qemu/target-microblaze/op_helper.c
Blue Swirl b14ef7c9ab Fix unassigned memory access handling
cea5f9a28f exposed bugs in unassigned memory
access handling. Fix them by always passing CPUState to the handlers.

Reported-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-07-20 21:28:08 +00:00

521 lines
12 KiB
C

/*
* Microblaze helper routines.
*
* Copyright (c) 2009 Edgar E. Iglesias <edgar.iglesias@gmail.com>.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, see <http://www.gnu.org/licenses/>.
*/
#include <assert.h>
#include "exec.h"
#include "helper.h"
#include "host-utils.h"
#define D(x)
#if !defined(CONFIG_USER_ONLY)
#define MMUSUFFIX _mmu
#define SHIFT 0
#include "softmmu_template.h"
#define SHIFT 1
#include "softmmu_template.h"
#define SHIFT 2
#include "softmmu_template.h"
#define SHIFT 3
#include "softmmu_template.h"
/* Try to fill the TLB and return an exception if error. If retaddr is
NULL, it means that the function was called in C code (i.e. not
from generated code or from helper.c) */
/* XXX: fix it to restore all registers */
void tlb_fill (target_ulong addr, int is_write, int mmu_idx, void *retaddr)
{
TranslationBlock *tb;
CPUState *saved_env;
unsigned long pc;
int ret;
/* XXX: hack to restore env in all cases, even if not called from
generated code */
saved_env = env;
env = cpu_single_env;
ret = cpu_mb_handle_mmu_fault(env, addr, is_write, mmu_idx, 1);
if (unlikely(ret)) {
if (retaddr) {
/* now we have a real cpu fault */
pc = (unsigned long)retaddr;
tb = tb_find_pc(pc);
if (tb) {
/* the PC is inside the translated code. It means that we have
a virtual CPU fault */
cpu_restore_state(tb, env, pc);
}
}
cpu_loop_exit(env);
}
env = saved_env;
}
#endif
void helper_put(uint32_t id, uint32_t ctrl, uint32_t data)
{
int test = ctrl & STREAM_TEST;
int atomic = ctrl & STREAM_ATOMIC;
int control = ctrl & STREAM_CONTROL;
int nonblock = ctrl & STREAM_NONBLOCK;
int exception = ctrl & STREAM_EXCEPTION;
qemu_log("Unhandled stream put to stream-id=%d data=%x %s%s%s%s%s\n",
id, data,
test ? "t" : "",
nonblock ? "n" : "",
exception ? "e" : "",
control ? "c" : "",
atomic ? "a" : "");
}
uint32_t helper_get(uint32_t id, uint32_t ctrl)
{
int test = ctrl & STREAM_TEST;
int atomic = ctrl & STREAM_ATOMIC;
int control = ctrl & STREAM_CONTROL;
int nonblock = ctrl & STREAM_NONBLOCK;
int exception = ctrl & STREAM_EXCEPTION;
qemu_log("Unhandled stream get from stream-id=%d %s%s%s%s%s\n",
id,
test ? "t" : "",
nonblock ? "n" : "",
exception ? "e" : "",
control ? "c" : "",
atomic ? "a" : "");
return 0xdead0000 | id;
}
void helper_raise_exception(uint32_t index)
{
env->exception_index = index;
cpu_loop_exit(env);
}
void helper_debug(void)
{
int i;
qemu_log("PC=%8.8x\n", env->sregs[SR_PC]);
qemu_log("rmsr=%x resr=%x rear=%x debug[%x] imm=%x iflags=%x\n",
env->sregs[SR_MSR], env->sregs[SR_ESR], env->sregs[SR_EAR],
env->debug, env->imm, env->iflags);
qemu_log("btaken=%d btarget=%x mode=%s(saved=%s) eip=%d ie=%d\n",
env->btaken, env->btarget,
(env->sregs[SR_MSR] & MSR_UM) ? "user" : "kernel",
(env->sregs[SR_MSR] & MSR_UMS) ? "user" : "kernel",
(env->sregs[SR_MSR] & MSR_EIP),
(env->sregs[SR_MSR] & MSR_IE));
for (i = 0; i < 32; i++) {
qemu_log("r%2.2d=%8.8x ", i, env->regs[i]);
if ((i + 1) % 4 == 0)
qemu_log("\n");
}
qemu_log("\n\n");
}
static inline uint32_t compute_carry(uint32_t a, uint32_t b, uint32_t cin)
{
uint32_t cout = 0;
if ((b == ~0) && cin)
cout = 1;
else if ((~0 - a) < (b + cin))
cout = 1;
return cout;
}
uint32_t helper_cmp(uint32_t a, uint32_t b)
{
uint32_t t;
t = b + ~a + 1;
if ((b & 0x80000000) ^ (a & 0x80000000))
t = (t & 0x7fffffff) | (b & 0x80000000);
return t;
}
uint32_t helper_cmpu(uint32_t a, uint32_t b)
{
uint32_t t;
t = b + ~a + 1;
if ((b & 0x80000000) ^ (a & 0x80000000))
t = (t & 0x7fffffff) | (a & 0x80000000);
return t;
}
uint32_t helper_carry(uint32_t a, uint32_t b, uint32_t cf)
{
uint32_t ncf;
ncf = compute_carry(a, b, cf);
return ncf;
}
static inline int div_prepare(uint32_t a, uint32_t b)
{
if (b == 0) {
env->sregs[SR_MSR] |= MSR_DZ;
if ((env->sregs[SR_MSR] & MSR_EE)
&& !(env->pvr.regs[2] & PVR2_DIV_ZERO_EXC_MASK)) {
env->sregs[SR_ESR] = ESR_EC_DIVZERO;
helper_raise_exception(EXCP_HW_EXCP);
}
return 0;
}
env->sregs[SR_MSR] &= ~MSR_DZ;
return 1;
}
uint32_t helper_divs(uint32_t a, uint32_t b)
{
if (!div_prepare(a, b))
return 0;
return (int32_t)a / (int32_t)b;
}
uint32_t helper_divu(uint32_t a, uint32_t b)
{
if (!div_prepare(a, b))
return 0;
return a / b;
}
/* raise FPU exception. */
static void raise_fpu_exception(void)
{
env->sregs[SR_ESR] = ESR_EC_FPU;
helper_raise_exception(EXCP_HW_EXCP);
}
static void update_fpu_flags(int flags)
{
int raise = 0;
if (flags & float_flag_invalid) {
env->sregs[SR_FSR] |= FSR_IO;
raise = 1;
}
if (flags & float_flag_divbyzero) {
env->sregs[SR_FSR] |= FSR_DZ;
raise = 1;
}
if (flags & float_flag_overflow) {
env->sregs[SR_FSR] |= FSR_OF;
raise = 1;
}
if (flags & float_flag_underflow) {
env->sregs[SR_FSR] |= FSR_UF;
raise = 1;
}
if (raise
&& (env->pvr.regs[2] & PVR2_FPU_EXC_MASK)
&& (env->sregs[SR_MSR] & MSR_EE)) {
raise_fpu_exception();
}
}
uint32_t helper_fadd(uint32_t a, uint32_t b)
{
CPU_FloatU fd, fa, fb;
int flags;
set_float_exception_flags(0, &env->fp_status);
fa.l = a;
fb.l = b;
fd.f = float32_add(fa.f, fb.f, &env->fp_status);
flags = get_float_exception_flags(&env->fp_status);
update_fpu_flags(flags);
return fd.l;
}
uint32_t helper_frsub(uint32_t a, uint32_t b)
{
CPU_FloatU fd, fa, fb;
int flags;
set_float_exception_flags(0, &env->fp_status);
fa.l = a;
fb.l = b;
fd.f = float32_sub(fb.f, fa.f, &env->fp_status);
flags = get_float_exception_flags(&env->fp_status);
update_fpu_flags(flags);
return fd.l;
}
uint32_t helper_fmul(uint32_t a, uint32_t b)
{
CPU_FloatU fd, fa, fb;
int flags;
set_float_exception_flags(0, &env->fp_status);
fa.l = a;
fb.l = b;
fd.f = float32_mul(fa.f, fb.f, &env->fp_status);
flags = get_float_exception_flags(&env->fp_status);
update_fpu_flags(flags);
return fd.l;
}
uint32_t helper_fdiv(uint32_t a, uint32_t b)
{
CPU_FloatU fd, fa, fb;
int flags;
set_float_exception_flags(0, &env->fp_status);
fa.l = a;
fb.l = b;
fd.f = float32_div(fb.f, fa.f, &env->fp_status);
flags = get_float_exception_flags(&env->fp_status);
update_fpu_flags(flags);
return fd.l;
}
uint32_t helper_fcmp_un(uint32_t a, uint32_t b)
{
CPU_FloatU fa, fb;
uint32_t r = 0;
fa.l = a;
fb.l = b;
if (float32_is_signaling_nan(fa.f) || float32_is_signaling_nan(fb.f)) {
update_fpu_flags(float_flag_invalid);
r = 1;
}
if (float32_is_quiet_nan(fa.f) || float32_is_quiet_nan(fb.f)) {
r = 1;
}
return r;
}
uint32_t helper_fcmp_lt(uint32_t a, uint32_t b)
{
CPU_FloatU fa, fb;
int r;
int flags;
set_float_exception_flags(0, &env->fp_status);
fa.l = a;
fb.l = b;
r = float32_lt(fb.f, fa.f, &env->fp_status);
flags = get_float_exception_flags(&env->fp_status);
update_fpu_flags(flags & float_flag_invalid);
return r;
}
uint32_t helper_fcmp_eq(uint32_t a, uint32_t b)
{
CPU_FloatU fa, fb;
int flags;
int r;
set_float_exception_flags(0, &env->fp_status);
fa.l = a;
fb.l = b;
r = float32_eq_quiet(fa.f, fb.f, &env->fp_status);
flags = get_float_exception_flags(&env->fp_status);
update_fpu_flags(flags & float_flag_invalid);
return r;
}
uint32_t helper_fcmp_le(uint32_t a, uint32_t b)
{
CPU_FloatU fa, fb;
int flags;
int r;
fa.l = a;
fb.l = b;
set_float_exception_flags(0, &env->fp_status);
r = float32_le(fa.f, fb.f, &env->fp_status);
flags = get_float_exception_flags(&env->fp_status);
update_fpu_flags(flags & float_flag_invalid);
return r;
}
uint32_t helper_fcmp_gt(uint32_t a, uint32_t b)
{
CPU_FloatU fa, fb;
int flags, r;
fa.l = a;
fb.l = b;
set_float_exception_flags(0, &env->fp_status);
r = float32_lt(fa.f, fb.f, &env->fp_status);
flags = get_float_exception_flags(&env->fp_status);
update_fpu_flags(flags & float_flag_invalid);
return r;
}
uint32_t helper_fcmp_ne(uint32_t a, uint32_t b)
{
CPU_FloatU fa, fb;
int flags, r;
fa.l = a;
fb.l = b;
set_float_exception_flags(0, &env->fp_status);
r = !float32_eq_quiet(fa.f, fb.f, &env->fp_status);
flags = get_float_exception_flags(&env->fp_status);
update_fpu_flags(flags & float_flag_invalid);
return r;
}
uint32_t helper_fcmp_ge(uint32_t a, uint32_t b)
{
CPU_FloatU fa, fb;
int flags, r;
fa.l = a;
fb.l = b;
set_float_exception_flags(0, &env->fp_status);
r = !float32_lt(fa.f, fb.f, &env->fp_status);
flags = get_float_exception_flags(&env->fp_status);
update_fpu_flags(flags & float_flag_invalid);
return r;
}
uint32_t helper_flt(uint32_t a)
{
CPU_FloatU fd, fa;
fa.l = a;
fd.f = int32_to_float32(fa.l, &env->fp_status);
return fd.l;
}
uint32_t helper_fint(uint32_t a)
{
CPU_FloatU fa;
uint32_t r;
int flags;
set_float_exception_flags(0, &env->fp_status);
fa.l = a;
r = float32_to_int32(fa.f, &env->fp_status);
flags = get_float_exception_flags(&env->fp_status);
update_fpu_flags(flags);
return r;
}
uint32_t helper_fsqrt(uint32_t a)
{
CPU_FloatU fd, fa;
int flags;
set_float_exception_flags(0, &env->fp_status);
fa.l = a;
fd.l = float32_sqrt(fa.f, &env->fp_status);
flags = get_float_exception_flags(&env->fp_status);
update_fpu_flags(flags);
return fd.l;
}
uint32_t helper_pcmpbf(uint32_t a, uint32_t b)
{
unsigned int i;
uint32_t mask = 0xff000000;
for (i = 0; i < 4; i++) {
if ((a & mask) == (b & mask))
return i + 1;
mask >>= 8;
}
return 0;
}
void helper_memalign(uint32_t addr, uint32_t dr, uint32_t wr, uint32_t mask)
{
if (addr & mask) {
qemu_log_mask(CPU_LOG_INT,
"unaligned access addr=%x mask=%x, wr=%d dr=r%d\n",
addr, mask, wr, dr);
env->sregs[SR_EAR] = addr;
env->sregs[SR_ESR] = ESR_EC_UNALIGNED_DATA | (wr << 10) \
| (dr & 31) << 5;
if (mask == 3) {
env->sregs[SR_ESR] |= 1 << 11;
}
if (!(env->sregs[SR_MSR] & MSR_EE)) {
return;
}
helper_raise_exception(EXCP_HW_EXCP);
}
}
#if !defined(CONFIG_USER_ONLY)
/* Writes/reads to the MMU's special regs end up here. */
uint32_t helper_mmu_read(uint32_t rn)
{
return mmu_read(env, rn);
}
void helper_mmu_write(uint32_t rn, uint32_t v)
{
mmu_write(env, rn, v);
}
void cpu_unassigned_access(CPUState *env1, target_phys_addr_t addr,
int is_write, int is_exec, int is_asi, int size)
{
CPUState *saved_env;
saved_env = env;
env = env1;
qemu_log_mask(CPU_LOG_INT, "Unassigned " TARGET_FMT_plx " wr=%d exe=%d\n",
addr, is_write, is_exec);
if (!(env->sregs[SR_MSR] & MSR_EE)) {
env = saved_env;
return;
}
env->sregs[SR_EAR] = addr;
if (is_exec) {
if ((env->pvr.regs[2] & PVR2_IOPB_BUS_EXC_MASK)) {
env->sregs[SR_ESR] = ESR_EC_INSN_BUS;
helper_raise_exception(EXCP_HW_EXCP);
}
} else {
if ((env->pvr.regs[2] & PVR2_DOPB_BUS_EXC_MASK)) {
env->sregs[SR_ESR] = ESR_EC_DATA_BUS;
helper_raise_exception(EXCP_HW_EXCP);
}
}
env = saved_env;
}
#endif