Skip to content

Make PLIC interrupt 0 (no interrupt) more robust #28776

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Make PLIC interrupt 0 (no interrupt) more robust #28776

wants to merge 1 commit into from
+48 −24

Conversation

@Timmmm
Copy link
Contributor

@Timmmm Timmmm commented Nov 19, 2025

In PLIC, interrupt ID 0 is special - it is reserved for "no interrupt". The way this is implemented in rv_plic is by simply asking nicely for integrators to tie the interrupt ID 0 input to 0.

This is suboptimal because it allows integration mistakes, and there is a dangerous assume for FPV - this is directly added inside rv_plic.sv. Unless there's some flow magic to convert this to an assert (I didn't see anything) then this can cause nonsensical formal results if you accidentally violate that assumption.

This changes that assume to an assert so it is at least checked. I would have liked to remove the pin entirely so there is no chance of making that mistake, but that is a much bigger change that requires changing the external interface.

@Timmmm
Make PLIC interrupt 0 (no interrupt) more robust
b4f5938 
In PLIC, interrupt ID 0 is special - it is reserved for "no interrupt". The way this is implemented in `rv_plic` is by simply asking nicely for integrators to tie the interrupt ID 0 input to 0.

This is suboptimal because it allows integration mistakes, and there is a dangerous `assume` for FPV - this is directly added inside `rv_plic.sv`. Unless there's some flow magic to convert this to an `assert` (I didn't see anything) then this can cause nonsensical formal results if you accidentally violate that assumption.

This changes that assume to an assert so it is at least checked. I would have liked to remove the pin entirely so there is no chance of making that mistake, but that is a much bigger change that requires changing the external interface.

Signed-off-by: Tim Hutt <[email protected]>
@Timmmm Timmmm requested a review from a team as a code owner November 19, 2025 11:26
@Timmmm Timmmm requested review from rswarbrick and removed request for a team November 19, 2025 11:26
@Timmmm
Copy link
Contributor Author

Timmmm commented Nov 19, 2025

25 minute JG results (consistent with other runs I've done):

image

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rswarbrick rswarbrick Awaiting requested review from rswarbrick rswarbrick is a code owner automatically assigned from lowRISC/ot-dv-reviewers

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Timmmm