59 lines
2.8 KiB
Markdown
59 lines
2.8 KiB
Markdown
# riscv-formal-nmigen
|
|
|
|
A port of [riscv-formal](https://github.com/SymbioticEDA/riscv-formal) to nMigen
|
|
|
|
## Breakdown
|
|
|
|
| File/Directory | Description |
|
|
| --- | --- |
|
|
| `shell.nix` | [nix-shell](https://nixos.wiki/wiki/Development_environment_with_nix-shell) configuration file |
|
|
| `rvfi` | RISC-V Formal Verification Framework (nMigen port) |
|
|
| `rvfi/insns` | Supported RISC-V instructions and ISAs |
|
|
| `rvfi/checks` | Checks for RISC-V compliant cores |
|
|
| `rvfi/cores` | Cores currently tested against this port of riscv-formal |
|
|
| `rvfi/cores/minerva/verify.py` | Verification tasks for the Minerva core |
|
|
|
|
## Running the Verification
|
|
|
|
First make sure you have [Nix](https://nixos.org/download.html) installed. Then `cd` to the root directory of this repo and run:
|
|
|
|
```bash
|
|
$ nix-shell
|
|
```
|
|
|
|
This should run the tests (cache, multiplier, divider) provided by Minerva itself and give you an environment with all the dependencies required for this project. Then, to run the main verification tasks for Minerva provided in this repo:
|
|
|
|
```bash
|
|
$ python -m rvfi.cores.minerva.verify
|
|
```
|
|
|
|
This should run in the order of a few hours.
|
|
|
|
### Progress
|
|
|
|
- [ ] Instruction Checks (mostly passing)
|
|
- [x] JAL failing at line 202
|
|
- [ ] LB, LH, LW, LBU, LHU, SB, SH, SW: Parser error - invalid slice
|
|
- [ ] SRL failing at line 201
|
|
- [x] PC forward checks
|
|
- [x] PC backward checks
|
|
- [x] Register checks
|
|
- [x] Causal checks
|
|
- [ ] Liveness checks
|
|
- [ ] Uniqueness checks
|
|
|
|
## Scope
|
|
|
|
The RV32I, RV32M, RV64I and RV64M ISAs are currently implemented but only RV32IM are being tested by integrating with the Minerva core.
|
|
|
|
## Known Issues
|
|
|
|
- ~~21/08/2020: Verification passes unconditionally, even in the presence of obvious bugs. This is due to the `rvfi.valid` signal from the CPU being held at constant 0. Suitable instruction and data buses as well as interrupt signals have not been wired to Minerva which is likely preventing the core and verification from functioning properly~~
|
|
- ~~25/08/2020: Interrupts have been hardwired to zero and instruction/data buses attached to the Minerva core; however, running the verification quickly exhausts available memory on a machine with 32G RAM. Possible culprit: huge number of `Assume` statements on memory values~~
|
|
- ~~07/09/2020: Instruction checks fail at line 201 asserting the value of `rd_wdata`. At least we now have a proper failure instead of an unconditional pass or an out of memory issue. Whether the translated specs themselves are in error is under investigation.~~
|
|
- 15/09/2020: Apart from the occasional failed assertion in specific verification tasks (likely due to bugs in translation), all of the memory-related instruction checks fail with a "parser error: invalid slice" preventing the assertions from ever running. The root cause of this issue is yet to be determined.
|
|
|
|
## License
|
|
|
|
See [LICENSE](./LICENSE)
|