(lib/model) fix: exit step early before initialisation

bensimner · bensimner · commit d2e4ab7e003f · 2025-04-23T15:03:35.000+01:00
Check `is_initialised` early, before trying to acquire any locks.
This means that if we take casemate steps before pgtables are enabled,
we keep going and do not try perform any atomic operations later on
(namely the Casemate internal locks).
diff --git a/src/lib/include/casemate-impl/sync.h b/src/lib/include/casemate-impl/sync.h
@@ -5,4 +5,10 @@ void init_sm_lock(void);
 void lock_sm(void);
 void unlock_sm(void);
 
+#define LOAD_RLX(L) \
+  *((volatile typeof(L)*)&L)
+
+#define STORE_RLX(L, V) \
+  *((volatile typeof(L)*)(&L)) = V
+
 #endif /* CASEMATE_SYNC_H */
diff --git a/src/lib/src/model.c b/src/lib/src/model.c
@@ -1711,9 +1711,6 @@ void step(struct casemate_model_step trans)
 	touched_watchpoint = false;
 	traced_current_trans = false;
 
-	if (!is_initialised)
-		goto out;
-
 	if (!opts()->enable_checking)
 		goto out;
 
@@ -1757,6 +1754,9 @@ void step(struct casemate_model_step trans)
 
 void casemate_model_step(struct casemate_model_step trans)
 {
+	if (!LOAD_RLX(is_initialised))
+		return;
+
 	lock_sm();
 	step(trans);
 	unlock_sm();
diff --git a/src/lib/src/utilities/blobs.c b/src/lib/src/utilities/blobs.c
@@ -12,7 +12,7 @@ void initialise_ghost_ptes_memory(phys_addr_t phys, u64 size) {
 		the_ghost_state->memory.blobs_backing[i].valid = false;
 		the_ghost_state->memory.ordered_blob_list[i] = 0xDEADDEADDEADDEAD;
 	}
-	is_initialised = true;
+	STORE_RLX(is_initialised, true);
 	GHOST_LOG_CONTEXT_EXIT();
 }
 

Original file line number	Diff line number	Diff line change
`@@ -12,7 +12,7 @@ void initialise_ghost_ptes_memory(phys_addr_t phys, u64 size) {`
`12`	`12`	`the_ghost_state->memory.blobs_backing[i].valid = false;`
`13`	`13`	`the_ghost_state->memory.ordered_blob_list[i] = 0xDEADDEADDEADDEAD;`
`14`	`14`	`}`
`15`		`- is_initialised = true;`
	`15`	`+ STORE_RLX(is_initialised, true);`
`16`	`16`	`GHOST_LOG_CONTEXT_EXIT();`
`17`	`17`	`}`
`18`	`18`