add logic diagram for pinpad
[libreriscv.git] / isa_conflict_resolution.mdwn
1 # Resolving ISA conflicts and providing a pain-free RISC-V Standards Upgrade Path
2
3 **Note: out-of-date as of review 31apr2018, requires updating to reflect
4 "mvendorid-marchid-isamux" concept.** Recent discussion 10jun2019
5 <https://groups.google.com/a/groups.riscv.org/d/msg/isa-dev/x-uFZDXiOxY/_ISBs1enCgAJ>.
6 Now updated with its own spec [[isamux_isans]].
7
8 [[!toc ]]
9
10 ## Executive Summary (old, still relevant for compilers)
11
12 A non-invasive backwards-compatible change to make mvendorid and marchid
13 being read-only to be a formal declaration of an architecture having no
14 Custom Extensions, and being permitted to be WARL in order to support
15 multiple simultaneous architectures on the same processor (or per hart
16 or harts) permits not only backwards and forwards compatibility with
17 existing implementations of the RISC-V Standard, not only permits seamless
18 transitions to future versions of the RISC-V Standard (something that is
19 not possible at the moment), but fixes the problem of clashes in Custom
20 Extension opcodes on a global worldwide permanent and ongoing basis.
21
22 Summary of impact and benefits:
23
24 * Implementation impact for existing implementations (even though
25 the Standard is not finalised) is zero.
26 * Impact for future implementations compliant with (only one) version of the
27 RISC-V Standard is zero.
28 * Benefits for implementations complying with (one or more) versions
29 of the RISC-V Standard is: increased customer acceptance due to
30 a smooth upgrade path at the customer's pace and initiative vis-a-vis
31 legacy proprietary software.
32 * Benefits for implementations deploying multiple Custom Extensions
33 are a massive reduction in NREs and the hugely reduced ongoing software
34 toolchain maintenance costs plus the benefit of having security updates
35 from upstream software sources due to
36 *globally unique identifying information* resulting in zero binary
37 encoding conflicts in the toolchains and resultant binaries
38 *even for Custom Extensions*.
39
40 ## Introduction
41
42 In a lengthy thread that ironically was full of conflict indicative
43 of the future direction in which RISC-V will go if left unresolved,
44 multiple Custom Extensions were noted to be permitted free rein to
45 introduce global binary-encoding conflict with no means of resolution
46 described or endorsed by the RISC-V Standard: a practice that has known
47 disastrous and irreversible consequences for any architecture that
48 permits such practices (1).
49
50 Much later on in the discussion it was realised that there is also no way
51 within the current RISC-V Specification to transition to improved versions
52 of the standard, regardless of whether the fixes are absolutely critical
53 show-stoppers or whether they are just keeping the standard up-to-date (2).
54
55 With no transition path there is guaranteed to be tension and conflict
56 within the RISC-V Community over whether revisions should be made:
57 should existing legacy designs be prioritised, mutually-exclusively over
58 future designs (and what happens during the transition period is absolute
59 chaos, with the compiler toolchain, software ecosystem and ultimately
60 the end-users bearing the full brunt of the impact). If several
61 overlapping revisions are required that have not yet transitioned out
62 of use (which could take well over two decades to occur) the situation
63 becomes disastrous for the credibility of the entire RISC-V ecosystem.
64
65 It was also pointed out that Compliance is an extremely important factor
66 to take into consideration, and that Custom Extensions (as being optional)
67 effectively and quite reasonably fall entirely outside of the scope of
68 Compliance Testing. At this point in the discussion however it was not
69 yet noted the stark problem that the *mandatory* RISC-V Specification
70 also faces, by virtue of there being no transitional way to bring in
71 show-stopping critical alterations.
72
73 To put this into perspective, just taking into account hardware costs
74 alone: with production mask charges for 28nm being around USD $1.5m,
75 engineering development costs and licensing of RTLs for peripherals
76 being of a similar magnitude, no manufacturer is going to back away
77 from selling a "flawed" or "legacy" product (whether it complies with
78 the RISC-V Specification or not) without a bitter fight.
