+// See LICENSE for license details.
+
+#ifndef _RISCV_MMU_H
+#define _RISCV_MMU_H
+
#include "decode.h"
#include "trap.h"
-#include "icsim.h"
-#include <assert.h>
+#include "common.h"
+#include "config.h"
+#include "sim.h"
+#include "processor.h"
+#include "memtracer.h"
+#include <stdlib.h>
+#include <vector>
+
+// virtual memory configuration
+#define PGSHIFT 12
+const reg_t PGSIZE = 1 << PGSHIFT;
+const reg_t PGMASK = ~(PGSIZE-1);
-class processor_t;
+struct insn_fetch_t
+{
+ insn_func_t func;
+ insn_t insn;
+};
-const reg_t LEVELS = 4;
-const reg_t PGSHIFT = 12;
-const reg_t PGSIZE = 1 << PGSHIFT;
-const reg_t PPN_BITS = 8*sizeof(reg_t) - PGSHIFT;
+struct icache_entry_t {
+ reg_t tag;
+ reg_t pad;
+ insn_fetch_t data;
+};
-struct pte_t
+class trigger_matched_t
{
- reg_t t : 1;
- reg_t e : 1;
- reg_t r : 1;
- reg_t d : 1;
- reg_t ux : 1;
- reg_t uw : 1;
- reg_t ur : 1;
- reg_t sx : 1;
- reg_t sw : 1;
- reg_t sr : 1;
- reg_t unused1 : 2;
- reg_t ppn : PPN_BITS;
+ public:
+ trigger_matched_t(int index,
+ trigger_operation_t operation, reg_t address, reg_t data) :
+ index(index), operation(operation), address(address), data(data) {}
+
+ int index;
+ trigger_operation_t operation;
+ reg_t address;
+ reg_t data;
};
+// this class implements a processor's port into the virtual memory system.
+// an MMU and instruction cache are maintained for simulator performance.
class mmu_t
{
public:
- mmu_t(char* _mem, size_t _memsz)
- : mem(_mem), memsz(_memsz), badvaddr(0),
- ptbr(0), supervisor(true), vm_enabled(false),
- icsim(NULL), dcsim(NULL), itlbsim(NULL), dtlbsim(NULL)
+ mmu_t(sim_t* sim, processor_t* proc);
+ ~mmu_t();
+
+ inline reg_t misaligned_load(reg_t addr, size_t size)
{
+#ifdef RISCV_ENABLE_MISALIGNED
+ reg_t res = 0;
+ for (size_t i = 0; i < size; i++)
+ res += (reg_t)load_uint8(addr + i) << (i * 8);
+ return res;
+#else
+ throw trap_load_address_misaligned(addr);
+#endif
}
- #ifdef RISCV_ENABLE_ICSIM
- # define dcsim_tick(dcsim, dtlbsim, addr, size, st) \
- do { if(dcsim) (dcsim)->tick(addr, size, st); \
- if(dtlbsim) (dtlbsim)->tick(addr, sizeof(reg_t), false); } while(0)
- #else
- # define dcsim_tick(dcsim, dtlbsim, addr, size, st)
- #endif
+ inline void misaligned_store(reg_t addr, reg_t data, size_t size)
+ {
+#ifdef RISCV_ENABLE_MISALIGNED
+ for (size_t i = 0; i < size; i++)
+ store_uint8(addr + i, data >> (i * 8));
+#else
+ throw trap_store_address_misaligned(addr);
+#endif
+ }
+ // template for functions that load an aligned value from memory
#define load_func(type) \
- type##_t load_##type(reg_t addr) { \
- check_align(addr, sizeof(type##_t), false, false); \
- addr = translate(addr, false, false); \
- dcsim_tick(dcsim, dtlbsim, addr, sizeof(type##_t), false); \
- return *(type##_t*)(mem+addr); \
+ inline type##_t load_##type(reg_t addr) { \
+ if (unlikely(addr & (sizeof(type##_t)-1))) \
