1: /*
    2:  *  i386 emulator main execution loop
    3:  *
    4:  *  Copyright (c) 2003-2005 Fabrice Bellard
    5:  *
    6:  * This library is free software; you can redistribute it and/or
    7:  * modify it under the terms of the GNU Lesser General Public
    8:  * License as published by the Free Software Foundation; either
    9:  * version 2 of the License, or (at your option) any later version.
   10:  *
   11:  * This library is distributed in the hope that it will be useful,
   12:  * but WITHOUT ANY WARRANTY; without even the implied warranty of
   13:  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
   14:  * Lesser General Public License for more details.
   15:  *
   16:  * You should have received a copy of the GNU Lesser General Public
   17:  * License along with this library; if not, write to the Free Software
   18:  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
   19:  */
   20: #include "config.h"
   21: #include "exec.h"
   22: #include "disas.h"
   23: 
   24: #if !defined(CONFIG_SOFTMMU)
   25: #undef EAX
   26: #undef ECX
   27: #undef EDX
   28: #undef EBX
   29: #undef ESP
   30: #undef EBP
   31: #undef ESI
   32: #undef EDI
   33: #undef EIP
   34: #include <signal.h>
   35: #include <sys/ucontext.h>
   36: #endif
   37: 
   38: int tb_invalidated_flag;
   39: 
   40: //#define DEBUG_EXEC
   41: //#define DEBUG_SIGNAL
   42: 
   43: #define SAVE_GLOBALS()
   44: #define RESTORE_GLOBALS()
   45: 
   46: #if defined(__sparc__) && !defined(HOST_SOLARIS)
   47: #include <features.h>
   48: #if defined(__GLIBC__) && ((__GLIBC__ < 2) || \
   49:                            ((__GLIBC__ == 2) && (__GLIBC_MINOR__ <= 90)))
   50: // Work around ugly bugs in glibc that mangle global register contents
   51: 
   52: static volatile void *saved_env;
   53: static volatile unsigned long saved_t0, saved_i7;
   54: #undef SAVE_GLOBALS
   55: #define SAVE_GLOBALS() do {                                     \
   56:         saved_env = env;                                        \
   57:         saved_t0 = T0;                                          \
   58:         asm volatile ("st %%i7, [%0]" : : "r" (&saved_i7));     \
   59:     } while(0)
   60: 
   61: #undef RESTORE_GLOBALS
   62: #define RESTORE_GLOBALS() do {                                  \
   63:         env = (void *)saved_env;                                \
   64:         T0 = saved_t0;                                          \
   65:         asm volatile ("ld [%0], %%i7" : : "r" (&saved_i7));     \
   66:     } while(0)
   67: 
   68: static int sparc_setjmp(jmp_buf buf)
   69: {
   70:     int ret;
   71: 
   72:     SAVE_GLOBALS();
   73:     ret = setjmp(buf);
   74:     RESTORE_GLOBALS();
   75:     return ret;
   76: }
   77: #undef setjmp
   78: #define setjmp(jmp_buf) sparc_setjmp(jmp_buf)
   79: 
   80: static void sparc_longjmp(jmp_buf buf, int val)
   81: {
   82:     SAVE_GLOBALS();
   83:     longjmp(buf, val);
   84: }
   85: #define longjmp(jmp_buf, val) sparc_longjmp(jmp_buf, val)
   86: #endif
   87: #endif
   88: 
   89: void cpu_loop_exit(void)
   90: {
   91:     /* NOTE: the register at this point must be saved by hand because
   92:        longjmp restore them */
   93:     regs_to_env();
   94:     longjmp(env->jmp_env, 1);
   95: }
   96: 
   97: #if !(defined(TARGET_SPARC) || defined(TARGET_SH4) || defined(TARGET_M68K))
   98: #define reg_T2
   99: #endif
  100: 
  101: /* exit the current TB from a signal handler. The host registers are
  102:    restored in a state compatible with the CPU emulator
  103:  */
  104: void cpu_resume_from_signal(CPUState *env1, void *puc)
  105: {
  106: #if !defined(CONFIG_SOFTMMU)
  107:     struct ucontext *uc = puc;
  108: #endif
  109: 
  110:     env = env1;
  111: 
  112:     /* XXX: restore cpu registers saved in host registers */
  113: 
  114: #if !defined(CONFIG_SOFTMMU)
  115:     if (puc) {
  116:         /* XXX: use siglongjmp ? */
  117:         sigprocmask(SIG_SETMASK, &uc->uc_sigmask, NULL);
  118:     }
  119: #endif
  120:     longjmp(env->jmp_env, 1);
  121: }
  122: 
  123: 
  124: static TranslationBlock *tb_find_slow(target_ulong pc,
  125:                                       target_ulong cs_base,
  126:                                       uint64_t flags)
  127: {
  128:     TranslationBlock *tb, **ptb1;
  129:     int code_gen_size;
  130:     unsigned int h;
  131:     target_ulong phys_pc, phys_page1, phys_page2, virt_page2;
  132:     uint8_t *tc_ptr;
  133: 
  134:     spin_lock(&tb_lock);
  135: 
  136:     tb_invalidated_flag = 0;
  137: 
  138:     regs_to_env(); /* XXX: do it just before cpu_gen_code() */
  139: 
  140:     /* find translated block using physical mappings */
  141:     phys_pc = get_phys_addr_code(env, pc);
  142:     phys_page1 = phys_pc & TARGET_PAGE_MASK;
  143:     phys_page2 = -1;
  144:     h = tb_phys_hash_func(phys_pc);
  145:     ptb1 = &tb_phys_hash[h];
  146:     for(;;) {
  147:         tb = *ptb1;
  148:         if (!tb)
  149:             goto not_found;
  150:         if (tb->pc == pc &&
  151:             tb->page_addr[0] == phys_page1 &&
  152:             tb->cs_base == cs_base &&
  153:             tb->flags == flags) {
  154:             /* check next page if needed */
  155:             if (tb->page_addr[1] != -1) {
  156:                 virt_page2 = (pc & TARGET_PAGE_MASK) +
  157:                     TARGET_PAGE_SIZE;
  158:                 phys_page2 = get_phys_addr_code(env, virt_page2);
  159:                 if (tb->page_addr[1] == phys_page2)
  160:                     goto found;
  161:             } else {
  162:                 goto found;
  163:             }
  164:         }
  165:         ptb1 = &tb->phys_hash_next;
  166:     }
  167:  not_found:
  168:     /* if no translated code available, then translate it now */
  169:     tb = tb_alloc(pc);
  170:     if (!tb) {
  171:         /* flush must be done */
  172:         tb_flush(env);
  173:         /* cannot fail at this point */
  174:         tb = tb_alloc(pc);
  175:         /* don't forget to invalidate previous TB info */
  176:         tb_invalidated_flag = 1;
  177:     }
  178:     tc_ptr = code_gen_ptr;
  179:     tb->tc_ptr = tc_ptr;
  180:     tb->cs_base = cs_base;
  181:     tb->flags = flags;
  182:     SAVE_GLOBALS();
  183:     cpu_gen_code(env, tb, &code_gen_size);
  184:     RESTORE_GLOBALS();
  185:     code_gen_ptr = (void *)(((unsigned long)code_gen_ptr + code_gen_size + CODE_GEN_ALIGN - 1) & ~(CODE_GEN_ALIGN - 1));
  186: 
  187:     /* check next page if needed */
  188:     virt_page2 = (pc + tb->size - 1) & TARGET_PAGE_MASK;
  189:     phys_page2 = -1;
  190:     if ((pc & TARGET_PAGE_MASK) != virt_page2) {
  191:         phys_page2 = get_phys_addr_code(env, virt_page2);
  192:     }
  193:     tb_link_phys(tb, phys_pc, phys_page2);
  194: 
  195:  found:
  196:     /* we add the TB in the virtual pc hash table */
  197:     env->tb_jmp_cache[tb_jmp_cache_hash_func(pc)] = tb;
  198:     spin_unlock(&tb_lock);
  199:     return tb;
  200: }
  201: 
  202: static inline TranslationBlock *tb_find_fast(void)
  203: {
  204:     TranslationBlock *tb;
  205:     target_ulong cs_base, pc;
  206:     uint64_t flags;
  207: 
  208:     /* we record a subset of the CPU state. It will
  209:        always be the same before a given translated block
  210:        is executed. */
  211: #if defined(TARGET_I386)
  212:     flags = env->hflags;
  213:     flags |= (env->eflags & (IOPL_MASK | TF_MASK | VM_MASK));
  214:     flags |= env->intercept;
  215:     cs_base = env->segs[R_CS].base;
  216:     pc = cs_base + env->eip;
  217: #elif defined(TARGET_ARM)
  218:     flags = env->thumb | (env->vfp.vec_len << 1)
  219:             | (env->vfp.vec_stride << 4);
  220:     if ((env->uncached_cpsr & CPSR_M) != ARM_CPU_MODE_USR)
  221:         flags |= (1 << 6);
  222:     if (env->vfp.xregs[ARM_VFP_FPEXC] & (1 << 30))
  223:         flags |= (1 << 7);
  224:     flags |= (env->condexec_bits << 8);
  225:     cs_base = 0;
  226:     pc = env->regs[15];
  227: #elif defined(TARGET_SPARC)
  228: #ifdef TARGET_SPARC64
  229:     // Combined FPU enable bits . PRIV . DMMU enabled . IMMU enabled
  230:     flags = (((env->pstate & PS_PEF) >> 1) | ((env->fprs & FPRS_FEF) << 2))
  231:         | (env->pstate & PS_PRIV) | ((env->lsu & (DMMU_E | IMMU_E)) >> 2);
  232: #else
  233:     // FPU enable . Supervisor
  234:     flags = (env->psref << 4) | env->psrs;
  235: #endif
  236:     cs_base = env->npc;
  237:     pc = env->pc;
  238: #elif defined(TARGET_PPC)
  239:     flags = env->hflags;
  240:     cs_base = 0;
  241:     pc = env->nip;
  242: #elif defined(TARGET_MIPS)
  243:     flags = env->hflags & (MIPS_HFLAG_TMASK | MIPS_HFLAG_BMASK);
  244:     cs_base = 0;
  245:     pc = env->PC[env->current_tc];
  246: #elif defined(TARGET_M68K)
  247:     flags = (env->fpcr & M68K_FPCR_PREC)  /* Bit  6 */
  248:             | (env->sr & SR_S)            /* Bit  13 */
  249:             | ((env->macsr >> 4) & 0xf);  /* Bits 0-3 */
  250:     cs_base = 0;
  251:     pc = env->pc;
  252: #elif defined(TARGET_SH4)
  253:     flags = env->flags;
  254:     cs_base = 0;
  255:     pc = env->pc;
  256: #elif defined(TARGET_ALPHA)
  257:     flags = env->ps;
  258:     cs_base = 0;
  259:     pc = env->pc;
  260: #elif defined(TARGET_CRIS)
  261:     flags = 0;
  262:     cs_base = 0;
  263:     pc = env->pc;
  264: #else
  265: #error unsupported CPU
  266: #endif
  267:     tb = env->tb_jmp_cache[tb_jmp_cache_hash_func(pc)];
  268:     if (__builtin_expect(!tb || tb->pc != pc || tb->cs_base != cs_base ||
  269:                          tb->flags != flags, 0)) {
  270:         tb = tb_find_slow(pc, cs_base, flags);
  271:         /* Note: we do it here to avoid a gcc bug on Mac OS X when
  272:            doing it in tb_find_slow */
  273:         if (tb_invalidated_flag) {
  274:             /* as some TB could have been invalidated because
  275:                of memory exceptions while generating the code, we
  276:                must recompute the hash index here */
  277:             T0 = 0;
  278:         }
  279:     }
  280:     return tb;
  281: }
  282: 
  283: #define BREAK_CHAIN T0 = 0
  284: 
  285: /* main execution loop */
  286: 
  287: int cpu_exec(CPUState *env1)
  288: {
  289: #define DECLARE_HOST_REGS 1
  290: #include "hostregs_helper.h"
  291: #if defined(TARGET_SPARC)
  292: #if defined(reg_REGWPTR)
  293:     uint32_t *saved_regwptr;
  294: #endif
  295: #endif
  296:     int ret, interrupt_request;
  297:     void (*gen_func)(void);
  298:     TranslationBlock *tb;
  299:     uint8_t *tc_ptr;
  300: 
  301:     if (cpu_halted(env1) == EXCP_HALTED)
  302:         return EXCP_HALTED;
  303: 
  304:     cpu_single_env = env1;
  305: 
  306:     /* first we save global registers */
  307: #define SAVE_HOST_REGS 1
  308: #include "hostregs_helper.h"
  309:     env = env1;
  310:     SAVE_GLOBALS();
  311: 
  312:     env_to_regs();
  313: #if defined(TARGET_I386)
  314:     /* put eflags in CPU temporary format */
  315:     CC_SRC = env->eflags & (CC_O | CC_S | CC_Z | CC_A | CC_P | CC_C);
  316:     DF = 1 - (2 * ((env->eflags >> 10) & 1));
  317:     CC_OP = CC_OP_EFLAGS;
  318:     env->eflags &= ~(DF_MASK | CC_O | CC_S | CC_Z | CC_A | CC_P | CC_C);
  319: #elif defined(TARGET_SPARC)
