|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Overview
========
The errata is worked around in the kernel without requiring toolchain
modifications. It is triggered the JMPL/RETT return from trap instruction
sequence never generated by the compiler and. There are also other
conditions that must must be true to trigger the errata, for example the
instruction that the trap returns to has to be a JMPL instruction. The
errata can only be triggered if certain data is corrected by ECC
(inflicted by radiation), thus it can not be triggered under normal
operation. For more information see:
www.gaisler.com/notes
Affected RTEMS target BSPs:
* GR712RC
* UT699
* UT700/699E
The work around is enabled by defining __FIX_LEON3_TN0018 at build time.
After applying the following GCC patch, GCC will set the define when
compiling for an affected multilib:
* GR712RC (-mcpu=leon3 -mfix-gr712rc)
* UT700/UT699E (-mpcu=leon3 -mfix-ut700)
* UT699 (-mcpu=leon -mfix-ut699)
When building for another multilib and TN0018 is still required, it
is possible to enable it on the RTEMS kernel configure line using the
TARGET_CFLAGS (-D__FIX_LEON3FT_TN0018) or other by other means.
The following GCC patch sets __FIX_LEON3FT_TN0018 for the affected RTEMS
multilibs:
---------
diff --git a/gcc/config/sparc/rtemself.h b/gcc/config/sparc/rtemself.h
index 6570590..ddec98c 100644
--- a/gcc/config/sparc/rtemself.h
+++ b/gcc/config/sparc/rtemself.h
@@ -33,6 +33,8 @@
builtin_assert ("system=rtems"); \
if (sparc_fix_b2bst) \
builtin_define ("__FIX_LEON3FT_B2BST"); \
+ if (sparc_fix_gr712rc || sparc_fix_ut700 || sparc_fix_ut699) \
+ builtin_define ("__FIX_LEON3FT_TN0018"); \
} \
while (0)
---------
Workaround Implementation
=========================
In general there are two approaches that the workaround uses:
A) avoid ECC restarting the RETT instruction
B) avoid returning from trap to a JMPL instruction
Where A) comes at a higher performance cost than B), so B) is used
where posssible. B) can be achived for certain returns from trap
handlers if trap entry is controlled by assembly, such as system calls.
A)
A special JMPL/RETT sequence where instruction cache is disabled
temporarily to avoid RETT containing ECC errors, and reading of RETT
source registers to "clean" them from incorrect ECC just before RETT
is executed.
B)
The work around prevents JMPL after system calls (TA instruction) and
modifies assembly code on return from traps jumping back to application
code. Note that for some traps the trapped instruction is always
re-executed and can therefore not trigger the errata, for example the
SAVE instruction causing window overflow or an float instruction causing
FPU disabled trap.
RTEMS SPARC traps workaround implementation:
NAME NOTE TRAP COMMENT
* window overflow 1 - 0x05 always returns to a SAVE
* window underflow 1 - 0x06 always returns to a RESTORE
* interrupt traps 2 - 0x10..1f special rett sequence workaround
* syscall 3 - 0x80 shutdown system - never returns
* ABI flush windows 2 - 0x83 special rett sequence workaround
* syscall_irqdis 4 - 0x89
* syscall_irqen 4 - 0x8A
* syscall_irqdis_fp 1 - 0x8B always jumps back to FP instruction
* syscall_lazy_fp_switch 5 - 0x04 A) jumps back to FP instruction, or to
B) _Internal_error() starting with SAVE
Notes:
1) no workaround needed because trap always returns to non-JMPL instruction
2) workaround implemented by special rett sequence
3) no workaround needed because system call never returns
4) workaround implemented by inserting NOP in system call generation. Thus
fall into 1) when workaround is enabled and no trap handler fix needed.
5) trap handler branches into both 1) and returning to _Internal_error()
which starts with a SAVE and besides since it shuts down the system that
RETT should never be in cache (only executed once) so fix not necessary
in this case.
Any custom trap handlers may also have to be updated. To simplify that,
helper work around assembly code in macros are available in a separate
include file <libcpu/grlib-tn-0018.h>.
Close #4155.
|
|
A speciality of the RTEMS build system was the make preinstall step. It
copied header files from arbitrary locations into the build tree. The
header files were included via the -Bsome/build/tree/path GCC command
line option.
This has at least seven problems:
* The make preinstall step itself needs time and disk space.
* Errors in header files show up in the build tree copy. This makes it
hard for editors to open the right file to fix the error.
* There is no clear relationship between source and build tree header
files. This makes an audit of the build process difficult.
* The visibility of all header files in the build tree makes it
difficult to enforce API barriers. For example it is discouraged to
use BSP-specifics in the cpukit.
* An introduction of a new build system is difficult.
* Include paths specified by the -B option are system headers. This
may suppress warnings.
* The parallel build had sporadic failures on some hosts.
This patch removes the make preinstall step. All installed header
files are moved to dedicated include directories in the source tree.
Let @RTEMS_CPU@ be the target architecture, e.g. arm, powerpc, sparc,
etc. Let @RTEMS_BSP_FAMILIY@ be a BSP family base directory, e.g.
erc32, imx, qoriq, etc.
The new cpukit include directories are:
* cpukit/include
* cpukit/score/cpu/@RTEMS_CPU@/include
* cpukit/libnetworking
The new BSP include directories are:
* bsps/include
* bsps/@RTEMS_CPU@/include
* bsps/@RTEMS_CPU@/@RTEMS_BSP_FAMILIY@/include
There are build tree include directories for generated files.
The include directory order favours the most general header file, e.g.
it is not possible to override general header files via the include path
order.
The "bootstrap -p" option was removed. The new "bootstrap -H" option
should be used to regenerate the "headers.am" files.
Update #3254.
|