From: Jiri Olsa <jolsa@redhat.com>
To: Andy Lutomirski <luto@amacapital.net>
Cc: Thomas Gleixner <tglx@linutronix.de>,
Jeff Merkey <linux.mdb@gmail.com>,
LKML <linux-kernel@vger.kernel.org>,
Ingo Molnar <mingo@redhat.com>, "H. Peter Anvin" <hpa@zytor.com>,
X86 ML <x86@kernel.org>, Peter Zijlstra <peterz@infradead.org>,
Andy Lutomirski <luto@kernel.org>,
Masami Hiramatsu <masami.hiramatsu.pt@hitachi.com>,
Steven Rostedt <rostedt@goodmis.org>,
Borislav Petkov <bp@alien8.de>, Jiri Olsa <jolsa@kernel.org>
Subject: Re: [PATCH 1/1] Fix int1 recursion when no perf_bp_event is registered
Date: Thu, 10 Dec 2015 20:20:24 +0100 [thread overview]
Message-ID: <20151210192024.GA5365@krava.redhat.com> (raw)
In-Reply-To: <CALCETrUaWxqyuyE2FqCs0ULPBdKMwCPtaoneyt4yBA8r5a5=yQ@mail.gmail.com>
On Thu, Dec 10, 2015 at 11:09:21AM -0800, Andy Lutomirski wrote:
> On Thu, Dec 10, 2015 at 10:55 AM, Thomas Gleixner <tglx@linutronix.de> wrote:
> > Jeff,
> >
> > On Thu, 10 Dec 2015, Jeff Merkey wrote:
> >
> >> If an int1 hardware breakpoint exception is triggered, but no perf bp
> >> pevent block was registered from arch_install_hw_breakpoint, the
> >> system will hard hang with the CPU stuck constantly re-interrupting at
> >> the same execution address because the resume flag never gets set, and
> >> the NOTIFY_DONE state prevents other int1 handlers, including the
> >> default handler in do_debug, from running to handle the condition.
> >> Can be reproduced by writing a program that sets an execute breakpoint
> >> at schedule() without calling arch_install_hw_breakpoint.
> >>
> >> The proposed fix checks the dr7 register and sets the resume flag in
> >> pt->regs if it determines an executed breakpoint was triggered just in
> >> case the check lower down fails. I have seen this bug and its a bug.
> >
> >> Signed-off-by: jeffmerkey@gmail.com
> >> diff --git a/arch/x86/kernel/hw_breakpoint.c b/arch/x86/kernel/hw_breakpoint.c
> >> index 50a3fad..6effcae 100644
> >> --- a/arch/x86/kernel/hw_breakpoint.c
> >> +++ b/arch/x86/kernel/hw_breakpoint.c
> >> @@ -475,6 +475,14 @@ static int hw_breakpoint_handler(struct die_args *args)
> >> for (i = 0; i < HBP_NUM; ++i) {
> >> if (likely(!(dr6 & (DR_TRAP0 << i))))
> >> continue;
> >> + /*
> >> + * Set up resume flag to avoid breakpoint recursion when
> >> + * returning back to origin in the event an int1
> >> + * exception is triggered and no event handler
> >> + * is present.
> >> + */
> >> + if ((dr7 & (3 << ((i * 4) + 16))) == 0)
> >
> > We have proper defines for all of this. See __encode_dr7().
> >
> >> + args->regs->flags |= X86_EFLAGS_RF;
> >
> > If there is a break point installed, then we do the same thing after
> > calling perf_bp_event() again.
>
> On brief inspection, this smells like a microcode bug. Can you send
> /proc/cpuinfo output?
>
> For example, this CPU and microcode combination is known bad:
>
> processor : 7
> vendor_id : AuthenticAMD
> cpu family : 21
> model : 2
> model name : AMD Opteron(tm) Processor 3380
> stepping : 0
> microcode : 0x6000832
>
> If this is the issue, I'm not sure we want to be in the business of
> working around localized microcode bugs and, if we do, then I think we
> should explicitly detect the bug and log about it.
seems like the issue we hit some time ago:
http://marc.info/?l=linux-kernel&m=143976421117070&w=2
jirka
next prev parent reply other threads:[~2015-12-10 19:20 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-12-10 7:12 [PATCH 1/1] Fix int1 recursion when no perf_bp_event is registered Jeff Merkey
2015-12-10 18:55 ` Thomas Gleixner
2015-12-10 19:09 ` Andy Lutomirski
2015-12-10 19:20 ` Jiri Olsa [this message]
2015-12-10 19:25 ` Borislav Petkov
2015-12-10 20:49 ` [PATCH 1/1] Fix int1 recursion when no perf_bp_event is registeredy Thomas Gleixner
2015-12-10 21:09 ` Andy Lutomirski
2015-12-10 21:15 ` Thomas Gleixner
2015-12-10 21:26 ` Jeff Merkey
2015-12-10 21:16 ` Jeff Merkey
2015-12-14 8:09 ` Ingo Molnar
2015-12-14 8:13 ` Jeff Merkey
2015-12-14 8:26 ` Jeff Merkey
2015-12-14 9:28 ` Ingo Molnar
2015-12-14 17:52 ` Jeff Merkey
2015-12-14 17:56 ` Andy Lutomirski
2015-12-14 18:16 ` Jeff Merkey
2015-12-14 18:18 ` Jeff Merkey
2015-12-10 21:11 ` Jeff Merkey
2015-12-10 22:26 ` Jeff Merkey
2015-12-11 8:05 ` [PATCH v2 " Jeff Merkey
2015-12-11 19:04 ` Jeff Merkey
2015-12-13 23:11 ` Jeff Merkey
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20151210192024.GA5365@krava.redhat.com \
--to=jolsa@redhat.com \
--cc=bp@alien8.de \
--cc=hpa@zytor.com \
--cc=jolsa@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux.mdb@gmail.com \
--cc=luto@amacapital.net \
--cc=luto@kernel.org \
--cc=masami.hiramatsu.pt@hitachi.com \
--cc=mingo@redhat.com \
--cc=peterz@infradead.org \
--cc=rostedt@goodmis.org \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.