xref: /openbmc/qemu/linux-user/main.c (revision 33577b47)
1 /*
2  *  qemu user main
3  *
4  *  Copyright (c) 2003-2008 Fabrice Bellard
5  *
6  *  This program is free software; you can redistribute it and/or modify
7  *  it under the terms of the GNU General Public License as published by
8  *  the Free Software Foundation; either version 2 of the License, or
9  *  (at your option) any later version.
10  *
11  *  This program is distributed in the hope that it will be useful,
12  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
13  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14  *  GNU General Public License for more details.
15  *
16  *  You should have received a copy of the GNU General Public License
17  *  along with this program; if not, see <http://www.gnu.org/licenses/>.
18  */
19 #include "qemu/osdep.h"
20 #include <sys/mman.h>
21 #include <sys/syscall.h>
22 #include <sys/resource.h>
23 
24 #include "qemu.h"
25 #include "qemu-common.h"
26 #include "cpu.h"
27 #include "tcg.h"
28 #include "qemu/timer.h"
29 #include "qemu/envlist.h"
30 #include "elf.h"
31 #include "exec/log.h"
32 
33 char *exec_path;
34 
35 int singlestep;
36 static const char *filename;
37 static const char *argv0;
38 static int gdbstub_port;
39 static envlist_t *envlist;
40 static const char *cpu_model;
41 unsigned long mmap_min_addr;
42 unsigned long guest_base;
43 int have_guest_base;
44 
45 #define EXCP_DUMP(env, fmt, ...)                                        \
46 do {                                                                    \
47     CPUState *cs = ENV_GET_CPU(env);                                    \
48     fprintf(stderr, fmt , ## __VA_ARGS__);                              \
49     cpu_dump_state(cs, stderr, fprintf, 0);                             \
50     if (qemu_log_separate()) {                                          \
51         qemu_log(fmt, ## __VA_ARGS__);                                  \
52         log_cpu_state(cs, 0);                                           \
53     }                                                                   \
54 } while (0)
55 
56 #if (TARGET_LONG_BITS == 32) && (HOST_LONG_BITS == 64)
57 /*
58  * When running 32-on-64 we should make sure we can fit all of the possible
59  * guest address space into a contiguous chunk of virtual host memory.
60  *
61  * This way we will never overlap with our own libraries or binaries or stack
62  * or anything else that QEMU maps.
63  */
64 # ifdef TARGET_MIPS
65 /* MIPS only supports 31 bits of virtual address space for user space */
66 unsigned long reserved_va = 0x77000000;
67 # else
68 unsigned long reserved_va = 0xf7000000;
69 # endif
70 #else
71 unsigned long reserved_va;
72 #endif
73 
74 static void usage(int exitcode);
75 
76 static const char *interp_prefix = CONFIG_QEMU_INTERP_PREFIX;
77 const char *qemu_uname_release;
78 
79 /* XXX: on x86 MAP_GROWSDOWN only works if ESP <= address + 32, so
80    we allocate a bigger stack. Need a better solution, for example
81    by remapping the process stack directly at the right place */
82 unsigned long guest_stack_size = 8 * 1024 * 1024UL;
83 
84 void gemu_log(const char *fmt, ...)
85 {
86     va_list ap;
87 
88     va_start(ap, fmt);
89     vfprintf(stderr, fmt, ap);
90     va_end(ap);
91 }
92 
93 #if defined(TARGET_I386)
94 int cpu_get_pic_interrupt(CPUX86State *env)
95 {
96     return -1;
97 }
98 #endif
99 
100 /***********************************************************/
101 /* Helper routines for implementing atomic operations.  */
102 
103 /* To implement exclusive operations we force all cpus to syncronise.
104    We don't require a full sync, only that no cpus are executing guest code.
105    The alternative is to map target atomic ops onto host equivalents,
106    which requires quite a lot of per host/target work.  */
107 static pthread_mutex_t cpu_list_mutex = PTHREAD_MUTEX_INITIALIZER;
108 static pthread_mutex_t exclusive_lock = PTHREAD_MUTEX_INITIALIZER;
109 static pthread_cond_t exclusive_cond = PTHREAD_COND_INITIALIZER;
110 static pthread_cond_t exclusive_resume = PTHREAD_COND_INITIALIZER;
111 static int pending_cpus;
112 
113 /* Make sure everything is in a consistent state for calling fork().  */
114 void fork_start(void)
115 {
116     qemu_mutex_lock(&tcg_ctx.tb_ctx.tb_lock);
117     pthread_mutex_lock(&exclusive_lock);
118     mmap_fork_start();
119 }
120 
121 void fork_end(int child)
122 {
123     mmap_fork_end(child);
124     if (child) {
125         CPUState *cpu, *next_cpu;
126         /* Child processes created by fork() only have a single thread.
127            Discard information about the parent threads.  */
128         CPU_FOREACH_SAFE(cpu, next_cpu) {
129             if (cpu != thread_cpu) {
130                 QTAILQ_REMOVE(&cpus, thread_cpu, node);
131             }
132         }
133         pending_cpus = 0;
134         pthread_mutex_init(&exclusive_lock, NULL);
135         pthread_mutex_init(&cpu_list_mutex, NULL);
136         pthread_cond_init(&exclusive_cond, NULL);
137         pthread_cond_init(&exclusive_resume, NULL);
138         qemu_mutex_init(&tcg_ctx.tb_ctx.tb_lock);
139         gdbserver_fork(thread_cpu);
140     } else {
141         pthread_mutex_unlock(&exclusive_lock);
142         qemu_mutex_unlock(&tcg_ctx.tb_ctx.tb_lock);
143     }
144 }
145 
146 /* Wait for pending exclusive operations to complete.  The exclusive lock
147    must be held.  */
148 static inline void exclusive_idle(void)
149 {
150     while (pending_cpus) {
151         pthread_cond_wait(&exclusive_resume, &exclusive_lock);
152     }
153 }
154 
155 /* Start an exclusive operation.
156    Must only be called from outside cpu_arm_exec.   */
157 static inline void start_exclusive(void)
158 {
159     CPUState *other_cpu;
160 
161     pthread_mutex_lock(&exclusive_lock);
162     exclusive_idle();
163 
164     pending_cpus = 1;
165     /* Make all other cpus stop executing.  */
166     CPU_FOREACH(other_cpu) {
167         if (other_cpu->running) {
168             pending_cpus++;
169             cpu_exit(other_cpu);
170         }
171     }
172     if (pending_cpus > 1) {
173         pthread_cond_wait(&exclusive_cond, &exclusive_lock);
174     }
175 }
176 
177 /* Finish an exclusive operation.  */
178 static inline void __attribute__((unused)) end_exclusive(void)
179 {
180     pending_cpus = 0;
181     pthread_cond_broadcast(&exclusive_resume);
182     pthread_mutex_unlock(&exclusive_lock);
183 }
184 
185 /* Wait for exclusive ops to finish, and begin cpu execution.  */
186 static inline void cpu_exec_start(CPUState *cpu)
187 {
188     pthread_mutex_lock(&exclusive_lock);
189     exclusive_idle();
190     cpu->running = true;
191     pthread_mutex_unlock(&exclusive_lock);
192 }
193 
194 /* Mark cpu as not executing, and release pending exclusive ops.  */
195 static inline void cpu_exec_end(CPUState *cpu)
196 {
197     pthread_mutex_lock(&exclusive_lock);
198     cpu->running = false;
199     if (pending_cpus > 1) {
200         pending_cpus--;
201         if (pending_cpus == 1) {
202             pthread_cond_signal(&exclusive_cond);
203         }
204     }
205     exclusive_idle();
206     pthread_mutex_unlock(&exclusive_lock);
207 }
208 
209 void cpu_list_lock(void)
210 {
211     pthread_mutex_lock(&cpu_list_mutex);
212 }
213 
214 void cpu_list_unlock(void)
215 {
216     pthread_mutex_unlock(&cpu_list_mutex);
217 }
218 
219 
220 #ifdef TARGET_I386
221 /***********************************************************/
222 /* CPUX86 core interface */
223 
224 uint64_t cpu_get_tsc(CPUX86State *env)
225 {
226     return cpu_get_host_ticks();
227 }
228 
229 static void write_dt(void *ptr, unsigned long addr, unsigned long limit,
230                      int flags)
231 {
232     unsigned int e1, e2;
233     uint32_t *p;
234     e1 = (addr << 16) | (limit & 0xffff);
235     e2 = ((addr >> 16) & 0xff) | (addr & 0xff000000) | (limit & 0x000f0000);
236     e2 |= flags;
237     p = ptr;
238     p[0] = tswap32(e1);
239     p[1] = tswap32(e2);
240 }
241 
242 static uint64_t *idt_table;
243 #ifdef TARGET_X86_64
244 static void set_gate64(void *ptr, unsigned int type, unsigned int dpl,
245                        uint64_t addr, unsigned int sel)
246 {
247     uint32_t *p, e1, e2;
248     e1 = (addr & 0xffff) | (sel << 16);
249     e2 = (addr & 0xffff0000) | 0x8000 | (dpl << 13) | (type << 8);
250     p = ptr;
251     p[0] = tswap32(e1);
252     p[1] = tswap32(e2);
253     p[2] = tswap32(addr >> 32);
254     p[3] = 0;
255 }
256 /* only dpl matters as we do only user space emulation */
257 static void set_idt(int n, unsigned int dpl)
258 {
259     set_gate64(idt_table + n * 2, 0, dpl, 0, 0);
260 }
261 #else
262 static void set_gate(void *ptr, unsigned int type, unsigned int dpl,
263                      uint32_t addr, unsigned int sel)
264 {
265     uint32_t *p, e1, e2;
266     e1 = (addr & 0xffff) | (sel << 16);
267     e2 = (addr & 0xffff0000) | 0x8000 | (dpl << 13) | (type << 8);
268     p = ptr;
269     p[0] = tswap32(e1);
270     p[1] = tswap32(e2);
271 }
272 
273 /* only dpl matters as we do only user space emulation */
274 static void set_idt(int n, unsigned int dpl)
275 {
276     set_gate(idt_table + n, 0, dpl, 0, 0);
277 }
278 #endif
279 
280 void cpu_loop(CPUX86State *env)
281 {
282     CPUState *cs = CPU(x86_env_get_cpu(env));
283     int trapnr;
284     abi_ulong pc;
285     target_siginfo_t info;
286 
287     for(;;) {
288         cpu_exec_start(cs);
289         trapnr = cpu_x86_exec(cs);
290         cpu_exec_end(cs);
291         switch(trapnr) {
292         case 0x80:
293             /* linux syscall from int $0x80 */
294             env->regs[R_EAX] = do_syscall(env,
295                                           env->regs[R_EAX],
296                                           env->regs[R_EBX],
297                                           env->regs[R_ECX],
298                                           env->regs[R_EDX],
299                                           env->regs[R_ESI],
300                                           env->regs[R_EDI],
301                                           env->regs[R_EBP],
302                                           0, 0);
303             break;
304 #ifndef TARGET_ABI32
305         case EXCP_SYSCALL:
306             /* linux syscall from syscall instruction */
307             env->regs[R_EAX] = do_syscall(env,
308                                           env->regs[R_EAX],
309                                           env->regs[R_EDI],
310                                           env->regs[R_ESI],
311                                           env->regs[R_EDX],
312                                           env->regs[10],
313                                           env->regs[8],
314                                           env->regs[9],
315                                           0, 0);
316             break;
317 #endif
318         case EXCP0B_NOSEG:
319         case EXCP0C_STACK:
320             info.si_signo = TARGET_SIGBUS;
321             info.si_errno = 0;
322             info.si_code = TARGET_SI_KERNEL;
323             info._sifields._sigfault._addr = 0;
324             queue_signal(env, info.si_signo, &info);
325             break;
326         case EXCP0D_GPF:
327             /* XXX: potential problem if ABI32 */
328 #ifndef TARGET_X86_64
329             if (env->eflags & VM_MASK) {
330                 handle_vm86_fault(env);
331             } else
332 #endif
333             {
334                 info.si_signo = TARGET_SIGSEGV;
335                 info.si_errno = 0;
336                 info.si_code = TARGET_SI_KERNEL;
337                 info._sifields._sigfault._addr = 0;
338                 queue_signal(env, info.si_signo, &info);
339             }
340             break;
341         case EXCP0E_PAGE:
342             info.si_signo = TARGET_SIGSEGV;
343             info.si_errno = 0;
344             if (!(env->error_code & 1))
345                 info.si_code = TARGET_SEGV_MAPERR;
346             else
347                 info.si_code = TARGET_SEGV_ACCERR;
348             info._sifields._sigfault._addr = env->cr[2];
349             queue_signal(env, info.si_signo, &info);
350             break;
351         case EXCP00_DIVZ:
352 #ifndef TARGET_X86_64
353             if (env->eflags & VM_MASK) {
354                 handle_vm86_trap(env, trapnr);
355             } else
356 #endif
357             {
358                 /* division by zero */
359                 info.si_signo = TARGET_SIGFPE;
360                 info.si_errno = 0;
361                 info.si_code = TARGET_FPE_INTDIV;
362                 info._sifields._sigfault._addr = env->eip;
363                 queue_signal(env, info.si_signo, &info);
364             }
365             break;
366         case EXCP01_DB:
367         case EXCP03_INT3:
368 #ifndef TARGET_X86_64
369             if (env->eflags & VM_MASK) {
370                 handle_vm86_trap(env, trapnr);
371             } else
372 #endif
373             {
374                 info.si_signo = TARGET_SIGTRAP;
375                 info.si_errno = 0;
376                 if (trapnr == EXCP01_DB) {
377                     info.si_code = TARGET_TRAP_BRKPT;
378                     info._sifields._sigfault._addr = env->eip;
379                 } else {
380                     info.si_code = TARGET_SI_KERNEL;
381                     info._sifields._sigfault._addr = 0;
382                 }
383                 queue_signal(env, info.si_signo, &info);
384             }
385             break;
386         case EXCP04_INTO:
387         case EXCP05_BOUND:
388 #ifndef TARGET_X86_64
389             if (env->eflags & VM_MASK) {
390                 handle_vm86_trap(env, trapnr);
391             } else
392 #endif
393             {
394                 info.si_signo = TARGET_SIGSEGV;
395                 info.si_errno = 0;
396                 info.si_code = TARGET_SI_KERNEL;
397                 info._sifields._sigfault._addr = 0;
398                 queue_signal(env, info.si_signo, &info);
399             }
400             break;
401         case EXCP06_ILLOP:
402             info.si_signo = TARGET_SIGILL;
403             info.si_errno = 0;
404             info.si_code = TARGET_ILL_ILLOPN;
405             info._sifields._sigfault._addr = env->eip;
406             queue_signal(env, info.si_signo, &info);
407             break;
408         case EXCP_INTERRUPT:
409             /* just indicate that signals should be handled asap */
410             break;
411         case EXCP_DEBUG:
412             {
413                 int sig;
414 
415                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
416                 if (sig)
417                   {
418                     info.si_signo = sig;
419                     info.si_errno = 0;
420                     info.si_code = TARGET_TRAP_BRKPT;
421                     queue_signal(env, info.si_signo, &info);
422                   }
423             }
424             break;
425         default:
426             pc = env->segs[R_CS].base + env->eip;
427             EXCP_DUMP(env, "qemu: 0x%08lx: unhandled CPU exception 0x%x - aborting\n",
428                       (long)pc, trapnr);
429             abort();
430         }
431         process_pending_signals(env);
432     }
433 }
434 #endif
435 
436 #ifdef TARGET_ARM
437 
438 #define get_user_code_u32(x, gaddr, env)                \
439     ({ abi_long __r = get_user_u32((x), (gaddr));       \
440         if (!__r && bswap_code(arm_sctlr_b(env))) {     \
441             (x) = bswap32(x);                           \
442         }                                               \
443         __r;                                            \
444     })
445 
446 #define get_user_code_u16(x, gaddr, env)                \
447     ({ abi_long __r = get_user_u16((x), (gaddr));       \
448         if (!__r && bswap_code(arm_sctlr_b(env))) {     \
449             (x) = bswap16(x);                           \
450         }                                               \
451         __r;                                            \
452     })
453 
454 #define get_user_data_u32(x, gaddr, env)                \
455     ({ abi_long __r = get_user_u32((x), (gaddr));       \
456         if (!__r && arm_cpu_bswap_data(env)) {          \
457             (x) = bswap32(x);                           \
458         }                                               \
459         __r;                                            \
460     })
461 
462 #define get_user_data_u16(x, gaddr, env)                \
463     ({ abi_long __r = get_user_u16((x), (gaddr));       \
464         if (!__r && arm_cpu_bswap_data(env)) {          \
465             (x) = bswap16(x);                           \
466         }                                               \
467         __r;                                            \
468     })
469 
470 #define put_user_data_u32(x, gaddr, env)                \
471     ({ typeof(x) __x = (x);                             \
472         if (arm_cpu_bswap_data(env)) {                  \
473             __x = bswap32(__x);                         \
474         }                                               \
475         put_user_u32(__x, (gaddr));                     \
476     })
477 
478 #define put_user_data_u16(x, gaddr, env)                \
479     ({ typeof(x) __x = (x);                             \
480         if (arm_cpu_bswap_data(env)) {                  \
481             __x = bswap16(__x);                         \
482         }                                               \
483         put_user_u16(__x, (gaddr));                     \
484     })
485 
486 #ifdef TARGET_ABI32
487 /* Commpage handling -- there is no commpage for AArch64 */
488 
489 /*
490  * See the Linux kernel's Documentation/arm/kernel_user_helpers.txt
491  * Input:
492  * r0 = pointer to oldval
493  * r1 = pointer to newval
494  * r2 = pointer to target value
495  *
496  * Output:
497  * r0 = 0 if *ptr was changed, non-0 if no exchange happened
498  * C set if *ptr was changed, clear if no exchange happened
499  *
500  * Note segv's in kernel helpers are a bit tricky, we can set the
501  * data address sensibly but the PC address is just the entry point.
502  */
503 static void arm_kernel_cmpxchg64_helper(CPUARMState *env)
504 {
505     uint64_t oldval, newval, val;
506     uint32_t addr, cpsr;
507     target_siginfo_t info;
508 
509     /* Based on the 32 bit code in do_kernel_trap */
510 
511     /* XXX: This only works between threads, not between processes.
512        It's probably possible to implement this with native host
513        operations. However things like ldrex/strex are much harder so
514        there's not much point trying.  */
515     start_exclusive();
516     cpsr = cpsr_read(env);
517     addr = env->regs[2];
518 
519     if (get_user_u64(oldval, env->regs[0])) {
520         env->exception.vaddress = env->regs[0];
521         goto segv;
522     };
523 
524     if (get_user_u64(newval, env->regs[1])) {
525         env->exception.vaddress = env->regs[1];
526         goto segv;
527     };
528 
529     if (get_user_u64(val, addr)) {
530         env->exception.vaddress = addr;
531         goto segv;
532     }
533 
534     if (val == oldval) {
535         val = newval;
536 
537         if (put_user_u64(val, addr)) {
538             env->exception.vaddress = addr;
539             goto segv;
540         };
541 
542         env->regs[0] = 0;
543         cpsr |= CPSR_C;
544     } else {
545         env->regs[0] = -1;
546         cpsr &= ~CPSR_C;
547     }
548     cpsr_write(env, cpsr, CPSR_C, CPSRWriteByInstr);
549     end_exclusive();
550     return;
551 
552 segv:
553     end_exclusive();
554     /* We get the PC of the entry address - which is as good as anything,
555        on a real kernel what you get depends on which mode it uses. */
556     info.si_signo = TARGET_SIGSEGV;
557     info.si_errno = 0;
558     /* XXX: check env->error_code */
559     info.si_code = TARGET_SEGV_MAPERR;
560     info._sifields._sigfault._addr = env->exception.vaddress;
561     queue_signal(env, info.si_signo, &info);
562 }
563 
564 /* Handle a jump to the kernel code page.  */
565 static int
566 do_kernel_trap(CPUARMState *env)
567 {
568     uint32_t addr;
569     uint32_t cpsr;
570     uint32_t val;
571 
572     switch (env->regs[15]) {
573     case 0xffff0fa0: /* __kernel_memory_barrier */
574         /* ??? No-op. Will need to do better for SMP.  */
575         break;
576     case 0xffff0fc0: /* __kernel_cmpxchg */
577          /* XXX: This only works between threads, not between processes.
578             It's probably possible to implement this with native host
579             operations. However things like ldrex/strex are much harder so
580             there's not much point trying.  */
581         start_exclusive();
582         cpsr = cpsr_read(env);
583         addr = env->regs[2];
584         /* FIXME: This should SEGV if the access fails.  */
585         if (get_user_u32(val, addr))
586             val = ~env->regs[0];
587         if (val == env->regs[0]) {
588             val = env->regs[1];
589             /* FIXME: Check for segfaults.  */
590             put_user_u32(val, addr);
591             env->regs[0] = 0;
592             cpsr |= CPSR_C;
593         } else {
594             env->regs[0] = -1;
595             cpsr &= ~CPSR_C;
596         }
597         cpsr_write(env, cpsr, CPSR_C, CPSRWriteByInstr);
598         end_exclusive();
599         break;
600     case 0xffff0fe0: /* __kernel_get_tls */
601         env->regs[0] = cpu_get_tls(env);
602         break;
603     case 0xffff0f60: /* __kernel_cmpxchg64 */
604         arm_kernel_cmpxchg64_helper(env);
605         break;
606 
607     default:
608         return 1;
609     }
610     /* Jump back to the caller.  */
611     addr = env->regs[14];
612     if (addr & 1) {
613         env->thumb = 1;
614         addr &= ~1;
615     }
616     env->regs[15] = addr;
617 
618     return 0;
619 }
620 
621 /* Store exclusive handling for AArch32 */
622 static int do_strex(CPUARMState *env)
623 {
624     uint64_t val;
625     int size;
626     int rc = 1;
627     int segv = 0;
628     uint32_t addr;
629     start_exclusive();
630     if (env->exclusive_addr != env->exclusive_test) {
631         goto fail;
632     }
633     /* We know we're always AArch32 so the address is in uint32_t range
634      * unless it was the -1 exclusive-monitor-lost value (which won't
635      * match exclusive_test above).
