SailBugfix: pmp_cfg_idx must be multiplied by two

francois141 · CharlyCst · commit 2e7f88837ca8 · 2025-01-31T14:56:55.000+01:00
The pmpcfg registers have a stride of two, therefore we also need to multiply the pmp_cfg_idx by two.
diff --git a/model_checking/src/lib.rs b/model_checking/src/lib.rs
@@ -158,10 +158,7 @@ pub fn fences() {
 #[cfg_attr(kani, kani::proof)]
 #[cfg_attr(test, test)]
 pub fn read_csr() {
-    let (mut ctx, mctx, mut sail_ctx) = symbolic::new_symbolic_contexts();
-
-    // Infinite number of pmps for the formal verification
-    ctx.nb_pmp = usize::MAX;
+    let (ctx, mctx, mut sail_ctx) = symbolic::new_symbolic_contexts();
 
     let csr_register = generate_csr_register();
 
diff --git a/src/virt/csr.rs b/src/virt/csr.rs
@@ -91,7 +91,7 @@ impl RegisterContextGetter<Csr> for VirtContext {
                     log::warn!("Invalid pmpcfg {}", pmp_cfg_idx);
                     return 0;
                 }
-                if pmp_cfg_idx >= self.nb_pmp / 8 {
+                if pmp_cfg_idx >= 2 * self.nb_pmp / 8 {
                     // This PMP is not emulated
                     return 0;
                 }

Original file line number	Diff line number	Diff line change
`@@ -91,7 +91,7 @@ impl RegisterContextGetter<Csr> for VirtContext {`
`91`	`91`	`log::warn!("Invalid pmpcfg {}", pmp_cfg_idx);`
`92`	`92`	`return 0;`
`93`	`93`	`}`
`94`		`- if pmp_cfg_idx >= self.nb_pmp / 8 {`
	`94`	`+ if pmp_cfg_idx >= 2 * self.nb_pmp / 8 {`
`95`	`95`	`// This PMP is not emulated`
`96`	`96`	`return 0;`
`97`	`97`	`}`