1 /* 2 * PowerPC exception emulation helpers for QEMU. 3 * 4 * Copyright (c) 2003-2007 Jocelyn Mayer 5 * 6 * This library is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU Lesser General Public 8 * License as published by the Free Software Foundation; either 9 * version 2.1 of the License, or (at your option) any later version. 10 * 11 * This library is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 * Lesser General Public License for more details. 15 * 16 * You should have received a copy of the GNU Lesser General Public 17 * License along with this library; if not, see <http://www.gnu.org/licenses/>. 18 */ 19 #include "qemu/osdep.h" 20 #include "qemu/main-loop.h" 21 #include "cpu.h" 22 #include "exec/exec-all.h" 23 #include "internal.h" 24 #include "helper_regs.h" 25 26 #include "trace.h" 27 28 #ifdef CONFIG_TCG 29 #include "exec/helper-proto.h" 30 #include "exec/cpu_ldst.h" 31 #endif 32 33 /*****************************************************************************/ 34 /* Exception processing */ 35 #if !defined(CONFIG_USER_ONLY) 36 37 static const char *powerpc_excp_name(int excp) 38 { 39 switch (excp) { 40 case POWERPC_EXCP_CRITICAL: return "CRITICAL"; 41 case POWERPC_EXCP_MCHECK: return "MCHECK"; 42 case POWERPC_EXCP_DSI: return "DSI"; 43 case POWERPC_EXCP_ISI: return "ISI"; 44 case POWERPC_EXCP_EXTERNAL: return "EXTERNAL"; 45 case POWERPC_EXCP_ALIGN: return "ALIGN"; 46 case POWERPC_EXCP_PROGRAM: return "PROGRAM"; 47 case POWERPC_EXCP_FPU: return "FPU"; 48 case POWERPC_EXCP_SYSCALL: return "SYSCALL"; 49 case POWERPC_EXCP_APU: return "APU"; 50 case POWERPC_EXCP_DECR: return "DECR"; 51 case POWERPC_EXCP_FIT: return "FIT"; 52 case POWERPC_EXCP_WDT: return "WDT"; 53 case POWERPC_EXCP_DTLB: return "DTLB"; 54 case POWERPC_EXCP_ITLB: return "ITLB"; 55 case POWERPC_EXCP_DEBUG: return "DEBUG"; 56 case POWERPC_EXCP_SPEU: return "SPEU"; 57 case POWERPC_EXCP_EFPDI: return "EFPDI"; 58 case POWERPC_EXCP_EFPRI: return "EFPRI"; 59 case POWERPC_EXCP_EPERFM: return "EPERFM"; 60 case POWERPC_EXCP_DOORI: return "DOORI"; 61 case POWERPC_EXCP_DOORCI: return "DOORCI"; 62 case POWERPC_EXCP_GDOORI: return "GDOORI"; 63 case POWERPC_EXCP_GDOORCI: return "GDOORCI"; 64 case POWERPC_EXCP_HYPPRIV: return "HYPPRIV"; 65 case POWERPC_EXCP_RESET: return "RESET"; 66 case POWERPC_EXCP_DSEG: return "DSEG"; 67 case POWERPC_EXCP_ISEG: return "ISEG"; 68 case POWERPC_EXCP_HDECR: return "HDECR"; 69 case POWERPC_EXCP_TRACE: return "TRACE"; 70 case POWERPC_EXCP_HDSI: return "HDSI"; 71 case POWERPC_EXCP_HISI: return "HISI"; 72 case POWERPC_EXCP_HDSEG: return "HDSEG"; 73 case POWERPC_EXCP_HISEG: return "HISEG"; 74 case POWERPC_EXCP_VPU: return "VPU"; 75 case POWERPC_EXCP_PIT: return "PIT"; 76 case POWERPC_EXCP_EMUL: return "EMUL"; 77 case POWERPC_EXCP_IFTLB: return "IFTLB"; 78 case POWERPC_EXCP_DLTLB: return "DLTLB"; 79 case POWERPC_EXCP_DSTLB: return "DSTLB"; 80 case POWERPC_EXCP_FPA: return "FPA"; 81 case POWERPC_EXCP_DABR: return "DABR"; 82 case POWERPC_EXCP_IABR: return "IABR"; 83 case POWERPC_EXCP_SMI: return "SMI"; 84 case POWERPC_EXCP_PERFM: return "PERFM"; 85 case POWERPC_EXCP_THERM: return "THERM"; 86 case POWERPC_EXCP_VPUA: return "VPUA"; 87 case POWERPC_EXCP_SOFTP: return "SOFTP"; 88 case POWERPC_EXCP_MAINT: return "MAINT"; 89 case POWERPC_EXCP_MEXTBR: return "MEXTBR"; 90 case POWERPC_EXCP_NMEXTBR: return "NMEXTBR"; 91 case POWERPC_EXCP_ITLBE: return "ITLBE"; 92 case POWERPC_EXCP_DTLBE: return "DTLBE"; 93 case POWERPC_EXCP_VSXU: return "VSXU"; 94 case POWERPC_EXCP_FU: return "FU"; 95 case POWERPC_EXCP_HV_EMU: return "HV_EMU"; 96 case POWERPC_EXCP_HV_MAINT: return "HV_MAINT"; 97 case POWERPC_EXCP_HV_FU: return "HV_FU"; 98 case POWERPC_EXCP_SDOOR: return "SDOOR"; 99 case POWERPC_EXCP_SDOOR_HV: return "SDOOR_HV"; 100 case POWERPC_EXCP_HVIRT: return "HVIRT"; 101 case POWERPC_EXCP_SYSCALL_VECTORED: return "SYSCALL_VECTORED"; 102 default: 103 g_assert_not_reached(); 104 } 105 } 106 107 static void dump_syscall(CPUPPCState *env) 108 { 109 qemu_log_mask(CPU_LOG_INT, "syscall r0=%016" PRIx64 110 " r3=%016" PRIx64 " r4=%016" PRIx64 " r5=%016" PRIx64 111 " r6=%016" PRIx64 " r7=%016" PRIx64 " r8=%016" PRIx64 112 " nip=" TARGET_FMT_lx "\n", 113 ppc_dump_gpr(env, 0), ppc_dump_gpr(env, 3), 114 ppc_dump_gpr(env, 4), ppc_dump_gpr(env, 5), 115 ppc_dump_gpr(env, 6), ppc_dump_gpr(env, 7), 116 ppc_dump_gpr(env, 8), env->nip); 117 } 118 119 static void dump_hcall(CPUPPCState *env) 120 { 121 qemu_log_mask(CPU_LOG_INT, "hypercall r3=%016" PRIx64 122 " r4=%016" PRIx64 " r5=%016" PRIx64 " r6=%016" PRIx64 123 " r7=%016" PRIx64 " r8=%016" PRIx64 " r9=%016" PRIx64 124 " r10=%016" PRIx64 " r11=%016" PRIx64 " r12=%016" PRIx64 125 " nip=" TARGET_FMT_lx "\n", 126 ppc_dump_gpr(env, 3), ppc_dump_gpr(env, 4), 127 ppc_dump_gpr(env, 5), ppc_dump_gpr(env, 6), 128 ppc_dump_gpr(env, 7), ppc_dump_gpr(env, 8), 129 ppc_dump_gpr(env, 9), ppc_dump_gpr(env, 10), 130 ppc_dump_gpr(env, 11), ppc_dump_gpr(env, 12), 131 env->nip); 132 } 133 134 static void ppc_excp_debug_sw_tlb(CPUPPCState *env, int excp) 135 { 136 const char *es; 137 target_ulong *miss, *cmp; 138 int en; 139 140 if (!qemu_loglevel_mask(CPU_LOG_MMU)) { 141 return; 142 } 143 144 if (excp == POWERPC_EXCP_IFTLB) { 145 es = "I"; 146 en = 'I'; 147 miss = &env->spr[SPR_IMISS]; 148 cmp = &env->spr[SPR_ICMP]; 149 } else { 150 if (excp == POWERPC_EXCP_DLTLB) { 151 es = "DL"; 152 } else { 153 es = "DS"; 154 } 155 en = 'D'; 156 miss = &env->spr[SPR_DMISS]; 157 cmp = &env->spr[SPR_DCMP]; 158 } 159 qemu_log("6xx %sTLB miss: %cM " TARGET_FMT_lx " %cC " 160 TARGET_FMT_lx " H1 " TARGET_FMT_lx " H2 " 161 TARGET_FMT_lx " %08x\n", es, en, *miss, en, *cmp, 162 env->spr[SPR_HASH1], env->spr[SPR_HASH2], 163 env->error_code); 164 } 165 166 #if defined(TARGET_PPC64) 167 static int powerpc_reset_wakeup(CPUState *cs, CPUPPCState *env, int excp, 168 target_ulong *msr) 169 { 170 /* We no longer are in a PM state */ 171 env->resume_as_sreset = false; 172 173 /* Pretend to be returning from doze always as we don't lose state */ 174 *msr |= SRR1_WS_NOLOSS; 175 176 /* Machine checks are sent normally */ 177 if (excp == POWERPC_EXCP_MCHECK) { 178 return excp; 179 } 180 switch (excp) { 181 case POWERPC_EXCP_RESET: 182 *msr |= SRR1_WAKERESET; 183 break; 184 case POWERPC_EXCP_EXTERNAL: 185 *msr |= SRR1_WAKEEE; 186 break; 187 case POWERPC_EXCP_DECR: 188 *msr |= SRR1_WAKEDEC; 189 break; 190 case POWERPC_EXCP_SDOOR: 191 *msr |= SRR1_WAKEDBELL; 192 break; 193 case POWERPC_EXCP_SDOOR_HV: 194 *msr |= SRR1_WAKEHDBELL; 195 break; 196 case POWERPC_EXCP_HV_MAINT: 197 *msr |= SRR1_WAKEHMI; 198 break; 199 case POWERPC_EXCP_HVIRT: 200 *msr |= SRR1_WAKEHVI; 201 break; 202 default: 203 cpu_abort(cs, "Unsupported exception %d in Power Save mode\n", 204 excp); 205 } 206 return POWERPC_EXCP_RESET; 207 } 208 209 /* 210 * AIL - Alternate Interrupt Location, a mode that allows interrupts to be 211 * taken with the MMU on, and which uses an alternate location (e.g., so the 212 * kernel/hv can map the vectors there with an effective address). 213 * 214 * An interrupt is considered to be taken "with AIL" or "AIL applies" if they 215 * are delivered in this way. AIL requires the LPCR to be set to enable this 216 * mode, and then a number of conditions have to be true for AIL to apply. 217 * 218 * First of all, SRESET, MCE, and HMI are always delivered without AIL, because 219 * they specifically want to be in real mode (e.g., the MCE might be signaling 220 * a SLB multi-hit which requires SLB flush before the MMU can be enabled). 221 * 222 * After that, behaviour depends on the current MSR[IR], MSR[DR], MSR[HV], 223 * whether or not the interrupt changes MSR[HV] from 0 to 1, and the current 224 * radix mode (LPCR[HR]). 225 * 226 * POWER8, POWER9 with LPCR[HR]=0 227 * | LPCR[AIL] | MSR[IR||DR] | MSR[HV] | new MSR[HV] | AIL | 228 * +-----------+-------------+---------+-------------+-----+ 229 * | a | 00/01/10 | x | x | 0 | 230 * | a | 11 | 0 | 1 | 0 | 231 * | a | 11 | 1 | 1 | a | 232 * | a | 11 | 0 | 0 | a | 233 * +-------------------------------------------------------+ 234 * 235 * POWER9 with LPCR[HR]=1 236 * | LPCR[AIL] | MSR[IR||DR] | MSR[HV] | new MSR[HV] | AIL | 237 * +-----------+-------------+---------+-------------+-----+ 238 * | a | 00/01/10 | x | x | 0 | 239 * | a | 11 | x | x | a | 240 * +-------------------------------------------------------+ 241 * 242 * The difference with POWER9 being that MSR[HV] 0->1 interrupts can be sent to 243 * the hypervisor in AIL mode if the guest is radix. This is good for 244 * performance but allows the guest to influence the AIL of hypervisor 245 * interrupts using its MSR, and also the hypervisor must disallow guest 246 * interrupts (MSR[HV] 0->0) from using AIL if the hypervisor does not want to 247 * use AIL for its MSR[HV] 0->1 interrupts. 248 * 249 * POWER10 addresses those issues with a new LPCR[HAIL] bit that is applied to 250 * interrupts that begin execution with MSR[HV]=1 (so both MSR[HV] 0->1 and 251 * MSR[HV] 1->1). 252 * 253 * HAIL=1 is equivalent to AIL=3, for interrupts delivered with MSR[HV]=1. 254 * 255 * POWER10 behaviour is 256 * | LPCR[AIL] | LPCR[HAIL] | MSR[IR||DR] | MSR[HV] | new MSR[HV] | AIL | 257 * +-----------+------------+-------------+---------+-------------+-----+ 258 * | a | h | 00/01/10 | 0 | 0 | 0 | 259 * | a | h | 11 | 0 | 0 | a | 260 * | a | h | x | 0 | 1 | h | 261 * | a | h | 00/01/10 | 1 | 1 | 0 | 262 * | a | h | 11 | 1 | 1 | h | 263 * +--------------------------------------------------------------------+ 264 */ 265 static void ppc_excp_apply_ail(PowerPCCPU *cpu, int excp, target_ulong msr, 266 target_ulong *new_msr, target_ulong *vector) 267 { 268 PowerPCCPUClass *pcc = POWERPC_CPU_GET_CLASS(cpu); 269 CPUPPCState *env = &cpu->env; 270 bool mmu_all_on = ((msr >> MSR_IR) & 1) && ((msr >> MSR_DR) & 1); 271 bool hv_escalation = !(msr & MSR_HVB) && (*new_msr & MSR_HVB); 272 int ail = 0; 273 274 if (excp == POWERPC_EXCP_MCHECK || 275 excp == POWERPC_EXCP_RESET || 276 excp == POWERPC_EXCP_HV_MAINT) { 277 /* SRESET, MCE, HMI never apply AIL */ 278 return; 279 } 280 281 if (!(pcc->lpcr_mask & LPCR_AIL)) { 282 /* This CPU does not have AIL */ 283 return; 284 } 285 286 /* P8 & P9 */ 287 if (!(pcc->lpcr_mask & LPCR_HAIL)) { 288 if (!mmu_all_on) { 289 /* AIL only works if MSR[IR] and MSR[DR] are both enabled. */ 290 return; 291 } 292 if (hv_escalation && !(env->spr[SPR_LPCR] & LPCR_HR)) { 293 /* 294 * AIL does not work if there is a MSR[HV] 0->1 transition and the 295 * partition is in HPT mode. For radix guests, such interrupts are 296 * allowed to be delivered to the hypervisor in ail mode. 297 */ 298 return; 299 } 300 301 ail = (env->spr[SPR_LPCR] & LPCR_AIL) >> LPCR_AIL_SHIFT; 302 if (ail == 0) { 303 return; 304 } 305 if (ail == 1) { 306 /* AIL=1 is reserved, treat it like AIL=0 */ 307 return; 308 } 309 310 /* P10 and up */ 311 } else { 312 if (!mmu_all_on && !hv_escalation) { 313 /* 314 * AIL works for HV interrupts even with guest MSR[IR/DR] disabled. 315 * Guest->guest and HV->HV interrupts do require MMU on. 316 */ 317 return; 318 } 319 320 if (*new_msr & MSR_HVB) { 321 if (!(env->spr[SPR_LPCR] & LPCR_HAIL)) { 322 /* HV interrupts depend on LPCR[HAIL] */ 323 return; 324 } 325 ail = 3; /* HAIL=1 gives AIL=3 behaviour for HV interrupts */ 326 } else { 327 ail = (env->spr[SPR_LPCR] & LPCR_AIL) >> LPCR_AIL_SHIFT; 328 } 329 if (ail == 0) { 330 return; 331 } 332 if (ail == 1 || ail == 2) { 333 /* AIL=1 and AIL=2 are reserved, treat them like AIL=0 */ 334 return; 335 } 336 } 337 338 /* 339 * AIL applies, so the new MSR gets IR and DR set, and an offset applied 340 * to the new IP. 341 */ 342 *new_msr |= (1 << MSR_IR) | (1 << MSR_DR); 343 344 if (excp != POWERPC_EXCP_SYSCALL_VECTORED) { 345 if (ail == 2) { 346 *vector |= 0x0000000000018000ull; 347 } else if (ail == 3) { 348 *vector |= 0xc000000000004000ull; 349 } 350 } else { 351 /* 352 * scv AIL is a little different. AIL=2 does not change the address, 353 * only the MSR. AIL=3 replaces the 0x17000 base with 0xc...3000. 354 */ 355 if (ail == 3) { 356 *vector &= ~0x0000000000017000ull; /* Un-apply the base offset */ 357 *vector |= 0xc000000000003000ull; /* Apply scv's AIL=3 offset */ 358 } 359 } 360 } 361 #endif 362 363 static void powerpc_reset_excp_state(PowerPCCPU *cpu) 364 { 365 CPUState *cs = CPU(cpu); 366 CPUPPCState *env = &cpu->env; 367 368 /* Reset exception state */ 369 cs->exception_index = POWERPC_EXCP_NONE; 370 env->error_code = 0; 371 } 372 373 static void powerpc_set_excp_state(PowerPCCPU *cpu, target_ulong vector, 374 target_ulong msr) 375 { 376 CPUPPCState *env = &cpu->env; 377 378 assert((msr & env->msr_mask) == msr); 379 380 /* 381 * We don't use hreg_store_msr here as already have treated any 382 * special case that could occur. Just store MSR and update hflags 383 * 384 * Note: We *MUST* not use hreg_store_msr() as-is anyway because it 385 * will prevent setting of the HV bit which some exceptions might need 386 * to do. 387 */ 388 env->nip = vector; 389 env->msr = msr; 390 hreg_compute_hflags(env); 391 392 powerpc_reset_excp_state(cpu); 393 394 /* 395 * Any interrupt is context synchronizing, check if TCG TLB needs 396 * a delayed flush on ppc64 397 */ 398 check_tlb_flush(env, false); 399 400 /* Reset the reservation */ 401 env->reserve_addr = -1; 402 } 403 404 static void powerpc_excp_40x(PowerPCCPU *cpu, int excp) 405 { 406 CPUState *cs = CPU(cpu); 407 CPUPPCState *env = &cpu->env; 408 target_ulong msr, new_msr, vector; 409 int srr0, srr1; 410 411 /* new srr1 value excluding must-be-zero bits */ 412 msr = env->msr & ~0x783f0000ULL; 413 414 /* 415 * new interrupt handler msr preserves existing ME unless 416 * explicitly overriden. 417 */ 418 new_msr = env->msr & (((target_ulong)1 << MSR_ME)); 419 420 /* target registers */ 421 srr0 = SPR_SRR0; 422 srr1 = SPR_SRR1; 423 424 /* 425 * Hypervisor emulation assistance interrupt only exists on server 426 * arch 2.05 server or later. 427 */ 428 if (excp == POWERPC_EXCP_HV_EMU) { 429 excp = POWERPC_EXCP_PROGRAM; 430 } 431 432 vector = env->excp_vectors[excp]; 433 if (vector == (target_ulong)-1ULL) { 434 cpu_abort(cs, "Raised an exception without defined vector %d\n", 435 excp); 436 } 437 438 vector |= env->excp_prefix; 439 440 switch (excp) { 441 case POWERPC_EXCP_CRITICAL: /* Critical input */ 442 srr0 = SPR_40x_SRR2; 443 srr1 = SPR_40x_SRR3; 444 break; 445 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 446 if (msr_me == 0) { 447 /* 448 * Machine check exception is not enabled. Enter 449 * checkstop state. 450 */ 451 fprintf(stderr, "Machine check while not allowed. " 452 "Entering checkstop state\n"); 453 if (qemu_log_separate()) { 454 qemu_log("Machine check while not allowed. " 455 "Entering checkstop state\n"); 456 } 457 cs->halted = 1; 458 cpu_interrupt_exittb(cs); 459 } 460 461 /* machine check exceptions don't have ME set */ 462 new_msr &= ~((target_ulong)1 << MSR_ME); 463 464 srr0 = SPR_40x_SRR2; 465 srr1 = SPR_40x_SRR3; 466 break; 467 case POWERPC_EXCP_DSI: /* Data storage exception */ 468 trace_ppc_excp_dsi(env->spr[SPR_40x_ESR], env->spr[SPR_40x_DEAR]); 469 break; 470 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 471 trace_ppc_excp_isi(msr, env->nip); 472 break; 473 case POWERPC_EXCP_EXTERNAL: /* External input */ 474 break; 475 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 476 break; 477 case POWERPC_EXCP_PROGRAM: /* Program exception */ 478 switch (env->error_code & ~0xF) { 479 case POWERPC_EXCP_FP: 480 if ((msr_fe0 == 0 && msr_fe1 == 0) || msr_fp == 0) { 481 trace_ppc_excp_fp_ignore(); 482 powerpc_reset_excp_state(cpu); 483 return; 484 } 485 env->spr[SPR_40x_ESR] = ESR_FP; 486 break; 487 case POWERPC_EXCP_INVAL: 488 trace_ppc_excp_inval(env->nip); 489 env->spr[SPR_40x_ESR] = ESR_PIL; 490 break; 491 case POWERPC_EXCP_PRIV: 492 env->spr[SPR_40x_ESR] = ESR_PPR; 493 break; 494 case POWERPC_EXCP_TRAP: 495 env->spr[SPR_40x_ESR] = ESR_PTR; 496 break; 497 default: 498 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 499 env->error_code); 500 break; 501 } 502 break; 503 case POWERPC_EXCP_SYSCALL: /* System call exception */ 504 dump_syscall(env); 505 506 /* 507 * We need to correct the NIP which in this case is supposed 508 * to point to the next instruction 509 */ 510 env->nip += 4; 511 break; 512 case POWERPC_EXCP_FIT: /* Fixed-interval timer interrupt */ 513 trace_ppc_excp_print("FIT"); 514 break; 515 case POWERPC_EXCP_WDT: /* Watchdog timer interrupt */ 516 trace_ppc_excp_print("WDT"); 517 break; 518 case POWERPC_EXCP_DTLB: /* Data TLB error */ 519 case POWERPC_EXCP_ITLB: /* Instruction TLB error */ 520 break; 521 case POWERPC_EXCP_PIT: /* Programmable interval timer interrupt */ 522 trace_ppc_excp_print("PIT"); 523 break; 524 case POWERPC_EXCP_DEBUG: /* Debug interrupt */ 525 cpu_abort(cs, "%s exception not implemented\n", 526 powerpc_excp_name(excp)); 527 break; 528 default: 529 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 530 break; 531 } 532 533 /* Save PC */ 534 env->spr[srr0] = env->nip; 535 536 /* Save MSR */ 537 env->spr[srr1] = msr; 538 539 powerpc_set_excp_state(cpu, vector, new_msr); 540 } 541 542 static void powerpc_excp_6xx(PowerPCCPU *cpu, int excp) 543 { 544 CPUState *cs = CPU(cpu); 545 CPUPPCState *env = &cpu->env; 546 target_ulong msr, new_msr, vector; 547 548 /* new srr1 value excluding must-be-zero bits */ 549 msr = env->msr & ~0x783f0000ULL; 550 551 /* 552 * new interrupt handler msr preserves existing ME unless 553 * explicitly overriden 554 */ 555 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 556 557 /* 558 * Hypervisor emulation assistance interrupt only exists on server 559 * arch 2.05 server or later. 560 */ 561 if (excp == POWERPC_EXCP_HV_EMU) { 562 excp = POWERPC_EXCP_PROGRAM; 563 } 564 565 vector = env->excp_vectors[excp]; 566 if (vector == (target_ulong)-1ULL) { 567 cpu_abort(cs, "Raised an exception without defined vector %d\n", 568 excp); 569 } 570 571 vector |= env->excp_prefix; 572 573 switch (excp) { 574 case POWERPC_EXCP_CRITICAL: /* Critical input */ 575 break; 576 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 577 if (msr_me == 0) { 578 /* 579 * Machine check exception is not enabled. Enter 580 * checkstop state. 581 */ 582 fprintf(stderr, "Machine check while not allowed. " 583 "Entering checkstop state\n"); 584 if (qemu_log_separate()) { 585 qemu_log("Machine check while not allowed. " 586 "Entering checkstop state\n"); 587 } 588 cs->halted = 1; 589 cpu_interrupt_exittb(cs); 590 } 591 592 /* machine check exceptions don't have ME set */ 593 new_msr &= ~((target_ulong)1 << MSR_ME); 594 595 break; 596 case POWERPC_EXCP_DSI: /* Data storage exception */ 597 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 598 break; 599 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 600 trace_ppc_excp_isi(msr, env->nip); 601 msr |= env->error_code; 602 break; 603 case POWERPC_EXCP_EXTERNAL: /* External input */ 604 break; 605 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 606 /* Get rS/rD and rA from faulting opcode */ 607 /* 608 * Note: the opcode fields will not be set properly for a 609 * direct store load/store, but nobody cares as nobody 610 * actually uses direct store segments. 611 */ 612 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 613 break; 614 case POWERPC_EXCP_PROGRAM: /* Program exception */ 615 switch (env->error_code & ~0xF) { 616 case POWERPC_EXCP_FP: 617 if ((msr_fe0 == 0 && msr_fe1 == 0) || msr_fp == 0) { 618 trace_ppc_excp_fp_ignore(); 619 powerpc_reset_excp_state(cpu); 620 return; 621 } 622 623 /* 624 * FP exceptions always have NIP pointing to the faulting 625 * instruction, so always use store_next and claim we are 626 * precise in the MSR. 627 */ 628 msr |= 0x00100000; 629 break; 630 case POWERPC_EXCP_INVAL: 631 trace_ppc_excp_inval(env->nip); 632 msr |= 0x00080000; 633 break; 634 case POWERPC_EXCP_PRIV: 635 msr |= 0x00040000; 636 break; 637 case POWERPC_EXCP_TRAP: 638 msr |= 0x00020000; 639 break; 640 default: 641 /* Should never occur */ 642 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 643 env->error_code); 644 break; 645 } 646 break; 647 case POWERPC_EXCP_SYSCALL: /* System call exception */ 648 dump_syscall(env); 649 650 /* 651 * We need to correct the NIP which in this case is supposed 652 * to point to the next instruction 653 */ 654 env->nip += 4; 655 break; 656 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 657 case POWERPC_EXCP_DECR: /* Decrementer exception */ 658 break; 659 case POWERPC_EXCP_DTLB: /* Data TLB error */ 660 case POWERPC_EXCP_ITLB: /* Instruction TLB error */ 661 break; 662 case POWERPC_EXCP_RESET: /* System reset exception */ 663 if (msr_pow) { 664 cpu_abort(cs, "Trying to deliver power-saving system reset " 665 "exception %d with no HV support\n", excp); 666 } 667 break; 668 case POWERPC_EXCP_TRACE: /* Trace exception */ 669 break; 670 case POWERPC_EXCP_IFTLB: /* Instruction fetch TLB error */ 671 case POWERPC_EXCP_DLTLB: /* Data load TLB miss */ 672 case POWERPC_EXCP_DSTLB: /* Data store TLB miss */ 673 /* Swap temporary saved registers with GPRs */ 674 if (!(new_msr & ((target_ulong)1 << MSR_TGPR))) { 675 new_msr |= (target_ulong)1 << MSR_TGPR; 676 hreg_swap_gpr_tgpr(env); 677 } 678 679 ppc_excp_debug_sw_tlb(env, excp); 680 681 msr |= env->crf[0] << 28; 682 msr |= env->error_code; /* key, D/I, S/L bits */ 683 /* Set way using a LRU mechanism */ 684 msr |= ((env->last_way + 1) & (env->nb_ways - 1)) << 17; 685 break; 686 case POWERPC_EXCP_FPA: /* Floating-point assist exception */ 687 case POWERPC_EXCP_DABR: /* Data address breakpoint */ 688 case POWERPC_EXCP_IABR: /* Instruction address breakpoint */ 689 case POWERPC_EXCP_SMI: /* System management interrupt */ 690 case POWERPC_EXCP_MEXTBR: /* Maskable external breakpoint */ 691 case POWERPC_EXCP_NMEXTBR: /* Non maskable external breakpoint */ 692 cpu_abort(cs, "%s exception not implemented\n", 693 powerpc_excp_name(excp)); 694 break; 695 default: 696 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 697 break; 698 } 699 700 /* 701 * Sort out endianness of interrupt, this differs depending on the 702 * CPU, the HV mode, etc... 703 */ 704 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 705 new_msr |= (target_ulong)1 << MSR_LE; 706 } 707 708 /* Save PC */ 709 env->spr[SPR_SRR0] = env->nip; 710 711 /* Save MSR */ 712 env->spr[SPR_SRR1] = msr; 713 714 powerpc_set_excp_state(cpu, vector, new_msr); 715 } 716 717 static void powerpc_excp_7xx(PowerPCCPU *cpu, int excp) 718 { 719 CPUState *cs = CPU(cpu); 720 CPUPPCState *env = &cpu->env; 721 target_ulong msr, new_msr, vector; 722 723 /* new srr1 value excluding must-be-zero bits */ 724 msr = env->msr & ~0x783f0000ULL; 725 726 /* 727 * new interrupt handler msr preserves existing ME unless 728 * explicitly overriden 729 */ 730 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 731 732 /* 733 * Hypervisor emulation assistance interrupt only exists on server 734 * arch 2.05 server or later. 735 */ 736 if (excp == POWERPC_EXCP_HV_EMU) { 737 excp = POWERPC_EXCP_PROGRAM; 738 } 739 740 vector = env->excp_vectors[excp]; 741 if (vector == (target_ulong)-1ULL) { 742 cpu_abort(cs, "Raised an exception without defined vector %d\n", 743 excp); 744 } 745 746 vector |= env->excp_prefix; 747 748 switch (excp) { 749 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 750 if (msr_me == 0) { 751 /* 752 * Machine check exception is not enabled. Enter 753 * checkstop state. 754 */ 755 fprintf(stderr, "Machine check while not allowed. " 756 "Entering checkstop state\n"); 757 if (qemu_log_separate()) { 758 qemu_log("Machine check while not allowed. " 759 "Entering checkstop state\n"); 760 } 761 cs->halted = 1; 762 cpu_interrupt_exittb(cs); 763 } 764 765 /* machine check exceptions don't have ME set */ 766 new_msr &= ~((target_ulong)1 << MSR_ME); 767 768 break; 769 case POWERPC_EXCP_DSI: /* Data storage exception */ 770 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 771 break; 772 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 773 trace_ppc_excp_isi(msr, env->nip); 774 msr |= env->error_code; 775 break; 776 case POWERPC_EXCP_EXTERNAL: /* External input */ 777 break; 778 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 779 /* Get rS/rD and rA from faulting opcode */ 780 /* 781 * Note: the opcode fields will not be set properly for a 782 * direct store load/store, but nobody cares as nobody 783 * actually uses direct store segments. 784 */ 785 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 786 break; 787 case POWERPC_EXCP_PROGRAM: /* Program exception */ 788 switch (env->error_code & ~0xF) { 789 case POWERPC_EXCP_FP: 790 if ((msr_fe0 == 0 && msr_fe1 == 0) || msr_fp == 0) { 791 trace_ppc_excp_fp_ignore(); 792 powerpc_reset_excp_state(cpu); 793 return; 794 } 795 796 /* 797 * FP exceptions always have NIP pointing to the faulting 798 * instruction, so always use store_next and claim we are 799 * precise in the MSR. 800 */ 801 msr |= 0x00100000; 802 break; 803 case POWERPC_EXCP_INVAL: 804 trace_ppc_excp_inval(env->nip); 805 msr |= 0x00080000; 806 break; 807 case POWERPC_EXCP_PRIV: 808 msr |= 0x00040000; 809 break; 810 case POWERPC_EXCP_TRAP: 811 msr |= 0x00020000; 812 break; 813 default: 814 /* Should never occur */ 815 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 816 env->error_code); 817 break; 818 } 819 break; 820 case POWERPC_EXCP_SYSCALL: /* System call exception */ 821 { 822 int lev = env->error_code; 823 824 if (lev == 1 && cpu->vhyp) { 825 dump_hcall(env); 826 } else { 827 dump_syscall(env); 828 } 829 830 /* 831 * We need to correct the NIP which in this case is supposed 832 * to point to the next instruction 833 */ 834 env->nip += 4; 835 836 /* 837 * The Virtual Open Firmware (VOF) relies on the 'sc 1' 838 * instruction to communicate with QEMU. The pegasos2 machine 839 * uses VOF and the 7xx CPUs, so although the 7xx don't have 840 * HV mode, we need to keep hypercall support. 841 */ 842 if (lev == 1 && cpu->vhyp) { 843 PPCVirtualHypervisorClass *vhc = 844 PPC_VIRTUAL_HYPERVISOR_GET_CLASS(cpu->vhyp); 845 vhc->hypercall(cpu->vhyp, cpu); 846 return; 847 } 848 849 break; 850 } 851 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 852 case POWERPC_EXCP_DECR: /* Decrementer exception */ 853 break; 854 case POWERPC_EXCP_RESET: /* System reset exception */ 855 if (msr_pow) { 856 cpu_abort(cs, "Trying to deliver power-saving system reset " 857 "exception %d with no HV support\n", excp); 858 } 859 break; 860 case POWERPC_EXCP_TRACE: /* Trace exception */ 861 break; 862 case POWERPC_EXCP_IFTLB: /* Instruction fetch TLB error */ 863 case POWERPC_EXCP_DLTLB: /* Data load TLB miss */ 864 case POWERPC_EXCP_DSTLB: /* Data store TLB miss */ 865 ppc_excp_debug_sw_tlb(env, excp); 866 867 msr |= env->crf[0] << 28; 868 msr |= env->error_code; /* key, D/I, S/L bits */ 869 /* Set way using a LRU mechanism */ 870 msr |= ((env->last_way + 1) & (env->nb_ways - 1)) << 17; 871 872 break; 873 case POWERPC_EXCP_IABR: /* Instruction address breakpoint */ 874 case POWERPC_EXCP_SMI: /* System management interrupt */ 875 case POWERPC_EXCP_THERM: /* Thermal interrupt */ 876 case POWERPC_EXCP_PERFM: /* Embedded performance monitor interrupt */ 877 cpu_abort(cs, "%s exception not implemented\n", 878 powerpc_excp_name(excp)); 879 break; 880 default: 881 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 882 break; 883 } 884 885 /* 886 * Sort out endianness of interrupt, this differs depending on the 887 * CPU, the HV mode, etc... 888 */ 889 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 890 new_msr |= (target_ulong)1 << MSR_LE; 891 } 892 893 /* Save PC */ 894 env->spr[SPR_SRR0] = env->nip; 895 896 /* Save MSR */ 897 env->spr[SPR_SRR1] = msr; 898 899 powerpc_set_excp_state(cpu, vector, new_msr); 900 } 901 902 static void powerpc_excp_74xx(PowerPCCPU *cpu, int excp) 903 { 904 CPUState *cs = CPU(cpu); 905 CPUPPCState *env = &cpu->env; 906 target_ulong msr, new_msr, vector; 907 908 /* new srr1 value excluding must-be-zero bits */ 909 msr = env->msr & ~0x783f0000ULL; 910 911 /* 912 * new interrupt handler msr preserves existing ME unless 913 * explicitly overriden 914 */ 915 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 916 917 /* 918 * Hypervisor emulation assistance interrupt only exists on server 919 * arch 2.05 server or later. 920 */ 921 if (excp == POWERPC_EXCP_HV_EMU) { 922 excp = POWERPC_EXCP_PROGRAM; 923 } 924 925 vector = env->excp_vectors[excp]; 926 if (vector == (target_ulong)-1ULL) { 927 cpu_abort(cs, "Raised an exception without defined vector %d\n", 928 excp); 929 } 930 931 vector |= env->excp_prefix; 932 933 switch (excp) { 934 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 935 if (msr_me == 0) { 936 /* 937 * Machine check exception is not enabled. Enter 938 * checkstop state. 939 */ 940 fprintf(stderr, "Machine check while not allowed. " 941 "Entering checkstop state\n"); 942 if (qemu_log_separate()) { 943 qemu_log("Machine check while not allowed. " 944 "Entering checkstop state\n"); 945 } 946 cs->halted = 1; 947 cpu_interrupt_exittb(cs); 948 } 949 950 /* machine check exceptions don't have ME set */ 951 new_msr &= ~((target_ulong)1 << MSR_ME); 952 953 break; 954 case POWERPC_EXCP_DSI: /* Data storage exception */ 955 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 956 break; 957 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 958 trace_ppc_excp_isi(msr, env->nip); 959 msr |= env->error_code; 960 break; 961 case POWERPC_EXCP_EXTERNAL: /* External input */ 962 break; 963 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 964 /* Get rS/rD and rA from faulting opcode */ 965 /* 966 * Note: the opcode fields will not be set properly for a 967 * direct store load/store, but nobody cares as nobody 968 * actually uses direct store segments. 969 */ 970 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 971 break; 972 case POWERPC_EXCP_PROGRAM: /* Program exception */ 973 switch (env->error_code & ~0xF) { 974 case POWERPC_EXCP_FP: 975 if ((msr_fe0 == 0 && msr_fe1 == 0) || msr_fp == 0) { 976 trace_ppc_excp_fp_ignore(); 977 powerpc_reset_excp_state(cpu); 978 return; 979 } 980 981 /* 982 * FP exceptions always have NIP pointing to the faulting 983 * instruction, so always use store_next and claim we are 984 * precise in the MSR. 985 */ 986 msr |= 0x00100000; 987 break; 988 case POWERPC_EXCP_INVAL: 989 trace_ppc_excp_inval(env->nip); 990 msr |= 0x00080000; 991 break; 992 case POWERPC_EXCP_PRIV: 993 msr |= 0x00040000; 994 break; 995 case POWERPC_EXCP_TRAP: 996 msr |= 0x00020000; 997 break; 998 default: 999 /* Should never occur */ 1000 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 1001 env->error_code); 1002 break; 1003 } 1004 break; 1005 case POWERPC_EXCP_SYSCALL: /* System call exception */ 1006 { 1007 int lev = env->error_code; 1008 1009 if ((lev == 1) && cpu->vhyp) { 1010 dump_hcall(env); 1011 } else { 1012 dump_syscall(env); 1013 } 1014 1015 /* 1016 * We need to correct the NIP which in this case is supposed 1017 * to point to the next instruction 1018 */ 1019 env->nip += 4; 1020 1021 /* 1022 * The Virtual Open Firmware (VOF) relies on the 'sc 1' 1023 * instruction to communicate with QEMU. The pegasos2 machine 1024 * uses VOF and the 74xx CPUs, so although the 74xx don't have 1025 * HV mode, we need to keep hypercall support. 1026 */ 1027 if ((lev == 1) && cpu->vhyp) { 1028 PPCVirtualHypervisorClass *vhc = 1029 PPC_VIRTUAL_HYPERVISOR_GET_CLASS(cpu->vhyp); 1030 vhc->hypercall(cpu->vhyp, cpu); 1031 return; 1032 } 1033 1034 break; 1035 } 1036 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 1037 case POWERPC_EXCP_DECR: /* Decrementer exception */ 1038 break; 1039 case POWERPC_EXCP_RESET: /* System reset exception */ 1040 if (msr_pow) { 1041 cpu_abort(cs, "Trying to deliver power-saving system reset " 1042 "exception %d with no HV support\n", excp); 1043 } 1044 break; 1045 case POWERPC_EXCP_TRACE: /* Trace exception */ 1046 break; 1047 case POWERPC_EXCP_VPU: /* Vector unavailable exception */ 1048 break; 1049 case POWERPC_EXCP_IABR: /* Instruction address breakpoint */ 1050 case POWERPC_EXCP_SMI: /* System management interrupt */ 1051 case POWERPC_EXCP_THERM: /* Thermal interrupt */ 1052 case POWERPC_EXCP_PERFM: /* Embedded performance monitor interrupt */ 1053 case POWERPC_EXCP_VPUA: /* Vector assist exception */ 1054 cpu_abort(cs, "%s exception not implemented\n", 1055 powerpc_excp_name(excp)); 1056 break; 1057 default: 1058 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 1059 break; 1060 } 1061 1062 /* 1063 * Sort out endianness of interrupt, this differs depending on the 1064 * CPU, the HV mode, etc... 1065 */ 1066 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 1067 new_msr |= (target_ulong)1 << MSR_LE; 1068 } 1069 1070 /* Save PC */ 1071 env->spr[SPR_SRR0] = env->nip; 1072 1073 /* Save MSR */ 1074 env->spr[SPR_SRR1] = msr; 1075 1076 powerpc_set_excp_state(cpu, vector, new_msr); 1077 } 1078 1079 static void powerpc_excp_booke(PowerPCCPU *cpu, int excp) 1080 { 1081 CPUState *cs = CPU(cpu); 1082 CPUPPCState *env = &cpu->env; 1083 target_ulong msr, new_msr, vector; 1084 int srr0, srr1; 1085 1086 msr = env->msr; 1087 1088 /* 1089 * new interrupt handler msr preserves existing ME unless 1090 * explicitly overriden 1091 */ 1092 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 1093 1094 /* target registers */ 1095 srr0 = SPR_SRR0; 1096 srr1 = SPR_SRR1; 1097 1098 /* 1099 * Hypervisor emulation assistance interrupt only exists on server 1100 * arch 2.05 server or later. 1101 */ 1102 if (excp == POWERPC_EXCP_HV_EMU) { 1103 excp = POWERPC_EXCP_PROGRAM; 1104 } 1105 1106 #ifdef TARGET_PPC64 1107 /* 1108 * SPEU and VPU share the same IVOR but they exist in different 1109 * processors. SPEU is e500v1/2 only and VPU is e6500 only. 1110 */ 1111 if (excp == POWERPC_EXCP_VPU) { 1112 excp = POWERPC_EXCP_SPEU; 1113 } 1114 #endif 1115 1116 vector = env->excp_vectors[excp]; 1117 if (vector == (target_ulong)-1ULL) { 1118 cpu_abort(cs, "Raised an exception without defined vector %d\n", 1119 excp); 1120 } 1121 1122 vector |= env->excp_prefix; 1123 1124 switch (excp) { 1125 case POWERPC_EXCP_CRITICAL: /* Critical input */ 1126 srr0 = SPR_BOOKE_CSRR0; 1127 srr1 = SPR_BOOKE_CSRR1; 1128 break; 1129 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 1130 if (msr_me == 0) { 1131 /* 1132 * Machine check exception is not enabled. Enter 1133 * checkstop state. 1134 */ 1135 fprintf(stderr, "Machine check while not allowed. " 1136 "Entering checkstop state\n"); 1137 if (qemu_log_separate()) { 1138 qemu_log("Machine check while not allowed. " 1139 "Entering checkstop state\n"); 1140 } 1141 cs->halted = 1; 1142 cpu_interrupt_exittb(cs); 1143 } 1144 1145 /* machine check exceptions don't have ME set */ 1146 new_msr &= ~((target_ulong)1 << MSR_ME); 1147 1148 /* FIXME: choose one or the other based on CPU type */ 1149 srr0 = SPR_BOOKE_MCSRR0; 1150 srr1 = SPR_BOOKE_MCSRR1; 1151 1152 env->spr[SPR_BOOKE_CSRR0] = env->nip; 1153 env->spr[SPR_BOOKE_CSRR1] = msr; 1154 1155 break; 1156 case POWERPC_EXCP_DSI: /* Data storage exception */ 1157 trace_ppc_excp_dsi(env->spr[SPR_BOOKE_ESR], env->spr[SPR_BOOKE_DEAR]); 1158 break; 1159 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 1160 trace_ppc_excp_isi(msr, env->nip); 1161 break; 1162 case POWERPC_EXCP_EXTERNAL: /* External input */ 1163 if (env->mpic_proxy) { 1164 /* IACK the IRQ on delivery */ 1165 env->spr[SPR_BOOKE_EPR] = ldl_phys(cs->as, env->mpic_iack); 1166 } 1167 break; 1168 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 1169 break; 1170 case POWERPC_EXCP_PROGRAM: /* Program exception */ 1171 switch (env->error_code & ~0xF) { 1172 case POWERPC_EXCP_FP: 1173 if ((msr_fe0 == 0 && msr_fe1 == 0) || msr_fp == 0) { 1174 trace_ppc_excp_fp_ignore(); 1175 powerpc_reset_excp_state(cpu); 1176 return; 1177 } 1178 1179 /* 1180 * FP exceptions always have NIP pointing to the faulting 1181 * instruction, so always use store_next and claim we are 1182 * precise in the MSR. 1183 */ 1184 msr |= 0x00100000; 1185 env->spr[SPR_BOOKE_ESR] = ESR_FP; 1186 break; 1187 case POWERPC_EXCP_INVAL: 1188 trace_ppc_excp_inval(env->nip); 1189 msr |= 0x00080000; 1190 env->spr[SPR_BOOKE_ESR] = ESR_PIL; 1191 break; 1192 case POWERPC_EXCP_PRIV: 1193 msr |= 0x00040000; 1194 env->spr[SPR_BOOKE_ESR] = ESR_PPR; 1195 break; 1196 case POWERPC_EXCP_TRAP: 1197 msr |= 0x00020000; 1198 env->spr[SPR_BOOKE_ESR] = ESR_PTR; 1199 break; 1200 default: 1201 /* Should never occur */ 1202 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 1203 env->error_code); 1204 break; 1205 } 1206 break; 1207 case POWERPC_EXCP_SYSCALL: /* System call exception */ 1208 dump_syscall(env); 1209 1210 /* 1211 * We need to correct the NIP which in this case is supposed 1212 * to point to the next instruction 1213 */ 1214 env->nip += 4; 1215 break; 1216 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 1217 case POWERPC_EXCP_APU: /* Auxiliary processor unavailable */ 1218 case POWERPC_EXCP_DECR: /* Decrementer exception */ 1219 break; 1220 case POWERPC_EXCP_FIT: /* Fixed-interval timer interrupt */ 1221 /* FIT on 4xx */ 1222 trace_ppc_excp_print("FIT"); 1223 break; 1224 case POWERPC_EXCP_WDT: /* Watchdog timer interrupt */ 1225 trace_ppc_excp_print("WDT"); 1226 srr0 = SPR_BOOKE_CSRR0; 1227 srr1 = SPR_BOOKE_CSRR1; 1228 break; 1229 case POWERPC_EXCP_DTLB: /* Data TLB error */ 1230 case POWERPC_EXCP_ITLB: /* Instruction TLB error */ 1231 break; 1232 case POWERPC_EXCP_DEBUG: /* Debug interrupt */ 1233 if (env->flags & POWERPC_FLAG_DE) { 1234 /* FIXME: choose one or the other based on CPU type */ 1235 srr0 = SPR_BOOKE_DSRR0; 1236 srr1 = SPR_BOOKE_DSRR1; 1237 1238 env->spr[SPR_BOOKE_CSRR0] = env->nip; 1239 env->spr[SPR_BOOKE_CSRR1] = msr; 1240 1241 /* DBSR already modified by caller */ 1242 } else { 1243 cpu_abort(cs, "Debug exception triggered on unsupported model\n"); 1244 } 1245 break; 1246 case POWERPC_EXCP_SPEU: /* SPE/embedded floating-point unavailable/VPU */ 1247 env->spr[SPR_BOOKE_ESR] = ESR_SPV; 1248 break; 1249 case POWERPC_EXCP_RESET: /* System reset exception */ 1250 if (msr_pow) { 1251 cpu_abort(cs, "Trying to deliver power-saving system reset " 1252 "exception %d with no HV support\n", excp); 1253 } 1254 break; 1255 case POWERPC_EXCP_EFPDI: /* Embedded floating-point data interrupt */ 1256 case POWERPC_EXCP_EFPRI: /* Embedded floating-point round interrupt */ 1257 cpu_abort(cs, "%s exception not implemented\n", 1258 powerpc_excp_name(excp)); 1259 break; 1260 default: 1261 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 1262 break; 1263 } 1264 1265 #if defined(TARGET_PPC64) 1266 if (env->spr[SPR_BOOKE_EPCR] & EPCR_ICM) { 1267 /* Cat.64-bit: EPCR.ICM is copied to MSR.CM */ 1268 new_msr |= (target_ulong)1 << MSR_CM; 1269 } else { 1270 vector = (uint32_t)vector; 1271 } 1272 #endif 1273 1274 /* Save PC */ 1275 env->spr[srr0] = env->nip; 1276 1277 /* Save MSR */ 1278 env->spr[srr1] = msr; 1279 1280 powerpc_set_excp_state(cpu, vector, new_msr); 1281 } 1282 1283 #ifdef TARGET_PPC64 1284 /* 1285 * When running under vhyp, hcalls are always intercepted and sent to the 1286 * vhc->hypercall handler. 1287 */ 1288 static bool books_vhyp_handles_hcall(PowerPCCPU *cpu) 1289 { 1290 if (cpu->vhyp) { 1291 return true; 1292 } 1293 return false; 1294 } 1295 1296 static void powerpc_excp_books(PowerPCCPU *cpu, int excp) 1297 { 1298 CPUState *cs = CPU(cpu); 1299 CPUPPCState *env = &cpu->env; 1300 target_ulong msr, new_msr, vector; 1301 int srr0, srr1, lev = -1; 1302 1303 /* new srr1 value excluding must-be-zero bits */ 1304 msr = env->msr & ~0x783f0000ULL; 1305 1306 /* 1307 * new interrupt handler msr preserves existing HV and ME unless 1308 * explicitly overriden 1309 */ 1310 new_msr = env->msr & (((target_ulong)1 << MSR_ME) | MSR_HVB); 1311 1312 /* target registers */ 1313 srr0 = SPR_SRR0; 1314 srr1 = SPR_SRR1; 1315 1316 /* 1317 * check for special resume at 0x100 from doze/nap/sleep/winkle on 1318 * P7/P8/P9 1319 */ 1320 if (env->resume_as_sreset) { 1321 excp = powerpc_reset_wakeup(cs, env, excp, &msr); 1322 } 1323 1324 /* 1325 * We don't want to generate a Hypervisor Emulation Assistance 1326 * Interrupt if we don't have HVB in msr_mask (PAPR mode). 1327 */ 1328 if (excp == POWERPC_EXCP_HV_EMU && !(env->msr_mask & MSR_HVB)) { 1329 excp = POWERPC_EXCP_PROGRAM; 1330 } 1331 1332 vector = env->excp_vectors[excp]; 1333 if (vector == (target_ulong)-1ULL) { 1334 cpu_abort(cs, "Raised an exception without defined vector %d\n", 1335 excp); 1336 } 1337 1338 vector |= env->excp_prefix; 1339 1340 switch (excp) { 1341 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 1342 if (msr_me == 0) { 1343 /* 1344 * Machine check exception is not enabled. Enter 1345 * checkstop state. 1346 */ 1347 fprintf(stderr, "Machine check while not allowed. " 1348 "Entering checkstop state\n"); 1349 if (qemu_log_separate()) { 1350 qemu_log("Machine check while not allowed. " 1351 "Entering checkstop state\n"); 1352 } 1353 cs->halted = 1; 1354 cpu_interrupt_exittb(cs); 1355 } 1356 if (env->msr_mask & MSR_HVB) { 1357 /* 1358 * ISA specifies HV, but can be delivered to guest with HV 1359 * clear (e.g., see FWNMI in PAPR). 1360 */ 1361 new_msr |= (target_ulong)MSR_HVB; 1362 } 1363 1364 /* machine check exceptions don't have ME set */ 1365 new_msr &= ~((target_ulong)1 << MSR_ME); 1366 1367 break; 1368 case POWERPC_EXCP_DSI: /* Data storage exception */ 1369 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 1370 break; 1371 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 1372 trace_ppc_excp_isi(msr, env->nip); 1373 msr |= env->error_code; 1374 break; 1375 case POWERPC_EXCP_EXTERNAL: /* External input */ 1376 { 1377 bool lpes0; 1378 1379 /* 1380 * LPES0 is only taken into consideration if we support HV 1381 * mode for this CPU. 1382 */ 1383 if (!env->has_hv_mode) { 1384 break; 1385 } 1386 1387 lpes0 = !!(env->spr[SPR_LPCR] & LPCR_LPES0); 1388 1389 if (!lpes0) { 1390 new_msr |= (target_ulong)MSR_HVB; 1391 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1392 srr0 = SPR_HSRR0; 1393 srr1 = SPR_HSRR1; 1394 } 1395 1396 break; 1397 } 1398 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 1399 /* Get rS/rD and rA from faulting opcode */ 1400 /* 1401 * Note: the opcode fields will not be set properly for a 1402 * direct store load/store, but nobody cares as nobody 1403 * actually uses direct store segments. 1404 */ 1405 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 1406 break; 1407 case POWERPC_EXCP_PROGRAM: /* Program exception */ 1408 switch (env->error_code & ~0xF) { 1409 case POWERPC_EXCP_FP: 1410 if ((msr_fe0 == 0 && msr_fe1 == 0) || msr_fp == 0) { 1411 trace_ppc_excp_fp_ignore(); 1412 powerpc_reset_excp_state(cpu); 1413 return; 1414 } 1415 1416 /* 1417 * FP exceptions always have NIP pointing to the faulting 1418 * instruction, so always use store_next and claim we are 1419 * precise in the MSR. 1420 */ 1421 msr |= 0x00100000; 1422 break; 1423 case POWERPC_EXCP_INVAL: 1424 trace_ppc_excp_inval(env->nip); 1425 msr |= 0x00080000; 1426 break; 1427 case POWERPC_EXCP_PRIV: 1428 msr |= 0x00040000; 1429 break; 1430 case POWERPC_EXCP_TRAP: 1431 msr |= 0x00020000; 1432 break; 1433 default: 1434 /* Should never occur */ 1435 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 1436 env->error_code); 1437 break; 1438 } 1439 break; 1440 case POWERPC_EXCP_SYSCALL: /* System call exception */ 1441 lev = env->error_code; 1442 1443 if ((lev == 1) && cpu->vhyp) { 1444 dump_hcall(env); 1445 } else { 1446 dump_syscall(env); 1447 } 1448 1449 /* 1450 * We need to correct the NIP which in this case is supposed 1451 * to point to the next instruction 1452 */ 1453 env->nip += 4; 1454 1455 /* "PAPR mode" built-in hypercall emulation */ 1456 if ((lev == 1) && books_vhyp_handles_hcall(cpu)) { 1457 PPCVirtualHypervisorClass *vhc = 1458 PPC_VIRTUAL_HYPERVISOR_GET_CLASS(cpu->vhyp); 1459 vhc->hypercall(cpu->vhyp, cpu); 1460 return; 1461 } 1462 if (lev == 1) { 1463 new_msr |= (target_ulong)MSR_HVB; 1464 } 1465 break; 1466 case POWERPC_EXCP_SYSCALL_VECTORED: /* scv exception */ 1467 lev = env->error_code; 1468 dump_syscall(env); 1469 env->nip += 4; 1470 new_msr |= env->msr & ((target_ulong)1 << MSR_EE); 1471 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1472 1473 vector += lev * 0x20; 1474 1475 env->lr = env->nip; 1476 env->ctr = msr; 1477 break; 1478 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 1479 case POWERPC_EXCP_DECR: /* Decrementer exception */ 1480 break; 1481 case POWERPC_EXCP_RESET: /* System reset exception */ 1482 /* A power-saving exception sets ME, otherwise it is unchanged */ 1483 if (msr_pow) { 1484 /* indicate that we resumed from power save mode */ 1485 msr |= 0x10000; 1486 new_msr |= ((target_ulong)1 << MSR_ME); 1487 } 1488 if (env->msr_mask & MSR_HVB) { 1489 /* 1490 * ISA specifies HV, but can be delivered to guest with HV 1491 * clear (e.g., see FWNMI in PAPR, NMI injection in QEMU). 1492 */ 1493 new_msr |= (target_ulong)MSR_HVB; 1494 } else { 1495 if (msr_pow) { 1496 cpu_abort(cs, "Trying to deliver power-saving system reset " 1497 "exception %d with no HV support\n", excp); 1498 } 1499 } 1500 break; 1501 case POWERPC_EXCP_DSEG: /* Data segment exception */ 1502 case POWERPC_EXCP_ISEG: /* Instruction segment exception */ 1503 case POWERPC_EXCP_TRACE: /* Trace exception */ 1504 break; 1505 case POWERPC_EXCP_HISI: /* Hypervisor instruction storage exception */ 1506 msr |= env->error_code; 1507 /* fall through */ 1508 case POWERPC_EXCP_HDECR: /* Hypervisor decrementer exception */ 1509 case POWERPC_EXCP_HDSI: /* Hypervisor data storage exception */ 1510 case POWERPC_EXCP_SDOOR_HV: /* Hypervisor Doorbell interrupt */ 1511 case POWERPC_EXCP_HV_EMU: 1512 case POWERPC_EXCP_HVIRT: /* Hypervisor virtualization */ 1513 srr0 = SPR_HSRR0; 1514 srr1 = SPR_HSRR1; 1515 new_msr |= (target_ulong)MSR_HVB; 1516 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1517 break; 1518 case POWERPC_EXCP_VPU: /* Vector unavailable exception */ 1519 case POWERPC_EXCP_VSXU: /* VSX unavailable exception */ 1520 case POWERPC_EXCP_FU: /* Facility unavailable exception */ 1521 env->spr[SPR_FSCR] |= ((target_ulong)env->error_code << 56); 1522 break; 1523 case POWERPC_EXCP_HV_FU: /* Hypervisor Facility Unavailable Exception */ 1524 env->spr[SPR_HFSCR] |= ((target_ulong)env->error_code << FSCR_IC_POS); 1525 srr0 = SPR_HSRR0; 1526 srr1 = SPR_HSRR1; 1527 new_msr |= (target_ulong)MSR_HVB; 1528 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1529 break; 1530 case POWERPC_EXCP_THERM: /* Thermal interrupt */ 1531 case POWERPC_EXCP_PERFM: /* Embedded performance monitor interrupt */ 1532 case POWERPC_EXCP_VPUA: /* Vector assist exception */ 1533 case POWERPC_EXCP_MAINT: /* Maintenance exception */ 1534 case POWERPC_EXCP_SDOOR: /* Doorbell interrupt */ 1535 case POWERPC_EXCP_HV_MAINT: /* Hypervisor Maintenance exception */ 1536 cpu_abort(cs, "%s exception not implemented\n", 1537 powerpc_excp_name(excp)); 1538 break; 1539 default: 1540 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 1541 break; 1542 } 1543 1544 /* Sanity check */ 1545 if (!(env->msr_mask & MSR_HVB) && srr0 == SPR_HSRR0) { 1546 cpu_abort(cs, "Trying to deliver HV exception (HSRR) %d with " 1547 "no HV support\n", excp); 1548 } 1549 1550 /* 1551 * Sort out endianness of interrupt, this differs depending on the 1552 * CPU, the HV mode, etc... 1553 */ 1554 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 1555 new_msr |= (target_ulong)1 << MSR_LE; 1556 } 1557 1558 new_msr |= (target_ulong)1 << MSR_SF; 1559 1560 if (excp != POWERPC_EXCP_SYSCALL_VECTORED) { 1561 /* Save PC */ 1562 env->spr[srr0] = env->nip; 1563 1564 /* Save MSR */ 1565 env->spr[srr1] = msr; 1566 } 1567 1568 /* This can update new_msr and vector if AIL applies */ 1569 ppc_excp_apply_ail(cpu, excp, msr, &new_msr, &vector); 1570 1571 powerpc_set_excp_state(cpu, vector, new_msr); 1572 } 1573 #else 1574 static inline void powerpc_excp_books(PowerPCCPU *cpu, int excp) 1575 { 1576 g_assert_not_reached(); 1577 } 1578 #endif 1579 1580 static void powerpc_excp(PowerPCCPU *cpu, int excp) 1581 { 1582 CPUState *cs = CPU(cpu); 1583 CPUPPCState *env = &cpu->env; 1584 1585 if (excp <= POWERPC_EXCP_NONE || excp >= POWERPC_EXCP_NB) { 1586 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 1587 } 1588 1589 qemu_log_mask(CPU_LOG_INT, "Raise exception at " TARGET_FMT_lx 1590 " => %s (%d) error=%02x\n", env->nip, powerpc_excp_name(excp), 1591 excp, env->error_code); 1592 1593 switch (env->excp_model) { 1594 case POWERPC_EXCP_40x: 1595 powerpc_excp_40x(cpu, excp); 1596 break; 1597 case POWERPC_EXCP_6xx: 1598 powerpc_excp_6xx(cpu, excp); 1599 break; 1600 case POWERPC_EXCP_7xx: 1601 powerpc_excp_7xx(cpu, excp); 1602 break; 1603 case POWERPC_EXCP_74xx: 1604 powerpc_excp_74xx(cpu, excp); 1605 break; 1606 case POWERPC_EXCP_BOOKE: 1607 powerpc_excp_booke(cpu, excp); 1608 break; 1609 case POWERPC_EXCP_970: 1610 case POWERPC_EXCP_POWER7: 1611 case POWERPC_EXCP_POWER8: 1612 case POWERPC_EXCP_POWER9: 1613 case POWERPC_EXCP_POWER10: 1614 powerpc_excp_books(cpu, excp); 1615 break; 1616 default: 1617 g_assert_not_reached(); 1618 } 1619 } 1620 1621 void ppc_cpu_do_interrupt(CPUState *cs) 1622 { 1623 PowerPCCPU *cpu = POWERPC_CPU(cs); 1624 1625 powerpc_excp(cpu, cs->exception_index); 1626 } 1627 1628 static void ppc_hw_interrupt(CPUPPCState *env) 1629 { 1630 PowerPCCPU *cpu = env_archcpu(env); 1631 bool async_deliver; 1632 1633 /* External reset */ 1634 if (env->pending_interrupts & (1 << PPC_INTERRUPT_RESET)) { 1635 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_RESET); 1636 powerpc_excp(cpu, POWERPC_EXCP_RESET); 1637 return; 1638 } 1639 /* Machine check exception */ 1640 if (env->pending_interrupts & (1 << PPC_INTERRUPT_MCK)) { 1641 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_MCK); 1642 powerpc_excp(cpu, POWERPC_EXCP_MCHECK); 1643 return; 1644 } 1645 #if 0 /* TODO */ 1646 /* External debug exception */ 1647 if (env->pending_interrupts & (1 << PPC_INTERRUPT_DEBUG)) { 1648 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_DEBUG); 1649 powerpc_excp(cpu, POWERPC_EXCP_DEBUG); 1650 return; 1651 } 1652 #endif 1653 1654 /* 1655 * For interrupts that gate on MSR:EE, we need to do something a 1656 * bit more subtle, as we need to let them through even when EE is 1657 * clear when coming out of some power management states (in order 1658 * for them to become a 0x100). 