[docs] rework: "execution safety" -> "full virtualization"

stnolting · Aug 7, 2021 · 70edf18 · 70edf18
1 parent 3815cd7
commit 70edf18
Show file tree

Hide file tree

Showing 4 changed files with 24 additions and 29 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -25,7 +25,7 @@ defined by the `hw_version_c` constant in the main VHDL package file [`rtl/core/
 | Date (*dd.mm.yyyy*) | Version | Comment |
 |:----------:|:-------:|:--------|
 | 07.08.2021 | 1.5.8.8 | :bug: fixed bug in execution (trapping) of `xRET` instructions: `dret` (return from debug-mode handler) has to raise an illegal instruction exception if executed outside of debug-mode, `mret` (return from machine-mode handler) has to raise an illegal instruction exception if executed in lower-privileged modes (lower than machine-mode) |
-| 05.08.2021 | 1.5.8.7 | :sparkles: added `mstatus.FS` and `mstatus.SD` CSR bits: control the state of the FPU (`Zfinx`) extension; supported states for `mstatus.FS`: `00` = _off, `11` = _dirty_; writing other states will always set _dirty_ state; note that all FPU instructions including FPU CSR access instructions will raise an illegal instrution exception if `mstatus.FS` = _off_ |
+| 05.08.2021 | 1.5.8.7 | :sparkles: added `mstatus.FS` and `mstatus.SD` CSR bits: control the state of the FPU (`Zfinx`) extension; supported states for `mstatus.FS`: `00` = _off_, `11` = _dirty_; writing other states will always set _dirty_ state; note that all FPU instructions including FPU CSR access instructions will raise an illegal instrution exception if `mstatus.FS` = _off_ |
 | 03.08.2021 | 1.5.8.6 | :bug: fixed bug in linker script [#134](https://github.com/stnolting/neorv32/issues/134): `.rodata.*` "sub"-sections were missing, caused wrong linking of implicit constants (like strings); added `mconfigptr` CSR (RISC-V priv. ISA spec. v1.12-draft ;read-only): holds a pointer to a platfrom/system configuration structure - not actually used yet |
 | 30.07.2021 | 1.5.8.5 | fixed minor bug in top entity / AXI4 wrapper (Vivado "issue": generic defaults need a _fixed-size_ intialization value) [#113](https://github.com/stnolting/neorv32/issues/133) |
 | 26.07.2021 | 1.5.8.4 | :bug: **fixed major bug in CPU interrupt system**: interrupts during memory accesses (load/store instruction) terminated those memory accesses violating the crucial "instruction atomicity" concept: traps (interrupts and exceptions) must only intervent _between_ instructions |

diff --git a/README.md b/README.md
@@ -172,8 +172,8 @@ The core implements a little-endian von-Neumann architecture using two pipeline
 scheme. The CPU supports three privilege levels (`machine` and optional `user` and `debug_mode`), three standard RISC-V machine
 interrupts (`MTI`, `MEI`, `MSI`), a single non-maskable interrupt plus 16 _fast interrupt requests_ as custom extensions.
 It also supports **all** standard RISC-V exceptions (instruction/load/store misaligned address & bus access fault, illegal
-instruction, breakpoint, environment call). As a special "execution safety" extension, _all_ invalid, reserved or
-malformed instructions will raise an exception.
+instruction, breakpoint, environment call)
+(see :books: [_"Full Virtualization"_](https://stnolting.github.io/neorv32/#_full_virtualization)).
 
 
 ### Available ISA Extensions

diff --git a/docs/datasheet/cpu.adoc b/docs/datasheet/cpu.adoc
@@ -475,7 +475,7 @@ A custom CSR `mzext` is available that can be used to check for implemented `Z*`
 
 [NOTE]
 All undefined/unimplemented/malformed/illegal instructions do raise an illegal instruction exception
-(see <<_execution_safety>>).
+(see <<_full_virtualization>>).
 
