| Page table setup | Code |
|---|---|
physical pa1 pa2;
x |-> invalid;
x ?-> pa1;
y |-> invalid;
y ?-> pa2;
*pa1 = 1;
*pa2 = 1;
identity 0x1000 with code;
|
|
| Thread 0 | |
{R0=mkdesc3(oa=pa1), R1=pte3(x, page_table_base), R2=mkdesc3(oa=pa2), R3=pte3(y, page_table_base)}
|
|
STR X0,[X1]
DMB SY
STR X2,[X3]
|
|
| Thread 1 | |
{R1=y, R3=x, VBAR_EL1=extz(0x1000, 64), PSTATE.SP=0b0, PSTATE.EL=0b00}
|
|
LDR X2,[X1]
MOV X0,X2
DSB SY
ISB
LDR X2,[X3]
|
|
| thread1_el1_handler | |
MOV X2,#0
MRS X13,ELR_EL1
ADD X13,X13,#4
MSR ELR_EL1,X13
ERET
|
|
| Final State | |
1:X0 = 1 & 1:X2=0 |
|
| ETS | MP.TTf.inv+dmb+dsb-isb forbidden (0 of 4) 47972ms |
| strong | MP.TTf.inv+dmb+dsb-isb forbidden (0 of 4) 27192ms |
isla-axiomatic
--arch=/path/to/rems-project/isla-snapshots/aarch64.ir
--config=/path/to/rems-project/isla/configs/aarch64_mmu_on.toml
--footprint-config=/path/to/rems-project/isla/configs/aarch64.toml
--model=/path/to/rems-project/systems-isla-tests/models/aarch64_mmu_strong_ETS.cat
--armv8-page-tables
--check-sat-using "(then dt2bv qe simplify solve-eqs bv)"
--remove-uninteresting safe
--dot .
-t /path/to/litmus-tests/litmus-tests-armv8a-system-vmsa/tests/pgtable/HAND/MP.TTf.inv+dmb+dsb-isb.litmus.toml
To generate diagrams we use model aarch64_mmu_no_axioms.cat to get diagrams of forbidden executions.
To generate LaTeX sources of each test, pass --latex=.