79
80 It was also pointed out that there will be significant software tool
81 maintenance costs for manufacturers, meaning that the probability will
82 be extremely high that they will refuse to shoulder such costs, and
83 will publish and continue to publish (and use) hopelessly out-of-date
84 unpatched tools. This practice is well-known to result in security
85 flaws going unpatched, with one of many immediate undesirable consequences
86 being that product in extremely large volume gets discarded into landfill.
87
88 **All and any of the issues that were discussed, and all of those that
89 were not, can be avoided by providing a hardware-level runtime-enabled
90 forwards and backwards compatible transition path between *all* parts
91 (mandatory or not) of current and future revisions of the RISC-V ISA
92 Standard.**
93
94 The rest of the discussion - indicative as it was of the stark mutually
95 exclusive gap being faced by the RISC-V ISA Standard given that it does
96 not cope with the problem - was an effort by two groups in two clear
97 camps: one that wanted things to remain as they are, and another that
98 made efforts to point out that the consequences of not taking action
99 are clearly extreme and irreversible (which, unfortunately, given the
100 severity, some of the first group were unable to believe, despite there
101 being clear historical precedent for the exact same mistake being made in
102 other architectures, and the consequences on the same being absolutely
103 clear).
104
105 However after a significant amount of time, certain clear requirements came
106 out of the discussion:
107
108 * Any proposal must be a minimal change with minimal (or zero) impact
109 * Any proposal should place no restriction on existing or future
110 ISA encoding space
111 * Any proposal should take into account that there are existing implementors
112 of the (yet to be finalised but still "partly frozen") Standard who may
113 resist, for financial investment reasons, efforts to make any change
114 (at all) that could cost them immediate short-term profits.
115
116 Several proposals were put forward (and some are still under discussion)
117
118 * "Do nothing": problem is not severe: no action needed.
119 * "Do nothing": problem is out-of-scope for RISC-V Foundation.
120 * "Do nothing": problem complicates Compliance Testing (and is out of scope)
121 * "MISA": the MISA CSR enables and disables extensions already: use that
122 * "MISA-like": a new CSR which switches in and out new encodings
123 (without destroying state)
124 * "mvendorid/marchid WARL": switching the entire "identity" of a machine
125 * "ioctl-like": a OO proposal based around the linux kernel "ioctl" system.
126
127 Each of these will be discussed below in their own sections.
128
129 # Do nothing (no problem exists)
130
131 (Summary: not an option)
132
133 There were several solutions offered that fell into this category.
134 A few of them are listed in the introduction; more are listed below,
135 and it was exhaustively (and exhaustingly) established that none of
136 them are workable.
137
138 Initially it was pointed out that Fabless Semiconductor companies could
139 simply license multiple Custom Extensions and a suitable RISC-V core, and
140 modify them accordingly. The Fabless Semi Company would be responsible
141 for paying the NREs on re-developing the test vectors (as the extension
142 licensers would be extremely unlikely to do that without payment), and
143 given that said Companies have an "integration" job to do, it would
144 be reasonable to expect them to have such additional costs as well.
145
146 The costs of this approach were outlined and discussed as being
147 disproportionate and extreme compared to the actual likely cost of
148 licensing the Custom Extensions in the first place. Additionally it
149 was pointed out that not only hardware NREs would be involved but
150 custom software tools (compilers and more) would also be required
151 (and maintained separately, on the basis that upstream would not
152 accept them except under extreme pressure, and then only with
153 prejudice).
154
155 All similar schemes involving customisation of the custom extensions
156 were likewise rejected, but not before the customisation process was
157 mistakenly conflated with tne *normal* integration process of developing
158 a custom processor (Bus Architectures, Cache layouts, peripheral layouts).
159
160 The most compelling hardware-related reason (excluding the severe impact on
161 the software ecosystem) for rejecting the customisation-of-customisation
162 approach was the case where Extensions were using an instruction encoding
163 space (48-bit, 64-bit) *greater* than that which the chosen core could
164 cope with (32-bit, 48-bit).
