Project

General

Profile

Actions

Leon3/FT fault tolerance

The explanations hereafter are extracted from the Gaisler IP cores user's manual (grip.pdf).
There are two aspects in the fault tolerance: register file protection and cache protection. Each aspect is managed using a specific register:
  • Cache protection is managed with the CCR (Cache Control Register) located in ASI 2, offet 0x00
  • Register file protection is managed with the ASR16, Register protection control register
ASI 2 contains a few control registers that have not been assigned as ancillary state registers. These should only be read and written using 32-bit LDA/STA instructions. All cache registers are accessed through load/store operations to the alternate address space (LDA/STA), using ASI = 2. Here are the register addresses:
  • 0x00 Cache control register
  • 0x04 Reserved
  • 0x08 Instruction cache configuration register
  • 0x0C Data cache configuration register

The ASR16 can be read using the DSU3 IP core, it is located at the following address: 0x90000000 (DSU3) + 0x400040.

Cache Control Register (ASI 2, offset 0x00)

The cache control register located at ASI 0x2, offset 0, and contains control and status registers for the I and D cache.

Default values:
  • 20:19 FT scheme (FT) - “01” => 4-bit checking implemented
Cache control register:
  • 31:30 Reserved for future implementations
  • 29 Register file test select (RFT). If set, will allow the read-out of IU register file checkbits via ASI 0x0F. Only available if fault-tolerance is enabled (FT field in this register is non-zero).
  • 28 Parity Select (PS) - if set diagnostic read will return 4 check bits in the lsb bits, otherwise tag or data word is returned. Only available if fault-tolerance is enabled (FT field in this register is non-zero).
  • 27:24 Test Bits (TB) - if set, check bits will be xored with test bits TB during diagnostic write. Only available if fault-tolerance is enabled (FT field in this register is non-zero).
  • 23 Data cache snoop enable (DS) - if set, will enable data cache snooping.
  • 22 Flush data cache (FD). If set, will flush the instruction cache. Always reads as zero.
  • 21 Flush Instruction cache (FI). If set, will flush the instruction cache. Always reads as zero.
  • 20:19 FT scheme (FT) - “00” = no FT, “01” = 4-bit checking implemented
  • 18 Reserved for future implementations
  • 17 Separate snoop tags (ST). This read-only bit is set if separate snoop tags are implemented.
  • 16 Instruction burst fetch (IB). This bit enables burst fill during instruction fetch.
  • 15 Instruction cache flush pending (IP). This bit is set when an instruction cache flush operation is in progress
  • 14 Data cache flush pending (DP). This bit is set when an data cache flush operation is in progress.
  • 13:12 Instruction Tag Errors (ITE) - Number of detected parity errors in the instruction tag cache. Only available if fault-tolerance is enabled (FT field in this register is non-zero).
  • 11:10 Instruction Data Errors (IDE) - Number of detected parity errors in the instruction data cache. Only available if fault-tolerance is enabled (FT field in this register is non-zero).
  • 9:8 Data Tag Errors (DTE) - Number of detected parity errors in the data tag cache. Only available if fault-tolerance is enabled (FT field in this register is non-zero).
  • 7:6 Data Data Errors (DDE) - Number of detected parity errors in the data data cache. Only available iffault-tolerance is enabled (FT field in this register is non-zero).
  • 5 Data Cache Freeze on Interrupt (DF) - If set, the data cache will automatically be frozen when an asynchronous interrupt is taken.
  • 4 Instruction Cache Freeze on Interrupt (IF) - If set, the instruction cache will automatically be frozen when an asynchronous interrupt is taken.
  • 3:2 Data Cache state (DCS) - Indicates the current data cache state according to the following: X0 = disabled, 01 = frozen, 11 = enabled.
  • 1:0 Instruction Cache state (ICS) - Indicates the current data cache state according to the following: X0 = disabled, 01 = frozen, 11 = enabled.

Register protection control register (ASR16, @0x90400040)

ASR register 16 (%asr16) is used to control the IU/FPU register file SEU protection. It is possible to disable the SEU protection by setting the IDI/FDI bits, and to inject errors using the ITE/FTE bits.
Corrected errors in the register file are counted, and available in ICNT and FCNT fields. The counters saturate at their maximum value (7), and should be reset by software after read-out.

Default values:
  • 31:30 FP FT ID = 01 = 1 => 4-bit parity with restart (OK for GRFPU-light, not for GRFPU)
  • 15:14 IU FT ID = 10 = 2 => 8-bit parity without restart
  • all other bits are set to 0
Register protection control register:
  • 31:30 FP FT ID - Defines which SEU protection is implemented in the FPU (see table 1123)
  • 29:27 FP RF error counter - Number of detected parity errors in the FP register file.
  • 26:18 Reserved for future implementations
  • 17 FPU RF Test Enable - Enables FPU register file test mode. Parity bits are xored with TB before written to the FPU register file.
  • 16 FP RF protection disable (FDI) - Disables FP RF parity protection when set.
  • 15:14 IU FT ID - Defines which SEU protection is implemented in the IU (see table 1123)
  • 13:11 IU RF error counter - Number of detected parity errors in the IU register file.
  • 10:3 RF Test bits (RFTB) - In test mode, these bits are xored with correct parity bits before written to the register file.
  • 2 DP ram select (DP) - Only applicable if the IU or FPU register files consists of two dual-port rams.
  • 1 IU RF Test Enable - Enables register file test mode. Parity bits are xored with TB before written to the register file.
  • 0 IU RF protection disable (IDI) - Disables IU RF parity protection when set.

*ASI = Address Space Identifier
*ASR = Ancillary State Register

Updated by paul leroy almost 9 years ago · 18 revisions

Also available in: PDF HTML TXT