From 383fd3ea00128cf65fbea0e4cbdb9849945c854b Mon Sep 17 00:00:00 2001
From: Alan Cox <alc@FreeBSD.org>
Date: Wed, 3 Jul 2024 00:15:35 -0500
Subject: [PATCH] arm64: Handle an unaligned start in pmap_mask_set_locked()

In pmap_mask_set_locked(), correctly handle a starting address that is
in the middle of an L3C page.  The symptoms arising from this error
included assertion failures in pmap_demote_l3c().

Reported by:	andrew
Reviewed by:	markj
Fixes:	fd6cb031f577 "arm64 pmap: Add ATTR_CONTIGUOUS support [Part 1]"
Differential Revision:	https://reviews.freebsd.org/D45851
---
 sys/arm64/arm64/pmap.c | 18 ++++++++++++++++--
 1 file changed, 16 insertions(+), 2 deletions(-)

diff --git a/sys/arm64/arm64/pmap.c b/sys/arm64/arm64/pmap.c
index f4a46823428aee..a9cb8c7fe46828 100644
--- a/sys/arm64/arm64/pmap.c
+++ b/sys/arm64/arm64/pmap.c
@@ -4403,8 +4403,22 @@ pmap_mask_set_locked(pmap_t pmap, vm_offset_t sva, vm_offset_t eva, pt_entry_t m
 					va = va_next;
 				}
 				if ((l3 & ATTR_CONTIGUOUS) != 0) {
-					l3p += L3C_ENTRIES - 1;
-					sva += L3C_SIZE - L3_SIZE;
+					/*
+					 * Does this L3C page extend beyond
+					 * the requested range?  Handle the
+					 * possibility that "va_next" is zero.
+					 */
+					if ((sva | L3C_OFFSET) > va_next - 1)
+						break;
+
+					/*
+					 * Skip ahead to the last L3_PAGE
+					 * within this L3C page.
+					 */
+					l3p = (pt_entry_t *)((uintptr_t)l3p |
+					    ((L3C_ENTRIES - 1) *
+					    sizeof(pt_entry_t)));
+					sva |= L3C_SIZE - L3_SIZE;
 				}
 				continue;
 			}