Hello, This is a bug report of an issue observed on Linux 6.17.3 as the host kernel on Neoverse V2 (Graviton4 SoC) when running a nested virt VM. The guest kernel is 6.6.49.
When the L1 guest attempts to access to ZCR_EL2, we do see: [ 4756.369280] ------------[ cut here ]------------ [ 4756.369572] WARNING: CPU: 74 PID: 2705 at ./arch/arm64/include/asm/kvm_emulate.h:595 perform_access+0x158/0x168 [ 4756.370394] Modules linked in: cfg80211 rfkill vfat fat aes_ce_blk aes_ce_cipher polyval_ce ghash_ce gf128mul sm4 sha3_ce arm_cmn arm_smmuv3_pmu arm_spe_pmu tun sg loop dm_mod nfnetlink ena ptp pps_core ixgbevf virtio_net net_failover failover nvme nvme_core nvme_keyring nvme_auth ipmi_poweroff ipmi_devintf ipmi_msghandler [ 4756.372730] CPU: 74 UID: 1000 PID: 2705 Comm: qemu-system-aar Tainted: G W 6.17.3-arch2-1 #1 PREEMPT(full) ca9b486f90f26691f674c1b85c4d4a845fe363fb [ 4756.373936] Tainted: [W]=WARN [ 4756.374169] Hardware name: Amazon EC2 r8g.metal-24xl/Not Specified, BIOS 1.0 10/16/2017 [ 4756.374821] pstate: 62400009 (nZCv daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 4756.375387] pc : perform_access+0x158/0x168 [ 4756.375729] lr : perform_access+0x48/0x168 [ 4756.376064] sp : ffff80008916b820 [ 4756.376336] x29: ffff80008916b820 x28: ffff00000e0c0000 x27: 0000000000000000 [ 4756.376911] x26: 0000000000000000 x25: 0000000000000000 x24: ffff800082106000 [ 4756.377489] x23: ffff00004aa0b380 x22: 0000000000000018 x21: ffff000069c4bba8 [ 4756.378073] x20: ffffa41769e93b58 x19: ffff0000377e1c20 x18: ffff5ca53480e000 [ 4756.378656] x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000002 [ 4756.379239] x14: 0000000000000000 x13: 0000000000001388 x12: 00000000000013f0 [ 4756.379813] x11: 0000000000000eb4 x10: 0000000000000044 x9 : ffffa41768d01db8 [ 4756.380391] x8 : ffff0003f9dd4ec4 x7 : 0000000000000eb4 x6 : 00000425d3beaea1 [ 4756.380978] x5 : 0000000000000000 x4 : ffffa41768d05bf4 x3 : 0000000000000003 [ 4756.381556] x2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000009 [ 4756.382135] Call trace: [ 4756.382335] perform_access+0x158/0x168 (P) [ 4756.382677] kvm_handle_sys_reg+0x114/0x1f0 [ 4756.383017] handle_exit+0x60/0x178 [ 4756.383300] kvm_arch_vcpu_ioctl_run+0x2e8/0xa08 [ 4756.383674] kvm_vcpu_ioctl+0x1a4/0xae0 [ 4756.383991] __arm64_sys_ioctl+0xac/0x108 [ 4756.384314] invoke_syscall.constprop.0+0x64/0xe8 [ 4756.384696] el0_svc_common.constprop.0+0xc0/0xe8 [ 4756.385079] do_el0_svc+0x24/0x38 [ 4756.385344] el0_svc+0x3c/0x170 [ 4756.385598] el0t_64_sync_handler+0xa0/0xf0 [ 4756.385939] el0t_64_sync+0x198/0x1a0 [ 4756.386241] ---[ end trace 0000000000000000 ]— A KVM trace of the VM says: > trace-cmd report | grep kvm_sys_access | tail -1 qemu-system-aar-2705 [074] ..... 4756.369276: kvm_sys_access: [FAILED TO PARSE] vcpu_pc=0x40b6f8b8 is_write=1 name=0xffffa4176a420760 Op0=3 Op1=4 CRn=1 CRm=2 Op2=0 This is due to guest accesses to ZCR_EL2 not being handled properly. A workaround is to run with -cpu host,sve=off (or with disabling VHE via the E2H0 cap) - which allows the guest to boot successfully. Thank you,
