[Bug 282505] 13.3 kernel running under bhyve accesses unimplemented watchpoint

From: <bugzilla-noreply_at_freebsd.org>
Date: Sun, 03 Nov 2024 00:50:14 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=282505

            Bug ID: 282505
           Summary: 13.3 kernel running under bhyve accesses unimplemented
                    watchpoint
           Product: Base System
           Version: 15.0-CURRENT
          Hardware: arm
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: arm
          Assignee: freebsd-arm@FreeBSD.org
          Reporter: jfc@mit.edu

Short version: vmm might provide a bad value for id_aa64dfr0_el1 on my
hardware.

A 13.3 kernel crashes almost immediately running under bhyve on a RockPro64
running 15.0-CURRENT.  Function dbg_monitor_enter accesses an unimplemented
watchpoint 4.  The hardware supported range is 0-3.  The A53 and A72 TRMs say 4
watchpoints and dbg_watchpoint_num=4 on the host.  This is all too early to
enter the debugger or examine memory.  I have console output and a register
dump.  Panic string is

panic: Undefined instruction: d51004e2

The instruction decodes to

msr     dbgwcr4_el1, x2

This is consistent with the register dump, which shows dbg_wb_write_reg called
from this loop in dbg_monitor_enter with i==4:

                for (i = 0; i < dbg_watchpoint_num; i++) {
                        dbg_wb_write_reg(DBG_REG_BASE_WCR, i, 0);
                        dbg_wb_write_reg(DBG_REG_BASE_WVR, i, 0);
                }

The watchpoint count comes from

        dbg_watchpoint_num = ((READ_SPECIALREG(id_aa64dfr0_el1) >> 20) & 0xf) +
1;

I do not yet know what the mrs instruction here returns running under bhyve.

The SOC has 4 Cortex A53 and 2 Cortex A72.

-- 
You are receiving this mail because:
You are the assignee for the bug.