+ return misaligned_load(addr, sizeof(type##_t)); \
+ reg_t vpn = addr >> PGSHIFT; \
+ if (likely(tlb_load_tag[vpn % TLB_ENTRIES] == vpn)) \
+ return *(type##_t*)(tlb_data[vpn % TLB_ENTRIES] + addr); \
+ if (unlikely(tlb_load_tag[vpn % TLB_ENTRIES] == (vpn | TLB_CHECK_TRIGGERS))) { \
+ type##_t data = *(type##_t*)(tlb_data[vpn % TLB_ENTRIES] + addr); \
+ if (!matched_trigger) { \
+ matched_trigger = trigger_exception(OPERATION_LOAD, addr, data); \
+ if (matched_trigger) \
+ throw *matched_trigger; \
+ } \
+ return data; \
+ } \
+ type##_t res; \
+ load_slow_path(addr, sizeof(type##_t), (uint8_t*)&res); \
+ return res; \
}
- #define store_func(type) \
- void store_##type(reg_t addr, type##_t val) { \
- check_align(addr, sizeof(type##_t), true, false); \
- addr = translate(addr, true, false); \
- dcsim_tick(dcsim, dtlbsim, addr, sizeof(type##_t), true); \
- *(type##_t*)(mem+addr) = val; \
- }
-
- insn_t load_insn(reg_t addr, bool rvc)
- {
- insn_t insn;
-
- reg_t idx = (addr/sizeof(insn_t)) % ICACHE_ENTRIES;
- if(addr % 4 == 0 && icache_tag[idx] == (addr | 1))
- return icache_data[idx];
-
- #ifdef RISCV_ENABLE_RVC
- if(addr % 4 == 2 && rvc)
- {
- reg_t paddr_lo = translate(addr, false, true);
- insn.bits = *(uint16_t*)(mem+paddr_lo);
-
- if(!INSN_IS_RVC(insn.bits))
- {
- reg_t paddr_hi = translate(addr+2, false, true);
- insn.bits |= (uint32_t)*(uint16_t*)(mem+paddr_hi) << 16;
- }
- }
- else
- #endif
- {
- check_align(addr, 4, false, true);
- reg_t paddr = translate(addr, false, true);
- insn = *(insn_t*)(mem+paddr);
-
- icache_tag[idx] = addr | 1;
- icache_data[idx] = insn;
- }
-
- #ifdef RISCV_ENABLE_ICSIM
- if(icsim)
- icsim->tick(addr, insn_length(insn), false);
- if(itlbsim)
- itlbsim->tick(addr, sizeof(reg_t), false);
- #endif
-
- return insn;
- }
-
+ // load value from memory at aligned address; zero extend to register width
load_func(uint8)
load_func(uint16)
load_func(uint32)
load_func(uint64)
+ // load value from memory at aligned address; sign extend to register width
load_func(int8)
load_func(int16)
load_func(int32)
load_func(int64)
+ // template for functions that store an aligned value to memory
+ #define store_func(type) \
+ void store_##type(reg_t addr, type##_t val) { \
+ if (unlikely(addr & (sizeof(type##_t)-1))) \
+ return misaligned_store(addr, val, sizeof(type##_t)); \
+ reg_t vpn = addr >> PGSHIFT; \
+ if (likely(tlb_store_tag[vpn % TLB_ENTRIES] == vpn)) \
+ *(type##_t*)(tlb_data[vpn % TLB_ENTRIES] + addr) = val; \
+ else if (unlikely(tlb_store_tag[vpn % TLB_ENTRIES] == (vpn | TLB_CHECK_TRIGGERS))) { \
+ if (!matched_trigger) { \
+ matched_trigger = trigger_exception(OPERATION_STORE, addr, val); \
+ if (matched_trigger) \
+ throw *matched_trigger; \
+ } \
+ *(type##_t*)(tlb_data[vpn % TLB_ENTRIES] + addr) = val; \
+ } \
+ else \
+ store_slow_path(addr, sizeof(type##_t), (const uint8_t*)&val); \
+ }
+
