From nobody Wed Apr 06 23:37:45 2022 X-Original-To: freebsd-arm@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id BAA3C1A9EB18 for ; Wed, 6 Apr 2022 23:38:00 +0000 (UTC) (envelope-from marklmi@yahoo.com) Received: from sonic307-8.consmr.mail.gq1.yahoo.com (sonic307-8.consmr.mail.gq1.yahoo.com [98.137.64.32]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4KYgtH4Ym7z3slw for ; Wed, 6 Apr 2022 23:37:59 +0000 (UTC) (envelope-from marklmi@yahoo.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1649288272; bh=KhKCMnppS8qoL9kjDRvMb6sp/cJLoh/pS6EIR6Yd6A0=; h=Subject:From:In-Reply-To:Date:Cc:References:To:From:Subject:Reply-To; b=qz8xxlsFzGZeoiDnZvLgmRbDCsyAd0yuOs6lZTp2s9CSGVN+7UTffpSE+MUi0LYYsxhnE0O/umwKLausEmSzda5sKlXz5aO0wz1h+aA78Bjrxt2rzKU0kCOUSYmKq3d6Afb0tdvEuWkBD46cyxofLr9R1gAOXtPHLbm0noRZDWWwmU3nOo5ywmKXPJL/MCTqx6Sg72wtbacVfE6i2lqCVgGcWtfcLoIVn+FDyIQ5aWe0wMAw8yr2aj6B4ZQCB1NQ8f79fOdVToy2PzFnD4TxfjrzahYau00F9grj6wpNbhOSRIiH3bqKG2GDOpnVmQxCkEFJqS8UKPx+YLxfJf3t8g== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1649288272; bh=dz7Cu91DeBfbYTx/pK/FllzkRukI/GTNVwxxE5J5iM+=; h=X-Sonic-MF:Subject:From:Date:To:From:Subject; b=fe/90YK0pQnYWAEwIFcC77JBzbyvWF3NvVg+pnWCV4VwyqRuTdjUPNAIdzGf3sE8U4cS7pWVE8IuNz0z1RUsnup1Kq7W18hC60Y3C4Y4aR3s3HT9rzYXS9P9X5ROjslcAtYGNg2IZDs//8bObyum70t+BSnwRrwQKcRn/hMwy1AGpkJ/zBQvQ8kyvTpwp1CCJt7+j0Ct3We/X+SDaGl2NRI9s/puxG0B3Zvv36K9MNckhW0LNMCRzhEbusuT1NCPbMgzKxOpNpnpzevQEVN8Ke6ci7e2IyVw1moAYm/N0VT6th5C7Ko4raIkxo4dNqSt40x3nyzjOIAKwHCc9ZdZTg== X-YMail-OSG: TrgtjeAVM1lhinl9MfhVARZC6aWA7NmDHxuQkHl7mB_37PENAoYtCLD7n5IbQxK NEdON1754ZfKVRvVakAw8_jTcyiPP1Hba.vUVXCIVlghbE6jqMsrModwqnP1gIlLra6mOliDOarA M7fca.IjdQqClUrdLaitS2oOMHn3B7k4tMaZfzxqGH941rDXLfi_rnGhvrFBMTgzbKbw9NzyMXZ0 5SU2h4Hol44Ae8THIa2G3y6TkDMQTRnaGTFCRkDfDyBo.luW7E6y2TFp3YEKhViVn5ouaDLkgSHJ n2k_vSyYN.irsmsQgSUw4QnHDOa0.S_Yl_kZ5eC2OIegW6KWvVxVfujms7Fl0ERTTWNVNgWIR6Oo AkhQBuLRFBKpfiVihwhZI_4LZ9uvixYOhqnJ4UUDoZ4kOlCkeOi5gXUtR0h4VApkDbk5PMJBmGPB xIND0coGqVIwjp5DxBf68yU66GUcvNBKjIKg9cSerQTqcIOwD5foeqTOjdDmEOvfip24wWefsE2w XxvSr90XkYECcSjOSZvb1gurMXZHTyYwmH.02lkyVGLKSmF0Ir2vyTKhym98ls8WSBQpWOYqpC_d 0mrdlTBVvG6PFS7Iq_m0BHeu8LatToPOOVJeGwvBnFuIev5Rc36w3wczbMxZyjMLNslhfx0z52Ok IdX2t4i_N26eX_UcyG2IoLpnKQ6Zf1_OR9NPlaRk6EZ1JA6RFJ_.NsZDaq3nM.fskljMs7692Whk dSpFthOzjqJFuizlT5lBHJPk1V1jgauPyJ3ynaw4qQOxNb.5Kptn3Ys9ay6mDKbjosU7IjeUdQCy I7ItrEVzTa9HqeeT.BTzT3Vx2eUG2PjE6lkqGP1rzw9R4G7hUaNA.VLuJcZ9ZtXmTfTKsbVJ8Ibe M2zLfE9La89Qz3s1w2ep6ak88FBXUmXhWMWs7BExBqYlsv..oiqUsBNrOXwvdkJLBKILGFIp6Y2O sLdSpf3ecg0lziC.X.BNfmNzN5.a6tvj2EZckNOZ8a3fyfI0khUJtiCie0tQ5s9crPG4mmvF9j9G bhdXc_7YGZuj_FxXa24RYwDLDv5R.l6tp4OmVZL71TOZCXdG_ixow.tpCzbXEPckhkl2cBnUHy7C .9Ow0voPXlg3JrTP2qKXSmLNwfthf9zNKcCHi0dZW6qajjFpnm2dmC7.kDPUMEIk0A.p0jlVz.5c azEiKqzYG8Y_2B8S_i0lgyeYRZGpX8_qBSeM0WBVeqBpsz2hjnNkSK7ndH7YHFcqVT9UNc0L2Kq3 z2sz.MJb_ZjAY96G2XxjjNCpCwRRSNB2jbdmbQCgWxJ1ec6Rkud3HrhQrz7oabLJ3st21LOuUZp0 F7dbJao8j.EOhdE6pOWpR1FfFGhnYk4rjwwzF5FL3iJPrhZkp9txYRsFUuvZFkXcIBVVF5cNYhtc Yg46cvGkyaM1xBFy3A5sGGusElETBjHIJY3Wm9Fao6A9Az9vBghEtj8AA4fYnrVVhnsyRlo6sPxp ggHT71r8ZOs2RkFITOgQPNOklccax9sVL0NYguUhZNk4kkKdOoHCA7_JlxjBgYcEFLzpa50yIT5p FpYe.b53VpQO7mVVeheUdIw_5EOIRFJw44XsUlTdV5quqZFG7ZxnUljZKj7h_ofEQHVwDlMAfndH pQc19bRTElKz3bo_CMTGXhR3IF92WwoK4TqtTTivJnEMC7z0PB2srjOkeyQ2sWWV72_wZNeObA5K 34FiTXVBl8CPSRKl.ifPminA2hvzu_g1Ks7hWlMdqfXmubQOGesCw6eSL3sJegN5bnKK_MVLGOGU T_lHxVg991F88rb8fPp94oh2SUl_Jxrxfh1yGG5iE.qhW5F30EfTYLf3HVYd2tGvwIfTjk0viA8e uPT3oVmTwtOi0NiYEvx3rHrd2z0BSJsbYDCeqPpauU.DDq2qbs8g6GdXFoFFdLVMW2w1lteGMwDu t1AJxYTuIbWKiOkOykUG9QiZoXq88R1XI4XyUiCw6QbsSbkQDHehwVKkRCjRYVic7GUq6a4F2Uhd .A2tm8kaa.9UGXVnRs1B0Q6c6DwHkQwIRWzvowQjNJ39_W7QW2vvg7nDRwa0TdtUIfHVq7eRuUTR pv88.DbhbWe26UcysaBewK7vh8MTPqATmQ95Q9SJDiZPnUM9nPgl6KgxsIxEn2ltpAN23yqORp8y uIQZsNoaYRWtmVjBJyIyoIpRFc.xTGOxROjwz7.EJhIcJkP2HC788KK0Jz52qi1aybrxibyigh7N EQEL2UVX4MzID7ZLASb9TnGV1Wf.GOk1pRvY07ccxmA0zNwvUQ4nUPe333dR8PbQD9u3.eYOWVHZ gKgSoBIDX1cvUYQfzCDWmGQ-- X-Sonic-MF: Received: from sonic.gate.mail.ne1.yahoo.com by sonic307.consmr.mail.gq1.yahoo.com with HTTP; Wed, 6 Apr 2022 23:37:52 +0000 Received: by kubenode534.mail-prod1.omega.ne1.yahoo.com (VZM Hermes SMTP Server) with ESMTPA ID 20c8bf4effeb2ab6890164d11804a978; Wed, 06 Apr 2022 23:37:47 +0000 (UTC) Content-Type: text/plain; charset=us-ascii List-Id: Porting FreeBSD to ARM processors List-Archive: https://lists.freebsd.org/archives/freebsd-arm List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-arm@freebsd.org Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.120.0.1.13\)) Subject: Re: https://github.com/pftf/RPi3 UEFI/ACPI based booting: gic_acpi_identify crashes dereferencing a NULL pointer value From: Mark Millard In-Reply-To: <6609AB07-942C-4E06-A99A-2B3A0D65D970@yahoo.com> Date: Wed, 6 Apr 2022 16:37:45 -0700 Cc: Andrew Turner Content-Transfer-Encoding: quoted-printable Message-Id: References: <6609AB07-942C-4E06-A99A-2B3A0D65D970@yahoo.com> To: Free BSD , "freebsd-acpi@freebsd.org" X-Mailer: Apple Mail (2.3654.120.0.1.13) X-Rspamd-Queue-Id: 4KYgtH4Ym7z3slw X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=yahoo.com header.s=s2048 header.b=qz8xxlsF; dmarc=pass (policy=reject) header.from=yahoo.com; spf=pass (mx1.freebsd.org: domain of marklmi@yahoo.com designates 98.137.64.32 as permitted sender) smtp.mailfrom=marklmi@yahoo.com X-Spamd-Result: default: False [-3.33 / 15.00]; TO_DN_EQ_ADDR_SOME(0.00)[]; TO_DN_SOME(0.00)[]; FREEMAIL_FROM(0.00)[yahoo.com]; MV_CASE(0.50)[]; R_SPF_ALLOW(-0.20)[+ptr:yahoo.com]; DKIM_TRACE(0.00)[yahoo.com:+]; DMARC_POLICY_ALLOW(-0.50)[yahoo.com,reject]; NEURAL_HAM_SHORT(-0.83)[-0.831]; FROM_EQ_ENVFROM(0.00)[]; RCVD_TLS_LAST(0.00)[]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[yahoo.com]; ASN(0.00)[asn:36647, ipnet:98.137.64.0/20, country:US]; MID_RHS_MATCH_FROM(0.00)[]; DWL_DNSWL_NONE(0.00)[yahoo.com:dkim]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-0.997]; R_DKIM_ALLOW(-0.20)[yahoo.com:s=s2048]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[98.137.64.32:from]; MLMMJ_DEST(0.00)[freebsd-arm]; RWL_MAILSPIKE_POSSIBLE(0.00)[98.137.64.32:from]; RCVD_COUNT_TWO(0.00)[2] X-ThisMailContainsUnwantedMimeParts: N On 2022-Apr-6, at 01:01, Mark Millard wrote: > https://github.com/pftf/RPi3 UEFI/ACPI use gets a boot crash in > FreeBSD's gic_acpi_identify: >=20 > . . . > MAP 1d0000 mode 2 pages 32 > MAP 339d0000 mode 2 pages 80 > MAP 33a20000 mode 2 pages 256 > MAP 37000000 mode 2 pages 400 > MAP 37190000 mode 2 pages 592 > kbd0 at kbdmux0 > acpi0: > acpi0: Power Button (fixed) > acpi0: Could not update all GPEs: AE_NOT_CONFIGURED > psci0: on acpi0 > Fatal data abort: > x0: ffff000086ffe6b4 (crypto_dev + 858f044c) > x1: ffff00000103d0d0 (initstack + 30d0) > x2: ffff00000080ed2c (madt_handler + 0) > x3: ffff00000103d0d0 (initstack + 30d0) > x4: d2d9fffc > x5: 0 > x6: ffffffffffffffff > x7: 2001 > x8: 0 > x9: 400 > x10: 800 > x11: 0 > x12: ffff00000103d8dc (initstack + 38dc) > x13: b6 > x14: 551 > x15: 16c > x16: 0 > x17: 1 > x18: ffff00000103d0d0 (initstack + 30d0) > x19: ffff000086ffe598 (crypto_dev + 858f0330) > x20: ffffa00000dba200 > x21: ffff00000103d0e0 (initstack + 30e0) > x22: ffffa00000c37a40 > x23: ffff000000ec8000 (devsoftc + 88) > x24: ffff00000097fe1a (digits + 102f6) > x25: 3800000 > x26: ffff000000e74000 (gdb_tx_u + a98) > x27: ffff000000e74000 (gdb_tx_u + a98) > x28: ffff00004042bd28 (crypto_dev + 3ed1dac0) > x29: ffff00000103d8e0 (initstack + 38e0) > sp: ffff00000103d0d0 > lr: ffff00000080e908 (gic_acpi_identify + 7c) > elr: ffff00000080e90c (gic_acpi_identify + 80) > spsr: 600000c5 > far: 14 > esr: 96000004 > panic: vm_fault failed: ffff00000080e90c error 1 > cpuid =3D 0 > time =3D 1 > KDB: stack backtrace: > db_trace_self() at db_trace_self > db_trace_self_wrapper() at db_trace_self_wrapper+0x30 > vpanic() at vpanic+0x178 > panic() at panic+0x44 > data_abort() at data_abort+0x2bc > handle_el1h_sync() at handle_el1h_sync+0x10 > --- exception, esr 0x96000004 > gic_acpi_identify() at gic_acpi_identify+0x80 > bus_generic_new_pass() at bus_generic_new_pass+0x44 > bus_generic_new_pass() at bus_generic_new_pass+0xb0 > bus_generic_new_pass() at bus_generic_new_pass+0xb0 > root_bus_configure() at root_bus_configure+0x40 > mi_startup() at mi_startup+0x224 > virtdone() at virtdone+0x7c > KDB: enter: panic > [ thread pid 0 tid 100000 ] > Stopped at kdb_enter+0x48: undefined f901c11f >=20 > This turns out to have gic_acpi_identify+0x80 > with the code shown below: >=20 > ffff00000080e904 bl ffff00000011d640 = > ffff00000080e908 ldr x8, [sp, #8] > ffff00000080e90c ldrb w8, [x8, #20] >=20 > and the register dump above shows: >=20 > x8: 0 >=20 > Looking up the source ( sys/arm/arm/gic_acpi.c ) there is > the likes of: >=20 > struct madt_table_data { > device_t parent; > ACPI_MADT_GENERIC_DISTRIBUTOR *dist; > ACPI_MADT_GENERIC_INTERRUPT *intr[MAXCPU]; > }; > . . . > bzero(&madt_data, sizeof(madt_data)); > madt_data.parent =3D parent; > madt_data.dist =3D NULL; >=20 > acpi_walk_subtables(madt + 1, (char *)madt + = madt->Header.Length, > madt_handler, &madt_data); >=20 > /* Check the version of the GIC we have */ > switch (madt_data.dist->Version) { >=20 > So it appears that madt_data.dist held a NULL pointer value > that was not checked for. (I've no clue if such a NULL is > supposed to be possible --but I do know it occured.) >=20 > The following lines are: >=20 > case ACPI_MADT_GIC_VERSION_NONE: > case ACPI_MADT_GIC_VERSION_V1: > case ACPI_MADT_GIC_VERSION_V2: > break; > default: > goto out; > } > . . . > out: > acpi_unmap_table(madt); > } >=20 > That might suggest that madt_data.dist=3D=3DNULL should lead to > a "goto out". >=20 >=20 QUOTE ( https://en.wikipedia.org/wiki/Raspberry_Pi ) The Raspberry Pi 4 uses a Broadcom BCM2711 SoC . . . Unlike previous = models, which all used a custom interrupt controller poorly suited for = virtualisation, the interrupt controller on this SoC is compatible with = the ARM Generic Interrupt Controller (GIC) architecture 2.0, providing = hardware support for interrupt distribution when using ARM = virtualisation capabilities. END QUOTE So it looks like the madt_data.dist=3D=3DNULL corresponds to there not being a GIC of any version present to find in MADT for an RPi3. I'll note that the value ACPI_MADT_GIC_VERSION_NONE is listed in ACPI_Spec_6_4_Jan22.pdf as: QUOTE 0x00: No GIC version is specified, fall back to hardware discovery for = GIC version END QUOTE I'd take that wording as still presuming the presence of a GIC to do version discovery with. If true, the madt_data.dist=3D=3DNULL for the RPi3B may well be the way to indicate that no GIC is present to even do hardware version discovery with. FreeBSD may well not want to support https://github.com/pftf/RPi3 use in ACPI mode. But it still may want to avoid a non-obvious crash as the means of rejecting the ACPI it is provided. =3D=3D=3D Mark Millard marklmi at yahoo.com