Basic Virtual Memory Implementation Fixes & Improvements #165
Conversation
|
I am getting this weird zoom. |
|
Notice that address sanitizer is failing in CI. |
src/gui/windows/tlb/tlbview.h
Outdated
| void tlb_update(unsigned way, unsigned set, bool valid, unsigned asid, quint64 vpn, quint64 phys, bool write); | ||
|
|
||
| private: | ||
| const machine::TLB *tlb; |
src/machine/memory/tlb/tlb.h
Outdated
| #include <cstdint> | ||
|
|
||
| namespace machine { | ||
| enum TLBType { PROGRAM, DATA }; |
There was a problem hiding this comment.
Why does LTB need to know this?
|
@jdupak thanks for review of interfacing to the memory model architecture. |
|
From my side, the changes to the processor pipeline diagram has been applied directly to the SVG files (src/gui/windows/coreview/schemas), but current design uses DRAW.IO source (extras/core_graphics) as the authoritative source of the pipeline visualization and SVGs are generated from this file. So the commit with SVG change should include |
|
For memory view, I would not complicate it with |
nemecad
force-pushed
the
feature/sv32-vm-tlb-ptw-cleanup
branch
5 times, most recently
from
0bb04d1 to
ca4300b
Compare
jdupak
force-pushed
the
feature/sv32-vm-tlb-ptw-cleanup
branch
from
ca4300b to
a6cbf71
Compare
There was a problem hiding this comment.
There is a typo in the dir name
There was a problem hiding this comment.
There is no cmake logic to run these tests. I think we want to run them as cli tests.
There was a problem hiding this comment.
Thank you for the comment. I’ve added the CMake logic to run these as CLI tests in the commit 7a204cf.
jdupak
force-pushed
the
feature/sv32-vm-tlb-ptw-cleanup
branch
from
a6cbf71 to
bc32933
Compare
|
I pushed some slight edits. Barring the issue with new tests not being run I am fine with merging this. |
|
I am going through the code. I have one overall remark, that there are lot of formatting changes included in functional changes. I am not reluctant to formatting changes even that I think that sometimes formatting left by human to align for example some case lines into columns etc. has some value. But formatting changes unrelated to the functional changes make review harder. So I would keep with patches as they are but I would suggest to separate formatting, even over all later modified files in series, separate from functional changes. |
|
I am do not like As for enabling cache for accesses there is a hack in the QtRvSim which enforces next uncached region In the longer term, cacheability should be controlled from page tables. But
But the physical region marked to skip caching in cache implementation (current state) should be enough for now. |
|
Not so critical for now, but should be solved in the longer time perspective. The behavior of |
|
It seems that TLBs are updated from the start of the system. The TLB and its updates should be enable only when root register is set. And they should not be updated in |
|
There is one actual issue from CI: you cannot use ftruncate. It fails compilation on Win. |
Never mind, this is broken on master. I will fix that. It does not block this PR. |
nemecad
force-pushed
the
feature/sv32-vm-tlb-ptw-cleanup
branch
3 times, most recently
from
c846a9e to
442a091
Compare
nemecad
force-pushed
the
feature/sv32-vm-tlb-ptw-cleanup
branch
2 times, most recently
from
3238c4f to
62777b5
Compare
jdupak
force-pushed
the
feature/sv32-vm-tlb-ptw-cleanup
branch
from
62777b5 to
6c37dd9
Compare
jdupak
force-pushed
the
feature/sv32-vm-tlb-ptw-cleanup
branch
from
6c37dd9 to
861f836
Compare
ppisa
left a comment
ppisa
left a comment
There was a problem hiding this comment.
Thanks to @nemecad for the virtual memory implementation. The code is clean and readable in general. Thanks to @jdupak for review and formatting.
There are some minor issues to resolve or discuss. Same some suggestion to history cleanup but I think that we can merge code soon.
To speedup discussion, I would like to meet or call with @nemecad.
But congratulation to good job generally. As the next step I would like to discuss possibility to work on Sv39 which would allow to test some more real operating system scenarios.
src/machine/memory/tlb/tlb.cpp
Outdated
|
|
||
| namespace machine { | ||
|
|
||
| static bool is_mmio_region(uint64_t virt) { |
There was a problem hiding this comment.
This function should be removed from the history. The logic is corrected by the commit 667bd4f
But it would be much better, if it does not appear in the history at all.
src/machine/memory/tlb/tlb.cpp
Outdated
| return false; | ||
| } | ||
|
|
||
| static Address bypass_mmio(Address vaddr) { |
| mem = machine->cache_data(); | ||
| } | ||
| } else { | ||
| if (access_through_cache == 2) { |
There was a problem hiding this comment.
The modes should be changed to proper enum to make code readable.
The field name access_through_cache should be adjusted. Something like mem_access_kind, mem_access_level or some better name name.
There was a problem hiding this comment.
The proposed enum and when I think about use there could be interesting to to have option to look to memory at virtual level even when CPU is in machine mode, because the you can observe what hypervisor or SBI does with some or system memory
enum MemoryAccessAtLevel {
MEM_ACC_AS_CPU = 0,
MEM_ACC_VIRT_ADDR = 1,
MEM_ACC_PHYS_ADDR = 2,
MEM_ACC_PHYS_ADDR_SKIP_CACHES = 3,
MEM_ACC_AS_MACHINE = 4,
};
There was a problem hiding this comment.
This commit and previous one should be squashed or kept but location of the test files as they are introduced in the previous commit should be already the final one. The move is abundant in new component history.
| flags = (enum InstructionFlags)im.flags; | ||
| alu_op = im.alu; | ||
| mem_ctl = im.mem_ctl; | ||
| if (flags & IMF_CSR) { |
There was a problem hiding this comment.
I agree with this additional logic to map CSR to required privilege level. But see proposed testing remark.
src/machine/core.cpp
Outdated
| ExceptionCause excause = dt.excause; | ||
|
|
||
| dt.inst.flags_alu_op_mem_ctl(flags, alu_op, mem_ctl); | ||
| auto current_priv = state.current_privilege(); |
There was a problem hiding this comment.
I would suggest to use some masking there. Ideally included directly by updates of check_inst_flags_val and check_inst_flags_mask when which would be updated when the privilege level changes. This would allow speedup and even check on individual instruction level when mret, sret etc, can be augmented by required privilege level directly in the instruction table. This common illegal instruction processing is possible because privilege violation should lead to regular illegal instruction exception. See
2.1. CSR Address Mapping Conventions
Instructions that access a non-existent CSR are reserved. Attempts to access a CSR without appropriate privilege level raise illegal-instruction exceptions or, as described in Section 21.6.1, virtual-instruction exceptions. Attempts to write a read-only register raise illegal-instruction exceptions. read/write register might also contain some bits that are read-only, in which case writes to the read-
only bits are ignored.
Add tracking of the hart's current privilege level to the core state so code handling exceptions/returns and visualization can read/update it from the central CoreState structure.
The next supervisor CSRs has been added: sstatus, stvec, sscratch, sepc, scause, stval, satp Write handler has been added as well. It presents sstatus as a masked view of mstatus so supervisor-visible bits stay in sync.
nemecad
force-pushed
the
feature/sv32-vm-tlb-ptw-cleanup
branch
from
861f836 to
b5940e8
Compare
ppisa
left a comment
ppisa
left a comment
There was a problem hiding this comment.
I have added comments and documented some which has been already expressed in discussion.
I have noticed some problems in rv32ui-p-fence_i official RISC-V tests. It is in cached variant regardless of pipeline/single-cycle and 32/64/bits variants. @jdupak it is strange that the failure of given/single official test does not propagate to failure of whole test series.
