* [BUG]QEMU jump into interrupt when single-stepping on aarch64
@ 2022-04-06 14:30 Shuai Xue
2022-04-06 16:57 ` Richard Henderson
0 siblings, 1 reply; 4+ messages in thread
From: Shuai Xue @ 2022-04-06 14:30 UTC (permalink / raw)
To: qemu-devel
Dear, folks,
I try to debug Linux kernel with QEMU in single-stepping mode on aarch64 platform,
the added breakpoint hits but after I type `step`, the gdb always jumps into interrupt.
My env:
gdb-10.2
qemu-6.2.0
host kernel: 5.10.84
VM kernel: 5.10.84
The steps to reproduce:
# host console: run a VM with only one core, the import arg: <qemu:arg value='-s'/>
# details can be found here: https://www.redhat.com/en/blog/debugging-kernel-qemulibvirt
virsh create dev_core0.xml
# run gdb client
gdb ./vmlinux
# gdb client on host console
(gdb) dir ./usr/src/debug/kernel-5.10.84/linux-5.10.84-004.alpha.ali5000.alios7.aarch64
(gdb) target remote localhost:1234
(gdb) info b
Num Type Disp Enb Address What
1 breakpoint keep y <MULTIPLE>
1.1 y 0xffff800010361444 mm/memory-failure.c:1318
1.2 y 0xffff800010361450 in memory_failure
at mm/memory-failure.c:1488
(gdb) c
Continuing.
# console in VM, use madvise to inject a hwposion at virtual address vaddr,
# which will hit the b inmemory_failur: madvise(vaddr, pagesize, MADV_HWPOISON);
# and the VM pause
./run_madvise.c
# gdb client on host console
(gdb)
Continuing.
Breakpoint 1, 0xffff800010361444 in memory_failure () at mm/memory-failure.c:1318
1318 res = -EHWPOISON;
(gdb) n
vectors () at arch/arm64/kernel/entry.S:552
552 kernel_ventry 1, irq // IRQ EL1h
(gdb) n
(gdb) n
(gdb) n
(gdb) n
gic_handle_irq (regs=0xffff8000147c3b80) at drivers/irqchip/irq-gic-v3.c:721
# after several step, I got the irqnr
(gdb) p irqnr
$5 = 8262
Sometimes, the irqnr is 27, which is used for arch_timer.
I was wondering do you have any comments on this? And feedback are welcomed.
Thank you.
Best Regards.
Shuai
^ permalink raw reply [flat|nested] 4+ messages in thread* Re: [BUG]QEMU jump into interrupt when single-stepping on aarch64 2022-04-06 14:30 [BUG]QEMU jump into interrupt when single-stepping on aarch64 Shuai Xue @ 2022-04-06 16:57 ` Richard Henderson 2022-04-07 4:10 ` Shuai Xue 0 siblings, 1 reply; 4+ messages in thread From: Richard Henderson @ 2022-04-06 16:57 UTC (permalink / raw) To: Shuai Xue, qemu-devel On 4/6/22 09:30, Shuai Xue wrote: > Dear, folks, > > I try to debug Linux kernel with QEMU in single-stepping mode on aarch64 platform, > the added breakpoint hits but after I type `step`, the gdb always jumps into interrupt. > > My env: > > gdb-10.2 > qemu-6.2.0 > host kernel: 5.10.84 > VM kernel: 5.10.84 > > The steps to reproduce: > # host console: run a VM with only one core, the import arg: <qemu:arg value='-s'/> > # details can be found here: https://www.redhat.com/en/blog/debugging-kernel-qemulibvirt > virsh create dev_core0.xml > > # run gdb client > gdb ./vmlinux > > # gdb client on host console > (gdb) dir ./usr/src/debug/kernel-5.10.84/linux-5.10.84-004.alpha.ali5000.alios7.aarch64 > (gdb) target remote localhost:1234 > (gdb) info b > Num Type Disp Enb Address What > 1 breakpoint keep y <MULTIPLE> > 1.1 y 0xffff800010361444 mm/memory-failure.c:1318 > 1.2 y 0xffff800010361450 in memory_failure > at mm/memory-failure.c:1488 > (gdb) c > Continuing. > > # console in VM, use madvise to inject a hwposion at virtual address vaddr, > # which will hit the b inmemory_failur: madvise(vaddr, pagesize, MADV_HWPOISON); > # and the VM pause > ./run_madvise.c > > # gdb client on host console > (gdb) > Continuing. > Breakpoint 1, 0xffff800010361444 in memory_failure () at mm/memory-failure.c:1318 > 1318 res = -EHWPOISON; > (gdb) n > vectors () at arch/arm64/kernel/entry.S:552 > 552 kernel_ventry 1, irq // IRQ EL1h The 'n' command is not a single-step: use stepi, which will suppress interrupts. Anyway, not