RISC-V permits myriad extensions to the ISA, any of which may imply
additional context that must be saved and restored on ISR entry and
exit. The current in-tree example is the Pulpino core, which has extra
registers used by ISA extensions for running loops that shouldn't get
clobbered by an ISR.
This is currently supported by including pulpino-specific definitions
in the generic architecture code. This works, but it's a bit inelegant
and is something of a layering violation. A more generic mechanism is
required to support other RISC-V SoCs with similar requirements
without cluttering the arch code too much.
Provide that by extending the semantics of the existing
CONFIG_RISCV_SOC_CONTEXT_SAVE option to allow other SoCs to allocate
space for saving and restoring their own state, promoting the
currently pulpino-specific __soc_save_context / __soc_restore_context
routines to a RISC-V arch API.
The cost of making this generic is two more instructions in each ISR
to pass the SoC specific context to these routines in a0 rather than
just assuming the stack points to the right place. This is minimal,
and should have been done anyway to keep with the ABI.
As a first (and currently only in-tree) customer, convert the Pulpino
SoC code to this new mechanism.
Signed-off-by: Marti Bolivar <marti@foundries.io>
The way that CONFIG_EXECUTION_BENCHMARKING=y is handled on this
architecture is incorrect. The goals are:
- call read_timer_start_of_isr() as close as possible to the
beginning of the ISR
- call read_timer_end_of_isr() after all preparations have
been made to call the driver-level IRQ handler, but it hasn't
been called yet
The current implementation could cause kernel crashes, though.
The read_timer_start_of_isr() call is made before saving MEPC or any
SoC-specific context. The MEPC issue is not that big of a deal, but
doing it before saving SoC context could clobber state that hasn't
been saved yet and corrupt the kernel.
One example is a pulpino style RISC-V SoC. Some Pulpino cores have
extra registers that are used for ISA extensions used to generate code
for C loops. There's no guarantee read_timer_start_of_isr() will never
have a loop inside: in fact, the RISC-V User-Level ISA v2.2 explicitly
recommends using a loop to get the 64-bit value of the "cycle" CSR. A
Pulpino-like SoC with a cycle CSR could thus naturally have a
read_timer_start_of_isr() implementation that involves loops. Saving
the loop state before reading the timer would then be needed.
Fix this issue by moving the call to read_timer_start_of_isr to after
all context saving is done. (This is a fairer comparison to Arm
Cortex-M SoCs anyway, since register stacking is performed in hardware
on Cortex M and is done before the first ISR instruction executes.)
The call to read_timer_end_of_isr() has an issue as well: it's called
after the ISR's argument has been stored in a0 and the ISR address is
in t1, but before actually calling the ISR itself.
In the standard RV32I calling convention, both t1 and a0 are caller
saved, so read_timer_end_of_isr() is within its rights to set them to
any garbage, which we'll happily treat as a function and its argument
and execute.
Avoid that possibility by saving the register values to the stack in
this configuration.
Signed-off-by: Marti Bolivar <marti@foundries.io>
Instead of checking every time we hit the low-level context switch
path to see if the new thread has a "partner" with which it needs to
share time, just run the slice timer always and reset it from the
scheduler at the points where it has already decided a switch needs to
happen. In TICKLESS_KERNEL situations, we pay the cost of extra timer
interrupts at ~10Hz or whatever, which is low (note also that this
kind of regular wakeup architecture is required on SMP anyway so the
scheduler can "notice" threads scheduled by other CPUs). Advantages:
1. Much simpler logic. Significantly smaller code. No variance or
dependence on tickless modes or timer driver (beyond setting a
simple timeout).
2. No arch-specific assembly integration with _Swap() needed
3. Better performance on many workloads, as the accounting now happens
at most once per timer interrupt (~5 Hz) and true rescheduling and
not on every unrelated context switch and interrupt return.
4. It's SMP-safe. The previous scheme kept the slice ticks as a
global variable, which was an unnoticed bug.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
Move to more generic tracing hooks that can be implemented in different
ways and do not interfere with the kernel.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
This patch provides support needed to get timing related
information from riscv32 based SOC.
Signed-off-by: Adithya Baglody <adithya.nagaraj.baglody@intel.com>
Move the MEPC increment logic in __irq_wrapper such that the saved MEPC
is only incremented on a syscall (ecall instruction).