636      */
637     assert(extract64(env->exclusive_addr, 32, 32) == 0);
638     addr = env->exclusive_addr;
639     size = env->exclusive_info & 0xf;
640     switch (size) {
641     case 0:
642         segv = get_user_u8(val, addr);
643         break;
644     case 1:
645         segv = get_user_data_u16(val, addr, env);
646         break;
647     case 2:
648     case 3:
649         segv = get_user_data_u32(val, addr, env);
650         break;
651     default:
652         abort();
653     }
654     if (segv) {
655         env->exception.vaddress = addr;
656         goto done;
657     }
658     if (size == 3) {
659         uint32_t valhi;
660         segv = get_user_data_u32(valhi, addr + 4, env);
661         if (segv) {
662             env->exception.vaddress = addr + 4;
663             goto done;
664         }
665         if (arm_cpu_bswap_data(env)) {
666             val = deposit64((uint64_t)valhi, 32, 32, val);
667         } else {
668             val = deposit64(val, 32, 32, valhi);
669         }
670     }
671     if (val != env->exclusive_val) {
672         goto fail;
673     }
674 
675     val = env->regs[(env->exclusive_info >> 8) & 0xf];
676     switch (size) {
677     case 0:
678         segv = put_user_u8(val, addr);
679         break;
680     case 1:
681         segv = put_user_data_u16(val, addr, env);
682         break;
683     case 2:
684     case 3:
685         segv = put_user_data_u32(val, addr, env);
686         break;
687     }
688     if (segv) {
689         env->exception.vaddress = addr;
690         goto done;
691     }
692     if (size == 3) {
693         val = env->regs[(env->exclusive_info >> 12) & 0xf];
694         segv = put_user_data_u32(val, addr + 4, env);
695         if (segv) {
696             env->exception.vaddress = addr + 4;
697             goto done;
698         }
699     }
700     rc = 0;
701 fail:
702     env->regs[15] += 4;
703     env->regs[(env->exclusive_info >> 4) & 0xf] = rc;
704 done:
705     end_exclusive();
706     return segv;
707 }
708 
709 void cpu_loop(CPUARMState *env)
710 {
711     CPUState *cs = CPU(arm_env_get_cpu(env));
712     int trapnr;
713     unsigned int n, insn;
714     target_siginfo_t info;
715     uint32_t addr;
716 
717     for(;;) {
718         cpu_exec_start(cs);
719         trapnr = cpu_arm_exec(cs);
720         cpu_exec_end(cs);
721         switch(trapnr) {
722         case EXCP_UDEF:
723             {
724                 TaskState *ts = cs->opaque;
725                 uint32_t opcode;
726                 int rc;
727 
728                 /* we handle the FPU emulation here, as Linux */
729                 /* we get the opcode */
730                 /* FIXME - what to do if get_user() fails? */
731                 get_user_code_u32(opcode, env->regs[15], env);
732 
733                 rc = EmulateAll(opcode, &ts->fpa, env);
734                 if (rc == 0) { /* illegal instruction */
735                     info.si_signo = TARGET_SIGILL;
736                     info.si_errno = 0;
737                     info.si_code = TARGET_ILL_ILLOPN;
738                     info._sifields._sigfault._addr = env->regs[15];
739                     queue_signal(env, info.si_signo, &info);
740                 } else if (rc < 0) { /* FP exception */
741                     int arm_fpe=0;
742 
743                     /* translate softfloat flags to FPSR flags */
744                     if (-rc & float_flag_invalid)
745                       arm_fpe |= BIT_IOC;
746                     if (-rc & float_flag_divbyzero)
747                       arm_fpe |= BIT_DZC;
748                     if (-rc & float_flag_overflow)
749                       arm_fpe |= BIT_OFC;
750                     if (-rc & float_flag_underflow)
751                       arm_fpe |= BIT_UFC;
752                     if (-rc & float_flag_inexact)
753                       arm_fpe |= BIT_IXC;
754 
755                     FPSR fpsr = ts->fpa.fpsr;
756                     //printf("fpsr 0x%x, arm_fpe 0x%x\n",fpsr,arm_fpe);
757 
758                     if (fpsr & (arm_fpe << 16)) { /* exception enabled? */
759                       info.si_signo = TARGET_SIGFPE;
760                       info.si_errno = 0;
761 
762                       /* ordered by priority, least first */
763                       if (arm_fpe & BIT_IXC) info.si_code = TARGET_FPE_FLTRES;
764                       if (arm_fpe & BIT_UFC) info.si_code = TARGET_FPE_FLTUND;
765                       if (arm_fpe & BIT_OFC) info.si_code = TARGET_FPE_FLTOVF;
766                       if (arm_fpe & BIT_DZC) info.si_code = TARGET_FPE_FLTDIV;
767                       if (arm_fpe & BIT_IOC) info.si_code = TARGET_FPE_FLTINV;
768 
769                       info._sifields._sigfault._addr = env->regs[15];
770                       queue_signal(env, info.si_signo, &info);
771                     } else {
772                       env->regs[15] += 4;
773                     }
774 
775                     /* accumulate unenabled exceptions */
776                     if ((!(fpsr & BIT_IXE)) && (arm_fpe & BIT_IXC))
777                       fpsr |= BIT_IXC;
778                     if ((!(fpsr & BIT_UFE)) && (arm_fpe & BIT_UFC))
779                       fpsr |= BIT_UFC;
780                     if ((!(fpsr & BIT_OFE)) && (arm_fpe & BIT_OFC))
781                       fpsr |= BIT_OFC;
782                     if ((!(fpsr & BIT_DZE)) && (arm_fpe & BIT_DZC))
783                       fpsr |= BIT_DZC;
784                     if ((!(fpsr & BIT_IOE)) && (arm_fpe & BIT_IOC))
785                       fpsr |= BIT_IOC;
786                     ts->fpa.fpsr=fpsr;
787                 } else { /* everything OK */
788                     /* increment PC */
789                     env->regs[15] += 4;
790                 }
791             }
792             break;
793         case EXCP_SWI:
794         case EXCP_BKPT:
795             {
796                 env->eabi = 1;
797                 /* system call */
798                 if (trapnr == EXCP_BKPT) {
799                     if (env->thumb) {
800                         /* FIXME - what to do if get_user() fails? */
801                         get_user_code_u16(insn, env->regs[15], env);
802                         n = insn & 0xff;
803                         env->regs[15] += 2;
804                     } else {
805                         /* FIXME - what to do if get_user() fails? */
806                         get_user_code_u32(insn, env->regs[15], env);
807                         n = (insn & 0xf) | ((insn >> 4) & 0xff0);
808                         env->regs[15] += 4;
809                     }
810                 } else {
811                     if (env->thumb) {
812                         /* FIXME - what to do if get_user() fails? */
813                         get_user_code_u16(insn, env->regs[15] - 2, env);
814                         n = insn & 0xff;
815                     } else {
816                         /* FIXME - what to do if get_user() fails? */
817                         get_user_code_u32(insn, env->regs[15] - 4, env);
818                         n = insn & 0xffffff;
819                     }
820                 }
821 
822                 if (n == ARM_NR_cacheflush) {
823                     /* nop */
824                 } else if (n == ARM_NR_semihosting
825                            || n == ARM_NR_thumb_semihosting) {
826                     env->regs[0] = do_arm_semihosting (env);
827                 } else if (n == 0 || n >= ARM_SYSCALL_BASE || env->thumb) {
828                     /* linux syscall */
829                     if (env->thumb || n == 0) {
830                         n = env->regs[7];
831                     } else {
832                         n -= ARM_SYSCALL_BASE;
833                         env->eabi = 0;
834                     }
835                     if ( n > ARM_NR_BASE) {
836                         switch (n) {
837                         case ARM_NR_cacheflush:
838                             /* nop */
839                             break;
840                         case ARM_NR_set_tls:
841                             cpu_set_tls(env, env->regs[0]);
842                             env->regs[0] = 0;
843                             break;
844                         case ARM_NR_breakpoint:
845                             env->regs[15] -= env->thumb ? 2 : 4;
846                             goto excp_debug;
847                         default:
848                             gemu_log("qemu: Unsupported ARM syscall: 0x%x\n",
849                                      n);
850                             env->regs[0] = -TARGET_ENOSYS;
851                             break;
852                         }
853                     } else {
854                         env->regs[0] = do_syscall(env,
855                                                   n,
856                                                   env->regs[0],
857                                                   env->regs[1],
858                                                   env->regs[2],
859                                                   env->regs[3],
860                                                   env->regs[4],
861                                                   env->regs[5],
862                                                   0, 0);
863                     }
864                 } else {
865                     goto error;
866                 }
867             }
868             break;
869         case EXCP_INTERRUPT:
870             /* just indicate that signals should be handled asap */
871             break;
872         case EXCP_STREX:
873             if (!do_strex(env)) {
874                 break;
875             }
876             /* fall through for segv */
877         case EXCP_PREFETCH_ABORT:
878         case EXCP_DATA_ABORT:
879             addr = env->exception.vaddress;
880             {
881                 info.si_signo = TARGET_SIGSEGV;
882                 info.si_errno = 0;
883                 /* XXX: check env->error_code */
884                 info.si_code = TARGET_SEGV_MAPERR;
885                 info._sifields._sigfault._addr = addr;
886                 queue_signal(env, info.si_signo, &info);
887             }
888             break;
889         case EXCP_DEBUG:
890         excp_debug:
891             {
892                 int sig;
893 
894                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
895                 if (sig)
896                   {
897                     info.si_signo = sig;
898                     info.si_errno = 0;
899                     info.si_code = TARGET_TRAP_BRKPT;
900                     queue_signal(env, info.si_signo, &info);
901                   }
902             }
903             break;
904         case EXCP_KERNEL_TRAP:
905             if (do_kernel_trap(env))
906               goto error;
907             break;
908         default:
909         error:
910             EXCP_DUMP(env, "qemu: unhandled CPU exception 0x%x - aborting\n", trapnr);
911             abort();
912         }
913         process_pending_signals(env);
914     }
915 }
916 
917 #else
918 
919 /*
920  * Handle AArch64 store-release exclusive
921  *
922  * rs = gets the status result of store exclusive
923  * rt = is the register that is stored
924  * rt2 = is the second register store (in STP)
925  *
926  */
927 static int do_strex_a64(CPUARMState *env)
928 {
929     uint64_t val;
930     int size;
931     bool is_pair;
932     int rc = 1;
933     int segv = 0;
934     uint64_t addr;
935     int rs, rt, rt2;
936 
937     start_exclusive();
938     /* size | is_pair << 2 | (rs << 4) | (rt << 9) | (rt2 << 14)); */
939     size = extract32(env->exclusive_info, 0, 2);
940     is_pair = extract32(env->exclusive_info, 2, 1);
941     rs = extract32(env->exclusive_info, 4, 5);
942     rt = extract32(env->exclusive_info, 9, 5);
943     rt2 = extract32(env->exclusive_info, 14, 5);
944 
945     addr = env->exclusive_addr;
946 
947     if (addr != env->exclusive_test) {
948         goto finish;
949     }
950 
951     switch (size) {
952     case 0:
953         segv = get_user_u8(val, addr);
954         break;
955     case 1:
956         segv = get_user_u16(val, addr);
957         break;
958     case 2:
959         segv = get_user_u32(val, addr);
960         break;
961     case 3:
962         segv = get_user_u64(val, addr);
963         break;
964     default:
965         abort();
966     }
967     if (segv) {
968         env->exception.vaddress = addr;
969         goto error;
970     }
971     if (val != env->exclusive_val) {
972         goto finish;
973     }
974     if (is_pair) {
975         if (size == 2) {
976             segv = get_user_u32(val, addr + 4);
977         } else {
978             segv = get_user_u64(val, addr + 8);
979         }
980         if (segv) {
981             env->exception.vaddress = addr + (size == 2 ? 4 : 8);
982             goto error;
983         }
984         if (val != env->exclusive_high) {
985             goto finish;
986         }
987     }
988     /* handle the zero register */
989     val = rt == 31 ? 0 : env->xregs[rt];
990     switch (size) {
991     case 0:
992         segv = put_user_u8(val, addr);
993         break;
994     case 1:
995         segv = put_user_u16(val, addr);
996         break;
997     case 2:
998         segv = put_user_u32(val, addr);
999         break;
1000     case 3:
1001         segv = put_user_u64(val, addr);
1002         break;
1003     }
1004     if (segv) {
1005         goto error;
1006     }
1007     if (is_pair) {
1008         /* handle the zero register */
1009         val = rt2 == 31 ? 0 : env->xregs[rt2];
1010         if (size == 2) {
1011             segv = put_user_u32(val, addr + 4);
1012         } else {
1013             segv = put_user_u64(val, addr + 8);
1014         }
1015         if (segv) {
1016             env->exception.vaddress = addr + (size == 2 ? 4 : 8);
1017             goto error;
1018         }
1019     }
1020     rc = 0;
1021 finish:
1022     env->pc += 4;
1023     /* rs == 31 encodes a write to the ZR, thus throwing away
1024      * the status return. This is rather silly but valid.
1025      */
1026     if (rs < 31) {
1027         env->xregs[rs] = rc;
1028     }
1029 error:
1030     /* instruction faulted, PC does not advance */
1031     /* either way a strex releases any exclusive lock we have */
1032     env->exclusive_addr = -1;
1033     end_exclusive();
1034     return segv;
1035 }
1036 
1037 /* AArch64 main loop */
1038 void cpu_loop(CPUARMState *env)
1039 {
1040     CPUState *cs = CPU(arm_env_get_cpu(env));
1041     int trapnr, sig;
1042     target_siginfo_t info;
1043 
1044     for (;;) {
1045         cpu_exec_start(cs);
1046         trapnr = cpu_arm_exec(cs);
1047         cpu_exec_end(cs);
1048 
1049         switch (trapnr) {
1050         case EXCP_SWI:
1051             env->xregs[0] = do_syscall(env,
1052                                        env->xregs[8],
1053                                        env->xregs[0],
1054                                        env->xregs[1],
1055                                        env->xregs[2],
1056                                        env->xregs[3],
1057                                        env->xregs[4],
1058                                        env->xregs[5],
1059                                        0, 0);
1060             break;
1061         case EXCP_INTERRUPT:
1062             /* just indicate that signals should be handled asap */
1063             break;
1064         case EXCP_UDEF:
1065             info.si_signo = TARGET_SIGILL;
1066             info.si_errno = 0;
1067             info.si_code = TARGET_ILL_ILLOPN;
1068             info._sifields._sigfault._addr = env->pc;
1069             queue_signal(env, info.si_signo, &info);
1070             break;
1071         case EXCP_STREX:
1072             if (!do_strex_a64(env)) {
1073                 break;
1074             }
1075             /* fall through for segv */
1076         case EXCP_PREFETCH_ABORT:
1077         case EXCP_DATA_ABORT:
1078             info.si_signo = TARGET_SIGSEGV;
1079             info.si_errno = 0;
1080             /* XXX: check env->error_code */
1081             info.si_code = TARGET_SEGV_MAPERR;
1082             info._sifields._sigfault._addr = env->exception.vaddress;
1083             queue_signal(env, info.si_signo, &info);
1084             break;
1085         case EXCP_DEBUG:
1086         case EXCP_BKPT:
1087             sig = gdb_handlesig(cs, TARGET_SIGTRAP);
1088             if (sig) {
1089                 info.si_signo = sig;
1090                 info.si_errno = 0;
1091                 info.si_code = TARGET_TRAP_BRKPT;
1092                 queue_signal(env, info.si_signo, &info);
1093             }
1094             break;
1095         case EXCP_SEMIHOST:
1096             env->xregs[0] = do_arm_semihosting(env);
1097             break;
1098         default:
1099             EXCP_DUMP(env, "qemu: unhandled CPU exception 0x%x - aborting\n", trapnr);
1100             abort();
1101         }
1102         process_pending_signals(env);
1103         /* Exception return on AArch64 always clears the exclusive monitor,
1104          * so any return to running guest code implies this.
1105          * A strex (successful or otherwise) also clears the monitor, so
1106          * we don't need to specialcase EXCP_STREX.
1107          */
1108         env->exclusive_addr = -1;
1109     }
1110 }
1111 #endif /* ndef TARGET_ABI32 */
1112 
1113 #endif
1114 
1115 #ifdef TARGET_UNICORE32
1116 
1117 void cpu_loop(CPUUniCore32State *env)
1118 {
1119     CPUState *cs = CPU(uc32_env_get_cpu(env));
1120     int trapnr;
1121     unsigned int n, insn;
1122     target_siginfo_t info;
1123 
1124     for (;;) {
1125         cpu_exec_start(cs);
1126         trapnr = uc32_cpu_exec(cs);
1127         cpu_exec_end(cs);
1128         switch (trapnr) {
1129         case UC32_EXCP_PRIV:
1130             {
1131                 /* system call */
1132                 get_user_u32(insn, env->regs[31] - 4);
1133                 n = insn & 0xffffff;
1134 
1135                 if (n >= UC32_SYSCALL_BASE) {
1136                     /* linux syscall */
1137                     n -= UC32_SYSCALL_BASE;
1138                     if (n == UC32_SYSCALL_NR_set_tls) {
1139                             cpu_set_tls(env, env->regs[0]);
1140                             env->regs[0] = 0;
1141                     } else {
1142                         env->regs[0] = do_syscall(env,
1143                                                   n,
1144                                                   env->regs[0],
1145                                                   env->regs[1],
1146                                                   env->regs[2],
1147                                                   env->regs[3],
1148                                                   env->regs[4],
1149                                                   env->regs[5],
1150                                                   0, 0);
1151                     }
1152                 } else {
1153                     goto error;
1154                 }
1155             }
1156             break;
1157         case UC32_EXCP_DTRAP:
1158         case UC32_EXCP_ITRAP:
1159             info.si_signo = TARGET_SIGSEGV;
1160             info.si_errno = 0;
1161             /* XXX: check env->error_code */
1162             info.si_code = TARGET_SEGV_MAPERR;
1163             info._sifields._sigfault._addr = env->cp0.c4_faultaddr;
1164             queue_signal(env, info.si_signo, &info);
1165             break;
1166         case EXCP_INTERRUPT:
1167             /* just indicate that signals should be handled asap */
1168             break;
1169         case EXCP_DEBUG:
1170             {
1171                 int sig;
1172 
1173                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
1174                 if (sig) {
1175                     info.si_signo = sig;
1176                     info.si_errno = 0;
1177                     info.si_code = TARGET_TRAP_BRKPT;
1178                     queue_signal(env, info.si_signo, &info);
1179                 }
1180             }
1181             break;
1182         default:
1183             goto error;
1184         }
1185         process_pending_signals(env);
1186     }
1187 
1188 error:
1189     EXCP_DUMP(env, "qemu: unhandled CPU exception 0x%x - aborting\n", trapnr);
1190     abort();
1191 }
1192 #endif
1193 
1194 #ifdef TARGET_SPARC
1195 #define SPARC64_STACK_BIAS 2047
1196 
1197 //#define DEBUG_WIN
1198 
1199 /* WARNING: dealing with register windows _is_ complicated. More info
1200    can be found at http://www.sics.se/~psm/sparcstack.html */
1201 static inline int get_reg_index(CPUSPARCState *env, int cwp, int index)
1202 {
1203     index = (index + cwp * 16) % (16 * env->nwindows);
1204     /* wrap handling : if cwp is on the last window, then we use the
1205        registers 'after' the end */
1206     if (index < 8 && env->cwp == env->nwindows - 1)
1207         index += 16 * env->nwindows;
1208     return index;
1209 }
1210 
1211 /* save the register window 'cwp1' */
1212 static inline void save_window_offset(CPUSPARCState *env, int cwp1)
1213 {
1214     unsigned int i;
1215     abi_ulong sp_ptr;
1216 
1217     sp_ptr = env->regbase[get_reg_index(env, cwp1, 6)];
1218 #ifdef TARGET_SPARC64
1219     if (sp_ptr & 3)
1220         sp_ptr += SPARC64_STACK_BIAS;
1221 #endif
1222 #if defined(DEBUG_WIN)
1223     printf("win_overflow: sp_ptr=0x" TARGET_ABI_FMT_lx " save_cwp=%d\n",
1224            sp_ptr, cwp1);
1225 #endif
1226     for(i = 0; i < 16; i++) {
1227         /* FIXME - what to do if put_user() fails? */
1228         put_user_ual(env->regbase[get_reg_index(env, cwp1, 8 + i)], sp_ptr);
1229         sp_ptr += sizeof(abi_ulong);
1230     }
1231 }
1232 
1233 static void save_window(CPUSPARCState *env)
1234 {
1235 #ifndef TARGET_SPARC64
1236     unsigned int new_wim;
1237     new_wim = ((env->wim >> 1) | (env->wim << (env->nwindows - 1))) &
1238         ((1LL << env->nwindows) - 1);
1239     save_window_offset(env, cpu_cwp_dec(env, env->cwp - 2));
1240     env->wim = new_wim;
1241 #else
1242     save_window_offset(env, cpu_cwp_dec(env, env->cwp - 2));
1243     env->cansave++;
1244     env->canrestore--;
1245 #endif
1246 }
1247 
1248 static void restore_window(CPUSPARCState *env)
1249 {
1250 #ifndef TARGET_SPARC64
1251     unsigned int new_wim;
1252 #endif
1253     unsigned int i, cwp1;
1254     abi_ulong sp_ptr;
1255 
1256 #ifndef TARGET_SPARC64
1257     new_wim = ((env->wim << 1) | (env->wim >> (env->nwindows - 1))) &
1258         ((1LL << env->nwindows) - 1);
1259 #endif
1260 
1261     /* restore the invalid window */
1262     cwp1 = cpu_cwp_inc(env, env->cwp + 1);
1263     sp_ptr = env->regbase[get_reg_index(env, cwp1, 6)];
1264 #ifdef TARGET_SPARC64
1265     if (sp_ptr & 3)
1266         sp_ptr += SPARC64_STACK_BIAS;
1267 #endif
1268 #if defined(DEBUG_WIN)
1269     printf("win_underflow: sp_ptr=0x" TARGET_ABI_FMT_lx " load_cwp=%d\n",
1270            sp_ptr, cwp1);
1271 #endif
1272     for(i = 0; i < 16; i++) {
1273         /* FIXME - what to do if get_user() fails? */
1274         get_user_ual(env->regbase[get_reg_index(env, cwp1, 8 + i)], sp_ptr);
1275         sp_ptr += sizeof(abi_ulong);
1276     }
1277 #ifdef TARGET_SPARC64
1278     env->canrestore++;
1279     if (env->cleanwin < env->nwindows - 1)
1280         env->cleanwin++;