a bug. r~ ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [BUG]QEMU jump into interrupt when single-stepping on aarch64 2022-04-06 16:57 ` Richard Henderson @ 2022-04-07 4:10 ` Shuai Xue 2022-04-12 12:32 ` Shuai Xue 0 siblings, 1 reply; 4+ messages in thread From: Shuai Xue @ 2022-04-07 4:10 UTC (permalink / raw) To: Richard Henderson, qemu-devel 在 2022/4/7 AM12:57, Richard Henderson 写道: > On 4/6/22 09:30, Shuai Xue wrote: >> Dear, folks, >> >> I try to debug Linux kernel with QEMU in single-stepping mode on aarch64 platform, >> the added breakpoint hits but after I type `step`, the gdb always jumps into interrupt. >> >> My env: >> >> gdb-10.2 >> qemu-6.2.0 >> host kernel: 5.10.84 >> VM kernel: 5.10.84 >> >> The steps to reproduce: >> # host console: run a VM with only one core, the import arg: <qemu:arg value='-s'/> >> # details can be found here: https://www.redhat.com/en/blog/debugging-kernel-qemulibvirt >> virsh create dev_core0.xml >> >> # run gdb client >> gdb ./vmlinux >> >> # gdb client on host console >> (gdb) dir ./usr/src/debug/kernel-5.10.84/linux-5.10.84-004.alpha.ali5000.alios7.aarch64 >> (gdb) target remote localhost:1234 >> (gdb) info b >> Num Type Disp Enb Address What >> 1 breakpoint keep y <MULTIPLE> >> 1.1 y 0xffff800010361444 mm/memory-failure.c:1318 >> 1.2 y 0xffff800010361450 in memory_failure >> at mm/memory-failure.c:1488 >> (gdb) c >> Continuing. >> >> # console in VM, use madvise to inject a hwposion at virtual address vaddr, >> # which will hit the b inmemory_failur: madvise(vaddr, pagesize, MADV_HWPOISON); >> # and the VM pause >> ./run_madvise.c >> >> # gdb client on host console >> (gdb) >> Continuing. >> Breakpoint 1, 0xffff800010361444 in memory_failure () at mm/memory-failure.c:1318 >> 1318 res = -EHWPOISON; >> (gdb) n >> vectors () at arch/arm64/kernel/entry.S:552 >> 552 kernel_ventry 1, irq // IRQ EL1h > > The 'n' command is not a single-step: use stepi, which will suppress interrupts. > Anyway, not a bug. > > r~ Hi, Richard, Thank you for your quick reply, I also try `stepi`, but it does NOT work either. (gdb) c Continuing. Breakpoint 1, memory_failure (pfn=1273982, flags=1) at mm/memory-failure.c:1488 1488 { (gdb) stepi vectors () at arch/arm64/kernel/entry.S:552 552 kernel_ventry 1, irq // IRQ EL1h According to QEMU doc[1]: the default single stepping behavior is step with the IRQs and timer service routines off. I checked the MASK bits used to control the single stepping IE on my machine as bellow: # gdb client on host (x86 plafrom) (gdb) maintenance packet qqemu.sstepbits sending: "qqemu.sstepbits" received: "ENABLE=1,NOIRQ=2,NOTIMER=4" The sstep MASK looks as expected, but does not work as expected. I also try the same kernel and qemu version on X86 platform: >> gdb-10.2 >> qemu-6.2.0 >> host kernel: 5.10.84 >> VM kernel: 5.10.84 The command `n` jumps to the next instruction. # gdb client on host (x86 plafrom) (gdb) b memory-failure.c:1488 Breakpoint 1, memory_failure (pfn=1128931, flags=1) at mm/memory-failure.c:1488 1488 { (gdb) n 1497 if (!sysctl_memory_failure_recovery) (gdb) stepi 0xffffffff812efdbc 1497 if (!sysctl_memory_failure_recovery) (gdb) stepi 0xffffffff812efdbe 1497 if (!sysctl_memory_failure_recovery) (gdb) n 1500 p = pfn_to_online_page(pfn); (gdb) l 1496 1497 if (!sysctl_memory_failure_recovery) 1498 panic("Memory failure on page %lx", pfn); 1499 1500 p = pfn_to_online_page(pfn); 1501 if (!p) { Best Regrades, Shuai [1] https://github.com/qemu/qemu/blob/master/docs/system/gdb.rst ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [BUG]QEMU jump into interrupt when single-stepping on aarch64 2022-04-07 4:10 ` Shuai Xue @ 2022-04-12 12:32 ` Shuai Xue 0 siblings, 0 replies; 4+ messages in thread From: Shuai Xue @ 2022-04-12 12:32 UTC (permalink / raw) To: Richard Henderson, qemu-devel 在 2022/4/7 