diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/machine.tex | 74 | ||||
-rw-r--r-- | src/priv-csrs.tex | 8 | ||||
-rw-r--r-- | src/priv-preface.tex | 4 | ||||
-rw-r--r-- | src/supervisor.tex | 10 |
4 files changed, 75 insertions, 21 deletions
diff --git a/src/machine.tex b/src/machine.tex index 29920ed..39dc1e0 100644 --- a/src/machine.tex +++ b/src/machine.tex @@ -1686,13 +1686,26 @@ interrupt bit and scale the exception codes to index into a trap vector table. \end{commentary} -\subsection{Machine Bad Address ({\tt mbadaddr}) Register} +\subsection{Machine Bad Bits ({\tt mbadbits}) Register} -{\tt mbadaddr} is an XLEN-bit read-write register formatted as shown in -Figure~\ref{mbadaddrreg}. When a hardware breakpoint is triggered, or an -instruction-fetch, load, or store address-misaligned or access exception -occurs, {\tt mbadaddr} is written with the faulting address. {\tt mbadaddr} is -not modified for other exceptions. +The {\tt mbadbits} register is an XLEN-bit read-write register +formatted as shown in Figure~\ref{mbadbitsreg}. When a hardware +breakpoint is triggered, or an instruction-fetch, load, or store +address-misaligned or access exception occurs, {\tt mbadbits} is +written with the faulting address. On an illegal instruction trap, +{\tt mbadbits} is written with the first XLEN bits of the faulting +instruction as described below. {\tt mbadbits} is not modified for +other exceptions. + +\begin{commentary} + The {\tt mbadbits} register replaces the {\tt mbadaddr} register in + the previous specification. In addition to providing bad addresses, + the register can now provide the bad instruction that triggered an + illegal instruction trap (and may in future be used to return other + information). Returning the instruction bits accelerates instruction emulation and also + removes some races that might be present when trying to emulate + illegal instructions. +\end{commentary} \begin{figure}[h!] {\footnotesize @@ -1700,21 +1713,58 @@ not modified for other exceptions. \begin{tabular}{@{}J} \instbitrange{XLEN-1}{0} \\ \hline -\multicolumn{1}{|c|}{\tt mbadaddr} \\ +\multicolumn{1}{|c|}{\tt mbadbits} \\ \hline XLEN \\ \end{tabular} \end{center} } \vspace{-0.1in} -\caption{Machine bad address register.} -\label{mbadaddrreg} +\caption{Machine bad bits register.} +\label{mbadbitsreg} \end{figure} For instruction-fetch access faults on RISC-V systems with -variable-length instructions, {\tt mbadaddr} will point to the -portion of the instruction that caused the fault while {\tt mepc} will -point to the beginning of the instruction. +variable-length instructions, {\tt mbadbits} will contain a pointer to +the portion of the instruction that caused the fault while {\tt mepc} +will point to the beginning of the instruction. + +The {\tt mbadbits} register can optionally also be used to return the +faulting instruction bits on an illegal instruction exception ({\tt + mepc} points to the faulting instruction in memory). + +If this feature is not provided, then {\tt mbadbits} is set to zero on +an illegal instruction fault. + +If the feature is provided, after an illegal instruction trap, {\tt + mbadbits} will contain the entire faulting instruction provided the +instruction is no longer than XLEN bits. If the instruction is less +than XLEN bits long, the upper bits of {\tt mbadbits} are cleared to +zero. If the instruction is more than XLEN bits long, {\tt mbadbits} +will contain the first XLEN bits of the instruction. + +\begin{commentary} + Capturing the faulting instruction in {\tt mbadinst} reduces the + overhead of instruction emulation, potentially avoiding several + partial instruction loads if the instruction is misaligned, and + likely data cache misses or slow uncached accesses when loads are + used to fetch the instruction into a data register. There is also a + problem of atomicity if another agent is manipulating the + instruction memory, as might occur in a dynamic translation system. + + A requirement is that the entire instruction (or at least the first + XLEN bits) are fetched into {\tt mbadbits} before taking the trap. + This should not constrain implementations, which would typically + fetch the entire instruction before attempting to decode the + instruction, and avoids complicating software handlers. + + A value of zero in {\tt mbadbits} signifies either that the feature is + not supported, or an illegal zero instruction was fetched. A load + from the instruction memory pointed to by {\tt mepc} can be used to + distinguish these two cases (or alternatively, the system + configuration information can be interrogated to install the + appropriate trap handling before runtime). +\end{commentary} \section{Machine-Mode Privileged Instructions} diff --git a/src/priv-csrs.tex b/src/priv-csrs.tex index fe0bce2..02298e4 100644 --- a/src/priv-csrs.tex +++ b/src/priv-csrs.tex @@ -159,7 +159,7 @@ Number & Privilege & Name & Description \\ \tt 0x040 & URW &\tt uscratch & Scratch register for user trap handlers. \\ \tt 0x041 & URW &\tt uepc & User exception program counter. \\ \tt 0x042 & URW &\tt ucause & User trap cause. \\ -\tt 0x043 & URW &\tt ubadaddr & User bad address. \\ +\tt 0x043 & URW &\tt ubadbits & User bad address or instruction. \\ \tt 0x044 & URW &\tt uip & User interrupt pending. \\ \hline \multicolumn{4}{|c|}{User Floating-Point CSRs} \\ @@ -212,7 +212,7 @@ Number & Privilege & Name & Description \\ \tt 0x140 & SRW &\tt sscratch & Scratch register for supervisor trap handlers. \\ \tt 0x141 & SRW &\tt sepc & Supervisor exception program counter. \\ \tt 0x142 & SRW &\tt scause & Supervisor trap cause. \\ -\tt 0x143 & SRW &\tt sbadaddr & Supervisor bad address. \\ +\tt 0x143 & SRW &\tt sbadbits & Supervisor bad address. \\ \tt 0x144 & SRW &\tt sip & Supervisor interrupt pending. \\ \hline \multicolumn{4}{|c|}{Supervisor Protection and Translation} \\ @@ -245,7 +245,7 @@ Number & Privilege & Name & Description \\ %% \tt 0x240 & HRW &\tt hscratch & Scratch register for hypervisor trap handlers. \\ %% \tt 0x241 & HRW &\tt hepc & Hypervisor exception program counter. \\ %% \tt 0x242 & HRW &\tt hcause & Hypervisor trap cause. \\ -%% \tt 0x243 & HRW &\tt hbadaddr & Hypervisor bad address. \\ +%% \tt 0x243 & HRW &\tt hbadbits & Hypervisor bad address or instruction. \\ %% \tt 0x244 & HRW &\tt hip & Hypervisor interrupt pending. \\ %% \hline %% \multicolumn{4}{|c|}{Hypervisor Protection and Translation} \\ @@ -287,7 +287,7 @@ Number & Privilege & Name & Description \\ \tt 0x340 & MRW &\tt mscratch & Scratch register for machine trap handlers. \\ \tt 0x341 & MRW &\tt mepc & Machine exception program counter. \\ \tt 0x342 & MRW &\tt mcause & Machine trap cause. \\ -\tt 0x343 & MRW &\tt mbadaddr & Machine bad address. \\ +\tt 0x343 & MRW &\tt mbadbits & Machine bad address or instruction. \\ \tt 0x344 & MRW &\tt mip & Machine interrupt pending. \\ \hline \multicolumn{4}{|c|}{Machine Protection and Translation} \\ diff --git a/src/priv-preface.tex b/src/priv-preface.tex index 356b289..f6a74ff 100644 --- a/src/priv-preface.tex +++ b/src/priv-preface.tex @@ -20,6 +20,10 @@ architecture proposal. Changes from version 1.9.1 include: and user modes has been added to the {\tt mstatus} CSR, and the field previously called Base in {\tt misa} has been renamed to {\tt MXL} for consistency. + \item The {\tt mbadaddr} register has been subsumed by a more + general {\tt mbadbits} register that can now capture bad + instruction bits on an illegal instruction fault to speed + instruction emulation. \item The machine-mode base-and-bounds translation and protection schemes have been removed from the specification as part of moving the virtual memory configuration to {\tt sptbr}. Some of the diff --git a/src/supervisor.tex b/src/supervisor.tex index 5e57fee..1a03f15 100644 --- a/src/supervisor.tex +++ b/src/supervisor.tex @@ -546,13 +546,13 @@ so is only guaranteed to hold supported exception codes. \label{scauses} \end{table*} -\subsection{Supervisor Bad Address ({\tt sbadaddr}) Register} +\subsection{Supervisor Bad Address ({\tt sbadbits}) Register} -{\tt sbadaddr} is an XLEN-bit read/write register formatted as shown in +{\tt sbadbits} is an XLEN-bit read/write register formatted as shown in Figure~\ref{badvaddrreg}. When a hardware breakpoint is triggered, or an instruction-fetch, load, or store access exception occurs, or an instruction-fetch or AMO address-misaligned exception occurs, -{\tt sbadaddr} is written with the faulting address. {\tt sbadaddr} +{\tt sbadbits} is written with the faulting address. {\tt sbadbits} is not modified for other exceptions. \begin{figure}[h!] @@ -561,7 +561,7 @@ is not modified for other exceptions. \begin{tabular}{@{}J} \instbitrange{XLEN-1}{0} \\ \hline -\multicolumn{1}{|c|}{\tt sbadaddr} \\ +\multicolumn{1}{|c|}{\tt sbadbits} \\ \hline XLEN \\ \end{tabular} @@ -573,7 +573,7 @@ XLEN \\ \end{figure} For instruction fetch access faults on RISC-V systems with -variable-length instructions, {\tt sbadaddr} will point to the portion +variable-length instructions, {\tt sbadbits} will point to the portion of the instruction that caused the fault while {\tt sepc} will point to the beginning of the instruction. |