1 /* 2 * PowerPC exception emulation helpers for QEMU. 3 * 4 * Copyright (c) 2003-2007 Jocelyn Mayer 5 * 6 * This library is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU Lesser General Public 8 * License as published by the Free Software Foundation; either 9 * version 2.1 of the License, or (at your option) any later version. 10 * 11 * This library is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 * Lesser General Public License for more details. 15 * 16 * You should have received a copy of the GNU Lesser General Public 17 * License along with this library; if not, see <http://www.gnu.org/licenses/>. 18 */ 19 #include "qemu/osdep.h" 20 #include "qemu/main-loop.h" 21 #include "cpu.h" 22 #include "exec/exec-all.h" 23 #include "internal.h" 24 #include "helper_regs.h" 25 26 #include "trace.h" 27 28 #ifdef CONFIG_TCG 29 #include "exec/helper-proto.h" 30 #include "exec/cpu_ldst.h" 31 #endif 32 33 /*****************************************************************************/ 34 /* Exception processing */ 35 #if !defined(CONFIG_USER_ONLY) 36 37 static const char *powerpc_excp_name(int excp) 38 { 39 switch (excp) { 40 case POWERPC_EXCP_CRITICAL: return "CRITICAL"; 41 case POWERPC_EXCP_MCHECK: return "MCHECK"; 42 case POWERPC_EXCP_DSI: return "DSI"; 43 case POWERPC_EXCP_ISI: return "ISI"; 44 case POWERPC_EXCP_EXTERNAL: return "EXTERNAL"; 45 case POWERPC_EXCP_ALIGN: return "ALIGN"; 46 case POWERPC_EXCP_PROGRAM: return "PROGRAM"; 47 case POWERPC_EXCP_FPU: return "FPU"; 48 case POWERPC_EXCP_SYSCALL: return "SYSCALL"; 49 case POWERPC_EXCP_APU: return "APU"; 50 case POWERPC_EXCP_DECR: return "DECR"; 51 case POWERPC_EXCP_FIT: return "FIT"; 52 case POWERPC_EXCP_WDT: return "WDT"; 53 case POWERPC_EXCP_DTLB: return "DTLB"; 54 case POWERPC_EXCP_ITLB: return "ITLB"; 55 case POWERPC_EXCP_DEBUG: return "DEBUG"; 56 case POWERPC_EXCP_SPEU: return "SPEU"; 57 case POWERPC_EXCP_EFPDI: return "EFPDI"; 58 case POWERPC_EXCP_EFPRI: return "EFPRI"; 59 case POWERPC_EXCP_EPERFM: return "EPERFM"; 60 case POWERPC_EXCP_DOORI: return "DOORI"; 61 case POWERPC_EXCP_DOORCI: return "DOORCI"; 62 case POWERPC_EXCP_GDOORI: return "GDOORI"; 63 case POWERPC_EXCP_GDOORCI: return "GDOORCI"; 64 case POWERPC_EXCP_HYPPRIV: return "HYPPRIV"; 65 case POWERPC_EXCP_RESET: return "RESET"; 66 case POWERPC_EXCP_DSEG: return "DSEG"; 67 case POWERPC_EXCP_ISEG: return "ISEG"; 68 case POWERPC_EXCP_HDECR: return "HDECR"; 69 case POWERPC_EXCP_TRACE: return "TRACE"; 70 case POWERPC_EXCP_HDSI: return "HDSI"; 71 case POWERPC_EXCP_HISI: return "HISI"; 72 case POWERPC_EXCP_HDSEG: return "HDSEG"; 73 case POWERPC_EXCP_HISEG: return "HISEG"; 74 case POWERPC_EXCP_VPU: return "VPU"; 75 case POWERPC_EXCP_PIT: return "PIT"; 76 case POWERPC_EXCP_EMUL: return "EMUL"; 77 case POWERPC_EXCP_IFTLB: return "IFTLB"; 78 case POWERPC_EXCP_DLTLB: return "DLTLB"; 79 case POWERPC_EXCP_DSTLB: return "DSTLB"; 80 case POWERPC_EXCP_FPA: return "FPA"; 81 case POWERPC_EXCP_DABR: return "DABR"; 82 case POWERPC_EXCP_IABR: return "IABR"; 83 case POWERPC_EXCP_SMI: return "SMI"; 84 case POWERPC_EXCP_PERFM: return "PERFM"; 85 case POWERPC_EXCP_THERM: return "THERM"; 86 case POWERPC_EXCP_VPUA: return "VPUA"; 87 case POWERPC_EXCP_SOFTP: return "SOFTP"; 88 case POWERPC_EXCP_MAINT: return "MAINT"; 89 case POWERPC_EXCP_MEXTBR: return "MEXTBR"; 90 case POWERPC_EXCP_NMEXTBR: return "NMEXTBR"; 91 case POWERPC_EXCP_ITLBE: return "ITLBE"; 92 case POWERPC_EXCP_DTLBE: return "DTLBE"; 93 case POWERPC_EXCP_VSXU: return "VSXU"; 94 case POWERPC_EXCP_FU: return "FU"; 95 case POWERPC_EXCP_HV_EMU: return "HV_EMU"; 96 case POWERPC_EXCP_HV_MAINT: return "HV_MAINT"; 97 case POWERPC_EXCP_HV_FU: return "HV_FU"; 98 case POWERPC_EXCP_SDOOR: return "SDOOR"; 99 case POWERPC_EXCP_SDOOR_HV: return "SDOOR_HV"; 100 case POWERPC_EXCP_HVIRT: return "HVIRT"; 101 case POWERPC_EXCP_SYSCALL_VECTORED: return "SYSCALL_VECTORED"; 102 default: 103 g_assert_not_reached(); 104 } 105 } 106 107 static void dump_syscall(CPUPPCState *env) 108 { 109 qemu_log_mask(CPU_LOG_INT, "syscall r0=%016" PRIx64 110 " r3=%016" PRIx64 " r4=%016" PRIx64 " r5=%016" PRIx64 111 " r6=%016" PRIx64 " r7=%016" PRIx64 " r8=%016" PRIx64 112 " nip=" TARGET_FMT_lx "\n", 113 ppc_dump_gpr(env, 0), ppc_dump_gpr(env, 3), 114 ppc_dump_gpr(env, 4), ppc_dump_gpr(env, 5), 115 ppc_dump_gpr(env, 6), ppc_dump_gpr(env, 7), 116 ppc_dump_gpr(env, 8), env->nip); 117 } 118 119 static void dump_hcall(CPUPPCState *env) 120 { 121 qemu_log_mask(CPU_LOG_INT, "hypercall r3=%016" PRIx64 122 " r4=%016" PRIx64 " r5=%016" PRIx64 " r6=%016" PRIx64 123 " r7=%016" PRIx64 " r8=%016" PRIx64 " r9=%016" PRIx64 124 " r10=%016" PRIx64 " r11=%016" PRIx64 " r12=%016" PRIx64 125 " nip=" TARGET_FMT_lx "\n", 126 ppc_dump_gpr(env, 3), ppc_dump_gpr(env, 4), 127 ppc_dump_gpr(env, 5), ppc_dump_gpr(env, 6), 128 ppc_dump_gpr(env, 7), ppc_dump_gpr(env, 8), 129 ppc_dump_gpr(env, 9), ppc_dump_gpr(env, 10), 130 ppc_dump_gpr(env, 11), ppc_dump_gpr(env, 12), 131 env->nip); 132 } 133 134 static void ppc_excp_debug_sw_tlb(CPUPPCState *env, int excp) 135 { 136 const char *es; 137 target_ulong *miss, *cmp; 138 int en; 139 140 if (!qemu_loglevel_mask(CPU_LOG_MMU)) { 141 return; 142 } 143 144 if (excp == POWERPC_EXCP_IFTLB) { 145 es = "I"; 146 en = 'I'; 147 miss = &env->spr[SPR_IMISS]; 148 cmp = &env->spr[SPR_ICMP]; 149 } else { 150 if (excp == POWERPC_EXCP_DLTLB) { 151 es = "DL"; 152 } else { 153 es = "DS"; 154 } 155 en = 'D'; 156 miss = &env->spr[SPR_DMISS]; 157 cmp = &env->spr[SPR_DCMP]; 158 } 159 qemu_log("6xx %sTLB miss: %cM " TARGET_FMT_lx " %cC " 160 TARGET_FMT_lx " H1 " TARGET_FMT_lx " H2 " 161 TARGET_FMT_lx " %08x\n", es, en, *miss, en, *cmp, 162 env->spr[SPR_HASH1], env->spr[SPR_HASH2], 163 env->error_code); 164 } 165 166 #if defined(TARGET_PPC64) 167 static int powerpc_reset_wakeup(CPUState *cs, CPUPPCState *env, int excp, 168 target_ulong *msr) 169 { 170 /* We no longer are in a PM state */ 171 env->resume_as_sreset = false; 172 173 /* Pretend to be returning from doze always as we don't lose state */ 174 *msr |= SRR1_WS_NOLOSS; 175 176 /* Machine checks are sent normally */ 177 if (excp == POWERPC_EXCP_MCHECK) { 178 return excp; 179 } 180 switch (excp) { 181 case POWERPC_EXCP_RESET: 182 *msr |= SRR1_WAKERESET; 183 break; 184 case POWERPC_EXCP_EXTERNAL: 185 *msr |= SRR1_WAKEEE; 186 break; 187 case POWERPC_EXCP_DECR: 188 *msr |= SRR1_WAKEDEC; 189 break; 190 case POWERPC_EXCP_SDOOR: 191 *msr |= SRR1_WAKEDBELL; 192 break; 193 case POWERPC_EXCP_SDOOR_HV: 194 *msr |= SRR1_WAKEHDBELL; 195 break; 196 case POWERPC_EXCP_HV_MAINT: 197 *msr |= SRR1_WAKEHMI; 198 break; 199 case POWERPC_EXCP_HVIRT: 200 *msr |= SRR1_WAKEHVI; 201 break; 202 default: 203 cpu_abort(cs, "Unsupported exception %d in Power Save mode\n", 204 excp); 205 } 206 return POWERPC_EXCP_RESET; 207 } 208 209 /* 210 * AIL - Alternate Interrupt Location, a mode that allows interrupts to be 211 * taken with the MMU on, and which uses an alternate location (e.g., so the 212 * kernel/hv can map the vectors there with an effective address). 213 * 214 * An interrupt is considered to be taken "with AIL" or "AIL applies" if they 215 * are delivered in this way. AIL requires the LPCR to be set to enable this 216 * mode, and then a number of conditions have to be true for AIL to apply. 217 * 218 * First of all, SRESET, MCE, and HMI are always delivered without AIL, because 219 * they specifically want to be in real mode (e.g., the MCE might be signaling 220 * a SLB multi-hit which requires SLB flush before the MMU can be enabled). 221 * 222 * After that, behaviour depends on the current MSR[IR], MSR[DR], MSR[HV], 223 * whether or not the interrupt changes MSR[HV] from 0 to 1, and the current 224 * radix mode (LPCR[HR]). 225 * 226 * POWER8, POWER9 with LPCR[HR]=0 227 * | LPCR[AIL] | MSR[IR||DR] | MSR[HV] | new MSR[HV] | AIL | 228 * +-----------+-------------+---------+-------------+-----+ 229 * | a | 00/01/10 | x | x | 0 | 230 * | a | 11 | 0 | 1 | 0 | 231 * | a | 11 | 1 | 1 | a | 232 * | a | 11 | 0 | 0 | a | 233 * +-------------------------------------------------------+ 234 * 235 * POWER9 with LPCR[HR]=1 236 * | LPCR[AIL] | MSR[IR||DR] | MSR[HV] | new MSR[HV] | AIL | 237 * +-----------+-------------+---------+-------------+-----+ 238 * | a | 00/01/10 | x | x | 0 | 239 * | a | 11 | x | x | a | 240 * +-------------------------------------------------------+ 241 * 242 * The difference with POWER9 being that MSR[HV] 0->1 interrupts can be sent to 243 * the hypervisor in AIL mode if the guest is radix. This is good for 244 * performance but allows the guest to influence the AIL of hypervisor 245 * interrupts using its MSR, and also the hypervisor must disallow guest 246 * interrupts (MSR[HV] 0->0) from using AIL if the hypervisor does not want to 247 * use AIL for its MSR[HV] 0->1 interrupts. 248 * 249 * POWER10 addresses those issues with a new LPCR[HAIL] bit that is applied to 250 * interrupts that begin execution with MSR[HV]=1 (so both MSR[HV] 0->1 and 251 * MSR[HV] 1->1). 252 * 253 * HAIL=1 is equivalent to AIL=3, for interrupts delivered with MSR[HV]=1. 254 * 255 * POWER10 behaviour is 256 * | LPCR[AIL] | LPCR[HAIL] | MSR[IR||DR] | MSR[HV] | new MSR[HV] | AIL | 257 * +-----------+------------+-------------+---------+-------------+-----+ 258 * | a | h | 00/01/10 | 0 | 0 | 0 | 259 * | a | h | 11 | 0 | 0 | a | 260 * | a | h | x | 0 | 1 | h | 261 * | a | h | 00/01/10 | 1 | 1 | 0 | 262 * | a | h | 11 | 1 | 1 | h | 263 * +--------------------------------------------------------------------+ 264 */ 265 static void ppc_excp_apply_ail(PowerPCCPU *cpu, int excp_model, int excp, 266 target_ulong msr, 267 target_ulong *new_msr, 268 target_ulong *vector) 269 { 270 CPUPPCState *env = &cpu->env; 271 bool mmu_all_on = ((msr >> MSR_IR) & 1) && ((msr >> MSR_DR) & 1); 272 bool hv_escalation = !(msr & MSR_HVB) && (*new_msr & MSR_HVB); 273 int ail = 0; 274 275 if (excp == POWERPC_EXCP_MCHECK || 276 excp == POWERPC_EXCP_RESET || 277 excp == POWERPC_EXCP_HV_MAINT) { 278 /* SRESET, MCE, HMI never apply AIL */ 279 return; 280 } 281 282 if (excp_model == POWERPC_EXCP_POWER8 || 283 excp_model == POWERPC_EXCP_POWER9) { 284 if (!mmu_all_on) { 285 /* AIL only works if MSR[IR] and MSR[DR] are both enabled. */ 286 return; 287 } 288 if (hv_escalation && !(env->spr[SPR_LPCR] & LPCR_HR)) { 289 /* 290 * AIL does not work if there is a MSR[HV] 0->1 transition and the 291 * partition is in HPT mode. For radix guests, such interrupts are 292 * allowed to be delivered to the hypervisor in ail mode. 293 */ 294 return; 295 } 296 297 ail = (env->spr[SPR_LPCR] & LPCR_AIL) >> LPCR_AIL_SHIFT; 298 if (ail == 0) { 299 return; 300 } 301 if (ail == 1) { 302 /* AIL=1 is reserved, treat it like AIL=0 */ 303 return; 304 } 305 306 } else if (excp_model == POWERPC_EXCP_POWER10) { 307 if (!mmu_all_on && !hv_escalation) { 308 /* 309 * AIL works for HV interrupts even with guest MSR[IR/DR] disabled. 310 * Guest->guest and HV->HV interrupts do require MMU on. 311 */ 312 return; 313 } 314 315 if (*new_msr & MSR_HVB) { 316 if (!(env->spr[SPR_LPCR] & LPCR_HAIL)) { 317 /* HV interrupts depend on LPCR[HAIL] */ 318 return; 319 } 320 ail = 3; /* HAIL=1 gives AIL=3 behaviour for HV interrupts */ 321 } else { 322 ail = (env->spr[SPR_LPCR] & LPCR_AIL) >> LPCR_AIL_SHIFT; 323 } 324 if (ail == 0) { 325 return; 326 } 327 if (ail == 1 || ail == 2) { 328 /* AIL=1 and AIL=2 are reserved, treat them like AIL=0 */ 329 return; 330 } 331 } else { 332 /* Other processors do not support AIL */ 333 return; 334 } 335 336 /* 337 * AIL applies, so the new MSR gets IR and DR set, and an offset applied 338 * to the new IP. 339 */ 340 *new_msr |= (1 << MSR_IR) | (1 << MSR_DR); 341 342 if (excp != POWERPC_EXCP_SYSCALL_VECTORED) { 343 if (ail == 2) { 344 *vector |= 0x0000000000018000ull; 345 } else if (ail == 3) { 346 *vector |= 0xc000000000004000ull; 347 } 348 } else { 349 /* 350 * scv AIL is a little different. AIL=2 does not change the address, 351 * only the MSR. AIL=3 replaces the 0x17000 base with 0xc...3000. 352 */ 353 if (ail == 3) { 354 *vector &= ~0x0000000000017000ull; /* Un-apply the base offset */ 355 *vector |= 0xc000000000003000ull; /* Apply scv's AIL=3 offset */ 356 } 357 } 358 } 359 #endif 360 361 static void powerpc_set_excp_state(PowerPCCPU *cpu, 362 target_ulong vector, target_ulong msr) 363 { 364 CPUState *cs = CPU(cpu); 365 CPUPPCState *env = &cpu->env; 366 367 assert((msr & env->msr_mask) == msr); 368 369 /* 370 * We don't use hreg_store_msr here as already have treated any 371 * special case that could occur. Just store MSR and update hflags 372 * 373 * Note: We *MUST* not use hreg_store_msr() as-is anyway because it 374 * will prevent setting of the HV bit which some exceptions might need 375 * to do. 376 */ 377 env->msr = msr; 378 hreg_compute_hflags(env); 379 env->nip = vector; 380 /* Reset exception state */ 381 cs->exception_index = POWERPC_EXCP_NONE; 382 env->error_code = 0; 383 384 /* Reset the reservation */ 385 env->reserve_addr = -1; 386 387 /* 388 * Any interrupt is context synchronizing, check if TCG TLB needs 389 * a delayed flush on ppc64 390 */ 391 check_tlb_flush(env, false); 392 } 393 394 static void powerpc_excp_40x(PowerPCCPU *cpu, int excp) 395 { 396 CPUState *cs = CPU(cpu); 397 CPUPPCState *env = &cpu->env; 398 target_ulong msr, new_msr, vector; 399 int srr0, srr1; 400 401 /* new srr1 value excluding must-be-zero bits */ 402 msr = env->msr & ~0x783f0000ULL; 403 404 /* 405 * new interrupt handler msr preserves existing ME unless 406 * explicitly overriden. 407 */ 408 new_msr = env->msr & (((target_ulong)1 << MSR_ME)); 409 410 /* target registers */ 411 srr0 = SPR_SRR0; 412 srr1 = SPR_SRR1; 413 414 /* 415 * Hypervisor emulation assistance interrupt only exists on server 416 * arch 2.05 server or later. 417 */ 418 if (excp == POWERPC_EXCP_HV_EMU) { 419 excp = POWERPC_EXCP_PROGRAM; 420 } 421 422 vector = env->excp_vectors[excp]; 423 if (vector == (target_ulong)-1ULL) { 424 cpu_abort(cs, "Raised an exception without defined vector %d\n", 425 excp); 426 } 427 428 vector |= env->excp_prefix; 429 430 switch (excp) { 431 case POWERPC_EXCP_CRITICAL: /* Critical input */ 432 srr0 = SPR_40x_SRR2; 433 srr1 = SPR_40x_SRR3; 434 break; 435 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 436 if (msr_me == 0) { 437 /* 438 * Machine check exception is not enabled. Enter 439 * checkstop state. 440 */ 441 fprintf(stderr, "Machine check while not allowed. " 442 "Entering checkstop state\n"); 443 if (qemu_log_separate()) { 444 qemu_log("Machine check while not allowed. " 445 "Entering checkstop state\n"); 446 } 447 cs->halted = 1; 448 cpu_interrupt_exittb(cs); 449 } 450 451 /* machine check exceptions don't have ME set */ 452 new_msr &= ~((target_ulong)1 << MSR_ME); 453 454 srr0 = SPR_40x_SRR2; 455 srr1 = SPR_40x_SRR3; 456 break; 457 case POWERPC_EXCP_DSI: /* Data storage exception */ 458 trace_ppc_excp_dsi(env->spr[SPR_40x_ESR], env->spr[SPR_40x_DEAR]); 459 break; 460 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 461 trace_ppc_excp_isi(msr, env->nip); 462 break; 463 case POWERPC_EXCP_EXTERNAL: /* External input */ 464 break; 465 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 466 break; 467 case POWERPC_EXCP_PROGRAM: /* Program exception */ 468 switch (env->error_code & ~0xF) { 469 case POWERPC_EXCP_FP: 470 if ((msr_fe0 == 0 && msr_fe1 == 0) || msr_fp == 0) { 471 trace_ppc_excp_fp_ignore(); 472 cs->exception_index = POWERPC_EXCP_NONE; 473 env->error_code = 0; 474 return; 475 } 476 env->spr[SPR_40x_ESR] = ESR_FP; 477 break; 478 case POWERPC_EXCP_INVAL: 479 trace_ppc_excp_inval(env->nip); 480 env->spr[SPR_40x_ESR] = ESR_PIL; 481 break; 482 case POWERPC_EXCP_PRIV: 483 env->spr[SPR_40x_ESR] = ESR_PPR; 484 break; 485 case POWERPC_EXCP_TRAP: 486 env->spr[SPR_40x_ESR] = ESR_PTR; 487 break; 488 default: 489 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 490 env->error_code); 491 break; 492 } 493 break; 494 case POWERPC_EXCP_SYSCALL: /* System call exception */ 495 dump_syscall(env); 496 497 /* 498 * We need to correct the NIP which in this case is supposed 499 * to point to the next instruction 500 */ 501 env->nip += 4; 502 break; 503 case POWERPC_EXCP_FIT: /* Fixed-interval timer interrupt */ 504 trace_ppc_excp_print("FIT"); 505 break; 506 case POWERPC_EXCP_WDT: /* Watchdog timer interrupt */ 507 trace_ppc_excp_print("WDT"); 508 break; 509 case POWERPC_EXCP_DTLB: /* Data TLB error */ 510 case POWERPC_EXCP_ITLB: /* Instruction TLB error */ 511 break; 512 case POWERPC_EXCP_PIT: /* Programmable interval timer interrupt */ 513 trace_ppc_excp_print("PIT"); 514 break; 515 case POWERPC_EXCP_DEBUG: /* Debug interrupt */ 516 cpu_abort(cs, "%s exception not implemented\n", 517 powerpc_excp_name(excp)); 518 break; 519 default: 520 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 521 break; 522 } 523 524 /* Save PC */ 525 env->spr[srr0] = env->nip; 526 527 /* Save MSR */ 528 env->spr[srr1] = msr; 529 530 powerpc_set_excp_state(cpu, vector, new_msr); 531 } 532 533 static void powerpc_excp_6xx(PowerPCCPU *cpu, int excp) 534 { 535 CPUState *cs = CPU(cpu); 536 CPUPPCState *env = &cpu->env; 537 target_ulong msr, new_msr, vector; 538 539 /* new srr1 value excluding must-be-zero bits */ 540 msr = env->msr & ~0x783f0000ULL; 541 542 /* 543 * new interrupt handler msr preserves existing ME unless 544 * explicitly overriden 545 */ 546 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 547 548 /* 549 * Hypervisor emulation assistance interrupt only exists on server 550 * arch 2.05 server or later. 551 */ 552 if (excp == POWERPC_EXCP_HV_EMU) { 553 excp = POWERPC_EXCP_PROGRAM; 554 } 555 556 vector = env->excp_vectors[excp]; 557 if (vector == (target_ulong)-1ULL) { 558 cpu_abort(cs, "Raised an exception without defined vector %d\n", 559 excp); 560 } 561 562 vector |= env->excp_prefix; 563 564 switch (excp) { 565 case POWERPC_EXCP_CRITICAL: /* Critical input */ 566 break; 567 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 568 if (msr_me == 0) { 569 /* 570 * Machine check exception is not enabled. Enter 571 * checkstop state. 572 */ 573 fprintf(stderr, "Machine check while not allowed. " 574 "Entering checkstop state\n"); 575 if (qemu_log_separate()) { 576 qemu_log("Machine check while not allowed. " 577 "Entering checkstop state\n"); 578 } 579 cs->halted = 1; 580 cpu_interrupt_exittb(cs); 581 } 582 583 /* machine check exceptions don't have ME set */ 584 new_msr &= ~((target_ulong)1 << MSR_ME); 585 586 break; 587 case POWERPC_EXCP_DSI: /* Data storage exception */ 588 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 589 break; 590 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 591 trace_ppc_excp_isi(msr, env->nip); 592 msr |= env->error_code; 593 break; 594 case POWERPC_EXCP_EXTERNAL: /* External input */ 595 break; 596 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 597 /* Get rS/rD and rA from faulting opcode */ 598 /* 599 * Note: the opcode fields will not be set properly for a 600 * direct store load/store, but nobody cares as nobody 601 * actually uses direct store segments. 602 */ 603 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 604 break; 605 case POWERPC_EXCP_PROGRAM: /* Program exception */ 606 switch (env->error_code & ~0xF) { 607 case POWERPC_EXCP_FP: 608 if ((msr_fe0 == 0 && msr_fe1 == 0) || msr_fp == 0) { 609 trace_ppc_excp_fp_ignore(); 610 cs->exception_index = POWERPC_EXCP_NONE; 611 env->error_code = 0; 612 return; 613 } 614 615 /* 616 * FP exceptions always have NIP pointing to the faulting 617 * instruction, so always use store_next and claim we are 618 * precise in the MSR. 619 */ 620 msr |= 0x00100000; 621 break; 622 case POWERPC_EXCP_INVAL: 623 trace_ppc_excp_inval(env->nip); 624 msr |= 0x00080000; 625 break; 626 case POWERPC_EXCP_PRIV: 627 msr |= 0x00040000; 628 break; 629 case POWERPC_EXCP_TRAP: 630 msr |= 0x00020000; 631 break; 632 default: 633 /* Should never occur */ 634 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 635 env->error_code); 636 break; 637 } 638 break; 639 case POWERPC_EXCP_SYSCALL: /* System call exception */ 640 dump_syscall(env); 641 642 /* 643 * We need to correct the NIP which in this case is supposed 644 * to point to the next instruction 645 */ 646 env->nip += 4; 647 break; 648 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 649 case POWERPC_EXCP_DECR: /* Decrementer exception */ 650 break; 651 case POWERPC_EXCP_DTLB: /* Data TLB error */ 652 case POWERPC_EXCP_ITLB: /* Instruction TLB error */ 653 break; 654 case POWERPC_EXCP_RESET: /* System reset exception */ 655 if (msr_pow) { 656 cpu_abort(cs, "Trying to deliver power-saving system reset " 657 "exception %d with no HV support\n", excp); 658 } 659 break; 660 case POWERPC_EXCP_TRACE: /* Trace exception */ 661 break; 662 case POWERPC_EXCP_IFTLB: /* Instruction fetch TLB error */ 663 case POWERPC_EXCP_DLTLB: /* Data load TLB miss */ 664 case POWERPC_EXCP_DSTLB: /* Data store TLB miss */ 665 /* Swap temporary saved registers with GPRs */ 666 if (!(new_msr & ((target_ulong)1 << MSR_TGPR))) { 667 new_msr |= (target_ulong)1 << MSR_TGPR; 668 hreg_swap_gpr_tgpr(env); 669 } 670 671 ppc_excp_debug_sw_tlb(env, excp); 672 673 msr |= env->crf[0] << 28; 674 msr |= env->error_code; /* key, D/I, S/L bits */ 675 /* Set way using a LRU mechanism */ 676 msr |= ((env->last_way + 1) & (env->nb_ways - 1)) << 17; 677 break; 678 case POWERPC_EXCP_FPA: /* Floating-point assist exception */ 679 case POWERPC_EXCP_DABR: /* Data address breakpoint */ 680 case POWERPC_EXCP_IABR: /* Instruction address breakpoint */ 681 case POWERPC_EXCP_SMI: /* System management interrupt */ 682 case POWERPC_EXCP_MEXTBR: /* Maskable external breakpoint */ 683 case POWERPC_EXCP_NMEXTBR: /* Non maskable external breakpoint */ 684 cpu_abort(cs, "%s exception not implemented\n", 685 powerpc_excp_name(excp)); 686 break; 687 default: 688 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 689 break; 690 } 691 692 /* 693 * Sort out endianness of interrupt, this differs depending on the 694 * CPU, the HV mode, etc... 695 */ 696 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 697 new_msr |= (target_ulong)1 << MSR_LE; 698 } 699 700 /* Save PC */ 701 env->spr[SPR_SRR0] = env->nip; 702 703 /* Save MSR */ 704 env->spr[SPR_SRR1] = msr; 705 706 powerpc_set_excp_state(cpu, vector, new_msr); 707 } 708 709 static void powerpc_excp_7xx(PowerPCCPU *cpu, int excp) 710 { 711 CPUState *cs = CPU(cpu); 712 CPUPPCState *env = &cpu->env; 713 target_ulong msr, new_msr, vector; 714 715 /* new srr1 value excluding must-be-zero bits */ 716 msr = env->msr & ~0x783f0000ULL; 717 718 /* 719 * new interrupt handler msr preserves existing ME unless 720 * explicitly overriden 721 */ 722 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 723 724 /* 725 * Hypervisor emulation assistance interrupt only exists on server 726 * arch 2.05 server or later. 727 */ 728 if (excp == POWERPC_EXCP_HV_EMU) { 729 excp = POWERPC_EXCP_PROGRAM; 730 } 731 732 vector = env->excp_vectors[excp]; 733 if (vector == (target_ulong)-1ULL) { 734 cpu_abort(cs, "Raised an exception without defined vector %d\n", 735 excp); 736 } 737 738 vector |= env->excp_prefix; 739 740 switch (excp) { 741 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 742 if (msr_me == 0) { 743 /* 744 * Machine check exception is not enabled. Enter 745 * checkstop state. 746 */ 747 fprintf(stderr, "Machine check while not allowed. " 748 "Entering checkstop state\n"); 749 if (qemu_log_separate()) { 750 qemu_log("Machine check while not allowed. " 751 "Entering checkstop state\n"); 752 } 753 cs->halted = 1; 754 cpu_interrupt_exittb(cs); 755 } 756 757 /* machine check exceptions don't have ME set */ 758 new_msr &= ~((target_ulong)1 << MSR_ME); 759 760 break; 761 case POWERPC_EXCP_DSI: /* Data storage exception */ 762 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 763 break; 764 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 765 trace_ppc_excp_isi(msr, env->nip); 766 msr |= env->error_code; 767 break; 768 case POWERPC_EXCP_EXTERNAL: /* External input */ 769 break; 770 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 771 /* Get rS/rD and rA from faulting opcode */ 772 /* 773 * Note: the opcode fields will not be set properly for a 774 * direct store load/store, but nobody cares as nobody 775 * actually uses direct store segments. 