MP.TTf.inv+dsbs

Description

The translates on the reader side are not ordered, as the DSB SY does not order them by itself (it needs an ISB), except with ETS, which would provide order with the faults.

Source

[download toml source]
Page table setup Code
physical pa1 pa2; x |-> invalid; x ?-> pa1; y |-> invalid; y ?-> pa2; *pa1 = 1; *pa2 = 1; identity 0x1000 with code;
Thread 0
{R0=mkdesc3(oa=pa1), R1=pte3(x, page_table_base), R2=mkdesc3(oa=pa2), R3=pte3(y, page_table_base)}
STR X0,[X1] DSB SY STR X2,[X3]
Thread 1
{R1=y, R3=x, VBAR_EL1=extz(0x1000, 64), PSTATE.SP=0b0, PSTATE.EL=0b00}
LDR X2,[X1] MOV X0,X2 DSB SY LDR X2,[X3]
thread1_el1_handler
MOV X2,#0 MRS X13,ELR_EL1 ADD X13,X13,#4 MSR ELR_EL1,X13 ERET
Final State
1:X0 = 1 & 1:X2=0

Execution Diagrams

Results

ETS MP.TTf.inv+dsbs forbidden (0 of 4) 28800ms
strong MP.TTf.inv+dsbs allowed (1 of 4) 64484ms

Command-line invocation

isla-axiomatic --arch=/path/to/rems-project/isla-snapshots/aarch64.ir --config=/path/to/rems-project/isla/configs/aarch64_mmu_on.toml --footprint-config=/path/to/rems-project/isla/configs/aarch64.toml --model=/path/to/rems-project/systems-isla-tests/models/aarch64_mmu_strong_ETS.cat --armv8-page-tables --check-sat-using "(then dt2bv qe simplify solve-eqs bv)" --remove-uninteresting safe --dot . -t /path/to/litmus-tests/litmus-tests-armv8a-system-vmsa/tests/pgtable/HAND/MP.TTf.inv+dsbs.litmus.toml

To generate diagrams we use model aarch64_mmu_no_axioms.cat to get diagrams of forbidden executions. To generate LaTeX sources of each test, pass --latex=.