netbsd-bugs: port-i386/25014: performance counters cause panic on Pentium 4 machines

Subject: port-i386/25014: performance counters cause panic on Pentium 4 machines
To: None <gnats-bugs@gnats.netbsd.org>
From: None <thesing@cs.uni-sb.de>
List: netbsd-bugs
Date: 04/01/2004 22:16:15

>Number:         25014
>Category:       port-i386
>Synopsis:       Using performance counters on Pentium 4 machines causes panic
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    port-i386-maintainer
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Apr 01 20:17:00 UTC 2004
>Closed-Date:
>Last-Modified:
>Originator:     Stephan Thesing
>Release:        NetBSD 1.6.2_STABLE and 2.0 and current
>Organization:
Saarland University
>Environment:
	
	
System: NetBSD  1.6.2_STABLE NetBSD 1.6.2_STABLE (Itanium 150503 ST) #3: Mon Mar 22 10:42:36 CET 2004 
Architecture: i386
Machine: i386
>Description:
Using the performance counters on machines with a Pentium 4 causes a system panic.
When performance counters are compiled into the kernel (options PERFCTRS) on a Pentium 4 machine, 
using them via the i386_pmc_startstop API causes a system panic.
This is because the performance counters use either the i586 or i686 (or Athlon, in 2.0, -current)
performance counter special registers. 
These are, however, model specific and the Pentium 4 uses a different programming model for
performance counters and different special registers.
The code in /usr/src/sys/arch/i386/pmc.c only destinguishes between I586, I686 (and Athlon)
architecture, where the Pentium 4 is classified as I686.
Thus, the code tries to set the I686 special registers when performance counting is enabled, which
are not present on the Pentium 4 and thus a kernel trap results, panicing the machine.
As with 1.6.2 PERFCTRS is in the GENERIC kernels, this allows any user to panic the system easily...

>How-To-Repeat:
run `/usr/bin/pmc -c whatever /bin/ls` on a Pentium 4 machine
	
>Fix:
Either pmc.c should check for the presence of a Pentium 4 (e.g. by testing if the family field
from the cpu_id global variable is equal to 15) and disable the performance counting API if one is found
or support for the Pentium 4 should be added. As the programming model for the performance counting
is quite different on the Pentium 4, the later alternatives necessiates a redesign of the API.....

>Release-Note:
>Audit-Trail:
>Unformatted: