Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] Instruction Access Fault during transition from Machine to Hypervisor/Supervisor Mode #2687

Closed
1 task done
riscv914 opened this issue Jan 7, 2025 · 0 comments
Closed
1 task done

[BUG] Instruction Access Fault during transition from Machine to Hypervisor/Supervisor Mode #2687

riscv914 opened this issue Jan 7, 2025 · 0 comments
Labels
Type:Bug For bugs in the RTL, Documentation, Verification environment or Tool and Build system

Comments

@riscv914
Copy link

riscv914 commented Jan 7, 2025

Is there an existing CVA6 bug for this?

  • I have searched the existing bug issues

Bug Description

Bug Description:

Attempting to switch from Machine mode (M-mode) to Hypervisor/Supervisor mode (HS-mode/S-mode) using an instruction access fault exception, even when address translation is configured as Bare (satp.MODE = 0) and no memory protection is enabled, results in an unexpected Instruction Access Fault. The same scenario executes correctly on the Spike simulator.

According to the RISC-V ISA specification:

"When MODE=Bare, supervisor virtual addresses are equal to supervisor physical addresses, and there is no additional memory protection beyond the physical memory protection scheme described in Section 3.7."

Therefore, in Bare mode, there should be no translation or access fault for valid physical addresses, and the exception should not occur unless physical memory protection (PMP) explicitly restricts access.

Code for Reproducing the Bug:

int main() {
    asm volatile ("li t0, 0x0");               // Set satp to Bare mode
    asm volatile ("csrw satp, t0");
    asm volatile ("csrr t0, satp");

    asm volatile ("li t0, (1<<11)");           // Set MPP to Supervisor mode
    asm volatile ("csrs mstatus, t0");
    asm volatile ("csrr t0, mstatus");

    asm volatile ("li t0, 0x0000000080001220");  // Any address within valid range
    asm volatile ("csrw mepc, t0");
    asm volatile ("fence.i");                  // Ensure instruction synchronization
    asm volatile ("mret");                     // Return to Supervisor mode
}

Expected Behavior:

Since address translation is disabled (Bare mode) and no PMP restrictions are configured, the transition to Supervisor mode and execution at the specified address should succeed without generating an instruction access fault.

Observed Behavior:

An instruction access fault occurs unexpectedly during the mret execution, despite the system being in Bare mode with unrestricted memory access.

CVA6 commit: 2155d0e
Build config : cv64a6_imafdch_sv39_wb
@riscv914 riscv914 added the Type:Bug For bugs in the RTL, Documentation, Verification environment or Tool and Build system label Jan 7, 2025
@riscv914 riscv914 changed the title [BUG] Attemp to switch to Hypervisor/supervisor mode through Instruction Access Fault [BUG] Instruction Access Fault during transition from Machine to Hypervisor/Supervisor Mode Jan 7, 2025
@riscv914 riscv914 closed this as completed Jan 7, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Type:Bug For bugs in the RTL, Documentation, Verification environment or Tool and Build system
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@riscv914