  320: #if defined(reg_REGWPTR)
  321:     saved_regwptr = REGWPTR;
  322: #endif
  323: #elif defined(TARGET_M68K)
  324:     env->cc_op = CC_OP_FLAGS;
  325:     env->cc_dest = env->sr & 0xf;
  326:     env->cc_x = (env->sr >> 4) & 1;
  327: #elif defined(TARGET_ALPHA)
  328: #elif defined(TARGET_ARM)
  329: #elif defined(TARGET_PPC)
  330: #elif defined(TARGET_MIPS)
  331: #elif defined(TARGET_SH4)
  332: #elif defined(TARGET_CRIS)
  333:     /* XXXXX */
  334: #else
  335: #error unsupported target CPU
  336: #endif
  337:     env->exception_index = -1;
  338: 
  339:     /* prepare setjmp context for exception handling */
  340:     for(;;) {
  341:         if (setjmp(env->jmp_env) == 0) {
  342:             env->current_tb = NULL;
  343:             /* if an exception is pending, we execute it here */
  344:             if (env->exception_index >= 0) {
  345:                 if (env->exception_index >= EXCP_INTERRUPT) {
  346:                     /* exit request from the cpu execution loop */
  347:                     ret = env->exception_index;
  348:                     break;
  349:                 } else if (env->user_mode_only) {
  350:                     /* if user mode only, we simulate a fake exception
  351:                        which will be handled outside the cpu execution
  352:                        loop */
  353: #if defined(TARGET_I386)
  354:                     do_interrupt_user(env->exception_index,
  355:                                       env->exception_is_int,
  356:                                       env->error_code,
  357:                                       env->exception_next_eip);
  358: #endif
  359:                     ret = env->exception_index;
  360:                     break;
  361:                 } else {
  362: #if defined(TARGET_I386)
  363:                     /* simulate a real cpu exception. On i386, it can
  364:                        trigger new exceptions, but we do not handle
  365:                        double or triple faults yet. */
  366:                     do_interrupt(env->exception_index,
  367:                                  env->exception_is_int,
  368:                                  env->error_code,
  369:                                  env->exception_next_eip, 0);
  370:                     /* successfully delivered */
  371:                     env->old_exception = -1;
  372: #elif defined(TARGET_PPC)
  373:                     do_interrupt(env);
  374: #elif defined(TARGET_MIPS)
  375:                     do_interrupt(env);
  376: #elif defined(TARGET_SPARC)
  377:                     do_interrupt(env->exception_index);
  378: #elif defined(TARGET_ARM)
  379:                     do_interrupt(env);
  380: #elif defined(TARGET_SH4)
  381:                     do_interrupt(env);
  382: #elif defined(TARGET_ALPHA)
  383:                     do_interrupt(env);
  384: #elif defined(TARGET_CRIS)
  385:                     do_interrupt(env);
  386: #elif defined(TARGET_M68K)
  387:                     do_interrupt(0);
  388: #endif
  389:                 }
  390:                 env->exception_index = -1;
  391:             }
  392: #ifdef USE_KQEMU
  393:             if (kqemu_is_ok(env) && env->interrupt_request == 0) {
  394:                 int ret;
  395:                 env->eflags = env->eflags | cc_table[CC_OP].compute_all() | (DF & DF_MASK);
  396:                 ret = kqemu_cpu_exec(env);
  397:                 /* put eflags in CPU temporary format */
  398:                 CC_SRC = env->eflags & (CC_O | CC_S | CC_Z | CC_A | CC_P | CC_C);
  399:                 DF = 1 - (2 * ((env->eflags >> 10) & 1));
  400:                 CC_OP = CC_OP_EFLAGS;
  401:                 env->eflags &= ~(DF_MASK | CC_O | CC_S | CC_Z | CC_A | CC_P | CC_C);
  402:                 if (ret == 1) {
  403:                     /* exception */
  404:                     longjmp(env->jmp_env, 1);
  405:                 } else if (ret == 2) {
  406:                     /* softmmu execution needed */
  407:                 } else {
  408:                     if (env->interrupt_request != 0) {
  409:                         /* hardware interrupt will be executed just after */
  410:                     } else {
  411:                         /* otherwise, we restart */
  412:                         longjmp(env->jmp_env, 1);
  413:                     }
  414:                 }
  415:             }
  416: #endif
  417: 
  418:             T0 = 0; /* force lookup of first TB */
  419:             for(;;) {
  420:                 SAVE_GLOBALS();
  421:                 interrupt_request = env->interrupt_request;
  422:                 if (__builtin_expect(interrupt_request, 0)
  423: #if defined(TARGET_I386)
  424:                         && env->hflags & HF_GIF_MASK
  425: #endif
  426:                                 ) {
  427:                     if (interrupt_request & CPU_INTERRUPT_DEBUG) {
  428:                         env->interrupt_request &= ~CPU_INTERRUPT_DEBUG;
  429:                         env->exception_index = EXCP_DEBUG;
  430:                         cpu_loop_exit();
  431:                     }
  432: #if defined(TARGET_ARM) || defined(TARGET_SPARC) || defined(TARGET_MIPS) || \
  433:     defined(TARGET_PPC) || defined(TARGET_ALPHA) || defined(TARGET_CRIS)
  434:                     if (interrupt_request & CPU_INTERRUPT_HALT) {
  435:                         env->interrupt_request &= ~CPU_INTERRUPT_HALT;
  436:                         env->halted = 1;
  437:                         env->exception_index = EXCP_HLT;
  438:                         cpu_loop_exit();
  439:                     }
  440: #endif
  441: #if defined(TARGET_I386)
  442:                     if ((interrupt_request & CPU_INTERRUPT_SMI) &&
  443:                         !(env->hflags & HF_SMM_MASK)) {
  444:                         svm_check_intercept(SVM_EXIT_SMI);
  445:                         env->interrupt_request &= ~CPU_INTERRUPT_SMI;
  446:                         do_smm_enter();
  447:                         BREAK_CHAIN;
  448:                     } else if ((interrupt_request & CPU_INTERRUPT_HARD) &&
  449:                         (env->eflags & IF_MASK || env->hflags & HF_HIF_MASK) &&
  450:                         !(env->hflags & HF_INHIBIT_IRQ_MASK)) {
  451:                         int intno;
  452:                         svm_check_intercept(SVM_EXIT_INTR);
  453:                         env->interrupt_request &= ~(CPU_INTERRUPT_HARD | CPU_INTERRUPT_VIRQ);
  454:                         intno = cpu_get_pic_interrupt(env);
  455:                         if (loglevel & CPU_LOG_TB_IN_ASM) {
  456:                             fprintf(logfile, "Servicing hardware INT=0x%02x\n", intno);
  457:                         }
  458:                         do_interrupt(intno, 0, 0, 0, 1);
  459:                         /* ensure that no TB jump will be modified as
  460:                            the program flow was changed */
  461:                         BREAK_CHAIN;
  462: #if !defined(CONFIG_USER_ONLY)
  463:                     } else if ((interrupt_request & CPU_INTERRUPT_VIRQ) &&
  464:                         (env->eflags & IF_MASK) && !(env->hflags & HF_INHIBIT_IRQ_MASK)) {
  465:                          int intno;
  466:                          /* FIXME: this should respect TPR */
  467:                          env->interrupt_request &= ~CPU_INTERRUPT_VIRQ;
  468:                          svm_check_intercept(SVM_EXIT_VINTR);
  469:                          intno = ldl_phys(env->vm_vmcb + offsetof(struct vmcb, control.int_vector));
  470:                          if (loglevel & CPU_LOG_TB_IN_ASM)
  471:                              fprintf(logfile, "Servicing virtual hardware INT=0x%02x\n", intno);
  472:                          do_interrupt(intno, 0, 0, -1, 1);
  473:                          stl_phys(env->vm_vmcb + offsetof(struct vmcb, control.int_ctl),
  474:                                   ldl_phys(env->vm_vmcb + offsetof(struct vmcb, control.int_ctl)) & ~V_IRQ_MASK);
  475:                         BREAK_CHAIN;
  476: #endif
  477:                     }
  478: #elif defined(TARGET_PPC)
  479: #if 0
  480:                     if ((interrupt_request & CPU_INTERRUPT_RESET)) {
  481:                         cpu_ppc_reset(env);
  482:                     }
  483: #endif
  484:                     if (interrupt_request & CPU_INTERRUPT_HARD) {
  485:                         ppc_hw_interrupt(env);
  486:                         if (env->pending_interrupts == 0)
  487:                             env->interrupt_request &= ~CPU_INTERRUPT_HARD;
  488:                         BREAK_CHAIN;
  489:                     }
  490: #elif defined(TARGET_MIPS)
  491:                     if ((interrupt_request & CPU_INTERRUPT_HARD) &&
  492:                         (env->CP0_Status & env->CP0_Cause & CP0Ca_IP_mask) &&
  493:                         (env->CP0_Status & (1 << CP0St_IE)) &&
  494:                         !(env->CP0_Status & (1 << CP0St_EXL)) &&
  495:                         !(env->CP0_Status & (1 << CP0St_ERL)) &&
  496:                         !(env->hflags & MIPS_HFLAG_DM)) {
  497:                         /* Raise it */
  498:                         env->exception_index = EXCP_EXT_INTERRUPT;
  499:                         env->error_code = 0;
  500:                         do_interrupt(env);
  501:                         BREAK_CHAIN;
  502:                     }
  503: #elif defined(TARGET_SPARC)
  504:                     if ((interrupt_request & CPU_INTERRUPT_HARD) &&
  505:                         (env->psret != 0)) {
  506:                         int pil = env->interrupt_index & 15;
  507:                         int type = env->interrupt_index & 0xf0;
  508: 
  509:                         if (((type == TT_EXTINT) &&
  510:                              (pil == 15 || pil > env->psrpil)) ||
  511:                             type != TT_EXTINT) {
  512:                             env->interrupt_request &= ~CPU_INTERRUPT_HARD;
  513:                             do_interrupt(env->interrupt_index);
  514:                             env->interrupt_index = 0;
  515: #if !defined(TARGET_SPARC64) && !defined(CONFIG_USER_ONLY)
  516:                             cpu_check_irqs(env);
  517: #endif
  518:                         BREAK_CHAIN;
  519:                         }
  520:                     } else if (interrupt_request & CPU_INTERRUPT_TIMER) {
  521:                         //do_interrupt(0, 0, 0, 0, 0);
  522:                         env->interrupt_request &= ~CPU_INTERRUPT_TIMER;
  523:                     }
  524: #elif defined(TARGET_ARM)
  525:                     if (interrupt_request & CPU_INTERRUPT_FIQ
  526:                         && !(env->uncached_cpsr & CPSR_F)) {
  527:                         env->exception_index = EXCP_FIQ;
  528:                         do_interrupt(env);
  529:                         BREAK_CHAIN;
  530:                     }
  531:                     /* ARMv7-M interrupt return works by loading a magic value
  532:                        into the PC.  On real hardware the load causes the
  533:                        return to occur.  The qemu implementation performs the
  534:                        jump normally, then does the exception return when the
  535: