From: Frederic Weisbecker <fweisbec@gmail.com>
To: "K.Prasad" <prasad@linux.vnet.ibm.com>
Cc: Ingo Molnar <mingo@elte.hu>, LKML <linux-kernel@vger.kernel.org>,
Li Zefan <lizf@cn.fujitsu.com>,
Alan Stern <stern@rowland.harvard.edu>,
Peter Zijlstra <peterz@infradead.org>,
Arnaldo Carvalho de Melo <acme@redhat.com>,
Steven Rostedt <rostedt@goodmis.org>,
Jan Kiszka <jan.kiszka@web.de>, Jiri Slaby <jirislaby@gmail.com>,
Avi Kivity <avi@redhat.com>, Paul Mackerras <paulus@samba.org>,
Mike Galbraith <efault@gmx.de>,
Masami Hiramatsu <mhiramat@redhat.com>,
Paul Mundt <lethal@linux-sh.org>,
Arjan van de Ven <arjan@linux.intel.com>,
paulus@in.ibm.com
Subject: Re: [PATCH 5/7 v6] hw-breakpoints: Rewrite the hw-breakpoints layer on top of perf events
Date: Tue, 17 Nov 2009 02:36:19 +0100 [thread overview]
Message-ID: <20091117013617.GF5293@nowhere> (raw)
In-Reply-To: <20091112042502.GA3145@in.ibm.com>
On Thu, Nov 12, 2009 at 09:55:02AM +0530, K.Prasad wrote:
>
> I forgot to mention another potential bug here...
>
> static int ptrace_write_dr7(struct task_struct *tsk, unsigned long data)
> {
> ..
> ...
> restore:
> /*
> * Loop through all the hardware breakpoints, making the
> * appropriate changes to each.
> */
> for (i = 0; i < HBP_NUM; i++) {
> enabled = decode_dr7(data, i, &len, &type);
> bp = thread->ptrace_bps[i];
>
> if (!enabled) {
> if (bp) {
> /*
> * Don't unregister the breakpoints right-away,
> * unless all register_user_hw_breakpoint()
> * requests have succeeded. This prevents
> * any window of opportunity for debug
> * register grabbing by other users.
> */
> if (!second_pass)
> continue;
> thread->ptrace_bps[i] = NULL;
> unregister_hw_breakpoint(bp);
> }
> continue;
> }
>
> So, the breakpoint is unregistered whenever bits corresponding to
> DR0-DR3 are set to a disabled state in DR7.
>
> /*
> * We shoud have at least an inactive breakpoint at this
> * slot. It means the user is writing dr7 without having
> * written the address register first
> */
> if (!bp) {
> rc = -EINVAL;
> break;
> }
> ..
> ...
> }
>
> Now think of the following sequence of write operations through ptrace:
> 1. Populate address in DRn (where 0 <= n <= 3) (breakpoint registration)
> 2. Enable corresponding bits in DR7 (modify breakpoint to active state)
> 3. Disable bits in DR7 (unregister breakpoint)
> 4. Enable bits in DR7 (returns with failure)
>
> The assumption that every 'enable' operation in DR7 is preceded by a
> write operation on DR0-DR3 need not be always true.
Right. It just works with gdb because it usually rewrite the whole
sequence while reactivating a breakpoint (addr rewrite + dr7 enable).
But still you're right in that this is buggy. The use of an array
of struct arch_hw_breakpoint per thread should solve it.
Thanks.
next prev parent reply other threads:[~2009-11-17 1:36 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-11-08 15:28 [GIT PULL v6] hw-breakpoints: Rewrite on top of perf events v6 Frederic Weisbecker
2009-11-08 15:28 ` [PATCH 1/7 v6] perf/core: Provide a kernel-internal interface to get to performance counters Frederic Weisbecker
2009-11-08 15:28 ` [PATCH 2/7 v6] x86/hw-breakpoints: Actually flush thread breakpoints in flush_thread() Frederic Weisbecker
2009-11-08 15:28 ` [PATCH 3/7 v6] perf/core: Add a callback to perf events Frederic Weisbecker
2009-11-17 11:28 ` Peter Zijlstra
2009-11-18 0:18 ` Frederic Weisbecker
2009-11-18 9:31 ` Peter Zijlstra
2009-11-19 15:43 ` Frederic Weisbecker
2009-11-19 22:40 ` Peter Zijlstra
2009-11-08 15:28 ` [PATCH 4/7 v6] hw-breakpoint: Move asm-generic/hw_breakpoint.h to linux/hw_breakpoint.h Frederic Weisbecker
2009-11-08 15:28 ` [PATCH 5/7 v6] hw-breakpoints: Rewrite the hw-breakpoints layer on top of perf events Frederic Weisbecker
2009-11-08 17:24 ` Jan Kiszka
2009-11-12 14:32 ` Frederic Weisbecker
2009-11-11 13:02 ` K.Prasad
2009-11-12 4:25 ` K.Prasad
2009-11-17 1:36 ` Frederic Weisbecker [this message]
2009-11-17 1:31 ` Frederic Weisbecker
2009-11-17 11:30 ` Peter Zijlstra
2009-11-18 0:19 ` Frederic Weisbecker
2009-11-08 15:29 ` [PATCH 6/7 v6] hw-breakpoints: Arbitrate access to pmu following registers constraints Frederic Weisbecker
2009-11-08 15:29 ` [PATCH 7/7 v6] ksym_tracer: Remove KSYM_SELFTEST_ENTRY Frederic Weisbecker
2009-11-08 17:03 ` [GIT PULL v6] hw-breakpoints: Rewrite on top of perf events v6 Ingo Molnar
2009-11-24 9:44 ` K.Prasad
2009-11-24 10:13 ` Ingo Molnar
2009-11-24 13:21 ` K.Prasad
2009-11-26 5:59 ` Frederic Weisbecker
2009-11-27 19:07 ` K.Prasad
2009-12-01 6:43 ` Frederic Weisbecker
2009-11-26 5:47 ` Frederic Weisbecker
2009-11-26 9:01 ` Ingo Molnar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20091117013617.GF5293@nowhere \
--to=fweisbec@gmail.com \
--cc=acme@redhat.com \
--cc=arjan@linux.intel.com \
--cc=avi@redhat.com \
--cc=efault@gmx.de \
--cc=jan.kiszka@web.de \
--cc=jirislaby@gmail.com \
--cc=lethal@linux-sh.org \
--cc=linux-kernel@vger.kernel.org \
--cc=lizf@cn.fujitsu.com \
--cc=mhiramat@redhat.com \
--cc=mingo@elte.hu \
--cc=paulus@in.ibm.com \
--cc=paulus@samba.org \
--cc=peterz@infradead.org \
--cc=prasad@linux.vnet.ibm.com \
--cc=rostedt@goodmis.org \
--cc=stern@rowland.harvard.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox