Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Bug Report] incorrect DRET decoder #899

Closed
Phantom1003 opened this issue Jun 3, 2022 · 1 comment
Closed

[Bug Report] incorrect DRET decoder #899

Phantom1003 opened this issue Jun 3, 2022 · 1 comment

Comments

@Phantom1003
Copy link
Contributor

Phantom1003 commented Jun 3, 2022

Our co-simulation framework found the decoder has an incorrect behavior when execute a dret with non-zero rd field.

According to the Debug Specification Version 1.0.0:

To resume execution, the debug module sets a flag which causes the hart to execute a dret. dret is an instruction that only has meaning while in Debug Mode and not executing from the Program Buffer. Its recommended encoding is 0x7b200073.

When modified instr[11:7] to 5'b00001. cva6 treats this invalid dret as normal dret as well. No exception occurred. The implementation is missing a check for this field.

In the following test case, there is an invalid dret at 0x8000019c, whose rd field is 1, cva6 execute it as normal instruction, while spike throws an excaption.

[spike] core   0: 0x000000008000019c (0x7b200273) unknown
[spike] core   0: exception trap_illegal_instruction, epc 0x000000008000019c
[spike] core   0:           tval 0x000000007b200273
[spike] core   0: 0x0000000080000004 (0x00000f17) auipc   t5, 0x0
[error] PC SIM 0000000080000004, DUT 000000008000019c
[error] INSN SIM 00000f17, DUT 7b200273
[CJ] Commit Failed
[cva6]     786ns      771 D 000000008000019c 0 7b200273 INVALID   // CVA6 continues to execute 
[cva6]    1068ns     1053 S 000000008000017c 0 0ff0000f fence         // subsequent instructions

We believe is the debug mode checking reset the correct signal:

cva6/core/decoder.sv

Lines 134 to 135 in 909d85a

// check that we are in debug mode when executing this instruction
illegal_instr = (!debug_mode_i) ? 1'b1 : 1'b0;

cva6-3.zip

@LuminaDCIX helps reproduce the problem

@zarubaf
Copy link
Contributor

zarubaf commented Jun 7, 2022

Ah nice catch. Would you mind preparing a PR for that? This would be greatly appreciated. Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants