1 /* 2 * PowerPC exception emulation helpers for QEMU. 3 * 4 * Copyright (c) 2003-2007 Jocelyn Mayer 5 * 6 * This library is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU Lesser General Public 8 * License as published by the Free Software Foundation; either 9 * version 2.1 of the License, or (at your option) any later version. 10 * 11 * This library is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 * Lesser General Public License for more details. 15 * 16 * You should have received a copy of the GNU Lesser General Public 17 * License along with this library; if not, see <http://www.gnu.org/licenses/>. 18 */ 19 #include "qemu/osdep.h" 20 #include "qemu/main-loop.h" 21 #include "cpu.h" 22 #include "exec/exec-all.h" 23 #include "internal.h" 24 #include "helper_regs.h" 25 26 #include "trace.h" 27 28 #ifdef CONFIG_TCG 29 #include "exec/helper-proto.h" 30 #include "exec/cpu_ldst.h" 31 #endif 32 33 /*****************************************************************************/ 34 /* Exception processing */ 35 #if !defined(CONFIG_USER_ONLY) 36 37 static const char *powerpc_excp_name(int excp) 38 { 39 switch (excp) { 40 case POWERPC_EXCP_CRITICAL: return "CRITICAL"; 41 case POWERPC_EXCP_MCHECK: return "MCHECK"; 42 case POWERPC_EXCP_DSI: return "DSI"; 43 case POWERPC_EXCP_ISI: return "ISI"; 44 case POWERPC_EXCP_EXTERNAL: return "EXTERNAL"; 45 case POWERPC_EXCP_ALIGN: return "ALIGN"; 46 case POWERPC_EXCP_PROGRAM: return "PROGRAM"; 47 case POWERPC_EXCP_FPU: return "FPU"; 48 case POWERPC_EXCP_SYSCALL: return "SYSCALL"; 49 case POWERPC_EXCP_APU: return "APU"; 50 case POWERPC_EXCP_DECR: return "DECR"; 51 case POWERPC_EXCP_FIT: return "FIT"; 52 case POWERPC_EXCP_WDT: return "WDT"; 53 case POWERPC_EXCP_DTLB: return "DTLB"; 54 case POWERPC_EXCP_ITLB: return "ITLB"; 55 case POWERPC_EXCP_DEBUG: return "DEBUG"; 56 case POWERPC_EXCP_SPEU: return "SPEU"; 57 case POWERPC_EXCP_EFPDI: return "EFPDI"; 58 case POWERPC_EXCP_EFPRI: return "EFPRI"; 59 case POWERPC_EXCP_EPERFM: return "EPERFM"; 60 case POWERPC_EXCP_DOORI: return "DOORI"; 61 case POWERPC_EXCP_DOORCI: return "DOORCI"; 62 case POWERPC_EXCP_GDOORI: return "GDOORI"; 63 case POWERPC_EXCP_GDOORCI: return "GDOORCI"; 64 case POWERPC_EXCP_HYPPRIV: return "HYPPRIV"; 65 case POWERPC_EXCP_RESET: return "RESET"; 66 case POWERPC_EXCP_DSEG: return "DSEG"; 67 case POWERPC_EXCP_ISEG: return "ISEG"; 68 case POWERPC_EXCP_HDECR: return "HDECR"; 69 case POWERPC_EXCP_TRACE: return "TRACE"; 70 case POWERPC_EXCP_HDSI: return "HDSI"; 71 case POWERPC_EXCP_HISI: return "HISI"; 72 case POWERPC_EXCP_HDSEG: return "HDSEG"; 73 case POWERPC_EXCP_HISEG: return "HISEG"; 74 case POWERPC_EXCP_VPU: return "VPU"; 75 case POWERPC_EXCP_PIT: return "PIT"; 76 case POWERPC_EXCP_EMUL: return "EMUL"; 77 case POWERPC_EXCP_IFTLB: return "IFTLB"; 78 case POWERPC_EXCP_DLTLB: return "DLTLB"; 79 case POWERPC_EXCP_DSTLB: return "DSTLB"; 80 case POWERPC_EXCP_FPA: return "FPA"; 81 case POWERPC_EXCP_DABR: return "DABR"; 82 case POWERPC_EXCP_IABR: return "IABR"; 83 case POWERPC_EXCP_SMI: return "SMI"; 84 case POWERPC_EXCP_PERFM: return "PERFM"; 85 case POWERPC_EXCP_THERM: return "THERM"; 86 case POWERPC_EXCP_VPUA: return "VPUA"; 87 case POWERPC_EXCP_SOFTP: return "SOFTP"; 88 case POWERPC_EXCP_MAINT: return "MAINT"; 89 case POWERPC_EXCP_MEXTBR: return "MEXTBR"; 90 case POWERPC_EXCP_NMEXTBR: return "NMEXTBR"; 91 case POWERPC_EXCP_ITLBE: return "ITLBE"; 92 case POWERPC_EXCP_DTLBE: return "DTLBE"; 93 case POWERPC_EXCP_VSXU: return "VSXU"; 94 case POWERPC_EXCP_FU: return "FU"; 95 case POWERPC_EXCP_HV_EMU: return "HV_EMU"; 96 case POWERPC_EXCP_HV_MAINT: return "HV_MAINT"; 97 case POWERPC_EXCP_HV_FU: return "HV_FU"; 98 case POWERPC_EXCP_SDOOR: return "SDOOR"; 99 case POWERPC_EXCP_SDOOR_HV: return "SDOOR_HV"; 100 case POWERPC_EXCP_HVIRT: return "HVIRT"; 101 case POWERPC_EXCP_SYSCALL_VECTORED: return "SYSCALL_VECTORED"; 102 default: 103 g_assert_not_reached(); 104 } 105 } 106 107 static void dump_syscall(CPUPPCState *env) 108 { 109 qemu_log_mask(CPU_LOG_INT, "syscall r0=%016" PRIx64 110 " r3=%016" PRIx64 " r4=%016" PRIx64 " r5=%016" PRIx64 111 " r6=%016" PRIx64 " r7=%016" PRIx64 " r8=%016" PRIx64 112 " nip=" TARGET_FMT_lx "\n", 113 ppc_dump_gpr(env, 0), ppc_dump_gpr(env, 3), 114 ppc_dump_gpr(env, 4), ppc_dump_gpr(env, 5), 115 ppc_dump_gpr(env, 6), ppc_dump_gpr(env, 7), 116 ppc_dump_gpr(env, 8), env->nip); 117 } 118 119 static void dump_hcall(CPUPPCState *env) 120 { 121 qemu_log_mask(CPU_LOG_INT, "hypercall r3=%016" PRIx64 122 " r4=%016" PRIx64 " r5=%016" PRIx64 " r6=%016" PRIx64 123 " r7=%016" PRIx64 " r8=%016" PRIx64 " r9=%016" PRIx64 124 " r10=%016" PRIx64 " r11=%016" PRIx64 " r12=%016" PRIx64 125 " nip=" TARGET_FMT_lx "\n", 126 ppc_dump_gpr(env, 3), ppc_dump_gpr(env, 4), 127 ppc_dump_gpr(env, 5), ppc_dump_gpr(env, 6), 128 ppc_dump_gpr(env, 7), ppc_dump_gpr(env, 8), 129 ppc_dump_gpr(env, 9), ppc_dump_gpr(env, 10), 130 ppc_dump_gpr(env, 11), ppc_dump_gpr(env, 12), 131 env->nip); 132 } 133 134 static void ppc_excp_debug_sw_tlb(CPUPPCState *env, int excp) 135 { 136 const char *es; 137 target_ulong *miss, *cmp; 138 int en; 139 140 if (!qemu_loglevel_mask(CPU_LOG_MMU)) { 141 return; 142 } 143 144 if (excp == POWERPC_EXCP_IFTLB) { 145 es = "I"; 146 en = 'I'; 147 miss = &env->spr[SPR_IMISS]; 148 cmp = &env->spr[SPR_ICMP]; 149 } else { 150 if (excp == POWERPC_EXCP_DLTLB) { 151 es = "DL"; 152 } else { 153 es = "DS"; 154 } 155 en = 'D'; 156 miss = &env->spr[SPR_DMISS]; 157 cmp = &env->spr[SPR_DCMP]; 158 } 159 qemu_log("6xx %sTLB miss: %cM " TARGET_FMT_lx " %cC " 160 TARGET_FMT_lx " H1 " TARGET_FMT_lx " H2 " 161 TARGET_FMT_lx " %08x\n", es, en, *miss, en, *cmp, 162 env->spr[SPR_HASH1], env->spr[SPR_HASH2], 163 env->error_code); 164 } 165 166 #if defined(TARGET_PPC64) 167 static int powerpc_reset_wakeup(CPUState *cs, CPUPPCState *env, int excp, 168 target_ulong *msr) 169 { 170 /* We no longer are in a PM state */ 171 env->resume_as_sreset = false; 172 173 /* Pretend to be returning from doze always as we don't lose state */ 174 *msr |= SRR1_WS_NOLOSS; 175 176 /* Machine checks are sent normally */ 177 if (excp == POWERPC_EXCP_MCHECK) { 178 return excp; 179 } 180 switch (excp) { 181 case POWERPC_EXCP_RESET: 182 *msr |= SRR1_WAKERESET; 183 break; 184 case POWERPC_EXCP_EXTERNAL: 185 *msr |= SRR1_WAKEEE; 186 break; 187 case POWERPC_EXCP_DECR: 188 *msr |= SRR1_WAKEDEC; 189 break; 190 case POWERPC_EXCP_SDOOR: 191 *msr |= SRR1_WAKEDBELL; 192 break; 193 case POWERPC_EXCP_SDOOR_HV: 194 *msr |= SRR1_WAKEHDBELL; 195 break; 196 case POWERPC_EXCP_HV_MAINT: 197 *msr |= SRR1_WAKEHMI; 198 break; 199 case POWERPC_EXCP_HVIRT: 200 *msr |= SRR1_WAKEHVI; 201 break; 202 default: 203 cpu_abort(cs, "Unsupported exception %d in Power Save mode\n", 204 excp); 205 } 206 return POWERPC_EXCP_RESET; 207 } 208 209 /* 210 * AIL - Alternate Interrupt Location, a mode that allows interrupts to be 211 * taken with the MMU on, and which uses an alternate location (e.g., so the 212 * kernel/hv can map the vectors there with an effective address). 213 * 214 * An interrupt is considered to be taken "with AIL" or "AIL applies" if they 215 * are delivered in this way. AIL requires the LPCR to be set to enable this 216 * mode, and then a number of conditions have to be true for AIL to apply. 217 * 218 * First of all, SRESET, MCE, and HMI are always delivered without AIL, because 219 * they specifically want to be in real mode (e.g., the MCE might be signaling 220 * a SLB multi-hit which requires SLB flush before the MMU can be enabled). 221 * 222 * After that, behaviour depends on the current MSR[IR], MSR[DR], MSR[HV], 223 * whether or not the interrupt changes MSR[HV] from 0 to 1, and the current 224 * radix mode (LPCR[HR]). 225 * 226 * POWER8, POWER9 with LPCR[HR]=0 227 * | LPCR[AIL] | MSR[IR||DR] | MSR[HV] | new MSR[HV] | AIL | 228 * +-----------+-------------+---------+-------------+-----+ 229 * | a | 00/01/10 | x | x | 0 | 230 * | a | 11 | 0 | 1 | 0 | 231 * | a | 11 | 1 | 1 | a | 232 * | a | 11 | 0 | 0 | a | 233 * +-------------------------------------------------------+ 234 * 235 * POWER9 with LPCR[HR]=1 236 * | LPCR[AIL] | MSR[IR||DR] | MSR[HV] | new MSR[HV] | AIL | 237 * +-----------+-------------+---------+-------------+-----+ 238 * | a | 00/01/10 | x | x | 0 | 239 * | a | 11 | x | x | a | 240 * +-------------------------------------------------------+ 241 * 242 * The difference with POWER9 being that MSR[HV] 0->1 interrupts can be sent to 243 * the hypervisor in AIL mode if the guest is radix. This is good for 244 * performance but allows the guest to influence the AIL of hypervisor 245 * interrupts using its MSR, and also the hypervisor must disallow guest 246 * interrupts (MSR[HV] 0->0) from using AIL if the hypervisor does not want to 247 * use AIL for its MSR[HV] 0->1 interrupts. 248 * 249 * POWER10 addresses those issues with a new LPCR[HAIL] bit that is applied to 250 * interrupts that begin execution with MSR[HV]=1 (so both MSR[HV] 0->1 and 251 * MSR[HV] 1->1). 252 * 253 * HAIL=1 is equivalent to AIL=3, for interrupts delivered with MSR[HV]=1. 254 * 255 * POWER10 behaviour is 256 * | LPCR[AIL] | LPCR[HAIL] | MSR[IR||DR] | MSR[HV] | new MSR[HV] | AIL | 257 * +-----------+------------+-------------+---------+-------------+-----+ 258 * | a | h | 00/01/10 | 0 | 0 | 0 | 259 * | a | h | 11 | 0 | 0 | a | 260 * | a | h | x | 0 | 1 | h | 261 * | a | h | 00/01/10 | 1 | 1 | 0 | 262 * | a | h | 11 | 1 | 1 | h | 263 * +--------------------------------------------------------------------+ 264 */ 265 static void ppc_excp_apply_ail(PowerPCCPU *cpu, int excp_model, int excp, 266 target_ulong msr, 267 target_ulong *new_msr, 268 target_ulong *vector) 269 { 270 CPUPPCState *env = &cpu->env; 271 bool mmu_all_on = ((msr >> MSR_IR) & 1) && ((msr >> MSR_DR) & 1); 272 bool hv_escalation = !(msr & MSR_HVB) && (*new_msr & MSR_HVB); 273 int ail = 0; 274 275 if (excp == POWERPC_EXCP_MCHECK || 276 excp == POWERPC_EXCP_RESET || 277 excp == POWERPC_EXCP_HV_MAINT) { 278 /* SRESET, MCE, HMI never apply AIL */ 279 return; 280 } 281 282 if (excp_model == POWERPC_EXCP_POWER8 || 283 excp_model == POWERPC_EXCP_POWER9) { 284 if (!mmu_all_on) { 285 /* AIL only works if MSR[IR] and MSR[DR] are both enabled. */ 286 return; 287 } 288 if (hv_escalation && !(env->spr[SPR_LPCR] & LPCR_HR)) { 289 /* 290 * AIL does not work if there is a MSR[HV] 0->1 transition and the 291 * partition is in HPT mode. For radix guests, such interrupts are 292 * allowed to be delivered to the hypervisor in ail mode. 293 */ 294 return; 295 } 296 297 ail = (env->spr[SPR_LPCR] & LPCR_AIL) >> LPCR_AIL_SHIFT; 298 if (ail == 0) { 299 return; 300 } 301 if (ail == 1) { 302 /* AIL=1 is reserved, treat it like AIL=0 */ 303 return; 304 } 305 306 } else if (excp_model == POWERPC_EXCP_POWER10) { 307 if (!mmu_all_on && !hv_escalation) { 308 /* 309 * AIL works for HV interrupts even with guest MSR[IR/DR] disabled. 310 * Guest->guest and HV->HV interrupts do require MMU on. 311 */ 312 return; 313 } 314 315 if (*new_msr & MSR_HVB) { 316 if (!(env->spr[SPR_LPCR] & LPCR_HAIL)) { 317 /* HV interrupts depend on LPCR[HAIL] */ 318 return; 319 } 320 ail = 3; /* HAIL=1 gives AIL=3 behaviour for HV interrupts */ 321 } else { 322 ail = (env->spr[SPR_LPCR] & LPCR_AIL) >> LPCR_AIL_SHIFT; 323 } 324 if (ail == 0) { 325 return; 326 } 327 if (ail == 1 || ail == 2) { 328 /* AIL=1 and AIL=2 are reserved, treat them like AIL=0 */ 329 return; 330 } 331 } else { 332 /* Other processors do not support AIL */ 333 return; 334 } 335 336 /* 337 * AIL applies, so the new MSR gets IR and DR set, and an offset applied 338 * to the new IP. 339 */ 340 *new_msr |= (1 << MSR_IR) | (1 << MSR_DR); 341 342 if (excp != POWERPC_EXCP_SYSCALL_VECTORED) { 343 if (ail == 2) { 344 *vector |= 0x0000000000018000ull; 345 } else if (ail == 3) { 346 *vector |= 0xc000000000004000ull; 347 } 348 } else { 349 /* 350 * scv AIL is a little different. AIL=2 does not change the address, 351 * only the MSR. AIL=3 replaces the 0x17000 base with 0xc...3000. 352 */ 353 if (ail == 3) { 354 *vector &= ~0x0000000000017000ull; /* Un-apply the base offset */ 355 *vector |= 0xc000000000003000ull; /* Apply scv's AIL=3 offset */ 356 } 357 } 358 } 359 #endif 360 361 static void powerpc_set_excp_state(PowerPCCPU *cpu, 362 target_ulong vector, target_ulong msr) 363 { 364 CPUState *cs = CPU(cpu); 365 CPUPPCState *env = &cpu->env; 366 367 /* 368 * We don't use hreg_store_msr here as already have treated any 369 * special case that could occur. Just store MSR and update hflags 370 * 371 * Note: We *MUST* not use hreg_store_msr() as-is anyway because it 372 * will prevent setting of the HV bit which some exceptions might need 373 * to do. 374 */ 375 env->msr = msr & env->msr_mask; 376 hreg_compute_hflags(env); 377 env->nip = vector; 378 /* Reset exception state */ 379 cs->exception_index = POWERPC_EXCP_NONE; 380 env->error_code = 0; 381 382 /* Reset the reservation */ 383 env->reserve_addr = -1; 384 385 /* 386 * Any interrupt is context synchronizing, check if TCG TLB needs 387 * a delayed flush on ppc64 388 */ 389 check_tlb_flush(env, false); 390 } 391 392 static void powerpc_excp_40x(PowerPCCPU *cpu, int excp) 393 { 394 CPUState *cs = CPU(cpu); 395 CPUPPCState *env = &cpu->env; 396 target_ulong msr, new_msr, vector; 397 int srr0, srr1; 398 399 /* new srr1 value excluding must-be-zero bits */ 400 msr = env->msr & ~0x783f0000ULL; 401 402 /* 403 * new interrupt handler msr preserves existing ME unless 404 * explicitly overriden. 405 */ 406 new_msr = env->msr & (((target_ulong)1 << MSR_ME)); 407 408 /* target registers */ 409 srr0 = SPR_SRR0; 410 srr1 = SPR_SRR1; 411 412 /* 413 * Hypervisor emulation assistance interrupt only exists on server 414 * arch 2.05 server or later. 415 */ 416 if (excp == POWERPC_EXCP_HV_EMU) { 417 excp = POWERPC_EXCP_PROGRAM; 418 } 419 420 vector = env->excp_vectors[excp]; 421 if (vector == (target_ulong)-1ULL) { 422 cpu_abort(cs, "Raised an exception without defined vector %d\n", 423 excp); 424 } 425 426 vector |= env->excp_prefix; 427 428 switch (excp) { 429 case POWERPC_EXCP_CRITICAL: /* Critical input */ 430 srr0 = SPR_40x_SRR2; 431 srr1 = SPR_40x_SRR3; 432 break; 433 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 434 if (msr_me == 0) { 435 /* 436 * Machine check exception is not enabled. Enter 437 * checkstop state. 438 */ 439 fprintf(stderr, "Machine check while not allowed. " 440 "Entering checkstop state\n"); 441 if (qemu_log_separate()) { 442 qemu_log("Machine check while not allowed. " 443 "Entering checkstop state\n"); 444 } 445 cs->halted = 1; 446 cpu_interrupt_exittb(cs); 447 } 448 449 /* machine check exceptions don't have ME set */ 450 new_msr &= ~((target_ulong)1 << MSR_ME); 451 452 srr0 = SPR_40x_SRR2; 453 srr1 = SPR_40x_SRR3; 454 break; 455 case POWERPC_EXCP_DSI: /* Data storage exception */ 456 trace_ppc_excp_dsi(env->spr[SPR_40x_ESR], env->spr[SPR_40x_DEAR]); 457 break; 458 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 459 trace_ppc_excp_isi(msr, env->nip); 460 break; 461 case POWERPC_EXCP_EXTERNAL: /* External input */ 462 break; 463 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 464 break; 465 case POWERPC_EXCP_PROGRAM: /* Program exception */ 466 switch (env->error_code & ~0xF) { 467 case POWERPC_EXCP_FP: 468 if ((msr_fe0 == 0 && msr_fe1 == 0) || msr_fp == 0) { 469 trace_ppc_excp_fp_ignore(); 470 cs->exception_index = POWERPC_EXCP_NONE; 471 env->error_code = 0; 472 return; 473 } 474 env->spr[SPR_40x_ESR] = ESR_FP; 475 break; 476 case POWERPC_EXCP_INVAL: 477 trace_ppc_excp_inval(env->nip); 478 env->spr[SPR_40x_ESR] = ESR_PIL; 479 break; 480 case POWERPC_EXCP_PRIV: 481 env->spr[SPR_40x_ESR] = ESR_PPR; 482 break; 483 case POWERPC_EXCP_TRAP: 484 env->spr[SPR_40x_ESR] = ESR_PTR; 485 break; 486 default: 487 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 488 env->error_code); 489 break; 490 } 491 break; 492 case POWERPC_EXCP_SYSCALL: /* System call exception */ 493 dump_syscall(env); 494 495 /* 496 * We need to correct the NIP which in this case is supposed 497 * to point to the next instruction 498 */ 499 env->nip += 4; 500 break; 501 case POWERPC_EXCP_FIT: /* Fixed-interval timer interrupt */ 502 trace_ppc_excp_print("FIT"); 503 break; 504 case POWERPC_EXCP_WDT: /* Watchdog timer interrupt */ 505 trace_ppc_excp_print("WDT"); 506 break; 507 case POWERPC_EXCP_DTLB: /* Data TLB error */ 508 case POWERPC_EXCP_ITLB: /* Instruction TLB error */ 509 break; 510 case POWERPC_EXCP_PIT: /* Programmable interval timer interrupt */ 511 trace_ppc_excp_print("PIT"); 512 break; 513 case POWERPC_EXCP_DEBUG: /* Debug interrupt */ 514 cpu_abort(cs, "%s exception not implemented\n", 515 powerpc_excp_name(excp)); 516 break; 517 default: 518 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 519 break; 520 } 521 522 /* Sanity check */ 523 if (!(env->msr_mask & MSR_HVB)) { 524 if (new_msr & MSR_HVB) { 525 cpu_abort(cs, "Trying to deliver HV exception (MSR) %d with " 526 "no HV support\n", excp); 527 } 528 if (srr0 == SPR_HSRR0) { 529 cpu_abort(cs, "Trying to deliver HV exception (HSRR) %d with " 530 "no HV support\n", excp); 531 } 532 } 533 534 /* Save PC */ 535 env->spr[srr0] = env->nip; 536 537 /* Save MSR */ 538 env->spr[srr1] = msr; 539 540 powerpc_set_excp_state(cpu, vector, new_msr); 541 } 542 543 static void powerpc_excp_6xx(PowerPCCPU *cpu, int excp) 544 { 545 CPUState *cs = CPU(cpu); 546 CPUPPCState *env = &cpu->env; 547 target_ulong msr, new_msr, vector; 548 549 /* new srr1 value excluding must-be-zero bits */ 550 msr = env->msr & ~0x783f0000ULL; 551 552 /* 553 * new interrupt handler msr preserves existing ME unless 554 * explicitly overriden 555 */ 556 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 557 558 /* 559 * Hypervisor emulation assistance interrupt only exists on server 560 * arch 2.05 server or later. 561 */ 562 if (excp == POWERPC_EXCP_HV_EMU) { 563 excp = POWERPC_EXCP_PROGRAM; 564 } 565 566 vector = env->excp_vectors[excp]; 567 if (vector == (target_ulong)-1ULL) { 568 cpu_abort(cs, "Raised an exception without defined vector %d\n", 569 excp); 570 } 571 572 vector |= env->excp_prefix; 573 574 switch (excp) { 575 case POWERPC_EXCP_CRITICAL: /* Critical input */ 576 break; 577 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 578 if (msr_me == 0) { 579 /* 580 * Machine check exception is not enabled. Enter 581 * checkstop state. 582 */ 583 fprintf(stderr, "Machine check while not allowed. " 584 "Entering checkstop state\n"); 585 if (qemu_log_separate()) { 586 qemu_log("Machine check while not allowed. " 587 "Entering checkstop state\n"); 588 } 589 cs->halted = 1; 590 cpu_interrupt_exittb(cs); 591 } 592 593 /* machine check exceptions don't have ME set */ 594 new_msr &= ~((target_ulong)1 << MSR_ME); 595 596 break; 597 case POWERPC_EXCP_DSI: /* Data storage exception */ 598 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 599 break; 600 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 601 trace_ppc_excp_isi(msr, env->nip); 602 msr |= env->error_code; 603 break; 604 case POWERPC_EXCP_EXTERNAL: /* External input */ 605 break; 606 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 607 /* Get rS/rD and rA from faulting opcode */ 608 /* 609 * Note: the opcode fields will not be set properly for a 610 * direct store load/store, but nobody cares as nobody 611 * actually uses direct store segments. 612 */ 613 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 614 break; 615 case POWERPC_EXCP_PROGRAM: /* Program exception */ 616 switch (env->error_code & ~0xF) { 617 case POWERPC_EXCP_FP: 618 if ((msr_fe0 == 0 && msr_fe1 == 0) || msr_fp == 0) { 619 trace_ppc_excp_fp_ignore(); 620 cs->exception_index = POWERPC_EXCP_NONE; 621 env->error_code = 0; 622 return; 623 } 624 625 /* 626 * FP exceptions always have NIP pointing to the faulting 627 * instruction, so always use store_next and claim we are 628 * precise in the MSR. 629 */ 630 msr |= 0x00100000; 631 break; 632 case POWERPC_EXCP_INVAL: 633 trace_ppc_excp_inval(env->nip); 634 msr |= 0x00080000; 635 break; 636 case POWERPC_EXCP_PRIV: 637 msr |= 0x00040000; 638 break; 639 case POWERPC_EXCP_TRAP: 640 msr |= 0x00020000; 641 break; 642 default: 643 /* Should never occur */ 644 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 645 env->error_code); 646 break; 647 } 648 break; 649 case POWERPC_EXCP_SYSCALL: /* System call exception */ 650 dump_syscall(env); 651 652 /* 653 * We need to correct the NIP which in this case is supposed 654 * to point to the next instruction 655 */ 656 env->nip += 4; 657 break; 658 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 659 case POWERPC_EXCP_DECR: /* Decrementer exception */ 660 break; 661 case POWERPC_EXCP_DTLB: /* Data TLB error */ 662 case POWERPC_EXCP_ITLB: /* Instruction TLB error */ 663 break; 664 case POWERPC_EXCP_RESET: /* System reset exception */ 665 if (msr_pow) { 666 cpu_abort(cs, "Trying to deliver power-saving system reset " 667 "exception %d with no HV support\n", excp); 668 } 669 break; 670 case POWERPC_EXCP_TRACE: /* Trace exception */ 671 break; 672 case POWERPC_EXCP_IFTLB: /* Instruction fetch TLB error */ 673 case POWERPC_EXCP_DLTLB: /* Data load TLB miss */ 674 case POWERPC_EXCP_DSTLB: /* Data store TLB miss */ 675 /* Swap temporary saved registers with GPRs */ 676 if (!(new_msr & ((target_ulong)1 << MSR_TGPR))) { 677 new_msr |= (target_ulong)1 << MSR_TGPR; 678 hreg_swap_gpr_tgpr(env); 679 } 680 681 ppc_excp_debug_sw_tlb(env, excp); 682 683 msr |= env->crf[0] << 28; 684 msr |= env->error_code; /* key, D/I, S/L bits */ 685 /* Set way using a LRU mechanism */ 686 msr |= ((env->last_way + 1) & (env->nb_ways - 1)) << 17; 687 break; 688 case POWERPC_EXCP_FPA: /* Floating-point assist exception */ 689 case POWERPC_EXCP_DABR: /* Data address breakpoint */ 690 case POWERPC_EXCP_IABR: /* Instruction address breakpoint */ 691 case POWERPC_EXCP_SMI: /* System management interrupt */ 692 case POWERPC_EXCP_MEXTBR: /* Maskable external breakpoint */ 693 case POWERPC_EXCP_NMEXTBR: /* Non maskable external breakpoint */ 694 cpu_abort(cs, "%s exception not implemented\n", 695 powerpc_excp_name(excp)); 696 break; 697 default: 698 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 699 break; 700 } 701 702 /* Sanity check */ 703 if (!(env->msr_mask & MSR_HVB)) { 704 if (new_msr & MSR_HVB) { 705 cpu_abort(cs, "Trying to deliver HV exception (MSR) %d with " 706 "no HV support\n", excp); 707 } 708 } 709 710 /* 711 * Sort out endianness of interrupt, this differs depending on the 712 * CPU, the HV mode, etc... 713 */ 714 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 715 new_msr |= (target_ulong)1 << MSR_LE; 716 } 717 718 /* Save PC */ 719 env->spr[SPR_SRR0] = env->nip; 720 721 /* Save MSR */ 722 env->spr[SPR_SRR1] = msr; 723 724 powerpc_set_excp_state(cpu, vector, new_msr); 725 } 726 727 static void powerpc_excp_7xx(PowerPCCPU *cpu, int excp) 728 { 729 CPUState *cs = CPU(cpu); 730 CPUPPCState *env = &cpu->env; 731 target_ulong msr, new_msr, vector; 732 733 /* new srr1 value excluding must-be-zero bits */ 734 msr = env->msr & ~0x783f0000ULL; 735 736 /* 737 * new interrupt handler msr preserves existing ME unless 738 * explicitly overriden 739 */ 740 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 741 742 /* 743 * Hypervisor emulation assistance interrupt only exists on server 744 * arch 2.05 server or later. 745 */ 746 if (excp == POWERPC_EXCP_HV_EMU) { 747 excp = POWERPC_EXCP_PROGRAM; 748 } 749 750 vector = env->excp_vectors[excp]; 751 if (vector == (target_ulong)-1ULL) { 752 cpu_abort(cs, "Raised an exception without defined vector %d\n", 753 excp); 754 } 755 756 vector |= env->excp_prefix; 757 758 switch (excp) { 759 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 760 if (msr_me == 0) { 761 /* 762 * Machine check exception is not enabled. Enter 763 * checkstop state. 764 */ 765 fprintf(stderr, "Machine check while not allowed. " 766 "Entering checkstop state\n"); 767 if (qemu_log_separate()) { 768 qemu_log("Machine check while not allowed. " 769 "Entering checkstop state\n"); 770 } 771 cs->halted = 1; 772 cpu_interrupt_exittb(cs); 773 } 774 775 /* machine check exceptions don't have ME set */ 776 new_msr &= ~((target_ulong)1 << MSR_ME); 777 778 break; 779 case POWERPC_EXCP_DSI: /* Data storage exception */ 780 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 781 break; 782 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 783 trace_ppc_excp_isi(msr, env->nip); 784 msr |= env->error_code; 785 break; 786 case POWERPC_EXCP_EXTERNAL: /* External input */ 787 break; 788 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 789 /* Get rS/rD and rA from faulting opcode */ 790 /* 791 * Note: the opcode fields will not be set properly for a 792 * direct store load/store, but nobody cares as nobody 793 * actually uses direct store segments. 794 */ 795 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 796 break; 797 case POWERPC_EXCP_PROGRAM: /* Program exception */ 798 switch (env->error_code & ~0xF) { 799 case POWERPC_EXCP_FP: 800 if ((msr_fe0 == 0 && msr_fe1 == 0) || msr_fp == 0) { 801 trace_ppc_excp_fp_ignore(); 802 cs->exception_index = POWERPC_EXCP_NONE; 803 env->error_code = 0; 804 return; 805 } 806 807 /* 808 * FP exceptions always have NIP pointing to the faulting 809 * instruction, so always use store_next and claim we are 810 * precise in the MSR. 811 */ 812 msr |= 0x00100000; 813 break; 814 case POWERPC_EXCP_INVAL: 815 trace_ppc_excp_inval(env->nip); 816 msr |= 0x00080000; 817 break; 818 case POWERPC_EXCP_PRIV: 819 msr |= 0x00040000; 820 break; 821 case POWERPC_EXCP_TRAP: 822 msr |= 0x00020000; 823 break; 824 default: 825 /* Should never occur */ 826 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 827 env->error_code); 828 break; 829 } 830 break; 831 case POWERPC_EXCP_SYSCALL: /* System call exception */ 832 { 833 int lev = env->error_code; 834 835 if (lev == 1 && cpu->vhyp) { 836 dump_hcall(env); 837 } else { 838 dump_syscall(env); 839 } 840 841 /* 842 * We need to correct the NIP which in this case is supposed 843 * to point to the next instruction 844 */ 845 env->nip += 4; 846 847 /* 848 * The Virtual Open Firmware (VOF) relies on the 'sc 1' 849 * instruction to communicate with QEMU. The pegasos2 machine 850 * uses VOF and the 7xx CPUs, so although the 7xx don't have 851 * HV mode, we need to keep hypercall support. 852 */ 853 if (lev == 1 && cpu->vhyp) { 854 PPCVirtualHypervisorClass *vhc = 855 PPC_VIRTUAL_HYPERVISOR_GET_CLASS(cpu->vhyp); 856 vhc->hypercall(cpu->vhyp, cpu); 857 return; 858 } 859 860 break; 861 } 862 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 863 case POWERPC_EXCP_DECR: /* Decrementer exception */ 864 break; 865 case POWERPC_EXCP_RESET: /* System reset exception */ 866 if (msr_pow) { 867 cpu_abort(cs, "Trying to deliver power-saving system reset " 868 "exception %d with no HV support\n", excp); 869 } 870 break; 871 case POWERPC_EXCP_TRACE: /* Trace exception */ 872 break; 873 case POWERPC_EXCP_IFTLB: /* Instruction fetch TLB error */ 874 case POWERPC_EXCP_DLTLB: /* Data load TLB miss */ 875 case POWERPC_EXCP_DSTLB: /* Data store TLB miss */ 876 ppc_excp_debug_sw_tlb(env, excp); 877 878 msr |= env->crf[0] << 28; 879 msr |= env->error_code; /* key, D/I, S/L bits */ 880 /* Set way using a LRU mechanism */ 881 msr |= ((env->last_way + 1) & (env->nb_ways - 1)) << 17; 882 883 break; 884 case POWERPC_EXCP_IABR: /* Instruction address breakpoint */ 885 case POWERPC_EXCP_SMI: /* System management interrupt */ 886 case POWERPC_EXCP_THERM: /* Thermal interrupt */ 887 case POWERPC_EXCP_PERFM: /* Embedded performance monitor interrupt */ 888 cpu_abort(cs, "%s exception not implemented\n", 889 powerpc_excp_name(excp)); 890 break; 891 default: 892 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 893 break; 894 } 895 896 /* Sanity check */ 897 if (!(env->msr_mask & MSR_HVB)) { 898 if (new_msr & MSR_HVB) { 899 cpu_abort(cs, "Trying to deliver HV exception (MSR) %d with " 900 "no HV support\n", excp); 901 } 902 } 903 904 /* 905 * Sort out endianness of interrupt, this differs depending on the 906 * CPU, the HV mode, etc... 907 */ 908 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 909 new_msr |= (target_ulong)1 << MSR_LE; 910 } 911 912 /* Save PC */ 913 env->spr[SPR_SRR0] = env->nip; 914 915 /* Save MSR */ 916 env->spr[SPR_SRR1] = msr; 917 918 powerpc_set_excp_state(cpu, vector, new_msr); 919 } 920 921 static void powerpc_excp_74xx(PowerPCCPU *cpu, int excp) 922 { 923 CPUState *cs = CPU(cpu); 924 CPUPPCState *env = &cpu->env; 925 target_ulong msr, new_msr, vector; 926 927 /* new srr1 value excluding must-be-zero bits */ 928 msr = env->msr & ~0x783f0000ULL; 929 930 /* 931 * new interrupt handler msr preserves existing ME unless 932 * explicitly overriden 933 */ 934 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 935 936 /* 937 * Hypervisor emulation assistance interrupt only exists on server 938 * arch 2.05 server or later. 939 */ 940 if (excp == POWERPC_EXCP_HV_EMU) { 941 excp = POWERPC_EXCP_PROGRAM; 942 } 943 944 vector = env->excp_vectors[excp]; 945 if (vector == (target_ulong)-1ULL) { 946 cpu_abort(cs, "Raised an exception without defined vector %d\n", 947 excp); 948 } 949 950 vector |= env->excp_prefix; 951 952 switch (excp) { 953 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 954 if (msr_me == 0) { 955 /* 956 * Machine check exception is not enabled. Enter 957 * checkstop state. 958 */ 959 fprintf(stderr, "Machine check while not allowed. " 960 "Entering checkstop state\n"); 961 if (qemu_log_separate()) { 962 qemu_log("Machine check while not allowed. " 963 "Entering checkstop state\n"); 964 } 965 cs->halted = 1; 966 cpu_interrupt_exittb(cs); 967 } 968 969 /* machine check exceptions don't have ME set */ 970 new_msr &= ~((target_ulong)1 << MSR_ME); 971 972 break; 973 case POWERPC_EXCP_DSI: /* Data storage exception */ 974 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 975 break; 976 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 977 trace_ppc_excp_isi(msr, env->nip); 978 msr |= env->error_code; 979 break; 980 case POWERPC_EXCP_EXTERNAL: /* External input */ 981 break; 982 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 983 /* Get rS/rD and rA from faulting opcode */ 984 /* 985 * Note: the opcode fields will not be set properly for a 986 * direct store load/store, but nobody cares as nobody 987 * actually uses direct store segments. 988 */ 989 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 990 break; 991 case POWERPC_EXCP_PROGRAM: /* Program exception */ 992 switch (env->error_code & ~0xF) { 993 case POWERPC_EXCP_FP: 994 if ((msr_fe0 == 0 && msr_fe1 == 0) || msr_fp == 0) { 995 trace_ppc_excp_fp_ignore(); 996 cs->exception_index = POWERPC_EXCP_NONE; 997 env->error_code = 0; 998 return; 999 } 1000 1001 /* 1002 * FP exceptions always have NIP pointing to the faulting 1003 * instruction, so always use store_next and claim we are 1004 * precise in the MSR. 1005 */ 1006 msr |= 0x00100000; 1007 break; 1008 case POWERPC_EXCP_INVAL: 1009 trace_ppc_excp_inval(env->nip); 1010 msr |= 0x00080000; 1011 break; 1012 case POWERPC_EXCP_PRIV: 1013 msr |= 0x00040000; 1014 break; 1015 case POWERPC_EXCP_TRAP: 1016 msr |= 0x00020000; 1017 break; 1018 default: 1019 /* Should never occur */ 1020 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 1021 env->error_code); 1022 break; 1023 } 1024 break; 1025 case POWERPC_EXCP_SYSCALL: /* System call exception */ 1026 { 1027 int lev = env->error_code; 1028 1029 if ((lev == 1) && cpu->vhyp) { 1030 dump_hcall(env); 1031 } else { 1032 dump_syscall(env); 1033 } 1034 1035 /* 1036 * We need to correct the NIP which in this case is supposed 1037 * to point to the next instruction 1038 */ 1039 env->nip += 4; 1040 1041 /* 1042 * The Virtual Open Firmware (VOF) relies on the 'sc 1' 1043 * instruction to communicate with QEMU. The pegasos2 machine 1044 * uses VOF and the 74xx CPUs, so although the 74xx don't have 1045 * HV mode, we need to keep hypercall support. 1046 */ 1047 if ((lev == 1) && cpu->vhyp) { 1048 PPCVirtualHypervisorClass *vhc = 1049 PPC_VIRTUAL_HYPERVISOR_GET_CLASS(cpu->vhyp); 1050 vhc->hypercall(cpu->vhyp, cpu); 1051 return; 1052 } 1053 1054 break; 1055 } 1056 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 1057 case POWERPC_EXCP_DECR: /* Decrementer exception */ 1058 break; 1059 case POWERPC_EXCP_RESET: /* System reset exception */ 1060 if (msr_pow) { 1061 cpu_abort(cs, "Trying to deliver power-saving system reset " 1062 "exception %d with no HV support\n", excp); 1063 } 1064 break; 1065 case POWERPC_EXCP_TRACE: /* Trace exception */ 1066 break; 1067 case POWERPC_EXCP_VPU: /* Vector unavailable exception */ 1068 break; 1069 case POWERPC_EXCP_IABR: /* Instruction address breakpoint */ 1070 case POWERPC_EXCP_SMI: /* System management interrupt */ 1071 case POWERPC_EXCP_THERM: /* Thermal interrupt */ 1072 case POWERPC_EXCP_PERFM: /* Embedded performance monitor interrupt */ 1073 case POWERPC_EXCP_VPUA: /* Vector assist exception */ 1074 cpu_abort(cs, "%s exception not implemented\n", 1075 powerpc_excp_name(excp)); 1076 break; 1077 default: 1078 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 1079 break; 1080 } 1081 1082 /* Sanity check */ 1083 if (!(env->msr_mask & MSR_HVB)) { 1084 if (new_msr & MSR_HVB) { 1085 cpu_abort(cs, "Trying to deliver HV exception (MSR) %d with " 1086 "no HV support\n", excp); 1087 } 1088 } 1089 1090 /* 1091 * Sort out endianness of interrupt, this differs depending on the 1092 * CPU, the HV mode, etc... 1093 */ 1094 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 1095 new_msr |= (target_ulong)1 << MSR_LE; 1096 } 1097 1098 /* Save PC */ 1099 env->spr[SPR_SRR0] = env->nip; 1100 1101 /* Save MSR */ 1102 env->spr[SPR_SRR1] = msr; 1103 1104 powerpc_set_excp_state(cpu, vector, new_msr); 1105 } 1106 1107 static void powerpc_excp_booke(PowerPCCPU *cpu, int excp) 1108 { 1109 CPUState *cs = CPU(cpu); 1110 CPUPPCState *env = &cpu->env; 1111 target_ulong msr, new_msr, vector; 1112 int srr0, srr1; 1113 1114 msr = env->msr; 1115 1116 /* 1117 * new interrupt handler msr preserves existing ME unless 1118 * explicitly overriden 1119 */ 1120 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 1121 1122 /* target registers */ 1123 srr0 = SPR_SRR0; 1124 srr1 = SPR_SRR1; 1125 1126 /* 1127 * Hypervisor emulation assistance interrupt only exists on server 1128 * arch 2.05 server or later. 1129 */ 1130 if (excp == POWERPC_EXCP_HV_EMU) { 1131 excp = POWERPC_EXCP_PROGRAM; 1132 } 1133 1134 #ifdef TARGET_PPC64 1135 /* 1136 * SPEU and VPU share the same IVOR but they exist in different 1137 * processors. SPEU is e500v1/2 only and VPU is e6500 only. 1138 */ 1139 if (excp == POWERPC_EXCP_VPU) { 1140 excp = POWERPC_EXCP_SPEU; 1141 } 1142 #endif 1143 1144 vector = env->excp_vectors[excp]; 1145 if (vector == (target_ulong)-1ULL) { 1146 cpu_abort(cs, "Raised an exception without defined vector %d\n", 1147 excp); 1148 } 1149 1150 vector |= env->excp_prefix; 1151 1152 switch (excp) { 1153 case POWERPC_EXCP_CRITICAL: /* Critical input */ 1154 srr0 = SPR_BOOKE_CSRR0; 1155 srr1 = SPR_BOOKE_CSRR1; 1156 break; 1157 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 1158 if (msr_me == 0) { 1159 /* 1160 * Machine check exception is not enabled. Enter 1161 * checkstop state. 1162 */ 1163 fprintf(stderr, "Machine check while not allowed. " 1164 "Entering checkstop state\n"); 1165 if (qemu_log_separate()) { 1166 qemu_log("Machine check while not allowed. " 1167 "Entering checkstop state\n"); 1168 } 1169 cs->halted = 1; 1170 cpu_interrupt_exittb(cs); 1171 } 1172 1173 /* machine check exceptions don't have ME set */ 1174 new_msr &= ~((target_ulong)1 << MSR_ME); 1175 1176 /* FIXME: choose one or the other based on CPU type */ 1177 srr0 = SPR_BOOKE_MCSRR0; 1178 srr1 = SPR_BOOKE_MCSRR1; 1179 1180 env->spr[SPR_BOOKE_CSRR0] = env->nip; 1181 env->spr[SPR_BOOKE_CSRR1] = msr; 1182 1183 break; 1184 case POWERPC_EXCP_DSI: /* Data storage exception */ 1185 trace_ppc_excp_dsi(env->spr[SPR_BOOKE_ESR], env->spr[SPR_BOOKE_DEAR]); 1186 break; 1187 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 1188 trace_ppc_excp_isi(msr, env->nip); 1189 break; 1190 case POWERPC_EXCP_EXTERNAL: /* External input */ 1191 if (env->mpic_proxy) { 1192 /* IACK the IRQ on delivery */ 1193 env->spr[SPR_BOOKE_EPR] = ldl_phys(cs->as, env->mpic_iack); 1194 } 1195 break; 1196 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 1197 break; 1198 case POWERPC_EXCP_PROGRAM: /* Program exception */ 1199 switch (env->error_code & ~0xF) { 1200 case POWERPC_EXCP_FP: 1201 if ((msr_fe0 == 0 && msr_fe1 == 0) || msr_fp == 0) { 1202 trace_ppc_excp_fp_ignore(); 1203 cs->exception_index = POWERPC_EXCP_NONE; 1204 env->error_code = 0; 1205 return; 1206 } 1207 1208 /* 1209 * FP exceptions always have NIP pointing to the faulting 1210 * instruction, so always use store_next and claim we are 1211 * precise in the MSR. 1212 */ 1213 msr |= 0x00100000; 1214 env->spr[SPR_BOOKE_ESR] = ESR_FP; 1215 break; 1216 case POWERPC_EXCP_INVAL: 1217 trace_ppc_excp_inval(env->nip); 1218 msr |= 0x00080000; 1219 env->spr[SPR_BOOKE_ESR] = ESR_PIL; 1220 break; 1221 case POWERPC_EXCP_PRIV: 1222 msr |= 0x00040000; 1223 env->spr[SPR_BOOKE_ESR] = ESR_PPR; 1224 break; 1225 case POWERPC_EXCP_TRAP: 1226 msr |= 0x00020000; 1227 env->spr[SPR_BOOKE_ESR] = ESR_PTR; 1228 break; 1229 default: 1230 /* Should never occur */ 1231 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 1232 env->error_code); 1233 break; 1234 } 1235 break; 1236 case POWERPC_EXCP_SYSCALL: /* System call exception */ 1237 dump_syscall(env); 1238 1239 /* 1240 * We need to correct the NIP which in this case is supposed 1241 * to point to the next instruction 1242 */ 1243 env->nip += 4; 1244 break; 1245 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 1246 case POWERPC_EXCP_APU: /* Auxiliary processor unavailable */ 1247 case POWERPC_EXCP_DECR: /* Decrementer exception */ 1248 break; 1249 case POWERPC_EXCP_FIT: /* Fixed-interval timer interrupt */ 1250 /* FIT on 4xx */ 1251 trace_ppc_excp_print("FIT"); 1252 break; 1253 case POWERPC_EXCP_WDT: /* Watchdog timer interrupt */ 1254 trace_ppc_excp_print("WDT"); 1255 srr0 = SPR_BOOKE_CSRR0; 1256 srr1 = SPR_BOOKE_CSRR1; 1257 break; 1258 case POWERPC_EXCP_DTLB: /* Data TLB error */ 1259 case POWERPC_EXCP_ITLB: /* Instruction TLB error */ 1260 break; 1261 case POWERPC_EXCP_DEBUG: /* Debug interrupt */ 1262 if (env->flags & POWERPC_FLAG_DE) { 1263 /* FIXME: choose one or the other based on CPU type */ 1264 srr0 = SPR_BOOKE_DSRR0; 1265 srr1 = SPR_BOOKE_DSRR1; 1266 1267 env->spr[SPR_BOOKE_CSRR0] = env->nip; 1268 env->spr[SPR_BOOKE_CSRR1] = msr; 1269 1270 /* DBSR already modified by caller */ 1271 } else { 1272 cpu_abort(cs, "Debug exception triggered on unsupported model\n"); 1273 } 1274 break; 1275 case POWERPC_EXCP_SPEU: /* SPE/embedded floating-point unavailable/VPU */ 1276 env->spr[SPR_BOOKE_ESR] = ESR_SPV; 1277 break; 1278 case POWERPC_EXCP_RESET: /* System reset exception */ 1279 if (msr_pow) { 1280 cpu_abort(cs, "Trying to deliver power-saving system reset " 1281 "exception %d with no HV support\n", excp); 1282 } 1283 break; 1284 case POWERPC_EXCP_EFPDI: /* Embedded floating-point data interrupt */ 1285 case POWERPC_EXCP_EFPRI: /* Embedded floating-point round interrupt */ 1286 cpu_abort(cs, "%s exception not implemented\n", 1287 powerpc_excp_name(excp)); 1288 break; 1289 default: 1290 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 1291 break; 1292 } 1293 1294 /* Sanity check */ 1295 if (!(env->msr_mask & MSR_HVB)) { 1296 if (new_msr & MSR_HVB) { 1297 cpu_abort(cs, "Trying to deliver HV exception (MSR) %d with " 1298 "no HV support\n", excp); 1299 } 1300 if (srr0 == SPR_HSRR0) { 1301 cpu_abort(cs, "Trying to deliver HV exception (HSRR) %d with " 1302 "no HV support\n", excp); 1303 } 1304 } 1305 1306 #if defined(TARGET_PPC64) 1307 if (env->spr[SPR_BOOKE_EPCR] & EPCR_ICM) { 1308 /* Cat.64-bit: EPCR.ICM is copied to MSR.CM */ 1309 new_msr |= (target_ulong)1 << MSR_CM; 1310 } else { 1311 vector = (uint32_t)vector; 1312 } 1313 #endif 1314 1315 /* Save PC */ 1316 env->spr[srr0] = env->nip; 1317 1318 /* Save MSR */ 1319 env->spr[srr1] = msr; 1320 1321 powerpc_set_excp_state(cpu, vector, new_msr); 1322 } 1323 1324 #ifdef TARGET_PPC64 1325 static void powerpc_excp_books(PowerPCCPU *cpu, int excp) 1326 { 1327 CPUState *cs = CPU(cpu); 1328 CPUPPCState *env = &cpu->env; 1329 int excp_model = env->excp_model; 1330 target_ulong msr, new_msr, vector; 1331 int srr0, srr1, lev = -1; 1332 1333 /* new srr1 value excluding must-be-zero bits */ 1334 msr = env->msr & ~0x783f0000ULL; 1335 1336 /* 1337 * new interrupt handler msr preserves existing HV and ME unless 1338 * explicitly overriden 1339 */ 1340 new_msr = env->msr & (((target_ulong)1 << MSR_ME) | MSR_HVB); 1341 1342 /* target registers */ 1343 srr0 = SPR_SRR0; 1344 srr1 = SPR_SRR1; 1345 1346 /* 1347 * check for special resume at 0x100 from doze/nap/sleep/winkle on 1348 * P7/P8/P9 1349 */ 1350 if (env->resume_as_sreset) { 1351 excp = powerpc_reset_wakeup(cs, env, excp, &msr); 1352 } 1353 1354 /* 1355 * We don't want to generate a Hypervisor Emulation Assistance 1356 * Interrupt if we don't have HVB in msr_mask (PAPR mode). 1357 */ 1358 if (excp == POWERPC_EXCP_HV_EMU && !(env->msr_mask & MSR_HVB)) { 1359 excp = POWERPC_EXCP_PROGRAM; 1360 } 1361 1362 vector = env->excp_vectors[excp]; 1363 if (vector == (target_ulong)-1ULL) { 1364 cpu_abort(cs, "Raised an exception without defined vector %d\n", 1365 excp); 1366 } 1367 1368 vector |= env->excp_prefix; 1369 1370 switch (excp) { 1371 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 1372 if (msr_me == 0) { 1373 /* 1374 * Machine check exception is not enabled. Enter 1375 * checkstop state. 1376 */ 1377 fprintf(stderr, "Machine check while not allowed. " 1378 "Entering checkstop state\n"); 1379 if (qemu_log_separate()) { 1380 qemu_log("Machine check while not allowed. " 1381 "Entering checkstop state\n"); 1382 } 1383 cs->halted = 1; 1384 cpu_interrupt_exittb(cs); 1385 } 1386 if (env->msr_mask & MSR_HVB) { 1387 /* 1388 * ISA specifies HV, but can be delivered to guest with HV 1389 * clear (e.g., see FWNMI in PAPR). 1390 */ 1391 new_msr |= (target_ulong)MSR_HVB; 1392 } 1393 1394 /* machine check exceptions don't have ME set */ 1395 new_msr &= ~((target_ulong)1 << MSR_ME); 1396 1397 break; 1398 case POWERPC_EXCP_DSI: /* Data storage exception */ 1399 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 1400 break; 1401 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 1402 trace_ppc_excp_isi(msr, env->nip); 1403 msr |= env->error_code; 1404 break; 1405 case POWERPC_EXCP_EXTERNAL: /* External input */ 1406 { 1407 bool lpes0; 1408 1409 /* 1410 * LPES0 is only taken into consideration if we support HV 1411 * mode for this CPU. 1412 */ 1413 if (!env->has_hv_mode) { 1414 break; 1415 } 1416 1417 lpes0 = !!(env->spr[SPR_LPCR] & LPCR_LPES0); 1418 1419 if (!lpes0) { 1420 new_msr |= (target_ulong)MSR_HVB; 1421 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1422 srr0 = SPR_HSRR0; 1423 srr1 = SPR_HSRR1; 1424 } 1425 1426 break; 1427 } 1428 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 1429 /* Get rS/rD and rA from faulting opcode */ 1430 /* 1431 * Note: the opcode fields will not be set properly for a 1432 * direct store load/store, but nobody cares as nobody 1433 * actually uses direct store segments. 1434 */ 1435 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 1436 break; 1437 case POWERPC_EXCP_PROGRAM: /* Program exception */ 1438 switch (env->error_code & ~0xF) { 1439 case POWERPC_EXCP_FP: 1440 if ((msr_fe0 == 0 && msr_fe1 == 0) || msr_fp == 0) { 1441 trace_ppc_excp_fp_ignore(); 1442 cs->exception_index = POWERPC_EXCP_NONE; 1443 env->error_code = 0; 1444 return; 1445 } 1446 1447 /* 1448 * FP exceptions always have NIP pointing to the faulting 1449 * instruction, so always use store_next and claim we are 1450 * precise in the MSR. 1451 */ 1452 msr |= 0x00100000; 1453 break; 1454 case POWERPC_EXCP_INVAL: 1455 trace_ppc_excp_inval(env->nip); 1456 msr |= 0x00080000; 1457 break; 1458 case POWERPC_EXCP_PRIV: 1459 msr |= 0x00040000; 1460 break; 1461 case POWERPC_EXCP_TRAP: 1462 msr |= 0x00020000; 1463 break; 1464 default: 1465 /* Should never occur */ 1466 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 1467 env->error_code); 1468 break; 1469 } 1470 break; 1471 case POWERPC_EXCP_SYSCALL: /* System call exception */ 1472 lev = env->error_code; 1473 1474 if ((lev == 1) && cpu->vhyp) { 1475 dump_hcall(env); 1476 } else { 1477 dump_syscall(env); 1478 } 1479 1480 /* 1481 * We need to correct the NIP which in this case is supposed 1482 * to point to the next instruction 1483 */ 1484 env->nip += 4; 1485 1486 /* "PAPR mode" built-in hypercall emulation */ 1487 if ((lev == 1) && cpu->vhyp) { 1488 PPCVirtualHypervisorClass *vhc = 1489 PPC_VIRTUAL_HYPERVISOR_GET_CLASS(cpu->vhyp); 1490 vhc->hypercall(cpu->vhyp, cpu); 1491 return; 1492 } 1493 if (lev == 1) { 1494 new_msr |= (target_ulong)MSR_HVB; 1495 } 1496 break; 1497 case POWERPC_EXCP_SYSCALL_VECTORED: /* scv exception */ 1498 lev = env->error_code; 1499 dump_syscall(env); 1500 env->nip += 4; 1501 new_msr |= env->msr & ((target_ulong)1 << MSR_EE); 1502 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1503 1504 vector += lev * 0x20; 1505 1506 env->lr = env->nip; 1507 env->ctr = msr; 1508 break; 1509 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 1510 case POWERPC_EXCP_DECR: /* Decrementer exception */ 1511 break; 1512 case POWERPC_EXCP_RESET: /* System reset exception */ 1513 /* A power-saving exception sets ME, otherwise it is unchanged */ 1514 if (msr_pow) { 1515 /* indicate that we resumed from power save mode */ 1516 msr |= 0x10000; 1517 new_msr |= ((target_ulong)1 << MSR_ME); 1518 } 1519 if (env->msr_mask & MSR_HVB) { 1520 /* 1521 * ISA specifies HV, but can be delivered to guest with HV 1522 * clear (e.g., see FWNMI in PAPR, NMI injection in QEMU). 1523 */ 1524 new_msr |= (target_ulong)MSR_HVB; 1525 } else { 1526 if (msr_pow) { 1527 cpu_abort(cs, "Trying to deliver power-saving system reset " 1528 "exception %d with no HV support\n", excp); 1529 } 1530 } 1531 break; 1532 case POWERPC_EXCP_DSEG: /* Data segment exception */ 1533 case POWERPC_EXCP_ISEG: /* Instruction segment exception */ 1534 case POWERPC_EXCP_TRACE: /* Trace exception */ 1535 break; 1536 case POWERPC_EXCP_HISI: /* Hypervisor instruction storage exception */ 1537 msr |= env->error_code; 1538 /* fall through */ 1539 case POWERPC_EXCP_HDECR: /* Hypervisor decrementer exception */ 1540 case POWERPC_EXCP_HDSI: /* Hypervisor data storage exception */ 1541 case POWERPC_EXCP_SDOOR_HV: /* Hypervisor Doorbell interrupt */ 1542 case POWERPC_EXCP_HV_EMU: 1543 case POWERPC_EXCP_HVIRT: /* Hypervisor virtualization */ 1544 srr0 = SPR_HSRR0; 1545 srr1 = SPR_HSRR1; 1546 new_msr |= (target_ulong)MSR_HVB; 1547 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1548 break; 1549 case POWERPC_EXCP_VPU: /* Vector unavailable exception */ 1550 case POWERPC_EXCP_VSXU: /* VSX unavailable exception */ 1551 case POWERPC_EXCP_FU: /* Facility unavailable exception */ 1552 env->spr[SPR_FSCR] |= ((target_ulong)env->error_code << 56); 1553 break; 1554 case POWERPC_EXCP_HV_FU: /* Hypervisor Facility Unavailable Exception */ 1555 env->spr[SPR_HFSCR] |= ((target_ulong)env->error_code << FSCR_IC_POS); 1556 srr0 = SPR_HSRR0; 1557 srr1 = SPR_HSRR1; 1558 new_msr |= (target_ulong)MSR_HVB; 1559 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1560 break; 1561 case POWERPC_EXCP_THERM: /* Thermal interrupt */ 1562 case POWERPC_EXCP_PERFM: /* Embedded performance monitor interrupt */ 1563 case POWERPC_EXCP_VPUA: /* Vector assist exception */ 1564 case POWERPC_EXCP_MAINT: /* Maintenance exception */ 1565 case POWERPC_EXCP_SDOOR: /* Doorbell interrupt */ 1566 case POWERPC_EXCP_HV_MAINT: /* Hypervisor Maintenance exception */ 1567 cpu_abort(cs, "%s exception not implemented\n", 1568 powerpc_excp_name(excp)); 1569 break; 1570 default: 1571 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 1572 break; 1573 } 1574 1575 /* Sanity check */ 1576 if (!(env->msr_mask & MSR_HVB)) { 1577 if (new_msr & MSR_HVB) { 1578 cpu_abort(cs, "Trying to deliver HV exception (MSR) %d with " 1579 "no HV support\n", excp); 1580 } 1581 if (srr0 == SPR_HSRR0) { 1582 cpu_abort(cs, "Trying to deliver HV exception (HSRR) %d with " 1583 "no HV support\n", excp); 1584 } 1585 } 1586 1587 /* 1588 * Sort out endianness of interrupt, this differs depending on the 1589 * CPU, the HV mode, etc... 1590 */ 1591 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 1592 new_msr |= (target_ulong)1 << MSR_LE; 1593 } 1594 1595 new_msr |= (target_ulong)1 << MSR_SF; 1596 1597 if (excp != POWERPC_EXCP_SYSCALL_VECTORED) { 1598 /* Save PC */ 1599 env->spr[srr0] = env->nip; 1600 1601 /* Save MSR */ 1602 env->spr[srr1] = msr; 1603 } 1604 1605 /* This can update new_msr and vector if AIL applies */ 1606 ppc_excp_apply_ail(cpu, excp_model, excp, msr, &new_msr, &vector); 1607 1608 powerpc_set_excp_state(cpu, vector, new_msr); 1609 } 1610 #else 1611 static inline void powerpc_excp_books(PowerPCCPU *cpu, int excp) 1612 { 1613 g_assert_not_reached(); 1614 } 1615 #endif 1616 1617 static void powerpc_excp(PowerPCCPU *cpu, int excp) 1618 { 1619 CPUState *cs = CPU(cpu); 1620 CPUPPCState *env = &cpu->env; 1621 1622 if (excp <= POWERPC_EXCP_NONE || excp >= POWERPC_EXCP_NB) { 1623 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 1624 } 1625 1626 qemu_log_mask(CPU_LOG_INT, "Raise exception at " TARGET_FMT_lx 1627 " => %s (%d) error=%02x\n", env->nip, powerpc_excp_name(excp), 1628 excp, env->error_code); 1629 1630 switch (env->excp_model) { 1631 case POWERPC_EXCP_40x: 1632 powerpc_excp_40x(cpu, excp); 1633 break; 1634 case POWERPC_EXCP_6xx: 1635 powerpc_excp_6xx(cpu, excp); 1636 break; 1637 case POWERPC_EXCP_7xx: 1638 powerpc_excp_7xx(cpu, excp); 1639 break; 1640 case POWERPC_EXCP_74xx: 1641 powerpc_excp_74xx(cpu, excp); 1642 break; 1643 case POWERPC_EXCP_BOOKE: 1644 powerpc_excp_booke(cpu, excp); 1645 break; 1646 case POWERPC_EXCP_970: 1647 case POWERPC_EXCP_POWER7: 1648 case POWERPC_EXCP_POWER8: 1649 case POWERPC_EXCP_POWER9: 1650 case POWERPC_EXCP_POWER10: 1651 powerpc_excp_books(cpu, excp); 1652 break; 1653 default: 1654 g_assert_not_reached(); 1655 } 1656 } 1657 1658 void ppc_cpu_do_interrupt(CPUState *cs) 1659 { 1660 PowerPCCPU *cpu = POWERPC_CPU(cs); 1661 1662 powerpc_excp(cpu, cs->exception_index); 1663 } 1664 1665 static void ppc_hw_interrupt(CPUPPCState *env) 1666 { 1667 PowerPCCPU *cpu = env_archcpu(env); 1668 bool async_deliver; 1669 1670 /* External reset */ 1671 if (env->pending_interrupts & (1 << PPC_INTERRUPT_RESET)) { 1672 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_RESET); 1673 powerpc_excp(cpu, POWERPC_EXCP_RESET); 1674 return; 1675 } 1676 /* Machine check exception */ 1677 if (env->pending_interrupts & (1 << PPC_INTERRUPT_MCK)) { 1678 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_MCK); 1679 powerpc_excp(cpu, POWERPC_EXCP_MCHECK); 1680 return; 1681 } 1682 #if 0 /* TODO */ 1683 /* External debug exception */ 1684 if (env->pending_interrupts & (1 << PPC_INTERRUPT_DEBUG)) { 1685 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_DEBUG); 1686 powerpc_excp(cpu, POWERPC_EXCP_DEBUG); 1687 return; 1688 } 1689 #endif 1690 1691 /* 1692 * For interrupts that gate on MSR:EE, we need to do something a 1693 * bit more subtle, as we need to let them through even when EE is 1694 * clear when coming out of some power management states (in order 1695 * for them to become a 0x100). 