QEMU

RISC-V mstatus TSR bit not correctly implemented

Bug #1851939 reported by tm on 2019-11-09

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	QEMU	Fix Released	Undecided	Unassigned

Bug Description

Hi,

since qemu 4.1.0 the TSR bit in mstatus register is supported. But it does not allow for executing sret in m-mode.

From the RISC-V specifications:
"When TSR=1, attempts to execute SRET while executing in S-mode will raise an illegal instruction
exception. When TSR=0, this operation is permitted in S-mode."

This means an exception should only be raised when executing in S-mode, but not in M-mode, hence you should change the condition in helper_sret (target/riscv/op_helper.c) from:
     if (env->priv_ver >= PRIV_VERSION_1_10_0 &&
          get_field(env->mstatus, MSTATUS_TSR))
to:
     if (env->priv_ver >= PRIV_VERSION_1_10_0 &&
          get_field(env->mstatus, MSTATUS_TSR) && !(env->priv >= PRV_M))

Tags:

Revision history for this message

Laurent Vivier (laurent-vivier) wrote on 2020-04-30:

Fixed here:
https://git.qemu.org/?p=qemu.git;a=commitdiff;h=ed5abf46b3c4

Changed in qemu:
status:	New → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.