1281     env->cansave--;
1282 #else
1283     env->wim = new_wim;
1284 #endif
1285 }
1286 
1287 static void flush_windows(CPUSPARCState *env)
1288 {
1289     int offset, cwp1;
1290 
1291     offset = 1;
1292     for(;;) {
1293         /* if restore would invoke restore_window(), then we can stop */
1294         cwp1 = cpu_cwp_inc(env, env->cwp + offset);
1295 #ifndef TARGET_SPARC64
1296         if (env->wim & (1 << cwp1))
1297             break;
1298 #else
1299         if (env->canrestore == 0)
1300             break;
1301         env->cansave++;
1302         env->canrestore--;
1303 #endif
1304         save_window_offset(env, cwp1);
1305         offset++;
1306     }
1307     cwp1 = cpu_cwp_inc(env, env->cwp + 1);
1308 #ifndef TARGET_SPARC64
1309     /* set wim so that restore will reload the registers */
1310     env->wim = 1 << cwp1;
1311 #endif
1312 #if defined(DEBUG_WIN)
1313     printf("flush_windows: nb=%d\n", offset - 1);
1314 #endif
1315 }
1316 
1317 void cpu_loop (CPUSPARCState *env)
1318 {
1319     CPUState *cs = CPU(sparc_env_get_cpu(env));
1320     int trapnr;
1321     abi_long ret;
1322     target_siginfo_t info;
1323 
1324     while (1) {
1325         cpu_exec_start(cs);
1326         trapnr = cpu_sparc_exec(cs);
1327         cpu_exec_end(cs);
1328 
1329         /* Compute PSR before exposing state.  */
1330         if (env->cc_op != CC_OP_FLAGS) {
1331             cpu_get_psr(env);
1332         }
1333 
1334         switch (trapnr) {
1335 #ifndef TARGET_SPARC64
1336         case 0x88:
1337         case 0x90:
1338 #else
1339         case 0x110:
1340         case 0x16d:
1341 #endif
1342             ret = do_syscall (env, env->gregs[1],
1343                               env->regwptr[0], env->regwptr[1],
1344                               env->regwptr[2], env->regwptr[3],
1345                               env->regwptr[4], env->regwptr[5],
1346                               0, 0);
1347             if ((abi_ulong)ret >= (abi_ulong)(-515)) {
1348 #if defined(TARGET_SPARC64) && !defined(TARGET_ABI32)
1349                 env->xcc |= PSR_CARRY;
1350 #else
1351                 env->psr |= PSR_CARRY;
1352 #endif
1353                 ret = -ret;
1354             } else {
1355 #if defined(TARGET_SPARC64) && !defined(TARGET_ABI32)
1356                 env->xcc &= ~PSR_CARRY;
1357 #else
1358                 env->psr &= ~PSR_CARRY;
1359 #endif
1360             }
1361             env->regwptr[0] = ret;
1362             /* next instruction */
1363             env->pc = env->npc;
1364             env->npc = env->npc + 4;
1365             break;
1366         case 0x83: /* flush windows */
1367 #ifdef TARGET_ABI32
1368         case 0x103:
1369 #endif
1370             flush_windows(env);
1371             /* next instruction */
1372             env->pc = env->npc;
1373             env->npc = env->npc + 4;
1374             break;
1375 #ifndef TARGET_SPARC64
1376         case TT_WIN_OVF: /* window overflow */
1377             save_window(env);
1378             break;
1379         case TT_WIN_UNF: /* window underflow */
1380             restore_window(env);
1381             break;
1382         case TT_TFAULT:
1383         case TT_DFAULT:
1384             {
1385                 info.si_signo = TARGET_SIGSEGV;
1386                 info.si_errno = 0;
1387                 /* XXX: check env->error_code */
1388                 info.si_code = TARGET_SEGV_MAPERR;
1389                 info._sifields._sigfault._addr = env->mmuregs[4];
1390                 queue_signal(env, info.si_signo, &info);
1391             }
1392             break;
1393 #else
1394         case TT_SPILL: /* window overflow */
1395             save_window(env);
1396             break;
1397         case TT_FILL: /* window underflow */
1398             restore_window(env);
1399             break;
1400         case TT_TFAULT:
1401         case TT_DFAULT:
1402             {
1403                 info.si_signo = TARGET_SIGSEGV;
1404                 info.si_errno = 0;
1405                 /* XXX: check env->error_code */
1406                 info.si_code = TARGET_SEGV_MAPERR;
1407                 if (trapnr == TT_DFAULT)
1408                     info._sifields._sigfault._addr = env->dmmuregs[4];
1409                 else
1410                     info._sifields._sigfault._addr = cpu_tsptr(env)->tpc;
1411                 queue_signal(env, info.si_signo, &info);
1412             }
1413             break;
1414 #ifndef TARGET_ABI32
1415         case 0x16e:
1416             flush_windows(env);
1417             sparc64_get_context(env);
1418             break;
1419         case 0x16f:
1420             flush_windows(env);
1421             sparc64_set_context(env);
1422             break;
1423 #endif
1424 #endif
1425         case EXCP_INTERRUPT:
1426             /* just indicate that signals should be handled asap */
1427             break;
1428         case TT_ILL_INSN:
1429             {
1430                 info.si_signo = TARGET_SIGILL;
1431                 info.si_errno = 0;
1432                 info.si_code = TARGET_ILL_ILLOPC;
1433                 info._sifields._sigfault._addr = env->pc;
1434                 queue_signal(env, info.si_signo, &info);
1435             }
1436             break;
1437         case EXCP_DEBUG:
1438             {
1439                 int sig;
1440 
1441                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
1442                 if (sig)
1443                   {
1444                     info.si_signo = sig;
1445                     info.si_errno = 0;
1446                     info.si_code = TARGET_TRAP_BRKPT;
1447                     queue_signal(env, info.si_signo, &info);
1448                   }
1449             }
1450             break;
1451         default:
1452             printf ("Unhandled trap: 0x%x\n", trapnr);
1453             cpu_dump_state(cs, stderr, fprintf, 0);
1454             exit(EXIT_FAILURE);
1455         }
1456         process_pending_signals (env);
1457     }
1458 }
1459 
1460 #endif
1461 
1462 #ifdef TARGET_PPC
1463 static inline uint64_t cpu_ppc_get_tb(CPUPPCState *env)
1464 {
1465     return cpu_get_host_ticks();
1466 }
1467 
1468 uint64_t cpu_ppc_load_tbl(CPUPPCState *env)
1469 {
1470     return cpu_ppc_get_tb(env);
1471 }
1472 
1473 uint32_t cpu_ppc_load_tbu(CPUPPCState *env)
1474 {
1475     return cpu_ppc_get_tb(env) >> 32;
1476 }
1477 
1478 uint64_t cpu_ppc_load_atbl(CPUPPCState *env)
1479 {
1480     return cpu_ppc_get_tb(env);
1481 }
1482 
1483 uint32_t cpu_ppc_load_atbu(CPUPPCState *env)
1484 {
1485     return cpu_ppc_get_tb(env) >> 32;
1486 }
1487 
1488 uint32_t cpu_ppc601_load_rtcu(CPUPPCState *env)
1489 __attribute__ (( alias ("cpu_ppc_load_tbu") ));
1490 
1491 uint32_t cpu_ppc601_load_rtcl(CPUPPCState *env)
1492 {
1493     return cpu_ppc_load_tbl(env) & 0x3FFFFF80;
1494 }
1495 
1496 /* XXX: to be fixed */
1497 int ppc_dcr_read (ppc_dcr_t *dcr_env, int dcrn, uint32_t *valp)
1498 {
1499     return -1;
1500 }
1501 
1502 int ppc_dcr_write (ppc_dcr_t *dcr_env, int dcrn, uint32_t val)
1503 {
1504     return -1;
1505 }
1506 
1507 static int do_store_exclusive(CPUPPCState *env)
1508 {
1509     target_ulong addr;
1510     target_ulong page_addr;
1511     target_ulong val, val2 __attribute__((unused)) = 0;
1512     int flags;
1513     int segv = 0;
1514 
1515     addr = env->reserve_ea;
1516     page_addr = addr & TARGET_PAGE_MASK;
1517     start_exclusive();
1518     mmap_lock();
1519     flags = page_get_flags(page_addr);
1520     if ((flags & PAGE_READ) == 0) {
1521         segv = 1;
1522     } else {
1523         int reg = env->reserve_info & 0x1f;
1524         int size = env->reserve_info >> 5;
1525         int stored = 0;
1526 
1527         if (addr == env->reserve_addr) {
1528             switch (size) {
1529             case 1: segv = get_user_u8(val, addr); break;
1530             case 2: segv = get_user_u16(val, addr); break;
1531             case 4: segv = get_user_u32(val, addr); break;
1532 #if defined(TARGET_PPC64)
1533             case 8: segv = get_user_u64(val, addr); break;
1534             case 16: {
1535                 segv = get_user_u64(val, addr);
1536                 if (!segv) {
1537                     segv = get_user_u64(val2, addr + 8);
1538                 }
1539                 break;
1540             }
1541 #endif
1542             default: abort();
1543             }
1544             if (!segv && val == env->reserve_val) {
1545                 val = env->gpr[reg];
1546                 switch (size) {
1547                 case 1: segv = put_user_u8(val, addr); break;
1548                 case 2: segv = put_user_u16(val, addr); break;
1549                 case 4: segv = put_user_u32(val, addr); break;
1550 #if defined(TARGET_PPC64)
1551                 case 8: segv = put_user_u64(val, addr); break;
1552                 case 16: {
1553                     if (val2 == env->reserve_val2) {
1554                         if (msr_le) {
1555                             val2 = val;
1556                             val = env->gpr[reg+1];
1557                         } else {
1558                             val2 = env->gpr[reg+1];
1559                         }
1560                         segv = put_user_u64(val, addr);
1561                         if (!segv) {
1562                             segv = put_user_u64(val2, addr + 8);
1563                         }
1564                     }
1565                     break;
1566                 }
1567 #endif
1568                 default: abort();
1569                 }
1570                 if (!segv) {
1571                     stored = 1;
1572                 }
1573             }
1574         }
1575         env->crf[0] = (stored << 1) | xer_so;
1576         env->reserve_addr = (target_ulong)-1;
1577     }
1578     if (!segv) {
1579         env->nip += 4;
1580     }
1581     mmap_unlock();
1582     end_exclusive();
1583     return segv;
1584 }
1585 
1586 void cpu_loop(CPUPPCState *env)
1587 {
1588     CPUState *cs = CPU(ppc_env_get_cpu(env));
1589     target_siginfo_t info;
1590     int trapnr;
1591     target_ulong ret;
1592 
1593     for(;;) {
1594         cpu_exec_start(cs);
1595         trapnr = cpu_ppc_exec(cs);
1596         cpu_exec_end(cs);
1597         switch(trapnr) {
1598         case POWERPC_EXCP_NONE:
1599             /* Just go on */
1600             break;
1601         case POWERPC_EXCP_CRITICAL: /* Critical input                        */
1602             cpu_abort(cs, "Critical interrupt while in user mode. "
1603                       "Aborting\n");
1604             break;
1605         case POWERPC_EXCP_MCHECK:   /* Machine check exception               */
1606             cpu_abort(cs, "Machine check exception while in user mode. "
1607                       "Aborting\n");
1608             break;
1609         case POWERPC_EXCP_DSI:      /* Data storage exception                */
1610             EXCP_DUMP(env, "Invalid data memory access: 0x" TARGET_FMT_lx "\n",
1611                       env->spr[SPR_DAR]);
1612             /* XXX: check this. Seems bugged */
1613             switch (env->error_code & 0xFF000000) {
1614             case 0x40000000:
1615                 info.si_signo = TARGET_SIGSEGV;
1616                 info.si_errno = 0;
1617                 info.si_code = TARGET_SEGV_MAPERR;
1618                 break;
1619             case 0x04000000:
1620                 info.si_signo = TARGET_SIGILL;
1621                 info.si_errno = 0;
1622                 info.si_code = TARGET_ILL_ILLADR;
1623                 break;
1624             case 0x08000000:
1625                 info.si_signo = TARGET_SIGSEGV;
1626                 info.si_errno = 0;
1627                 info.si_code = TARGET_SEGV_ACCERR;
1628                 break;
1629             default:
1630                 /* Let's send a regular segfault... */
1631                 EXCP_DUMP(env, "Invalid segfault errno (%02x)\n",
1632                           env->error_code);
1633                 info.si_signo = TARGET_SIGSEGV;
1634                 info.si_errno = 0;
1635                 info.si_code = TARGET_SEGV_MAPERR;
1636                 break;
1637             }
1638             info._sifields._sigfault._addr = env->nip;
1639             queue_signal(env, info.si_signo, &info);
1640             break;
1641         case POWERPC_EXCP_ISI:      /* Instruction storage exception         */
1642             EXCP_DUMP(env, "Invalid instruction fetch: 0x\n" TARGET_FMT_lx
1643                       "\n", env->spr[SPR_SRR0]);
1644             /* XXX: check this */
1645             switch (env->error_code & 0xFF000000) {
1646             case 0x40000000:
1647                 info.si_signo = TARGET_SIGSEGV;
1648             info.si_errno = 0;
1649                 info.si_code = TARGET_SEGV_MAPERR;
1650                 break;
1651             case 0x10000000:
1652             case 0x08000000:
1653                 info.si_signo = TARGET_SIGSEGV;
1654                 info.si_errno = 0;
1655                 info.si_code = TARGET_SEGV_ACCERR;
1656                 break;
1657             default:
1658                 /* Let's send a regular segfault... */
1659                 EXCP_DUMP(env, "Invalid segfault errno (%02x)\n",
1660                           env->error_code);
1661                 info.si_signo = TARGET_SIGSEGV;
1662                 info.si_errno = 0;
1663                 info.si_code = TARGET_SEGV_MAPERR;
1664                 break;
1665             }
1666             info._sifields._sigfault._addr = env->nip - 4;
1667             queue_signal(env, info.si_signo, &info);
1668             break;
1669         case POWERPC_EXCP_EXTERNAL: /* External input                        */
1670             cpu_abort(cs, "External interrupt while in user mode. "
1671                       "Aborting\n");
1672             break;
1673         case POWERPC_EXCP_ALIGN:    /* Alignment exception                   */
1674             EXCP_DUMP(env, "Unaligned memory access\n");
1675             /* XXX: check this */
1676             info.si_signo = TARGET_SIGBUS;
1677             info.si_errno = 0;
1678             info.si_code = TARGET_BUS_ADRALN;
1679             info._sifields._sigfault._addr = env->nip;
1680             queue_signal(env, info.si_signo, &info);
1681             break;
1682         case POWERPC_EXCP_PROGRAM:  /* Program exception                     */
1683             /* XXX: check this */
1684             switch (env->error_code & ~0xF) {
1685             case POWERPC_EXCP_FP:
1686                 EXCP_DUMP(env, "Floating point program exception\n");
1687                 info.si_signo = TARGET_SIGFPE;
1688                 info.si_errno = 0;
1689                 switch (env->error_code & 0xF) {
1690                 case POWERPC_EXCP_FP_OX:
1691                     info.si_code = TARGET_FPE_FLTOVF;
1692                     break;
1693                 case POWERPC_EXCP_FP_UX:
1694                     info.si_code = TARGET_FPE_FLTUND;
1695                     break;
1696                 case POWERPC_EXCP_FP_ZX:
1697                 case POWERPC_EXCP_FP_VXZDZ:
1698                     info.si_code = TARGET_FPE_FLTDIV;
1699                     break;
1700                 case POWERPC_EXCP_FP_XX:
1701                     info.si_code = TARGET_FPE_FLTRES;
1702                     break;
1703                 case POWERPC_EXCP_FP_VXSOFT:
1704                     info.si_code = TARGET_FPE_FLTINV;
1705                     break;
1706                 case POWERPC_EXCP_FP_VXSNAN:
1707                 case POWERPC_EXCP_FP_VXISI:
1708                 case POWERPC_EXCP_FP_VXIDI:
1709                 case POWERPC_EXCP_FP_VXIMZ:
1710                 case POWERPC_EXCP_FP_VXVC:
1711                 case POWERPC_EXCP_FP_VXSQRT:
1712                 case POWERPC_EXCP_FP_VXCVI:
1713                     info.si_code = TARGET_FPE_FLTSUB;
1714                     break;
1715                 default:
1716                     EXCP_DUMP(env, "Unknown floating point exception (%02x)\n",
1717                               env->error_code);
1718                     break;
1719                 }
1720                 break;
1721             case POWERPC_EXCP_INVAL:
1722                 EXCP_DUMP(env, "Invalid instruction\n");
1723                 info.si_signo = TARGET_SIGILL;
1724                 info.si_errno = 0;
1725                 switch (env->error_code & 0xF) {
1726                 case POWERPC_EXCP_INVAL_INVAL:
1727                     info.si_code = TARGET_ILL_ILLOPC;
1728                     break;
1729                 case POWERPC_EXCP_INVAL_LSWX:
1730                     info.si_code = TARGET_ILL_ILLOPN;
1731                     break;
1732                 case POWERPC_EXCP_INVAL_SPR:
1733                     info.si_code = TARGET_ILL_PRVREG;
1734                     break;
1735                 case POWERPC_EXCP_INVAL_FP:
1736                     info.si_code = TARGET_ILL_COPROC;
1737                     break;
1738                 default:
1739                     EXCP_DUMP(env, "Unknown invalid operation (%02x)\n",
1740                               env->error_code & 0xF);
1741                     info.si_code = TARGET_ILL_ILLADR;
1742                     break;
1743                 }
1744                 break;
1745             case POWERPC_EXCP_PRIV:
1746                 EXCP_DUMP(env, "Privilege violation\n");
1747                 info.si_signo = TARGET_SIGILL;
1748                 info.si_errno = 0;
1749                 switch (env->error_code & 0xF) {
1750                 case POWERPC_EXCP_PRIV_OPC:
1751                     info.si_code = TARGET_ILL_PRVOPC;
1752                     break;
1753                 case POWERPC_EXCP_PRIV_REG:
1754                     info.si_code = TARGET_ILL_PRVREG;
1755                     break;
1756                 default:
1757                     EXCP_DUMP(env, "Unknown privilege violation (%02x)\n",
1758                               env->error_code & 0xF);
1759                     info.si_code = TARGET_ILL_PRVOPC;
1760                     break;
1761                 }
1762                 break;
1763             case POWERPC_EXCP_TRAP:
1764                 cpu_abort(cs, "Tried to call a TRAP\n");
1765                 break;
1766             default:
1767                 /* Should not happen ! */
1768                 cpu_abort(cs, "Unknown program exception (%02x)\n",
1769                           env->error_code);
1770                 break;
1771             }
1772             info._sifields._sigfault._addr = env->nip - 4;
1773             queue_signal(env, info.si_signo, &info);
1774             break;
1775         case POWERPC_EXCP_FPU:      /* Floating-point unavailable exception  */
1776             EXCP_DUMP(env, "No floating point allowed\n");
1777             info.si_signo = TARGET_SIGILL;
1778             info.si_errno = 0;
1779             info.si_code = TARGET_ILL_COPROC;
1780             info._sifields._sigfault._addr = env->nip - 4;
1781             queue_signal(env, info.si_signo, &info);
1782             break;
1783         case POWERPC_EXCP_SYSCALL:  /* System call exception                 */
1784             cpu_abort(cs, "Syscall exception while in user mode. "
1785                       "Aborting\n");
1786             break;
1787         case POWERPC_EXCP_APU:      /* Auxiliary processor unavailable       */
1788             EXCP_DUMP(env, "No APU instruction allowed\n");
1789             info.si_signo = TARGET_SIGILL;
1790             info.si_errno = 0;
1791             info.si_code = TARGET_ILL_COPROC;
1792             info._sifields._sigfault._addr = env->nip - 4;
1793             queue_signal(env, info.si_signo, &info);
1794             break;
1795         case POWERPC_EXCP_DECR:     /* Decrementer exception                 */
1796             cpu_abort(cs, "Decrementer interrupt while in user mode. "
1797                       "Aborting\n");
1798             break;
1799         case POWERPC_EXCP_FIT:      /* Fixed-interval timer interrupt        */
1800             cpu_abort(cs, "Fix interval timer interrupt while in user mode. "
1801                       "Aborting\n");
1802             break;
1803         case POWERPC_EXCP_WDT:      /* Watchdog timer interrupt              */
1804             cpu_abort(cs, "Watchdog timer interrupt while in user mode. "
1805                       "Aborting\n");
1806             break;
1807         case POWERPC_EXCP_DTLB:     /* Data TLB error                        */
1808             cpu_abort(cs, "Data TLB exception while in user mode. "
1809                       "Aborting\n");
1810             break;
1811         case POWERPC_EXCP_ITLB:     /* Instruction TLB error                 */
1812             cpu_abort(cs, "Instruction TLB exception while in user mode. "
1813                       "Aborting\n");
1814             break;
1815         case POWERPC_EXCP_SPEU:     /* SPE/embedded floating-point unavail.  */
1816             EXCP_DUMP(env, "No SPE/floating-point instruction allowed\n");
1817             info.si_signo = TARGET_SIGILL;
1818             info.si_errno = 0;
1819             info.si_code = TARGET_ILL_COPROC;
1820             info._sifields._sigfault._addr = env->nip - 4;
1821             queue_signal(env, info.si_signo, &info);
1822             break;
1823         case POWERPC_EXCP_EFPDI:    /* Embedded floating-point data IRQ      */
1824             cpu_abort(cs, "Embedded floating-point data IRQ not handled\n");
1825             break;
1826         case POWERPC_EXCP_EFPRI:    /* Embedded floating-point round IRQ     */
1827             cpu_abort(cs, "Embedded floating-point round IRQ not handled\n");
1828             break;
1829         case POWERPC_EXCP_EPERFM:   /* Embedded performance monitor IRQ      */
1830             cpu_abort(cs, "Performance monitor exception not handled\n");
1831             break;
1832         case POWERPC_EXCP_DOORI:    /* Embedded doorbell interrupt           */
1833             cpu_abort(cs, "Doorbell interrupt while in user mode. "
1834                        "Aborting\n");
1835             break;
1836         case POWERPC_EXCP_DOORCI:   /* Embedded doorbell critical interrupt  */
1837             cpu_abort(cs, "Doorbell critical interrupt while in user mode. "
1838                       "Aborting\n");
1839             break;
1840         case POWERPC_EXCP_RESET:    /* System reset exception                */
1841             cpu_abort(cs, "Reset interrupt while in user mode. "
1842                       "Aborting\n");
1843             break;
1844         case POWERPC_EXCP_DSEG:     /* Data segment exception                */
1845             cpu_abort(cs, "Data segment exception while in user mode. "
1846                       "Aborting\n");
1847             break;
1848         case POWERPC_EXCP_ISEG:     /* Instruction segment exception         */
1849             cpu_abort(cs, "Instruction segment exception "
1850                       "while in user mode. Aborting\n");
1851             break;
1852         /* PowerPC 64 with hypervisor mode support */
1853         case POWERPC_EXCP_HDECR:    /* Hypervisor decrementer exception      */
1854             cpu_abort(cs, "Hypervisor decrementer interrupt "
1855                       "while in user mode. Aborting\n");
1856             break;
1857         case POWERPC_EXCP_TRACE:    /* Trace exception                       */
1858             /* Nothing to do:
1859              * we use this exception to emulate step-by-step execution mode.