1696 */ 1697 async_deliver = (msr_ee != 0) || env->resume_as_sreset; 1698 1699 /* Hypervisor decrementer exception */ 1700 if (env->pending_interrupts & (1 << PPC_INTERRUPT_HDECR)) { 1701 /* LPCR will be clear when not supported so this will work */ 1702 bool hdice = !!(env->spr[SPR_LPCR] & LPCR_HDICE); 1703 if ((async_deliver || msr_hv == 0) && hdice) { 1704 /* HDEC clears on delivery */ 1705 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_HDECR); 1706 powerpc_excp(cpu, POWERPC_EXCP_HDECR); 1707 return; 1708 } 1709 } 1710 1711 /* Hypervisor virtualization interrupt */ 1712 if (env->pending_interrupts & (1 << PPC_INTERRUPT_HVIRT)) { 1713 /* LPCR will be clear when not supported so this will work */ 1714 bool hvice = !!(env->spr[SPR_LPCR] & LPCR_HVICE); 1715 if ((async_deliver || msr_hv == 0) && hvice) { 1716 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 1717 return; 1718 } 1719 } 1720 1721 /* External interrupt can ignore MSR:EE under some circumstances */ 1722 if (env->pending_interrupts & (1 << PPC_INTERRUPT_EXT)) { 1723 bool lpes0 = !!(env->spr[SPR_LPCR] & LPCR_LPES0); 1724 bool heic = !!(env->spr[SPR_LPCR] & LPCR_HEIC); 1725 /* HEIC blocks delivery to the hypervisor */ 1726 if ((async_deliver && !(heic && msr_hv && !msr_pr)) || 1727 (env->has_hv_mode && msr_hv == 0 && !lpes0)) { 1728 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL); 1729 return; 1730 } 1731 } 1732 if (msr_ce != 0) { 1733 /* External critical interrupt */ 1734 if (env->pending_interrupts & (1 << PPC_INTERRUPT_CEXT)) { 1735 powerpc_excp(cpu, POWERPC_EXCP_CRITICAL); 1736 return; 1737 } 1738 } 1739 if (async_deliver != 0) { 1740 /* Watchdog timer on embedded PowerPC */ 1741 if (env->pending_interrupts & (1 << PPC_INTERRUPT_WDT)) { 1742 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_WDT); 1743 powerpc_excp(cpu, POWERPC_EXCP_WDT); 1744 return; 1745 } 1746 if (env->pending_interrupts & (1 << PPC_INTERRUPT_CDOORBELL)) { 1747 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_CDOORBELL); 1748 powerpc_excp(cpu, POWERPC_EXCP_DOORCI); 1749 return; 1750 } 1751 /* Fixed interval timer on embedded PowerPC */ 1752 if (env->pending_interrupts & (1 << PPC_INTERRUPT_FIT)) { 1753 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_FIT); 1754 powerpc_excp(cpu, POWERPC_EXCP_FIT); 1755 return; 1756 } 1757 /* Programmable interval timer on embedded PowerPC */ 1758 if (env->pending_interrupts & (1 << PPC_INTERRUPT_PIT)) { 1759 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_PIT); 1760 powerpc_excp(cpu, POWERPC_EXCP_PIT); 1761 return; 1762 } 1763 /* Decrementer exception */ 1764 if (env->pending_interrupts & (1 << PPC_INTERRUPT_DECR)) { 1765 if (ppc_decr_clear_on_delivery(env)) { 1766 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_DECR); 1767 } 1768 powerpc_excp(cpu, POWERPC_EXCP_DECR); 1769 return; 1770 } 1771 if (env->pending_interrupts & (1 << PPC_INTERRUPT_DOORBELL)) { 1772 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_DOORBELL); 1773 if (is_book3s_arch2x(env)) { 1774 powerpc_excp(cpu, POWERPC_EXCP_SDOOR); 1775 } else { 1776 powerpc_excp(cpu, POWERPC_EXCP_DOORI); 1777 } 1778 return; 1779 } 1780 if (env->pending_interrupts & (1 << PPC_INTERRUPT_HDOORBELL)) { 1781 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_HDOORBELL); 1782 powerpc_excp(cpu, POWERPC_EXCP_SDOOR_HV); 1783 return; 1784 } 1785 if (env->pending_interrupts & (1 << PPC_INTERRUPT_PERFM)) { 1786 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_PERFM); 1787 powerpc_excp(cpu, POWERPC_EXCP_PERFM); 1788 return; 1789 } 1790 /* Thermal interrupt */ 1791 if (env->pending_interrupts & (1 << PPC_INTERRUPT_THERM)) { 1792 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_THERM); 1793 powerpc_excp(cpu, POWERPC_EXCP_THERM); 1794 return; 1795 } 1796 } 1797 1798 if (env->resume_as_sreset) { 1799 /* 1800 * This is a bug ! It means that has_work took us out of halt without 1801 * anything to deliver while in a PM state that requires getting 1802 * out via a 0x100 1803 * 1804 * This means we will incorrectly execute past the power management 1805 * instruction instead of triggering a reset. 1806 * 1807 * It generally means a discrepancy between the wakeup conditions in the 1808 * processor has_work implementation and the logic in this function. 1809 */ 1810 cpu_abort(env_cpu(env), 1811 "Wakeup from PM state but interrupt Undelivered"); 1812 } 1813 } 1814 1815 void ppc_cpu_do_system_reset(CPUState *cs) 1816 { 1817 PowerPCCPU *cpu = POWERPC_CPU(cs); 1818 1819 powerpc_excp(cpu, POWERPC_EXCP_RESET); 1820 } 1821 1822 void ppc_cpu_do_fwnmi_machine_check(CPUState *cs, target_ulong vector) 1823 { 1824 PowerPCCPU *cpu = POWERPC_CPU(cs); 1825 CPUPPCState *env = &cpu->env; 1826 target_ulong msr = 0; 1827 1828 /* 1829 * Set MSR and NIP for the handler, SRR0/1, DAR and DSISR have already 1830 * been set by KVM. 1831 */ 1832 msr = (1ULL << MSR_ME); 1833 msr |= env->msr & (1ULL << MSR_SF); 1834 if (ppc_interrupts_little_endian(cpu, false)) { 1835 msr |= (1ULL << MSR_LE); 1836 } 1837 1838 powerpc_set_excp_state(cpu, vector, msr); 1839 } 1840 1841 bool ppc_cpu_exec_interrupt(CPUState *cs, int interrupt_request) 1842 { 1843 PowerPCCPU *cpu = POWERPC_CPU(cs); 1844 CPUPPCState *env = &cpu->env; 1845 1846 if (interrupt_request & CPU_INTERRUPT_HARD) { 1847 ppc_hw_interrupt(env); 1848 if (env->pending_interrupts == 0) { 1849 cs->interrupt_request &= ~CPU_INTERRUPT_HARD; 1850 } 1851 return true; 1852 } 1853 return false; 1854 } 1855 1856 #endif /* !CONFIG_USER_ONLY */ 1857 1858 /*****************************************************************************/ 1859 /* Exceptions processing helpers */ 1860 1861 void raise_exception_err_ra(CPUPPCState *env, uint32_t exception, 1862 uint32_t error_code, uintptr_t raddr) 1863 { 1864 CPUState *cs = env_cpu(env); 1865 1866 cs->exception_index = exception; 1867 env->error_code = error_code; 1868 cpu_loop_exit_restore(cs, raddr); 1869 } 1870 1871 void raise_exception_err(CPUPPCState *env, uint32_t exception, 1872 uint32_t error_code) 1873 { 1874 raise_exception_err_ra(env, exception, error_code, 0); 1875 } 1876 1877 void raise_exception(CPUPPCState *env, uint32_t exception) 1878 { 1879 raise_exception_err_ra(env, exception, 0, 0); 1880 } 1881 1882 void raise_exception_ra(CPUPPCState *env, uint32_t exception, 1883 uintptr_t raddr) 1884 { 1885 raise_exception_err_ra(env, exception, 0, raddr); 1886 } 1887 1888 #ifdef CONFIG_TCG 1889 void helper_raise_exception_err(CPUPPCState *env, uint32_t exception, 1890 uint32_t error_code) 1891 { 1892 raise_exception_err_ra(env, exception, error_code, 0); 1893 } 1894 1895 void helper_raise_exception(CPUPPCState *env, uint32_t exception) 1896 { 1897 raise_exception_err_ra(env, exception, 0, 0); 1898 } 1899 #endif 1900 1901 #if !defined(CONFIG_USER_ONLY) 1902 #ifdef CONFIG_TCG 1903 void helper_store_msr(CPUPPCState *env, target_ulong val) 1904 { 1905 uint32_t excp = hreg_store_msr(env, val, 0); 1906 1907 if (excp != 0) { 1908 CPUState *cs = env_cpu(env); 1909 cpu_interrupt_exittb(cs); 1910 raise_exception(env, excp); 1911 } 1912 } 1913 1914 #if defined(TARGET_PPC64) 1915 void helper_scv(CPUPPCState *env, uint32_t lev) 1916 { 1917 if (env->spr[SPR_FSCR] & (1ull << FSCR_SCV)) { 1918 raise_exception_err(env, POWERPC_EXCP_SYSCALL_VECTORED, lev); 1919 } else { 1920 raise_exception_err(env, POWERPC_EXCP_FU, FSCR_IC_SCV); 1921 } 1922 } 1923 1924 void helper_pminsn(CPUPPCState *env, powerpc_pm_insn_t insn) 1925 { 1926 CPUState *cs; 1927 1928 cs = env_cpu(env); 1929 cs->halted = 1; 1930 1931 /* Condition for waking up at 0x100 */ 1932 env->resume_as_sreset = (insn != PPC_PM_STOP) || 1933 (env->spr[SPR_PSSCR] & PSSCR_EC); 1934 } 1935 #endif /* defined(TARGET_PPC64) */ 1936 1937 static void do_rfi(CPUPPCState *env, target_ulong nip, target_ulong msr) 1938 { 1939 CPUState *cs = env_cpu(env); 1940 1941 /* MSR:POW cannot be set by any form of rfi */ 1942 msr &= ~(1ULL << MSR_POW); 1943 1944 /* MSR:TGPR cannot be set by any form of rfi */ 1945 if (env->flags & POWERPC_FLAG_TGPR) 1946 msr &= ~(1ULL << MSR_TGPR); 1947 1948 #if defined(TARGET_PPC64) 1949 /* Switching to 32-bit ? Crop the nip */ 1950 if (!msr_is_64bit(env, msr)) { 1951 nip = (uint32_t)nip; 1952 } 1953 #else 1954 nip = (uint32_t)nip; 1955 #endif 1956 /* XXX: beware: this is false if VLE is supported */ 1957 env->nip = nip & ~((target_ulong)0x00000003); 1958 hreg_store_msr(env, msr, 1); 1959 trace_ppc_excp_rfi(env->nip, env->msr); 1960 /* 1961 * No need to raise an exception here, as rfi is always the last 1962 * insn of a TB 1963 */ 1964 cpu_interrupt_exittb(cs); 1965 /* Reset the reservation */ 1966 env->reserve_addr = -1; 1967 1968 /* Context synchronizing: check if TCG TLB needs flush */ 1969 check_tlb_flush(env, false); 1970 } 1971 1972 void helper_rfi(CPUPPCState *env) 1973 { 1974 do_rfi(env, env->spr[SPR_SRR0], env->spr[SPR_SRR1] & 0xfffffffful); 1975 } 1976 1977 #define MSR_BOOK3S_MASK 1978 #if defined(TARGET_PPC64) 1979 void helper_rfid(CPUPPCState *env) 1980 { 1981 /* 1982 * The architecture defines a number of rules for which bits can 1983 * change but in practice, we handle this in hreg_store_msr() 1984 * which will be called by do_rfi(), so there is no need to filter 1985 * here 1986 */ 1987 do_rfi(env, env->spr[SPR_SRR0], env->spr[SPR_SRR1]); 1988 } 1989 1990 void helper_rfscv(CPUPPCState *env) 1991 { 1992 do_rfi(env, env->lr, env->ctr); 1993 } 1994 1995 void helper_hrfid(CPUPPCState *env) 1996 { 1997 do_rfi(env, env->spr[SPR_HSRR0], env->spr[SPR_HSRR1]); 1998 } 1999 #endif 2000 2001 #if defined(TARGET_PPC64) && !defined(CONFIG_USER_ONLY) 2002 void helper_rfebb(CPUPPCState *env, target_ulong s) 2003 { 2004 target_ulong msr = env->msr; 2005 2006 /* 2007 * Handling of BESCR bits 32:33 according to PowerISA v3.1: 2008 * 2009 * "If BESCR 32:33 != 0b00 the instruction is treated as if 2010 * the instruction form were invalid." 2011 */ 2012 if (env->spr[SPR_BESCR] & BESCR_INVALID) { 2013 raise_exception_err(env, POWERPC_EXCP_PROGRAM, 2014 POWERPC_EXCP_INVAL | POWERPC_EXCP_INVAL_INVAL); 2015 } 2016 2017 env->nip = env->spr[SPR_EBBRR]; 2018 2019 /* Switching to 32-bit ? Crop the nip */ 2020 if (!msr_is_64bit(env, msr)) { 2021 env->nip = (uint32_t)env->spr[SPR_EBBRR]; 2022 } 2023 2024 if (s) { 2025 env->spr[SPR_BESCR] |= BESCR_GE; 2026 } else { 2027 env->spr[SPR_BESCR] &= ~BESCR_GE; 2028 } 2029 } 2030 #endif 2031 2032 /*****************************************************************************/ 2033 /* Embedded PowerPC specific helpers */ 2034 void helper_40x_rfci(CPUPPCState *env) 2035 { 2036 do_rfi(env, env->spr[SPR_40x_SRR2], env->spr[SPR_40x_SRR3]); 2037 } 2038 2039 void helper_rfci(CPUPPCState *env) 2040 { 2041 do_rfi(env, env->spr[SPR_BOOKE_CSRR0], env->spr[SPR_BOOKE_CSRR1]); 2042 } 2043 2044 void helper_rfdi(CPUPPCState *env) 2045 { 2046 /* FIXME: choose CSRR1 or DSRR1 based on cpu type */ 2047 do_rfi(env, env->spr[SPR_BOOKE_DSRR0], env->spr[SPR_BOOKE_DSRR1]); 2048 } 2049 2050 void helper_rfmci(CPUPPCState *env) 2051 { 2052 /* FIXME: choose CSRR1 or MCSRR1 based on cpu type */ 2053 do_rfi(env, env->spr[SPR_BOOKE_MCSRR0], env->spr[SPR_BOOKE_MCSRR1]); 2054 } 2055 #endif /* CONFIG_TCG */ 2056 #endif /* !defined(CONFIG_USER_ONLY) */ 2057 2058 #ifdef CONFIG_TCG 2059 void helper_tw(CPUPPCState *env, target_ulong arg1, target_ulong arg2, 2060 uint32_t flags) 2061 { 2062 if (!likely(!(((int32_t)arg1 < (int32_t)arg2 && (flags & 0x10)) || 2063 ((int32_t)arg1 > (int32_t)arg2 && (flags & 0x08)) || 2064 ((int32_t)arg1 == (int32_t)arg2 && (flags & 0x04)) || 2065 ((uint32_t)arg1 < (uint32_t)arg2 && (flags & 0x02)) || 2066 ((uint32_t)arg1 > (uint32_t)arg2 && (flags & 0x01))))) { 2067 raise_exception_err_ra(env, POWERPC_EXCP_PROGRAM, 2068 POWERPC_EXCP_TRAP, GETPC()); 2069 } 2070 } 2071 2072 #if defined(TARGET_PPC64) 2073 void helper_td(CPUPPCState *env, target_ulong arg1, target_ulong arg2, 2074 uint32_t flags) 2075 { 2076 if (!likely(!(((int64_t)arg1 < (int64_t)arg2 && (flags & 0x10)) || 2077 ((int64_t)arg1 > (int64_t)arg2 && (flags & 0x08)) || 2078 ((int64_t)arg1 == (int64_t)arg2 && (flags & 0x04)) || 2079 ((uint64_t)arg1 < (uint64_t)arg2 && (flags & 0x02)) || 2080 ((uint64_t)arg1 > (uint64_t)arg2 && (flags & 0x01))))) { 2081 raise_exception_err_ra(env, POWERPC_EXCP_PROGRAM, 2082 POWERPC_EXCP_TRAP, GETPC()); 2083 } 2084 } 2085 #endif 2086 #endif 2087 2088 #if !defined(CONFIG_USER_ONLY) 2089 2090 #ifdef CONFIG_TCG 2091 2092 /* Embedded.Processor Control */ 2093 static int dbell2irq(target_ulong rb) 2094 { 2095 int msg = rb & DBELL_TYPE_MASK; 2096 int irq = -1; 2097 2098 switch (msg) { 2099 case DBELL_TYPE_DBELL: 2100 irq = PPC_INTERRUPT_DOORBELL; 2101 break; 2102 case DBELL_TYPE_DBELL_CRIT: 2103 irq = PPC_INTERRUPT_CDOORBELL; 2104 break; 2105 case DBELL_TYPE_G_DBELL: 2106 case DBELL_TYPE_G_DBELL_CRIT: 2107 case DBELL_TYPE_G_DBELL_MC: 2108 /* XXX implement */ 2109 default: 2110 break; 2111 } 2112 2113 return irq; 2114 } 2115 2116 void helper_msgclr(CPUPPCState *env, target_ulong rb) 2117 { 2118 int irq = dbell2irq(rb); 2119 2120 if (irq < 0) { 2121 return; 2122 } 2123 2124 env->pending_interrupts &= ~(1 << irq); 2125 } 2126 2127 void helper_msgsnd(target_ulong rb) 2128 { 2129 int irq = dbell2irq(rb); 2130 int pir = rb & DBELL_PIRTAG_MASK; 2131 CPUState *cs; 2132 2133 if (irq < 0) { 2134 return; 2135 } 2136 2137 qemu_mutex_lock_iothread(); 2138 CPU_FOREACH(cs) { 2139 PowerPCCPU *cpu = POWERPC_CPU(cs); 2140 CPUPPCState *cenv = &cpu->env; 2141 2142 if ((rb & DBELL_BRDCAST) || (cenv->spr[SPR_BOOKE_PIR] == pir)) { 2143 cenv->pending_interrupts |= 1 << irq; 2144 cpu_interrupt(cs, CPU_INTERRUPT_HARD); 2145 } 2146 } 2147 qemu_mutex_unlock_iothread(); 2148 } 2149 2150 /* Server Processor Control */ 2151 2152 static bool dbell_type_server(target_ulong rb) 2153 { 2154 /* 2155 * A Directed Hypervisor Doorbell message is sent only if the 2156 * message type is 5. All other types are reserved and the 2157 * instruction is a no-op 2158 */ 2159 return (rb & DBELL_TYPE_MASK) == DBELL_TYPE_DBELL_SERVER; 2160 } 2161 2162 void helper_book3s_msgclr(CPUPPCState *env, target_ulong rb) 2163 { 2164 if (!dbell_type_server(rb)) { 2165 return; 2166 } 2167 2168 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_HDOORBELL); 2169 } 2170 2171 static void book3s_msgsnd_common(int pir, int irq) 2172 { 2173 CPUState *cs; 2174 2175 qemu_mutex_lock_iothread(); 2176 CPU_FOREACH(cs) { 2177 PowerPCCPU *cpu = POWERPC_CPU(cs); 2178 CPUPPCState *cenv = &cpu->env; 2179 2180 /* TODO: broadcast message to all threads of the same processor */ 2181 if (cenv->spr_cb[SPR_PIR].default_value == pir) { 2182 cenv->pending_interrupts |= 1 << irq; 2183 cpu_interrupt(cs, CPU_INTERRUPT_HARD); 2184 } 2185 } 2186 qemu_mutex_unlock_iothread(); 2187 } 2188 2189 void helper_book3s_msgsnd(target_ulong rb) 2190 { 2191 int pir = rb & DBELL_PROCIDTAG_MASK; 2192 2193 if (!dbell_type_server(rb)) { 2194 return; 2195 } 2196 2197 book3s_msgsnd_common(pir, PPC_INTERRUPT_HDOORBELL); 2198 } 2199 2200 #if defined(TARGET_PPC64) 2201 void helper_book3s_msgclrp(CPUPPCState *env, target_ulong rb) 2202 { 2203 helper_hfscr_facility_check(env, HFSCR_MSGP, "msgclrp", HFSCR_IC_MSGP); 2204 2205 if (!dbell_type_server(rb)) { 2206 return; 2207 } 2208 2209 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_DOORBELL); 2210 } 2211 2212 /* 2213 * sends a message to other threads that are on the same 2214 * multi-threaded processor 2215 */ 2216 void helper_book3s_msgsndp(CPUPPCState *env, target_ulong rb) 2217 { 2218 int pir = env->spr_cb[SPR_PIR].default_value; 2219 2220 helper_hfscr_facility_check(env, HFSCR_MSGP, "msgsndp", HFSCR_IC_MSGP); 2221 2222 if (!dbell_type_server(rb)) { 2223 return; 2224 } 2225 2226 /* TODO: TCG supports only one thread */ 2227 2228 book3s_msgsnd_common(pir, PPC_INTERRUPT_DOORBELL); 2229 } 2230 #endif /* TARGET_PPC64 */ 2231 2232 void ppc_cpu_do_unaligned_access(CPUState *cs, vaddr vaddr, 2233 MMUAccessType access_type, 2234 int mmu_idx, uintptr_t retaddr) 2235 { 2236 CPUPPCState *env = cs->env_ptr; 2237 uint32_t insn; 2238 2239 /* Restore state and reload the insn we executed, for filling in DSISR. */ 2240 cpu_restore_state(cs, retaddr, true); 2241 insn = cpu_ldl_code(env, env->nip); 2242 2243 switch (env->mmu_model) { 2244 case POWERPC_MMU_SOFT_4xx: 2245 env->spr[SPR_40x_DEAR] = vaddr; 2246 break; 2247 case POWERPC_MMU_BOOKE: 2248 case POWERPC_MMU_BOOKE206: 2249 env->spr[SPR_BOOKE_DEAR] = vaddr; 2250 break; 2251 default: 2252 env->spr[SPR_DAR] = vaddr; 2253 break; 2254 } 2255 2256 cs->exception_index = POWERPC_EXCP_ALIGN; 2257 env->error_code = insn & 0x03FF0000; 2258 cpu_loop_exit(cs); 2259 } 2260 #endif /* CONFIG_TCG */ 2261 #endif /* !CONFIG_USER_ONLY */ 2262