Problem seems to appear in some change after Machine: add supervisor CSRs and status handling commit or it could be introduced by my rearrangement of the changes.
rv32ui-p-fence_i: ERROR
[INFO] machine.ProgramLoader: Loaded executable: 32bit
[INFO] machine.TLB: TLB[I] constructed; sets=16 way=1
[INFO] machine.TLB: TLB[D] constructed; sets=16 way=1
[INFO] machine.TLB: TLB: SATP changed → flushed all; new SATP=0x00000000
[INFO] machine.TLB: TLB: SATP changed → flushed all; new SATP=0x00000000
[INFO] machine.TLB: TLB: SATP changed → flushed all; new SATP=0x00000000
[INFO] machine.TLB: TLB: SATP changed → flushed all; new SATP=0x00000000
[INFO] machine.BranchPredictor: Initialized branch predictor: None
[INFO] machine.TLB: TLB[D]: flushed all entries
[INFO] machine.TLB: TLB[I]: flushed all entries
[DEBUG] machine.core: Exception cause 11 instruction PC 0x80000180 next PC 0x80000184 jump branch PC 0x8000017cregisters PC 0x80000184 mem ref 0x00000000
Machine stopped on ECALL_M exception.
| mem = machine->cache_data(); | ||
| } | ||
| } else { | ||
| if (access_through_cache == 2) { |
There was a problem hiding this comment.
The proposed enum and when I think about use there could be interesting to to have option to look to memory at virtual level even when CPU is in machine mode, because the you can observe what hypervisor or SBI does with some or system memory
enum MemoryAccessAtLevel {
MEM_ACC_AS_CPU = 0,
MEM_ACC_VIRT_ADDR = 1,
MEM_ACC_PHYS_ADDR = 2,
MEM_ACC_PHYS_ADDR_SKIP_CACHES = 3,
MEM_ACC_AS_MACHINE = 4,
};
src/machine/core.cpp
Outdated
| } | ||
| if (auto data_tlb = dynamic_cast<TLB *>(mem_data)) { | ||
| data_tlb->on_privilege_changed(restored); | ||
| } |
There was a problem hiding this comment.
The dynamic cast are the last resort and the core should know (ideally) nothing about TLB except some control instructions to commands propagation.
One option is to add standard (synchronous) signal emit at set_current_privilege in the Core (it is QObject) and interconnect this signal to TLBs.
But when I think about it, then the right solution is to modify memory access FrontendMemory::write_ctl and FrontendMemory::read_ctl to propagate some control signals. Probably by pointer which can be null or may be with default parameters when passed by value (some struct which fits into 32 bits or uint in such case). These additional signals should propagate the privilege level and asid. This is how it is done o real CPUs. I.e., when the processor chips exposed bus to external MMU (68020) or when the buses are routed into FPGA fabric today. The control signals should be privilege level and current ASID. ASID should be held in core state and synchronized by some signal from CSR writes...
The TLB::on_privilege_changed should not be needed and for sure it should not flush TLB entries. It would cause extreme overhead for system calls and machine exceptions. The TLB flushes are maintained by operation system when page tables are modified or there is change of mapping of memory contexts to ASIDs. Seven switch to other memory context does not need the flush when ASIDs are unique.
src/machine/core.cpp
Outdated
|
|
||
| #include "common/logging.h" | ||
| #include "execute/alu.h" | ||
| #include "memory/tlb/tlb.h" |
There was a problem hiding this comment.
The TLB integration has to be solved such way that internal core logic does not need know how it works and how it is implemented. Same for tests etc.
src/machine/memory/tlb/tlb.h
Outdated
| TLBType type; | ||
| const TLBConfig tlb_config; | ||
| uint32_t current_satp_raw = 0; | ||
| CSR::PrivilegeLevel current_priv_ = CSR::PrivilegeLevel::MACHINE; |
There was a problem hiding this comment.
