Pagetable walk throws access violation even with no PMP entries set

[sammy17]

I ran the attached assembly program with dromajo and it gives an exception on a nop instruction. I ran the same program on Spike and it ignored nop instruction and proceeded as expected.

I have attached a zip file that contains the compiled binary file (test.elf), assembly file (test.S), and disassembly of the binary (test.txt).

The following figure shows the diff between Spike trace and dromajo trace. nop instruction is located after the highlighted mret instruction.

test.zip

[et-tommythorn]

Thank you, this is fascinating. I see more than one issue here. Observations in order:

1. Dromajo is throwing an exception due to the pagetable access not passing the PMP check. It has nothing to do with the actual instruction.
2. "The effective privilege mode for implicit page-table accesses is S." -- paragraph 3.7.2 in the priviledge RISC-V spec, but Dromajo is just using the regular physical memory check which uses the effective privilege (here 0 = User).
3. However, even S would fail due to the trailing priv == PRIV_M check. It looks like it should have passed if I interpret "If no PMP entry matches an S-mode or U-mode access, but at least one PMP entry is implemented, the access fails." correctly (near the end of 3.7.1).

Two things before I can fix these bugs:

1. Find out why all these tests have been passing despite these egregious bugs.
2. Get a little more clarity on the semantics of having no PMP entries set.