 
 ==== **`Zfinx`** Single-Precision Floating-Point Operations
@@ -723,31 +723,25 @@ include::cpu_csr.adoc[]
 <<<
 // ####################################################################################################################
 :sectnums:
-==== Execution Safety
-
-The hardware of the NEORV32 CPU was designed for maximum *execution safety*. If the `Zicsr` CPU
-extension is enabled, the core supports **all** traps specified by the official RISC-V specifications (obviously,
-not the ones that are related to yet unimplemented extensions/features). Thus, the CPU provides well-defined
-hardware fall-backs for (nearly) everything that can go wrong. Even if any kind of trap is triggered, the core
-is always in a defined and fully synchronized state throughout the whole architecture (i.e. no need to make
-out-of-order operations undone) that allows predictable execution behavior at any time.
-
-**Core Safety Features**
-
-* Due to the acknowledged memory accesses the CPU is _always_ sync with the memory system (no speculative execution / out-of-order states).
-* The CPU supports all bus exceptions including bus access exceptions that are triggered if an
-accessed address does not respond or encounters an internal error during access (which is a rare
-feature in many open-source RISC-V cores).
-* The CPU raises an illegal instruction trap for **all** unimplemented/malformed/illegal instructions (to support _full_ virtualization).
-* If user-level code tries to read from machine-level-only CSRs (like `mstatus`) an illegal instruction
-exception is raised. The results of this operations is always zero (though, machine-level
-code handling this exception can modify the target register of the illegal access-causing
-instruction to allow full virtualization). Illegal write accesses to machine CSRs will not be write any data at all.
-* Illegal user-level memory accesses to protected addresses or address regions (via physical memory
-protection) will not be conducted at all (no actual write and no actual read; prevents triggering of
-memory-mapped devices). Illegal load operations will not return any data (the instruction's
-destination register will not be written at all).
-
+==== Full Virtualization
+
+Just like the RISC-V ISA the NEORV32 aims to support _ maximum virtualization_ capabilities
+on CPU _and_ SoC level. The CPU supports **all** traps specified by the official RISC-V specifications.footnote:[If the `Zicsr` CPU
+extension is enabled (implementing the full set of the privileged architecture).]
+Thus, the CPU provides defined hardware fall-backs for any expected and unexpected situation (e.g. executing an
+malformed instruction word or accessing a not-allocated address). For any kind of trap the core is always in a
+defined and fully synchronized state throughout the whole architecture (i.e. there are no out-of-order operations that
+have to be made undone). This allows predictable execution behavior - and thus, defined operations to resolve the cause
+of the trap - at any time improving overall _execution safety_.
+
+**NEORV32-Specific Virtualization Features**
+
+* Due to the acknowledged memory accesses the CPU is _always_ sync with the memory system
+(i.e. there is no speculative execution / no out-of-order states).
+* The CPU supports _all_ RISC-V bus exceptions including access exceptions that are triggered if an
+accessed address does not respond or encounters an internal error during access.
+* The CPU raises an illegal instruction trap for _all_ unimplemented/malformed/illegal instructions.
+* To be continued...
 
 
 <<<

diff --git a/docs/datasheet/overview.adoc b/docs/datasheet/overview.adoc
@@ -115,6 +115,7 @@ RISC-V compatibility, _customization_ and _ease of use_. See the <<_project_key_
 ** RISC-V compatibility: passes the official architecture tests
 ** base architecture + privileged architecture (optional) + ISA extensions (optional)
 ** rich set of customization options (ISA extensions, design goal: performance / area (/ energy), ...)
+** aims to support <<_full_virtualization>> capabilities (CPU _and_ SoC) to increase execution safety
 ** official https://github.com/riscv/riscv-isa-manual/blob/master/marchid.md[RISC-V open source architecture ID]
 * **NEORV32 Processor (SoC)**: highly-configurable full-scale microcontroller-like processor system
 ** based on the NEORV32 CPU