Try   HackMD

Trebuchet Notes

This is a bunch of unstructured notes compiled for Trebuchet.

Resources

Linux Kernel Source Notes

  • see arch/mips/kernel/traps.c for the interrupt install logic
  • main interrupt handler is implemented by except_vec3_generic. And it's installed at 0x80 and 0x180.
  • mips entry point is at arch/mips/kernel/head.S
  • Kernel quirk: See arch/mips/mm/tlb-r4k.c
    • The ELPA bit is only set in PageGrain if the cpu "has rixi". So in order to take advantage of large addressing trebuchet may have to support rixi.

Linux Kconfig

These are the settings you'll find in make menuconfig:

  • System type - Malta board system
  • Endianess - Big endian
  • CPU Selection - MIPS64r2
  • Kernel type / code model - 64-bit
  • custom initramfs source (under General setup)
  • (optional) Disable compressed initramfs (so none compression type) for faster emulation at linux boot.

Building MIPS Kernel Image

Make sure you have the essential cross-compile packages. On Ubuntu:

sudo apt-get install crossbuild-essential-mips64 gcc-mips64-linux-gnuabi64

Then build the kernel:

export ARCH=mips
EXPORT CROSS_COMPILE=mips64-linux-gnuabi64-
git clone https://github.com/torvalds/linux
cd linux
# ensure you have the core kernel build tools
sudo apt-get install build-essential bc bison flex libssl-dev libelf-dev
cp /path/to/custom.kconfig .config
make defconfig
make -j8

Building MIPS64 Go program

env GOOS=linux GOARCH=mips64 GOMIPS64=softfloat go build -o hello.mips64 ./main.go

R4000 Notes

The R4000 processor supports the following interrupts: six hardware interrupts, one internal “timer interrupt,” two software interrupts, and one nonmaskable interrupt. The processor takes an exception on any interrupt.

Exception Vector Locations

Exception Vector Base Addresses

The 64-bit-mode vector base address for all exceptions; the 32-bit mode address is the low-order 32 bits (for instance, the base address for NMI in 32-bit mode is 0xBFC0 0000):

Exception BEV 0 BEV 1
Cache Error 0xFFFF FFFF A000 0000 0xFFFF FFFF BFC0 0200
Others 0xFFFF FFFF 8000 0000 0xFFFF FFFF BFC0 0200
Reset, NMI, Soft Reset 0xFFFF FFFF BFC0 0000 0xFFFF FFFF BFC0 0000

Exception Vector Offsets

The vector offset added to the base address to create the exception address

Exception R4000 Processor Vector Offset
TLB refill, EXL = 0 0x000
XTLB refill, EXL = 0 (X = 64-bit TLB) 0x080
Cache Error 0x100
Others 0x180
Reset, Soft Reset, NMI None

Exception Priority Order

  • Reset
  • Soft Reset
  • NMI
  • Address error - instruction fetch
  • TLB refill - instruction fetch
  • TLB invalid - instruction fetch
  • Cache error - instruction fetch
  • Virtual Coherency - instruction fetch
  • Bus Error - instruction fetch
  • Integer Overflow, Trap, System Call, Breakpoint, Reserved Instruction, Coprocessor Unusable
  • Address Error - data access
  • TLB refill - data access
  • TLB invalid - data access
  • TLB modified - data write
  • Cache error - data access
  • Watch
  • Virtual Coherency – Data access
  • Bus error – Data access
  • Interrupt (lowest priority)

Emulating using Qemu

Emulating the mips64 bzImage on qemu using a custom init:

 qemu-system-mips64 -singlestep -d in_asm,cpu -M malta -cpu MIPS64R2-generic -kernel vmlinux -nographic -append "console=ttyS0 rdinit=/bin/hello.mips64"

Useful to quickly check how qemu emulates certain instructions. The -singlestep -d in_asm,cpu flags will dump the CPU state of every executed instruction.

TODOs

  • Cache line size (see the Config register). It's 8K for I and D cache on the r4k. But might be worth tweaking. But I wouldn't be surprised if Linux doesn't handle non-standard sizes correctly here.

Hardware Page Table Walk?

Basically to assist in page fault handling by checking page tables in the emulator, rather than rely on Linux to do this. This should reduce the overhead of emualting page faults. But we have to ensure linux supports this before emualting. This can be dealt with later if we see performance issues in the VM.

CP0 Notes

LLAddr

Contains the phyiscal address read by the most recent load linked instruction. The ISA states it's for diagnostic purposes only. But for trebuchet, it might be required to properly emulate and use for RMW emulation. Similar to how its counterpart is used in cannon.

Config5

No need to reset. Segmentation control is a MIPS64 release 3 feature and not supported by Trebuchet. Same deal with EVA.
However, we will need to support RI/XI due to a Linux quirk.

PRId

On r4k, this should be set to 0x04.

PageMask

Always zeroed for 4KB pages.

Last changed by 
inphi
0
21

Read more

Multi-threaded Cannon (Experim

Multi-threaded Cannon (Experimental)

Aug 16, 2024
Proto-Danksharding (EIP-4844) Devnet v3 User Guide

Getting Devnet-3 ETH You can request devnet ETH from the deployed Multifaucet: https://eip4844-faucet.vercel.app/ Uploading Blobs Blobs can be uploaded by sending blob transactions to geth. blob-utils is a handy script that makes it easy to send blob transactions: blob-utils tx\ -rpc-url <your_geth_rpc_url>\ -blob-file <blob_file>\ -to <to_address>\

Dec 24, 2022
Prysm x Geth EIP4844 Interop (h/t @terencechain)

Prysm setup Clone the eip4844 branch in the Prysm repo and build the binaries $ git clone https://github.com/prysmaticlabs/prysm.git $ cd prysm $ git checkout eip4844 $ bazel build //cmd/prysmctl $ bazel build //cmd/beacon-chain $ bazel build //cmd/validator $ cd ../

Dec 19, 2022
Proto-Danksharding (EIP-4844) Devnet **v2** User Guide

[toc] What's Changed? Please read through this document carefully as there have been some changes since the first Devnet. Here's a summary: The geth and beacon clients have been updated New geth and beacon genesis Some beacon chain and execution networking parameters have changed New geth/prysm bootstrap node addresses Blob-utils has been updated to support Devnet v2

Oct 12, 2022
Read more from inphi
Published on HackMD