776 */ 777 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 778 break; 779 case POWERPC_EXCP_PROGRAM: /* Program exception */ 780 switch (env->error_code & ~0xF) { 781 case POWERPC_EXCP_FP: 782 if ((msr_fe0 == 0 && msr_fe1 == 0) || msr_fp == 0) { 783 trace_ppc_excp_fp_ignore(); 784 cs->exception_index = POWERPC_EXCP_NONE; 785 env->error_code = 0; 786 return; 787 } 788 789 /* 790 * FP exceptions always have NIP pointing to the faulting 791 * instruction, so always use store_next and claim we are 792 * precise in the MSR. 793 */ 794 msr |= 0x00100000; 795 break; 796 case POWERPC_EXCP_INVAL: 797 trace_ppc_excp_inval(env->nip); 798 msr |= 0x00080000; 799 break; 800 case POWERPC_EXCP_PRIV: 801 msr |= 0x00040000; 802 break; 803 case POWERPC_EXCP_TRAP: 804 msr |= 0x00020000; 805 break; 806 default: 807 /* Should never occur */ 808 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 809 env->error_code); 810 break; 811 } 812 break; 813 case POWERPC_EXCP_SYSCALL: /* System call exception */ 814 { 815 int lev = env->error_code; 816 817 if (lev == 1 && cpu->vhyp) { 818 dump_hcall(env); 819 } else { 820 dump_syscall(env); 821 } 822 823 /* 824 * We need to correct the NIP which in this case is supposed 825 * to point to the next instruction 826 */ 827 env->nip += 4; 828 829 /* 830 * The Virtual Open Firmware (VOF) relies on the 'sc 1' 831 * instruction to communicate with QEMU. The pegasos2 machine 832 * uses VOF and the 7xx CPUs, so although the 7xx don't have 833 * HV mode, we need to keep hypercall support. 834 */ 835 if (lev == 1 && cpu->vhyp) { 836 PPCVirtualHypervisorClass *vhc = 837 PPC_VIRTUAL_HYPERVISOR_GET_CLASS(cpu->vhyp); 838 vhc->hypercall(cpu->vhyp, cpu); 839 return; 840 } 841 842 break; 843 } 844 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 845 case POWERPC_EXCP_DECR: /* Decrementer exception */ 846 break; 847 case POWERPC_EXCP_RESET: /* System reset exception */ 848 if (msr_pow) { 849 cpu_abort(cs, "Trying to deliver power-saving system reset " 850 "exception %d with no HV support\n", excp); 851 } 852 break; 853 case POWERPC_EXCP_TRACE: /* Trace exception */ 854 break; 855 case POWERPC_EXCP_IFTLB: /* Instruction fetch TLB error */ 856 case POWERPC_EXCP_DLTLB: /* Data load TLB miss */ 857 case POWERPC_EXCP_DSTLB: /* Data store TLB miss */ 858 ppc_excp_debug_sw_tlb(env, excp); 859 860 msr |= env->crf[0] << 28; 861 msr |= env->error_code; /* key, D/I, S/L bits */ 862 /* Set way using a LRU mechanism */ 863 msr |= ((env->last_way + 1) & (env->nb_ways - 1)) << 17; 864 865 break; 866 case POWERPC_EXCP_IABR: /* Instruction address breakpoint */ 867 case POWERPC_EXCP_SMI: /* System management interrupt */ 868 case POWERPC_EXCP_THERM: /* Thermal interrupt */ 869 case POWERPC_EXCP_PERFM: /* Embedded performance monitor interrupt */ 870 cpu_abort(cs, "%s exception not implemented\n", 871 powerpc_excp_name(excp)); 872 break; 873 default: 874 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 875 break; 876 } 877 878 /* 879 * Sort out endianness of interrupt, this differs depending on the 880 * CPU, the HV mode, etc... 881 */ 882 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 883 new_msr |= (target_ulong)1 << MSR_LE; 884 } 885 886 /* Save PC */ 887 env->spr[SPR_SRR0] = env->nip; 888 889 /* Save MSR */ 890 env->spr[SPR_SRR1] = msr; 891 892 powerpc_set_excp_state(cpu, vector, new_msr); 893 } 894 895 static void powerpc_excp_74xx(PowerPCCPU *cpu, int excp) 896 { 897 CPUState *cs = CPU(cpu); 898 CPUPPCState *env = &cpu->env; 899 target_ulong msr, new_msr, vector; 900 901 /* new srr1 value excluding must-be-zero bits */ 902 msr = env->msr & ~0x783f0000ULL; 903 904 /* 905 * new interrupt handler msr preserves existing ME unless 906 * explicitly overriden 907 */ 908 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 909 910 /* 911 * Hypervisor emulation assistance interrupt only exists on server 912 * arch 2.05 server or later. 913 */ 914 if (excp == POWERPC_EXCP_HV_EMU) { 915 excp = POWERPC_EXCP_PROGRAM; 916 } 917 918 vector = env->excp_vectors[excp]; 919 if (vector == (target_ulong)-1ULL) { 920 cpu_abort(cs, "Raised an exception without defined vector %d\n", 921 excp); 922 } 923 924 vector |= env->excp_prefix; 925 926 switch (excp) { 927 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 928 if (msr_me == 0) { 929 /* 930 * Machine check exception is not enabled. Enter 931 * checkstop state. 932 */ 933 fprintf(stderr, "Machine check while not allowed. " 934 "Entering checkstop state\n"); 935 if (qemu_log_separate()) { 936 qemu_log("Machine check while not allowed. " 937 "Entering checkstop state\n"); 938 } 939 cs->halted = 1; 940 cpu_interrupt_exittb(cs); 941 } 942 943 /* machine check exceptions don't have ME set */ 944 new_msr &= ~((target_ulong)1 << MSR_ME); 945 946 break; 947 case POWERPC_EXCP_DSI: /* Data storage exception */ 948 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 949 break; 950 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 951 trace_ppc_excp_isi(msr, env->nip); 952 msr |= env->error_code; 953 break; 954 case POWERPC_EXCP_EXTERNAL: /* External input */ 955 break; 956 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 957 /* Get rS/rD and rA from faulting opcode */ 958 /* 959 * Note: the opcode fields will not be set properly for a 960 * direct store load/store, but nobody cares as nobody 961 * actually uses direct store segments. 962 */ 963 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 964 break; 965 case POWERPC_EXCP_PROGRAM: /* Program exception */ 966 switch (env->error_code & ~0xF) { 967 case POWERPC_EXCP_FP: 968 if ((msr_fe0 == 0 && msr_fe1 == 0) || msr_fp == 0) { 969 trace_ppc_excp_fp_ignore(); 970 cs->exception_index = POWERPC_EXCP_NONE; 971 env->error_code = 0; 972 return; 973 } 974 975 /* 976 * FP exceptions always have NIP pointing to the faulting 977 * instruction, so always use store_next and claim we are 978 * precise in the MSR. 979 */ 980 msr |= 0x00100000; 981 break; 982 case POWERPC_EXCP_INVAL: 983 trace_ppc_excp_inval(env->nip); 984 msr |= 0x00080000; 985 break; 986 case POWERPC_EXCP_PRIV: 987 msr |= 0x00040000; 988 break; 989 case POWERPC_EXCP_TRAP: 990 msr |= 0x00020000; 991 break; 992 default: 993 /* Should never occur */ 994 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 995 env->error_code); 996 break; 997 } 998 break; 999 case POWERPC_EXCP_SYSCALL: /* System call exception */ 1000 { 1001 int lev = env->error_code; 1002 1003 if ((lev == 1) && cpu->vhyp) { 1004 dump_hcall(env); 1005 } else { 1006 dump_syscall(env); 1007 } 1008 1009 /* 1010 * We need to correct the NIP which in this case is supposed 1011 * to point to the next instruction 1012 */ 1013 env->nip += 4; 1014 1015 /* 1016 * The Virtual Open Firmware (VOF) relies on the 'sc 1' 1017 * instruction to communicate with QEMU. The pegasos2 machine 1018 * uses VOF and the 74xx CPUs, so although the 74xx don't have 1019 * HV mode, we need to keep hypercall support. 1020 */ 1021 if ((lev == 1) && cpu->vhyp) { 1022 PPCVirtualHypervisorClass *vhc = 1023 PPC_VIRTUAL_HYPERVISOR_GET_CLASS(cpu->vhyp); 1024 vhc->hypercall(cpu->vhyp, cpu); 1025 return; 1026 } 1027 1028 break; 1029 } 1030 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 1031 case POWERPC_EXCP_DECR: /* Decrementer exception */ 1032 break; 1033 case POWERPC_EXCP_RESET: /* System reset exception */ 1034 if (msr_pow) { 1035 cpu_abort(cs, "Trying to deliver power-saving system reset " 1036 "exception %d with no HV support\n", excp); 1037 } 1038 break; 1039 case POWERPC_EXCP_TRACE: /* Trace exception */ 1040 break; 1041 case POWERPC_EXCP_VPU: /* Vector unavailable exception */ 1042 break; 1043 case POWERPC_EXCP_IABR: /* Instruction address breakpoint */ 1044 case POWERPC_EXCP_SMI: /* System management interrupt */ 1045 case POWERPC_EXCP_THERM: /* Thermal interrupt */ 1046 case POWERPC_EXCP_PERFM: /* Embedded performance monitor interrupt */ 1047 case POWERPC_EXCP_VPUA: /* Vector assist exception */ 1048 cpu_abort(cs, "%s exception not implemented\n", 1049 powerpc_excp_name(excp)); 1050 break; 1051 default: 1052 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 1053 break; 1054 } 1055 1056 /* 1057 * Sort out endianness of interrupt, this differs depending on the 1058 * CPU, the HV mode, etc... 1059 */ 1060 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 1061 new_msr |= (target_ulong)1 << MSR_LE; 1062 } 1063 1064 /* Save PC */ 1065 env->spr[SPR_SRR0] = env->nip; 1066 1067 /* Save MSR */ 1068 env->spr[SPR_SRR1] = msr; 1069 1070 powerpc_set_excp_state(cpu, vector, new_msr); 1071 } 1072 1073 static void powerpc_excp_booke(PowerPCCPU *cpu, int excp) 1074 { 1075 CPUState *cs = CPU(cpu); 1076 CPUPPCState *env = &cpu->env; 1077 target_ulong msr, new_msr, vector; 1078 int srr0, srr1; 1079 1080 msr = env->msr; 1081 1082 /* 1083 * new interrupt handler msr preserves existing ME unless 1084 * explicitly overriden 1085 */ 1086 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 1087 1088 /* target registers */ 1089 srr0 = SPR_SRR0; 1090 srr1 = SPR_SRR1; 1091 1092 /* 1093 * Hypervisor emulation assistance interrupt only exists on server 1094 * arch 2.05 server or later. 