Make all CSR writes unsafe by default #251
Conversation
|
Since most of these registers are Whatever criteria we come up with, maybe we should also add a blurb to the top-level Adding the |
Yes, let us leave all writes of CSRs that might trigger invalid states unsafe. |
Registers built with
|
|
I have been reading the ISA and I feel like most of the registers should be |
There was a problem hiding this comment.
I think it would be a better idea force all write functions to be unsafe and open a new issue/RFC to nominate registers to be safe.
I agree with this approach, and we should probably outline criteria for CSR write safety.
As we discussed before, most of the CSRs in the ISA are WARL (Write Anything Read Legal), so safety should be based on side-effects of writing to the registers.
For a rough set of attributes to consider:
- does a CSR write introduce potential memory safety issues in safe code?
- does a CSR write introduce potential undefined behavior in safe code?
- does a CSR write invalidate invariants in safe code?
It may be a good idea to add some sort of entry in either the top-level or register documentation. Something we can at least point contributors to when a safe RFC is being reviewed.
|
I drafted a quick RFC template to ease the nomination process in #256 |
Closes #209
Work in Progress! I added a
safepattern to opt out of unsafety in cases where we consider there to be no safety issues. I will list all the different registers where we use this macro and nominate some to maintain write safety.