search

SonalPinto / kronos

Kronos is a 3-stage in-order RISC-V RV32I_Zicsr_Zifencei core geared towards FPGA implementations
https://sonalpinto.github.io/kronos/#/
Apache License 2.0
69 stars 9 forks source link

[Bug report] Processor hangs shortly after reading a non-existent CSR instead of throwing an exception #7

Open flaviens opened 1 year ago

flaviens commented 1 year ago

Hi there!

I've detected a bug in Kronos.

Brief bug description

Accessing non-existent CSR does not raise an illegal instruction, but instead hangs after a couple of instructions later.

The RISC-V specification says:

Attempts to access a non-existent CSR raise an illegal instruction exception.

Example snippet

Here is an example snippet, given that, as specified by the RISC-V specification:

In systems without S-mode, the medeleg and mideleg registers should not exist.

In the snippet below, the program should take the exception, store 1 into address 0x0 and then take infinite_loop1. Instead, it hangs after fetching 4 instructions after the CSR instruction. Remark that the nops here matter, because the CPU does not immediately hang.

  .section ".text.init","ax",@progbits
  .globl _start
  .align 2
_start:
  la a0, 0x0

  la t1, .trap_handler
  csrrw zero, mtvec, t1

  csrr t1, medeleg

  nop

  li t0, 0
  sw t0, (a0)

infinite_loop0:
  j infinite_loop0

.section ".trap_handler","ax",@progbits
trap_handler:

  li t0, 1
  sw t0, (a0)

infinite_loop1:
  j infinite_loop1

Thanks! Flavien

EDIT: The hang only seems to happen when we read the non-existent CSR, i.e., with a destination register that is not zero.