1095 */ 1096 if (excp == POWERPC_EXCP_HV_EMU) { 1097 excp = POWERPC_EXCP_PROGRAM; 1098 } 1099 1100 #ifdef TARGET_PPC64 1101 /* 1102 * SPEU and VPU share the same IVOR but they exist in different 1103 * processors. SPEU is e500v1/2 only and VPU is e6500 only. 1104 */ 1105 if (excp == POWERPC_EXCP_VPU) { 1106 excp = POWERPC_EXCP_SPEU; 1107 } 1108 #endif 1109 1110 vector = env->excp_vectors[excp]; 1111 if (vector == (target_ulong)-1ULL) { 1112 cpu_abort(cs, "Raised an exception without defined vector %d\n", 1113 excp); 1114 } 1115 1116 vector |= env->excp_prefix; 1117 1118 switch (excp) { 1119 case POWERPC_EXCP_CRITICAL: /* Critical input */ 1120 srr0 = SPR_BOOKE_CSRR0; 1121 srr1 = SPR_BOOKE_CSRR1; 1122 break; 1123 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 1124 if (msr_me == 0) { 1125 /* 1126 * Machine check exception is not enabled. Enter 1127 * checkstop state. 1128 */ 1129 fprintf(stderr, "Machine check while not allowed. " 1130 "Entering checkstop state\n"); 1131 if (qemu_log_separate()) { 1132 qemu_log("Machine check while not allowed. " 1133 "Entering checkstop state\n"); 1134 } 1135 cs->halted = 1; 1136 cpu_interrupt_exittb(cs); 1137 } 1138 1139 /* machine check exceptions don't have ME set */ 1140 new_msr &= ~((target_ulong)1 << MSR_ME); 1141 1142 /* FIXME: choose one or the other based on CPU type */ 1143 srr0 = SPR_BOOKE_MCSRR0; 1144 srr1 = SPR_BOOKE_MCSRR1; 1145 1146 env->spr[SPR_BOOKE_CSRR0] = env->nip; 1147 env->spr[SPR_BOOKE_CSRR1] = msr; 1148 1149 break; 1150 case POWERPC_EXCP_DSI: /* Data storage exception */ 1151 trace_ppc_excp_dsi(env->spr[SPR_BOOKE_ESR], env->spr[SPR_BOOKE_DEAR]); 1152 break; 1153 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 1154 trace_ppc_excp_isi(msr, env->nip); 1155 break; 1156 case POWERPC_EXCP_EXTERNAL: /* External input */ 1157 if (env->mpic_proxy) { 1158 /* IACK the IRQ on delivery */ 1159 env->spr[SPR_BOOKE_EPR] = ldl_phys(cs->as, env->mpic_iack); 1160 } 1161 break; 1162 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 1163 break; 1164 case POWERPC_EXCP_PROGRAM: /* Program exception */ 1165 switch (env->error_code & ~0xF) { 1166 case POWERPC_EXCP_FP: 1167 if ((msr_fe0 == 0 && msr_fe1 == 0) || msr_fp == 0) { 1168 trace_ppc_excp_fp_ignore(); 1169 cs->exception_index = POWERPC_EXCP_NONE; 1170 env->error_code = 0; 1171 return; 1172 } 1173 1174 /* 1175 * FP exceptions always have NIP pointing to the faulting 1176 * instruction, so always use store_next and claim we are 1177 * precise in the MSR. 1178 */ 1179 msr |= 0x00100000; 1180 env->spr[SPR_BOOKE_ESR] = ESR_FP; 1181 break; 1182 case POWERPC_EXCP_INVAL: 1183 trace_ppc_excp_inval(env->nip); 1184 msr |= 0x00080000; 1185 env->spr[SPR_BOOKE_ESR] = ESR_PIL; 1186 break; 1187 case POWERPC_EXCP_PRIV: 1188 msr |= 0x00040000; 1189 env->spr[SPR_BOOKE_ESR] = ESR_PPR; 1190 break; 1191 case POWERPC_EXCP_TRAP: 1192 msr |= 0x00020000; 1193 env->spr[SPR_BOOKE_ESR] = ESR_PTR; 1194 break; 1195 default: 1196 /* Should never occur */ 1197 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 1198 env->error_code); 1199 break; 1200 } 1201 break; 1202 case POWERPC_EXCP_SYSCALL: /* System call exception */ 1203 dump_syscall(env); 1204 1205 /* 1206 * We need to correct the NIP which in this case is supposed 1207 * to point to the next instruction 1208 */ 1209 env->nip += 4; 1210 break; 1211 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 1212 case POWERPC_EXCP_APU: /* Auxiliary processor unavailable */ 1213 case POWERPC_EXCP_DECR: /* Decrementer exception */ 1214 break; 1215 case POWERPC_EXCP_FIT: /* Fixed-interval timer interrupt */ 1216 /* FIT on 4xx */ 1217 trace_ppc_excp_print("FIT"); 1218 break; 1219 case POWERPC_EXCP_WDT: /* Watchdog timer interrupt */ 1220 trace_ppc_excp_print("WDT"); 1221 srr0 = SPR_BOOKE_CSRR0; 1222 srr1 = SPR_BOOKE_CSRR1; 1223 break; 1224 case POWERPC_EXCP_DTLB: /* Data TLB error */ 1225 case POWERPC_EXCP_ITLB: /* Instruction TLB error */ 1226 break; 1227 case POWERPC_EXCP_DEBUG: /* Debug interrupt */ 1228 if (env->flags & POWERPC_FLAG_DE) { 1229 /* FIXME: choose one or the other based on CPU type */ 1230 srr0 = SPR_BOOKE_DSRR0; 1231 srr1 = SPR_BOOKE_DSRR1; 1232 1233 env->spr[SPR_BOOKE_CSRR0] = env->nip; 1234 env->spr[SPR_BOOKE_CSRR1] = msr; 1235 1236 /* DBSR already modified by caller */ 1237 } else { 1238 cpu_abort(cs, "Debug exception triggered on unsupported model\n"); 1239 } 1240 break; 1241 case POWERPC_EXCP_SPEU: /* SPE/embedded floating-point unavailable/VPU */ 1242 env->spr[SPR_BOOKE_ESR] = ESR_SPV; 1243 break; 1244 case POWERPC_EXCP_RESET: /* System reset exception */ 1245 if (msr_pow) { 1246 cpu_abort(cs, "Trying to deliver power-saving system reset " 1247 "exception %d with no HV support\n", excp); 1248 } 1249 break; 1250 case POWERPC_EXCP_EFPDI: /* Embedded floating-point data interrupt */ 1251 case POWERPC_EXCP_EFPRI: /* Embedded floating-point round interrupt */ 1252 cpu_abort(cs, "%s exception not implemented\n", 1253 powerpc_excp_name(excp)); 1254 break; 1255 default: 1256 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 1257 break; 1258 } 1259 1260 #if defined(TARGET_PPC64) 1261 if (env->spr[SPR_BOOKE_EPCR] & EPCR_ICM) { 1262 /* Cat.64-bit: EPCR.ICM is copied to MSR.CM */ 1263 new_msr |= (target_ulong)1 << MSR_CM; 1264 } else { 1265 vector = (uint32_t)vector; 1266 } 1267 #endif 1268 1269 /* Save PC */ 1270 env->spr[srr0] = env->nip; 1271 1272 /* Save MSR */ 1273 env->spr[srr1] = msr; 1274 1275 powerpc_set_excp_state(cpu, vector, new_msr); 1276 } 1277 1278 #ifdef TARGET_PPC64 1279 static void powerpc_excp_books(PowerPCCPU *cpu, int excp) 1280 { 1281 CPUState *cs = CPU(cpu); 1282 CPUPPCState *env = &cpu->env; 1283 int excp_model = env->excp_model; 1284 target_ulong msr, new_msr, vector; 1285 int srr0, srr1, lev = -1; 1286 1287 /* new srr1 value excluding must-be-zero bits */ 1288 msr = env->msr & ~0x783f0000ULL; 1289 1290 /* 1291 * new interrupt handler msr preserves existing HV and ME unless 1292 * explicitly overriden 1293 */ 1294 new_msr = env->msr & (((target_ulong)1 << MSR_ME) | MSR_HVB); 1295 1296 /* target registers */ 1297 srr0 = SPR_SRR0; 1298 srr1 = SPR_SRR1; 1299 1300 /* 1301 * check for special resume at 0x100 from doze/nap/sleep/winkle on 1302 * P7/P8/P9 1303 */ 1304 if (env->resume_as_sreset) { 1305 excp = powerpc_reset_wakeup(cs, env, excp, &msr); 1306 } 1307 1308 /* 1309 * We don't want to generate a Hypervisor Emulation Assistance 1310 * Interrupt if we don't have HVB in msr_mask (PAPR mode). 1311 */ 1312 if (excp == POWERPC_EXCP_HV_EMU && !(env->msr_mask & MSR_HVB)) { 1313 excp = POWERPC_EXCP_PROGRAM; 1314 } 1315 1316 vector = env->excp_vectors[excp]; 1317 if (vector == (target_ulong)-1ULL) { 1318 cpu_abort(cs, "Raised an exception without defined vector %d\n", 1319 excp); 1320 } 1321 1322 vector |= env->excp_prefix; 1323 1324 switch (excp) { 1325 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 1326 if (msr_me == 0) { 1327 /* 1328 * Machine check exception is not enabled. Enter 1329 * checkstop state. 1330 */ 1331 fprintf(stderr, "Machine check while not allowed. " 1332 "Entering checkstop state\n"); 1333 if (qemu_log_separate()) { 1334 qemu_log("Machine check while not allowed. " 1335 "Entering checkstop state\n"); 1336 } 1337 cs->halted = 1; 1338 cpu_interrupt_exittb(cs); 1339 } 1340 if (env->msr_mask & MSR_HVB) { 1341 /* 1342 * ISA specifies HV, but can be delivered to guest with HV 1343 * clear (e.g., see FWNMI in PAPR). 1344 */ 1345 new_msr |= (target_ulong)MSR_HVB; 1346 } 1347 1348 /* machine check exceptions don't have ME set */ 1349 new_msr &= ~((target_ulong)1 << MSR_ME); 1350 1351 break; 1352 case POWERPC_EXCP_DSI: /* Data storage exception */ 1353 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 1354 break; 1355 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 1356 trace_ppc_excp_isi(msr, env->nip); 1357 msr |= env->error_code; 1358 break; 1359 case POWERPC_EXCP_EXTERNAL: /* External input */ 1360 { 1361 bool lpes0; 1362 1363 /* 1364 * LPES0 is only taken into consideration if we support HV 1365 * mode for this CPU. 1366 */ 1367 if (!env->has_hv_mode) { 1368 break; 1369 } 1370 1371 lpes0 = !!