Preliminary support for MMU emulation

To boot a 32-bit RISC-V Linux with MMU, MMU emulation support is essential.
The virtual memory scheme required is SV32. Major changes in this commit
include implementing the MMU-related riscv_io_t interface and binding it
during RISC-V instance initialization. To reuse the riscv_io_t interface,
its prototype is modified to allow access to the RISC-V core instance as
the first parameter, since MMU-enabled I/O requires access to the SATP CSR.
Additionally, a trap_handler callback is added to the riscv_io_t
interface to route the actual trap handler. This approach keeps the
dispatch_table and TRAP_HANDLER_IMPL static within emulate.c, aligning
the schema with other handlers like ebreak_handler and ecall_handler.
The SET_CAUSE_AND_TVAL_THEN_TRAP macro is introduced to simplify the
dispatch process when invoking a trap.

For each memory access, the page table is walked to get the
corresponding PTE. Depending on the PTE retrieval, several page faults
may need handling. Thus, three exception handlers have been introduced:
insn_pgfault, load_pgfault, and store_pgfault, used in MMU_CHECK_FAULT.
This commit does not fully handle access faults since they are related
to PMA and PMP, which may not be necessary for booting 32-bit RISC-V
Linux (possibly supported in the future).

Since Linux has not been booted yet, a test suite is needed to test the
MMU emulation. This commit includes a test suite that implements a
simple kernel space supervisor and a user space application. The
supervisor prepares the page table and then passes control to the user
space application to test the three aforementioned page faults.

Related: #310

Author: ChinYikMing

Makefile

@@ -45,6 +45,10 @@ CFLAGS += $(CFLAGS_NO_CET)
 
 OBJS_EXT :=
 
+ifeq ($(call has, SYSTEM), 1)
+OBJS_EXT += system.o
+endif
+
 # Integer Multiplication and Division instructions
 ENABLE_EXT_M ?= 1
 $(call set-feature, EXT_M)

src/decode.c

@@ -907,9 +907,8 @@ static inline bool op_system(rv_insn_t *ir, const uint32_t insn)
     default: /* illegal instruction */
         return false;
     }
-    if (!csr_is_writable(ir->imm) && ir->rs1 != rv_reg_zero)
-        return false;
-    return true;
+
+    return csr_is_writable(ir->imm) || (ir->rs1 == rv_reg_zero);
 }
 
 /* MISC-MEM: I-type

src/emulate.c

@@ -14,6 +14,10 @@
 #include <emscripten.h>
 #endif
 
+#if RV32_HAS(SYSTEM)
+#include "system.h"
+#endif /* RV32_HAS(SYSTEM) */
+
 #if RV32_HAS(EXT_F)
 #include <math.h>
 #include "softfloat.h"
@@ -41,18 +45,21 @@ extern struct target_ops gdbstub_ops;
 #define IF_rs2(i, r) (i->rs2 == rv_reg_##r)
 #define IF_imm(i, v) (i->imm == v)
 
-/* RISC-V exception code list */
+/* RISC-V trap code list */
 /* clang-format off */
-#define RV_TRAP_LIST                                               \
-    IIF(RV32_HAS(EXT_C))(,                                         \
-        _(insn_misaligned, 0) /* Instruction address misaligned */ \
-    )                                                              \
-    _(illegal_insn, 2)     /* Illegal instruction */               \
-    _(breakpoint, 3)       /* Breakpoint */                        \
-    _(load_misaligned, 4)  /* Load address misaligned */           \
-    _(store_misaligned, 6) /* Store/AMO address misaligned */      \
-    IIF(RV32_HAS(SYSTEM))(,                                        \
-        _(ecall_M, 11)     /* Environment call from M-mode */      \
+#define RV_TRAP_LIST                                                                       \
+    IIF(RV32_HAS(EXT_C))(,                                                                 \
+        _(insn_misaligned, INSN_MISALIGNED)     /* Instruction address misaligned */       \
+    )                                                                                      \
+    _(illegal_insn, ILLEGAL_INSN)               /* Illegal instruction */                  \
+    _(breakpoint, BREAKPOINT)                   /* Breakpoint */                           \
+    _(load_misaligned, LOAD_MISALIGNED)         /* Load address misaligned */              \
+    _(store_misaligned, STORE_MISALIGNED)       /* Store/AMO address misaligned */         \
+    IIF(RV32_HAS(SYSTEM))(                                                                 \
+        _(pagefault_insn, PAGEFAULT_INSN)       /* Instruction page fault */               \
+        _(pagefault_load, PAGEFAULT_LOAD)       /* Load page fault */                      \
+        _(pagefault_store, PAGEFAULT_STORE),    /* Store page fault */                     \
+        _(ecall_M, ECALL_M)                     /* Environment call from M-mode */         \
     )
 /* clang-format on */
 