165
166 Overall, none of the options presented were feasible, and, in addition,
167 with no clear leadership from the RISC-V Foundation on how to avoid
168 global world-wide encoding conflict, even if they were followed through,
169 still would result in the failure of the RISC-V ecosystem due to
170 irreversible global conflicting ISA binary-encoding meanings (POWERPC's
171 Altivec / SPE nightmare).
172
173 This in addition to the case where the RISC-V Foundation wishes to
174 fix a critical show-stopping update to the Standard, post-release,
175 where billions of dollars have been spent on deploying RISC-V in the
176 field.
177
178 # Do nothing (out of scope)
179
180 (Summary: may not be RV Foundation's "scope", still results in
181 problem, so not an option)
182
183 This was one of the first arguments presented: The RISC-V Foundation
184 considers Custom Extensions to be "out of scope"; that "it's not their
185 problem, therefore there isn't a problem".
186
187 The logical errors in this argument were quickly enumerated: namely that
188 the RISC-V Foundation is not in control of the uses to which RISC-V is
189 put, such that public global conflicts in binary-encoding are a hundred
190 percent guaranteed to occur (*outside* of the control and remit of the
191 RISC-V Foundation), and a hundred percent guaranteed to occur in
192 *commodity* hardware where Debian, Fedora, SUSE and other distros will
193 be hardest hit by the resultant chaos, and that will just be the more
194 "visible" aspect of the underlying problem.
195
196 # Do nothing (Compliance too complex, therefore out of scope)
197
198 (Summary: may not be RV Foundation's "scope", still results in
199 problem, so not an option)
200
201 The summary here was that Compliance testing of Custom Extensions is
202 not just out-of-scope, but even if it was taken into account that
203 binary-encoding meanings could change, it would still be out-of-scope.
204
205 However at the time that this argument was made, it had not yet been
206 appreciated fully the impact that revisions to the Standard would have,
207 when billions of dollars worth of (older, legacy) RISC-V hardware had
208 already been deployed.
209
210 Two interestingly diametrically-opposed equally valid arguments exist here:
211
212 * Whilst Compliance testing of Custom Extensions is definitely legitimately
213 out of scope, Compliance testing of simultaneous legacy (old revisions of
214 ISA Standards) and current (new revisions of ISA Standard) definitely
215 is not. Efforts to reduce *Compliance Testing* complexity is therefore
216 "Compliance Tail Wagging Standard Dog".
217 * Beyond a certain threshold, complexity of Compliance Testing is so
218 burdensome that it risks outright rejection of the entire Standard.
219
220 Meeting these two diametrically-opposed perspectives requires that the
221 solution be very, very simple.
222
223 # MISA
224
225 (Summary: MISA not suitable, leads to better idea)
226
227 MISA permits extensions to be disabled by masking out the relevant bit.
228 Hypothetically it could be used to disable one extension, then enable
229 another that happens to use the same binary encoding.
230
231 *However*:
232
233 * MISA Extension disabling is permitted (optionally) to **destroy**
234 the state information. Thus it is totally unsuitable for cases
235 where instructions from different Custom extensions are needed in
236 quick succession.
237 * MISA was only designed to cover Standard Extensions.
238 * There is nothing to prevent multiple Extensions being enabled
239 that wish to simultaneously interpret the same binary encoding.
240 * There is nothing in the MISA specification which permits
241 *future* versions (bug-fixes) of the RISC-V ISA to be "switched in".
242
243 Overall, whilst the MISA concept is a step in the right direction it's
244 a hundred percent unsuitable for solving the problem.
245
246 # MISA-like
247
248 (Summary: basically same as mvend/march WARL except needs an extra CSR where
249 mv/ma doesn't. Along right lines, doesn't meet full requirements)
250
251 Out of the MISA discussion came a "MISA-like" proposal, which would
252 take into account the flaws pointed out by trying to use "MISA":
253
254 * The MISA-like CSR's meaning would be identified by compilers using the
255 mvendor-id/march-id tuple as a compiler target
256 * Each custom-defined bit of the MISA-like CSR would (mutually-exclusively)
257 redirect binary encoding(s) to specific encodings
258 * No Extension would *actually* be disabled: its internal state would
259 be left on (permanently) so that switching of ISA decoding
260 could be done inside inner loops without adverse impact on
261 performance.
262
263 Whilst it was the first "workable" solution it was also noted that the
264 scheme is invasive: it requires an entirely new CSR to be added
265 to the privileged spec (thus making existing implementations redundant).
266 This does not fulfil the "minimum impact" requirement.
267
268 Also interesting around the same time an additional discussion was
269 raised that covered the *compiler* side of the same equation. This
270 revolved around using mvendorid-marchid tuples at the compiler level,
271 to be put into assembly output (by gcc), preserving the required
272 *globally* unique identifying information for binutils to successfully
273 turn the custom instruction into an actual binary-encoding (plus
274 binary-encoding of the context-switching information). (**TBD, Jacob,
275 separate page? review this para?**)
276
277 # mvendorid/marchid WARL <a name="mvendor_marchid_warl"></a>
278
279 (Summary: the only idea that meets the full requirements. Needs
280 toolchain backup, but only when the first chip is released)
281
282 This proposal has full details at the following page:
283 [[mvendor_march_warl]]
284
285 Coming out of the software-related proposal by Jacob Bachmeyer, which
286 hinged on the idea of a globally-maintained gcc / binutils database
287 that kept and coordinated architectural encodings (curated by the Free
288 Software Foundation), was to quite simply make the mvendorid and marchid
289 CSRs have WARL (writeable) characteristics. Read-only is taken to
290 mean a declaration of "Having no Custom Extensions" (a zero-impact
291 change).
292
293 By making mvendorid-marchid tuples WARL the instruction decode phase
294 may re-route mutually-exclusively to different engines, thus providing
295 a controlled means and method of supporting multiple (future, past and
296 present) versions of the **Base** ISA, Custom Extensions and even
297 completely foreign ISAs in the same processor.
298
299 This incredibly simple non-invasive idea has some unique and distinct
300 advantages over other proposals:
301
302 * Existing designs - even though the specification is not finalised
303 (but has "frozen" aspects) - would be completely unaffected: the
304 change is to the "wording" of the specification to "retrospectively"
305 fit reality.
306 * Unlike with the MISA idea this is *purely* at the "decode" phase:
307 no internal Extension state information is permitted to be disabled,
308 altered or destroyed as a direct result of writing to the
309 mvendor/march-id CSRs.
310 * Compliance Testing may be carried out with a different vendorid/marchid
311 tuple set prior to a test, allowing a vendor to claim *Certified*
312 compatibility with *both* one (or more) legacy variants of the RISC-V
313 Specification *and* with a present one.
314 * With sufficient care taken in the implementation an implementor
315 may have multiple interpretations of the same binary encoding within
316 an inner loop, with a single instruction (to the WARL register)
317 changing the meaning.
318
319 **This is the only one of the proposals that meet the full requirements**
320
321 # Overloadable opcodes <a name="overloadable opcodes"></a>
322
323 See [[overloadable opcodes]] for full details, including a description in terms of C functions.
324
325 NOTE: under discussion.
326
327 ==RB 2018-5-1 dropped IOCTL proposal for the much simpler overloadable opcodes proposal==
328
329 The overloadable opcode (or xext) proposal allows a non standard extension to use a documented 20 + 3 bit (or 52 + 3 bit on RV64) UUID identifier for an instruction for _software_ to use. At runtime, a cpu translates the UUID to a small implementation defined 12 + 3 bit bit identifier for _hardware_ to use. It also defines a fallback mechanism for the UUID's of instructions the cpu does not recognise.
330
331 The overloadable opcodes proposal defines 8 standardised R-type instructions xcmd0, xcmd1, ...xcmd7 preferably in the brownfield opcode space.
332 Each xcmd takes in rs1 a 12 bit "logical unit" (lun) identifying a device on the cpu that implements some "extension interface" (xintf) together with some additional data. An xintf is a set of up to 8 commands with 2 input and 1 output port (i.e. like an R-type instruction), together with a description of the semantics of the commands. Calling e.g. xcmd3 routes its two inputs and one output ports to command 3 on the device determined by the lun bits in rs1. Thus, the 8 standard xcmd instructions are standard-designated overloadable opcodes, with the non standard semantics of the opcode determined by the lun.
333
334 Portable software, does not use luns directly. Instead, it goes through a level of indirection using a further instruction xext that translates a 20 bit globally unique identifier UUID of an xintf, to the lun of a device on the cpu that implements that xintf. The cpu can do this, because it knows (at manufacturing or boot time) which devices it has, and which xintfs they provide. This includes devices that would be described as non standard extension of the cpu if the designers had used custom opcodes instead of xintf as an interface. If the UUID of the xintf is not recognised at the current privilege level, the xext instruction returns the special lun = 0, causing any xcmd to trap. Minor variations of this scheme (requiring two more instructions) cause xcmd instructions to fallback to always return 0 or -1 instead of trapping.
335
336 The 20 bit provided by the UUID of the xintf is much more room than provided by the 2 custom 32 bit, or even 4 custom 64/48 bit opcode spaces. Thus the overloadable opcodes proposal avoids most of the need to put a claim on opcode space and the associated collisions when combining independent extensions. In this respect it is similar to POSIX ioctls, which obviate the need for defining new syscalls to control new and nonstandard hardware.
337
338 Remark1: the main difference with a previous "ioctl like proposal" is that UUID translation is stateless and does not use resources. The xext instruction _neither_ initialises a device _nor_ builds global state identified by a cookie. If a device needs initialisation it can do this using xcmds as init and deinit instructions. Likewise, it can hand out cookies (which can include the lun) as a return value .
339
340 Remark2: Implementing devices can respond to an (essentially) arbitrary number of xintfs. Hence an implementing device can respond to an arbitrary number of commands. Organising related commands in xintfs, helps avoid UUID space pollution, and allows to amortise the (small) cost of UUID to lun translation if related commands are used in combination.
341
342 ==RB not sure if this is still correct and relevant==
343
344 The proposal is functionally similar to that of the mvendor/march-id
345 except the non standard extension is explicit and restricted to a small set of well defined individual opcodes.
346 Hence several extensions can be mixed and there is no state to be tracked over context switches.
347 As such it could hypothetically be proposed as an independent Standard Extension.
348
349 Despite the proposal (which is still undergoing clarification)
350 being worthwhile in its own right, and standing on its own merits and
351 thus definitely worthwhile pursuing, it is non-trivial and more
352 invasive than the mvendor/march-id WARL concept.
353
354 ==RB==
355
356 # Dynamic runtime hardware-adjustable custom opcode encodings <a name="dynamic_opcodes"></a>
357
358 Perhaps this is a misunderstanding, that what is being advocated
359 below (see link for full context):
360
361 > The best that can be done is to allow each custom extension to have
362 > its opcodes easily re positioned depending on what other custom extensions
363 > the user wants available in the same program (without mode switches).
364
365 It was suggested to use markers in the object files as a way to
366 identify opcodes that can be "re-encoded". Contrast this with Jacob
367 Bachmeyer's original idea where the *assembly code* (only) contains
368 such markers (on a global world-wide unique basis, using mvendorid-marchid-isamux
369 tuples to do so).
370
371 <https://groups.google.com/a/groups.riscv.org/d/msg/isa-dev/Jnon96tVQD0/XuHWvduvDQAJ>
372
373 There are two possible interpretations of this:
374
375 * (1) the Hardware RTL is reconfigureable (parameterisable) to allow
376 easy selection of *static* moving (adjustment) of which opcodes a
377 particular instruction uses. This runs into the same difficulties
378 as outlined in other areas of this document.
379 * (2) the Hardware RTL contains DYNAMIC and RUN-TIME CONFIGUREABLE
380 opcodes (presumably using additional CSRs to move meanings)
381
382 This would help any implementation to adjust to whatever future (official)
383 uses a particular encoding was selected. It would be particularly useful
384 if an implementation used certain brownfield encodings.
