diff --git a/hdl/rtl/hydra_core.vhd b/hdl/rtl/hydra_core.vhd
index 5a89bd963e553028e9cc86bfdc906fe0dd448ee4..e04a89595272096bc56c7c1d14f2d9df50294ad1 100644
--- a/hdl/rtl/hydra_core.vhd
+++ b/hdl/rtl/hydra_core.vhd
@@ -40,6 +40,7 @@ entity hydra_core is
g_SIM_SEU_PERIOD : natural := 0);
port(
clk_sys_i : in std_logic;
+ clk_cpu_i : in std_logic_vector(3 downto 1);
rst_n_i : in std_logic;
cpu_rst_n_i : in std_logic;
@@ -56,7 +57,8 @@ entity hydra_core is
-- Set to clear DRAM while cpu reset.
dram_clr_i : in std_logic;
- cpu_err_o : out std_logic
+ cpu_flt_o : out std_logic;
+ cpu_rst_o : out std_logic
);
end hydra_core;
@@ -90,7 +92,7 @@ architecture arch of hydra_core is
end function f_x_to_zero;
signal cpu_rst, cpu_rst2 : std_logic_vector(1 to 3);
- signal cpu_rst_err : std_logic;
+ signal cpu_rst_err, cpu_flt : std_logic;
signal cpu_sync : std_logic_vector(1 to 3);
signal im_addr : std_logic_vector(31 downto 0);
@@ -98,7 +100,7 @@ architecture arch of hydra_core is
signal im_rd, im_valid : std_logic;
signal im1_done, im1_dm_en, im1_err : std_logic;
signal im2_err, im2_valid : std_logic;
- signal err_cpu_dm : std_logic;
+ signal err_cpu_im, err_cpu_dm : std_logic;
signal dm_addr, dm_data_s, dm_data_l : std_logic_vector(31 downto 0);
signal dm_data_select : std_logic_vector(3 downto 0);
@@ -144,10 +146,11 @@ architecture arch of hydra_core is
signal reset_cause_cpu, reset_cause_wd : std_logic;
signal reset_cause_iram_ecc, reset_cause_dram_ecc : std_logic;
+ signal reset_cause_recovery : std_logic;
signal dram_scrub_period, iram_scrub_period : std_logic_vector(15 downto 0);
-- Initial watchdog period.
- constant wd_init : std_logic_vector(31 downto 0) := x"0000_0400";
+ constant wd_init : std_logic_vector(31 downto 0) := x"0000_07ff";
signal wd_period, wd_period_val, wd_counter, wd_key_val : std_logic_vector(31 downto 0);
signal wd_period_wr, wd_key_wr, wd_timeout : std_logic;
@@ -158,7 +161,7 @@ architecture arch of hydra_core is
type t_state is (S_VOTER, S_LOCK);
signal state : t_state;
- signal cpu_recovery, cpu_recovery_in : std_logic;
+ signal cpu_recovery, cpu_recovery_in, cpu_recovery_wr : std_logic;
begin
dwb_o <= dwb_out;
@@ -167,6 +170,7 @@ begin
inst_cpus : entity work.hydra_triple_cpu
port map (
clk_i => clk_sys_i,
+ clk_cpu_i => clk_cpu_i,
cpu_rst_i => cpu_rst2,
im_addr_o => im_addr,
im_rd_o => im_rd,
@@ -183,6 +187,7 @@ begin
cpu_sync_o => cpu_sync,
dm_force_divergence_i => dm_force_divergence,
+ err_cpu_im_o => err_cpu_im,
err_cpu_dm_o => err_cpu_dm);
-- Add registers on uRV data bus
@@ -519,6 +524,7 @@ begin
-- Any fatal error that should reset cpus
cpu_rst_err <= dram_ecc_fatal or iram_ecc_fatal or wd_timeout;
+ cpu_flt <= '1' when cpu_sync = "000" or cpu_rst_err = '1' else '0';
inst_sv_regs: entity work.hydra_supervisor_regs
port map (
@@ -530,6 +536,7 @@ begin
reset_cause_iram_ecc_i => reset_cause_iram_ecc,
reset_cause_dram_ecc_i => reset_cause_dram_ecc,
reset_cause_watchdog_i => reset_cause_wd,
+ reset_cause_recovery_i => reset_cause_recovery,
cpu_reset_i => cpu_rst,
cpu_reset_o => open,
cpu_recovery_i => cpu_recovery,
@@ -566,21 +573,27 @@ begin
dram_scrub_period_o => dram_scrub_period
);
- process (clk_sys_i) is
+ cpu_recovery_wr <= cpu_wr and cpu_recovery_in;
+
+ p_reset: process (clk_sys_i) is
begin
if rising_edge(clk_sys_i) then
- cpu_err_o <= '0';
+ cpu_rst_o <= '0';
+ cpu_flt_o <= '0';
if rst_n_i = '0' or cpu_rst_n_i = '0' then
state <= S_VOTER;
cpu_rst <= (others => '1');
- cpu_recovery <= '0';
- nbr_cpu_data_err <= (others => '0');
- nbr_cpu_iaddr_err <= (others => '0');
- reset_cause_cpu <= '0';
- reset_cause_iram_ecc <= '0';
- reset_cause_dram_ecc <= '0';
- reset_cause_wd <= '0';
+ if rst_n_i = '0' then
+ cpu_recovery <= '0';
+ nbr_cpu_data_err <= (others => '0');
+ nbr_cpu_iaddr_err <= (others => '0');
+ reset_cause_cpu <= '0';
+ reset_cause_iram_ecc <= '0';
+ reset_cause_dram_ecc <= '0';
+ reset_cause_wd <= '0';
+ reset_cause_recovery <= '0';
+ end if;
else
case state is
when S_VOTER =>
@@ -596,33 +609,32 @@ begin
if err_cpu_dm = '1' then
nbr_cpu_data_err <= std_logic_vector(unsigned(nbr_cpu_data_err) + 1);
end if;
+ if err_cpu_im = '1' then
+ nbr_cpu_iaddr_err <= std_logic_vector(unsigned(nbr_cpu_iaddr_err) + 1);
+ end if;
if cpu_sync = "110" or cpu_sync = "101" or cpu_sync = "011" then
-- Disable the cpu out of sync.
cpu_rst <= not cpu_sync;
- -- Error counter
- nbr_cpu_iaddr_err <= std_logic_vector(unsigned(nbr_cpu_iaddr_err) + 1);
-- Go to lock-step
state <= S_LOCK;
end if;
when S_LOCK =>
- if cpu_wr = '1' and cpu_recovery_in = '1' then
+ if cpu_recovery_wr = '1' then
-- Start recovery (reset)
cpu_recovery <= '1';
end if;
end case;
- if cpu_sync = "000"
- or cpu_rst_err = '1'
- or (err_cpu_dm = '1' and state = S_LOCK)
- or (cpu_wr = '1' and cpu_recovery_in = '1')
- then
+ if cpu_flt = '1' or cpu_recovery_wr = '1' then
-- Fatal error
cpu_rst <= (others => '1');
reset_cause_cpu <= not cpu_rst_err;
reset_cause_iram_ecc <= iram_ecc_fatal;
reset_cause_dram_ecc <= dram_ecc_fatal;
reset_cause_wd <= wd_timeout;
- cpu_err_o <= '1';
+ reset_cause_recovery <= cpu_recovery_wr;
+ cpu_flt_o <= cpu_flt;
+ cpu_rst_o <= cpu_recovery_wr;
state <= S_VOTER;
end if;
end if;
diff --git a/hdl/rtl/hydra_supervisor_regs.cheby b/hdl/rtl/hydra_supervisor_regs.cheby
index 363bade9a54651b98725ef393918f72da0e185f1..51ed88bf28472e9c93fc2a905d99f717283ca68f 100644
--- a/hdl/rtl/hydra_supervisor_regs.cheby
+++ b/hdl/rtl/hydra_supervisor_regs.cheby
@@ -27,6 +27,10 @@ memory-map:
name: watchdog
description: Watchdog timeout
range: 3
+ - field:
+ name: recovery
+ description: Software recovery
+ range: 4
- reg:
name: cpu
description: state of cpus
diff --git a/hdl/rtl/hydra_supervisor_regs.vhd b/hdl/rtl/hydra_supervisor_regs.vhd
index 8c3b900e57ab596f1f380e3131ceb884ab8098b8..da86429dd91870594f5eed4feacb24beb22c92a6 100644
--- a/hdl/rtl/hydra_supervisor_regs.vhd
+++ b/hdl/rtl/hydra_supervisor_regs.vhd
@@ -23,6 +23,8 @@ entity hydra_supervisor_regs is
reset_cause_dram_ecc_i : in std_logic;
-- Watchdog timeout
reset_cause_watchdog_i : in std_logic;
+ -- Software recovery
+ reset_cause_recovery_i : in std_logic;
-- state of cpus
-- CPU under reset due to divergence (RO)
@@ -397,14 +399,15 @@ begin
-- Process for read requests.
process (adr_int, rd_req_int, reset_cause_cpu_i, reset_cause_iram_ecc_i,
- reset_cause_dram_ecc_i, reset_cause_watchdog_i, cpu_reset_i,
- cpu_recovery_i, force_divergence_i, wd_period_i, wd_count_i,
- iram_ecc_se_i, iram_scrub_cycle_i, iram_scrub_se_i,
- iram_scrub_de_curr_i, iram_scrub_de_last_i, dram_ecc_se_i,
- dram_scrub_cycle_i, dram_scrub_se_i, dram_scrub_de_curr_i,
- dram_scrub_de_last_i, cpu_data_err_i, cpu_iaddr_err_i,
- dram_ecc_mask_reg, iram_de_addr_i, scrub_cfg_iram_en_i,
- scrub_cfg_dram_en_i, iram_scrub_period_reg, dram_scrub_period_reg) begin
+ reset_cause_dram_ecc_i, reset_cause_watchdog_i,
+ reset_cause_recovery_i, cpu_reset_i, cpu_recovery_i,
+ force_divergence_i, wd_period_i, wd_count_i, iram_ecc_se_i,
+ iram_scrub_cycle_i, iram_scrub_se_i, iram_scrub_de_curr_i,
+ iram_scrub_de_last_i, dram_ecc_se_i, dram_scrub_cycle_i,
+ dram_scrub_se_i, dram_scrub_de_curr_i, dram_scrub_de_last_i,
+ cpu_data_err_i, cpu_iaddr_err_i, dram_ecc_mask_reg, iram_de_addr_i,
+ scrub_cfg_iram_en_i, scrub_cfg_dram_en_i, iram_scrub_period_reg,
+ dram_scrub_period_reg) begin
-- By default ack read requests
rd_dat_d0 <= (others => 'X');
force_divergence_rd_o <= '0';
@@ -416,7 +419,8 @@ begin
rd_dat_d0(1) <= reset_cause_iram_ecc_i;
rd_dat_d0(2) <= reset_cause_dram_ecc_i;
rd_dat_d0(3) <= reset_cause_watchdog_i;
- rd_dat_d0(31 downto 4) <= (others => '0');
+ rd_dat_d0(4) <= reset_cause_recovery_i;
+ rd_dat_d0(31 downto 5) <= (others => '0');
when "00001" =>
-- Reg cpu
rd_ack_d0 <= rd_req_int;
diff --git a/hdl/rtl/hydra_triple_cpu.vhd b/hdl/rtl/hydra_triple_cpu.vhd
index c0b819634b4ddab6348fa1ae6870a6a989e3c52c..8fdbfe013729d977fafb16180e0630baf298e597 100644
--- a/hdl/rtl/hydra_triple_cpu.vhd
+++ b/hdl/rtl/hydra_triple_cpu.vhd
@@ -7,6 +7,7 @@ entity hydra_triple_cpu is
port (
clk_i : in std_logic;
cpu_rst_i : in std_logic_vector(3 downto 1);
+ clk_cpu_i : in std_logic_vector(3 downto 1);
im_data_i : in std_logic_vector (31 downto 0);
im_valid_i : in std_logic;
im_addr_o : out std_logic_vector (31 downto 0);
@@ -21,12 +22,15 @@ entity hydra_triple_cpu is
dm_load_o : out std_logic;
-- True when a cpu is in sync with at least another one.
- -- (ie same outputs on the instruction bus)
+ -- (ie same outputs on the bus)
cpu_sync_o : out std_logic_vector(3 downto 1);
-- If set, will give different values to each cpu.
dm_force_divergence_i : in std_logic;
+ -- Set to 1 if an output differs on the instruction bus
+ err_cpu_im_o : out std_logic;
+
-- Set to 1 if an output differs on the data bus
err_cpu_dm_o : out std_logic);
end entity hydra_triple_cpu;
@@ -39,6 +43,8 @@ architecture arch of hydra_triple_cpu is
signal dm_data_select : t_slv4_x3;
signal im_rd, dm_store, dm_load : t_sl_x3;
+ signal ok_im : std_logic_vector(3 downto 1);
+
signal ok_dm_addr, ok_dm_data, ok_dm_select, ok_dm_load, ok_dm_store, ok_dm : std_logic_vector(3 downto 1);
begin
gen_triple: for i in 1 to 3 generate
@@ -50,7 +56,7 @@ begin
g_with_hw_div => 0
)
port map (
- clk_i => clk_i,
+ clk_i => clk_cpu_i(i),
rst_i => cpu_rst_i(i),
irq_i => '0',
im_addr_o => im_addr(i),
@@ -153,7 +159,7 @@ begin
constant n1 : natural := 1 + (i + 1) mod 3;
constant n2 : natural := 1 + (i + 2) mod 3;
begin
- cpu_sync_o(n0) <= '1' when cpu_rst_i(n0) = '1'
+ ok_im(n0) <= '1' when cpu_rst_i(n0) = '1'
or (im_rd(n0) = '0' and (im_rd(n1) = '0' or im_rd(n2) = '0'))
or (im_rd(n0) = '1' and ((im_rd(n1) = '1' and im_addr(n1) = im_addr(n0))
or (im_rd(n2) = '1' and im_addr(n2) = im_addr(n0)))) else '0';
@@ -185,6 +191,8 @@ begin
end generate;
+ cpu_sync_o <= ok_im and ok_dm;
err_cpu_dm_o <= '1' when ok_dm /= "111" else '0';
+ err_cpu_im_o <= '1' when ok_im /= "111" else '0';
end arch;
diff --git a/sw/include/hydra_supervisor_regs.h b/sw/include/hydra_supervisor_regs.h
index 54c4ab3cf713a3ee91432afc919d19d7aab268f0..9fe046ad60899621611f3ef2eb1a7a28f4857656 100644
--- a/sw/include/hydra_supervisor_regs.h
+++ b/sw/include/hydra_supervisor_regs.h
@@ -8,6 +8,7 @@
#define HYDRA_SUPERVISOR_REGS_RESET_CAUSE_IRAM_ECC 0x2UL
#define HYDRA_SUPERVISOR_REGS_RESET_CAUSE_DRAM_ECC 0x4UL
#define HYDRA_SUPERVISOR_REGS_RESET_CAUSE_WATCHDOG 0x8UL
+#define HYDRA_SUPERVISOR_REGS_RESET_CAUSE_RECOVERY 0x10UL
/* state of cpus */
#define HYDRA_SUPERVISOR_REGS_CPU 0x4UL