

# EE 457 Unit 8

Exceptions "What Happens When Things Go Wrong"

User and Kernel Mode, Coprocessor Registers

### BACKGROUND

USC Viterbi (8.3)

School of Engineering

### **MIPS Programmer-Visible Registers**

н

- MIPS locates other important registers in logical "\_\_\_\_\_\_
- Why not just have more numbered GPRs (\$0-\$63)?
  - Would require \_\_\_\_\_ in the instruction format
- Coprocessor 0 Registers
  - Status Register
    - Holds various control bits for processor modes, handling interrupts, etc.
  - Cause Register
    - Holds information about exception
- Coprocessor 1 Registers
  - Floating-point registers used for single or double-precision (i.e. at least 64-bits wide)

|           | GPR's        |            |             |   |
|-----------|--------------|------------|-------------|---|
|           | *            |            |             |   |
|           | \$0 - \$31   | \$fC       | ) - \$f31   |   |
|           |              |            |             |   |
|           |              |            |             |   |
|           |              |            |             |   |
|           |              |            |             |   |
|           |              |            |             |   |
|           |              |            |             |   |
|           | <b>└───→</b> |            |             |   |
|           | 32-bits      | 64         | or more     |   |
|           |              | Coproc     | essor 1 –   |   |
| PC:       |              | Floating-  | point Regs. |   |
|           |              | _          |             |   |
|           |              | Status:    |             |   |
|           |              |            |             |   |
| HI:       |              | Cause:     |             |   |
|           |              | Control    |             |   |
| LO:       |              |            | cessor 0 –  | _ |
|           |              | Status & C | Control Reg | S |
| MIPS Core |              |            |             |   |
|           |              |            |             |   |

### Special Purpose Registers

### **MIPS Coprocessor Register Access**

- Normal MIPS instructions \_\_\_\_\_\_ access coprocessor registers directly (since instruction format does not have enough bits)
- Coprocessor registers can be accessed via the mfc0 (move from c0) and mtc0 (move to c0) instructions
- mfc0 \$gpr,\$c0\_reg
  - R[gpr] = C0[c0\_reg]
- mtc0 \$gpr,\$c0\_reg
  - C0[c0\_reg] = R[gpr]
- Sequence:
  - Move value from coprocessor register to normal GPR
  - Process that value with regular MIPS instructions
  - Move value back to coprocessor register



Special Purpose Registers

USC Viterbi

School of Engineering

### User vs. Kernel Mode **Kernel Mode Privileges** Kernel mode is a special mode of the processor for executing trusted ( ) 0xffffffff Kernel code Privileged instructions Space are only allowed to code running in kernel Certain 0xc000000 - User apps. shouldn't be allowed to mode disable/enable interrupts, change OS and other system software should run in kernel mode memory mappings, etc. User mode is where user applications are designed to run to limit what Privileged Memory or I/O access they can do on their own User - Provides protection by forcing them to use the OS for many services Space - Processor supports special areas of User vs. kernel mode determined by some bit(s) in some processor control memory or I/O space that can only be register accessed from kernel mode x86 Architecture uses lower 2-bits in the CS segment register (referred to as Separate stacks and register sets 0x0000000 the Current Privilege Level bits [CPL]) Address MIPS: User Mode bit in the processor status register MIPS processors can use "shadow" Space register sets (alternate GPR's when in On an exception, the processor will automatically switch to kernel mode). kernel mode What are Exceptions? • Exceptions are "rare" events that cause a in normal Can be synchronous (called by an instruction in the program) - Traps or (calls from user apps to OS functions) • Can be asynchronous (triggered by the hardware) **EXCEPTIONS OVERVIEW** Response: The processor \_\_\_\_\_ must call a "predetermined" routine (aka "handler" or "service routine")

#### Sync. Exceptions: System Calls/Traps **Exception Processing** Exception handling is similar to a subroutine ('jal') call but performed A controlled-method for user application calling OS automatically by the hardware services Must save PC of offending instruction, program state, and any information needed to return afterwards • Switches processor to "kernel" mode of the processor the pipeline using the hardware already present for branches/jumps Execute the software handler by loading the with its start address (must be preset where certain privileges are enabled that we would not or looked up by the hardware without help from software) want normal user apps to access Execute the handler routine to deal with the exception Return and restore the state User Program System Exception Handler MIPS System call addi \$v0,\$0,5 // \$v0 = service num. // enter OS syscall 1. Exception occurs Exception occur 2. Save State 3. Call handler **Instruction Tracing and Breakpoint** x86 System Call (old DOS OS call) Single-stepping & Breakpoint in x86 6. Resume normal IN AH, 01H TF PSW Return from execution INT 20H // getchar() 4. Restore state exception Processor Trap Flag 5. Return Status Word USC Viterbi **Exception Examples 1 Exception Examples 2** Example Action Example Stage Stage Action Page Faults Precise I/O Device Interrupt WB Take ASAP • Virtual memory access fault (no Page Table entry resident in A peripheral device requires action from the CPU memory) (Interrupt I/O Driven) Misaligned Memory Address EΧ Abort Operating System Calls ("Traps") [e.g. File Open] ID Precise Address is not multiple of operand size Process Trap instruction causes processor to enter kernel mode **Memory Protection Violations** Abort Address is out of bounds; RWX violation Process Instruction Tracing and Breakpoints ID Precise Undefined Instructions Precise When TRAP Bit is set all instructions cause exceptions · Decode unit does not recognize opcode or other fields (Why not Particular instructions are flagged for exceptions Could be useful to extend the instruction set abort)

Hardware failure

**Power Failure** 

compromised

much state as possible

Unrecoverable hardware error is detected; execution is

Power has fallen below a threshold; Trap to software to save as

WB

WB

Take ASAP

Take ASAP

(debugging)

EΧ

Precise

**Arithmetic Exceptions** 

• Overflow or Divide-by-0

#### **Review: Exception Processing MIPS Coprocessor 0 Registers** Save necessary state to be able to restart the process Status Register Save of offending instruction Enables and disables the handling of exceptions/interrupts - Controls user/kernel processor modes Call an appropriate to deal with · Kernel mode allows access to certain regions of the address space the error / interrupt / syscall and execution of certain instructions Handler identifies cause of exception and handles it Cause Register: Indicates which exception/interrupt May need to save more state occurred Restore state and return to offending application (or Register kill it if recovery is impossible) - Indicates the address of the instruction causing the exception This is also the instruction we should return to after handling the exception (similar to for 8.15 **Status Register Cause Register** Cause Code Register 13 in coprocessor 0 Allows software to understand the state of the processor and 0 Interrupt (HW) to control whether certain exceptions (interrupts) are ignored 4, 5 Load (4), Store (5) Bit definitions Address Error Register 12 in coprocessor 0 BD – Branch Delay Instruc. (6), Data (7) Bus 6.7 The offending instruction was in the branch IM[7:0] – Interrupt Mask bits (1 = ignore / 0 = allow) Error delay slot 8 Syscall UM – User Mode (1 = User mode / 0 = Kernel Mode) EPC points at the branch but it was EPC+4 9 Breakpoint ERL/EXL = Exception/Error Level that caused the exception 10 **Reserved Instruc.** - PI[7:0] - Pending Interrupt 1 = Already handling exception or error / 0 = Normal exec. CoProc. Unusable 11 1 = Interrupt Requested / 0 = No interrupt If either bit is '1' processor is also said to be in kernel mode requested 12 Arith. Overflow IE = Interrupt Enable Exception Code – Indicates cause of 13 Trap • 1 = Allow unmasked interrupts / 0 = Ignore all interrupts exception (see table) 15 **Floating Point** 8 7 6 2 1 0 31 Status Cause 등은 0 Exception Code 0 0 Register Register