@@ -68,20 +75,9 @@ static void rv_trap_default_handler(riscv_t *rv)
     rv->PC = rv->csr_mepc; /* mret */
 }
 
-/*
- * Trap might occurs during block emulation. For instance, page fault.
- * In order to handle trap, we have to escape from block and execute
- * registered trap handler. This trap_handler function helps to execute
- * the registered trap handler, PC by PC. Once the trap is handled,
- * resume the previous execution flow where cause the trap.
- *
- * Since the system emulation has not yet included in rv32emu, the page
- * fault is not practical in current test suite. Instead, we try to
- * emulate the misaligned handling in the test suite.
- */
 #if RV32_HAS(SYSTEM)
-static void trap_handler(riscv_t *rv);
-#endif
+static void __trap_handler(riscv_t *rv);
+#endif /* SYSTEM */
 
 /* When a trap occurs in M-mode/S-mode, m/stval is either initialized to zero or
  * populated with exception-specific details to assist software in managing
@@ -158,7 +154,7 @@ static void trap_handler(riscv_t *rv);
             rv->PC = base + 4 * (code & MASK(31));                            \
             break;                                                            \
         }                                                                     \
-        IIF(RV32_HAS(SYSTEM))(if (rv->is_trapped) trap_handler(rv);, )        \
+        IIF(RV32_HAS(SYSTEM))(if (rv->is_trapped) __trap_handler(rv);, )      \
     }
 
 /* RISC-V exception handlers */
@@ -180,8 +176,8 @@ RV_TRAP_LIST
         rv->compressed = compress;                                    \
         rv->csr_cycle = cycle;                                        \
         rv->PC = PC;                                                  \
-        IIF(RV32_HAS(SYSTEM))(rv->is_trapped = true, );               \
-        rv_trap_##type##_misaligned(rv, IIF(IO)(addr, mask_or_pc));   \
+        SET_CAUSE_AND_TVAL_THEN_TRAP(rv, type##_MISALIGNED,           \
+                                     IIF(IO)(addr, mask_or_pc));      \
         return false;                                                 \
     }
 
@@ -531,8 +527,8 @@ static bool do_fuse3(riscv_t *rv, rv_insn_t *ir, uint64_t cycle, uint32_t PC)
      */
     for (int i = 0; i < ir->imm2; i++) {
         uint32_t addr = rv->X[fuse[i].rs1] + fuse[i].imm;
-        RV_EXC_MISALIGN_HANDLER(3, store, false, 1);
-        rv->io.mem_write_w(addr, rv->X[fuse[i].rs2]);
+        RV_EXC_MISALIGN_HANDLER(3, STORE, false, 1);
+        rv->io.mem_write_w(rv, addr, rv->X[fuse[i].rs2]);
     }
     PC += ir->imm2 * 4;
     if (unlikely(RVOP_NO_NEXT(ir))) {
@@ -555,8 +551,8 @@ static bool do_fuse4(riscv_t *rv, rv_insn_t *ir, uint64_t cycle, uint32_t PC)
      */
     for (int i = 0; i < ir->imm2; i++) {
         uint32_t addr = rv->X[fuse[i].rs1] + fuse[i].imm;
-        RV_EXC_MISALIGN_HANDLER(3, load, false, 1);
-        rv->X[fuse[i].rd] = rv->io.mem_read_w(addr);
+        RV_EXC_MISALIGN_HANDLER(3, LOAD, false, 1);
+        rv->X[fuse[i].rd] = rv->io.mem_read_w(rv, addr);
     }
     PC += ir->imm2 * 4;
     if (unlikely(RVOP_NO_NEXT(ir))) {
@@ -666,12 +662,12 @@ static void block_translate(riscv_t *rv, block_t *block)
             prev_ir->next = ir;
 
         /* fetch the next instruction */
-        const uint32_t insn = rv->io.mem_ifetch(block->pc_end);
+        const uint32_t insn = rv->io.mem_ifetch(rv, block->pc_end);
 
         /* decode the instruction */
         if (!rv_decode(ir, insn)) {
             rv->compressed = is_compressed(insn);
-            rv_trap_illegal_insn(rv, insn);
+            SET_CAUSE_AND_TVAL_THEN_TRAP(rv, INSN_MISALIGNED, insn);
             break;
         }
         ir->impl = dispatch_table[ir->opcode];
@@ -1122,15 +1118,14 @@ void rv_step(void *arg)
 }
 
 #if RV32_HAS(SYSTEM)
-static void trap_handler(riscv_t *rv)
+static void __trap_handler(riscv_t *rv)
 {
     rv_insn_t *ir = mpool_alloc(rv->block_ir_mp);
     assert(ir);
 
-    /* set to false by sret/mret implementation */
-    uint32_t insn;
+    /* set to false by sret implementation */
     while (rv->is_trapped && !rv_has_halted(rv)) {
-        insn = rv->io.mem_ifetch(rv->PC);
+        uint32_t insn = rv->io.mem_ifetch(rv, rv->PC);
         assert(insn);
 
         rv_decode(ir, insn);
@@ -1139,12 +1134,63 @@ static void trap_handler(riscv_t *rv)
         ir->impl(rv, ir, rv->csr_cycle, rv->PC);
     }
 }
-#endif
+#endif /* SYSTEM */
+
+static void _trap_handler(riscv_t *rv)
+{
+    uint32_t cause = RV_PRIV_IS_U_OR_S_MODE() ? rv->csr_scause : rv->csr_mcause;
+    uint32_t tval = RV_PRIV_IS_U_OR_S_MODE() ? rv->csr_stval : rv->csr_mtval;
+
+    switch (cause) {
+#if !RV32_HAS(EXT_C)
+    case INSN_MISALIGNED:
+        rv_trap_insn_misaligned(rv, tval);
+        break;
+#endif /* EXT_C */
+    case ILLEGAL_INSN:
+        rv_trap_illegal_insn(rv, tval);
+        break;
+    case BREAKPOINT:
+        rv_trap_breakpoint(rv, tval);
+        break;
+    case LOAD_MISALIGNED:
+        rv_trap_load_misaligned(rv, tval);
+        break;
+    case STORE_MISALIGNED:
+        rv_trap_store_misaligned(rv, tval);
+        break;
+#if RV32_HAS(SYSTEM)
+    case PAGEFAULT_INSN:
+        rv_trap_pagefault_insn(rv, tval);
+        break;
+    case PAGEFAULT_LOAD:
+        rv_trap_pagefault_load(rv, tval);
+        break;
+    case PAGEFAULT_STORE:
+        rv_trap_pagefault_store(rv, tval);
+        break;
+#endif /* SYSTEM */
+#if !RV32_HAS(SYSTEM)
+    case ECALL_M:
+        rv_trap_ecall_M(rv, tval);
+        break;
+#endif /* SYSTEM */
+    default:
+        __UNREACHABLE;
+        break;
+    }
+}
+
+void trap_handler(riscv_t *rv)
+{
+    assert(rv);
+    _trap_handler(rv);
+}
 
 void ebreak_handler(riscv_t *rv)
 {
     assert(rv);
-    rv_trap_breakpoint(rv, rv->PC);
+    SET_CAUSE_AND_TVAL_THEN_TRAP(rv, BREAKPOINT, rv->PC);
 }
 
 void ecall_handler(riscv_t *rv)
@@ -1154,7 +1200,7 @@ void ecall_handler(riscv_t *rv)
     syscall_handler(rv);
     rv->PC += 4;
 #else
-    rv_trap_ecall_M(rv, 0);
+    SET_CAUSE_AND_TVAL_THEN_TRAP(rv, ECALL_M, 0);
     syscall_handler(rv);
 #endif
 }

src/feature.h

@@ -63,5 +63,10 @@
 #define RV32_FEATURE_T2C 0
 #endif
 
+/* System */
+#ifndef RV32_FEATURE_SYSTEM
+#define RV32_FEATURE_SYSTEM 0
+#endif
+
 /* Feature test macro */
 #define RV32_HAS(x) RV32_FEATURE_##x

src/gdbstub.c

@@ -55,7 +55,7 @@ static int rv_read_mem(void *args, size_t addr, size_t len, void *val)
          * an invalid address. We may have to do error handling in the
          * mem_read_* function directly.
          */
-        *((uint8_t *) val + i) = rv->io.mem_read_b(addr + i);
+        *((uint8_t *) val + i) = rv->io.mem_read_b(rv, addr + i);
     }
 
     return err;
@@ -66,7 +66,7 @@ static int rv_write_mem(void *args, size_t addr, size_t len, void *val)
     riscv_t *rv = (riscv_t *) args;
 
     for (size_t i = 0; i < len; i++)
-        rv->io.mem_write_b(addr + i, *((uint8_t *) val + i));
+        rv->io.mem_write_b(rv, addr + i, *((uint8_t *) val + i));
 
     return 0;
 }

src/main.c

@@ -217,12 +217,21 @@ int main(int argc, char **args)
         .log_level = 0,
         .run_flag = run_flag,
         .profile_output_file = prof_out_file,
+#if RV32_HAS(SYSTEM)
+        .data.system = malloc(sizeof(vm_system_t)),
+#else
         .data.user = malloc(sizeof(vm_user_t)),
+#endif
         .cycle_per_step = CYCLE_PER_STEP,
         .allow_misalign = opt_misaligned,
     };
+#if RV32_HAS(SYSTEM)
+    assert(attr.data.system);
+    attr.data.system->elf_program = opt_prog_name;
+#else
     assert(attr.data.user);
     attr.data.user->elf_program = opt_prog_name;
+#endif
 
     /* create the RISC-V runtime */
     rv = rv_create(&attr);