Signed-off-by: Nathaniel Graff <nathaniel.graff@sifive.com>
The metairq feature exposed the fact that all of our arch code (and a
few mistaken spots in the scheduler too) was trying to interpret
"preemptible" threads independently.
As of the scheduler rewrite, that logic is entirely within sched.c and
doing it externally is redundant. And now that "cooperative" threads
can be preempted, it's wrong and produces test failures when used with
metairq threads.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
By now, t0 register restored value is overwritten
by mepc and mstatus values prior to returning from ISR.
Fixed by restoring mstatus and mepc registers before
restoring the caller-saved registers.
As t0 is a temporary register within the riscv ABI,
this issue was unnoticed for most applications, except
for computation intensive apps, like crypto tests.
Signed-off-by: Jean-Paul Etienne <fractalclone@gmail.com>
One of the stack sentinel policies was to check the sentinel
any time a cooperative context switch is done (i.e, _Swap is
called).
This was done by adding a hook to _check_stack_sentinel in
every arch's __swap function.
This way is cleaner as we just have the hook in one inline
function rather than implemented in several different assembly
dialects.
The check upon interrupt is now made unconditionally rather
than checking if we are calling __swap, since the check now
is only called on cooperative _Swap(). The interrupt is always
serviced first.
Issue: ZEP-2244
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
This places a sentinel value at the lowest 4 bytes of a stack
memory region and checks it at various intervals, including when
servicing interrupts or context switching.
This is implemented on all arches except ARC, which supports stack
bounds checking directly in hardware.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Added a riscv-privilege.h header file that contains common
definitions for all riscv SOCs supporting the riscv
privileged architecture specification.
This shall ease addition of future riscv SOCs supporting
the riscv privileged architecture spec.
Change-Id: I5714bf70eeda738a25967ed26d3d0d2aaa0c9989
Signed-off-by: Jean-Paul Etienne <fractalclone@gmail.com>
This avoids asm files from having to explicitly define the _ASMLANGUAGE
symbol themselves.
Change-Id: I71f5a169f75d7443a58a0365a41c55b20dae3029
Signed-off-by: Benjamin Walsh <walsh.benj@gmail.com>
Replace the existing Apache 2.0 boilerplate header with an SPDX tag
throughout the zephyr code tree. This patch was generated via a
script run over the master branch.
Also updated doc/porting/application.rst that had a dependency on
line numbers in a literal include.
Manually updated subsys/logging/sys_log.c that had a malformed
header in the original file. Also cleanup several cases that already
had a SPDX tag and we either got a duplicate or missed updating.
Jira: ZEP-1457
Change-Id: I6131a1d4ee0e58f5b938300c2d2fc77d2e69572c
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
RISC-V is an open-source instruction set architecture.
Added support for the 32bit version of RISC-V to Zephyr.
1) exceptions/interrupts/faults are handled at the architecture
level via the __irq_wrapper handler. Context saving/restoring
of registers can be handled at both architecture and SOC levels.
If SOC-specific registers need to be saved, SOC level needs to
provide __soc_save_context and __soc_restore_context functions
that shall be accounted by the architecture level, when
corresponding config variable RISCV_SOC_CONTEXT_SAVE is set.
2) As RISC-V architecture does not provide a clear ISA specification
about interrupt handling, each RISC-V SOC handles it in its own
way. Hence, at the architecture level, the __irq_wrapper handler
expects the following functions to be provided by the SOC level:
__soc_is_irq: to check if the exception is the result of an
interrupt or not.
__soc_handle_irq: handle pending IRQ at SOC level (ex: clear
pending IRQ in SOC-specific IRQ register)
3) Thread/task scheduling, as well as IRQ offloading are handled via
the RISC-V system call ("ecall"), which is also handled via the
__irq_wrapper handler. The _Swap asm function just calls "ecall"
to generate an exception.
4) As there is no conventional way of handling CPU power save in
RISC-V, the default nano_cpu_idle and nano_cpu_atomic_idle
functions just unlock interrupts and return to the caller, without
issuing any CPU power saving instruction. Nonetheless, to allow
SOC-level to implement proper CPU power save, nano_cpu_idle and
nano_cpu_atomic_idle functions are defined as __weak
at the architecture level.
Change-Id: I980a161d0009f3f404ad22b226a6229fbb492389
Signed-off-by: Jean-Paul Etienne <fractalclone@gmail.com>
