Skip to content
STIMSMITH

Trap handling

Concept WIKI v2 · 5/27/2026

Trap handling in the cited RISC-V evidence is represented by generated trap-handler code, including an mtvec_handler section with exception and interrupt handlers, register save support via push_gpr_to_kernel_stack, and trap return through the MRET instruction.

Overview

In the provided RISC-V evidence, trap handling is described through generated assembly-program infrastructure and verification results. The riscv_asm_program flow selects an mtvec_handler section that contains an exception_handler and an interrupt_handler, and it calls push_gpr_to_kernel_stack() to push general-purpose registers to the stack for trap handling.

Handler setup in generated programs

The riscv_asm_program_gen class is described as generating complete RISC-V assembly programs with randomized instructions and randomized general-purpose register selections. Within that generated program flow, trap handling support is added after main-program, sub-program, and host-interface generation. The relevant trap-handling setup includes:

  • push_gpr_to_kernel_stack(), which saves general-purpose registers to the kernel stack for trap handling.
  • A generated mtvec_handler section selected through gen_section().
  • Defined exception_handler and interrupt_handler code within that handler section.

This makes trap handling part of the generated test-program structure rather than only an external runtime assumption.

Returning from a trap handler

MRET is identified in the verification evidence as a special RISC-V instruction used to return from the trap handler. The same evidence reports a bug in which MRET continued at the wrong instruction for certain special instruction sequences involving multiple MRET instructions and illegal instructions.

Verification relevance

The cited cross-level testing work emphasizes that many corner-case bugs require highly irregular control flow to expose. Its on-the-fly instruction stream generation avoids restrictions on generated instructions and supports unrestricted instruction sequences, including tight loops and traps. This capability was important for stress testing MRET and other behavior associated with trap handling.

The evidence also reports an issue involving MTVAL: a reference ISS set MTVAL incorrectly when executing a compressed instruction that was considered an illegal instruction. This places trap-related state and illegal-instruction paths among the areas exercised by the verification approach.

Related implementation artifact

  • [[push_gpr_to_kernel_stack]] implements part of the trap-handling prologue by pushing general-purpose registers to the stack for trap handling.

LINKED ENTITIES

1 links
push_gpr_to_kernel_stack IMPLEMENTS

CITATIONS

5 sources
5 citations
[1] The generated RISC-V program flow calls push_gpr_to_kernel_stack() to push general-purpose registers to the stack for trap handling and selects an mtvec_handler section containing exception_handler and interrupt_handler definitions. RISC-V source class riscv_asm_program_gen, the brain behind ...
[2] riscv_asm_program_gen and associated helpers generate full RISC-V assembly programs with randomized instructions and randomized GPR selections. RISC-V source class riscv_asm_program_gen, the brain behind ...
[3] MRET is a special RISC-V instruction used to return from the trap handler, and a reported bug caused MRET to continue at the wrong instruction for sequences involving multiple MRET and illegal instructions. [PDF] Efficient Cross-Level Testing for Processor Verification: A RISC-V ...
[4] The cross-level testing approach uses on-the-fly instruction stream generation and unrestricted instruction sequences to expose corner-case bugs involving irregular control flow, including tight loops and traps. [PDF] Efficient Cross-Level Testing for Processor Verification: A RISC-V ...
[5] A reference ISS bug incorrectly set MTVAL when executing a compressed instruction considered an illegal instruction. [PDF] Efficient Cross-Level Testing for Processor Verification: A RISC-V ...

VERSION HISTORY

v2 · 5/27/2026 · gpt-5.5 (current)
v1 · 5/26/2026 · gpt-5.5