From patchwork Thu Apr 18 20:10:31 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Gustavo Romero X-Patchwork-Id: 789868 Delivered-To: patch@linaro.org Received: by 2002:adf:e6ca:0:b0:346:15ad:a2a with SMTP id y10csp750661wrm; Thu, 18 Apr 2024 13:11:47 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCXWFdmB2mZvmKp4xf4Mkze+ljzm8eEQBLuzksrAXvBDkRzTJUp1y4t9sLZ3hkNRLnYkcuKxywth9i/EH0VTx0ea X-Google-Smtp-Source: AGHT+IEzNlxLTE6Btm3iYG4mStWV7TuxBQeanYNa99XK8IWWcN8ZZLQLZii52o06uG3VjKMHmmPU X-Received: by 2002:a05:622a:1789:b0:437:4dcb:ed0 with SMTP id s9-20020a05622a178900b004374dcb0ed0mr117677qtk.57.1713471106997; Thu, 18 Apr 2024 13:11:46 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1713471106; cv=pass; d=google.com; s=arc-20160816; b=V9sle6HXekWqQXx4muVZF3URWnQRvgCNVjPv7bfnl8+nRrZYbLW8atFznxYiRp8XR2 H0l3RVKieRSwR+yonIBCk1j++6Ut6XCEKA443Y64bVP7uWvpp8En6vum6Ih1qA9ucXCE ECBuT1JE1XMe/hG6w4/OuFh0g6OGCX5jSc/ZBMIUvMkYr9ypQrqWGWaBnRZv1fM3lPjT YPnfAyUeb0d5W1TsLT/+yC7YjJime86qQ8FKAO9F1jRhhYeogwsh8JUXJTgujbt8ldN4 VKjPC1KwZp7GgUkEEaxQaCda9VQlLAr7JOXmkiaWORhwFjjbha+I83m1kKZZi48t0Uke q0Qw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:message-id:date:subject:cc:to:from:dkim-signature :arc-filter:dmarc-filter:delivered-to; bh=CZ/K61V1p0WtpLfJkylhsA5zmW2DPVtrSGgYKsRolSM=; fh=PHP0XrDyWzrRvU96cs6sxWXpzsZ2PqUxQqbJpAaSNaA=; b=J/6lPI+N/DQnWApepsflxUGbMYiZAyTJJSSJ/gUTZKYa4ZTUAw7ffKhQyW4fUuApVF 7W5YyecbkdLieMVZH1pafwvFF5Vop34TP9ikgWUHlGPXn13dV6UniQO38aXqY3VlC9// OUvfNFtFZVN4V6GtEV39n7/F505eq+e6ddnRk60jtIlSqWrucOjigXWcbueFQjUfCFte ge3dtceQsdztCZlbj8vozBpwdrQI6HIVOBwyd8D4DQzAvNWfNtSBVg5Euk5w+ATrhgHH Q47Mn2nRq7pLoc8eCvlvAfKfJ+/btBWKHKdhyG2PmRXeH2e+JYs+XrTCgIKaQdds65k7 59Mg==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=Chi+XlpI; arc=pass (i=1); spf=pass (google.com: domain of gdb-patches-bounces+patch=linaro.org@sourceware.org designates 8.43.85.97 as permitted sender) smtp.mailfrom="gdb-patches-bounces+patch=linaro.org@sourceware.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from server2.sourceware.org (server2.sourceware.org. [8.43.85.97]) by mx.google.com with ESMTPS id et21-20020a05622a4b1500b0043624d0a01fsi1978450qtb.556.2024.04.18.13.11.46 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 18 Apr 2024 13:11:46 -0700 (PDT) Received-SPF: pass (google.com: domain of gdb-patches-bounces+patch=linaro.org@sourceware.org designates 8.43.85.97 as permitted sender) client-ip=8.43.85.97; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=Chi+XlpI; arc=pass (i=1); spf=pass (google.com: domain of gdb-patches-bounces+patch=linaro.org@sourceware.org designates 8.43.85.97 as permitted sender) smtp.mailfrom="gdb-patches-bounces+patch=linaro.org@sourceware.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 91AA7384AB7A for ; Thu, 18 Apr 2024 20:11:46 +0000 (GMT) X-Original-To: gdb-patches@sourceware.org Delivered-To: gdb-patches@sourceware.org Received: from mail-pl1-x630.google.com (mail-pl1-x630.google.com [IPv6:2607:f8b0:4864:20::630]) by sourceware.org (Postfix) with ESMTPS id 376253858D33 for ; Thu, 18 Apr 2024 20:10:54 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 376253858D33 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 376253858D33 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2607:f8b0:4864:20::630 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1713471057; cv=none; b=cBsjnfbG88mE8GLSTXSuWqLa8HgzG1cLpfFLqL3l/awS9REIykiIqh/uYm2TdaMdoqFCV2xVa+qjMlt2ikD0HbwA3cWaZwk37/WeworD3DiCvBwAK9YTqZISHHwBrFP+8NkPNBBshpiYx5T0dp3XNaJs6dnYq3McpY2rNm3UKag= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1713471057; c=relaxed/simple; bh=yxsjK4TQYYm1A8B4CTk/fXQfdb8U/BDgnkouZEPXWdA=; h=DKIM-Signature:From:To:Subject:Date:Message-Id:MIME-Version; b=QfS2QT1v6YIHDq9o2SHW8bArZ+/YcLtY5lGAt90Aw2LCJgOkT0aUb6mwMzD2Tx9HmW9EflKEkZnOxIzZbuOId9987MeanKSftjUHwVf2GQtOP+Ry1l2YCYpuq8E1FBLrWwmi2BxlIxgNFvFWmi6Y4Ufd0NyYZanW2GUNJNIqJm8= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-pl1-x630.google.com with SMTP id d9443c01a7336-1e857e571f3so11062595ad.0 for ; Thu, 18 Apr 2024 13:10:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1713471053; x=1714075853; darn=sourceware.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=CZ/K61V1p0WtpLfJkylhsA5zmW2DPVtrSGgYKsRolSM=; b=Chi+XlpIFUq9CBUb7s36LscG/yuRjoG4QTosiJ47p7N6rD9F+SUsGFi4s6etJLdbIu tFB1i0wKSgWsbOKfy168/MjmVWwitH/pigTksG+N5163J93hkbP04zybdA66iuzHa7Ex 04teV3Ps7W1CS/w4PhZzuWSQpIABaP4mJ6xmLv8Vb76bbyQudqG+RGn4C9rD/fb+wSh1 lbswTHXbeWv4/MZ5y9UzJ05qEj/20gV3MIElAqumVxaVoCmD+SZOHtl23/XNv8N9CEoW rJ65/Bi0QYfW3VQqtUXk0jehU6m3NfRZRnhl5nv78dNrLHs8dWm3yr28OcNmG3UH2YDt xJ4A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1713471053; x=1714075853; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=CZ/K61V1p0WtpLfJkylhsA5zmW2DPVtrSGgYKsRolSM=; b=xLCub1ctgNK/rfxsDM9k2/pgLIF3m3KtfRFINFQQejJWSE3LfotLB+neO59o20+dic bdfE7zhRH+vMD78Mp6x7MLCaESx4EFTMD8xNArPRZocV1UT/uKzkJmtd85cokmkZYCsg fxpV49KY7yZoTdiV3IV5Ln79aUhzutQJm4KClzI3r5b9TFH4aTwtBCZ6TgPC1cprL665 pTPyHWAMyj8ktUgXeMeYwZgiXsMr86OFZ0aSD06jGcOXslx78nk80BwO68GZN23R1tqO iIVK6uTy/l/7ZA7E/bTyPZN8Los04DWH5j/wXtqU85vTCRdqcziXFJ7y3QqMTHbIrxo+ QpAg== X-Gm-Message-State: AOJu0Ywek1h1wExPnjqno6IRUAuj5oLnwRCOTS/hciN+Qu7s6PhzMFQF zxV2u1sTs/TRh+0jWbZLzVGc2a1/yn57drTR54GDcfSNip2bM18ecUfIpZPZO4MKRXJQ+iMMUZP 4 X-Received: by 2002:a17:902:ce8f:b0:1e4:5e14:9db2 with SMTP id f15-20020a170902ce8f00b001e45e149db2mr119340plg.39.1713471052584; Thu, 18 Apr 2024 13:10:52 -0700 (PDT) Received: from amd.. ([2804:7f0:b403:ad57:3e7c:3fff:fe7a:e83b]) by smtp.gmail.com with ESMTPSA id n18-20020a170903111200b001e0b5eee802sm1925524plh.123.2024.04.18.13.10.50 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 18 Apr 2024 13:10:52 -0700 (PDT) From: Gustavo Romero To: gdb-patches@sourceware.org Cc: luis.machado@arm.com, thiago.bauermann@linaro.org, eliz@gnu.org, tom@tromey.com, gustavo.romero@linaro.org Subject: [PATCH v6 0/8] Add another way to check tagged addresses on remote targets Date: Thu, 18 Apr 2024 20:10:31 +0000 Message-Id: <20240418201039.236867-1-gustavo.romero@linaro.org> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 X-Spam-Status: No, score=-7.0 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: gdb-patches@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Gdb-patches mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: gdb-patches-bounces+patch=linaro.org@sourceware.org This series introduces a new method to check for memory tagged addresses on remote targets. This new method is based on a new packet, qIsAddressTagged. GDB now sends first a qIsAddressTagged packet to the stub for checking an address and if the stub sends an empty reply GDB attemps to use the current code path as a fallback mechanism, so no change in stubs not supporting the new packet is required. Stubs that support the new packet just need to implement the check and reply accordingly to qIsAddressTagged queries. This new mechanism allows for checking memory tagged addresses in an OS-agnostic way, which is necessary when debugging targets that do not support '/proc//smaps', as the current method of reading the smaps contents fails in such cases. Updates in v2: * Fixed build error "no match for ‘operator!