Fault on invalid write

[adamrk]

Hey, thanks for putting this up! I just tried running it, but it seems to be getting stuck on an unhandled exception:

❯ just run-riscv64
...
riscv_cpu_do_interrupt: hart:0, async:0, cause:0000000000000007, epc:0x000000008020aa2a, tval:0x0001000380ae6000, desc=fault_store
Invalid write at addr 0x1000380AE6000, size 4, region '(null)', reason: rejected
riscv_cpu_do_interrupt: hart:0, async:0, cause:0000000000000007, epc:0x000000008020aa2a, tval:0x0001000380ae6000, desc=fault_store
Invalid write at addr 0x1000380AE6000, size 4, region '(null)', reason: rejected
...

This is with

❯ cargo --version
cargo 1.81.0-nightly (4ed7bee47 2024-06-25)

❯ qemu-system-riscv64 --version
QEMU emulator version 6.2.0 (Debian 1:6.2+dfsg-2ubuntu6.21)

Looking at the binaries, the faulting address seems to be here:

❯ riscv64-unknown-elf-objdump -d target/riscv64gc-unknown-none-elf/debug/loader

000000008020aa1c <_ZN6loader4arch7riscv649fillstack17hca16c52fb1691861E>:
    8020aa1c:   2b383337                lui     t1,0x2b383
    8020aa20:   030a                    slli    t1,t1,0x2
    8020aa22:   ace30313                addi    t1,t1,-1330 # 2b382ace <$d.168+0x2b20fb28>
    8020aa26:   405102b3                sub     t0,sp,t0
    8020aa2a:   0062a023                sw      t1,0(t0) # 20000 <$d.18+0x2c5>
    8020aa2e:   02a1                    addi    t0,t0,8
    8020aa30:   fe22ede3                bltu    t0,sp,8020aa2a <_ZN6loader4arch7riscv649fillstack17hca16c52fb1691861E+0xe>
    8020aa34:   8082                    ret
        ...

By the way, how is enabling of logging supposed to work? Just by setting the RUST_LOG env variable?

[JonasKruckenberg]

Hey, thanks for checking out the project, nice to have you around 😄

That is certainly interesting, I have no good way of checking this I think, but I suspect updating your QEMU version (you're on version 6.x, the latest is 9.x) should fix this.

By the way, how is enabling of logging supposed to work? Just by setting the RUST_LOG env variable?

Logging is enabled by default and should work as long as your QEMU supports semihosting (which I suspect your 6.x also doesn't maybe). You currently can't filter by level or module or anything (those would all be very good, very helpful features though!). The logging is set up in the files https://github.com/JonasKruckenberg/k23/blob/main/kernel/src/logger.rs and https://github.com/JonasKruckenberg/k23/blob/main/loader/src/logger.rs for the kernel and loader respectively.

[JonasKruckenberg]

Created and issue for configuring log messages so we don't loose track of it! https://github.com/JonasKruckenberg/k23/issues/11

[w1ll-i-code]

I have the same problem on Fedora 40.

❯ qemu-system-riscv64 --version
QEMU emulator version 8.2.2 (qemu-8.2.2-1.fc40)
Copyright (c) 2003-2023 Fabrice Bellard and the QEMU Project developers

In stdout:

Options { payload: "target/riscv64gc-unknown-none-elf/debug/kernel", cargo_path: "/home/william/.rustup/toolchains/nightly-2024-07-01-x86_64-unknown-linux-gnu/bin/cargo", verbose: 0, release: false, wait_for_debugger: false }
"/home/william/Documents/github/k23/target/riscv64gc-unknown-none-elf/debug/loader" "/home/william/Documents/github/k23/target/riscv64gc-unknown-none-elf/debug/payload.bin"

OpenSBI v1.3.1
   ____                    _____ ____ _____
  / __ \                  / ____|  _ \_   _|
 | |  | |_ __   ___ _ __ | (___ | |_) || |
 | |  | | '_ \ / _ \ '_ \ \___ \|  _ < | |
 | |__| | |_) |  __/ | | |____) | |_) || |_
  \____/| .__/ \___|_| |_|_____/|___/_____|
        | |
        |_|

Platform Name             : riscv-virtio,qemu
Platform Features         : medeleg
Platform HART Count       : 1
Platform IPI Device       : aclint-mswi
Platform Timer Device     : aclint-mtimer @ 10000000Hz
Platform Console Device   : semihosting
Platform HSM Device       : ---
Platform PMU Device       : ---
Platform Reboot Device    : sifive_test
Platform Shutdown Device  : sifive_test
Platform Suspend Device   : ---
Platform CPPC Device      : ---
Firmware Base             : 0x80000000
Firmware Size             : 194 KB
Firmware RW Offset        : 0x20000
Firmware RW Size          : 66 KB
Firmware Heap Offset      : 0x28000
Firmware Heap Size        : 34 KB (total), 2 KB (reserved), 9 KB (used), 22 KB (free)
Firmware Scratch Size     : 4096 B (total), 760 B (used), 3336 B (free)
Runtime SBI Version       : 1.0