+ // template for functions that perform an atomic memory operation
+ #define amo_func(type) \
+ template<typename op> \
+ type##_t amo_##type(reg_t addr, op f) { \
+ if (addr & (sizeof(type##_t)-1)) \
+ throw trap_store_address_misaligned(addr); \
+ try { \
+ auto lhs = load_##type(addr); \
+ store_##type(addr, f(lhs)); \
+ return lhs; \
+ } catch (trap_load_page_fault& t) { \
+ /* AMO faults should be reported as store faults */ \
+ throw trap_store_page_fault(t.get_badaddr()); \
+ } catch (trap_load_access_fault& t) { \
+ /* AMO faults should be reported as store faults */ \
+ throw trap_store_access_fault(t.get_badaddr()); \
+ } \
+ }
+
+ // store value to memory at aligned address
store_func(uint8)
store_func(uint16)
store_func(uint32)
store_func(uint64)
- reg_t get_badvaddr() { return badvaddr; }
- reg_t get_ptbr() { return ptbr; }
-
- void set_supervisor(bool sup) { supervisor = sup; }
- void set_vm_enabled(bool en) { vm_enabled = en; }
- void set_ptbr(reg_t addr) { ptbr = addr & ~(PGSIZE-1); flush_tlb(); }
+ // perform an atomic memory operation at an aligned address
+ amo_func(uint32)
+ amo_func(uint64)
- void set_icsim(icsim_t* _icsim) { icsim = _icsim; }
- void set_dcsim(icsim_t* _dcsim) { dcsim = _dcsim; }
- void set_itlbsim(icsim_t* _itlbsim) { itlbsim = _itlbsim; }
- void set_dtlbsim(icsim_t* _dtlbsim) { dtlbsim = _dtlbsim; }
+ static const reg_t ICACHE_ENTRIES = 1024;
- void flush_tlb();
- void flush_icache();
-
-private:
- char* mem;
- size_t memsz;
- reg_t badvaddr;
-
- reg_t ptbr;
- bool supervisor;
- bool vm_enabled;
+ inline size_t icache_index(reg_t addr)
+ {
+ return (addr / PC_ALIGN) % ICACHE_ENTRIES;
+ }
- static const reg_t TLB_ENTRIES = 32;
- pte_t tlb_data[TLB_ENTRIES];
- reg_t tlb_tag[TLB_ENTRIES];
+ inline icache_entry_t* refill_icache(reg_t addr, icache_entry_t* entry)
+ {
+ const uint16_t* iaddr = translate_insn_addr(addr);
+ insn_bits_t insn = *iaddr;
+ int length = insn_length(insn);
+
+ if (likely(length == 4)) {
+ insn |= (insn_bits_t)*(const int16_t*)translate_insn_addr(addr + 2) << 16;
+ } else if (length == 2) {
+ insn = (int16_t)insn;
+ } else if (length == 6) {
+ insn |= (insn_bits_t)*(const int16_t*)translate_insn_addr(addr + 4) << 32;
+ insn |= (insn_bits_t)*(const uint16_t*)translate_insn_addr(addr + 2) << 16;
+ } else {
+ static_assert(sizeof(insn_bits_t) == 8, "insn_bits_t must be uint64_t");
+ insn |= (insn_bits_t)*(const int16_t*)translate_insn_addr(addr + 6) << 48;
+ insn |= (insn_bits_t)*(const uint16_t*)translate_insn_addr(addr + 4) << 32;
+ insn |= (insn_bits_t)*(const uint16_t*)translate_insn_addr(addr + 2) << 16;
+ }
- static const reg_t ICACHE_ENTRIES = 32;
- insn_t icache_data[ICACHE_ENTRIES];
- reg_t icache_tag[ICACHE_ENTRIES];
+ insn_fetch_t fetch = {proc->decode_insn(insn), insn};
+ entry->tag = addr;
+ entry->data = fetch;
- icsim_t* icsim;
- icsim_t* dcsim;
- icsim_t* itlbsim;
- icsim_t* dtlbsim;
+ reg_t paddr = sim->mem_to_addr((char*)iaddr);
+ if (tracer.interested_in_range(paddr, paddr + 1, FETCH)) {
+ entry->tag = -1;
+ tracer.trace(paddr, length, FETCH);
+ }
+ return entry;
+ }
- void check_align(reg_t addr, int size, bool store, bool fetch)
+ inline icache_entry_t* access_icache(reg_t addr)
{
- if(addr & (size-1))
- {
- badvaddr = addr;
- if(fetch)
- throw trap_instruction_address_misaligned;
- if(store)
- throw trap_store_address_misaligned;
- throw trap_load_address_misaligned;
- }
+ icache_entry_t* entry = &icache[icache_index(addr)];
+ if (likely(entry->tag == addr))
+ return entry;
+ return refill_icache(addr, entry);
}
- reg_t translate(reg_t addr, bool store, bool fetch)
+ inline insn_fetch_t load_insn(reg_t addr)
{
- reg_t idx = (addr >> PGSHIFT) % TLB_ENTRIES;
- pte_t pte = tlb_data[idx];
- reg_t tag = tlb_tag[idx];
-
- trap_t trap = store ? trap_store_access_fault
- : fetch ? trap_instruction_access_fault
- : trap_load_access_fault;
-
- if(!pte.e || tag != (addr >> PGSHIFT))
- {
- pte = walk(addr);
- if(!pte.e)
- throw trap;
-
- tlb_data[idx] = pte;
- tlb_tag[idx] = addr >> PGSHIFT;
- }
+ icache_entry_t entry;
+ return refill_icache(addr, &entry)->data;
+ }
+
+ void flush_tlb();
+ void flush_icache();
- if(store && !(supervisor ? pte.sw : pte.uw) ||
- !store && !fetch && !(supervisor ? pte.sr : pte.ur) ||
- !store && !fetch && !(supervisor ? pte.sr : pte.ur))
- throw trap;
+ void register_memtracer(memtracer_t*);
- return (addr & (PGSIZE-1)) | (pte.ppn << PGSHIFT);
+private:
+ sim_t* sim;
+ processor_t* proc;
+ memtracer_list_t tracer;
+ uint16_t fetch_temp;
+
+ // implement an instruction cache for simulator performance
+ icache_entry_t icache[ICACHE_ENTRIES];
+
+ // implement a TLB for simulator performance
+ static const reg_t TLB_ENTRIES = 256;
+ // If a TLB tag has TLB_CHECK_TRIGGERS set, then the MMU must check for a
+ // trigger match before completing an access.
+ static const reg_t TLB_CHECK_TRIGGERS = reg_t(1) << 63;
+ char* tlb_data[TLB_ENTRIES];
+ reg_t tlb_insn_tag[TLB_ENTRIES];
+ reg_t tlb_load_tag[TLB_ENTRIES];
+ reg_t tlb_store_tag[TLB_ENTRIES];
+
+ // finish translation on a TLB miss and update the TLB
+ void refill_tlb(reg_t vaddr, reg_t paddr, access_type type);
+ const char* fill_from_mmio(reg_t vaddr, reg_t paddr);
+
+ // perform a page table walk for a given VA; set referenced/dirty bits
+ reg_t walk(reg_t addr, access_type type, reg_t prv);
+
+ // handle uncommon cases: TLB misses, page faults, MMIO
+ const uint16_t* fetch_slow_path(reg_t addr);
+ void load_slow_path(reg_t addr, reg_t len, uint8_t* bytes);
+ void store_slow_path(reg_t addr, reg_t len, const uint8_t* bytes);
+ reg_t translate(reg_t addr, access_type type);
+
+ // ITLB lookup
+ inline const uint16_t* translate_insn_addr(reg_t addr) {
+ reg_t vpn = addr >> PGSHIFT;
+ if (likely(tlb_insn_tag[vpn % TLB_ENTRIES] == vpn))