(env->spr[SPR_LPCR] & LPCR_LPES0); 1372 1373 if (!lpes0) { 1374 new_msr |= (target_ulong)MSR_HVB; 1375 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1376 srr0 = SPR_HSRR0; 1377 srr1 = SPR_HSRR1; 1378 } 1379 1380 break; 1381 } 1382 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 1383 /* Get rS/rD and rA from faulting opcode */ 1384 /* 1385 * Note: the opcode fields will not be set properly for a 1386 * direct store load/store, but nobody cares as nobody 1387 * actually uses direct store segments. 1388 */ 1389 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 1390 break; 1391 case POWERPC_EXCP_PROGRAM: /* Program exception */ 1392 switch (env->error_code & ~0xF) { 1393 case POWERPC_EXCP_FP: 1394 if ((msr_fe0 == 0 && msr_fe1 == 0) || msr_fp == 0) { 1395 trace_ppc_excp_fp_ignore(); 1396 cs->exception_index = POWERPC_EXCP_NONE; 1397 env->error_code = 0; 1398 return; 1399 } 1400 1401 /* 1402 * FP exceptions always have NIP pointing to the faulting 1403 * instruction, so always use store_next and claim we are 1404 * precise in the MSR. 1405 */ 1406 msr |= 0x00100000; 1407 break; 1408 case POWERPC_EXCP_INVAL: 1409 trace_ppc_excp_inval(env->nip); 1410 msr |= 0x00080000; 1411 break; 1412 case POWERPC_EXCP_PRIV: 1413 msr |= 0x00040000; 1414 break; 1415 case POWERPC_EXCP_TRAP: 1416 msr |= 0x00020000; 1417 break; 1418 default: 1419 /* Should never occur */ 1420 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 1421 env->error_code); 1422 break; 1423 } 1424 break; 1425 case POWERPC_EXCP_SYSCALL: /* System call exception */ 1426 lev = env->error_code; 1427 1428 if ((lev == 1) && cpu->vhyp) { 1429 dump_hcall(env); 1430 } else { 1431 dump_syscall(env); 1432 } 1433 1434 /* 1435 * We need to correct the NIP which in this case is supposed 1436 * to point to the next instruction 1437 */ 1438 env->nip += 4; 1439 1440 /* "PAPR mode" built-in hypercall emulation */ 1441 if ((lev == 1) && cpu->vhyp) { 1442 PPCVirtualHypervisorClass *vhc = 1443 PPC_VIRTUAL_HYPERVISOR_GET_CLASS(cpu->vhyp); 1444 vhc->hypercall(cpu->vhyp, cpu); 1445 return; 1446 } 1447 if (lev == 1) { 1448 new_msr |= (target_ulong)MSR_HVB; 1449 } 1450 break; 1451 case POWERPC_EXCP_SYSCALL_VECTORED: /* scv exception */ 1452 lev = env->error_code; 1453 dump_syscall(env); 1454 env->nip += 4; 1455 new_msr |= env->msr & ((target_ulong)1 << MSR_EE); 1456 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1457 1458 vector += lev * 0x20; 1459 1460 env->lr = env->nip; 1461 env->ctr = msr; 1462 break; 1463 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 1464 case POWERPC_EXCP_DECR: /* Decrementer exception */ 1465 break; 1466 case POWERPC_EXCP_RESET: /* System reset exception */ 1467 /* A power-saving exception sets ME, otherwise it is unchanged */ 1468 if (msr_pow) { 1469 /* indicate that we resumed from power save mode */ 1470 msr |= 0x10000; 1471 new_msr |= ((target_ulong)1 << MSR_ME); 1472 } 1473 if (env->msr_mask & MSR_HVB) { 1474 /* 1475 * ISA specifies HV, but can be delivered to guest with HV 1476 * clear (e.g., see FWNMI in PAPR, NMI injection in QEMU). 1477 */ 1478 new_msr |= (target_ulong)MSR_HVB; 1479 } else { 1480 if (msr_pow) { 1481 cpu_abort(cs, "Trying to deliver power-saving system reset " 1482 "exception %d with no HV support\n", excp); 1483 } 1484 } 1485 break; 1486 case POWERPC_EXCP_DSEG: /* Data segment exception */ 1487 case POWERPC_EXCP_ISEG: /* Instruction segment exception */ 1488 case POWERPC_EXCP_TRACE: /* Trace exception */ 1489 break; 1490 case POWERPC_EXCP_HISI: /* Hypervisor instruction storage exception */ 1491 msr |= env->error_code; 1492 /* fall through */ 1493 case POWERPC_EXCP_HDECR: /* Hypervisor decrementer exception */ 1494 case POWERPC_EXCP_HDSI: /* Hypervisor data storage exception */ 1495 case POWERPC_EXCP_SDOOR_HV: /* Hypervisor Doorbell interrupt */ 1496 case POWERPC_EXCP_HV_EMU: 1497 case POWERPC_EXCP_HVIRT: /* Hypervisor virtualization */ 1498 srr0 = SPR_HSRR0; 1499 srr1 = SPR_HSRR1; 1500 new_msr |= (target_ulong)MSR_HVB; 1501 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1502 break; 1503 case POWERPC_EXCP_VPU: /* Vector unavailable exception */ 1504 case POWERPC_EXCP_VSXU: /* VSX unavailable exception */ 1505 case POWERPC_EXCP_FU: /* Facility unavailable exception */ 1506 env->spr[SPR_FSCR] |= ((target_ulong)env->error_code << 56); 1507 break; 1508 case POWERPC_EXCP_HV_FU: /* Hypervisor Facility Unavailable Exception */ 1509 env->spr[SPR_HFSCR] |= ((target_ulong)env->error_code << FSCR_IC_POS); 1510 srr0 = SPR_HSRR0; 1511 srr1 = SPR_HSRR1; 1512 new_msr |= (target_ulong)MSR_HVB; 1513 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1514 break; 1515 case POWERPC_EXCP_THERM: /* Thermal interrupt */ 1516 case POWERPC_EXCP_PERFM: /* Embedded performance monitor interrupt */ 1517 case POWERPC_EXCP_VPUA: /* Vector assist exception */ 1518 case POWERPC_EXCP_MAINT: /* Maintenance exception */ 1519 case POWERPC_EXCP_SDOOR: /* Doorbell interrupt */ 1520 case POWERPC_EXCP_HV_MAINT: /* Hypervisor Maintenance exception */ 1521 cpu_abort(cs, "%s exception not implemented\n", 1522 powerpc_excp_name(excp)); 1523 break; 1524 default: 1525 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 1526 break; 1527 } 1528 1529 /* Sanity check */ 1530 if (!(env->msr_mask & MSR_HVB) && srr0 == SPR_HSRR0) { 1531 cpu_abort(cs, "Trying to deliver HV exception (HSRR) %d with " 1532 "no HV support\n", excp); 1533 } 1534 1535 /* 1536 * Sort out endianness of interrupt, this differs depending on the 1537 * CPU, the HV mode, etc... 1538 */ 1539 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 1540 new_msr |= (target_ulong)1 << MSR_LE; 1541 } 1542 1543 new_msr |= (target_ulong)1 << MSR_SF; 1544 1545 if (excp != POWERPC_EXCP_SYSCALL_VECTORED) { 1546 /* Save PC */ 1547 env->spr[srr0] = env->nip; 1548 1549 /* Save MSR */ 1550 env->spr[srr1] = msr; 1551 } 1552 1553 /* This can update new_msr and vector if AIL applies */ 1554 ppc_excp_apply_ail(cpu, excp_model, excp, msr, &new_msr, &vector); 1555 1556 powerpc_set_excp_state(cpu, vector, new_msr); 1557 } 1558 #else 1559 static inline void powerpc_excp_books(PowerPCCPU *cpu, int excp) 1560 { 1561 g_assert_not_reached(); 1562 } 1563 #endif 1564 1565 static void powerpc_excp(PowerPCCPU *cpu, int excp) 1566 { 1567 CPUState *cs = CPU(cpu); 1568 CPUPPCState *env = &cpu->env; 1569 1570 if (excp <= POWERPC_EXCP_NONE || excp >= POWERPC_EXCP_NB) { 1571 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 1572 } 1573 1574 qemu_log_mask(CPU_LOG_INT, "Raise exception at " TARGET_FMT_lx 1575 " => %s (%d) error=%02x\n", env->nip, powerpc_excp_name(excp), 1576 excp, env->error_code); 1577 1578 switch (env->excp_model) { 1579 case POWERPC_EXCP_40x: 1580 powerpc_excp_40x(cpu, excp); 1581 break; 1582 case POWERPC_EXCP_6xx: 1583 powerpc_excp_6xx(cpu, excp); 1584 break; 1585 case POWERPC_EXCP_7xx: 1586 powerpc_excp_7xx(cpu, excp); 1587 break; 1588 case POWERPC_EXCP_74xx: 1589 powerpc_excp_74xx(cpu, excp); 1590 break; 1591 case POWERPC_EXCP_BOOKE: 1592 powerpc_excp_booke(cpu, excp); 1593 break; 1594 case POWERPC_EXCP_970: 1595 case POWERPC_EXCP_POWER7: 1596 case POWERPC_EXCP_POWER8: 1597 case POWERPC_EXCP_POWER9: 1598 case POWERPC_EXCP_POWER10: 1599 powerpc_excp_books(cpu, excp); 1600 break; 1601 default: 1602 g_assert_not_reached(); 1603 } 1604 } 1605 1606 void ppc_cpu_do_interrupt(CPUState *cs) 1607 { 1608 PowerPCCPU *cpu = POWERPC_CPU(cs); 1609 1610 powerpc_excp(cpu, cs->exception_index); 1611 } 1612 1613 static void ppc_hw_interrupt(CPUPPCState *env) 1614 { 1615 PowerPCCPU *cpu = env_archcpu(env); 1616 bool async_deliver; 1617 1618 /* External reset */ 1619 if (env->pending_interrupts & (1 << PPC_INTERRUPT_RESET)) { 1620 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_RESET); 1621 powerpc_excp(cpu, POWERPC_EXCP_RESET); 1622 return; 1623 } 1624 /* Machine check exception */ 1625 if (env->pending_interrupts & (1 << PPC_INTERRUPT_MCK)) { 1626 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_MCK); 1627 powerpc_excp(cpu, POWERPC_EXCP_MCHECK); 1628 return; 1629 } 1630 #if 0 /* TODO */ 1631 /* External debug exception */ 1632 if (env->pending_interrupts & (1 << PPC_INTERRUPT_DEBUG)) { 1633 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_DEBUG); 1634 powerpc_excp(cpu, POWERPC_EXCP_DEBUG); 1635 return; 1636 } 1637 #endif 1638 1639 /* 1640 * For interrupts that gate on MSR:EE, we need to do something a 1641 * bit more subtle, as we need to let them through even when EE is 1642 * clear when coming out of some power management states (in order 1643 * for them to become a 0x100). 