I got a weird system crash. The crash happens at the move instruction in MIPS processor. There is no memory access over this instruction - a register to register movement. I assume that the crash happens at the move instruction since the epc holds the address of the very next instruction.
jr ra;
move v0,a0;
lw a0,16(a0);
What can cause this?
And ePC holding third instruction even after jr instruction, is this due to pipelining.
Given that EPC holds the address of the third instruction after the JR, then the crash is happening at that instruction. The MOVE instruction is in the branch delay slot of the JR, so it is executed before the JR. The JR returns to the LW instruction, which is where EPC is telling you that the crash is happening.
Incidentally, the MOVE instruction cannot cause any exceptions in the MIPS architecture (except for page faults on the instruction fetch).
Related
I want to understand what exactly an interrupt is for my 6502 work-alike processor project in Logisim.
I know that an interrupt does the following steps:
Stops the current program from processing
Saves all unfinished data into the stack
Does "SOMETHING"
Loads back the unfinished data and let's the program keep running normally.
My question is: what happens during that "SOMETHING" step? Does the program counter get redirected to a special program to be executed? Something like reading the pressed button's ASCII code and saving that into a register or some memory location? If so, where is that special program usually stored in the memory? And can you make such a CPU that will handle different kinds of interrupts? Maybe if you press the button "a" then it's ASCII will be stored in A register, but if you press the button "b" then it will be stored in X register?
Any help is greatly appreciated.
Edit: Thanks to everybody for answers. I learned a lot and now can proceed with my project.
My question is: what happens during that "SOMETHING" step? Does the program counter get redirected to a special program to be executed?
What happens with a 6502 maskable interrupt is this:
the interrupt is raised (by this I mean the interrupt pin on the chip is forced low.
when it's time to execute a new instruction, the 6502 checks if the interrupt pin is low and the interrupt mask in the status register is not set. If either is not thew case i.e. if the interrupt pin is high or the interrupt mask is high, the CPU just carries on.
Assuming an interrupt is required, the CPU saves the PC on the stack
The CPU then saves the status register on the stack but with the B bit set to 0. The B bit is the "break" bit. It would be set to 1 for a BRK instruction and that is the only way to tell the difference between a hardware interrupt and a BRK instruction.
The CPU then fetches the address at locations $FFFE and $FFFF and stuffs it into the PC, so execution begins again at that address.
That's all it does. Everything else is up to the programmer until the programmer executes an RTI, then the status word and the return address are pulled off the stack and restored into their respective registers. It is the programmer's responsibility to save any registers and other data.
Does the program counter get redirected to a special program to be executed? Something like reading the pressed button's ASCII code and saving that into a register or some memory location?
That is correct. In 6502 based computer systems, there are three vectors at the top of memory:
$FFFA - $FFFB : Non maskable interrupt (as above except the I bit in the status register is ignored).
$FFFC - $FFFD : Reset vector used when the CPU detects a reset
$FFFE - $FFFF : Normal interrupt vector.
The above are usually in ROM because the reset vector (at least) has to be there when the CPU powers up. Each address will point to a routine in the machine's operating system for handling interrupts.
Typically, the interrupt routine will first do an indirect jump through a vector stored in RAM. This allows the interrupt routine to be changed when the machine is running.
Then the interrupt routine has to determine the source of the interrupt. For example, on the Commodore PET thew interrupt might originate from the VIA chip or either of the PIA chips and each of those may raise an interrupt for various reasons e.g. one of the PIA chips raises an interrupt when the monitor does a vertical blank i.e. when it finishes scanning the screen and goes back to the top line. During this interrupt, the PET executes a routine to scan the keyboard and another routine to invert the cursor. Another interrupt might occur when the VIA timer hits zero and the programmer can insert an interrupt routine to, for example toggle an output line to generate a square wave for sound.
Some answers to questions in the comments.
program counter goes to address $FFFE to get relocate to the address
No, the program counter is set to whatever is at that address. If you have:
FFFE: 00
FFFF: 10
the program counter will be set to $1000 (6502 is little endian) and that's where the interrupt routine must start. Also, the vector for NMI is at $FFFA. The normal interrupt shares $FFFE with the BRK instruction, not the NMI.
What exactly the reset vector does? Does it reset the cpu?
The reset vector contains the location of the code that runs after the processor has been powered on or when a reset occurs.
What's the difference between NMI and IRQ? Then I also would like to know what's up with masking? Is it the way to set the "I" flag in Processor Status Register high or low?
The 6502 status register contains seven flags. Mostly they are to do with the results of arithmetic instructions e.g. Z is set if the result of an operation is zero, C is set when an operation overflows eight bits and for shifts. The I flag enables and disables the normal interrupt (IRQ). If it's zero, interrupts on IRQ will be respected. If it's 1, interrupts are disabled. You can set it and disable it manually with the SEI and CLI instructions and it is set automatically when an interrupt occurs (this is to prevent an interrupt from interrupting an interrupt).
NMI is a non maskable interrupt. The difference is that it ignores the state of the I flag and uses a different vector.
And finally, what are vectors? Are they synonymous for indirect addresses?
Yes.
Oh, and if you do know, how are interrupt addresses starting from $FFFA stored in ROM instead of RAM in real 6502?
You have to arrange for the address decoding logic to point those address at ROM instead of RAM. In fact, in Commodore systems the whole block from $F000 is ROM containing part of the operating system. The same probably applies to most other 6502 based systems.
There are four types of interrupt on the 6502: RESET, NMI, IRQ and BRK. The first three are hardware interrupts and the last is a software interrupt. The hardware interrupts have physical input voltages on pins on the microprocessor itself. The software interrupt is caused by a BRK instruction.
All interrupts are 'vectored'. That means when they occur the program counter (PC) is immediately loaded from an address stored in memory, and instruction execution continues from that address.
The addresses are stored as two bytes little endian format at the end of the 64k memory space. They are (in hex):
NMI $FFFA/$FFFB
RESET $FFFC/$FFFD
IRQ $FFFE/$FFFF
BRK $FFFE/$FFFF
In the case of NMI, IRQ and BRK, the current PC address is pushed on to the stack, before loading the interrupt address. The processor status register is also pushed on to the stack.
Pushing the registers on to the stack, is enough information to resume execution after the interrupt has been serviced (processed). The A, X and Y registers however, are not pushed automatically on to the stack. Instead the interrupt service routine should do this if necessary - and pull them back off the stack at the end of the service.
Notice that the IRQ and BRK vectors have the same address. In order to distinguish what happened in your service code, you need to examine the Break Bit of the pushed processor status register. The Break Bit is set if the interrupt came from a BRK instruction.
The currently executing instruction will always be completed before servicing the interrupt.
There are many subtleties to interrupt processing. One of which is which type of interrupt wins in the case that they happen (asserted) at the same time. Another is the point at which an interrupt occurs during the instruction cycle. If the interrupt occurs before the penultimate cycle of the instruction, then it will be serviced on the next instruction. If on or after the penultimate cycle, then it will be delayed until one instruction after.
IRQ interrupts can be 'switched off' or ignored by setting a bit in the processor status register, using the SEI instruction.
Typically the interrupt service routine needs to determine the cause of the interrupt (disc drive, keyboard etc.) and to make sure the interrupt condition is cleared and perform any processing (e.g. putting key presses into a buffer). It can normally do this by reading/writing specific memory locations which are mapped to hardware.
There is more information at this link: https://www.pagetable.com/?p=410
Some more information on how interrupts work in a real 8 bit machine (pages 59, 86, 295): BBC Microcomputer Advanced User Guide
And more information on the physical chip package where you can see the NMI, RES(ET) and IRQ pins on the chip package itself (pages 2,3): 6502 Datasheet
I guess you ask for hardware interrupt (IRQ or NMI). At your step 2 in stack (not in stack register) are stored program counter and flags register. Later you call RTI to resume program execution. The program counter is loaded with start address of "something" which is interrupt subroutine or program to process the interrupt. It has to store A, X, Y registers if need to modify their values and restore them before RTI. The IRQ interrupt can be masked (delayed) with I flag and NMI is non-maskable i.e. it is always processed. They have different addresses for subroutine.
An interrupt is the signal to the running processor by means of hardware or software so that the processor will give attention to that action and does the action according to the interrupt message.
There are three kinds of interrupt:
Internal interrupt :- which include the clock cycle interrupt ,in which cpu has to perform the certain action until the particular time and has to go to perform for the another operation.
Software interrupt:- This interrupt is occurred when the problem or errors occurs in the software itself. For example user tries to divide something by zero and error occurs. And there is interrupt.
External interrupt:- External interrupt is caused by IO devices for example mouse and keyboards.
Cpu is designed to handle such type of interrupt and resumes the process before the interrupt occurred.
On some architectures (e.g. x86) the Interrupt Vector Table (IVT) is indeed what it says on the tin: a table of vectors, aka pointers. Each vector holds the address of an Interrupt Service Routine (ISR). When an Interrupt Request (IRQ) occurs, the CPU saves some context and loads the vector into the PC register, thus jumping to the ISR. so far so good.
But on some other architectures (e.g. ARM) the IVT contains executable code, not pointers. When an IRQ occurs, the CPU saves some context and executes the vector. But there is no space in between these "vectors", so there is no room for storing the ISR there. Thus each "vector instruction" typically just jumps to the proper ISR somewhere else in memory.
My question is: what are the advantages of the latter approach ?
I would kinda understand if the ISRs themselves had fixed well-known addresses, and were spaced out so that reasonnable IRSs would fit in-place. Then we would save one indirection level, though at the expense of some fragmentation. But this "compact jump table" approach seems to have no advantage at all. What did I miss ?
Some of the reasons, but probably not all of them (I'm pretty much self educated in these matters):
You can have fall through (one exception does nothing, and just goes to the next in the table)
The FIQ interrupt (Fast Interrupt Requests) is the last in the table, and as the name suggest, it's used for devices that need immediate and low latency processing.
It means you can just put that ISR in there (no jumping), and process it as fast as possible. Also, the way FIQ was thought with it's dedicated registers, it allows for optimal implementation of FIQ handlers. See https://en.wikipedia.org/wiki/Fast_interrupt_request
I think it has do with simplifying the processor's hardware.
If you have machine instructions (jump instructions) in the vector interrupt table, the only extra thing the processor has to do when it has to jump to an interrupt handler is to load the address of the corresponding interrupt vector in the PC.
Whereas, if you have addresses in the interrupt vector table, the processor must be able to read the interruption handler start address from memory, and then jump to it.
The extra hardware required to read from memory and writing to a register is more complex than the required to just writing to a register.
I'm trying just for the fun to design a more complex Z80 CP/M system with a lot of peripheral devices. When reading the documentation I stumbled over an (undocumented?) behaviour of the Z80 CPU, when accepting an interrupt in IM0.
When an interrupt occurs, the Z80 activates M1 and IORQ to signal the external device: "Hey, give me an opcode". All is well if the opcode is rst 00 or something like this. Now the documentation tells, ANY opcode of any command can be given to the cpu, for instance a CALL.
But now comes the undocumented part: "The first byte of a multi-byte instruction is read during the interrupt acknowledge cycle. Subsequent bytes are read in by a normal memory read sequence."
A "normal memory read sequence". How can I determine, if the CPU wants to get a byte from memory or instead the next byte from the device?
EDIT: I think, I found a (good?) solution: I can dectect the start of the interrupt acknowlegde cycle by analyzing IORQ and M1. Also I can detect the next "normal" opcode fetch by analyzing MREQ and M1. This way I can install a flip-flop triggered by these two ANDed signals, i.e. the flip-flop is 1 as long as the CPU reads data from the io-device. This 1 I can use to inhibit the bus drivers to and from the memory.
My intentions? I'm designing an interrupt controller with 8 prioritized inputs in a CPLD. It's registers hold a 16 bit address for each interrupt pin. Just for the fun :-)
My understanding is that the peripheral device is required:
to know how many bytes it needs to feed;
to respond to normal read cycles following the IORQ cycle; and
to arrange that whatever would normally respond to memory read cycles does not do so for the duration.
Also the behaviour was documented by Zilog in an application note, from which your quote originates (presumably uncredited).
In practice I guess 99.99% of IM0 users just use an RST and 99.99% of the rest use a known-size instruction like CALL xxxx.
(also I'm aware of a few micros that effectively guaranteed not to put anything onto the bus during an interrupt cycle, thereby turning IM0 into a synonym of IM1 owing to open collector output).
The interrupt behavior is reasonably documented in the Z80 manual:
Interupt modes, IM2 allows you to supply an 8-bit address to a 16-bit pointer. At least halfway to the desired 16-bit direct address.
How to set the interrupt modes
My understanding is that the M1 + IORQ combination is used since there was no pin left for a dedicated interrupt response. A fun detail is also that the Zilog I/O chips like PIO, SIO, CTC reads the RETI instruction (as the CPU fetches it) to learn that the CPU is ready to accept another interrupt.
Is it possible to determine whether a method in FreeRTOS is being invoked from the context of an ISR (interrupt service request) or a task at runtime? Maybe an existing function already exists for this or maybe it is possible to write a method that examines the stack somehow?
There are two ways to do this. I'm using a Cortex-M7 microcontroller. So I'm not 100% sure this works for your Cortex-M3. But it's worth checking in your datasheets.
FIRST APPROACH
Check the CPU registers of your Cortex-M core. Normally you have the usual R0-R12 CPU registers, a SP (Stack Pointer), a LR (Link Register) and a PC (Program Counter). There are a few extra 'special' CPU registers, more specifically: PSR, PRIMASK, FAULTMASK, BASEPRI and CONTROL. That's it for the Cortex-M7 core.
Now consider the PSR register. The PSR register stands for "Program Status Register". There is a bitfield ISR_NUMBER[8:0] in it. If it has the value 0, the CPU is in "thread mode". Thread mode is the normal non-interrupt mode. If the value is nonzero, your CPU is executing an interrupt. What interrupt? The value in ISR_NUMBER[8:0] tells you the interrupt number.
Reading the value of the PSR register is not trivial. You need to use specific assembly instruction to do that. There is no quick way to do it in C. You will need the MSR (Move general to special reg) and MRS (move special to general reg) instructions. Of course, inline assembly will make it possible to put it smoothly in your C-code :-)
SECOND APPROACH
There is a second approach. Unlike the previous one, you don't need to read out a CPU register. Instead, this second approach requires you to read out the value of a 'general' register (like there are a few thousand in your microcontroller). The register I'm referring to is the ICSR(Interrupt Control and State) register. This register is located in the SCB "System Control Block". The register has a bitfield named VECTACTIVE[8:0]. Again, this bitfield contains the number of the active interrupt. If the value is 0, the CPU is in thread mode, which means that no interrupt is currently running.
Hope this helps.
How do interrupts work on the Intel 8080? I have searched Google and in Intel's official documentation (197X), and I've found only a little description about this. I need a detailed explanation about it, to emulate this CPU.
The 8080 has an Interrupt line (pin 14). All peripherals are wired to this pin, usually in a "wire-OR" configuration (meaning interrupt request outputs are open-collector and the interrupt pin is pulled high with a resistor). Internally, the processor has an Interrupt Enable bit. Two instructions, EI and DI, set and clear this bit. The entire interrupt system is thus turned on or off, individual interrupts cannot be masked on the "bare" 8080. When a device issues an interrupt, the processor responds with an "Interrupt Acknowledge" (~INTA) signal. This signal has the same timing as the "Memory Read" (~MEMR) signal and it is intended to trigger the peripheral device to place a "Restart" instruction on the data bus. The Interrupt Acknowledge signal is basically an instruction fetch cycle, it occurs only in response to an interrupt.
There are eight Restart instructions, RST 0 - RST 7. RST 7 is opcode "0xFF". The Restart instructions cause the processor to push the program counter on the stack and commence execution at a restart vector location. RST 0 vectors to 0x0000, RST 1 vectors to 0x0008, RST 2 vectors to 0x0010 and so on. Restart 7 vectors to 0x0038. These vector addresses are intended to contain executable code, generally a jump instruction to an interrupt service routine. The Interrupt Service Routine will stack all of the registers it uses, perform the necessary I/O functions, unstack all the registers and return to the main program via the same return instruction that ends subroutines (RET, opcode 0xC9).
Restart instructions are actual opcodes, meaning they will do the same thing if they are fetched from memory during program execution. It was convenient to use Restart 7 as "warm restart" for a keyboard monitor / debugger program because early EPROMs generally contained 0xFF in each blank location. If you were executing blank EPROM, that meant something had gone awry and you probably wanted to go back to the monitor anyway.
Note that RST 0 vectors to the same memory location as RESET, both start executing at 0x0000. But RST 0 leaves a return address on the stack. In a way, RESET can be thought of as the only non-maskable interrupt the 8080 had.
