[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Possible bug when setting aarch64 watchpoints
From: |
Chris Howard |
Subject: |
Re: Possible bug when setting aarch64 watchpoints |
Date: |
Sun, 24 Apr 2022 14:27:10 +0200 |
Sorry, I need to correct my previous post:
If I set
DBGWVR0_EL1 = 1<<23 // ie. 0x00800000
and
DBGWCR0_EL1 = 0x17<<24 | 0xFF<<5 | 0b11<<3 | 0b11<<1 | 0b1<<0 // ie.
MASK = 23 = 0b10111
and then access memory [0x0080007F] I get a watchpoint exception. (ie.
watchpoints ARE working/enabled)
But if I access [0x00800080] I *don’t* get an exception.
**If the MASK field gets set to 0b0111 instead of 0b10111 then only the bottom
7 bits of the address get masked (instead of 23) and the masked address isn’t
0x00800000, and the exception won’t be triggered.**
(if I *attempt* to set the MASK to 0b11111, but it actually gets set to
0b01111, then I get the behaviour quoted below).
> On 24. Apr 2022, at 13:40, Chris Howard <cvz185@web.de> wrote:
>
> Hi, I’m new to qemu (and even bug-reporting) so apologies in advance…
>
> The MASK field in DBGWCRx_EL1 is **5** bits wide [28:24].
>
> In target/arm/kvm64.c I found the line:
>
> wp.wcr = deposit32(wp.wcr, 24, 4, bits); // ie **4** bits
> instead of **5**
>
>
> If it’s not copying (or calculating?) the number of bits correctly this would
> explain the behaviour I’m seeing:
>
> If I set
>
> DBGWVR0_EL1 = 0x00800000
>
> and
>
> DBGWCR0_EL1 = 0x1F<<24 | 0xFF<<5 | 0b11<<3 | 0b11<<1 | 0b1<<0
>
> and then access memory [0x00807FFF] I get a watchpoint exception. (ie.
> watchpoints ARE working/enabled)
>
> But if I access [0x008080000] I *don’t* get an exception.
>
> **If the MASK field gets set to 0b1111 instead of 0b11111 then only the
> bottom 15 bits of the address get masked (instead of 31) and the masked
> address isn’t 0x00800000, and the exception won’t be triggered.**
>
>
> Unfortunately, changing the 4 to a 5 and recompiling had no effect :-(
>
> I may well have misunderstood something. :-/
>
> —Chris