Received: by 2002:a25:c593:0:0:0:0:0 with SMTP id v141csp669897ybe; Thu, 5 Sep 2019 04:10:38 -0700 (PDT) X-Google-Smtp-Source: APXvYqxiTvWVHnkmTqDFnGVsEtmR33QH9g9ZEpeaETJb4mdFih7k2pgZAImwgiH/xVR9hDpOV6CE X-Received: by 2002:a17:902:8f81:: with SMTP id z1mr2771574plo.110.1567681838533; Thu, 05 Sep 2019 04:10:38 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1567681838; cv=none; d=google.com; s=arc-20160816; b=X2HLxeYTPw+sPo3OwwI6wHbEtkzI+O0/Z7wx2IJBBSUhSeyx01p7n/gbAl7rgaCFkI 9oJPR7vfLora3ESYuWdeoFi58YdRcpDiQhyu6Ps6ZnkAE7WQ15w2IjFwj3FsGddIZPmR UwVAU9VZ3MDZ3wL1MfVgQF22bU1hSexfB0Pcwgy1Zu5vEk0Nwa9aMUJW3y9KuZQnQZff naLQ8b/vOH8ylXVWqsdxEvCqGaqiMOfxyU9jKyAZxEfPRsnu92PyaNf8PfoAbgssw+up tWk658W3X6U6zD4t2wSuz2UCnfN2wDnNq8UvnCXsEVA7d4I1hN4iz3Hzb4J1/9Hzfs3u 8wZw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=cUJk2VTTKC0wN6jcWEhzpQ/cQIMP1HgLM9BleCNY2Mw=; b=KleMT/8sj+CrAG3+tbPdyVmOG/YkQAAlmwoJV8p3ofHI+WbaOZGhyPz4VW8tpicgg2 ndf6AYI2BEmuLuKoQ3je/+2FfMqi9I1jAz6yJ2lTTYH/2rlBvzZ3q2k2qtP2Jn1AithD +yPpTp+F3Cvi1jnh6nsBIzCGltdn9hUqkLR7UHCqwobghLcCxwvHUg0f7pFPqpxsBrQ/ Z5eBZcUTzF6OlEvmB1p1j285EQLFVHIi1Vy41HWiUpRA4nUz7ww7Zevanr8uXd0DjmH+ I+SRRcBdLSIT/S6k9OJLL9DY5329PfIEr26+g9wEIJ4H9kEWrMjVClfMdApMfCX3w9L6 Su0A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=SuUO2rWq; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id a11si1856573pfh.270.2019.09.05.04.10.22; Thu, 05 Sep 2019 04:10:38 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=SuUO2rWq; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1732703AbfIEIcg (ORCPT + 99 others); Thu, 5 Sep 2019 04:32:36 -0400 Received: from mail-ot1-f66.google.com ([209.85.210.66]:33579 "EHLO mail-ot1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1731540AbfIEIcg (ORCPT ); Thu, 5 Sep 2019 04:32:36 -0400 Received: by mail-ot1-f66.google.com with SMTP id g25so96057otl.0 for ; Thu, 05 Sep 2019 01:32:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=cUJk2VTTKC0wN6jcWEhzpQ/cQIMP1HgLM9BleCNY2Mw=; b=SuUO2rWqXxXye2UAWa4boZ3MzkhHr1kMRk7hmUEtE/4bTQV09kjQ2Gt0bFfY7jy6Lt c/CjUw2y9YZz9PjKOs6ZgbSgAXpr3lfgbrZhxp8su0NVKaaOMe7fOQf9SZi2zc8BBVTM vjAL1pS5Xu1dHCg9bPgZfdi6mFDx1NCGTK+hXYe3E1ZoqqhGTi0uwK3Eh55yEdKRDMrB +j8i+7EukUgFy0S0lYE0Ohx3Lbh0CpKcUd0dpxx4Ipz7+Vswg0Yj+axiv9QclP7v7FjA amXguy+dq916U5xwXOBLDwDqSA0gCjgbyzNwIXY+K6fJFuk0FIByxBUQ0PKhskTuw7/p 1rnw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=cUJk2VTTKC0wN6jcWEhzpQ/cQIMP1HgLM9BleCNY2Mw=; b=Fn15J1pFkhX32AzbwFiw+UF06aUZazr75biWREMuYGCOW76AbPIqeIUzPXNuGkepw1 MXy3lW8HfwAhhK+/nIgQDGkXUHaqkpZNqo3ZdTapRuQi6Q8jOlPRW5hGuVOdez5FCKMG pRH+b+n81LWYeb9T0Ajsz67kGyinsdZvjzcS4/vni9NAlnSFbokfEy0bHn9gZN6p4xsI IpAXaJ7RHgM4SqaLbdlTwBJXiItBbWOYROrrii90vOunomyEqKA7XZY3oanwJHoGmZyS AUD0XtNRrf/IIPzlxqsLiWC4hSYXoUdz9d4ov1eg3l62rYLVOfPWhDkB9r/YzC7Co/Sx qSXQ== X-Gm-Message-State: APjAAAVzANhnlESRUtLgDkcC/E6yswUE0sJTAp7xWlXDJNI2FiMcoIWA w4bm9wE8Wr7waWXNYU7UjbzScA8kR0JEStoOlvLRrw== X-Received: by 2002:a9d:65cb:: with SMTP id z11mr714847oth.232.1567672355504; Thu, 