1860              */
1861             break;
1862         /* PowerPC 64 with hypervisor mode support */
1863         case POWERPC_EXCP_HDSI:     /* Hypervisor data storage exception     */
1864             cpu_abort(cs, "Hypervisor data storage exception "
1865                       "while in user mode. Aborting\n");
1866             break;
1867         case POWERPC_EXCP_HISI:     /* Hypervisor instruction storage excp   */
1868             cpu_abort(cs, "Hypervisor instruction storage exception "
1869                       "while in user mode. Aborting\n");
1870             break;
1871         case POWERPC_EXCP_HDSEG:    /* Hypervisor data segment exception     */
1872             cpu_abort(cs, "Hypervisor data segment exception "
1873                       "while in user mode. Aborting\n");
1874             break;
1875         case POWERPC_EXCP_HISEG:    /* Hypervisor instruction segment excp   */
1876             cpu_abort(cs, "Hypervisor instruction segment exception "
1877                       "while in user mode. Aborting\n");
1878             break;
1879         case POWERPC_EXCP_VPU:      /* Vector unavailable exception          */
1880             EXCP_DUMP(env, "No Altivec instructions allowed\n");
1881             info.si_signo = TARGET_SIGILL;
1882             info.si_errno = 0;
1883             info.si_code = TARGET_ILL_COPROC;
1884             info._sifields._sigfault._addr = env->nip - 4;
1885             queue_signal(env, info.si_signo, &info);
1886             break;
1887         case POWERPC_EXCP_PIT:      /* Programmable interval timer IRQ       */
1888             cpu_abort(cs, "Programmable interval timer interrupt "
1889                       "while in user mode. Aborting\n");
1890             break;
1891         case POWERPC_EXCP_IO:       /* IO error exception                    */
1892             cpu_abort(cs, "IO error exception while in user mode. "
1893                       "Aborting\n");
1894             break;
1895         case POWERPC_EXCP_RUNM:     /* Run mode exception                    */
1896             cpu_abort(cs, "Run mode exception while in user mode. "
1897                       "Aborting\n");
1898             break;
1899         case POWERPC_EXCP_EMUL:     /* Emulation trap exception              */
1900             cpu_abort(cs, "Emulation trap exception not handled\n");
1901             break;
1902         case POWERPC_EXCP_IFTLB:    /* Instruction fetch TLB error           */
1903             cpu_abort(cs, "Instruction fetch TLB exception "
1904                       "while in user-mode. Aborting");
1905             break;
1906         case POWERPC_EXCP_DLTLB:    /* Data load TLB miss                    */
1907             cpu_abort(cs, "Data load TLB exception while in user-mode. "
1908                       "Aborting");
1909             break;
1910         case POWERPC_EXCP_DSTLB:    /* Data store TLB miss                   */
1911             cpu_abort(cs, "Data store TLB exception while in user-mode. "
1912                       "Aborting");
1913             break;
1914         case POWERPC_EXCP_FPA:      /* Floating-point assist exception       */
1915             cpu_abort(cs, "Floating-point assist exception not handled\n");
1916             break;
1917         case POWERPC_EXCP_IABR:     /* Instruction address breakpoint        */
1918             cpu_abort(cs, "Instruction address breakpoint exception "
1919                       "not handled\n");
1920             break;
1921         case POWERPC_EXCP_SMI:      /* System management interrupt           */
1922             cpu_abort(cs, "System management interrupt while in user mode. "
1923                       "Aborting\n");
1924             break;
1925         case POWERPC_EXCP_THERM:    /* Thermal interrupt                     */
1926             cpu_abort(cs, "Thermal interrupt interrupt while in user mode. "
1927                       "Aborting\n");
1928             break;
1929         case POWERPC_EXCP_PERFM:   /* Embedded performance monitor IRQ      */
1930             cpu_abort(cs, "Performance monitor exception not handled\n");
1931             break;
1932         case POWERPC_EXCP_VPUA:     /* Vector assist exception               */
1933             cpu_abort(cs, "Vector assist exception not handled\n");
1934             break;
1935         case POWERPC_EXCP_SOFTP:    /* Soft patch exception                  */
1936             cpu_abort(cs, "Soft patch exception not handled\n");
1937             break;
1938         case POWERPC_EXCP_MAINT:    /* Maintenance exception                 */
1939             cpu_abort(cs, "Maintenance exception while in user mode. "
1940                       "Aborting\n");
1941             break;
1942         case POWERPC_EXCP_STOP:     /* stop translation                      */
1943             /* We did invalidate the instruction cache. Go on */
1944             break;
1945         case POWERPC_EXCP_BRANCH:   /* branch instruction:                   */
1946             /* We just stopped because of a branch. Go on */
1947             break;
1948         case POWERPC_EXCP_SYSCALL_USER:
1949             /* system call in user-mode emulation */
1950             /* WARNING:
1951              * PPC ABI uses overflow flag in cr0 to signal an error
1952              * in syscalls.
1953              */
1954             env->crf[0] &= ~0x1;
1955             ret = do_syscall(env, env->gpr[0], env->gpr[3], env->gpr[4],
1956                              env->gpr[5], env->gpr[6], env->gpr[7],
1957                              env->gpr[8], 0, 0);
1958             if (ret == (target_ulong)(-TARGET_QEMU_ESIGRETURN)) {
1959                 /* Returning from a successful sigreturn syscall.
1960                    Avoid corrupting register state.  */
1961                 break;
1962             }
1963             if (ret > (target_ulong)(-515)) {
1964                 env->crf[0] |= 0x1;
1965                 ret = -ret;
1966             }
1967             env->gpr[3] = ret;
1968             break;
1969         case POWERPC_EXCP_STCX:
1970             if (do_store_exclusive(env)) {
1971                 info.si_signo = TARGET_SIGSEGV;
1972                 info.si_errno = 0;
1973                 info.si_code = TARGET_SEGV_MAPERR;
1974                 info._sifields._sigfault._addr = env->nip;
1975                 queue_signal(env, info.si_signo, &info);
1976             }
1977             break;
1978         case EXCP_DEBUG:
1979             {
1980                 int sig;
1981 
1982                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
1983                 if (sig) {
1984                     info.si_signo = sig;
1985                     info.si_errno = 0;
1986                     info.si_code = TARGET_TRAP_BRKPT;
1987                     queue_signal(env, info.si_signo, &info);
1988                   }
1989             }
1990             break;
1991         case EXCP_INTERRUPT:
1992             /* just indicate that signals should be handled asap */
1993             break;
1994         default:
1995             cpu_abort(cs, "Unknown exception 0x%d. Aborting\n", trapnr);
1996             break;
1997         }
1998         process_pending_signals(env);
1999     }
2000 }
2001 #endif
2002 
2003 #ifdef TARGET_MIPS
2004 
2005 # ifdef TARGET_ABI_MIPSO32
2006 #  define MIPS_SYS(name, args) args,
2007 static const uint8_t mips_syscall_args[] = {
2008 	MIPS_SYS(sys_syscall	, 8)	/* 4000 */
2009 	MIPS_SYS(sys_exit	, 1)
2010 	MIPS_SYS(sys_fork	, 0)
2011 	MIPS_SYS(sys_read	, 3)
2012 	MIPS_SYS(sys_write	, 3)
2013 	MIPS_SYS(sys_open	, 3)	/* 4005 */
2014 	MIPS_SYS(sys_close	, 1)
2015 	MIPS_SYS(sys_waitpid	, 3)
2016 	MIPS_SYS(sys_creat	, 2)
2017 	MIPS_SYS(sys_link	, 2)
2018 	MIPS_SYS(sys_unlink	, 1)	/* 4010 */
2019 	MIPS_SYS(sys_execve	, 0)
2020 	MIPS_SYS(sys_chdir	, 1)
2021 	MIPS_SYS(sys_time	, 1)
2022 	MIPS_SYS(sys_mknod	, 3)
2023 	MIPS_SYS(sys_chmod	, 2)	/* 4015 */
2024 	MIPS_SYS(sys_lchown	, 3)
2025 	MIPS_SYS(sys_ni_syscall	, 0)
2026 	MIPS_SYS(sys_ni_syscall	, 0)	/* was sys_stat */
2027 	MIPS_SYS(sys_lseek	, 3)
2028 	MIPS_SYS(sys_getpid	, 0)	/* 4020 */
2029 	MIPS_SYS(sys_mount	, 5)
2030 	MIPS_SYS(sys_umount	, 1)
2031 	MIPS_SYS(sys_setuid	, 1)
2032 	MIPS_SYS(sys_getuid	, 0)
2033 	MIPS_SYS(sys_stime	, 1)	/* 4025 */
2034 	MIPS_SYS(sys_ptrace	, 4)
2035 	MIPS_SYS(sys_alarm	, 1)
2036 	MIPS_SYS(sys_ni_syscall	, 0)	/* was sys_fstat */
2037 	MIPS_SYS(sys_pause	, 0)
2038 	MIPS_SYS(sys_utime	, 2)	/* 4030 */
2039 	MIPS_SYS(sys_ni_syscall	, 0)
2040 	MIPS_SYS(sys_ni_syscall	, 0)
2041 	MIPS_SYS(sys_access	, 2)
2042 	MIPS_SYS(sys_nice	, 1)
2043 	MIPS_SYS(sys_ni_syscall	, 0)	/* 4035 */
2044 	MIPS_SYS(sys_sync	, 0)
2045 	MIPS_SYS(sys_kill	, 2)
2046 	MIPS_SYS(sys_rename	, 2)
2047 	MIPS_SYS(sys_mkdir	, 2)
2048 	MIPS_SYS(sys_rmdir	, 1)	/* 4040 */
2049 	MIPS_SYS(sys_dup		, 1)
2050 	MIPS_SYS(sys_pipe	, 0)
2051 	MIPS_SYS(sys_times	, 1)
2052 	MIPS_SYS(sys_ni_syscall	, 0)
2053 	MIPS_SYS(sys_brk		, 1)	/* 4045 */
2054 	MIPS_SYS(sys_setgid	, 1)
2055 	MIPS_SYS(sys_getgid	, 0)
2056 	MIPS_SYS(sys_ni_syscall	, 0)	/* was signal(2) */
2057 	MIPS_SYS(sys_geteuid	, 0)
2058 	MIPS_SYS(sys_getegid	, 0)	/* 4050 */
2059 	MIPS_SYS(sys_acct	, 0)
2060 	MIPS_SYS(sys_umount2	, 2)
2061 	MIPS_SYS(sys_ni_syscall	, 0)
2062 	MIPS_SYS(sys_ioctl	, 3)
2063 	MIPS_SYS(sys_fcntl	, 3)	/* 4055 */
2064 	MIPS_SYS(sys_ni_syscall	, 2)
2065 	MIPS_SYS(sys_setpgid	, 2)
2066 	MIPS_SYS(sys_ni_syscall	, 0)
2067 	MIPS_SYS(sys_olduname	, 1)
2068 	MIPS_SYS(sys_umask	, 1)	/* 4060 */
2069 	MIPS_SYS(sys_chroot	, 1)
2070 	MIPS_SYS(sys_ustat	, 2)
2071 	MIPS_SYS(sys_dup2	, 2)
2072 	MIPS_SYS(sys_getppid	, 0)
2073 	MIPS_SYS(sys_getpgrp	, 0)	/* 4065 */
2074 	MIPS_SYS(sys_setsid	, 0)
2075 	MIPS_SYS(sys_sigaction	, 3)
2076 	MIPS_SYS(sys_sgetmask	, 0)
2077 	MIPS_SYS(sys_ssetmask	, 1)
2078 	MIPS_SYS(sys_setreuid	, 2)	/* 4070 */
2079 	MIPS_SYS(sys_setregid	, 2)
2080 	MIPS_SYS(sys_sigsuspend	, 0)
2081 	MIPS_SYS(sys_sigpending	, 1)
2082 	MIPS_SYS(sys_sethostname	, 2)
2083 	MIPS_SYS(sys_setrlimit	, 2)	/* 4075 */
2084 	MIPS_SYS(sys_getrlimit	, 2)
2085 	MIPS_SYS(sys_getrusage	, 2)
2086 	MIPS_SYS(sys_gettimeofday, 2)
2087 	MIPS_SYS(sys_settimeofday, 2)
2088 	MIPS_SYS(sys_getgroups	, 2)	/* 4080 */
2089 	MIPS_SYS(sys_setgroups	, 2)
2090 	MIPS_SYS(sys_ni_syscall	, 0)	/* old_select */
2091 	MIPS_SYS(sys_symlink	, 2)
2092 	MIPS_SYS(sys_ni_syscall	, 0)	/* was sys_lstat */
2093 	MIPS_SYS(sys_readlink	, 3)	/* 4085 */
2094 	MIPS_SYS(sys_uselib	, 1)
2095 	MIPS_SYS(sys_swapon	, 2)
2096 	MIPS_SYS(sys_reboot	, 3)
2097 	MIPS_SYS(old_readdir	, 3)
2098 	MIPS_SYS(old_mmap	, 6)	/* 4090 */
2099 	MIPS_SYS(sys_munmap	, 2)
2100 	MIPS_SYS(sys_truncate	, 2)
2101 	MIPS_SYS(sys_ftruncate	, 2)
2102 	MIPS_SYS(sys_fchmod	, 2)
2103 	MIPS_SYS(sys_fchown	, 3)	/* 4095 */
2104 	MIPS_SYS(sys_getpriority	, 2)
2105 	MIPS_SYS(sys_setpriority	, 3)
2106 	MIPS_SYS(sys_ni_syscall	, 0)
2107 	MIPS_SYS(sys_statfs	, 2)
2108 	MIPS_SYS(sys_fstatfs	, 2)	/* 4100 */
2109 	MIPS_SYS(sys_ni_syscall	, 0)	/* was ioperm(2) */
2110 	MIPS_SYS(sys_socketcall	, 2)
2111 	MIPS_SYS(sys_syslog	, 3)
2112 	MIPS_SYS(sys_setitimer	, 3)
2113 	MIPS_SYS(sys_getitimer	, 2)	/* 4105 */
2114 	MIPS_SYS(sys_newstat	, 2)
2115 	MIPS_SYS(sys_newlstat	, 2)
2116 	MIPS_SYS(sys_newfstat	, 2)
2117 	MIPS_SYS(sys_uname	, 1)
2118 	MIPS_SYS(sys_ni_syscall	, 0)	/* 4110 was iopl(2) */
2119 	MIPS_SYS(sys_vhangup	, 0)
2120 	MIPS_SYS(sys_ni_syscall	, 0)	/* was sys_idle() */
2121 	MIPS_SYS(sys_ni_syscall	, 0)	/* was sys_vm86 */
2122 	MIPS_SYS(sys_wait4	, 4)
2123 	MIPS_SYS(sys_swapoff	, 1)	/* 4115 */
2124 	MIPS_SYS(sys_sysinfo	, 1)
2125 	MIPS_SYS(sys_ipc		, 6)
2126 	MIPS_SYS(sys_fsync	, 1)
2127 	MIPS_SYS(sys_sigreturn	, 0)
2128 	MIPS_SYS(sys_clone	, 6)	/* 4120 */
2129 	MIPS_SYS(sys_setdomainname, 2)
2130 	MIPS_SYS(sys_newuname	, 1)
2131 	MIPS_SYS(sys_ni_syscall	, 0)	/* sys_modify_ldt */
2132 	MIPS_SYS(sys_adjtimex	, 1)
2133 	MIPS_SYS(sys_mprotect	, 3)	/* 4125 */
2134 	MIPS_SYS(sys_sigprocmask	, 3)
2135 	MIPS_SYS(sys_ni_syscall	, 0)	/* was create_module */
2136 	MIPS_SYS(sys_init_module	, 5)
2137 	MIPS_SYS(sys_delete_module, 1)
2138 	MIPS_SYS(sys_ni_syscall	, 0)	/* 4130	was get_kernel_syms */
2139 	MIPS_SYS(sys_quotactl	, 0)
2140 	MIPS_SYS(sys_getpgid	, 1)
2141 	MIPS_SYS(sys_fchdir	, 1)
2142 	MIPS_SYS(sys_bdflush	, 2)
2143 	MIPS_SYS(sys_sysfs	, 3)	/* 4135 */
2144 	MIPS_SYS(sys_personality	, 1)
2145 	MIPS_SYS(sys_ni_syscall	, 0)	/* for afs_syscall */
2146 	MIPS_SYS(sys_setfsuid	, 1)
2147 	MIPS_SYS(sys_setfsgid	, 1)
2148 	MIPS_SYS(sys_llseek	, 5)	/* 4140 */
2149 	MIPS_SYS(sys_getdents	, 3)
2150 	MIPS_SYS(sys_select	, 5)
2151 	MIPS_SYS(sys_flock	, 2)
2152 	MIPS_SYS(sys_msync	, 3)
2153 	MIPS_SYS(sys_readv	, 3)	/* 4145 */
2154 	MIPS_SYS(sys_writev	, 3)
2155 	MIPS_SYS(sys_cacheflush	, 3)
2156 	MIPS_SYS(sys_cachectl	, 3)
2157 	MIPS_SYS(sys_sysmips	, 4)
2158 	MIPS_SYS(sys_ni_syscall	, 0)	/* 4150 */
2159 	MIPS_SYS(sys_getsid	, 1)
2160 	MIPS_SYS(sys_fdatasync	, 0)
2161 	MIPS_SYS(sys_sysctl	, 1)
2162 	MIPS_SYS(sys_mlock	, 2)
2163 	MIPS_SYS(sys_munlock	, 2)	/* 4155 */
2164 	MIPS_SYS(sys_mlockall	, 1)
2165 	MIPS_SYS(sys_munlockall	, 0)
2166 	MIPS_SYS(sys_sched_setparam, 2)
2167 	MIPS_SYS(sys_sched_getparam, 2)
2168 	MIPS_SYS(sys_sched_setscheduler, 3)	/* 4160 */
2169 	MIPS_SYS(sys_sched_getscheduler, 1)
2170 	MIPS_SYS(sys_sched_yield	, 0)
2171 	MIPS_SYS(sys_sched_get_priority_max, 1)
2172 	MIPS_SYS(sys_sched_get_priority_min, 1)
2173 	MIPS_SYS(sys_sched_rr_get_interval, 2)	/* 4165 */
2174 	MIPS_SYS(sys_nanosleep,	2)
2175 	MIPS_SYS(sys_mremap	, 5)
2176 	MIPS_SYS(sys_accept	, 3)
2177 	MIPS_SYS(sys_bind	, 3)
2178 	MIPS_SYS(sys_connect	, 3)	/* 4170 */
2179 	MIPS_SYS(sys_getpeername	, 3)
2180 	MIPS_SYS(sys_getsockname	, 3)
2181 	MIPS_SYS(sys_getsockopt	, 5)
2182 	MIPS_SYS(sys_listen	, 2)
2183 	MIPS_SYS(sys_recv	, 4)	/* 4175 */
2184 	MIPS_SYS(sys_recvfrom	, 6)
2185 	MIPS_SYS(sys_recvmsg	, 3)
2186 	MIPS_SYS(sys_send	, 4)
2187 	MIPS_SYS(sys_sendmsg	, 3)
2188 	MIPS_SYS(sys_sendto	, 6)	/* 4180 */
2189 	MIPS_SYS(sys_setsockopt	, 5)
2190 	MIPS_SYS(sys_shutdown	, 2)
2191 	MIPS_SYS(sys_socket	, 3)
2192 	MIPS_SYS(sys_socketpair	, 4)
2193 	MIPS_SYS(sys_setresuid	, 3)	/* 4185 */
2194 	MIPS_SYS(sys_getresuid	, 3)
2195 	MIPS_SYS(sys_ni_syscall	, 0)	/* was sys_query_module */
2196 	MIPS_SYS(sys_poll	, 3)
2197 	MIPS_SYS(sys_nfsservctl	, 3)
2198 	MIPS_SYS(sys_setresgid	, 3)	/* 4190 */
2199 	MIPS_SYS(sys_getresgid	, 3)
2200 	MIPS_SYS(sys_prctl	, 5)
2201 	MIPS_SYS(sys_rt_sigreturn, 0)
2202 	MIPS_SYS(sys_rt_sigaction, 4)
2203 	MIPS_SYS(sys_rt_sigprocmask, 4)	/* 4195 */
2204 	MIPS_SYS(sys_rt_sigpending, 2)
2205 	MIPS_SYS(sys_rt_sigtimedwait, 4)
2206 	MIPS_SYS(sys_rt_sigqueueinfo, 3)
2207 	MIPS_SYS(sys_rt_sigsuspend, 0)
2208 	MIPS_SYS(sys_pread64	, 6)	/* 4200 */
2209 	MIPS_SYS(sys_pwrite64	, 6)
2210 	MIPS_SYS(sys_chown	, 3)
2211 	MIPS_SYS(sys_getcwd	, 2)
2212 	MIPS_SYS(sys_capget	, 2)
2213 	MIPS_SYS(sys_capset	, 2)	/* 4205 */
2214 	MIPS_SYS(sys_sigaltstack	, 2)
2215 	MIPS_SYS(sys_sendfile	, 4)
2216 	MIPS_SYS(sys_ni_syscall	, 0)
2217 	MIPS_SYS(sys_ni_syscall	, 0)
2218 	MIPS_SYS(sys_mmap2	, 6)	/* 4210 */
2219 	MIPS_SYS(sys_truncate64	, 4)
2220 	MIPS_SYS(sys_ftruncate64	, 4)