=’ (operand types are ‘packet_result’ and ‘packet_status’)" reported by Linaro CI bot, caused by a last-minute rebase * Added instructions on how to test the series on a remote target using QEMU gdbstub (-g option) -- see below Updates in v3: * Changed packet name to qMemTagCheckAddr for consistence * Documented the new packet in gdb.texinfo and NEWS * Changed target hook name to is_address_tagged * Fixed several GNU Style nonconformities * Split commit that adds the target hook and the qMemTagCheckAddr in two commits * Tested fallback mechanism using gdbserver (use of vFile requests instead of qMemTagCheckAddr) * Fixed off-by-one error * Changed targe hook signature to take gdbarch as an argument for better modularity Updates in v4: * Changed packet name to qIsAddressTagged as per Luis's suggestion * Removed the need for memory-tagging-check-add+ feature in qSupport to use the qIsAddressTagged packet; now GDB first attempts to use the packet to check the address and if the stub returns empty the fallback mechanism (the current code path that reads smaps) is used * Fixed documentation as per Eli's review * Added unittests for qIsAddressTagged request and replies * Fixed "gdb: Introduce is_address_tagged target hook" commit message * Removed wrong assert in aarch64_linux_tagged_address_p that crashed GDB, for instance, on "memory-tag check 0x0", because 0x0 address is actually valid in this context * Added several comments in the code as per Luis's reviews Updates in v5: * Use of GDB feature auto detect to find out if the qIsAddressTagged packet is supported by the stub, hence this packet is sent only one time if it's not supported by the stub * More fixes in the documentation * Use of reference instead of pointer for param. 'tagged' in check_is_address_tagged_reply function * Adjusted unit test cases as per Luis's comments * Updated QEMU prototype so the stub now replies to qIsAddressTagged queries, for testing this series using QEMU (as per comments about testing below) Updates in v6: * Fix cindex position in gdb.texinfo doc file * Handle malformed reply of incorrect length (!= 2 hex digits) * Adjust unit tests to test the checking of such a malformed reply ---- This series can be tested with the 'mte_t' binary found in: https://people.linaro.org/~gustavo.romero/gdb, using the GDB 'memory-tag print-allocation-tag' command to show the allocation tag for array pointer 'a'. To download mte_t: $ wget https://people.linaro.org/~gustavo.romero/gdb/mte_t $ chmod +x ./mte_t ... or build it from source: $ wget https://people.linaro.org/~gustavo.romero/gdb/mte_t.c $ gcc -march=armv8.5-a+memtag -static -g3 -O0 mte_t.c -o mte_t For example, testing the address check for the aarch64_linux_nat.c target: gromero@arm64:~/code$ ~/git/binutils-gdb_remote/build/gdb/gdb -q ./mte_t Reading symbols from ./mte_t... (gdb) run Starting program: /home/gromero/code/mte_t a[] address is 0xfffff7ffc000 a[0] = 1 a[1] = 2 0x100fffff7ffc000 a[0] = 3 a[1] = 2 Expecting SIGSEGV... Program received signal SIGSEGV, Segmentation fault Memory tag violation Fault address unavailable. 0x0000000000418658 in write () (gdb) bt #0 0x0000000000418658 in write () #1 0x000000000040a3bc in _IO_new_file_write () #2 0x0000000000409574 in new_do_write () #3 0x000000000040ae20 in _IO_new_do_write () #4 0x000000000040b55c in _IO_new_file_overflow () #5 0x0000000000407414 in puts () #6 0x000000000040088c in main () at mte_t.c:119 (gdb) frame 6 #6 0x000000000040088c in main () at mte_t.c:119 119 printf("...haven't got one\n"); (gdb) memory-tag print-logical-tag a $1 = 0x1 (gdb) memory-tag print-allocation-tag &a[16] $2 = 0x0 (gdb) # Tag mismatch (gdb) Testing address check on a core file: gromero@arm64:~/code$ ulimit -c unlimited gromero@arm64:~/code$ ./mte_t a[] address is 0xffffb3bcc000 a[0] = 1 a[1] = 2 0x900ffffb3bcc000 a[0] = 3 a[1] = 2 Expecting SIGSEGV... Segmentation fault (core dumped) gromero@arm64:~/code$ ~/git/binutils-gdb_remote/build/gdb/gdb -q ./mte_t ./core Reading symbols from ./mte_t... [New LWP 256036] Core was generated by `./mte_t'. Program terminated with signal SIGSEGV, Segmentation fault Memory tag violation Fault address unavailable. #0 0x0000000000418658 in write () (gdb) bt #0 0x0000000000418658 in write () #1 0x000000000040a3bc in _IO_new_file_write () #2 0x0000000000409574 in new_do_write () #3 0x000000000040ae20 in _IO_new_do_write () #4 0x000000000040b55c in _IO_new_file_overflow () #5 0x0000000000407414 in puts () #6 0x000000000040088c in main () at mte_t.c:119 (gdb) frame 6 #6 0x000000000040088c in main () at mte_t.c:119 119 printf("...haven't got one\n"); (gdb) memory-tag print-logical-tag a $1 = 0x9 (gdb) memory-tag print-allocation-tag &a[16] $2 = 0x0 (gdb) # Tag mismatch (gdb) Finally, testing the new packet on a remote target using QEMU gdbstub which supports the new 'memory-tagging-check-add+' feature (WIP). Clone and build QEMU: $ git clone --depth=1 --single-branch -b mte https://github.com/gromero/qemu.git $ mkdir qemu/build && cd qemu/build $ ../configure --target-list=aarch64-linux-user --disable-docs $ make -j $ wget https://people.linaro.org/~gustavo.romero/gdb/mte_t $ chmod +x ./mte_t $ ./qemu-aarch64 -g 1234 ./mte_t ... and connect to QEMU gdbstub from GDB: gromero@amd:~/git/binutils-gdb/build$ ./gdb/gdb -q (gdb) target remote localhost:1234 Remote debugging using localhost:1234 Reading /tmp/qemu/build/mte_t from remote target... warning: File transfers from remote targets can be slow. Use "set sysroot" to access files locally instead. Reading /tmp/qemu/build/mte_t from remote target... Reading symbols from target:/tmp/qemu/build/mte_t... (gdb) c Continuing. Program received signal SIGSEGV, Segmentation fault Memory tag violation Fault address unavailable. 0x0000000000407290 in puts () (gdb) bt #0 0x0000000000407290 in puts () #1 0x000000000040088c in main () at mte_t.c:119 (gdb) frame 1 #1 0x000000000040088c in main () at mte_t.c:119 119 (gdb) memory-tag print-allocation-tag a $1 = 0x2 (gdb) set debug remote on (gdb) memory-tag print-allocation-tag a [remote] Sending packet: $qMemTagAddrCheck:200400000802000#1f [remote] Received Ack [remote] Packet received: 01 [remote] Sending packet: $qMemTags:400000802000,1:1#6f [remote] Received Ack [remote] Packet received: m02 $2 = 0x2 (gdb) Also, below is a test of the fallback mechanism using the gdbserver, which must use vFile requests instead of the new packet: In one terminal: gromero@arm64:~/git/binutils-gdb_remote/build$ ./gdbserver/gdbserver localhost:1234 /home/gromero/code/mte_t ... in another terminal: gromero@arm64:~/git/binutils-gdb_remote/build$ gdb/gdb -q (gdb) target