#### **Problem of Calling a Handler EPC** Register Exception PC holds the address of the offending • We can't use explicit jal instructions to call instruction exception handlers since we don't - Can be used along with 'Cause' register to find and correct some error conditions instruction used to return from exception Many instructions could cause .text an error condition. Or a handler and back to execution point in original code MAIN: hardware event like a keyboard (unless handling the error means having the OS kill press could occur at any point in the code. the process) Operation: PC = EPCίr \$ra 31 EPC = **Exception PC** Address of instruction that generated the exception USC Viterbi (8.19) Handler Calling Methods Solution for Calling a Handler Method 1: Single for master Since we don't know when an exception will occur there must be a preset ٠ location where an exception handler should be defined or some way of telling handler the processor in advance where our exception handlers will be located Early MIPS architecture defines that the exception handler should be located at 0x8000 0180. Code there 0xffffffff 0xffffffff 0xffffffff Kernel Kernel Kernel should then examine CAUSE register and then call Space Space Space appropriate handler routine INT 2 Hand. x3 Method 2: \_\_\_\_\_ (usually for INT n Hand. 0x80000??? interrupts) INT 2 Hand. 0x80000300 x1 Handler 1 - Each interrupt handler at a different address based on INT 1 Hand 0x80000200 x2 INT 1 Hand. Exception Exception interrupt number (a.k.a. vector) (INT1 @ 0x80000200, 0x80000180 0x80000180 Handler Handler INT2 @ 0x80000300) 0x80000000 0x80000000 0x80000000 Method 3: Table in memory holding start address of exception User User User handlers (i.e. overflow exception handler pointer at Space Space Space 0x0004, FP exception handler pointer at 0x0008, etc.) 0x0000000 0x0000000 0x0000000 Method 1 Method 2 Method 3

### "PRECISE" EXCEPTIONS

## **Precise Exceptions**

- Precise Exceptions: A pipelined or advanced out-oforder execution processor's exception handling should \_\_\_\_\_\_to exceptions on a single-cycle CPU.
  - Any instructions BEFORE the offending instruction should
    \_\_\_\_\_ before the handler runs
  - Any instructions AFTER the offending instruction should not appear to have executed (\_\_\_\_\_\_memory or register)
- Very difficult in architectures in which multiple instruction execute concurrently (i.e. our 5-stage pipeline)

## Why are Exceptions So Important?

- Exceptions are part of the ISA (Instruction Set Architecture) specification
- Any implementation of an ISA must comply with its "Exception model"
- Precise exception handling constrains what the architecture can do
  - Exceptions are rare yet we must functionally support them
  - If we did not have to comply to the exception model, architects would have a lot more freedom in their design

When designing micro-architectures for the common case, exceptions must always be in the back of your mind!

USC Viterbi

## **Exceptions in the 5-Stage Pipeline**

- To support precise exceptions in the 5-stage pipeline we must...
  - Identify the pipeline stage and instruction causing the exceptions
    - Any stage can trigger an exception (except for the WB stage)
  - Identify the cause of the exception
  - Save the process state at the faulting instruction
    - Including registers, PC, and cause
    - Usually done by software exception handler
  - Complete the execution of instructions preceding the faulting instruction
  - Flush instruction following the faulting instruction plus the faulting instruction
  - Transfer control to exception handler

Use many of the same mechanisms as conditional branches.



## Simplify the Process

- It is not practical to take an exception in the cycle when it happens
  - Multiple exceptions in the same cycle
  - It is complex to take exception in various pipeline stages since we have to take them in program order and not temporal order
- Instead, we will just tag an instruction in the pipeline if it causes and exception (recording the cause and EPC)
  - Turn the offending instruction into a NOOP (bubble)
  - Let the instructions continue to flow down the pipeline and handle the offending instruction's execution in the WB stage
    - The cause and status info is carried down the pipe via stage registers
  - Exception remains \_\_\_\_\_ until it reaches the WB stage
  - Exceptions are then processed into the WB stage



USC Viterbi

# Simplified Processing

- Precise exceptions are now taken in WB along with other HW interrupts
- Faulting instructions "carry" their cause and EPC values through the pipeline stage registers
- Only one set of EPC and CAUSE registers in the WB stage
- When an instruction flagged as faulting reaches the WB stage
  - Flush IF, ID, EX, MEM
    - Make sure that if a \_\_\_\_\_\_ stage that it is not allowed to write
  - $-\,$  Load the handler address in the PC
  - Make sure EPC & Cause are software-readable (movable to GPR's)

This is a general approach to dealing with exceptions in the processor: Wait until the faulting instruction exits the machine to trigger the handling procedure

# Handling in WB Stage

• Handling in WB stage helps deal with temporal vs. program order issues

