Skip to content

[Bug Report] Incorret mask for mcontrol.action #1032

Closed
@Phantom1003

Description

We found the mask for mcontrol.action is 0x3f, while this field is only 4 bits width.
image

action = (triggers::action_t) get_field(val, MCONTROL_ACTION);

#define MCONTROL_ACTION (0x3f<<12)

We triggered this bug by randomly writing data to csr.
If users try to set the sizelo field next to it (although it appears that spike does not yet support), it will cause an illegal action to be saved, and then the abort() will be triggered at line 337 below, causing the simulation to end.

switch (t.action) {
case triggers::ACTION_DEBUG_MODE:
enter_debug_mode(DCSR_CAUSE_HWBP);
break;
case triggers::ACTION_DEBUG_EXCEPTION: {
trap_breakpoint trap(state.v, t.address);
take_trap(trap, pc);
break;
}
default:
abort();

@ProjectDimlight helps reproduce the problem

cc to @timsifive

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions