Add a configuration validation function to the model. (riscv#1005)

pmundkur · web-flow · commit a606ebe50984 · 2025-06-11T10:28:43.000Z
This is a start and can be extended to check more invariants of a valid configuration. Configuration validation is done when the model is initialized in `init_model()`. `init_model()` and `reset()` are moved out of `riscv_step.sail` into a new file `riscv_model.sail` to manage the dependency on `riscv_validate_config.sail`. Addresses riscv#860.
diff --git a/c_emulator/riscv_sail.h b/c_emulator/riscv_sail.h
@@ -18,10 +18,11 @@ extern struct zMisa zmisa;
 void model_init(void);
 void model_fini(void);
 
-unit zinit_model(unit);
+unit zinit_model(const_sail_string);
 bool ztry_step(sail_int, bool);
 unit ztick_clock(unit);
 
+bool zconfig_is_valid(unit);
 void zgenerate_dts(sail_string *out, unit);
 
 unit zrvfi_set_instr_packet(mach_bits);
diff --git a/c_emulator/riscv_sim.cpp b/c_emulator/riscv_sim.cpp
@@ -34,6 +34,7 @@
 enum {
   OPT_TRACE_OUTPUT = 1000,
   OPT_PRINT_CONFIG,
+  OPT_VALIDATE_CONFIG,
   OPT_SAILCOV,
   OPT_ENABLE_EXPERIMENTAL_EXTENSIONS,
   OPT_PRINT_DTS,
@@ -42,6 +43,8 @@ enum {
 static bool do_show_times = false;
 bool do_report_arch = false;
 bool do_print_dts = false;
+char *config_file = NULL;
+bool do_validate_config = false;
 char *term_log = NULL;
 static const char *trace_log_path = NULL;
 FILE *trace_log = NULL;
@@ -101,27 +104,28 @@ char *sailcov_file = NULL;
 #endif
 
 static struct option options[] = {
-    {"device-tree-blob",               required_argument, 0, 'b'             },
-    {"terminal-log",                   required_argument, 0, 't'             },
-    {"show-times",                     required_argument, 0, 'p'             },
-    {"report-arch",                    no_argument,       0, 'a'             },
-    {"test-signature",                 required_argument, 0, 'T'             },
-    {"signature-granularity",          required_argument, 0, 'g'             },
-    {"rvfi-dii",                       required_argument, 0, 'r'             },
-    {"help",                           no_argument,       0, 'h'             },
-    {"config",                         required_argument, 0, 'c'             },
-    {"print-default-config",           no_argument,       0, OPT_PRINT_CONFIG},
-    {"trace",                          optional_argument, 0, 'v'             },
-    {"no-trace",                       optional_argument, 0, 'V'             },
-    {"trace-output",                   required_argument, 0, OPT_TRACE_OUTPUT},
-    {"inst-limit",                     required_argument, 0, 'l'             },
+    {"device-tree-blob",               required_argument, 0, 'b'                },
+    {"terminal-log",                   required_argument, 0, 't'                },
+    {"show-times",                     required_argument, 0, 'p'                },
+    {"report-arch",                    no_argument,       0, 'a'                },
+    {"test-signature",                 required_argument, 0, 'T'                },
+    {"signature-granularity",          required_argument, 0, 'g'                },
+    {"rvfi-dii",                       required_argument, 0, 'r'                },
+    {"help",                           no_argument,       0, 'h'                },
+    {"config",                         required_argument, 0, 'c'                },
+    {"print-default-config",           no_argument,       0, OPT_PRINT_CONFIG   },
+    {"validate-config",                no_argument,       0, OPT_VALIDATE_CONFIG},
+    {"trace",                          optional_argument, 0, 'v'                },
+    {"no-trace",                       optional_argument, 0, 'V'                },
+    {"trace-output",                   required_argument, 0, OPT_TRACE_OUTPUT   },
+    {"inst-limit",                     required_argument, 0, 'l'                },
     {"enable-experimental-extensions", no_argument,       0,
-     OPT_ENABLE_EXPERIMENTAL_EXTENSIONS                                      },
+     OPT_ENABLE_EXPERIMENTAL_EXTENSIONS                                         },
 #ifdef SAILCOV
-    {"sailcov-file",                   required_argument, 0, OPT_SAILCOV     },
+    {"sailcov-file",                   required_argument, 0, OPT_SAILCOV        },
 #endif
-    {"print-device-tree",              no_argument,       0, OPT_PRINT_DTS   },
-    {0,                                0,                 0, 0               }
+    {"print-device-tree",              no_argument,       0, OPT_PRINT_DTS      },
+    {0,                                0,                 0, 0                  }
 };
 
 static void print_usage(const char *argv0, int ec)
@@ -139,6 +143,17 @@ static void print_usage(const char *argv0, int ec)
   exit(ec);
 }
 
+static void validate_config(const char *conf_file)
+{
+  const char *s = zconfig_is_valid(UNIT) ? "valid" : "invalid";
+  if (conf_file) {
+    fprintf(stdout, "Configuration in %s is %s.\n", conf_file, s);
+  } else {
+    fprintf(stdout, "Default configuration is %s.\n", s);
+  }
+  exit(0);
+}
+
 static void report_arch(void)
 {
   fprintf(stdout, "RV%" PRIu64 "\n", zxlen);
@@ -248,6 +263,7 @@ static int process_args(int argc, char **argv)
     case 'c': {
       if (access(optarg, R_OK) == 0) {
         sail_config_set_file(optarg);
+        config_file = strdup(optarg);
         have_config = true;
       } else {
         fprintf(stderr, "configuration file '%s' does not exist.\n", optarg);
@@ -258,6 +274,9 @@ static int process_args(int argc, char **argv)
     case OPT_PRINT_CONFIG:
       printf("%s", DEFAULT_JSON);
       exit(0);
+    case OPT_VALIDATE_CONFIG:
+      do_validate_config = true;
+      break;
     case OPT_PRINT_DTS:
       do_print_dts = true;
       break;
@@ -319,14 +338,15 @@ static int process_args(int argc, char **argv)
     std::filesystem::remove(path);
   }
 
-  if (optind > argc || (optind == argc && !rvfi && !do_print_dts)) {
+  if (optind > argc
+      || (optind == argc && !rvfi && !do_print_dts && !do_validate_config)) {
     fprintf(stderr, "No elf file provided.\n");
     print_usage(argv[0], 0);
   }
   if (dtb_file)
     read_dtb(dtb_file);
 
-  if (!rvfi && !do_report_arch && !do_print_dts)
+  if (!rvfi && !do_report_arch && !do_print_dts && !do_validate_config)
     fprintf(stdout, "Running file %s.\n", argv[optind]);
   return optind;
 }
@@ -430,9 +450,9 @@ void init_sail_reset_vector(uint64_t entry)
   zPC = rom_base;
 }
 
-void init_sail(uint64_t elf_entry)
+void init_sail(uint64_t elf_entry, const char *config_file)
 {
-  zinit_model(UNIT);
+  zinit_model(config_file != nullptr ? config_file : "");
   if (rvfi) {
     /*
     rv_ram_base = UINT64_C(0x80000000);
@@ -449,11 +469,11 @@ void init_sail(uint64_t elf_entry)
 }
 
 /* reinitialize to clear state and memory, typically across tests runs */
-void reinit_sail(uint64_t elf_entry)
+void reinit_sail(uint64_t elf_entry, const char *config_file)
 {
   model_fini();
   model_init();
-  init_sail(elf_entry);
+  init_sail(elf_entry, config_file);
 }
 
 void write_signature(const char *file)
@@ -658,6 +678,9 @@ int main(int argc, char **argv)
   if (do_report_arch) {
     report_arch();
   }
+  if (do_validate_config) {
+    validate_config(config_file);
+  }
   if (do_print_dts) {
     print_dts();
   }
@@ -684,7 +707,7 @@ int main(int argc, char **argv)
     (void)load_sail(argv[i], /*main_file=*/false);
   }
 
-  init_sail(entry);
+  init_sail(entry, config_file);
 
   if (gettimeofday(&init_end, NULL) < 0) {
     fprintf(stderr, "Cannot gettimeofday: %s\n", strerror(errno));
@@ -695,7 +718,7 @@ int main(int argc, char **argv)
     run_sail();
     if (rvfi) {
       /* Reset for next test */
-      reinit_sail(entry);
+      reinit_sail(entry, config_file);
     }
   } while (rvfi);
 
diff --git a/model/CMakeLists.txt b/model/CMakeLists.txt
@@ -203,15 +203,21 @@ foreach (xlen IN ITEMS 32 64)
             endif()
 
             set(sail_cfg_srcs
+                "riscv_validate_config.sail"
                 "riscv_device_tree.sail"
             )
 
+            set(sail_model_srcs
+                "riscv_model.sail"
+            )
+
             # Final file list.
             set(sail_srcs
                 ${sail_arch_srcs}
                 ${sail_seq_inst_srcs}
                 ${sail_step_srcs}
                 ${sail_cfg_srcs}
+                ${sail_model_srcs}
                 "main.sail"
             )
 
@@ -268,6 +274,7 @@ foreach (xlen IN ITEMS 32 64)
                         --c-preserve try_step
                         --c-preserve tick_clock
                         --c-preserve generate_dts
+                        --c-preserve config_is_valid
                         # Preserve RVFI functions.
                         --c-preserve rvfi_set_instr_packet
                         --c-preserve rvfi_get_cmd
diff --git a/model/main.sail b/model/main.sail
@@ -28,7 +28,7 @@ function main() : unit -> unit = {
   print_bits("PC = ", PC);
 
   try {
-    init_model();
+    init_model("");
     sail_end_cycle();
     loop()
   } catch {
diff --git a/model/riscv_model.sail b/model/riscv_model.sail
@@ -0,0 +1,27 @@
+/*=======================================================================================*/
+/*  This Sail RISC-V architecture model, comprising all files and                        */
+/*  directories except where otherwise noted is subject the BSD                          */
+/*  two-clause license in the LICENSE file.                                              */
+/*                                                                                       */
+/*  SPDX-License-Identifier: BSD-2-Clause                                                */
+/*=======================================================================================*/
+
+// Chip reset. This only does the minimum resets required by the RISC-V spec.
+function reset() -> unit = {
+  reset_sys();
+  reset_vmem();
+
+  // To allow model extensions (code outside this repo) to perform additional reset.
+  ext_reset();
+}
+
+// Initialize model state. This is only called once; not for every chip reset.
+function init_model(config_filename : string) -> unit = {
+  assert(config_is_valid(), (if   config_filename == ""
+                             then "Default config"
+                             else "Config in " ^ config_filename)
+                             ^ " is invalid.");
+  hart_state = HART_ACTIVE();
+  init_platform();
+  reset();
+}
diff --git a/model/riscv_step.sail b/model/riscv_step.sail
@@ -274,19 +274,3 @@ function loop () : unit -> unit = {
     }
   }
 }
-
-// Chip reset. This only does the minimum resets required by the RISC-V spec.
-function reset() -> unit = {
-  reset_sys();
-  reset_vmem();
-
-  // To allow model extensions (code outside this repo) to perform additional reset.
-  ext_reset();
-}
-
-// Initialize model state. This is only called once; not for every chip reset.
-function init_model() -> unit = {
-  hart_state = HART_ACTIVE();
-  init_platform();
-  reset();
-}
diff --git a/model/riscv_validate_config.sail b/model/riscv_validate_config.sail
@@ -0,0 +1,107 @@
+/*=======================================================================================*/
+/*  This Sail RISC-V architecture model, comprising all files and                        */
+/*  directories except where otherwise noted is subject the BSD                          */
+/*  two-clause license in the LICENSE file.                                              */
+/*                                                                                       */
+/*  SPDX-License-Identifier: BSD-2-Clause                                                */
+/*=======================================================================================*/
+
+function check_privs() -> bool = {
+  if hartSupports(Ext_S) & not(hartSupports(Ext_U))
+  then {
+    print_endline("User mode (U) should be enabled if supervisor mode (S) is enabled.");
+    return false;
+  };
+  true
+}
+
+// This logic will need to change once MXL/SXL/UXL can differ.
+function check_mmu_config() -> bool = {
+  var valid : bool = true;
+  if xlen == 64 then {
+    if not(hartSupports(Ext_S)) & (hartSupports(Ext_Sv57) | hartSupports(Ext_Sv48) | hartSupports(Ext_Sv39))
+    then {
+      valid = false;
+      print_endline("Supervisor mode (S) disabled but one of (Sv57, Sv48, Sv39) is enabled: cannot support address translation without supervisor mode.");
+    };
+    if hartSupports(Ext_Sv57) & not(hartSupports(Ext_Sv48))
+    then {
+      valid = false;
+      print_endline("Sv57 is enabled but Sv48 is disabled: supporting Sv57 requires supporting Sv48.");
+    };
+    if hartSupports(Ext_Sv48) & not(hartSupports(Ext_Sv39))
+    then {
+      valid = false;
+      print_endline("Sv48 is enabled but Sv39 is disabled: supporting Sv48 requires supporting Sv39.");
+    };
+    if hartSupports(Ext_Sv32)
+    then {
+      valid = false;
+      print_endline("Sv32 is enabled: Sv32 is not supported on RV64.");
+    };
+  } else {
+    assert(xlen == 32);
+    if not(hartSupports(Ext_S)) & hartSupports(Ext_Sv32)
+    then {
+      valid = false;
+      print_endline("Supervisor mode (S) is disabled but Sv32 is enabled: cannot support address translation without supervisor mode.");
+    };
+    if hartSupports(Ext_Sv39) | hartSupports(Ext_Sv48) |  hartSupports(Ext_Sv57)
+    then {
+      valid = false;
+      print_endline("One or more of Sv39/Sv48/Sv57 is enabled: these are not supported on RV32.");
+    };
+  };
+  valid
+}
+
+function check_vlen_elen() -> bool = {
+  // Should this be conditioned on a vector extension being enabled?
+  if VLEN_pow < ELEN_pow
+  then {
+    print_endline("VLEN (set to 2^" ^ dec_str(VLEN_pow) ^ ") cannot be less than ELEN (set to 2^" ^ dec_str(ELEN_pow) ^ ").");
+    return false;
+  };
+  true
+}
+
+function has_overlap(a_lo : nat, a_hi : nat, b_lo : nat, b_hi : nat) -> bool = {
+  not((a_lo < b_lo & a_hi < b_lo) | (b_lo < a_lo & b_hi < a_lo))
+}
+
+// This will change when we have a more general memory layout.
+function check_mem_layout() -> bool = {
+  var valid : bool = true;
+  // Memory regions should not overlap. There are currently only three: ram, rom and clint.
+  let ram_lo = unsigned(plat_ram_base);
+  let ram_hi = unsigned(plat_ram_base) + unsigned(plat_ram_size);
+  let rom_lo = unsigned(plat_rom_base);
+  let rom_hi = unsigned(plat_rom_base) + unsigned(plat_rom_size);
+  let clint_lo = unsigned(plat_clint_base);
+  let clint_hi = unsigned(plat_clint_base) + unsigned(plat_clint_size);
+  if has_overlap(rom_lo, rom_hi, ram_lo, ram_hi)
+  then {
+    valid = false;
+    print_endline("The RAM and ROM regions overlap.");
+  };
+  if has_overlap(clint_lo, clint_hi, rom_lo, rom_hi)
+  then {
+    valid = false;
+    print_endline("The Clint and ROM regions overlap.");
+  };
+  if has_overlap(clint_lo, clint_hi, ram_lo, ram_hi)
+  then {
+    valid = false;
+    print_endline("The Clint and RAM regions overlap.");
+  };
+
+  // Should memory regions also be 4K aligned?
+  valid
+}
+
+function config_is_valid() -> bool = {
+    check_privs()
+  & check_mmu_config()
+  & check_mem_layout()
+  & check_vlen_elen()
+}