remote localhost:1234 Remote debugging using localhost:1234 Reading /home/gromero/code/mte_t from remote target... warning: File transfers from remote targets can be slow. Use "set sysroot" to access files locally instead. Reading /home/gromero/code/mte_t from remote target... Reading symbols from target:/home/gromero/code/mte_t... Reading /home/gromero/.local/lib/debug/.build-id/a1/fb8db7731a11f85efa2ae80005bdb590796021.debug from remote target... Reading /usr/lib/debug/.build-id/a1/fb8db7731a11f85efa2ae80005bdb590796021.debug from remote target... 0x0000000000400580 in _start () (gdb) b 103 Breakpoint 1 at 0x400818: file mte_t.c, line 103. (gdb) c Continuing. Breakpoint 1, main () at mte_t.c:103 103 set_tag(a); (gdb) n 105 printf("%p\n", a); (gdb) set debug remote on (gdb) memory-tag print-allocation-tag a [remote] Sending packet: $m400948,4#06 [remote] Packet received: 3f030094 [remote] Sending packet: $m400944,4#02 [remote] Packet received: 60003fd6 [remote] Sending packet: $m400948,4#06 [remote] Packet received: 3f030094 [remote] Sending packet: $vFile:setfs:0#bf [remote] Packet received: F0 [remote] Sending packet: $vFile:open:2f70726f632f3236353634362f736d617073,0,1c0#b0 [remote] Packet received: F8 [remote] remote_hostio_pread: readahead cache miss 28 [remote] Sending packet: $vFile:pread:8,2001f,0#5f [remote] Packet received: Feaa;00400000-0047e000 r-xp 00000000 fe:02 5663492 /home/gromero/code/mte_t\nSize: 504 kB\nKernelPageSize: 4 kB\nMMUPageSize: 4 kB\nRss: 440 kB\nPss: 440 kB\nPss_Dirty: 12 kB\nShared_Clean: 0 kB\nShared_Dirty: 0 kB\nPrivate_Clean: 428 kB\nPrivate_Dirty: 12 kB\nReferenced: 440 kB\nAnonymous: 12 kB\nKSM: 0 kB\nLazyFree: 0 kB\nAnonHugePages: [3247 bytes omitted] [remote] remote_hostio_pread: readahead cache miss 29 [remote] Sending packet: $vFile:pread:8,2001f,eaa#56 [remote] Packet received: Fb96;fffff7ffc000-fffff7ffd000 rw-p 00000000 00:00 0 \nSize: 4 kB\nKernelPageSize: 4 kB\nMMUPageSize: 4 kB\nRss: 4 kB\nPss: 4 kB\nPss_Dirty: 4 kB\nShared_Clean: 0 kB\nShared_Dirty: 0 kB\nPrivate_Clean: 0 kB\nPrivate_Dirty: 4 kB\nReferenced: 4 kB\nAnonymous: 4 kB\nKSM: 0 kB\nLazyFree: 0 kB\nAnonHugePages: 0 kB\nShmemPmdMapped: 0 kB\nFilePmdMap [2459 bytes omitted] [remote] remote_hostio_pread: readahead cache miss 30 [remote] Sending packet: $vFile:pread:8,2001f,1a40#25 [remote] Packet received: F0; [remote] Sending packet: $vFile:close:8#b8 [remote] Packet received: F0 [remote] Sending packet: $qMemTags:fffff7ffc000,1:1#15 [remote] Packet received: m0e $1 = 0xe (gdb) Cheers, Gustavo Gustavo Romero (8): gdb: aarch64: Remove MTE address checking from get_memtag gdb: aarch64: Move MTE address check out of set_memtag gdb: aarch64: Remove MTE address checking from memtag_matches_p gdb: Use passed gdbarch instead of calling current_inferior gdb: Introduce is_address_tagged target hook gdb: Add qIsAddressTagged packet gdb/testsuite: Add unit tests for qIsAddressTagged packet gdb: Document qIsAddressTagged packet gdb/NEWS | 10 +++ gdb/aarch64-linux-nat.c | 15 ++++ gdb/aarch64-linux-tdep.c | 22 +----- gdb/arch-utils.c | 2 +- gdb/arch-utils.h | 2 +- gdb/corelow.c | 10 +++ gdb/doc/gdb.texinfo | 37 +++++++++- gdb/gdbarch-gen.h | 4 +- gdb/gdbarch.c | 2 +- gdb/gdbarch_components.py | 2 +- gdb/printcmd.c | 32 ++++---- gdb/remote.c | 152 ++++++++++++++++++++++++++++++++++++++ gdb/target-delegates.c | 30 ++++++++ gdb/target.c | 6 ++ gdb/target.h | 6 ++ 15 files changed, 289 insertions(+), 43 deletions(-)