An interrupt signal will also clear the Interrupt bit so an Interrupt Service Routine will need to execute an EI instruction, generally immediately before the RET. Otherwise, the system will respond to one and only one interrupt event.
CP/M reserved the first 256 bytes of memory for system use -- and that interrupt vector map used the first 64 bytes (8 bytes per Restart instruction). On CP/M systems, RAM started at 0x0000 and any ROM lived at the top end of memory. These systems used some form of clever bank switching to switch in an EPROM or something immediately after a RESET to provide a JUMP instruction to the system ROM so it could begin the boot sequence. Systems that had ROM at the low end of the memory map programmed JUMP instructions to vectors located in RAM into the first 64 bytes. These systems had to initialize those RAM vectors at startup.
The 8080 was dependent on external hardware to control its handling of interrupts, so it is impossible to generalize. Look for information on the Intel 8214 or 8259 interrupt controllers.
I finally find it!
I create a variable called bus where interruption opcode goes.
Then, I called a function to handle the interruption:
void i8080::interruption()
{
// only for RST
cycles -= cycles_table[bus];
instruction[bus]();
INT = false;
}
INT is true when needs an interruption.
EI and DI instructions handle INTE.
When INT and INTE is true interruption is executed.
Function pointers to the interrupt handlers are stored in the low memory.
Some 32 or so of the first addresses are hardware interrupts: hardware triggered.
The next 32 or so address are user-triggerable, these are called software interrupts. They are triggered by an INT instruction.
The parameter to INT is the software interrupt vector number, which will be the interrupt called.
You will need to use the IRET instruction to return from interrupts.
It's likely you should also disable interrupts as the first thing you do when entering an interrupt.
For further detail, you should refer to the documentation for your specific processor model, it tends to vary widely.
An interrupt is a way of interrupting the cpu with a notification to handle something else, I am not certain of the Intel 8080 chip, but from my experience, the best way to describe an interrupt is this:
The CS:IP (Code Segment:Instruction Pointer) is on this instruction at memory address 0x0000:0020, as an example for the sake of explaining it using the Intel 8086 instructions, the assembler is gibberish and has no real meaning...the instructions are imaginative
0x0000:001C MOV AH, 07
0x0000:001D CMP AH, 0
0x0000:001E JNZ 0x0020
0x0000:001F MOV BX, 20
0x0000:0020 MOV CH, 10 ; CS:IP is pointing here
0x0000:0021 INT 0x15
When the CS:IP points to the next line and an INTerrupt 15 hexadecimal is issued, this is what happens, the CPU pushes the registers and flags onto the stack and then execute code at 0x1000:0100, which services the INT 15 as an example
0x1000:0100 PUSH AX
0x1000:0101 PUSH BX
0x1000:0102 PUSH CX
0x1000:0103 PUSH DX
0x1000:0104 PUSHF
0x1000:0105 MOV ES, CS
0x1000:0106 INC AX
0x1000:0107 ....
0x1000:014B IRET
Then when the CS:IP hits on the instruction 0x1000:014B, an IRET (Interrupt RETurn), which pops off ALL registers and restore the state, is issued and when it gets executed the CPU's CS:IP points back to here, after the instruction at 0x0000:0021.
0x0000:0022 CMP AX, 0
0x0000:0023 ....
How the CPU knows where to jump to a particular offset is based on the Interrupt Vector table, this interrupt vector table is set by the BIOS at a particular location in the BIOS, it would look like this:
INT BIOS's LOCATION OF INSTRUCTION POINTER
--- --------------------------------------
0 0x3000
1 0x2000
.. ....
15 0x1000 <--- THIS IS HOW THE CPU KNOWS WHERE TO JUMP TO
That table is stored in the BIOS and when the INT 15 is executed, the BIOS, will reroute the CS:IP to the location in the BIOS to execute the service code that handles the interrupt.
Back in the old days, under Turbo C, there was a means to override the interrupt vector table routines with your own interrupt handling functions using the functions setvect and getvect in which the actual interrupt handlers were re-routed to your own code.
I hope I have explained it well enough, ok, it is not Intel 8080, but that is my understanding, and would be sure the concept is the same for that chip as the Intel x86 family of chips came from that.