[PATCH v4 04/10] linux-user: Detect and report host crashes

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

From: Richard Henderson <richard.henderson@linaro.org>
To: qemu-devel@nongnu.org
Cc: deller@gmx.de
Subject: [PATCH v4 04/10] linux-user: Detect and report host crashes
Date: Tue, 22 Aug 2023 22:16:09 -0700	[thread overview]
Message-ID: <20230823051615.1297706-5-richard.henderson@linaro.org> (raw)
In-Reply-To: <20230823051615.1297706-1-richard.henderson@linaro.org>

From: Helge Deller <deller@gmx.de>

If there is an internal program error in the qemu source code which
raises SIGSEGV or SIGBUS, we currently assume the signal belongs to
the guest.

With an artificial error introduced, we will now print

QEMU internal SIGSEGV {si_code=1, si_addr=(nil)}
QEMU v8.1.50 target x86_64 running /usr/bin/cat
QEMU backtrace:
    ./qemu-x86_64(+0xf83d9) [0x55c48587a3d9]
    ./qemu-x86_64(+0xf8663) [0x55c48587a663]
    /lib/x86_64-linux-gnu/libc.so.6(+0x42520) [0x7f39eee42520]
    ./qemu-x86_64(+0x1132fa) [0x55c4858952fa]
    ./qemu-x86_64(+0x11396f) [0x55c48589596f]
    ./qemu-x86_64(+0x1140ef) [0x55c4858960ef]
    ./qemu-x86_64(+0x115796) [0x55c485897796]
    ./qemu-x86_64(+0x11f9dd) [0x55c4858a19dd]
    ./qemu-x86_64(+0x3f8da) [0x55c4857c18da]
    ./qemu-x86_64(+0xf3bfb) [0x55c485875bfb]
    /lib/x86_64-linux-gnu/libc.so.6(+0x29d90) [0x7f39eee29d90]
    /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0x80) [0x7f39eee29e40]
    ./qemu-x86_64(+0x39075) [0x55c4857bb075]
Aborted

Signed-off-by: Helge Deller <deller@gmx.de>
Message-Id: <20230812164314.352131-1-deller@gmx.de>
[rth: Use in_code_gen_buffer and die_with_signal]
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 linux-user/signal.c | 53 ++++++++++++++++++++++++++++++++++++++++-----
 1 file changed, 47 insertions(+), 6 deletions(-)

diff --git a/linux-user/signal.c b/linux-user/signal.c
index a77d003de6..529fea8bba 100644
--- a/linux-user/signal.c
+++ b/linux-user/signal.c
@@ -23,6 +23,7 @@
 
 #include <sys/ucontext.h>
 #include <sys/resource.h>
+#include <execinfo.h>
 
 #include "qemu.h"
 #include "user-internals.h"
@@ -32,6 +33,7 @@
 #include "signal-common.h"
 #include "host-signal.h"
 #include "user/safe-syscall.h"
+#include "tcg/tcg.h"
 
 static struct target_sigaction sigact_table[TARGET_NSIG];
 
@@ -797,6 +799,33 @@ static inline void rewind_if_in_safe_syscall(void *puc)
     }
 }
 
+static G_NORETURN
+void die_with_backtrace(siginfo_t *info)
+{
+    void *array[20];
+    int size;
+
+    fprintf(stderr,
+            "QEMU internal SIG%s {si_code=%d, si_addr=%p}\n"
+            "QEMU v" QEMU_VERSION " target " UNAME_MACHINE " running %s\n",
+            sigabbrev_np(info->si_signo), info->si_code, info->si_addr,
+            exec_path);
+
+    size = backtrace(array, ARRAY_SIZE(array));
+    if (size) {
+        char **strings = backtrace_symbols(array, size);
+        if (strings) {
+            fprintf(stderr, "QEMU backtrace:\n");
+            for (int i = 0; i < size; ++i) {
+                fprintf(stderr, "    %s\n", strings[i]);
+            }
+            free(strings);
+        }
+    }
+
+    abort();
+}
+
 static void host_signal_handler(int host_sig, siginfo_t *info, void *puc)
 {
     CPUArchState *env = thread_cpu->env_ptr;
@@ -832,16 +861,28 @@ static void host_signal_handler(int host_sig, siginfo_t *info, void *puc)
         is_write = host_signal_write(info, uc);
         access_type = adjust_signal_pc(&pc, is_write);
 