1659 */ 1660 async_deliver = (msr_ee != 0) || env->resume_as_sreset; 1661 1662 /* Hypervisor decrementer exception */ 1663 if (env->pending_interrupts & (1 << PPC_INTERRUPT_HDECR)) { 1664 /* LPCR will be clear when not supported so this will work */ 1665 bool hdice = !!(env->spr[SPR_LPCR] & LPCR_HDICE); 1666 if ((async_deliver || msr_hv == 0) && hdice) { 1667 /* HDEC clears on delivery */ 1668 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_HDECR); 1669 powerpc_excp(cpu, POWERPC_EXCP_HDECR); 1670 return; 1671 } 1672 } 1673 1674 /* Hypervisor virtualization interrupt */ 1675 if (env->pending_interrupts & (1 << PPC_INTERRUPT_HVIRT)) { 1676 /* LPCR will be clear when not supported so this will work */ 1677 bool hvice = !!(env->spr[SPR_LPCR] & LPCR_HVICE); 1678 if ((async_deliver || msr_hv == 0) && hvice) { 1679 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 1680 return; 1681 } 1682 } 1683 1684 /* External interrupt can ignore MSR:EE under some circumstances */ 1685 if (env->pending_interrupts & (1 << PPC_INTERRUPT_EXT)) { 1686 bool lpes0 = !!(env->spr[SPR_LPCR] & LPCR_LPES0); 1687 bool heic = !!(env->spr[SPR_LPCR] & LPCR_HEIC); 1688 /* HEIC blocks delivery to the hypervisor */ 1689 if ((async_deliver && !(heic && msr_hv && !msr_pr)) || 1690 (env->has_hv_mode && msr_hv == 0 && !lpes0)) { 1691 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL); 1692 return; 1693 } 1694 } 1695 if (msr_ce != 0) { 1696 /* External critical interrupt */ 1697 if (env->pending_interrupts & (1 << PPC_INTERRUPT_CEXT)) { 1698 powerpc_excp(cpu, POWERPC_EXCP_CRITICAL); 1699 return; 1700 } 1701 } 1702 if (async_deliver != 0) { 1703 /* Watchdog timer on embedded PowerPC */ 1704 if (env->pending_interrupts & (1 << PPC_INTERRUPT_WDT)) { 1705 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_WDT); 1706 powerpc_excp(cpu, POWERPC_EXCP_WDT); 1707 return; 1708 } 1709 if (env->pending_interrupts & (1 << PPC_INTERRUPT_CDOORBELL)) { 1710 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_CDOORBELL); 1711 powerpc_excp(cpu, POWERPC_EXCP_DOORCI); 1712 return; 1713 } 1714 /* Fixed interval timer on embedded PowerPC */ 1715 if (env->pending_interrupts & (1 << PPC_INTERRUPT_FIT)) { 1716 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_FIT); 1717 powerpc_excp(cpu, POWERPC_EXCP_FIT); 1718 return; 1719 } 1720 /* Programmable interval timer on embedded PowerPC */ 1721 if (env->pending_interrupts & (1 << PPC_INTERRUPT_PIT)) { 1722 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_PIT); 1723 powerpc_excp(cpu, POWERPC_EXCP_PIT); 1724 return; 1725 } 1726 /* Decrementer exception */ 1727 if (env->pending_interrupts & (1 << PPC_INTERRUPT_DECR)) { 1728 if (ppc_decr_clear_on_delivery(env)) { 1729 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_DECR); 1730 } 1731 powerpc_excp(cpu, POWERPC_EXCP_DECR); 1732 return; 1733 } 1734 if (env->pending_interrupts & (1 << PPC_INTERRUPT_DOORBELL)) { 1735 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_DOORBELL); 1736 if (is_book3s_arch2x(env)) { 1737 powerpc_excp(cpu, POWERPC_EXCP_SDOOR); 1738 } else { 1739 powerpc_excp(cpu, POWERPC_EXCP_DOORI); 1740 } 1741 return; 1742 } 1743 if (env->pending_interrupts & (1 << PPC_INTERRUPT_HDOORBELL)) { 1744 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_HDOORBELL); 1745 powerpc_excp(cpu, POWERPC_EXCP_SDOOR_HV); 1746 return; 1747 } 1748 if (env->pending_interrupts & (1 << PPC_INTERRUPT_PERFM)) { 1749 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_PERFM); 1750 powerpc_excp(cpu, POWERPC_EXCP_PERFM); 1751 return; 1752 } 1753 /* Thermal interrupt */ 1754 if (env->pending_interrupts & (1 << PPC_INTERRUPT_THERM)) { 1755 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_THERM); 1756 powerpc_excp(cpu, POWERPC_EXCP_THERM); 1757 return; 1758 } 1759 } 1760 1761 if (env->resume_as_sreset) { 1762 /* 1763 * This is a bug ! It means that has_work took us out of halt without 1764 * anything to deliver while in a PM state that requires getting 1765 * out via a 0x100 1766 * 1767 * This means we will incorrectly execute past the power management 1768 * instruction instead of triggering a reset. 1769 * 1770 * It generally means a discrepancy between the wakeup conditions in the 1771 * processor has_work implementation and the logic in this function. 1772 */ 1773 cpu_abort(env_cpu(env), 1774 "Wakeup from PM state but interrupt Undelivered"); 1775 } 1776 } 1777 1778 void ppc_cpu_do_system_reset(CPUState *cs) 1779 { 1780 PowerPCCPU *cpu = POWERPC_CPU(cs); 1781 1782 powerpc_excp(cpu, POWERPC_EXCP_RESET); 1783 } 1784 1785 void ppc_cpu_do_fwnmi_machine_check(CPUState *cs, target_ulong vector) 1786 { 1787 PowerPCCPU *cpu = POWERPC_CPU(cs); 1788 CPUPPCState *env = &cpu->env; 1789 target_ulong msr = 0; 1790 1791 /* 1792 * Set MSR and NIP for the handler, SRR0/1, DAR and DSISR have already 1793 * been set by KVM. 1794 */ 1795 msr = (1ULL << MSR_ME); 1796 msr |= env->msr & (1ULL << MSR_SF); 1797 if (ppc_interrupts_little_endian(cpu, false)) { 1798 msr |= (1ULL << MSR_LE); 1799 } 1800 1801 powerpc_set_excp_state(cpu, vector, msr); 1802 } 1803 1804 bool ppc_cpu_exec_interrupt(CPUState *cs, int interrupt_request) 1805 { 1806 PowerPCCPU *cpu = POWERPC_CPU(cs); 1807 CPUPPCState *env = &cpu->env; 1808 1809 if (interrupt_request & CPU_INTERRUPT_HARD) { 1810 ppc_hw_interrupt(env); 1811 if (env->pending_interrupts == 0) { 1812 cs->interrupt_request &= ~CPU_INTERRUPT_HARD; 1813 } 1814 return true; 1815 } 1816 return false; 1817 } 1818 1819 #endif /* !CONFIG_USER_ONLY */ 1820 1821 /*****************************************************************************/ 1822 /* Exceptions processing helpers */ 1823 1824 void raise_exception_err_ra(CPUPPCState *env, uint32_t exception, 1825 uint32_t error_code, uintptr_t raddr) 1826 { 1827 CPUState *cs = env_cpu(env); 1828 1829 cs->exception_index = exception; 1830 env->error_code = error_code; 1831 cpu_loop_exit_restore(cs, raddr); 1832 } 1833 1834 void raise_exception_err(CPUPPCState *env, uint32_t exception, 1835 uint32_t error_code) 1836 { 1837 raise_exception_err_ra(env, exception, error_code, 0); 1838 } 1839 1840 void raise_exception(CPUPPCState *env, uint32_t exception) 1841 { 1842 raise_exception_err_ra(env, exception, 0, 0); 1843 } 1844 1845 void raise_exception_ra(CPUPPCState *env, uint32_t exception, 1846 uintptr_t raddr) 1847 { 1848 raise_exception_err_ra(env, exception, 0, raddr); 1849 } 1850 1851 #ifdef CONFIG_TCG 1852 void helper_raise_exception_err(CPUPPCState *env, uint32_t exception, 1853 uint32_t error_code) 1854 { 1855 raise_exception_err_ra(env, exception, error_code, 0); 1856 } 1857 1858 void helper_raise_exception(CPUPPCState *env, uint32_t exception) 1859 { 1860 raise_exception_err_ra(env, exception, 0, 0); 1861 } 1862 #endif 1863 1864 #if !defined(CONFIG_USER_ONLY) 1865 #ifdef CONFIG_TCG 1866 void helper_store_msr(CPUPPCState *env, target_ulong val) 1867 { 1868 uint32_t excp = hreg_store_msr(env, val, 0); 1869 1870 if (excp != 0) { 1871 CPUState *cs = env_cpu(env); 1872 cpu_interrupt_exittb(cs); 1873 raise_exception(env, excp); 1874 } 1875 } 1876 1877 #if defined(TARGET_PPC64) 1878 void helper_scv(CPUPPCState *env, uint32_t lev) 1879 { 1880 if (env->spr[SPR_FSCR] & (1ull << FSCR_SCV)) { 1881 raise_exception_err(env, POWERPC_EXCP_SYSCALL_VECTORED, lev); 1882 } else { 1883 raise_exception_err(env, POWERPC_EXCP_FU, FSCR_IC_SCV); 1884 } 1885 } 1886 1887 void helper_pminsn(CPUPPCState *env, powerpc_pm_insn_t insn) 1888 { 1889 CPUState *cs; 1890 1891 cs = env_cpu(env); 1892 cs->halted = 1; 1893 1894 /* Condition for waking up at 0x100 */ 1895 env->resume_as_sreset = (insn != PPC_PM_STOP) || 1896 (env->spr[SPR_PSSCR] & PSSCR_EC); 1897 } 1898 #endif /* defined(TARGET_PPC64) */ 1899 1900 static void do_rfi(CPUPPCState *env, target_ulong nip, target_ulong msr) 1901 { 1902 CPUState *cs = env_cpu(env); 1903 1904 /* MSR:POW cannot be set by any form of rfi */ 1905 msr &= ~(1ULL << MSR_POW); 1906 1907 /* MSR:TGPR cannot be set by any form of rfi */ 1908 if (env->flags & POWERPC_FLAG_TGPR) 1909 msr &= ~(1ULL << MSR_TGPR); 1910 1911 #if defined(TARGET_PPC64) 1912 /* Switching to 32-bit ? Crop the nip */ 1913 if (!msr_is_64bit(env, msr)) { 1914 nip = (uint32_t)nip; 1915 } 1916 #else 1917 nip = (uint32_t)nip; 1918 #endif 1919 /* XXX: beware: this is false if VLE is supported */ 1920 env->nip = nip & ~((target_ulong)0x00000003); 1921 hreg_store_msr(env, msr, 1); 1922 trace_ppc_excp_rfi(env->nip, env->msr); 1923 /* 1924 * No need to raise an exception here, as rfi is always the last 1925 * insn of a TB 1926 */ 1927 cpu_interrupt_exittb(cs); 1928 /* Reset the reservation */ 1929 env->reserve_addr = -1; 1930 1931 /* Context synchronizing: check if TCG TLB needs flush */ 1932 check_tlb_flush(env, false); 1933 } 1934 1935 void helper_rfi(CPUPPCState *env) 1936 { 1937 do_rfi(env, env->spr[SPR_SRR0], env->spr[SPR_SRR1] & 0xfffffffful); 1938 } 1939 1940 #define MSR_BOOK3S_MASK 1941 #if defined(TARGET_PPC64) 1942 void helper_rfid(CPUPPCState *env) 1943 { 1944 /* 1945 * The architecture defines a number of rules for which bits can 1946 * change but in practice, we handle this in hreg_store_msr() 1947 * which will be called by do_rfi(), so there is no need to filter 1948 * here 1949 */ 1950 do_rfi(env, env->spr[SPR_SRR0], env->spr[SPR_SRR1]); 1951 } 1952 1953 void helper_rfscv(CPUPPCState *env) 1954 { 1955 do_rfi(env, env->lr, env->ctr); 1956 } 1957 1958 void helper_hrfid(CPUPPCState *env) 1959 { 1960 do_rfi(env, env->spr[SPR_HSRR0], env->spr[SPR_HSRR1]); 1961 } 1962 #endif 1963 1964 #if defined(TARGET_PPC64) && !defined(CONFIG_USER_ONLY) 1965 void helper_rfebb(CPUPPCState *env, target_ulong s) 1966 { 1967 target_ulong msr = env->msr; 1968 1969 /* 1970 * Handling of BESCR bits 32:33 according to PowerISA v3.1: 1971 * 1972 * "If BESCR 32:33 != 0b00 the instruction is treated as if 1973 * the instruction form were invalid." 1974 */ 1975 if (env->spr[SPR_BESCR] & BESCR_INVALID) { 1976 raise_exception_err(env, POWERPC_EXCP_PROGRAM, 1977 POWERPC_EXCP_INVAL | POWERPC_EXCP_INVAL_INVAL); 1978 } 1979 1980 env->nip = env->spr[SPR_EBBRR]; 1981 1982 /* Switching to 32-bit ? Crop the nip */ 1983 if (!msr_is_64bit(env, msr)) { 1984 env->nip = (uint32_t)env->spr[SPR_EBBRR]; 1985 } 1986 1987 if (s) { 1988 env->spr[SPR_BESCR] |= BESCR_GE; 1989 } else { 1990 env->spr[SPR_BESCR] &= ~BESCR_GE; 1991 } 1992 } 1993 #endif 1994 1995 /*****************************************************************************/ 1996 /* Embedded PowerPC specific helpers */ 1997 void helper_40x_rfci(CPUPPCState *env) 1998 { 1999 do_rfi(env, env->spr[SPR_40x_SRR2], env->spr[SPR_40x_SRR3]); 2000 } 2001 2002 void helper_rfci(CPUPPCState *env) 2003 { 2004 do_rfi(env, env->spr[SPR_BOOKE_CSRR0], env->spr[SPR_BOOKE_CSRR1]); 2005 } 2006 2007 void helper_rfdi(CPUPPCState *env) 2008 { 2009 /* FIXME: choose CSRR1 or DSRR1 based on cpu type */ 2010 do_rfi(env, env->spr[SPR_BOOKE_DSRR0], env->spr[SPR_BOOKE_DSRR1]); 2011 } 2012 2013 void helper_rfmci(CPUPPCState *env) 2014 { 2015 /* FIXME: choose CSRR1 or MCSRR1 based on cpu type */ 2016 do_rfi(env, env->spr[SPR_BOOKE_MCSRR0], env->spr[SPR_BOOKE_MCSRR1]); 2017 } 2018 #endif /* CONFIG_TCG */ 2019 #endif /* !defined(CONFIG_USER_ONLY) */ 2020 2021 #ifdef CONFIG_TCG 2022 void helper_tw(CPUPPCState *env, target_ulong arg1, target_ulong arg2, 2023 uint32_t flags) 2024 { 2025 if (!likely(!(((int32_t)arg1 < (int32_t)arg2 && (flags & 0x10)) || 2026 ((int32_t)arg1 > (int32_t)arg2 && (flags & 0x08)) || 2027 ((int32_t)arg1 == (int32_t)arg2 && (flags & 0x04)) || 2028 ((uint32_t)arg1 < (uint32_t)arg2 && (flags & 0x02)) || 2029 ((uint32_t)arg1 > (uint32_t)arg2 && (flags & 0x01))))) { 2030 raise_exception_err_ra(env, POWERPC_EXCP_PROGRAM, 2031 POWERPC_EXCP_TRAP, GETPC()); 2032 } 2033 } 2034 2035 #if defined(TARGET_PPC64) 2036 void helper_td(CPUPPCState *env, target_ulong arg1, target_ulong arg2, 2037 uint32_t flags) 2038 { 2039 if (!likely(!(((int64_t)arg1 < (int64_t)arg2 && (flags & 0x10)) || 2040 ((int64_t)arg1 > (int64_t)arg2 && (flags & 0x08)) || 2041 ((int64_t)arg1 == (int64_t)arg2 && (flags & 0x04)) || 2042 ((uint64_t)arg1 < (uint64_t)arg2 && (flags & 0x02)) || 2043 ((uint64_t)arg1 > (uint64_t)arg2 && (flags & 0x01))))) { 2044 raise_exception_err_ra(env, POWERPC_EXCP_PROGRAM, 2045 POWERPC_EXCP_TRAP, GETPC()); 2046 } 2047 } 2048 #endif 2049 #endif 2050 2051 #if !defined(CONFIG_USER_ONLY) 2052 2053 #ifdef CONFIG_TCG 2054 2055 /* Embedded.Processor Control */ 2056 static int dbell2irq(target_ulong rb) 2057 { 2058 int msg = rb & DBELL_TYPE_MASK; 2059 int irq = -1; 2060 2061 switch (msg) { 2062 case DBELL_TYPE_DBELL: 2063 irq = PPC_INTERRUPT_DOORBELL; 2064 break; 2065 case DBELL_TYPE_DBELL_CRIT: 2066 irq = PPC_INTERRUPT_CDOORBELL; 2067 break; 2068 case DBELL_TYPE_G_DBELL: 2069 case DBELL_TYPE_G_DBELL_CRIT: 2070 case DBELL_TYPE_G_DBELL_MC: 2071 /* XXX implement */ 2072 default: 2073 break; 2074 } 2075 2076 return irq; 2077 } 2078 2079 void helper_msgclr(CPUPPCState *env, target_ulong rb) 2080 { 2081 int irq = dbell2irq(rb); 2082 2083 if (irq < 0) { 2084 return; 2085 } 2086 2087 env->pending_interrupts &= ~(1 << irq); 2088 } 2089 2090 void helper_msgsnd(target_ulong rb) 2091 { 2092 int irq = dbell2irq(rb); 2093 int pir = rb & DBELL_PIRTAG_MASK; 2094 CPUState *cs; 2095 2096 if (irq < 0) { 2097 return; 2098 } 2099 2100 qemu_mutex_lock_iothread(); 2101 CPU_FOREACH(cs) { 2102 PowerPCCPU *cpu = POWERPC_CPU(cs); 2103 CPUPPCState *cenv = &cpu->env; 2104 2105 if ((rb & DBELL_BRDCAST) || (cenv->spr[SPR_BOOKE_PIR] == pir)) { 2106 cenv->pending_interrupts |= 1 << irq; 2107 cpu_interrupt(cs, CPU_INTERRUPT_HARD); 2108 } 2109 } 2110 qemu_mutex_unlock_iothread(); 2111 } 2112 2113 /* Server Processor Control */ 2114 2115 static bool dbell_type_server(target_ulong rb) 2116 { 2117 /* 2118 * A Directed Hypervisor Doorbell message is sent only if the 2119 * message type is 5. All other types are reserved and the 2120 * instruction is a no-op 2121 */ 2122 return (rb & DBELL_TYPE_MASK) == DBELL_TYPE_DBELL_SERVER; 2123 } 2124 2125 void helper_book3s_msgclr(CPUPPCState *env, target_ulong rb) 2126 { 2127 if (!dbell_type_server(rb)) { 2128 return; 2129 } 2130 2131 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_HDOORBELL); 2132 } 2133 2134 static void book3s_msgsnd_common(int pir, int irq) 2135 { 2136 CPUState *cs; 2137 2138 qemu_mutex_lock_iothread(); 2139 CPU_FOREACH(cs) { 2140 PowerPCCPU *cpu = POWERPC_CPU(cs); 2141 CPUPPCState *cenv = &cpu->env; 2142 2143 /* TODO: broadcast message to all threads of the same processor */ 2144 if (cenv->spr_cb[SPR_PIR].default_value == pir) { 2145 cenv->pending_interrupts |= 1 << irq; 2146 cpu_interrupt(cs, CPU_INTERRUPT_HARD); 2147 } 2148 } 2149 qemu_mutex_unlock_iothread(); 2150 } 2151 2152 void helper_book3s_msgsnd(target_ulong rb) 2153 { 2154 int pir = rb & DBELL_PROCIDTAG_MASK; 2155 2156 if (!dbell_type_server(rb)) { 2157 return; 2158 } 2159 2160 book3s_msgsnd_common(pir, PPC_INTERRUPT_HDOORBELL); 2161 } 2162 2163 #if defined(TARGET_PPC64) 2164 void helper_book3s_msgclrp(CPUPPCState *env, target_ulong rb) 2165 { 2166 helper_hfscr_facility_check(env, HFSCR_MSGP, "msgclrp", HFSCR_IC_MSGP); 2167 2168 if (!dbell_type_server(rb)) { 2169 return; 2170 } 2171 2172 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_DOORBELL); 2173 } 2174 2175 /* 2176 * sends a message to other threads that are on the same 2177 * multi-threaded processor 2178 */ 2179 void helper_book3s_msgsndp(CPUPPCState *env, target_ulong rb) 2180 { 2181 int pir = env->spr_cb[SPR_PIR].default_value; 2182 2183 helper_hfscr_facility_check(env, HFSCR_MSGP, "msgsndp", HFSCR_IC_MSGP); 2184 2185 if (!dbell_type_server(rb)) { 2186 return; 2187 } 2188 2189 /* TODO: TCG supports only one thread */ 2190 2191 book3s_msgsnd_common(pir, PPC_INTERRUPT_DOORBELL); 2192 } 2193 #endif /* TARGET_PPC64 */ 2194 2195 void ppc_cpu_do_unaligned_access(CPUState *cs, vaddr vaddr, 2196 MMUAccessType access_type, 2197 int mmu_idx, uintptr_t retaddr) 2198 { 2199 CPUPPCState *env = cs->env_ptr; 2200 uint32_t insn; 2201 2202 /* Restore state and reload the insn we executed, for filling in DSISR. */ 2203 cpu_restore_state(cs, retaddr, true); 2204 insn = cpu_ldl_code(env, env->nip); 2205 2206 switch (env->mmu_model) { 2207 case POWERPC_MMU_SOFT_4xx: 2208 env->spr[SPR_40x_DEAR] = vaddr; 2209 break; 2210 case POWERPC_MMU_BOOKE: 2211 case POWERPC_MMU_BOOKE206: 2212 env->spr[SPR_BOOKE_DEAR] = vaddr; 2213 break; 2214 default: 2215 env->spr[SPR_DAR] = vaddr; 2216 break; 2217 } 2218 2219 cs->exception_index = POWERPC_EXCP_ALIGN; 2220 env->error_code = insn & 0x03FF0000; 2221 cpu_loop_exit(cs); 2222 } 2223 #endif /* CONFIG_TCG */ 2224 #endif /* !CONFIG_USER_ONLY */ 2225