[cosim] Fix SIGSEGV in ~SpikeCosim

When SpikeCosim is getting destructed a SIGSEGV was observed on CentOS 7. The root cause hasn't been identified other than it relates to the deletion of `isa_parser_t`, potentially some kind of use after free error. This is an (optional) hacky workaround that simply never deletes the `isa_parser_t` pointer in SpikeCosim. As in practise this occurs at the end of simulation when the process is terminating the memory leak is of little consequence. Longer term this issue should be investigated and properly fixed.
2025-04-20 03:47:15 -04:00 · 2023-07-19 15:06:52 +01:00 · 2023-07-19 15:06:52 +01:00 · 126f9c3450
commit 126f9c3450
parent e00db7d2e4
4 changed files with 28 additions and 4 deletions
--- a/dv/cosim/spike_cosim.cc
+++ b/dv/cosim/spike_cosim.cc
@ -48,10 +48,17 @@ SpikeCosim::SpikeCosim(const std::string &isa_string, uint32_t start_pc,
      std::make_unique<processor_t>(isa_string.c_str(), "MU", DEFAULT_VARCH,
                                    this, 0, false, log_file, std::cerr);
 #else
-  isa_parser = std::make_unique<isa_parser_t>(isa_string.c_str(), "MU");

+#ifdef COSIM_SIGSEGV_WORKAROUND
+  isa_parser = new isa_parser_t(isa_string.c_str(), "MU");
+  processor = std::make_unique<processor_t>(isa_parser, DEFAULT_VARCH, this, 0,
+                                            false, log_file, std::cerr);
+#else
+  isa_parser = std::make_unique<isa_parser_t>(isa_string.c_str(), "MU");
  processor = std::make_unique<processor_t>(
      isa_parser.get(), DEFAULT_VARCH, this, 0, false, log_file, std::cerr);
+#endif
+
 #endif

  processor->set_pmp_num(pmp_num_regions);
--- a/dv/cosim/spike_cosim.h
+++ b/dv/cosim/spike_cosim.h
@ -22,7 +22,17 @@

 class SpikeCosim : public simif_t, public Cosim {
 private:
+  // A sigsegv has been observed when deleting isa_parser_t instances under
+  // Xcelium on CentOS 7. The root cause is unknown so for a workaround simply
+  // use a raw pointer for isa_parser that never gets deleted. This produces a
+  // minor memory leak but it is of little consequence as when SpikeCosim is
+  // being deleted it is the end of simulation and the process will be
+  // terminated shortly anyway.
+#ifdef COSIM_SIGSEGV_WORKAROUND
+  isa_parser_t *isa_parser;
+#else
  std::unique_ptr<isa_parser_t> isa_parser;
+#endif
  std::unique_ptr<processor_t> processor;
  std::unique_ptr<log_file_t> log;
  bus_t bus;
--- a/dv/uvm/core_ibex/Makefile
+++ b/dv/uvm/core_ibex/Makefile
@ -52,6 +52,12 @@ IBEX_CONFIG         := opentitan
 # Path to DUT used for coverage reports
 DUT_COV_RTL_PATH    := "ibex_top"

+export EXTRA_COSIM_CFLAGS ?=
+
+ifeq ($(COSIM_SIGSEGV_WORKAROUND), 1)
+	EXTRA_COSIM_CFLAGS += -DCOSIM_SIGSEGV_WORKAROUND
+endif
+
 ###############################################################################

 # Setup the necessary paths for all python scripts to find all other relevant modules.
--- a/dv/uvm/core_ibex/yaml/rtl_simulation.yaml
+++ b/dv/uvm/core_ibex/yaml/rtl_simulation.yaml
@ -18,7 +18,7 @@
 # As a result, passing -fno-extended-identifiers tells G++ to pretend that
 # everything is ASCII, preventing strange compilation errors.
 - tool: vcs
-  env_var: IBEX_ROOT
+  env_var: IBEX_ROOT, EXTRA_COSIM_CFLAGS
  compile:
    cmd:
      - >-
@ -55,7 +55,7 @@
    cosim_opts: >-
      -f <core_ibex>/ibex_dv_cosim_dpi.f
      -LDFLAGS '<ISS_LDFLAGS>'
-      -CFLAGS '<ISS_CFLAGS>'
+      -CFLAGS '<ISS_CFLAGS> <EXTRA_COSIM_CFLAGS>'
      -CFLAGS '-I<IBEX_ROOT>/dv/cosim'
      <ISS_LIBS>
      -lstdc++
@ -224,7 +224,7 @@

 ############################################################
 - tool: xlm
-  env_var: dv_root, DUT_TOP, IBEX_ROOT
+  env_var: dv_root, DUT_TOP, IBEX_ROOT, EXTRA_COSIM_CFLAGS
  compile:
    cmd:
      - >-
@ -254,6 +254,7 @@
      -I<IBEX_ROOT>/dv/cosim
      <ISS_LIBS>
      <ISS_CFLAGS>
+      <EXTRA_COSIM_CFLAGS>
      -Wld,<ISS_LDFLAGS>
      -lstdc++
  sim: