14:55 <LordDoskias> why would the following code: https://pastebin.com/j9W2gyxX

14:55 <LordDoskias> namely the mret, result in an illegal instruction ?

14:56 <LordDoskias> i.e when executing mret instead of jumping at the location written to mepc, it goes into the trap handler and mcause is 0x2

14:56 <LordDoskias> i'm testing on qemu-system-riscv64

14:57 <jrtc27> qemu has a special spec-violating case to help stop you shooting yourself in the foot

14:57 <jrtc27> by default the pmp blocks all s-mode acceses

14:58 <jrtc27> instead of letting you mret then trap immediately it will give an illegal instruction exception if mret'ing to non-m-mode and the pmp is unconfigured

14:59 <jrtc27> otherwise if you have set up medeleg to delegate s-mode's own faults to itself you will end up in an infinite trap loop

15:00 <LordDoskias> is this documented somewhere or there needs to be someone intimately familiar with qemu's internals on #riscv

15:00 <LordDoskias> ;D

15:01 <LordDoskias> why would mret result in an immediate trap ?

15:02 <LordDoskias> shouldn't it just jump to wherever mepc points with privilege as set in MPP ?

15:05 <jrtc27> the mret wouldn't trap, the first instruction fetch after it would

15:05 <LordDoskias> why ?

15:05 <jrtc27> because the pmp blocks it by default

15:05 <LordDoskias> and that happens only on qemu ? an actual physical implementation wouldn't act like that?

15:06 <jrtc27> an actual implementation would trap on the instruction fetch

15:06 <jrtc27> and end up in an infinite trap loop that's a pain to debug

15:06 <jrtc27> (because stvec's target isn't going to be fetchable either)

15:07 <jrtc27> qemu adds a special case to mret that stops you being able to reach that case, but isn't conforming

15:07 <LordDoskias> so the correct workaround is to basically disable pmp ?

15:07 <jrtc27> by making the mret itself fault

15:07 <jrtc27> there is no workaround

15:07 <jrtc27> your code is broken, qemu just changes its symptoms

15:07 <jrtc27> the *fix* is to configure the pmp however you want it configured

15:07 <LordDoskias> strange, according to this blog post: https://danielmangum.com/posts/risc-v-bytes-privilege-levels/

15:07 <LordDoskias> it should have worked

15:11 <jrtc27> older qemu versions didn't have it

15:12 <jrtc27> added in 6.0.0

15:12 <LordDoskias> i see

15:12 <LordDoskias> i guess i have to go and read section 3.6 of the privilege ISA to figure out how to configure the PMP

15:13 <LordDoskias> so M mode is not subject to PMP checks?

15:13 <jrtc27> locked pmp entries apply to m-mode, unlocked ones do not

15:17 <jrtc27> set pmpaddr0 to -1 and pmpcfg0 to napot rwx

15:17 <jrtc27> that's a simple "allow all the things" config

15:18 <jrtc27> (number of trailing 1s in pmpaddr encodes the length for napot, so all 1s gets you the entire space)

16:22 <LordDoskias> jrtc27, so i added:

16:22 <LordDoskias> 0x000000008000003c <+60>:csrspmpcfg0,t4

16:22 <LordDoskias> => 0x0000000080000040 <+64>:lit4,-1

16:22 <LordDoskias> 0x0000000080000044 <+68>:csrspmpaddr0,t4

16:22 <LordDoskias> and now mret results in a trap again, but this time it's a supervisor external interrupt o_O

16:23 <LordDoskias> actually no, it's an environmental call from S-mode o_O

16:24 <LordDoskias> ah right ...

16:24 <LordDoskias> my bad, everything works as expected now, thanks a lot for your help

16:27 <jrtc27> yw :)

16:34 <muurkha> wonderful!

18:30 <conchuod> bisecting on a bad pc sucks, by the time a build is done I've forgotten if I boot tested that hash or not

18:41 <geertu> conchuod: uname -r doesn't show you the hash?

18:57 <conchuod> geertu: don't get uname when you can't boot!

18:57 <conchuod> I mean, the PC doing the builds is bad

20:06 <solrize> https://queue.acm.org/detail.cfm?id=3534854 this is kind of interesting. talks about an ancient OO computer with Ada primitives, and CHERI

22:16 <conchuod> mmind00: smaeul how much of the d1 stuff is in -next?

22:20 <mmind00> conchuod: not that much I think ... the plic already has a compatible, but there is a series from smaeul pending doing more cleanups ... and what I remember from talking with Samuel, I guess the "biggest" fish is the pinctrl driver (there is a slight difference in register offsets compared to "standard" allwinner socs, which requires adapting the pinctrl driver)

22:21 <conchuod> plus maz has complaints about the irq patches

22:22 <conchuod> lol gn