The logic should be solved such way, that this field is not needed.
There was a problem hiding this comment.
There can be use for keeping some last access privilege level and ASID or something similar for visualization purposes. But for sure not for real work.
src/machine/memory/tlb/tlb.cpp
Outdated
| namespace machine { | ||
|
|
||
| inline bool is_mode_enabled_in_satp(uint32_t satp_raw) { | ||
| return (satp_raw & (1u << 31)) != 0; |
There was a problem hiding this comment.
I do not like this inline there. It should go probably into TLB header.
src/machine/core.cpp
Outdated
| return InstructionFlags(flags_to_check); | ||
| } | ||
|
|
||
| static CSR::PrivilegeLevel decode_xret_type_from_inst(const Instruction &inst) { |
There was a problem hiding this comment.
This should be solved some other way. I would suggest to not solve this at decode level at all and left decision on ControlState::read and write or at least to the memory stage where illegal-instruction exception exception would be raised. It cannot be through standard exception signal from CSR, it has to be too late. It has to be by return value or some other way, optional pointer to status return. The illegal-instruction exception should be raised even if write to read only register is attempted and even when non-existent registers is addressed. All these information cannot be gathered at decode state. It would cost too much.
There is related discussion about RISC-V standard, which allows some situations where accesses to non existent/unspecified CSRs are reserved, but conclusion is that it should result in illegal-instruction as well except for some exotic arrangements
| // Mark illegal if current privilege is lower than encoded xRET type (e.g. MRET executed in S-mode) | ||
| if (state.current_privilege() < inst_xret_priv) { | ||
| excause = EXCAUSE_INSN_ILLEGAL; | ||
| } |
There was a problem hiding this comment.
This change should not be needed. Should be solved by
const InstructionFlags check_inst_flags_val;
const InstructionFlags check_inst_flags_mask;
manipulation in set_current_privilege and snntation of the instructions by required mode IMF_PRIV_S, IMF_PRIV_H, IMF_PRIV_M in decoding tables.
There was a problem hiding this comment.
Thank you for your detailed feedback. I appreciate it and have made some changes based on your review. I would be grateful for any further feedback.
Implements a set-associative Translation Lookaside Buffer (TLB) with replacement policies, Page-Table Walker, and adds SV32-specific definitions.
Add privilege level mapping to the GUI so the current hart privilege (UNPRIV, SUPERV, HYPERV, MACHINE) is displayed in core state visualization.
Extend NewDialog with controls for virtual memory setup, including TLB number of sets, associativity, and replacement policy.
Introduce new components for displaying and tracking TLB state similar to cache. TLBViewBlock and TLBAddressBlock render per-set and per-way TLB contents, updated on tlb_update signals. TLBViewScene assembles these views based on associativity. TLBDock integrates into the GUI, showing hit/miss counts, memory accesses, stall cycles, hit rate, and speed improvement, with live updates from the TLB.
Introduce an "As CPU (VMA)" access option in the cached access selector to render memory contents as observed by the CPU through the frontend interface.
Add a set of small assembly tests that exercise the SV32 page-table walker, SATP enablement and the new TLB code. The tests create a root page table and map a virtual page at 0xC4000000, then exercise several scenarios. The tests verify page-table walker behaviour, SATP switching and TLB caching/flush logic. Tests were written based on the consultation.
Ensure that TLBs are only updated when the root register is set, and disable TLB updates while running in Machine mode.
…ion checks Decode MRET/SRET/URET in the decode stage, carry the return type through the interstage registers, and pass it to ControlState::exception_return in the memory stage. Extend instruction metadata with privilege flags (IMF_PRIV_M/H/S) for privileged operations and use them for masking.
nemecad
force-pushed
the
feature/sv32-vm-tlb-ptw-cleanup
branch
from
b5940e8 to
0fc627f
Compare
3 participants
This PR addresses some previous feedback, most notably:
Tests:
UI Components: