softmmu 'at' not behaving
Host environment
- Operating system: Ubuntu 20
- OS/kernel version: Linux mainline (5.10.n)
- Architecture: x86-64
- QEMU flavor: tag: 6.1.0
- QEMU version: 6.1.0
- QEMU command line:
qemu-system-aarch64 --accel tcg,thread=multi -d guest_errors,unimp -D qemudebug.log -machine virt,virtualization=on,secure=off,gic-version=3,highmem=off -cpu max,sve=off -m 4G -smp 4 -mem-path devmem -S -s -kernel Image -append 'root=/dev/vda1 console=ttyAMA0 mem=3G nokaslr loglevel=8 rw' -device e1000,netdev=net0 -netdev user,id=net0,host=192.168.7.1,net=192.168.7.0/24,restrict=off,hostname=guest,hostfwd=tcp:192.168.8.151:10022-192.168.7.2:22 ubuntu-18.04.3-preinstalled-server-arm64.qcow2 -nographic
Emulated/Virtualized environment
- Operating system: Ubuntu 18
- OS/kernel version: Custom 5.10 mainline kernel
- Architecture: aarch64
Description of problem
This looks like a bug to me, please correct if I'm wrong. The execution context is EL2 here and we run KVM vms on top of the system emulation. Anyway, here we have stopped in the EL2 and want to translate a virtual address '0' with 'at'. While the '0' itself is not mapped, something in the first gigabyte is, and the softmmu refuses to walk to it:
0x0000000100004a3c <at_s12e1r+8>: 80 78 0c d5 at s12e1r, x0 0x0000000100004a40 <at_s12e1r+12>: 01 74 38 d5 mrs x1, par_el1
(gdb) info registers x0 x1 x0 0x0 0 x1 0x809 2057
So that would be translation fault level 0, stage 1 if I'm not mistaken.
(gdb) info all-registers TCR_EL1 VTCR_EL2 TTBR1_EL1 TCR_EL1 0x400035b5503510 18014629184681232 VTCR_EL2 0x623590 6436240 TTBR1_EL1 0x304000041731001 217298683118686209
(gdb) p print_table(0x41731000) 000:0x000000ffff9803 256:0x000000fffff803 507:0x00000041fbc803 508:0x000000ff9ef803
The first gigabyte is populated, yet the 'at' knows nothing about it. Did I miss something? This seems to be working fine on the hardware.
Steps to reproduce
- Stop in the EL2 while the linux is running (GDB)
- Use something along the lines of this function to translate any kernel virtual address: https://github.com/jkrh/kvms/blob/4c26c786be9971613b3b7f56121c1a1aa3b9585a/core/helpers.h#L74