+ return (uint16_t*)(tlb_data[vpn % TLB_ENTRIES] + addr);
+ if (unlikely(tlb_insn_tag[vpn % TLB_ENTRIES] == (vpn | TLB_CHECK_TRIGGERS))) {
+ uint16_t* ptr = (uint16_t*)(tlb_data[vpn % TLB_ENTRIES] + addr);
+ int match = proc->trigger_match(OPERATION_EXECUTE, addr, *ptr);
+ if (match >= 0)
+ throw trigger_matched_t(match, OPERATION_EXECUTE, addr, *ptr);
+ return ptr;
+ }
+ return fetch_slow_path(addr);
}
- pte_t walk(reg_t addr)
+ inline trigger_matched_t *trigger_exception(trigger_operation_t operation,
+ reg_t address, reg_t data)
{
- pte_t pte;
-
- if(!vm_enabled)
- {
- pte.t = 0;
- pte.e = addr < memsz;
- pte.r = pte.d = 0;
- pte.ur = pte.uw = pte.ux = pte.sr = pte.sw = pte.sx = 1;
- pte.ppn = addr >> PGSHIFT;
+ if (!proc) {
+ return NULL;
}
- else
- {
- pte.t = pte.e = 0;
-
- int lg_ptesz = sizeof(pte_t) == 4 ? 2
- : sizeof(pte_t) == 8 ? 3
- : 0;
- assert(lg_ptesz);
-
- reg_t base = ptbr;
-
- for(int i = LEVELS-1; i >= 0; i--)
- {
- int idxbits = PGSHIFT - lg_ptesz;
- int shift = PGSHIFT + i*idxbits;
- reg_t idx = addr >> shift;
- idx &= (1 << idxbits) - 1;
-
- reg_t pte_addr = base + idx*sizeof(pte_t);
- if(pte_addr >= memsz)
- break;
-
- pte = *(pte_t*)(mem+pte_addr);
- if(pte.e)
- {
- // if this PTE is from a larger PT, fake a leaf
- // PTE so the TLB will work right
- reg_t vpn = addr >> PGSHIFT;
- pte.ppn += vpn & ((1<<(i*idxbits))-1);
- break;
- }
- if(!pte.t)
- break;
-
- base = pte.ppn << PGSHIFT;
- }
+ int match = proc->trigger_match(operation, address, data);
+ if (match == -1)
+ return NULL;
+ if (proc->state.mcontrol[match].timing == 0) {
+ throw trigger_matched_t(match, operation, address, data);
}
-
- return pte;
+ return new trigger_matched_t(match, operation, address, data);
}
-
+
+ bool check_triggers_fetch;
+ bool check_triggers_load;
+ bool check_triggers_store;
+ // The exception describing a matched trigger, or NULL.
+ trigger_matched_t *matched_trigger;
+
friend class processor_t;
};
+
+struct vm_info {
+ int levels;
+ int idxbits;
+ int ptesize;
+ reg_t ptbase;
+};
+
+inline vm_info decode_vm_info(int xlen, reg_t prv, reg_t sptbr)
+{
+ if (prv == PRV_M) {
+ return {0, 0, 0, 0};
+ } else if (prv <= PRV_S && xlen == 32) {
+ switch (get_field(sptbr, SPTBR32_MODE)) {
+ case SPTBR_MODE_OFF: return {0, 0, 0, 0};
+ case SPTBR_MODE_SV32: return {2, 10, 4, (sptbr & SPTBR32_PPN) << PGSHIFT};
+ default: abort();
+ }
+ } else if (prv <= PRV_S && xlen == 64) {
+ switch (get_field(sptbr, SPTBR64_MODE)) {
+ case SPTBR_MODE_OFF: return {0, 0, 0, 0};
+ case SPTBR_MODE_SV39: return {3, 9, 8, (sptbr & SPTBR64_PPN) << PGSHIFT};
+ case SPTBR_MODE_SV48: return {4, 9, 8, (sptbr & SPTBR64_PPN) << PGSHIFT};
+ case SPTBR_MODE_SV57: return {5, 9, 8, (sptbr & SPTBR64_PPN) << PGSHIFT};
+ case SPTBR_MODE_SV64: return {6, 9, 8, (sptbr & SPTBR64_PPN) << PGSHIFT};
+ default: abort();
+ }
+ } else {
+ abort();
+ }
+}
+
+#endif