1644 */ 1645 async_deliver = (msr_ee != 0) || env->resume_as_sreset; 1646 1647 /* Hypervisor decrementer exception */ 1648 if (env->pending_interrupts & (1 << PPC_INTERRUPT_HDECR)) { 1649 /* LPCR will be clear when not supported so this will work */ 1650 bool hdice = !!(env->spr[SPR_LPCR] & LPCR_HDICE); 1651 if ((async_deliver || msr_hv == 0) && hdice) { 1652 /* HDEC clears on delivery */ 1653 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_HDECR); 1654 powerpc_excp(cpu, POWERPC_EXCP_HDECR); 1655 return; 1656 } 1657 } 1658 1659 /* Hypervisor virtualization interrupt */ 1660 if (env->pending_interrupts & (1 << PPC_INTERRUPT_HVIRT)) { 1661 /* LPCR will be clear when not supported so this will work */ 1662 bool hvice = !!(env->spr[SPR_LPCR] & LPCR_HVICE); 1663 if ((async_deliver || msr_hv == 0) && hvice) { 1664 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 1665 return; 1666 } 1667 } 1668 1669 /* External interrupt can ignore MSR:EE under some circumstances */ 1670 if (env->pending_interrupts & (1 << PPC_INTERRUPT_EXT)) { 1671 bool lpes0 = !!(env->spr[SPR_LPCR] & LPCR_LPES0); 1672 bool heic = !!(env->spr[SPR_LPCR] & LPCR_HEIC); 1673 /* HEIC blocks delivery to the hypervisor */ 1674 if ((async_deliver && !(heic && msr_hv && !msr_pr)) || 1675 (env->has_hv_mode && msr_hv == 0 && !lpes0)) { 1676 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL); 1677 return; 1678 } 1679 } 1680 if (msr_ce != 0) { 1681 /* External critical interrupt */ 1682 if (env->pending_interrupts & (1 << PPC_INTERRUPT_CEXT)) { 1683 powerpc_excp(cpu, POWERPC_EXCP_CRITICAL); 1684 return; 1685 } 1686 } 1687 if (async_deliver != 0) { 1688 /* Watchdog timer on embedded PowerPC */ 1689 if (env->pending_interrupts & (1 << PPC_INTERRUPT_WDT)) { 1690 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_WDT); 1691 powerpc_excp(cpu, POWERPC_EXCP_WDT); 1692 return; 1693 } 1694 if (env->pending_interrupts & (1 << PPC_INTERRUPT_CDOORBELL)) { 1695 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_CDOORBELL); 1696 powerpc_excp(cpu, POWERPC_EXCP_DOORCI); 1697 return; 1698 } 1699 /* Fixed interval timer on embedded PowerPC */ 1700 if (env->pending_interrupts & (1 << PPC_INTERRUPT_FIT)) { 1701 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_FIT); 1702 powerpc_excp(cpu, POWERPC_EXCP_FIT); 1703 return; 1704 } 1705 /* Programmable interval timer on embedded PowerPC */ 1706 if (env->pending_interrupts & (1 << PPC_INTERRUPT_PIT)) { 1707 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_PIT); 1708 powerpc_excp(cpu, POWERPC_EXCP_PIT); 1709 return; 1710 } 1711 /* Decrementer exception */ 1712 if (env->pending_interrupts & (1 << PPC_INTERRUPT_DECR)) { 1713 if (ppc_decr_clear_on_delivery(env)) { 1714 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_DECR); 1715 } 1716 powerpc_excp(cpu, POWERPC_EXCP_DECR); 1717 return; 1718 } 1719 if (env->pending_interrupts & (1 << PPC_INTERRUPT_DOORBELL)) { 1720 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_DOORBELL); 1721 if (is_book3s_arch2x(env)) { 1722 powerpc_excp(cpu, POWERPC_EXCP_SDOOR); 1723 } else { 1724 powerpc_excp(cpu, POWERPC_EXCP_DOORI); 1725 } 1726 return; 1727 } 1728 if (env->pending_interrupts & (1 << PPC_INTERRUPT_HDOORBELL)) { 1729 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_HDOORBELL); 1730 powerpc_excp(cpu, POWERPC_EXCP_SDOOR_HV); 1731 return; 1732 } 1733 if (env->pending_interrupts & (1 << PPC_INTERRUPT_PERFM)) { 1734 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_PERFM); 1735 powerpc_excp(cpu, POWERPC_EXCP_PERFM); 1736 return; 1737 } 1738 /* Thermal interrupt */ 1739 if (env->pending_interrupts & (1 << PPC_INTERRUPT_THERM)) { 1740 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_THERM); 1741 powerpc_excp(cpu, POWERPC_EXCP_THERM); 1742 return; 1743 } 1744 } 1745 1746 if (env->resume_as_sreset) { 1747 /* 1748 * This is a bug ! It means that has_work took us out of halt without 1749 * anything to deliver while in a PM state that requires getting 1750 * out via a 0x100 1751 * 1752 * This means we will incorrectly execute past the power management 1753 * instruction instead of triggering a reset. 1754 * 1755 * It generally means a discrepancy between the wakeup conditions in the 1756 * processor has_work implementation and the logic in this function. 1757 */ 1758 cpu_abort(env_cpu(env), 1759 "Wakeup from PM state but interrupt Undelivered"); 1760 } 1761 } 1762 1763 void ppc_cpu_do_system_reset(CPUState *cs) 1764 { 1765 PowerPCCPU *cpu = POWERPC_CPU(cs); 1766 1767 powerpc_excp(cpu, POWERPC_EXCP_RESET); 1768 } 1769 1770 void ppc_cpu_do_fwnmi_machine_check(CPUState *cs, target_ulong vector) 1771 { 1772 PowerPCCPU *cpu = POWERPC_CPU(cs); 1773 CPUPPCState *env = &cpu->env; 1774 target_ulong msr = 0; 1775 1776 /* 1777 * Set MSR and NIP for the handler, SRR0/1, DAR and DSISR have already 1778 * been set by KVM. 1779 */ 1780 msr = (1ULL << MSR_ME); 1781 msr |= env->msr & (1ULL << MSR_SF); 1782 if (ppc_interrupts_little_endian(cpu, false)) { 1783 msr |= (1ULL << MSR_LE); 1784 } 1785 1786 powerpc_set_excp_state(cpu, vector, msr); 1787 } 1788 1789 bool ppc_cpu_exec_interrupt(CPUState *cs, int interrupt_request) 1790 { 1791 PowerPCCPU *cpu = POWERPC_CPU(cs); 1792 CPUPPCState *env = &cpu->env; 1793 1794 if (interrupt_request & CPU_INTERRUPT_HARD) { 1795 ppc_hw_interrupt(env); 1796 if (env->pending_interrupts == 0) { 1797 cs->interrupt_request &= ~CPU_INTERRUPT_HARD; 1798 } 1799 return true; 1800 } 1801 return false; 1802 } 1803 1804 #endif /* !CONFIG_USER_ONLY */ 1805 1806 /*****************************************************************************/ 1807 /* Exceptions processing helpers */ 1808 1809 void raise_exception_err_ra(CPUPPCState *env, uint32_t exception, 1810 uint32_t error_code, uintptr_t raddr) 1811 { 1812 CPUState *cs = env_cpu(env); 1813 1814 cs->exception_index = exception; 1815 env->error_code = error_code; 1816 cpu_loop_exit_restore(cs, raddr); 1817 } 1818 1819 void raise_exception_err(CPUPPCState *env, uint32_t exception, 1820 uint32_t error_code) 1821 { 1822 raise_exception_err_ra(env, exception, error_code, 0); 1823 } 1824 1825 void raise_exception(CPUPPCState *env, uint32_t exception) 1826 { 1827 raise_exception_err_ra(env, exception, 0, 0); 1828 } 1829 1830 void raise_exception_ra(CPUPPCState *env, uint32_t exception, 1831 uintptr_t raddr) 1832 { 1833 raise_exception_err_ra(env, exception, 0, raddr); 1834 } 1835 1836 #ifdef CONFIG_TCG 1837 void helper_raise_exception_err(CPUPPCState *env, uint32_t exception, 1838 uint32_t error_code) 1839 { 1840 raise_exception_err_ra(env, exception, error_code, 0); 1841 } 1842 1843 void helper_raise_exception(CPUPPCState *env, uint32_t exception) 1844 { 1845 raise_exception_err_ra(env, exception, 0, 0); 1846 } 1847 #endif 1848 1849 #if !defined(CONFIG_USER_ONLY) 1850 #ifdef CONFIG_TCG 1851 void helper_store_msr(CPUPPCState *env, target_ulong val) 1852 { 1853 uint32_t excp = hreg_store_msr(env, val, 0); 1854 1855 if (excp != 0) { 1856 CPUState *cs = env_cpu(env); 1857 cpu_interrupt_exittb(cs); 1858 raise_exception(env, excp); 1859 } 1860 } 1861 1862 #if defined(TARGET_PPC64) 1863 void helper_scv(CPUPPCState *env, uint32_t lev) 1864 { 1865 if (env->spr[SPR_FSCR] & (1ull << FSCR_SCV)) { 1866 raise_exception_err(env, POWERPC_EXCP_SYSCALL_VECTORED, lev); 1867 } else { 1868 raise_exception_err(env, POWERPC_EXCP_FU, FSCR_IC_SCV); 1869 } 1870 } 1871 1872 void helper_pminsn(CPUPPCState *env, powerpc_pm_insn_t insn) 1873 { 1874 CPUState *cs; 1875 1876 cs = env_cpu(env); 1877 cs->halted = 1; 1878 1879 /* Condition for waking up at 0x100 */ 1880 env->resume_as_sreset = (insn != PPC_PM_STOP) || 1881 (env->spr[SPR_PSSCR] & PSSCR_EC); 1882 } 1883 #endif /* defined(TARGET_PPC64) */ 1884 1885 static void do_rfi(CPUPPCState *env, target_ulong nip, target_ulong msr) 1886 { 1887 CPUState *cs = env_cpu(env); 1888 1889 /* MSR:POW cannot be set by any form of rfi */ 1890 msr &= ~(1ULL << MSR_POW); 1891 1892 /* MSR:TGPR cannot be set by any form of rfi */ 1893 if (env->flags & POWERPC_FLAG_TGPR) 1894 msr &= ~(1ULL << MSR_TGPR); 1895 1896 #if defined(TARGET_PPC64) 1897 /* Switching to 32-bit ? Crop the nip */ 1898 if (!msr_is_64bit(env, msr)) { 1899 nip = (uint32_t)nip; 1900 } 1901 #else 1902 nip = (uint32_t)nip; 1903 #endif 1904 /* XXX: beware: this is false if VLE is supported */ 1905 env->nip = nip & ~((target_ulong)0x00000003); 1906 hreg_store_msr(env, msr, 1); 1907 trace_ppc_excp_rfi(env->nip, env->msr); 1908 /* 1909 * No need to raise an exception here, as rfi is always the last 1910 * insn of a TB 1911 */ 1912 cpu_interrupt_exittb(cs); 1913 /* Reset the reservation */ 1914 env->reserve_addr = -1; 1915 1916 /* Context synchronizing: check if TCG TLB needs flush */ 1917 check_tlb_flush(env, false); 1918 } 1919 1920 void helper_rfi(CPUPPCState *env) 1921 { 1922 do_rfi(env, env->spr[SPR_SRR0], env->spr[SPR_SRR1] & 0xfffffffful); 1923 } 1924 1925 #define MSR_BOOK3S_MASK 1926 #if defined(TARGET_PPC64) 1927 void helper_rfid(CPUPPCState *env) 1928 { 1929 /* 1930 * The architecture defines a number of rules for which bits can 1931 * change but in practice, we handle this in hreg_store_msr() 1932 * which will be called by do_rfi(), so there is no need to filter 1933 * here 1934 */ 1935 do_rfi(env, env->spr[SPR_SRR0], env->spr[SPR_SRR1]); 1936 } 1937 1938 void helper_rfscv(CPUPPCState *env) 1939 { 1940 do_rfi(env, env->lr, env->ctr); 1941 } 1942 1943 void helper_hrfid(CPUPPCState *env) 1944 { 1945 do_rfi(env, env->spr[SPR_HSRR0], env->spr[SPR_HSRR1]); 1946 } 1947 #endif 1948 1949 #if defined(TARGET_PPC64) && !defined(CONFIG_USER_ONLY) 1950 void helper_rfebb(CPUPPCState *env, target_ulong s) 1951 { 1952 target_ulong msr = env->msr; 1953 1954 /* 1955 * Handling of BESCR bits 32:33 according to PowerISA v3.1: 1956 * 1957 * "If BESCR 32:33 != 0b00 the instruction is treated as if 1958 * the instruction form were invalid." 1959 */ 1960 if (env->spr[SPR_BESCR] & BESCR_INVALID) { 1961 raise_exception_err(env, POWERPC_EXCP_PROGRAM, 1962 POWERPC_EXCP_INVAL | POWERPC_EXCP_INVAL_INVAL); 1963 } 1964 1965 env->nip = env->spr[SPR_EBBRR]; 1966 1967 /* Switching to 32-bit ? Crop the nip */ 1968 if (!msr_is_64bit(env, msr)) { 1969 env->nip = (uint32_t)env->spr[SPR_EBBRR]; 1970 } 1971 1972 if (s) { 1973 env->spr[SPR_BESCR] |= BESCR_GE; 1974 } else { 1975 env->spr[SPR_BESCR] &= ~BESCR_GE; 1976 } 1977 } 1978 #endif 1979 1980 /*****************************************************************************/ 1981 /* Embedded PowerPC specific helpers */ 1982 void helper_40x_rfci(CPUPPCState *env) 1983 { 1984 do_rfi(env, env->spr[SPR_40x_SRR2], env->spr[SPR_40x_SRR3]); 1985 } 1986 1987 void helper_rfci(CPUPPCState *env) 1988 { 1989 do_rfi(env, env->spr[SPR_BOOKE_CSRR0], env->spr[SPR_BOOKE_CSRR1]); 1990 } 1991 1992 void helper_rfdi(CPUPPCState *env) 1993 { 1994 /* FIXME: choose CSRR1 or DSRR1 based on cpu type */ 1995 do_rfi(env, env->spr[SPR_BOOKE_DSRR0], env->spr[SPR_BOOKE_DSRR1]); 1996 } 1997 1998 void helper_rfmci(CPUPPCState *env) 1999 { 2000 /* FIXME: choose CSRR1 or MCSRR1 based on cpu type */ 2001 do_rfi(env, env->spr[SPR_BOOKE_MCSRR0], env->spr[SPR_BOOKE_MCSRR1]); 2002 } 2003 #endif /* CONFIG_TCG */ 2004 #endif /* !defined(CONFIG_USER_ONLY) */ 2005 2006 #ifdef CONFIG_TCG 2007 void helper_tw(CPUPPCState *env, target_ulong arg1, target_ulong arg2, 2008 uint32_t flags) 2009 { 2010 if (!likely(!(((int32_t)arg1 < (int32_t)arg2 && (flags & 0x10)) || 2011 ((int32_t)arg1 > (int32_t)arg2 && (flags & 0x08)) || 2012 ((int32_t)arg1 == (int32_t)arg2 && (flags & 0x04)) || 2013 ((uint32_t)arg1 < (uint32_t)arg2 && (flags & 0x02)) || 2014 ((uint32_t)arg1 > (uint32_t)arg2 && (flags & 0x01))))) { 2015 raise_exception_err_ra(env, POWERPC_EXCP_PROGRAM, 2016 POWERPC_EXCP_TRAP, GETPC()); 2017 } 2018 } 2019 2020 #if defined(TARGET_PPC64) 2021 void helper_td(CPUPPCState *env, target_ulong arg1, target_ulong arg2, 2022 uint32_t flags) 2023 { 2024 if (!likely(!(((int64_t)arg1 < (int64_t)arg2 && (flags & 0x10)) || 2025 ((int64_t)arg1 > (int64_t)arg2 && (flags & 0x08)) || 2026 ((int64_t)arg1 == (int64_t)arg2 && (flags & 0x04)) || 2027 ((uint64_t)arg1 < (uint64_t)arg2 && (flags & 0x02)) || 2028 ((uint64_t)arg1 > (uint64_t)arg2 && (flags & 0x01))))) { 2029 raise_exception_err_ra(env, POWERPC_EXCP_PROGRAM, 2030 POWERPC_EXCP_TRAP, GETPC()); 2031 } 2032 } 2033 #endif 2034 #endif 2035 2036 #if !defined(CONFIG_USER_ONLY) 2037 2038 #ifdef CONFIG_TCG 2039 2040 /* Embedded.Processor Control */ 2041 static int dbell2irq(target_ulong rb) 2042 { 2043 int msg = rb & DBELL_TYPE_MASK; 2044 int irq = -1; 2045 2046 switch (msg) { 2047 case DBELL_TYPE_DBELL: 2048 irq = PPC_INTERRUPT_DOORBELL; 2049 break; 2050 case DBELL_TYPE_DBELL_CRIT: 2051 irq = PPC_INTERRUPT_CDOORBELL; 2052 break; 2053 case DBELL_TYPE_G_DBELL: 2054 case DBELL_TYPE_G_DBELL_CRIT: 2055 case DBELL_TYPE_G_DBELL_MC: 2056 /* XXX implement */ 2057 default: 2058 break; 2059 } 2060 2061 return irq; 2062 } 2063 2064 void helper_msgclr(CPUPPCState *env, target_ulong rb) 2065 { 2066 int irq = dbell2irq(rb); 2067 2068 if (irq < 0) { 2069 return; 2070 } 2071 2072 env->pending_interrupts &= ~(1 << irq); 2073 } 2074 2075 void helper_msgsnd(target_ulong rb) 2076 { 2077 int irq = dbell2irq(rb); 2078 int pir = rb & DBELL_PIRTAG_MASK; 2079 CPUState *cs; 2080 2081 if (irq < 0) { 2082 return; 2083 } 2084 2085 qemu_mutex_lock_iothread(); 2086 CPU_FOREACH(cs) { 2087 PowerPCCPU *cpu = POWERPC_CPU(cs); 2088 CPUPPCState *cenv = &cpu->env; 2089 2090 if ((rb & DBELL_BRDCAST) || (cenv->spr[SPR_BOOKE_PIR] == pir)) { 2091 cenv->pending_interrupts |= 1 << irq; 2092 cpu_interrupt(cs, CPU_INTERRUPT_HARD); 2093 } 2094 } 2095 qemu_mutex_unlock_iothread(); 2096 } 2097 2098 /* Server Processor Control */ 2099 2100 static bool dbell_type_server(target_ulong rb) 2101 { 2102 /* 2103 * A Directed Hypervisor Doorbell message is sent only if the 2104 * message type is 5. All other types are reserved and the 2105 * instruction is a no-op 2106 */ 2107 return (rb & DBELL_TYPE_MASK) == DBELL_TYPE_DBELL_SERVER; 2108 } 2109 2110 void helper_book3s_msgclr(CPUPPCState *env, target_ulong rb) 2111 { 2112 if (!dbell_type_server(rb)) { 2113 return; 2114 } 2115 2116 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_HDOORBELL); 2117 } 2118 2119 static void book3s_msgsnd_common(int pir, int irq) 2120 { 2121 CPUState *cs; 2122 2123 qemu_mutex_lock_iothread(); 2124 CPU_FOREACH(cs) { 2125 PowerPCCPU *cpu = POWERPC_CPU(cs); 2126 CPUPPCState *cenv = &cpu->env; 2127 2128 /* TODO: broadcast message to all threads of the same processor */ 2129 if (cenv->spr_cb[SPR_PIR].default_value == pir) { 2130 cenv->pending_interrupts |= 1 << irq; 2131 cpu_interrupt(cs, CPU_INTERRUPT_HARD); 2132 } 2133 } 2134 qemu_mutex_unlock_iothread(); 2135 } 2136 2137 void helper_book3s_msgsnd(target_ulong rb) 2138 { 2139 int pir = rb & DBELL_PROCIDTAG_MASK; 2140 2141 if (!dbell_type_server(rb)) { 2142 return; 2143 } 2144 2145 book3s_msgsnd_common(pir, PPC_INTERRUPT_HDOORBELL); 2146 } 2147 2148 #if defined(TARGET_PPC64) 2149 void helper_book3s_msgclrp(CPUPPCState *env, target_ulong rb) 2150 { 2151 helper_hfscr_facility_check(env, HFSCR_MSGP, "msgclrp", HFSCR_IC_MSGP); 2152 2153 if (!dbell_type_server(rb)) { 2154 return; 2155 } 2156 2157 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_DOORBELL); 2158 } 2159 2160 /* 2161 * sends a message to other threads that are on the same 2162 * multi-threaded processor 2163 */ 2164 void helper_book3s_msgsndp(CPUPPCState *env, target_ulong rb) 2165 { 2166 int pir = env->spr_cb[SPR_PIR].default_value; 2167 2168 helper_hfscr_facility_check(env, HFSCR_MSGP, "msgsndp", HFSCR_IC_MSGP); 2169 2170 if (!dbell_type_server(rb)) { 2171 return; 2172 } 2173 2174 /* TODO: TCG supports only one thread */ 2175 2176 book3s_msgsnd_common(pir, PPC_INTERRUPT_DOORBELL); 2177 } 2178 #endif /* TARGET_PPC64 */ 2179 2180 void ppc_cpu_do_unaligned_access(CPUState *cs, vaddr vaddr, 2181 MMUAccessType access_type, 2182 int mmu_idx, uintptr_t retaddr) 2183 { 2184 CPUPPCState *env = cs->env_ptr; 2185 uint32_t insn; 2186 2187 /* Restore state and reload the insn we executed, for filling in DSISR. */ 2188 cpu_restore_state(cs, retaddr, true); 2189 insn = cpu_ldl_code(env, env->nip); 2190 2191 switch (env->mmu_model) { 2192 case POWERPC_MMU_SOFT_4xx: 2193 env->spr[SPR_40x_DEAR] = vaddr; 2194 break; 2195 case POWERPC_MMU_BOOKE: 2196 case POWERPC_MMU_BOOKE206: 2197 env->spr[SPR_BOOKE_DEAR] = vaddr; 2198 break; 2199 default: 2200 env->spr[SPR_DAR] = vaddr; 2201 break; 2202 } 2203 2204 cs->exception_index = POWERPC_EXCP_ALIGN; 2205 env->error_code = insn & 0x03FF0000; 2206 cpu_loop_exit(cs); 2207 } 2208 #endif /* CONFIG_TCG */ 2209 #endif /* !CONFIG_USER_ONLY */ 2210