PM12:10, Shuai Xue 写道: > 在 2022/4/7 AM12:57, Richard Henderson 写道: >> On 4/6/22 09:30, Shuai Xue wrote: >>> Dear, folks, >>> >>> I try to debug Linux kernel with QEMU in single-stepping mode on aarch64 platform, >>> the added breakpoint hits but after I type `step`, the gdb always jumps into interrupt. >>> >>> My env: >>> >>> gdb-10.2 >>> qemu-6.2.0 >>> host kernel: 5.10.84 >>> VM kernel: 5.10.84 >>> >>> The steps to reproduce: >>> # host console: run a VM with only one core, the import arg: <qemu:arg value='-s'/> >>> # details can be found here: https://www.redhat.com/en/blog/debugging-kernel-qemulibvirt >>> virsh create dev_core0.xml >>> >>> # run gdb client >>> gdb ./vmlinux >>> >>> # gdb client on host console >>> (gdb) dir ./usr/src/debug/kernel-5.10.84/linux-5.10.84-004.alpha.ali5000.alios7.aarch64 >>> (gdb) target remote localhost:1234 >>> (gdb) info b >>> Num Type Disp Enb Address What >>> 1 breakpoint keep y <MULTIPLE> >>> 1.1 y 0xffff800010361444 mm/memory-failure.c:1318 >>> 1.2 y 0xffff800010361450 in memory_failure >>> at mm/memory-failure.c:1488 >>> (gdb) c >>> Continuing. >>> >>> # console in VM, use madvise to inject a hwposion at virtual address vaddr, >>> # which will hit the b inmemory_failur: madvise(vaddr, pagesize, MADV_HWPOISON); >>> # and the VM pause >>> ./run_madvise.c >>> >>> # gdb client on host console >>> (gdb) >>> Continuing. >>> Breakpoint 1, 0xffff800010361444 in memory_failure () at mm/memory-failure.c:1318 >>> 1318 res = -EHWPOISON; >>> (gdb) n >>> vectors () at arch/arm64/kernel/entry.S:552 >>> 552 kernel_ventry 1, irq // IRQ EL1h >> >> The 'n' command is not a single-step: use stepi, which will suppress interrupts. >> Anyway, not a bug. >> >> r~ > > Hi, Richard, > > Thank you for your quick reply, I also try `stepi`, but it does NOT work either. > > (gdb) c > Continuing. > > Breakpoint 1, memory_failure (pfn=1273982, flags=1) at mm/memory-failure.c:1488 > 1488 { > (gdb) stepi > vectors () at arch/arm64/kernel/entry.S:552 > 552 kernel_ventry 1, irq // IRQ EL1h > > According to QEMU doc[1]: the default single stepping behavior is step with the IRQs > and timer service routines off. I checked the MASK bits used to control the single > stepping IE on my machine as bellow: > > # gdb client on host (x86 plafrom) > (gdb) maintenance packet qqemu.sstepbits > sending: "qqemu.sstepbits" > received: "ENABLE=1,NOIRQ=2,NOTIMER=4" > > The sstep MASK looks as expected, but does not work as expected. > > I also try the same kernel and qemu version on X86 platform: >>> gdb-10.2 >>> qemu-6.2.0 >>> host kernel: 5.10.84 >>> VM kernel: 5.10.84 > > > The command `n` jumps to the next instruction. > > # gdb client on host (x86 plafrom) > (gdb) b memory-failure.c:1488 > Breakpoint 1, memory_failure (pfn=1128931, flags=1) at mm/memory-failure.c:1488 > 1488 { > (gdb) n > 1497 if (!sysctl_memory_failure_recovery) > (gdb) stepi > 0xffffffff812efdbc 1497 if (!sysctl_memory_failure_recovery) > (gdb) stepi > 0xffffffff812efdbe 1497 if (!sysctl_memory_failure_recovery) > (gdb) n > 1500 p = pfn_to_online_page(pfn); > (gdb) l > 1496 > 1497 if (!sysctl_memory_failure_recovery) > 1498 panic("Memory failure on page %lx", pfn); > 1499 > 1500 p = pfn_to_online_page(pfn); > 1501 if (!p) { > > Best Regrades, > Shuai > > > [1] https://github.com/qemu/qemu/blob/master/docs/system/gdb.rst Hi, Richard, I was wondering that do you have any comments to this? Best Regrades, Shuai ^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2022-04-12 12:55 UTC | newest] Thread overview: 4+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2022-04-06 14:30 [BUG]QEMU jump into interrupt when single-stepping on aarch64 Shuai Xue 2022-04-06 16:57 ` Richard Henderson 2022-04-07 4:10 ` Shuai Xue 2022-04-12 12:32 ` Shuai Xue
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).