[BUG] Failure to Trigger NX Exception Under Specific Microarchitectural Conditions

[youzi27]

Is there an existing CVA6 bug for this?

• [X] I have searched the existing bug issues

Bug Description

Description I have encountered a bug where the NX (Inexact) bit in the fflags register fails to be set under certain microarchitectural conditions, specifically after clearing the fflags register(necessary) and then executing an operation that should simultaneously trigger both Overflow (OF) and Inexact (NX) exceptions. This behavior deviates from the expected IEEE 754 standard compliance.

Steps to Reproduce

main:
fsflags a2, zero
la t0, value_ft1
la t1, value_ft3
fld ft1, 0(t0) 
fld ft3, 0(t1) 
fdiv.d ft3, ft1, ft3
frflags a2

.section .data
.align 8
value_ft1:
    .dword 0x403d000000000000
value_ft3:
    .dword 0x0000000000000001

Expected Behavior: fflags = 0x5 Actual Behavior: fflags = 0x4

Note: This is a different issue from https://github.com/pulp-platform/fpu_div_sqrt_mvp/issues/15, as they have different triggering conditions. The previous trigger method has already been fixed; now, we are facing a different new bug.

[Nolan-Ashford]

Hi.This issue is a duplicate of https://github.com/pulp-platform/fpu_div_sqrt_mvp/issues/15. Although the previous issue has been resolved, the version of CVA6 is not synchronized with the latest version of cvfpu. Therefore, this is essentially the same issue.

[youzi27]

Thank you for your attention to the issue. However, your response is inaccurate. Specifically:

• Please read the issue I submitted carefully (see the NOTE section). This issue is different from the previous one; it is about a microarchitecture problem. This issue will only be triggered when the flags are cleared; otherwise, it will not be triggered.
• The previous issue (https://github.com/pulp-platform/fpu_div_sqrt_mvp/issues/15) has been fixed and cannot be reproduced in CVA6, at least.
• A friendly suggestion: I hope you can run the code I uploaded to verify it yourself.

Therefore, this is a new bug for CVA6.

[riscv914]

I see the similar bug, however I can trigger it on latest version of CVA6 (actually today's latest commit). CVA6 do not set NX flag in following test case which overflow is happening.

fdiv.s  ft0, fs8, ft8 // fs8 = ffffffff79a94000 & ft8 = ffffffff23fb8000
// ft0 = ffffffff7f800000 & fflags=0x4

So, without any configuration or microarchitecture settings it is still bug.

[youzi27]

Hi @riscv914,

Thank you for your attention to this issue. Please use the pseudocode I provided to verify whether pre-clearing the fflags would affect the triggering of the NX bit. At least in the version I was using when I asked this issue, it was affected by this, meaning whether writing to fflags in advance would influence the triggering of the NX bit.

Thank you!