BBM.Tf+dsb-tlbiis-dsb

Description

This illustrates the other allowed outcome of the previous test: the correct use of break-before-make ensures that the change of output address is safe, but does not guarantee that the new page table entry is seen. Thread 1 sees a translation-fault from the transient invalid entry during the break-before-make sequence.

Source

[download toml source]
Page table setup Code
physical pa1 pa2; x |-> pa1; x ?-> invalid; x ?-> pa2; identity 0x1000 with code; *pa2 = 2;
Thread 0
{R0=extz(0b0, 64), R1=pte3(x, page_table_base), R2=mkdesc3(oa=pa2), R4=extz(0b1, 64), R6=extz(page(x), 64), PSTATE.EL=0b01}
STR X0,[X1] DSB SY TLBI VAE1IS,X6 DSB SY STR X2,[X1]
Thread 1
{R1=x, VBAR_EL1=extz(0x1000, 64), PSTATE.SP=0b0, PSTATE.EL=0b00}
LDR X0,[X1]
thread1_el1_handler
MOV X0,#1
Final State
1:X0=1

Execution Diagrams

Results

ETS BBM.Tf+dsb-tlbiis-dsb allowed (1 of 3) 13659ms
strong BBM.Tf+dsb-tlbiis-dsb allowed (1 of 3) 9196ms

Command-line invocation

isla-axiomatic --arch=/path/to/rems-project/isla-snapshots/aarch64.ir --config=/path/to/rems-project/isla/configs/aarch64_mmu_on.toml --footprint-config=/path/to/rems-project/isla/configs/aarch64.toml --model=/path/to/rems-project/systems-isla-tests/models/aarch64_mmu_strong_ETS.cat --armv8-page-tables --check-sat-using "(then dt2bv qe simplify solve-eqs bv)" --remove-uninteresting safe --dot . -t /path/to/litmus-tests/litmus-tests-armv8a-system-vmsa/tests/pgtable/HAND/BBM.Tf+dsb-tlbiis-dsb.litmus.toml

To generate diagrams we use model aarch64_mmu_no_axioms.cat to get diagrams of forbidden executions. To generate LaTeX sources of each test, pass --latex=.