385
386 The only downsides are:
387
388 * (1) Compiler support for dynamic opcode reconfiguration would be...
389 complex.
390 * (2) The instruction decode phase is also made more complex, now
391 involving reconfigureable lookup tables. Whilst major opcodes
392 can be easily redirected, brownfield encodings are more involved.
393
394 Compared to a stark choice of having to move (exclusively) to 48-bit
395 or 64-bit encodings, dynamic runtime opcode reconfiguration is
396 comparatively much more palatable.
397
398 In effect, it is a much more advanced version of ISAMUX/NS
399 (see [[isamux_isans]]).
400
401 # Comments, Discussion and analysis
402
403 TBD: placeholder as of 26apr2018
404
405 ## new (old) m-a-i tuple idea
406
407 > actually that's a good point: where the user decides that they want
408 > to boot one and only one tuple (for the entire OS), forcing a HARDWARE
409 > level default m-a-i tuple at them actually prevents and prohibits them
410 > from doing that, Jacob.
411 >
412 > so we have apps on one RV-Base ISA and apps on an INCOMPATIBLE (future)
413 > variant of RV-Base ISA.  with the approach that i was advocating (S-mode
414 > does NOT switch automatically), there are totally separate mtvec /
415 > stvec / bstvec traps.
416 >
417 > would it be reasonable to assume the following:
418 >
419 > (a) RV-Base ISA, particularly code-execution in the critical S-mode
420 > trap-handling, is *EXTREMELY* unlikely to ever be changed, even thinking
421 > 30 years into the future ?
422 >
423 > (b) if the current M-mode (user app level) context is "RV Base ISA 1"
424 > then i would hazard a guess that S-mode is prettty much going to drop
425 > down into *exactly* the same mode / context, the majority of the time
426 >
427 > thus the hypothesis is that not only is it the common code-path to *not*
428 > switch the ISA in the S-mode trap but that the instructions used are
429 > extremely unlikely to be changed between "RV Base Revisions".
430 >
431 > foreign isa hardware-level execution
432 > ------------------------
433 >
434 > this is the one i've not really thought through so much, other than it
435 > would clearly be disadvantageous for S-mode to be arbitrarily restricted
436 > to running RV-Base code (of any variant).  a case could be made that by the
437 > time the m-a-i tuple is switched to the foreign isa it's "all bets off",
438 > foreign arch is "on its own", including having to devise a means and
439 > method to switch back (equivalent in its ISA of m-a-i switching).
440 >
441 > conclusion / idea
442 > --------------------
443 >
444 > the multi-base "user wants to run one and only one tuple" is the key
445 > case, here, that is a show-stopper to the idea of hard-wiring the default
446 > S-mode m-a-i.
447 >
448 > now, if instead we were to say, "ok so there should be a default S-mode
449 > m-a-i tuple" and it was permitted to SET (choose) that tuple, *that*
450 > would solve that problem.  it could even be set to the foreign isa. 
451 > which would be hilarious.
452
453 jacob's idea: one hart, one configuration:
454
455 >>>  (a) RV-Base ISA, particularly code-execution in the critical S-mode
456 >>> trap-handling, is *EXTREMELY* unlikely to ever be changed, even
457 >>> thinking 30 years into the future ?
458 >>
459 >> Oddly enough, due to the minimalism of RISC-V, I believe that this is
460 >> actually quite likely.  :-)
461 >>
462 >>>  thus the hypothesis is that not only is it the common code-path to
463 >>> *not* switch the ISA in the S-mode trap but that the instructions used
464 >>> are extremely unlikely to be changed between "RV Base Revisions".
465 >>>
466 >> Correct.  I argue that S-mode should *not* be able to switch the selected
467 >> ISA on multi-arch processors. 
468 >
469 > that would produce an artificial limitation which would prevent
470 > and prohibit implementors from making a single-core (single-hart)
471 > multi-configuration processor.