05 Sep 2019 01:32:35 -0700 (PDT) MIME-Version: 1.0 References: <20190904180736.29009-1-xypron.glpk@gmx.de> <86r24vrwyh.wl-maz@kernel.org> <20190905082503.GB4320@e113682-lin.lund.arm.com> In-Reply-To: <20190905082503.GB4320@e113682-lin.lund.arm.com> From: Peter Maydell Date: Thu, 5 Sep 2019 09:32:23 +0100 Message-ID: Subject: Re: [PATCH 1/1] KVM: inject data abort if instruction cannot be decoded To: Christoffer Dall Cc: Marc Zyngier , =?UTF-8?Q?Daniel_P_=2E_Berrang=C3=A9?= , Heinrich Schuchardt , lkml - Kernel Mailing List , Stefan Hajnoczi , kvmarm@lists.cs.columbia.edu, arm-mail-list Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, 5 Sep 2019 at 09:25, Christoffer Dall wrote: > > On Thu, Sep 05, 2019 at 09:16:54AM +0100, Peter Maydell wrote: > > This is true, but the problem is that barfing out to userspace > > makes it harder to debug the guest because it means that > > the VM is immediately destroyed, whereas AIUI if we > > inject some kind of exception then (assuming you're set up > > to do kernel-debug via gdbstub) you can actually examine > > the offending guest code with a debugger because at least > > your VM is still around to inspect... > > > > Is it really going to be easier to debug a guest that sees behavior > which may not be architecturally correct? For example, seeing a data > abort on an access to an MMIO region because the guest used a strange > instruction? Yeah, a data abort is not ideal. You could UNDEF the insn, which probably is more likely to result in getting control in the debugger I suppose. As for whether it's going to be easier to debug, for the user who reported this in the first place it certainly was. (Consider even a simple Linux guest not under a debugger -- if we UNDEF the insn the guest kernel will print a helpful backtrace so you can tell where the problem is; at the moment we just print a register dump from the host kernel, which is a lot less informative.) > I appreaciate that the current way we handle this is confusing and has > led many people down a rabbit hole, so we should do better. > > Would a better approach not be to return to userspace saying, "we can't > handle this in the kernel, you decide", without printing the dubious > kernel error message. Printing the message in the kernel is the best clue we give the user at the moment that they've run into this problem; I would be wary of removing it (even if we decide to also do something else). > Then user space could suspend the VM and print a > lenghty explanation of all the possible problems there could be, or > re-inject something back into the guest, or whatever, for a particular > environment. In theory I guess so. In practice that's not what userspace currently in the wild does, and injecting an exception from userspace is a bit awkward (I dunno if kvmtool does it, QEMU only needs to in really obscure circumstances and was buggy in how it tried to do it until very recently)... thanks -- PMM