_execution_state(regs); + panic("Assertion '%s' failed at %s%s:%d", + predicate, prefix, filename, lineno); + } + + return -EINVAL; +} + +#ifdef CONFIG_ARM_64 +static void do_trap_brk(struct cpu_user_regs *regs, union hsr hsr) +{ + /* HCR_EL2.TGE and MDCR_EL2.TDE are not set so we never receive + * software breakpoint exception for EL1 and EL0 here. + */ + BUG_ON(!hyp_mode(regs)); + + switch (hsr.brk.comment) + { + case BRK_BUG_FRAME: + if ( do_bug_frame(regs, regs->pc) ) + goto die; + + regs->pc += 4; + + break; + + default: +die: + do_unexpected_trap("Undefined Breakpoint Value", regs); + } +} +#endif + typedef register_t (*arm_hypercall_fn_t)( register_t, register_t, register_t, register_t, register_t); @@ -1921,7 +2018,8 @@ asmlinkage void do_trap_hypervisor(struct cpu_user_regs *regs) * correctly (See XSA-102). Until that is resolved we treat any * trap from 32-bit userspace on 64-bit kernel as undefined. */ - if ( is_64bit_domain(current->domain) && psr_mode_is_32bit(regs->cpsr) ) + if ( !hyp_mode(regs) && is_64bit_domain(current->domain) && + psr_mode_is_32bit(regs->cpsr) ) { inject_undef_exception(regs, hsr.len); return; @@ -2006,6 +2104,13 @@ asmlinkage void do_trap_hypervisor(struct cpu_user_regs *regs) case HSR_EC_DATA_ABORT_LOWER_EL: do_trap_data_abort_guest(regs, hsr); break; + +#ifdef CONFIG_ARM_64 + case HSR_EC_BRK: + do_trap_brk(regs, hsr); + break; +#endif + default: bad_trap: printk("Hypervisor Trap. HSR=0x%x EC=0x%x IL=%x Syndrome=0x%"PRIx32"\n", diff --git a/xen/arch/arm/xen.lds.S b/xen/arch/arm/xen.lds.S index 079e085..cca1d8c 100644 --- a/xen/arch/arm/xen.lds.S +++ b/xen/arch/arm/xen.lds.S @@ -40,6 +40,14 @@ SECTIONS . = ALIGN(PAGE_SIZE); .rodata : { _srodata = .; /* Read-only data */ + /* Bug frames table */ + __start_bug_frames = .; + *(.bug_frames.0) + __stop_bug_frames_0 = .; + *(.bug_frames.1) + __stop_bug_frames_1 = .; + *(.bug_frames.2) + __stop_bug_frames_2 = .; *(.rodata) *(.rodata.*) _erodata = .; /* End of read-only data */ diff --git a/xen/include/asm-arm/arm32/bug.h b/xen/include/asm-arm/arm32/bug.h new file mode 100644 index 0000000..155b420 --- /dev/null +++ b/xen/include/asm-arm/arm32/bug.h @@ -0,0 +1,13 @@ +#ifndef __ARM_ARM32_BUG_H__ +#define __ARM_ARM32_BUG_H__ + +#include + +/* ARMv7 provides a list of undefined opcode (see A8.8.247 DDI 0406C.b) + * Use one them encoding A1 to go in exception mode + */ +#define BUG_OPCODE 0xe7f00f0 + +#define BUG_INSTR ".word " __stringify(BUG_OPCODE) + +#endif /* __ARM_ARM32_BUG_H__ */ diff --git a/xen/include/asm-arm/arm64/bug.h b/xen/include/asm-arm/arm64/bug.h new file mode 100644 index 0000000..42b0e4f --- /dev/null +++ b/xen/include/asm-arm/arm64/bug.h @@ -0,0 +1,10 @@ +#ifndef __ARM_ARM64_BUG_H__ +#define __ARM_ARM64_BUG_H__ + +#include + +#define BRK_BUG_FRAME 1 + +#define BUG_INSTR "brk " __stringify(BRK_BUG_FRAME) + +#endif /* __ARM_ARM64_BUG_H__ */ diff --git a/xen/include/asm-arm/bug.h b/xen/include/asm-arm/bug.h index 458c818..ab9e811 100644 --- a/xen/include/asm-arm/bug.h +++ b/xen/include/asm-arm/bug.h @@ -1,10 +1,81 @@ #ifndef __ARM_BUG_H__ #define __ARM_BUG_H__ -#define BUG() __bug(__FILE__, __LINE__) -#define WARN() __warn(__FILE__, __LINE__) +#include -#endif /* __X86_BUG_H__ */ +#if defined(CONFIG_ARM_32) +# include +#elif defined(CONFIG_ARM_64) +# include +#else +# error "unknown ARM variant" +#endif + +#define BUG_DISP_WIDTH 24 +#define BUG_LINE_LO_WIDTH (31 - BUG_DISP_WIDTH) +#define BUG_LINE_HI_WIDTH (31 - BUG_DISP_WIDTH) + +struct bug_frame { + signed int loc_disp; /* Relative address to the bug address */ + signed int file_disp; /* Relative address to the filename */ + signed int msg_disp; /* Relative address to the predicate (for ASSERT) */ + uint16_t line; /* Line number */ + uint32_t pad0:16; /* Padding for 8-bytes align */ +}; + +#define bug_loc(b) ((const void *)(b) + (b)->loc_disp) +#define bug_file(b) ((const void *)(b) + (b)->file_disp); +#define bug_line(b) ((b)->line) +#define bug_msg(b) ((const char *)(b) + (b)->msg_disp) + +#define BUGFRAME_warn 0 +#define BUGFRAME_bug 1 +#define BUGFRAME_assert 2 + +/* Many versions of GCC doesn't support the asm %c parameter which would + * be preferable to this unpleasantness. We use mergeable string + * sections to avoid multiple copies of the string appearing in the + * Xen image. + */ +#define BUG_FRAME(type, line, file, has_msg, msg) do { \ + BUILD_BUG_ON((line) >> 16); \ + asm ("1:"BUG_INSTR"\n" \ + ".pushsection .rodata.str, \"aMS\", %progbits, 1\n" \ + "2:\t.asciz " __stringify(file) "\n" \ + "3:\n" \ + ".if " #has_msg "\n" \ + "\t.asciz " #msg "\n" \ + ".endif\n" \ + ".popsection\n" \ + ".pushsection .bug_frames." __stringify(type) ", \"a\", %progbits\n"\ + "4:\n" \ + ".long (1b - 4b)\n" \ + ".long (2b - 4b)\n" \ + ".long (3b - 4b)\n" \ + ".hword " __stringify(line) ", 0\n" \ + ".popsection"); \ +} while (0) + +#define WARN() BUG_FRAME(BUGFRAME_warn, __LINE__, __FILE__, 0, "") + +#define BUG() do { \ + BUG_FRAME(BUGFRAME_bug, __LINE__, __FILE__, 0, ""); \ + unreachable(); \ +} while (0) + +#define assert_failed(msg) do { \ + BUG_FRAME(BUGFRAME_assert, __LINE__, __FILE__, 1, msg); \ + unreachable(); \ +} while (0) + +extern const struct bug_frame __start_bug_frames[], + __stop_bug_frames_0[], + __stop_bug_frames_1[], + __stop_bug_frames_2[]; + +int do_bug_frame(struct cpu_user_regs *regs, vaddr_t pc); + +#endif /* __ARM_BUG_H__ */ /* * Local variables: * mode: C diff --git a/xen/include/asm-arm/debugger.h b/xen/include/asm-arm/debugger.h index 916860b..ac776ef 100644 --- a/xen/include/asm-arm/debugger.h +++ b/xen/include/asm-arm/debugger.h @@ -1,7 +1,7 @@ #ifndef __ARM_DEBUGGER_H__ #define __ARM_DEBUGGER_H__ -#define debugger_trap_fatal(v, r) ((void) 0) +#define debugger_trap_fatal(v, r) (0) #define debugger_trap_immediate() ((void) 0) #endif /* __ARM_DEBUGGER_H__ */ diff --git a/xen/include/asm-arm/processor.h b/xen/include/asm-arm/processor.h index 07a421c..e719c26 100644 --- a/xen/include/asm-arm/processor.h +++ b/xen/include/asm-arm/processor.h @@ -3,6 +3,7 @@ #include #include +#include /* MIDR Main ID Register */ #define MIDR_MASK 0xff0ffff0 @@ -179,6 +180,7 @@ #define HDCR_TDRA (_AC(1,U)<<11) /* Trap Debug ROM access */ #define HDCR_TDOSA (_AC(1,U)<<10) /* Trap Debug-OS-related register access */ #define HDCR_TDA (_AC(1,U)<<9) /* Trap Debug Access */ +#define HDCR_TDE (_AC(1,U)<<8) /* Route Soft Debug exceptions from EL1/EL1 to EL2 */ #define HDCR_TPM (_AC(1,U)<<6) /* Trap Performance Monitors accesses */ #define HDCR_TPMCR (_AC(1,U)<<5) /* Trap PMCR accesses */ @@ -205,6 +207,9 @@ #define HSR_EC_INSTR_ABORT_CURR_EL 0x21 #define HSR_EC_DATA_ABORT_LOWER_EL 0x24 #define HSR_EC_DATA_ABORT_CURR_EL 0x25 +#ifdef CONFIG_ARM_64 +#define HSR_EC_BRK 0x3c +#endif /* FSR format, common */ #define FSR_LPAE (_AC(1,UL)<<9) @@ -452,6 +457,17 @@ union hsr { unsigned long len:1; /* Instruction length */ unsigned long ec:6; /* Exception Class */ } dabt; /* HSR_EC_DATA_ABORT_* */ + +#ifdef CONFIG_ARM_64 + struct hsr_brk { + unsigned long comment:16; /* Comment */ + unsigned long res0:9; + unsigned long len:1; /* Instruction length */ + unsigned long ec:6; /* Exception Class */ + } brk; +#endif + + }; #endif @@ -583,7 +599,7 @@ void panic_PAR(uint64_t par); void show_execution_state(struct cpu_user_regs *regs); void show_registers(struct cpu_user_regs *regs); //#define dump_execution_state() run_in_exception_handler(show_execution_state) -#define dump_execution_state() asm volatile (".word 0xe7f000f0\n"); /* XXX */ +#define dump_execution_state() WARN() #define cpu_relax() barrier() /* Could yield? */