+        /* If this was a write to a TB protected page, restart. */
+        if (is_write
+            && host_sig == SIGSEGV
+            && info->si_code == SEGV_ACCERR
+            && h2g_valid(host_addr)
+            && handle_sigsegv_accerr_write(cpu, sigmask, pc, guest_addr)) {
+            return;
+        }
+
+        /*
+         * If the access was not on behalf of the guest, within the executable
+         * mapping of the generated code buffer, then it is a host bug.
+         */
+        if (access_type != MMU_INST_FETCH
+            && !in_code_gen_buffer((void *)(pc - tcg_splitwx_diff))) {
+            die_with_backtrace(info);
+        }
+
         if (host_sig == SIGSEGV) {
             bool maperr = true;
 
             if (info->si_code == SEGV_ACCERR && h2g_valid(host_addr)) {
-                /* If this was a write to a TB protected page, restart. */
-                if (is_write &&
-                    handle_sigsegv_accerr_write(cpu, sigmask, pc, guest_addr)) {
-                    return;
-                }
-
                 /*
                  * With reserved_va, the whole address space is PROT_NONE,
                  * which means that we may get ACCERR when we want MAPERR.
-- 
2.34.1

next prev parent reply	other threads:[~2023-08-23  5:17 UTC|newest]

Thread overview: 24+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-08-23  5:16 [PATCH v4 00/10] linux-user: Detect and report host crashes Richard Henderson
2023-08-23  5:16 ` [PATCH v4 01/10] linux-user: Split out die_with_signal Richard Henderson
2023-08-23 12:55   ` Philippe Mathieu-Daudé
2023-08-23  5:16 ` [PATCH v4 02/10] linux-user: Exit not abort in die_with_backtrace Richard Henderson
2023-08-23 12:55   ` Philippe Mathieu-Daudé
2023-08-23  5:16 ` [PATCH v4 03/10] linux-user: Use die_with_signal with abort Richard Henderson
2023-08-23  5:16 ` Richard Henderson [this message]
2023-08-23  5:16 ` [PATCH v4 05/10] linux-user: Only register handlers for core_dump_signal by default Richard Henderson
2023-08-23  5:16 ` [PATCH v4 06/10] linux-user: Map unsupported signals to an out-of-bounds value Richard Henderson
2023-08-23  5:16 ` [PATCH v4 07/10] linux-user: Remap SIGPROF when CONFIG_GPROF Richard Henderson
2023-08-23  5:16 ` [PATCH v4 08/10] linux-user: Simplify signal_init Richard Henderson
2023-08-23  5:16 ` [PATCH v4 09/10] linux-user: Split out host_sig{segv,bus}_handler Richard Henderson
2023-08-23  5:16 ` [PATCH v4 10/10] linux-user: Detect and report host SIGILL, SIGFPE, SIGTRAP Richard Henderson
2023-09-09 19:12 ` [PATCH v4 00/10] linux-user: Detect and report host crashes Richard Henderson
2023-09-12  9:45   ` Helge Deller
2023-09-12 10:34     ` Michael Tokarev
2023-09-18 14:05       ` Helge Deller
2023-09-19  7:40         ` Michael Tokarev
2023-09-19  8:00           ` Helge Deller
2023-09-19  8:26             ` Michael Tokarev
2023-09-19  8:38               ` Richard Henderson
2023-09-19  9:17                 ` Helge Deller
2023-09-19 13:01                 ` Michael Tokarev
2023-09-19  8:29         ` Richard Henderson

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:a77d003de dfblob:529fea8bb )
 OR (
bs:"[PATCH v4 04/10] linux-user: Detect and report host crashes" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20230823051615.1297706-5-richard.henderson@linaro.org \
    --to=richard.henderson@linaro.org \
    --cc=deller@gmx.de \
    --cc=qemu-devel@nongnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).