472
473
474
475 # Summary and Conclusion
476
477 In the early sections (those in the category "no action") it was established
478 in each case that the problem is not solved. Avoidance of responsibility,
479 or conflation of "not our problem" with "no problem" does not make "problem"
480 go away. Even "making it the Fabless Semiconductor's design problem" resulted
481 in a chip being *more costly to engineer as hardware **and** more costly
482 from a software-support perspective to maintain*... without actually
483 fixing the problem.
484
485 The first idea considered which could fix the problem was to just use
486 the pre-existing MISA CSR, however this was determined not to have
487 the right coverage (Standard Extensions only), and also crucially it
488 destroyed state. Whilst unworkable it did lead to the first "workable"
489 solution, "MISA-like".
490
491 The "MISA-like" proposal, whilst meeting most of the requirements, led to
492 a better idea: "mvendor/march-id WARL", which, in combination with an offshoot
493 idea related to gcc and binutils, is the only proposal that fully meets the
494 requirements.
495
496 The "ioctl-like" idea *also* solves the problem, but, unlike the WARL idea
497 does not meet the full requirements to be "non-invasive" and "backwards
498 compatible" with pre-existing (pre-Standards-finalised) implementations.
499 It does however stand on its own merit as a way to extend the extremely
500 small Custom Extension opcode space, even if it itself implemented *as*
501 a Custom Extension into which *other* Custom Extensions are subsequently
502 shoe-horned. This approach has the advantage that it requires no "approval"
503 from the RISC-V Foundation... but without the RISC-V Standard "approval"
504 guaranteeing no binary-encoding conflicts, still does not actually solve the
505 problem (if deployed as a Custom Extension for extending Custom Extensions).
506
507 Overall the mvendor/march-id WARL idea meets the three requirements,
508 and is the only idea that meets the three requirements:
509
510 * **Any proposal must be a minimal change with minimal (or zero) impact**
511 (met through being purely a single backwards-compatible change to the
512 wording of the specification: mvendor/march-id changes from read-only
513 to WARL)
514 * **Any proposal should place no restriction on existing or future
515 ISA encoding space**
516 (met because it is just a change to one pre-existing CSR, as opposed
517 to requiring additional CSRs or requiring extra opcodes or changes
518 to existing opcodes)
519 * **Any proposal should take into account that there are existing implementors
520 of the (yet to be finalised but still "partly frozen") Standard who may
521 resist, for financial investment reasons, efforts to make any change
522 (at all) that could cost them immediate short-term profits.**
523 (met because existing implementations, with the exception of those
524 that have Custom Extensions, come under the "vendor/arch-id read only
525 is a formal declaration of an implementation having no Custom Extensions"
526 fall-back category)
527
528 So to summarise:
529
530 * The consequences of not tackling this are severe: the RISC-V Foundation
531 cannot take a back seat. If it does, clear historical precedent shows
532 100% what the outcome will be (1).
533 * Making the mvendorid and marchid CSRs WARL solves the problem in a
534 minimal to zero-disruptive backwards-compatible fashion that provides
535 indefinite transparent *forwards*-compatibility.
536 * The retro-fitting cost onto existing implementations (even though the
537 specification has not been finalised) is zero to negligeable
538 (only changes to words in the specification required at this time:
539 no vendor need discard existing designs, either being designed,
540 taped out, or actually in production).
541 * The benefits are clear (pain-free transition path for vendors to safely
542 upgrade over time; no fights over Custom opcode space; no hassle for
543 software toolchain; no hassle for GNU/Linux Distros)
544 * The implementation details are clear (and problem-free except for
545 vendors who insist on deploying dozens of conflicting Custom Extensions:
546 an extreme unlikely outlier).
547 * Compliance Testing is straightforward and allows vendors to seek and
548 obtain *multiple* Compliance Certificates with past, present and future
549 variants of the RISC-V Standard (in the exact same processor,
550 simultaneously), in order to support end-customer legacy scenarios and
551 provide the same with a way to avoid "impossible-to-make" decisions that
552 throw out ultra-costly multi-decade-investment in proprietary legacy
553 software at the same as the (legacy) hardware.
554
555 -------
556
557 # Conversation Exerpts
558
559 The following conversation exerpts are taken from the ISA-dev discussion
560
561 ## (1) Albert Calahan on SPE / Altiven conflict in POWERPC
562
563 > Yes. Well, it should be blocked via legal means. Incompatibility is
564 > a disaster for an architecture.
565 >
566 > The viability of PowerPC was badly damaged when SPE was
567 > introduced. This was a vector instruction set that was incompatible
568 > with the AltiVec instruction set. Software vendors had to choose,
569 > and typically the choice was "neither". Nobody wants to put in the
570 > effort when there is uncertainty and a market fragmented into
571 > small bits.
572 >
573 > Note how Intel did not screw up. When SSE was added, MMX remained.
574 > Software vendors could trust that instructions would be supported.
575 > Both MMX and SSE remain today, in all shipping processors. With very
576 > few exceptions, Intel does not ship chips with missing functionality.
577 > There is a unified software ecosystem.
578 >
579 > This goes beyond the instruction set. MMU functionality also matters.
580 > You can add stuff, but then it must be implemented in every future CPU.
581 > You can not take stuff away without harming the architecture.
582
583 ## (2) Luke Kenneth Casson Leighton on Standards backwards-compatibility
584
585 > For the case where "legacy" variants of the RISC-V Standard are
586 > backwards-forwards-compatibly supported over a 10-20 year period in
587 > Industrial and Military/Goverment-procurement scenarios (so that the
588 > impossible-to-achieve pressure is off to get the spec ABSOLUTELY
589 > correct, RIGHT now), nobody would expect a seriously heavy-duty amount
590 > of instruction-by-instruction switching: it'd be used pretty much once
591 > and only once at boot-up (or once in a Hypervisor Virtual Machine
592 > client) and that's it.
593
594 ## (3) Allen Baum on Standards Compliance
595
596 > Putting my compliance chair hat on: One point that was made quite
597 > clear to me is that compliance will only test that an implementation
598 > correctly implements the portions of the spec that are mandatory, and
599 > the portions of the spec that are optional and the implementor claims
600 > it is implementing. It will test nothing in the custom extension space,
601 > and doesn't monitor or care what is in that space.
602
603 ## (4) Jacob Bachmeyer on explaining disambiguation of opcode space
604
605 > ...have different harts with different sets of encodings.)  Adding a "select"
606 > CSR as has been proposed does not escape this fundamental truth that
607 > instruction decode must be unambiguous, it merely expands every opcode with
608 > extra bits from a "select" CSR.
609
610 ## (5) Krste Asanovic on clarification of use of opcode space
611
612 > A CPU is even free to reuse some standard extension encoding space for
613 > non-standard extensions provided it does not claim to implement that
614 > standard extension.
615
616 ## (6) Clarification of difference between assembler and encodings
617
618 > > The extensible assembler database I proposed assumes that each processor
619 > > will have *one* and *only* one set of recognized instructions.  (The "hidden
620 > > prefix" is the immutable vendor/arch/impl tuple in my proposals.) 
621 >
622 >  ah this is an extremely important thing to clarify, the difference
623 > between the recognised instruction assembly mnemonic (which must be
624 > globally world-wide accepted as canonical) and the binary-level encodings
625 > of that mnemonic used different vendor implementations which will most
626 > definitely *not* be unique but require "registration" in the form of
627 > atomic acceptance as a patch by the FSF to gcc and binutils [and other
628 > compiler tools].
629
630
631 # References
632
633 * <https://groups.google.com/a/groups.riscv.org/forum/#!topic/isa-dev/7bbwSIW5aqM>
634 * <https://groups.google.com/a/groups.riscv.org/forum/#!topic/isa-dev/InzQ1wr_3Ak%5B1-25%5D>
635 * Review mvendorid-marchid WARL <https://groups.google.com/a/groups.riscv.org/forum/#!topic/isa-dev/Uvy9paXN1xA>