Domain0 Name              : root
Domain0 Boot HART         : 0
Domain0 HARTs             : 0*
Domain0 Region00          : 0x0000000002000000-0x000000000200ffff M: (I,R,W) S/U: ()
Domain0 Region01          : 0x0000000080000000-0x000000008001ffff M: (R,X) S/U: ()
Domain0 Region02          : 0x0000000080020000-0x000000008003ffff M: (R,W) S/U: ()
Domain0 Region03          : 0x0000000000000000-0xffffffffffffffff M: (R,W,X) S/U: (R,W,X)
Domain0 Next Address      : 0x0000000080200000
Domain0 Next Arg1         : 0x000000009fe00000
Domain0 Next Mode         : S-mode
Domain0 SysReset          : yes
Domain0 SysSuspend        : yes

Boot HART ID              : 0
Boot HART Domain          : root
Boot HART Priv Version    : v1.12
Boot HART Base ISA        : rv64imafdch
Boot HART ISA Extensions  : time,sstc
Boot HART PMP Count       : 16
Boot HART PMP Granularity : 4
Boot HART PMP Address Bits: 54
Boot HART MHPM Count      : 16
Boot HART MIDELEG         : 0x0000000000001666
Boot HART MEDELEG         : 0x0000000000f0b509

In stderr

    Blocking waiting for file lock on build directory
    Finished `dev` profile [unoptimized + debuginfo] target(s) in 6.52s
     Running `cargo run --package bootimg-runner -- target/riscv64gc-unknown-none-elf/debug/kernel`
    Finished `dev` profile [unoptimized + debuginfo] target(s) in 0.09s
     Running `target/debug/bootimg-runner target/riscv64gc-unknown-none-elf/debug/kernel`
riscv_cpu_do_interrupt: hart:0, async:0, cause:0000000000000002, epc:0x00000000800091f8, tval:0x000000003c002873, desc=illegal_instruction
riscv_cpu_do_interrupt: hart:0, async:0, cause:0000000000000002, epc:0x000000008000a6b0, tval:0x00000000b1302873, desc=illegal_instruction
riscv_cpu_do_interrupt: hart:0, async:0, cause:0000000000000002, epc:0x000000008000a094, tval:0x00000000da002573, desc=illegal_instruction
riscv_cpu_do_interrupt: hart:0, async:0, cause:0000000000000002, epc:0x000000008000a0d8, tval:0x00000000fb002573, desc=illegal_instruction
riscv_cpu_do_interrupt: hart:0, async:0, cause:0000000000000002, epc:0x000000008000a12c, tval:0x0000000030c02673, desc=illegal_instruction
[WARN  loader::machine_info] unknown /chosen property: stdout-path /soc/serial@10000000
[TRACE loader::machine_info] applying reservations for mmode_resv1@80020000
[TRACE loader::machine_info] applying reservations for mmode_resv0@80000000
[DEBUG loader::arch::riscv64] MachineInfo { fdt: 0x9fe00000..0x9fe01516, cpus: 1, memories: [], bootargs: None, rng_seed: Some([100, 219, 27, 244, 162, 149, 104, 75, 224, 164, 117, 129, 16, 5, 60, 88, 71, 28, 245, 12, 105, 48, 56, 81, 87, 4, 88, 230, 179, 62, 4, 126]) }
[INFO  loader] Hart 0 started
[TRACE loader] LoaderRegions { executable: PhysicalAddress(0x80200000)..PhysicalAddress(0x8024f000), read_only: PhysicalAddress(0x8024f000)..PhysicalAddress(0x80e07000), read_write: PhysicalAddress(0x80e07000)..PhysicalAddress(0x80e32000) }
riscv_cpu_do_interrupt: hart:0, async:0, cause:0000000000000005, epc:0x00000000802306ce, tval:0x0000000080027000, desc=fault_load
Invalid write at addr 0x1000560E12000, size 4, region '(null)', reason: rejected
riscv_cpu_do_interrupt: hart:0, async:0, cause:0000000000000007, epc:0x00000000802064b2, tval:0x0001000560e12000, desc=fault_store
Invalid write at addr 0x1000560E12000, size 4, region '(null)', reason: rejected

[JonasKruckenberg]

Okay, so I got curious about why this happens and set up a fedora 40 VM. It seems like indeed on the default QEMU version (8.x) that's shipped with fedora 40 the loader runs into a trap, I was able to fix this issue by installing qemu-system-riscv64-core from the rawhide repository, which had the 9.x branch.

So this might be a fix, still I don't see why k23 should run into such a simple issue on the 8.x branch so I will continue to do some digging