2221 	MIPS_SYS(sys_stat64	, 2)
2222 	MIPS_SYS(sys_lstat64	, 2)
2223 	MIPS_SYS(sys_fstat64	, 2)	/* 4215 */
2224 	MIPS_SYS(sys_pivot_root	, 2)
2225 	MIPS_SYS(sys_mincore	, 3)
2226 	MIPS_SYS(sys_madvise	, 3)
2227 	MIPS_SYS(sys_getdents64	, 3)
2228 	MIPS_SYS(sys_fcntl64	, 3)	/* 4220 */
2229 	MIPS_SYS(sys_ni_syscall	, 0)
2230 	MIPS_SYS(sys_gettid	, 0)
2231 	MIPS_SYS(sys_readahead	, 5)
2232 	MIPS_SYS(sys_setxattr	, 5)
2233 	MIPS_SYS(sys_lsetxattr	, 5)	/* 4225 */
2234 	MIPS_SYS(sys_fsetxattr	, 5)
2235 	MIPS_SYS(sys_getxattr	, 4)
2236 	MIPS_SYS(sys_lgetxattr	, 4)
2237 	MIPS_SYS(sys_fgetxattr	, 4)
2238 	MIPS_SYS(sys_listxattr	, 3)	/* 4230 */
2239 	MIPS_SYS(sys_llistxattr	, 3)
2240 	MIPS_SYS(sys_flistxattr	, 3)
2241 	MIPS_SYS(sys_removexattr	, 2)
2242 	MIPS_SYS(sys_lremovexattr, 2)
2243 	MIPS_SYS(sys_fremovexattr, 2)	/* 4235 */
2244 	MIPS_SYS(sys_tkill	, 2)
2245 	MIPS_SYS(sys_sendfile64	, 5)
2246 	MIPS_SYS(sys_futex	, 6)
2247 	MIPS_SYS(sys_sched_setaffinity, 3)
2248 	MIPS_SYS(sys_sched_getaffinity, 3)	/* 4240 */
2249 	MIPS_SYS(sys_io_setup	, 2)
2250 	MIPS_SYS(sys_io_destroy	, 1)
2251 	MIPS_SYS(sys_io_getevents, 5)
2252 	MIPS_SYS(sys_io_submit	, 3)
2253 	MIPS_SYS(sys_io_cancel	, 3)	/* 4245 */
2254 	MIPS_SYS(sys_exit_group	, 1)
2255 	MIPS_SYS(sys_lookup_dcookie, 3)
2256 	MIPS_SYS(sys_epoll_create, 1)
2257 	MIPS_SYS(sys_epoll_ctl	, 4)
2258 	MIPS_SYS(sys_epoll_wait	, 3)	/* 4250 */
2259 	MIPS_SYS(sys_remap_file_pages, 5)
2260 	MIPS_SYS(sys_set_tid_address, 1)
2261 	MIPS_SYS(sys_restart_syscall, 0)
2262 	MIPS_SYS(sys_fadvise64_64, 7)
2263 	MIPS_SYS(sys_statfs64	, 3)	/* 4255 */
2264 	MIPS_SYS(sys_fstatfs64	, 2)
2265 	MIPS_SYS(sys_timer_create, 3)
2266 	MIPS_SYS(sys_timer_settime, 4)
2267 	MIPS_SYS(sys_timer_gettime, 2)
2268 	MIPS_SYS(sys_timer_getoverrun, 1)	/* 4260 */
2269 	MIPS_SYS(sys_timer_delete, 1)
2270 	MIPS_SYS(sys_clock_settime, 2)
2271 	MIPS_SYS(sys_clock_gettime, 2)
2272 	MIPS_SYS(sys_clock_getres, 2)
2273 	MIPS_SYS(sys_clock_nanosleep, 4)	/* 4265 */
2274 	MIPS_SYS(sys_tgkill	, 3)
2275 	MIPS_SYS(sys_utimes	, 2)
2276 	MIPS_SYS(sys_mbind	, 4)
2277 	MIPS_SYS(sys_ni_syscall	, 0)	/* sys_get_mempolicy */
2278 	MIPS_SYS(sys_ni_syscall	, 0)	/* 4270 sys_set_mempolicy */
2279 	MIPS_SYS(sys_mq_open	, 4)
2280 	MIPS_SYS(sys_mq_unlink	, 1)
2281 	MIPS_SYS(sys_mq_timedsend, 5)
2282 	MIPS_SYS(sys_mq_timedreceive, 5)
2283 	MIPS_SYS(sys_mq_notify	, 2)	/* 4275 */
2284 	MIPS_SYS(sys_mq_getsetattr, 3)
2285 	MIPS_SYS(sys_ni_syscall	, 0)	/* sys_vserver */
2286 	MIPS_SYS(sys_waitid	, 4)
2287 	MIPS_SYS(sys_ni_syscall	, 0)	/* available, was setaltroot */
2288 	MIPS_SYS(sys_add_key	, 5)
2289 	MIPS_SYS(sys_request_key, 4)
2290 	MIPS_SYS(sys_keyctl	, 5)
2291 	MIPS_SYS(sys_set_thread_area, 1)
2292 	MIPS_SYS(sys_inotify_init, 0)
2293 	MIPS_SYS(sys_inotify_add_watch, 3) /* 4285 */
2294 	MIPS_SYS(sys_inotify_rm_watch, 2)
2295 	MIPS_SYS(sys_migrate_pages, 4)
2296 	MIPS_SYS(sys_openat, 4)
2297 	MIPS_SYS(sys_mkdirat, 3)
2298 	MIPS_SYS(sys_mknodat, 4)	/* 4290 */
2299 	MIPS_SYS(sys_fchownat, 5)
2300 	MIPS_SYS(sys_futimesat, 3)
2301 	MIPS_SYS(sys_fstatat64, 4)
2302 	MIPS_SYS(sys_unlinkat, 3)
2303 	MIPS_SYS(sys_renameat, 4)	/* 4295 */
2304 	MIPS_SYS(sys_linkat, 5)
2305 	MIPS_SYS(sys_symlinkat, 3)
2306 	MIPS_SYS(sys_readlinkat, 4)
2307 	MIPS_SYS(sys_fchmodat, 3)
2308 	MIPS_SYS(sys_faccessat, 3)	/* 4300 */
2309 	MIPS_SYS(sys_pselect6, 6)
2310 	MIPS_SYS(sys_ppoll, 5)
2311 	MIPS_SYS(sys_unshare, 1)
2312 	MIPS_SYS(sys_splice, 6)
2313 	MIPS_SYS(sys_sync_file_range, 7) /* 4305 */
2314 	MIPS_SYS(sys_tee, 4)
2315 	MIPS_SYS(sys_vmsplice, 4)
2316 	MIPS_SYS(sys_move_pages, 6)
2317 	MIPS_SYS(sys_set_robust_list, 2)
2318 	MIPS_SYS(sys_get_robust_list, 3) /* 4310 */
2319 	MIPS_SYS(sys_kexec_load, 4)
2320 	MIPS_SYS(sys_getcpu, 3)
2321 	MIPS_SYS(sys_epoll_pwait, 6)
2322 	MIPS_SYS(sys_ioprio_set, 3)
2323 	MIPS_SYS(sys_ioprio_get, 2)
2324         MIPS_SYS(sys_utimensat, 4)
2325         MIPS_SYS(sys_signalfd, 3)
2326         MIPS_SYS(sys_ni_syscall, 0)     /* was timerfd */
2327         MIPS_SYS(sys_eventfd, 1)
2328         MIPS_SYS(sys_fallocate, 6)      /* 4320 */
2329         MIPS_SYS(sys_timerfd_create, 2)
2330         MIPS_SYS(sys_timerfd_gettime, 2)
2331         MIPS_SYS(sys_timerfd_settime, 4)
2332         MIPS_SYS(sys_signalfd4, 4)
2333         MIPS_SYS(sys_eventfd2, 2)       /* 4325 */
2334         MIPS_SYS(sys_epoll_create1, 1)
2335         MIPS_SYS(sys_dup3, 3)
2336         MIPS_SYS(sys_pipe2, 2)
2337         MIPS_SYS(sys_inotify_init1, 1)
2338         MIPS_SYS(sys_preadv, 6)         /* 4330 */
2339         MIPS_SYS(sys_pwritev, 6)
2340         MIPS_SYS(sys_rt_tgsigqueueinfo, 4)
2341         MIPS_SYS(sys_perf_event_open, 5)
2342         MIPS_SYS(sys_accept4, 4)
2343         MIPS_SYS(sys_recvmmsg, 5)       /* 4335 */
2344         MIPS_SYS(sys_fanotify_init, 2)
2345         MIPS_SYS(sys_fanotify_mark, 6)
2346         MIPS_SYS(sys_prlimit64, 4)
2347         MIPS_SYS(sys_name_to_handle_at, 5)
2348         MIPS_SYS(sys_open_by_handle_at, 3) /* 4340 */
2349         MIPS_SYS(sys_clock_adjtime, 2)
2350         MIPS_SYS(sys_syncfs, 1)
2351 };
2352 #  undef MIPS_SYS
2353 # endif /* O32 */
2354 
2355 static int do_store_exclusive(CPUMIPSState *env)
2356 {
2357     target_ulong addr;
2358     target_ulong page_addr;
2359     target_ulong val;
2360     int flags;
2361     int segv = 0;
2362     int reg;
2363     int d;
2364 
2365     addr = env->lladdr;
2366     page_addr = addr & TARGET_PAGE_MASK;
2367     start_exclusive();
2368     mmap_lock();
2369     flags = page_get_flags(page_addr);
2370     if ((flags & PAGE_READ) == 0) {
2371         segv = 1;
2372     } else {
2373         reg = env->llreg & 0x1f;
2374         d = (env->llreg & 0x20) != 0;
2375         if (d) {
2376             segv = get_user_s64(val, addr);
2377         } else {
2378             segv = get_user_s32(val, addr);
2379         }
2380         if (!segv) {
2381             if (val != env->llval) {
2382                 env->active_tc.gpr[reg] = 0;
2383             } else {
2384                 if (d) {
2385                     segv = put_user_u64(env->llnewval, addr);
2386                 } else {
2387                     segv = put_user_u32(env->llnewval, addr);
2388                 }
2389                 if (!segv) {
2390                     env->active_tc.gpr[reg] = 1;
2391                 }
2392             }
2393         }
2394     }
2395     env->lladdr = -1;
2396     if (!segv) {
2397         env->active_tc.PC += 4;
2398     }
2399     mmap_unlock();
2400     end_exclusive();
2401     return segv;
2402 }
2403 
2404 /* Break codes */
2405 enum {
2406     BRK_OVERFLOW = 6,
2407     BRK_DIVZERO = 7
2408 };
2409 
2410 static int do_break(CPUMIPSState *env, target_siginfo_t *info,
2411                     unsigned int code)
2412 {
2413     int ret = -1;
2414 
2415     switch (code) {
2416     case BRK_OVERFLOW:
2417     case BRK_DIVZERO:
2418         info->si_signo = TARGET_SIGFPE;
2419         info->si_errno = 0;
2420         info->si_code = (code == BRK_OVERFLOW) ? FPE_INTOVF : FPE_INTDIV;
2421         queue_signal(env, info->si_signo, &*info);
2422         ret = 0;
2423         break;
2424     default:
2425         info->si_signo = TARGET_SIGTRAP;
2426         info->si_errno = 0;
2427         queue_signal(env, info->si_signo, &*info);
2428         ret = 0;
2429         break;
2430     }
2431 
2432     return ret;
2433 }
2434 
2435 void cpu_loop(CPUMIPSState *env)
2436 {
2437     CPUState *cs = CPU(mips_env_get_cpu(env));
2438     target_siginfo_t info;
2439     int trapnr;
2440     abi_long ret;
2441 # ifdef TARGET_ABI_MIPSO32
2442     unsigned int syscall_num;
2443 # endif
2444 
2445     for(;;) {
2446         cpu_exec_start(cs);
2447         trapnr = cpu_mips_exec(cs);
2448         cpu_exec_end(cs);
2449         switch(trapnr) {
2450         case EXCP_SYSCALL:
2451             env->active_tc.PC += 4;
2452 # ifdef TARGET_ABI_MIPSO32
2453             syscall_num = env->active_tc.gpr[2] - 4000;
2454             if (syscall_num >= sizeof(mips_syscall_args)) {
2455                 ret = -TARGET_ENOSYS;
2456             } else {
2457                 int nb_args;
2458                 abi_ulong sp_reg;
2459                 abi_ulong arg5 = 0, arg6 = 0, arg7 = 0, arg8 = 0;
2460 
2461                 nb_args = mips_syscall_args[syscall_num];
2462                 sp_reg = env->active_tc.gpr[29];
2463                 switch (nb_args) {
2464                 /* these arguments are taken from the stack */
2465                 case 8:
2466                     if ((ret = get_user_ual(arg8, sp_reg + 28)) != 0) {
2467                         goto done_syscall;
2468                     }
2469                 case 7:
2470                     if ((ret = get_user_ual(arg7, sp_reg + 24)) != 0) {
2471                         goto done_syscall;
2472                     }
2473                 case 6:
2474                     if ((ret = get_user_ual(arg6, sp_reg + 20)) != 0) {
2475                         goto done_syscall;
2476                     }
2477                 case 5:
2478                     if ((ret = get_user_ual(arg5, sp_reg + 16)) != 0) {
2479                         goto done_syscall;
2480                     }
2481                 default:
2482                     break;
2483                 }
2484                 ret = do_syscall(env, env->active_tc.gpr[2],
2485                                  env->active_tc.gpr[4],
2486                                  env->active_tc.gpr[5],
2487                                  env->active_tc.gpr[6],
2488                                  env->active_tc.gpr[7],
2489                                  arg5, arg6, arg7, arg8);
2490             }
2491 done_syscall:
2492 # else
2493             ret = do_syscall(env, env->active_tc.gpr[2],
2494                              env->active_tc.gpr[4], env->active_tc.gpr[5],
2495                              env->active_tc.gpr[6], env->active_tc.gpr[7],
2496                              env->active_tc.gpr[8], env->active_tc.gpr[9],
2497                              env->active_tc.gpr[10], env->active_tc.gpr[11]);
2498 # endif /* O32 */
2499             if (ret == -TARGET_QEMU_ESIGRETURN) {
2500                 /* Returning from a successful sigreturn syscall.
2501                    Avoid clobbering register state.  */
2502                 break;
2503             }
2504             if ((abi_ulong)ret >= (abi_ulong)-1133) {
2505                 env->active_tc.gpr[7] = 1; /* error flag */
2506                 ret = -ret;
2507             } else {
2508                 env->active_tc.gpr[7] = 0; /* error flag */
2509             }
2510             env->active_tc.gpr[2] = ret;
2511             break;
2512         case EXCP_TLBL:
2513         case EXCP_TLBS:
2514         case EXCP_AdEL:
2515         case EXCP_AdES:
2516             info.si_signo = TARGET_SIGSEGV;
2517             info.si_errno = 0;
2518             /* XXX: check env->error_code */
2519             info.si_code = TARGET_SEGV_MAPERR;
2520             info._sifields._sigfault._addr = env->CP0_BadVAddr;
2521             queue_signal(env, info.si_signo, &info);
2522             break;
2523         case EXCP_CpU:
2524         case EXCP_RI:
2525             info.si_signo = TARGET_SIGILL;
2526             info.si_errno = 0;
2527             info.si_code = 0;
2528             queue_signal(env, info.si_signo, &info);
2529             break;
2530         case EXCP_INTERRUPT:
2531             /* just indicate that signals should be handled asap */
2532             break;
2533         case EXCP_DEBUG:
2534             {
2535                 int sig;
2536 
2537                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
2538                 if (sig)
2539                   {
2540                     info.si_signo = sig;
2541                     info.si_errno = 0;
2542                     info.si_code = TARGET_TRAP_BRKPT;
2543                     queue_signal(env, info.si_signo, &info);
2544                   }
2545             }
2546             break;
2547         case EXCP_SC:
2548             if (do_store_exclusive(env)) {
2549                 info.si_signo = TARGET_SIGSEGV;
2550                 info.si_errno = 0;
2551                 info.si_code = TARGET_SEGV_MAPERR;
2552                 info._sifields._sigfault._addr = env->active_tc.PC;
2553                 queue_signal(env, info.si_signo, &info);
2554             }
2555             break;
2556         case EXCP_DSPDIS:
2557             info.si_signo = TARGET_SIGILL;
2558             info.si_errno = 0;
2559             info.si_code = TARGET_ILL_ILLOPC;
2560             queue_signal(env, info.si_signo, &info);
2561             break;
2562         /* The code below was inspired by the MIPS Linux kernel trap
2563          * handling code in arch/mips/kernel/traps.c.
2564          */
2565         case EXCP_BREAK:
2566             {
2567                 abi_ulong trap_instr;
2568                 unsigned int code;
2569 
2570                 if (env->hflags & MIPS_HFLAG_M16) {
2571                     if (env->insn_flags & ASE_MICROMIPS) {
2572                         /* microMIPS mode */
2573                         ret = get_user_u16(trap_instr, env->active_tc.PC);
2574                         if (ret != 0) {
2575                             goto error;
2576                         }
2577 
2578                         if ((trap_instr >> 10) == 0x11) {
2579                             /* 16-bit instruction */
2580                             code = trap_instr & 0xf;
2581                         } else {
2582                             /* 32-bit instruction */
2583                             abi_ulong instr_lo;
2584 
2585                             ret = get_user_u16(instr_lo,
2586                                                env->active_tc.PC + 2);
2587                             if (ret != 0) {
2588                                 goto error;
2589                             }
2590                             trap_instr = (trap_instr << 16) | instr_lo;
2591                             code = ((trap_instr >> 6) & ((1 << 20) - 1));
2592                             /* Unfortunately, microMIPS also suffers from
2593                                the old assembler bug...  */
2594                             if (code >= (1 << 10)) {
2595                                 code >>= 10;
2596                             }
2597                         }
2598                     } else {
2599                         /* MIPS16e mode */
2600                         ret = get_user_u16(trap_instr, env->active_tc.PC);
2601                         if (ret != 0) {
2602                             goto error;
2603                         }
2604                         code = (trap_instr >> 6) & 0x3f;
2605                     }
2606                 } else {
2607                     ret = get_user_u32(trap_instr, env->active_tc.PC);
2608                     if (ret != 0) {
2609                         goto error;
2610                     }
2611 
2612                     /* As described in the original Linux kernel code, the
2613                      * below checks on 'code' are to work around an old
2614                      * assembly bug.
2615                      */
2616                     code = ((trap_instr >> 6) & ((1 << 20) - 1));
2617                     if (code >= (1 << 10)) {
2618                         code >>= 10;
2619                     }
2620                 }
2621 
2622                 if (do_break(env, &info, code) != 0) {
2623                     goto error;
2624                 }
2625             }
2626             break;
2627         case EXCP_TRAP:
2628             {
2629                 abi_ulong trap_instr;
2630                 unsigned int code = 0;
2631 
2632                 if (env->hflags & MIPS_HFLAG_M16) {
2633                     /* microMIPS mode */
2634                     abi_ulong instr[2];
2635 
2636                     ret = get_user_u16(instr[0], env->active_tc.PC) ||
2637                           get_user_u16(instr[1], env->active_tc.PC + 2);
2638 
2639                     trap_instr = (instr[0] << 16) | instr[1];
2640                 } else {
2641                     ret = get_user_u32(trap_instr, env->active_tc.PC);
2642                 }
2643 
2644                 if (ret != 0) {
2645                     goto error;
2646                 }
2647 
2648                 /* The immediate versions don't provide a code.  */
2649                 if (!(trap_instr & 0xFC000000)) {
2650                     if (env->hflags & MIPS_HFLAG_M16) {
2651                         /* microMIPS mode */
2652                         code = ((trap_instr >> 12) & ((1 << 4) - 1));
2653                     } else {
2654                         code = ((trap_instr >> 6) & ((1 << 10) - 1));
2655                     }
2656                 }
2657 
2658                 if (do_break(env, &info, code) != 0) {
2659                     goto error;
2660                 }
2661             }
2662             break;
2663         default:
2664 error:
2665             EXCP_DUMP(env, "qemu: unhandled CPU exception 0x%x - aborting\n", trapnr);
2666             abort();
2667         }
2668         process_pending_signals(env);
2669     }
2670 }
2671 #endif
2672 
2673 #ifdef TARGET_OPENRISC
2674 
2675 void cpu_loop(CPUOpenRISCState *env)
2676 {
2677     CPUState *cs = CPU(openrisc_env_get_cpu(env));
2678     int trapnr, gdbsig;
2679 
2680     for (;;) {
2681         cpu_exec_start(cs);
2682         trapnr = cpu_openrisc_exec(cs);
2683         cpu_exec_end(cs);
2684         gdbsig = 0;
2685 
2686         switch (trapnr) {
2687         case EXCP_RESET:
2688             qemu_log_mask(CPU_LOG_INT, "\nReset request, exit, pc is %#x\n", env->pc);
2689             exit(EXIT_FAILURE);
2690             break;
2691         case EXCP_BUSERR:
2692             qemu_log_mask(CPU_LOG_INT, "\nBus error, exit, pc is %#x\n", env->pc);
2693             gdbsig = TARGET_SIGBUS;
2694             break;
2695         case EXCP_DPF:
2696         case EXCP_IPF:
2697             cpu_dump_state(cs, stderr, fprintf, 0);
2698             gdbsig = TARGET_SIGSEGV;
2699             break;
2700         case EXCP_TICK:
2701             qemu_log_mask(CPU_LOG_INT, "\nTick time interrupt pc is %#x\n", env->pc);
2702             break;
2703         case EXCP_ALIGN:
2704             qemu_log_mask(CPU_LOG_INT, "\nAlignment pc is %#x\n", env->pc);
2705             gdbsig = TARGET_SIGBUS;
2706             break;
2707         case EXCP_ILLEGAL:
2708             qemu_log_mask(CPU_LOG_INT, "\nIllegal instructionpc is %#x\n", env->pc);
2709             gdbsig = TARGET_SIGILL;
2710             break;
2711         case EXCP_INT:
2712             qemu_log_mask(CPU_LOG_INT, "\nExternal interruptpc is %#x\n", env->pc);
2713             break;
2714         case EXCP_DTLBMISS:
2715         case EXCP_ITLBMISS:
2716             qemu_log_mask(CPU_LOG_INT, "\nTLB miss\n");
2717             break;
2718         case EXCP_RANGE:
2719             qemu_log_mask(CPU_LOG_INT, "\nRange\n");
2720             gdbsig = TARGET_SIGSEGV;
2721             break;
2722         case EXCP_SYSCALL:
2723             env->pc += 4;   /* 0xc00; */
2724             env->gpr[11] = do_syscall(env,
2725                                       env->gpr[11], /* return value       */
2726                                       env->gpr[3],  /* r3 - r7 are params */
2727                                       env->gpr[4],
2728                                       env->gpr[5],
2729                                       env->gpr[6],
2730                                       env->gpr[7],
2731                                       env->gpr[8], 0, 0);
2732             break;
2733         case EXCP_FPE:
2734             qemu_log_mask(CPU_LOG_INT, "\nFloating point error\n");
2735             break;
2736         case EXCP_TRAP:
2737             qemu_log_mask(CPU_LOG_INT, "\nTrap\n");
2738             gdbsig = TARGET_SIGTRAP;
2739             break;
2740         case EXCP_NR:
2741             qemu_log_mask(CPU_LOG_INT, "\nNR\n");
2742             break;
2743         default:
2744             EXCP_DUMP(env, "\nqemu: unhandled CPU exception %#x - aborting\n",
2745                      trapnr);
2746             gdbsig = TARGET_SIGILL;
2747             break;
2748         }
2749         if (gdbsig) {
2750             gdb_handlesig(cs, gdbsig);
2751             if (gdbsig != TARGET_SIGTRAP) {
2752                 exit(EXIT_FAILURE);
2753             }
2754         }
2755 
2756         process_pending_signals(env);
2757     }
2758 }
2759 
2760 #endif /* TARGET_OPENRISC */
2761 
2762 #ifdef TARGET_SH4
2763 void cpu_loop(CPUSH4State *env)
2764 {
2765     CPUState *cs = CPU(sh_env_get_cpu(env));
2766     int trapnr, ret;
2767     target_siginfo_t info;
2768 
2769     while (1) {
2770         cpu_exec_start(cs);
2771         trapnr = cpu_sh4_exec(cs);
2772         cpu_exec_end(cs);
2773 
2774         switch (trapnr) {
2775         case 0x160:
2776             env->pc += 2;
2777             ret = do_syscall(env,
2778                              env->gregs[3],
2779                              env->gregs[4],
2780                              env->gregs[5],
2781                              env->gregs[6],
2782                              env->gregs[7],
2783                              env->gregs[0],
2784                              env->gregs[1],
2785                              0, 0);
2786             env->gregs[0] = ret;
2787             break;
2788         case EXCP_INTERRUPT:
2789             /* just indicate that signals should be handled asap */
2790             break;
2791         case EXCP_DEBUG:
2792             {
2793                 int sig;
2794 
2795                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
2796                 if (sig)
2797                   {
2798                     info.si_signo = sig;
2799                     info.si_errno = 0;
2800                     info.si_code = TARGET_TRAP_BRKPT;
2801                     queue_signal(env, info.si_signo, &info);
2802                   }
2803             }
2804             break;
2805 	case 0xa0:
2806 	case 0xc0:
2807             info.si_signo = TARGET_SIGSEGV;
2808             info.si_errno = 0;
2809             info.si_code = TARGET_SEGV_MAPERR;
2810             info._sifields._sigfault._addr = env->tea;
2811             queue_signal(env, info.si_signo, &info);
2812 	    break;
2813 
2814         default:
2815             printf ("Unhandled trap: 0x%x\n", trapnr);
2816             cpu_dump_state(cs, stderr, fprintf, 0);
2817             exit(EXIT_FAILURE);
2818         }
2819         process_pending_signals (env);
2820     }
2821 }
2822 #endif
2823 
2824 #ifdef TARGET_CRIS
2825 void cpu_loop(CPUCRISState *env)
2826 {
2827     CPUState *cs = CPU(cris_env_get_cpu(env));
2828     int trapnr, ret;
2829     target_siginfo_t info;
2830 
2831     while (1) {
2832         cpu_exec_start(cs);
2833         trapnr = cpu_cris_exec(cs);
2834         cpu_exec_end(cs);
2835         switch (trapnr) {
2836         case 0xaa:
2837             {
2838                 info.si_signo = TARGET_SIGSEGV;
2839                 info.si_errno = 0;
2840                 /* XXX: check env->error_code */
2841                 info.si_code = TARGET_SEGV_MAPERR;
2842                 info._sifields._sigfault._addr = env->pregs[PR_EDA];
2843                 queue_signal(env, info.si_signo, &info);
2844             }
2845             break;
2846 	case EXCP_INTERRUPT:
2847 	  /* just indicate that signals should be handled asap */
2848 	  break;
2849         case EXCP_BREAK:
2850             ret = do_syscall(env,
2851                              env->regs[9],
2852                              env->regs[10],
2853                              env->regs[11],
2854                              env->regs[12],
2855                              env->regs[13],
2856                              env->pregs[7],
2857                              env->pregs[11],
2858                              0, 0);
2859             env->regs[10] = ret;
2860             break;
2861         case EXCP_DEBUG:
2862             {
2863                 int sig;
2864 
2865                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
2866                 if (sig)
2867                   {
2868                     info.si_signo = sig;
2869                     info.si_errno = 0;
2870                     info.si_code = TARGET_TRAP_BRKPT;
2871                     queue_signal(env, info.si_signo, &info);
2872                   }
2873             }
2874             break;
2875         default:
2876             printf ("Unhandled trap: 0x%x\n", trapnr);
2877             cpu_dump_state(cs, stderr, fprintf, 0);
2878             exit(EXIT_FAILURE);
2879         }
2880         process_pending_signals (env);
2881     }
2882 }
2883 #endif
2884 
2885 #ifdef TARGET_MICROBLAZE
2886 void cpu_loop(CPUMBState *env)
2887 {
2888     CPUState *cs = CPU(mb_env_get_cpu(env));
2889     int trapnr, ret;
2890     target_siginfo_t info;
2891 
2892     while (1) {
2893         cpu_exec_start(cs);
2894         trapnr = cpu_mb_exec(cs);
2895         cpu_exec_end(cs);
2896         switch (trapnr) {
2897         case 0xaa:
2898             {
2899                 info.si_signo = TARGET_SIGSEGV;
2900                 info.si_errno = 0;
2901                 /* XXX: check env->error_code */
2902                 info.si_code = TARGET_SEGV_MAPERR;
2903                 info._sifields._sigfault._addr = 0;
2904                 queue_signal(env, info.si_signo, &info);
2905             }
2906             break;
2907 	case EXCP_INTERRUPT:
2908 	  /* just indicate that signals should be handled asap */
2909 	  break;
2910         case EXCP_BREAK:
2911             /* Return address is 4 bytes after the call.  */
2912             env->regs[14] += 4;
2913             env->sregs[SR_PC] = env->regs[14];
2914             ret = do_syscall(env,
2915                              env->regs[12],
2916                              env->regs[5],
2917                              env->regs[6],
2918                              env->regs[7],
2919                              env->regs[8],
2920                              env->regs[9],
2921                              env->regs[10],
2922                              0, 0);
2923             env->regs[3] = ret;
2924             break;
2925         case EXCP_HW_EXCP:
2926             env->regs[17] = env->sregs[SR_PC] + 4;
2927             if (env->iflags & D_FLAG) {
2928                 env->sregs[SR_ESR] |= 1 << 12;
2929                 env->sregs[SR_PC] -= 4;
2930                 /* FIXME: if branch was immed, replay the imm as well.  */
2931             }
2932 
2933             env->iflags &= ~(IMM_FLAG | D_FLAG);
2934 
2935             switch (env->sregs[SR_ESR] & 31) {
2936                 case ESR_EC_DIVZERO:
2937                     info.si_signo = TARGET_SIGFPE;
2938                     info.si_errno = 0;
2939                     info.si_code = TARGET_FPE_FLTDIV;
2940                     info._sifields._sigfault._addr = 0;
2941                     queue_signal(env, info.si_signo, &info);
2942                     break;
2943                 case ESR_EC_FPU:
2944                     info.si_signo = TARGET_SIGFPE;
2945                     info.si_errno = 0;
2946                     if (env->sregs[SR_FSR] & FSR_IO) {
2947                         info.si_code = TARGET_FPE_FLTINV;
2948                     }
2949                     if (env->sregs[SR_FSR] & FSR_DZ) {
2950                         info.si_code = TARGET_FPE_FLTDIV;
2951                     }
2952                     info._sifields._sigfault._addr = 0;
2953                     queue_signal(env, info.si_signo, &info);
2954                     break;
2955                 default:
2956                     printf ("Unhandled hw-exception: 0x%x\n",
2957                             env->sregs[SR_ESR] & ESR_EC_MASK);
2958                     cpu_dump_state(cs, stderr, fprintf, 0);
2959                     exit(EXIT_FAILURE);
2960                     break;
2961             }
2962             break;
2963         case EXCP_DEBUG:
2964             {
2965                 int sig;
2966 
2967                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
2968                 if (sig)
2969                   {
2970                     info.si_signo = sig;
2971                     info.si_errno = 0;
2972                     info.si_code = TARGET_TRAP_BRKPT;
2973                     queue_signal(env, info.si_signo, &info);
2974                   }
2975             }
2976             break;
2977         default:
2978             printf ("Unhandled trap: 0x%x\n", trapnr);
2979             cpu_dump_state(cs, stderr, fprintf, 0);
2980             exit(EXIT_FAILURE);
2981         }
2982         process_pending_signals (env);
2983     }
2984 }
2985 #endif
2986 
2987 #ifdef TARGET_M68K
2988 
2989 void cpu_loop(CPUM68KState *env)
2990 {
2991     CPUState *cs = CPU(m68k_env_get_cpu(env));
2992     int trapnr;
2993     unsigned int n;
2994     target_siginfo_t info;
2995     TaskState *ts = cs->opaque;
2996 
2997     for(;;) {
2998         cpu_exec_start(cs);
2999         trapnr = cpu_m68k_exec(cs);
3000         cpu_exec_end(cs);
3001         switch(trapnr) {
3002         case EXCP_ILLEGAL:
3003             {
3004                 if (ts->sim_syscalls) {
3005                     uint16_t nr;
3006                     get_user_u16(nr, env->pc + 2);
3007                     env->pc += 4;
3008                     do_m68k_simcall(env, nr);
3009                 } else {
3010                     goto do_sigill;
3011                 }
3012             }
3013             break;
3014         case EXCP_HALT_INSN:
3015             /* Semihosing syscall.  */
3016             env->pc += 4;
3017             do_m68k_semihosting(env, env->dregs[0]);
3018             break;
3019         case EXCP_LINEA:
3020         case EXCP_LINEF:
3021         case EXCP_UNSUPPORTED:
3022         do_sigill:
3023             info.si_signo = TARGET_SIGILL;
3024             info.si_errno = 0;
3025             info.si_code = TARGET_ILL_ILLOPN;
3026             info._sifields._sigfault._addr = env->pc;
3027             queue_signal(env, info.si_signo, &info);
3028             break;
3029         case EXCP_TRAP0:
3030             {
3031                 ts->sim_syscalls = 0;
3032                 n = env->dregs[0];
3033                 env->pc += 2;
3034                 env->dregs[0] = do_syscall(env,
3035                                           n,
3036                                           env->dregs[1],
3037                                           env->dregs[2],
3038                                           env->dregs[3],
3039                                           env->dregs[4],
3040                                           env->dregs[5],
3041                                           env->aregs[0],
3042                                           0, 0);
3043             }
3044             break;
3045         case EXCP_INTERRUPT:
3046             /* just indicate that signals should be handled asap */
3047             break;
3048         case EXCP_ACCESS:
3049             {
3050                 info.si_signo = TARGET_SIGSEGV;
3051                 info.si_errno = 0;
3052                 /* XXX: check env->error_code */
3053                 info.si_code = TARGET_SEGV_MAPERR;
3054                 info._sifields._sigfault._addr = env->mmu.ar;
3055                 queue_signal(env, info.si_signo, &info);
3056             }
3057             break;
3058         case EXCP_DEBUG:
3059             {
3060                 int sig;
3061 
3062                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
3063                 if (sig)
3064                   {
3065                     info.si_signo = sig;
3066                     info.si_errno = 0;
3067                     info.si_code = TARGET_TRAP_BRKPT;
3068                     queue_signal(env, info.si_signo, &info);
3069                   }
3070             }
3071             break;
3072         default:
3073             EXCP_DUMP(env, "qemu: unhandled CPU exception 0x%x - aborting\n", trapnr);
3074             abort();
3075         }
3076         process_pending_signals(env);
3077     }
3078 }
3079 #endif /* TARGET_M68K */
3080 
3081 #ifdef TARGET_ALPHA
3082 static void do_store_exclusive(CPUAlphaState *env, int reg, int quad)
3083 {
3084     target_ulong addr, val, tmp;
3085     target_siginfo_t info;
3086     int ret = 0;
3087 
3088     addr = env->lock_addr;
3089     tmp = env->lock_st_addr;
3090     env->lock_addr = -1;
3091     env->lock_st_addr = 0;
3092 
3093     start_exclusive();
3094     mmap_lock();
3095 
3096     if (addr == tmp) {
3097         if (quad ? get_user_s64(val, addr) : get_user_s32(val, addr)) {
3098             goto do_sigsegv;
3099         }
3100 
3101         if (val == env->lock_value) {
3102             tmp = env->ir[reg];
3103             if (quad ? put_user_u64(tmp, addr) : put_user_u32(tmp, addr)) {
3104                 goto do_sigsegv;
3105             }
3106             ret = 1;
3107         }
3108     }
3109     env->ir[reg] = ret;
3110     env->pc += 4;
3111 
3112     mmap_unlock();
3113     end_exclusive();
3114     return;
3115 
3116  do_sigsegv:
3117     mmap_unlock();
3118     end_exclusive();
3119 
3120     info.si_signo = TARGET_SIGSEGV;
3121     info.si_errno = 0;
3122     info.si_code = TARGET_SEGV_MAPERR;
3123     info._sifields._sigfault._addr = addr;
3124     queue_signal(env, TARGET_SIGSEGV, &info);
3125 }
3126 
3127 void cpu_loop(CPUAlphaState *env)
3128 {
3129     CPUState *cs = CPU(alpha_env_get_cpu(env));
3130     int trapnr;
3131     target_siginfo_t info;
3132     abi_long sysret;
3133 
3134     while (1) {
3135         cpu_exec_start(cs);
3136         trapnr = cpu_alpha_exec(cs);
3137         cpu_exec_end(cs);
3138 
3139         /* All of the traps imply a transition through PALcode, which
3140            implies an REI instruction has been executed.  Which means
3141            that the intr_flag should be cleared.  */
3142         env->intr_flag = 0;
3143 
3144         switch (trapnr) {
3145         case EXCP_RESET:
3146             fprintf(stderr, "Reset requested. Exit\n");
3147             exit(EXIT_FAILURE);
3148             break;
3149         case EXCP_MCHK:
3150             fprintf(stderr, "Machine check exception. Exit\n");
3151             exit(EXIT_FAILURE);
3152             break;
3153         case EXCP_SMP_INTERRUPT:
3154         case EXCP_CLK_INTERRUPT:
3155         case EXCP_DEV_INTERRUPT:
3156             fprintf(stderr, "External interrupt. Exit\n");
3157             exit(EXIT_FAILURE);
3158             break;
3159         case EXCP_MMFAULT:
3160             env->lock_addr = -1;
3161             info.si_signo = TARGET_SIGSEGV;
3162             info.si_errno = 0;
3163             info.si_code = (page_get_flags(env->trap_arg0) & PAGE_VALID
3164                             ? TARGET_SEGV_ACCERR : TARGET_SEGV_MAPERR);
3165             info._sifields._sigfault._addr = env->trap_arg0;
3166             queue_signal(env, info.si_signo, &info);
3167             break;
3168         case EXCP_UNALIGN:
3169             env->lock_addr = -1;
3170             info.si_signo = TARGET_SIGBUS;
3171             info.si_errno = 0;
3172             info.si_code = TARGET_BUS_ADRALN;
3173             info._sifields._sigfault._addr = env->trap_arg0;
3174             queue_signal(env, info.si_signo, &info);
3175             break;
3176         case EXCP_OPCDEC:
3177         do_sigill:
3178             env->lock_addr = -1;
3179             info.si_signo = TARGET_SIGILL;
3180             info.si_errno = 0;
3181             info.si_code = TARGET_ILL_ILLOPC;
3182             info._sifields._sigfault._addr = env->pc;
3183             queue_signal(env, info.si_signo, &info);
3184             break;
3185         case EXCP_ARITH:
3186             env->lock_addr = -1;
3187             info.si_signo = TARGET_SIGFPE;
3188             info.si_errno = 0;
3189             info.si_code = TARGET_FPE_FLTINV;
3190             info._sifields._sigfault._addr = env->pc;
3191             queue_signal(env, info.si_signo, &info);
3192             break;
3193         case EXCP_FEN:
3194             /* No-op.  Linux simply re-enables the FPU.  */
3195             break;
3196         case EXCP_CALL_PAL:
3197             env->lock_addr = -1;
3198             switch (env->error_code) {
3199             case 0x80:
3200                 /* BPT */
3201                 info.si_signo = TARGET_SIGTRAP;
3202                 info.si_errno = 0;
3203                 info.si_code = TARGET_TRAP_BRKPT;
3204                 info._sifields._sigfault._addr = env->pc;
3205                 queue_signal(env, info.si_signo, &info);
3206                 break;
3207             case 0x81:
3208                 /* BUGCHK */
3209                 info.si_signo = TARGET_SIGTRAP;
3210                 info.si_errno = 0;
3211                 info.si_code = 0;
3212                 info._sifields._sigfault._addr = env->pc;
3213                 queue_signal(env, info.si_signo, &info);
3214                 break;
3215             case 0x83:
3216                 /* CALLSYS */
3217                 trapnr = env->ir[IR_V0];
3218                 sysret = do_syscall(env, trapnr,
3219                                     env->ir[IR_A0], env->ir[IR_A1],
3220                                     env->ir[IR_A2], env->ir[IR_A3],
3221                                     env->ir[IR_A4], env->ir[IR_A5],
3222                                     0, 0);
3223                 if (trapnr == TARGET_NR_sigreturn
3224                     || trapnr == TARGET_NR_rt_sigreturn) {
3225                     break;
3226                 }
3227                 /* Syscall writes 0 to V0 to bypass error check, similar
3228                    to how this is handled internal to Linux kernel.
3229                    (Ab)use trapnr temporarily as boolean indicating error.  */
3230                 trapnr = (env->ir[IR_V0] != 0 && sysret < 0);
3231                 env->ir[IR_V0] = (trapnr ? -sysret : sysret);
3232                 env->ir[IR_A3] = trapnr;
3233                 break;
3234             case 0x86:
3235                 /* IMB */
3236                 /* ??? We can probably elide the code using page_unprotect
3237                    that is checking for self-modifying code.  Instead we
3238                    could simply call tb_flush here.  Until we work out the
3239                    changes required to turn off the extra write protection,
3240                    this can be a no-op.  */
3241                 break;
3242             case 0x9E:
3243                 /* RDUNIQUE */
3244                 /* Handled in the translator for usermode.  */
3245                 abort();
3246             case 0x9F:
3247                 /* WRUNIQUE */
3248                 /* Handled in the translator for usermode.  */
3249                 abort();
3250             case 0xAA:
3251                 /* GENTRAP */
3252                 info.si_signo = TARGET_SIGFPE;
3253                 switch (env->ir[IR_A0]) {
3254                 case TARGET_GEN_INTOVF:
3255                     info.si_code = TARGET_FPE_INTOVF;
3256                     break;
3257                 case TARGET_GEN_INTDIV:
3258                     info.si_code = TARGET_FPE_INTDIV;
3259                     break;
3260                 case TARGET_GEN_FLTOVF:
3261                     info.si_code = TARGET_FPE_FLTOVF;
3262                     break;
3263                 case TARGET_GEN_FLTUND:
3264                     info.si_code = TARGET_FPE_FLTUND;
3265                     break;
3266                 case TARGET_GEN_FLTINV:
3267                     info.si_code = TARGET_FPE_FLTINV;
3268                     break;
3269                 case TARGET_GEN_FLTINE:
3270                     info.si_code = TARGET_FPE_FLTRES;
3271                     break;
3272                 case TARGET_GEN_ROPRAND:
3273                     info.si_code = 0;
3274                     break;
3275                 default:
3276                     info.si_signo = TARGET_SIGTRAP;
3277                     info.si_code = 0;
3278                     break;
3279                 }
3280                 info.si_errno = 0;
3281                 info._sifields._sigfault._addr = env->pc;
3282                 queue_signal(env, info.si_signo, &info);
3283                 break;
3284             default:
3285                 goto do_sigill;
3286             }
3287             break;
3288         case EXCP_DEBUG:
3289             info.si_signo = gdb_handlesig(cs, TARGET_SIGTRAP);
3290             if (info.si_signo) {
3291                 env->lock_addr = -1;
3292                 info.si_errno = 0;
3293                 info.si_code = TARGET_TRAP_BRKPT;
3294                 queue_signal(env, info.si_signo, &info);
3295             }
3296             break;
3297         case EXCP_STL_C:
3298         case EXCP_STQ_C:
3299             do_store_exclusive(env, env->error_code, trapnr - EXCP_STL_C);
3300             break;
3301         case EXCP_INTERRUPT:
3302             /* Just indicate that signals should be handled asap.  */
3303             break;
3304         default:
3305             printf ("Unhandled trap: 0x%x\n", trapnr);
3306             cpu_dump_state(cs, stderr, fprintf, 0);
3307             exit(EXIT_FAILURE);
3308         }
3309         process_pending_signals (env);
3310     }
3311 }
3312 #endif /* TARGET_ALPHA */
3313 
3314 #ifdef TARGET_S390X
3315 void cpu_loop(CPUS390XState *env)
3316 {
3317     CPUState *cs = CPU(s390_env_get_cpu(env));
3318     int trapnr, n, sig;
3319     target_siginfo_t info;
3320     target_ulong addr;
3321 
3322     while (1) {
3323         cpu_exec_start(cs);
3324         trapnr = cpu_s390x_exec(cs);
3325         cpu_exec_end(cs);
3326         switch (trapnr) {
3327         case EXCP_INTERRUPT:
3328             /* Just indicate that signals should be handled asap.  */
3329             break;
3330 
3331         case EXCP_SVC:
3332             n = env->int_svc_code;
3333             if (!n) {
3334                 /* syscalls > 255 */
3335                 n = env->regs[1];
3336             }
3337             env->psw.addr += env->int_svc_ilen;
3338             env->regs[2] = do_syscall(env, n, env->regs[2], env->regs[3],
3339                                       env->regs[4], env->regs[5],
3340                                       env->regs[6], env->regs[7], 0, 0);
3341             break;
3342 
3343         case EXCP_DEBUG:
3344             sig = gdb_handlesig(cs, TARGET_SIGTRAP);
3345             if (sig) {
3346                 n = TARGET_TRAP_BRKPT;
3347                 goto do_signal_pc;
3348             }
3349             break;
3350         case EXCP_PGM:
3351             n = env->int_pgm_code;
3352             switch (n) {
3353             case PGM_OPERATION:
3354             case PGM_PRIVILEGED:
3355                 sig = TARGET_SIGILL;
3356                 n = TARGET_ILL_ILLOPC;
3357                 goto do_signal_pc;
3358             case PGM_PROTECTION:
3359             case PGM_ADDRESSING:
3360                 sig = TARGET_SIGSEGV;
3361                 /* XXX: check env->error_code */
3362                 n = TARGET_SEGV_MAPERR;
3363                 addr = env->__excp_addr;
3364                 goto do_signal;
3365             case PGM_EXECUTE:
3366             case PGM_SPECIFICATION:
3367             case PGM_SPECIAL_OP:
3368             case PGM_OPERAND:
3369             do_sigill_opn:
3370                 sig = TARGET_SIGILL;
3371                 n = TARGET_ILL_ILLOPN;
3372                 goto do_signal_pc;
3373 
3374             case PGM_FIXPT_OVERFLOW:
3375                 sig = TARGET_SIGFPE;
3376                 n = TARGET_FPE_INTOVF;
3377                 goto do_signal_pc;
3378             case PGM_FIXPT_DIVIDE:
3379                 sig = TARGET_SIGFPE;
3380                 n = TARGET_FPE_INTDIV;
3381                 goto do_signal_pc;
3382 
3383             case PGM_DATA:
3384                 n = (env->fpc >> 8) & 0xff;
3385                 if (n == 0xff) {
3386                     /* compare-and-trap */
3387                     goto do_sigill_opn;
3388                 } else {
3389                     /* An IEEE exception, simulated or otherwise.  */
3390                     if (n & 0x80) {
3391                         n = TARGET_FPE_FLTINV;
3392                     } else if (n & 0x40) {
3393                         n = TARGET_FPE_FLTDIV;
3394                     } else if (n & 0x20) {
3395                         n = TARGET_FPE_FLTOVF;
3396                     } else if (n & 0x10) {
3397                         n = TARGET_FPE_FLTUND;
3398                     } else if (n & 0x08) {
3399                         n = TARGET_FPE_FLTRES;
3400                     } else {
3401                         /* ??? Quantum exception; BFP, DFP error.  */
3402                         goto do_sigill_opn;
3403                     }
3404                     sig = TARGET_SIGFPE;
3405                     goto do_signal_pc;
3406                 }
3407 
3408             default:
3409                 fprintf(stderr, "Unhandled program exception: %#x\n", n);
3410                 cpu_dump_state(cs, stderr, fprintf, 0);
3411                 exit(EXIT_FAILURE);
3412             }
3413             break;
3414 
3415         do_signal_pc:
3416             addr = env->psw.addr;
3417         do_signal:
3418             info.si_signo = sig;
3419             info.si_errno = 0;
3420             info.si_code = n;
3421             info._sifields._sigfault._addr = addr;
3422             queue_signal(env, info.si_signo, &info);
3423             break;
3424 
3425         default:
3426             fprintf(stderr, "Unhandled trap: 0x%x\n", trapnr);
3427             cpu_dump_state(cs, stderr, fprintf, 0);
3428             exit(EXIT_FAILURE);
3429         }
3430         process_pending_signals (env);
3431     }
3432 }
3433 
3434 #endif /* TARGET_S390X */
3435 
3436 #ifdef TARGET_TILEGX
3437 
3438 static void gen_sigill_reg(CPUTLGState *env)
3439 {
3440     target_siginfo_t info;
3441 
3442     info.si_signo = TARGET_SIGILL;
3443     info.si_errno = 0;
3444     info.si_code = TARGET_ILL_PRVREG;
3445     info._sifields._sigfault._addr = env->pc;
3446     queue_signal(env, info.si_signo, &info);
3447 }
3448 
3449 static void do_signal(CPUTLGState *env, int signo, int sigcode)
3450 {
3451     target_siginfo_t info;
3452 
3453     info.si_signo = signo;
3454     info.si_errno = 0;
3455     info._sifields._sigfault._addr = env->pc;
3456 
3457     if (signo == TARGET_SIGSEGV) {
3458         /* The passed in sigcode is a dummy; check for a page mapping
3459            and pass either MAPERR or ACCERR.  */
3460         target_ulong addr = env->excaddr;
3461         info._sifields._sigfault._addr = addr;
3462         if (page_check_range(addr, 1, PAGE_VALID) < 0) {
3463             sigcode = TARGET_SEGV_MAPERR;
3464         } else {
3465             sigcode = TARGET_SEGV_ACCERR;
3466         }
3467     }
3468     info.si_code = sigcode;
3469 
3470     queue_signal(env, info.si_signo, &info);
3471 }
3472 
3473 static void gen_sigsegv_maperr(CPUTLGState *env, target_ulong addr)
3474 {
3475     env->excaddr = addr;
3476     do_signal(env, TARGET_SIGSEGV, 0);
3477 }
3478 
3479 static void set_regval(CPUTLGState *env, uint8_t reg, uint64_t val)
3480 {
3481     if (unlikely(reg >= TILEGX_R_COUNT)) {
3482         switch (reg) {
3483         case TILEGX_R_SN:
3484         case TILEGX_R_ZERO:
3485             return;
3486         case TILEGX_R_IDN0:
3487         case TILEGX_R_IDN1:
3488         case TILEGX_R_UDN0:
3489         case TILEGX_R_UDN1:
3490         case TILEGX_R_UDN2:
3491         case TILEGX_R_UDN3:
3492             gen_sigill_reg(env);
3493             return;
3494         default:
3495             g_assert_not_reached();
3496         }
3497     }
3498     env->regs[reg] = val;
3499 }
3500 
3501 /*
3502  * Compare the 8-byte contents of the CmpValue SPR with the 8-byte value in
3503  * memory at the address held in the first source register. If the values are
3504  * not equal, then no memory operation is performed. If the values are equal,
3505  * the 8-byte quantity from the second source register is written into memory
3506  * at the address held in the first source register. In either case, the result
3507  * of the instruction is the value read from memory. The compare and write to
3508  * memory are atomic and thus can be used for synchronization purposes. This
3509  * instruction only operates for addresses aligned to a 8-byte boundary.
3510  * Unaligned memory access causes an Unaligned Data Reference interrupt.
3511  *
3512  * Functional Description (64-bit)
3513  *       uint64_t memVal = memoryReadDoubleWord (rf[SrcA]);
3514  *       rf[Dest] = memVal;
3515  *       if (memVal == SPR[CmpValueSPR])
3516  *           memoryWriteDoubleWord (rf[SrcA], rf[SrcB]);
3517  *
3518  * Functional Description (32-bit)
3519  *       uint64_t memVal = signExtend32 (memoryReadWord (rf[SrcA]));
3520  *       rf[Dest] = memVal;
3521  *       if (memVal == signExtend32 (SPR[CmpValueSPR]))
3522  *           memoryWriteWord (rf[SrcA], rf[SrcB]);
3523  *
3524  *
3525  * This function also processes exch and exch4 which need not process SPR.
3526  */
3527 static void do_exch(CPUTLGState *env, bool quad, bool cmp)
3528 {
3529     target_ulong addr;
3530     target_long val, sprval;
3531 
3532     start_exclusive();
3533 
3534     addr = env->atomic_srca;
3535     if (quad ? get_user_s64(val, addr) : get_user_s32(val, addr)) {
3536         goto sigsegv_maperr;
3537     }
3538 
3539     if (cmp) {
3540         if (quad) {
3541             sprval = env->spregs[TILEGX_SPR_CMPEXCH];
3542         } else {
3543             sprval = sextract64(env->spregs[TILEGX_SPR_CMPEXCH], 0, 32);
3544         }
3545     }
3546 
3547     if (!cmp || val == sprval) {
3548         target_long valb = env->atomic_srcb;
3549         if (quad ? put_user_u64(valb, addr) : put_user_u32(valb, addr)) {
3550             goto sigsegv_maperr;
3551         }
3552     }
3553 
3554     set_regval(env, env->atomic_dstr, val);
3555     end_exclusive();
3556     return;
3557 
3558  sigsegv_maperr:
3559     end_exclusive();
3560     gen_sigsegv_maperr(env, addr);
3561 }
3562 
3563 static void do_fetch(CPUTLGState *env, int trapnr, bool quad)
3564 {
3565     int8_t write = 1;
3566     target_ulong addr;
3567     target_long val, valb;
3568 
3569     start_exclusive();
3570 
3571     addr = env->atomic_srca;
3572     valb = env->atomic_srcb;
3573     if (quad ? get_user_s64(val, addr) : get_user_s32(val, addr)) {
3574         goto sigsegv_maperr;
3575     }
3576 
3577     switch (trapnr) {
3578     case TILEGX_EXCP_OPCODE_FETCHADD:
3579     case TILEGX_EXCP_OPCODE_FETCHADD4:
3580         valb += val;
3581         break;
3582     case TILEGX_EXCP_OPCODE_FETCHADDGEZ:
3583         valb += val;
3584         if (valb < 0) {
3585             write = 0;
3586         }
3587         break;
3588     case TILEGX_EXCP_OPCODE_FETCHADDGEZ4:
3589         valb += val;
3590         if ((int32_t)valb < 0) {
3591             write = 0;
3592         }
3593         break;
3594     case TILEGX_EXCP_OPCODE_FETCHAND:
3595     case TILEGX_EXCP_OPCODE_FETCHAND4:
3596         valb &= val;
3597         break;
3598     case TILEGX_EXCP_OPCODE_FETCHOR:
3599     case TILEGX_EXCP_OPCODE_FETCHOR4:
3600         valb |= val;
3601         break;
3602     default:
3603         g_assert_not_reached();
3604     }
3605 
3606     if (write) {
3607         if (quad ? put_user_u64(valb, addr) : put_user_u32(valb, addr)) {
3608             goto sigsegv_maperr;
3609         }
3610     }
3611 
3612     set_regval(env, env->atomic_dstr, val);
3613     end_exclusive();
3614     return;
3615 
3616  sigsegv_maperr:
3617     end_exclusive();
3618     gen_sigsegv_maperr(env, addr);
3619 }
3620 
3621 void cpu_loop(CPUTLGState *env)
3622 {
3623     CPUState *cs = CPU(tilegx_env_get_cpu(env));
3624     int trapnr;
3625 
3626     while (1) {
3627         cpu_exec_start(cs);
3628         trapnr = cpu_tilegx_exec(cs);
3629         cpu_exec_end(cs);
3630         switch (trapnr) {
3631         case TILEGX_EXCP_SYSCALL:
3632             env->regs[TILEGX_R_RE] = do_syscall(env, env->regs[TILEGX_R_NR],
3633                                                 env->regs[0], env->regs[1],
3634                                                 env->regs[2], env->regs[3],
3635                                                 env->regs[4], env->regs[5],
3636                                                 env->regs[6], env->regs[7]);
3637             env->regs[TILEGX_R_ERR] = TILEGX_IS_ERRNO(env->regs[TILEGX_R_RE])
3638                                                       ? - env->regs[TILEGX_R_RE]
3639                                                       : 0;
3640             break;
3641         case TILEGX_EXCP_OPCODE_EXCH:
3642             do_exch(env, true, false);
3643             break;
3644         case TILEGX_EXCP_OPCODE_EXCH4:
3645             do_exch(env, false, false);
3646             break;
3647         case TILEGX_EXCP_OPCODE_CMPEXCH:
3648             do_exch(env, true, true);
3649             break;
3650         case TILEGX_EXCP_OPCODE_CMPEXCH4:
3651             do_exch(env, false, true);
3652             break;
3653         case TILEGX_EXCP_OPCODE_FETCHADD:
3654         case TILEGX_EXCP_OPCODE_FETCHADDGEZ:
3655         case TILEGX_EXCP_OPCODE_FETCHAND:
3656         case TILEGX_EXCP_OPCODE_FETCHOR:
3657             do_fetch(env, trapnr, true);
3658             break;
3659         case TILEGX_EXCP_OPCODE_FETCHADD4:
3660         case TILEGX_EXCP_OPCODE_FETCHADDGEZ4:
3661         case TILEGX_EXCP_OPCODE_FETCHAND4:
3662         case TILEGX_EXCP_OPCODE_FETCHOR4:
3663             do_fetch(env, trapnr, false);
3664             break;
3665         case TILEGX_EXCP_SIGNAL:
3666             do_signal(env, env->signo, env->sigcode);
3667             break;
3668         case TILEGX_EXCP_REG_IDN_ACCESS:
3669         case TILEGX_EXCP_REG_UDN_ACCESS:
3670             gen_sigill_reg(env);
3671             break;
3672         default:
3673             fprintf(stderr, "trapnr is %d[0x%x].\n", trapnr, trapnr);
3674             g_assert_not_reached();
3675         }
3676         process_pending_signals(env);
3677     }
3678 }
3679 
3680 #endif
3681 
3682 THREAD CPUState *thread_cpu;
3683 
3684 void task_settid(TaskState *ts)
3685 {
3686     if (ts->ts_tid == 0) {
3687         ts->ts_tid = (pid_t)syscall(SYS_gettid);
3688     }
3689 }
3690 
3691 void stop_all_tasks(void)
3692 {
3693     /*
3694      * We trust that when using NPTL, start_exclusive()
3695      * handles thread stopping correctly.
3696      */
3697     start_exclusive();
3698 }
3699 
3700 /* Assumes contents are already zeroed.  */
3701 void init_task_state(TaskState *ts)
3702 {
3703     int i;
3704 
3705     ts->used = 1;
3706     ts->first_free = ts->sigqueue_table;
3707     for (i = 0; i < MAX_SIGQUEUE_SIZE - 1; i++) {
3708         ts->sigqueue_table[i].next = &ts->sigqueue_table[i + 1];
3709     }
3710     ts->sigqueue_table[i].next = NULL;
3711 }
3712 
3713 CPUArchState *cpu_copy(CPUArchState *env)
3714 {
3715     CPUState *cpu = ENV_GET_CPU(env);
3716     CPUState *new_cpu = cpu_init(cpu_model);
3717     CPUArchState *new_env = new_cpu->env_ptr;
3718     CPUBreakpoint *bp;
3719     CPUWatchpoint *wp;
3720 
3721     /* Reset non arch specific state */
3722     cpu_reset(new_cpu);
3723 
3724     memcpy(new_env, env, sizeof(CPUArchState));
3725 
3726     /* Clone all break/watchpoints.
3727        Note: Once we support ptrace with hw-debug register access, make sure
3728        BP_CPU break/watchpoints are handled correctly on clone. */
3729     QTAILQ_INIT(&new_cpu->breakpoints);
3730     QTAILQ_INIT(&new_cpu->watchpoints);
3731     QTAILQ_FOREACH(bp, &cpu->breakpoints, entry) {
3732         cpu_breakpoint_insert(new_cpu, bp->pc, bp->flags, NULL);
3733     }
3734     QTAILQ_FOREACH(wp, &cpu->watchpoints, entry) {
3735         cpu_watchpoint_insert(new_cpu, wp->vaddr, wp->len, wp->flags, NULL);
3736     }
3737 
3738     return new_env;
3739 }
3740 
3741 static void handle_arg_help(const char *arg)
3742 {
3743     usage(EXIT_SUCCESS);
3744 }
3745 
3746 static void handle_arg_log(const char *arg)
3747 {
3748     int mask;
3749 
3750     mask = qemu_str_to_log_mask(arg);
3751     if (!mask) {
3752         qemu_print_log_usage(stdout);
3753         exit(EXIT_FAILURE);
3754     }
3755     qemu_set_log(mask);
3756 }
3757 
3758 static void handle_arg_log_filename(const char *arg)
3759 {
3760     qemu_set_log_filename(arg);
3761 }
3762 
3763 static void handle_arg_set_env(const char *arg)
3764 {
3765     char *r, *p, *token;
3766     r = p = strdup(arg);
3767     while ((token = strsep(&p, ",")) != NULL) {
3768         if (envlist_setenv(envlist, token) != 0) {
3769             usage(EXIT_FAILURE);
3770         }
3771     }
3772     free(r);
3773 }
3774 
3775 static void handle_arg_unset_env(const char *arg)
3776 {
3777     char *r, *p, *token;
3778     r = p = strdup(arg);
3779     while ((token = strsep(&p, ",")) != NULL) {
3780         if (envlist_unsetenv(envlist, token) != 0) {
3781             usage(EXIT_FAILURE);
3782         }
3783     }
3784     free(r);
3785 }
3786 
3787 static void handle_arg_argv0(const char *arg)
3788 {
3789     argv0 = strdup(arg);
3790 }
3791 
3792 static void handle_arg_stack_size(const char *arg)
3793 {
3794     char *p;
3795     guest_stack_size = strtoul(arg, &p, 0);
3796     if (guest_stack_size == 0) {
3797         usage(EXIT_FAILURE);
3798     }
3799 
3800     if (*p == 'M') {
3801         guest_stack_size *= 1024 * 1024;
3802     } else if (*p == 'k' || *p == 'K') {
3803         guest_stack_size *= 1024;
3804     }
3805 }
3806 
3807 static void handle_arg_ld_prefix(const char *arg)
3808 {
3809     interp_prefix = strdup(arg);
3810 }
3811 
3812 static void handle_arg_pagesize(const char *arg)
3813 {
3814     qemu_host_page_size = atoi(arg);
3815     if (qemu_host_page_size == 0 ||
3816         (qemu_host_page_size & (qemu_host_page_size - 1)) != 0) {
3817         fprintf(stderr, "page size must be a power of two\n");
3818         exit(EXIT_FAILURE);
3819     }
3820 }
3821 
3822 static void handle_arg_randseed(const char *arg)
3823 {
3824     unsigned long long seed;
3825 
3826     if (parse_uint_full(arg, &seed, 0) != 0 || seed > UINT_MAX) {
3827         fprintf(stderr, "Invalid seed number: %s\n", arg);
3828         exit(EXIT_FAILURE);
3829     }
3830     srand(seed);
3831 }
3832 
3833 static void handle_arg_gdb(const char *arg)
3834 {
3835     gdbstub_port = atoi(arg);
3836 }
3837 
3838 static void handle_arg_uname(const char *arg)
3839 {
3840     qemu_uname_release = strdup(arg);
3841 }
3842 
3843 static void handle_arg_cpu(const char *arg)
3844 {
3845     cpu_model = strdup(arg);
3846     if (cpu_model == NULL || is_help_option(cpu_model)) {
3847         /* XXX: implement xxx_cpu_list for targets that still miss it */
3848 #if defined(cpu_list)
3849         cpu_list(stdout, &fprintf);
3850 #endif
3851         exit(EXIT_FAILURE);
3852     }
3853 }
3854 
3855 static void handle_arg_guest_base(const char *arg)
3856 {
3857     guest_base = strtol(arg, NULL, 0);
3858     have_guest_base = 1;
3859 }
3860 
3861 static void handle_arg_reserved_va(const char *arg)
3862 {
3863     char *p;
3864     int shift = 0;
3865     reserved_va = strtoul(arg, &p, 0);
3866     switch (*p) {
3867     case 'k':
3868     case 'K':
3869         shift = 10;
3870         break;
3871     case 'M':
3872         shift = 20;
3873         break;
3874     case 'G':
3875         shift = 30;
3876         break;
3877     }
3878     if (shift) {
3879         unsigned long unshifted = reserved_va;
3880         p++;
3881         reserved_va <<= shift;
3882         if (((reserved_va >> shift) != unshifted)
3883 #if HOST_LONG_BITS > TARGET_VIRT_ADDR_SPACE_BITS
3884             || (reserved_va > (1ul << TARGET_VIRT_ADDR_SPACE_BITS))
3885 #endif
3886             ) {
3887             fprintf(stderr, "Reserved virtual address too big\n");
3888             exit(EXIT_FAILURE);
3889         }
3890     }
3891     if (*p) {
3892         fprintf(stderr, "Unrecognised -R size suffix '%s'\n", p);
3893         exit(EXIT_FAILURE);
3894     }
3895 }
3896 
3897 static void handle_arg_singlestep(const char *arg)
3898 {
3899     singlestep = 1;
3900 }
3901 
3902 static void handle_arg_strace(const char *arg)
3903 {
3904     do_strace = 1;
3905 }
3906 
3907 static void handle_arg_version(const char *arg)
3908 {
3909     printf("qemu-" TARGET_NAME " version " QEMU_VERSION QEMU_PKGVERSION
3910            ", Copyright (c) 2003-2008 Fabrice Bellard\n");
3911     exit(EXIT_SUCCESS);
3912 }
3913 
3914 struct qemu_argument {
3915     const char *argv;
3916     const char *env;
3917     bool has_arg;
3918     void (*handle_opt)(const char *arg);
3919     const char *example;
3920     const char *help;
3921 };
3922 
3923 static const struct qemu_argument arg_table[] = {
3924     {"h",          "",                 false, handle_arg_help,
3925      "",           "print this help"},
3926     {"help",       "",                 false, handle_arg_help,
3927      "",           ""},
3928     {"g",          "QEMU_GDB",         true,  handle_arg_gdb,
3929      "port",       "wait gdb connection to 'port'"},
3930     {"L",          "QEMU_LD_PREFIX",   true,  handle_arg_ld_prefix,
3931      "path",       "set the elf interpreter prefix to 'path'"},
3932     {"s",          "QEMU_STACK_SIZE",  true,  handle_arg_stack_size,
3933      "size",       "set the stack size to 'size' bytes"},
3934     {"cpu",        "QEMU_CPU",         true,  handle_arg_cpu,
3935      "model",      "select CPU (-cpu help for list)"},
3936     {"E",          "QEMU_SET_ENV",     true,  handle_arg_set_env,
3937      "var=value",  "sets targets environment variable (see below)"},
3938     {"U",          "QEMU_UNSET_ENV",   true,  handle_arg_unset_env,
3939      "var",        "unsets targets environment variable (see below)"},
3940     {"0",          "QEMU_ARGV0",       true,  handle_arg_argv0,
3941      "argv0",      "forces target process argv[0] to be 'argv0'"},
3942     {"r",          "QEMU_UNAME",       true,  handle_arg_uname,
3943      "uname",      "set qemu uname release string to 'uname'"},
3944     {"B",          "QEMU_GUEST_BASE",  true,  handle_arg_guest_base,
3945      "address",    "set guest_base address to 'address'"},
3946     {"R",          "QEMU_RESERVED_VA", true,  handle_arg_reserved_va,
3947      "size",       "reserve 'size' bytes for guest virtual address space"},
3948     {"d",          "QEMU_LOG",         true,  handle_arg_log,
3949      "item[,...]", "enable logging of specified items "
3950      "(use '-d help' for a list of items)"},
3951     {"D",          "QEMU_LOG_FILENAME", true, handle_arg_log_filename,
3952      "logfile",     "write logs to 'logfile' (default stderr)"},
3953     {"p",          "QEMU_PAGESIZE",    true,  handle_arg_pagesize,
3954      "pagesize",   "set the host page size to 'pagesize'"},
3955     {"singlestep", "QEMU_SINGLESTEP",  false, handle_arg_singlestep,
3956      "",           "run in singlestep mode"},
3957     {"strace",     "QEMU_STRACE",      false, handle_arg_strace,
3958      "",           "log system calls"},
3959     {"seed",       "QEMU_RAND_SEED",   true,  handle_arg_randseed,
3960      "",           "Seed for pseudo-random number generator"},
3961     {"version",    "QEMU_VERSION",     false, handle_arg_version,
3962      "",           "display version information and exit"},
3963     {NULL, NULL, false, NULL, NULL, NULL}
3964 };
3965 
3966 static void usage(int exitcode)
3967 {
3968     const struct qemu_argument *arginfo;
3969     int maxarglen;
3970     int maxenvlen;
3971 
3972     printf("usage: qemu-" TARGET_NAME " [options] program [arguments...]\n"
3973            "Linux CPU emulator (compiled for " TARGET_NAME " emulation)\n"
3974            "\n"
3975            "Options and associated environment variables:\n"
3976            "\n");
3977 
3978     /* Calculate column widths. We must always have at least enough space
3979      * for the column header.
3980      */
3981     maxarglen = strlen("Argument");
3982     maxenvlen = strlen("Env-variable");
3983 
3984     for (arginfo = arg_table; arginfo->handle_opt != NULL; arginfo++) {
3985         int arglen = strlen(arginfo->argv);
3986         if (arginfo->has_arg) {
3987             arglen += strlen(arginfo->example) + 1;
3988         }
3989         if (strlen(arginfo->env) > maxenvlen) {
3990             maxenvlen = strlen(arginfo->env);
3991         }
3992         if (arglen > maxarglen) {
3993             maxarglen = arglen;
3994         }
3995     }
3996 
3997     printf("%-*s %-*s Description\n", maxarglen+1, "Argument",
3998             maxenvlen, "Env-variable");
3999 
4000     for (arginfo = arg_table; arginfo->handle_opt != NULL; arginfo++) {
4001         if (arginfo->has_arg) {
4002             printf("-%s %-*s %-*s %s\n", arginfo->argv,
4003                    (int)(maxarglen - strlen(arginfo->argv) - 1),
4004                    arginfo->example, maxenvlen, arginfo->env, arginfo->help);
4005         } else {
4006             printf("-%-*s %-*s %s\n", maxarglen, arginfo->argv,
4007                     maxenvlen, arginfo->env,
4008                     arginfo->help);
4009         }
4010     }
4011 
4012     printf("\n"
4013            "Defaults:\n"
4014            "QEMU_LD_PREFIX  = %s\n"
4015            "QEMU_STACK_SIZE = %ld byte\n",
4016            interp_prefix,
4017            guest_stack_size);
4018 
4019     printf("\n"
4020            "You can use -E and -U options or the QEMU_SET_ENV and\n"
4021            "QEMU_UNSET_ENV environment variables to set and unset\n"
4022            "environment variables for the target process.\n"
4023            "It is possible to provide several variables by separating them\n"
4024            "by commas in getsubopt(3) style. Additionally it is possible to\n"
4025            "provide the -E and -U options multiple times.\n"
4026            "The following lines are equivalent:\n"
4027            "    -E var1=val2 -E var2=val2 -U LD_PRELOAD -U LD_DEBUG\n"
4028            "    -E var1=val2,var2=val2 -U LD_PRELOAD,LD_DEBUG\n"
4029            "    QEMU_SET_ENV=var1=val2,var2=val2 QEMU_UNSET_ENV=LD_PRELOAD,LD_DEBUG\n"
4030            "Note that if you provide several changes to a single variable\n"
4031            "the last change will stay in effect.\n");
4032 
4033     exit(exitcode);
4034 }
4035 
4036 static int parse_args(int argc, char **argv)
4037 {
4038     const char *r;
4039     int optind;
4040     const struct qemu_argument *arginfo;
4041 
4042     for (arginfo = arg_table; arginfo->handle_opt != NULL; arginfo++) {
4043         if (arginfo->env == NULL) {
4044             continue;
4045         }
4046 
4047         r = getenv(arginfo->env);
4048         if (r != NULL) {
4049             arginfo->handle_opt(r);
4050         }
4051     }
4052 
4053     optind = 1;
4054     for (;;) {
4055         if (optind >= argc) {
4056             break;
4057         }
4058         r = argv[optind];
4059         if (r[0] != '-') {
4060             break;
4061         }
4062         optind++;
4063         r++;
4064         if (!strcmp(r, "-")) {
4065             break;
4066         }
4067         /* Treat --foo the same as -foo.  */
4068         if (r[0] == '-') {
4069             r++;
4070         }
4071 
4072         for (arginfo = arg_table; arginfo->handle_opt != NULL; arginfo++) {
4073             if (!strcmp(r, arginfo->argv)) {
4074                 if (arginfo->has_arg) {
4075                     if (optind >= argc) {
4076                         (void) fprintf(stderr,
4077                             "qemu: missing argument for option '%s'\n", r);
4078                         exit(EXIT_FAILURE);
4079                     }
4080                     arginfo->handle_opt(argv[optind]);
4081                     optind++;
4082                 } else {
4083                     arginfo->handle_opt(NULL);
4084                 }
4085                 break;
4086             }
4087         }
4088 
4089         /* no option matched the current argv */
4090         if (arginfo->handle_opt == NULL) {
4091             (void) fprintf(stderr, "qemu: unknown option '%s'\n", r);
4092             exit(EXIT_FAILURE);
4093         }
4094     }
4095 
4096     if (optind >= argc) {
4097         (void) fprintf(stderr, "qemu: no user program specified\n");
4098         exit(EXIT_FAILURE);
4099     }
4100 
4101     filename = argv[optind];
4102     exec_path = argv[optind];
4103 
4104     return optind;
4105 }
4106 
4107 int main(int argc, char **argv, char **envp)
4108 {
4109     struct target_pt_regs regs1, *regs = &regs1;
4110     struct image_info info1, *info = &info1;
4111     struct linux_binprm bprm;
4112     TaskState *ts;
4113     CPUArchState *env;
4114     CPUState *cpu;
4115     int optind;
4116     char **target_environ, **wrk;
4117     char **target_argv;
4118     int target_argc;
4119     int i;
4120     int ret;
4121     int execfd;
4122 
4123     module_call_init(MODULE_INIT_QOM);
4124 
4125     if ((envlist = envlist_create()) == NULL) {
4126         (void) fprintf(stderr, "Unable to allocate envlist\n");
4127         exit(EXIT_FAILURE);
4128     }
4129 
4130     /* add current environment into the list */
4131     for (wrk = environ; *wrk != NULL; wrk++) {
4132         (void) envlist_setenv(envlist, *wrk);
4133     }
4134 
4135     /* Read the stack limit from the kernel.  If it's "unlimited",
4136        then we can do little else besides use the default.  */
4137     {
4138         struct rlimit lim;
4139         if (getrlimit(RLIMIT_STACK, &lim) == 0
4140             && lim.rlim_cur != RLIM_INFINITY
4141             && lim.rlim_cur == (target_long)lim.rlim_cur) {
4142             guest_stack_size = lim.rlim_cur;
4143         }
4144     }
4145 
4146     cpu_model = NULL;
4147 #if defined(cpudef_setup)
4148     cpudef_setup(); /* parse cpu definitions in target config file (TBD) */
4149 #endif
4150 
4151     srand(time(NULL));
4152 
4153     optind = parse_args(argc, argv);
4154 
4155     /* Zero out regs */
4156     memset(regs, 0, sizeof(struct target_pt_regs));
4157 
4158     /* Zero out image_info */
4159     memset(info, 0, sizeof(struct image_info));
4160 
4161     memset(&bprm, 0, sizeof (bprm));
4162 
4163     /* Scan interp_prefix dir for replacement files. */
4164     init_paths(interp_prefix);
4165 
4166     init_qemu_uname_release();
4167 
4168     if (cpu_model == NULL) {
4169 #if defined(TARGET_I386)
4170 #ifdef TARGET_X86_64
4171         cpu_model = "qemu64";
4172 #else
4173         cpu_model = "qemu32";
4174 #endif
4175 #elif defined(TARGET_ARM)
4176         cpu_model = "any";
4177 #elif defined(TARGET_UNICORE32)
4178         cpu_model = "any";
4179 #elif defined(TARGET_M68K)
4180         cpu_model = "any";
4181 #elif defined(TARGET_SPARC)
4182 #ifdef TARGET_SPARC64
4183         cpu_model = "TI UltraSparc II";
4184 #else
4185         cpu_model = "Fujitsu MB86904";
4186 #endif
4187 #elif defined(TARGET_MIPS)
4188 #if defined(TARGET_ABI_MIPSN32) || defined(TARGET_ABI_MIPSN64)
4189         cpu_model = "5KEf";
4190 #else
4191         cpu_model = "24Kf";
4192 #endif
4193 #elif defined TARGET_OPENRISC
4194         cpu_model = "or1200";
4195 #elif defined(TARGET_PPC)
4196 # ifdef TARGET_PPC64
4197         cpu_model = "POWER8";
4198 # else
4199         cpu_model = "750";
4200 # endif
4201 #elif defined TARGET_SH4
4202         cpu_model = TYPE_SH7785_CPU;
4203 #else
4204         cpu_model = "any";
4205 #endif
4206     }
4207     tcg_exec_init(0);
4208     /* NOTE: we need to init the CPU at this stage to get
4209        qemu_host_page_size */
4210     cpu = cpu_init(cpu_model);
4211     if (!cpu) {
4212         fprintf(stderr, "Unable to find CPU definition\n");
4213         exit(EXIT_FAILURE);
4214     }
4215     env = cpu->env_ptr;
4216     cpu_reset(cpu);
4217 
4218     thread_cpu = cpu;
4219 
4220     if (getenv("QEMU_STRACE")) {
4221         do_strace = 1;
4222     }
4223 
4224     if (getenv("QEMU_RAND_SEED")) {
4225         handle_arg_randseed(getenv("QEMU_RAND_SEED"));
4226     }
4227 
4228     target_environ = envlist_to_environ(envlist, NULL);
4229     envlist_free(envlist);
4230 
4231     /*
4232      * Now that page sizes are configured in cpu_init() we can do
4233      * proper page alignment for guest_base.
4234      */
4235     guest_base = HOST_PAGE_ALIGN(guest_base);
4236 
4237     if (reserved_va || have_guest_base) {
4238         guest_base = init_guest_space(guest_base, reserved_va, 0,
4239                                       have_guest_base);
4240         if (guest_base == (unsigned long)-1) {
4241             fprintf(stderr, "Unable to reserve 0x%lx bytes of virtual address "
4242                     "space for use as guest address space (check your virtual "
4243                     "memory ulimit setting or reserve less using -R option)\n",
4244                     reserved_va);
4245             exit(EXIT_FAILURE);
4246         }
4247 
4248         if (reserved_va) {
4249             mmap_next_start = reserved_va;
4250         }
4251     }
4252 
4253     /*
4254      * Read in mmap_min_addr kernel parameter.  This value is used
4255      * When loading the ELF image to determine whether guest_base
4256      * is needed.  It is also used in mmap_find_vma.
4257      */
4258     {
4259         FILE *fp;
4260 
4261         if ((fp = fopen("/proc/sys/vm/mmap_min_addr", "r")) != NULL) {
4262             unsigned long tmp;
4263             if (fscanf(fp, "%lu", &tmp) == 1) {
4264                 mmap_min_addr = tmp;
4265                 qemu_log_mask(CPU_LOG_PAGE, "host mmap_min_addr=0x%lx\n", mmap_min_addr);
4266             }
4267             fclose(fp);
4268         }
4269     }
4270 
4271     /*
4272      * Prepare copy of argv vector for target.
4273      */
4274     target_argc = argc - optind;
4275     target_argv = calloc(target_argc + 1, sizeof (char *));
4276     if (target_argv == NULL) {
4277 	(void) fprintf(stderr, "Unable to allocate memory for target_argv\n");
4278 	exit(EXIT_FAILURE);
4279     }
4280 
4281     /*
4282      * If argv0 is specified (using '-0' switch) we replace
4283      * argv[0] pointer with the given one.
4284      */
4285     i = 0;
4286     if (argv0 != NULL) {
4287         target_argv[i++] = strdup(argv0);
4288     }
4289     for (; i < target_argc; i++) {
4290         target_argv[i] = strdup(argv[optind + i]);
4291     }
4292     target_argv[target_argc] = NULL;
4293 
4294     ts = g_new0(TaskState, 1);
4295     init_task_state(ts);
4296     /* build Task State */
4297     ts->info = info;
4298     ts->bprm = &bprm;
4299     cpu->opaque = ts;
4300     task_settid(ts);
4301 
4302     execfd = qemu_getauxval(AT_EXECFD);
4303     if (execfd == 0) {
4304         execfd = open(filename, O_RDONLY);
4305         if (execfd < 0) {
4306             printf("Error while loading %s: %s\n", filename, strerror(errno));
4307             _exit(EXIT_FAILURE);
4308         }
4309     }
4310 
4311     ret = loader_exec(execfd, filename, target_argv, target_environ, regs,
4312         info, &bprm);
4313     if (ret != 0) {
4314         printf("Error while loading %s: %s\n", filename, strerror(-ret));
4315         _exit(EXIT_FAILURE);
4316     }
4317 
4318     for (wrk = target_environ; *wrk; wrk++) {
4319         free(*wrk);
4320     }
4321 
4322     free(target_environ);
4323 
4324     if (qemu_loglevel_mask(CPU_LOG_PAGE)) {
4325         qemu_log("guest_base  0x%lx\n", guest_base);
4326         log_page_dump();
4327 
4328         qemu_log("start_brk   0x" TARGET_ABI_FMT_lx "\n", info->start_brk);
4329         qemu_log("end_code    0x" TARGET_ABI_FMT_lx "\n", info->end_code);
4330         qemu_log("start_code  0x" TARGET_ABI_FMT_lx "\n",
4331                  info->start_code);
4332         qemu_log("start_data  0x" TARGET_ABI_FMT_lx "\n",
4333                  info->start_data);
4334         qemu_log("end_data    0x" TARGET_ABI_FMT_lx "\n", info->end_data);
4335         qemu_log("start_stack 0x" TARGET_ABI_FMT_lx "\n",
4336                  info->start_stack);
4337         qemu_log("brk         0x" TARGET_ABI_FMT_lx "\n", info->brk);
4338         qemu_log("entry       0x" TARGET_ABI_FMT_lx "\n", info->entry);
4339     }
4340 
4341     target_set_brk(info->brk);
4342     syscall_init();
4343     signal_init();
4344 
4345     /* Now that we've loaded the binary, GUEST_BASE is fixed.  Delay
4346        generating the prologue until now so that the prologue can take
4347        the real value of GUEST_BASE into account.  */
4348     tcg_prologue_init(&tcg_ctx);
4349 
4350 #if defined(TARGET_I386)
4351     env->cr[0] = CR0_PG_MASK | CR0_WP_MASK | CR0_PE_MASK;
4352     env->hflags |= HF_PE_MASK | HF_CPL_MASK;
4353     if (env->features[FEAT_1_EDX] & CPUID_SSE) {
4354         env->cr[4] |= CR4_OSFXSR_MASK;
4355         env->hflags |= HF_OSFXSR_MASK;
4356     }
4357 #ifndef TARGET_ABI32
4358     /* enable 64 bit mode if possible */
4359     if (!(env->features[FEAT_8000_0001_EDX] & CPUID_EXT2_LM)) {
4360         fprintf(stderr, "The selected x86 CPU does not support 64 bit mode\n");
4361         exit(EXIT_FAILURE);
4362     }
4363     env->cr[4] |= CR4_PAE_MASK;
4364     env->efer |= MSR_EFER_LMA | MSR_EFER_LME;
4365     env->hflags |= HF_LMA_MASK;
4366 #endif
4367 
4368     /* flags setup : we activate the IRQs by default as in user mode */
4369     env->eflags |= IF_MASK;
4370 
4371     /* linux register setup */
4372 #ifndef TARGET_ABI32
4373     env->regs[R_EAX] = regs->rax;
4374     env->regs[R_EBX] = regs->rbx;
4375     env->regs[R_ECX] = regs->rcx;
4376     env->regs[R_EDX] = regs->rdx;
4377     env->regs[R_ESI] = regs->rsi;
4378     env->regs[R_EDI] = regs->rdi;
4379     env->regs[R_EBP] = regs->rbp;
4380     env->regs[R_ESP] = regs->rsp;
4381     env->eip = regs->rip;
4382 #else
4383     env->regs[R_EAX] = regs->eax;
4384     env->regs[R_EBX] = regs->ebx;
4385     env->regs[R_ECX] = regs->ecx;
4386     env->regs[R_EDX] = regs->edx;
4387     env->regs[R_ESI] = regs->esi;
4388     env->regs[R_EDI] = regs->edi;
4389     env->regs[R_EBP] = regs->ebp;
4390     env->regs[R_ESP] = regs->esp;
4391     env->eip = regs->eip;
4392 #endif
4393 
4394     /* linux interrupt setup */
4395 #ifndef TARGET_ABI32
4396     env->idt.limit = 511;
4397 #else
4398     env->idt.limit = 255;
4399 #endif
4400     env->idt.base = target_mmap(0, sizeof(uint64_t) * (env->idt.limit + 1),
4401                                 PROT_READ|PROT_WRITE,
4402                                 MAP_ANONYMOUS|MAP_PRIVATE, -1, 0);
4403     idt_table = g2h(env->idt.base);
4404     set_idt(0, 0);
4405     set_idt(1, 0);
4406     set_idt(2, 0);
4407     set_idt(3, 3);
4408     set_idt(4, 3);
4409     set_idt(5, 0);
4410     set_idt(6, 0);
4411     set_idt(7, 0);
4412     set_idt(8, 0);
4413     set_idt(9, 0);
4414     set_idt(10, 0);
4415     set_idt(11, 0);
4416     set_idt(12, 0);
4417     set_idt(13, 0);
4418     set_idt(14, 0);
4419     set_idt(15, 0);
4420     set_idt(16, 0);
4421     set_idt(17, 0);
4422     set_idt(18, 0);
4423     set_idt(19, 0);
4424     set_idt(0x80, 3);
4425 
4426     /* linux segment setup */
4427     {
4428         uint64_t *gdt_table;
4429         env->gdt.base = target_mmap(0, sizeof(uint64_t) * TARGET_GDT_ENTRIES,
4430                                     PROT_READ|PROT_WRITE,
4431                                     MAP_ANONYMOUS|MAP_PRIVATE, -1, 0);
4432         env->gdt.limit = sizeof(uint64_t) * TARGET_GDT_ENTRIES - 1;
4433         gdt_table = g2h(env->gdt.base);
4434 #ifdef TARGET_ABI32
4435         write_dt(&gdt_table[__USER_CS >> 3], 0, 0xfffff,
4436                  DESC_G_MASK | DESC_B_MASK | DESC_P_MASK | DESC_S_MASK |
4437                  (3 << DESC_DPL_SHIFT) | (0xa << DESC_TYPE_SHIFT));
4438 #else
4439         /* 64 bit code segment */
4440         write_dt(&gdt_table[__USER_CS >> 3], 0, 0xfffff,
4441                  DESC_G_MASK | DESC_B_MASK | DESC_P_MASK | DESC_S_MASK |
4442                  DESC_L_MASK |
4443                  (3 << DESC_DPL_SHIFT) | (0xa << DESC_TYPE_SHIFT));
4444 #endif
4445         write_dt(&gdt_table[__USER_DS >> 3], 0, 0xfffff,
4446                  DESC_G_MASK | DESC_B_MASK | DESC_P_MASK | DESC_S_MASK |
4447                  (3 << DESC_DPL_SHIFT) | (0x2 << DESC_TYPE_SHIFT));
4448     }
4449     cpu_x86_load_seg(env, R_CS, __USER_CS);
4450     cpu_x86_load_seg(env, R_SS, __USER_DS);
4451 #ifdef TARGET_ABI32
4452     cpu_x86_load_seg(env, R_DS, __USER_DS);
4453     cpu_x86_load_seg(env, R_ES, __USER_DS);
4454     cpu_x86_load_seg(env, R_FS, __USER_DS);
4455     cpu_x86_load_seg(env, R_GS, __USER_DS);
4456     /* This hack makes Wine work... */
4457     env->segs[R_FS].selector = 0;
4458 #else
4459     cpu_x86_load_seg(env, R_DS, 0);
4460     cpu_x86_load_seg(env, R_ES, 0);
4461     cpu_x86_load_seg(env, R_FS, 0);
4462     cpu_x86_load_seg(env, R_GS, 0);
4463 #endif
4464 #elif defined(TARGET_AARCH64)
4465     {
4466         int i;
4467 
4468         if (!(arm_feature(env, ARM_FEATURE_AARCH64))) {
4469             fprintf(stderr,
4470                     "The selected ARM CPU does not support 64 bit mode\n");
4471             exit(EXIT_FAILURE);
4472         }
4473 
4474         for (i = 0; i < 31; i++) {
4475             env->xregs[i] = regs->regs[i];
4476         }
4477         env->pc = regs->pc;
4478         env->xregs[31] = regs->sp;
4479     }
4480 #elif defined(TARGET_ARM)
4481     {
4482         int i;
4483         cpsr_write(env, regs->uregs[16], CPSR_USER | CPSR_EXEC,
4484                    CPSRWriteByInstr);
4485         for(i = 0; i < 16; i++) {
4486             env->regs[i] = regs->uregs[i];
4487         }
4488 #ifdef TARGET_WORDS_BIGENDIAN
4489         /* Enable BE8.  */
4490         if (EF_ARM_EABI_VERSION(info->elf_flags) >= EF_ARM_EABI_VER4
4491             && (info->elf_flags & EF_ARM_BE8)) {
4492             env->uncached_cpsr |= CPSR_E;
4493             env->cp15.sctlr_el[1] |= SCTLR_E0E;
4494         } else {
4495             env->cp15.sctlr_el[1] |= SCTLR_B;
4496         }
4497 #endif
4498     }
4499 #elif defined(TARGET_UNICORE32)
4500     {
4501         int i;
4502         cpu_asr_write(env, regs->uregs[32], 0xffffffff);
4503         for (i = 0; i < 32; i++) {
4504             env->regs[i] = regs->uregs[i];
4505         }
4506     }
4507 #elif defined(TARGET_SPARC)
4508     {
4509         int i;
4510 	env->pc = regs->pc;
4511 	env->npc = regs->npc;
4512         env->y = regs->y;
4513         for(i = 0; i < 8; i++)
4514             env->gregs[i] = regs->u_regs[i];
4515         for(i = 0; i < 8; i++)
4516             env->regwptr[i] = regs->u_regs[i + 8];
4517     }
4518 #elif defined(TARGET_PPC)
4519     {
4520         int i;
4521 
4522 #if defined(TARGET_PPC64)
4523 #if defined(TARGET_ABI32)
4524         env->msr &= ~((target_ulong)1 << MSR_SF);
4525 #else
4526         env->msr |= (target_ulong)1 << MSR_SF;
4527 #endif
4528 #endif
4529         env->nip = regs->nip;
4530         for(i = 0; i < 32; i++) {
4531             env->gpr[i] = regs->gpr[i];
4532         }
4533     }
4534 #elif defined(TARGET_M68K)
4535     {
4536         env->pc = regs->pc;
4537         env->dregs[0] = regs->d0;
4538         env->dregs[1] = regs->d1;
4539         env->dregs[2] = regs->d2;
4540         env->dregs[3] = regs->d3;
4541         env->dregs[4] = regs->d4;
4542         env->dregs[5] = regs->d5;
4543         env->dregs[6] = regs->d6;
4544         env->dregs[7] = regs->d7;
4545         env->aregs[0] = regs->a0;
4546         env->aregs[1] = regs->a1;
4547         env->aregs[2] = regs->a2;
4548         env->aregs[3] = regs->a3;
4549         env->aregs[4] = regs->a4;
4550         env->aregs[5] = regs->a5;
4551         env->aregs[6] = regs->a6;
4552         env->aregs[7] = regs->usp;
4553         env->sr = regs->sr;
4554         ts->sim_syscalls = 1;
4555     }
4556 #elif defined(TARGET_MICROBLAZE)
4557     {
4558         env->regs[0] = regs->r0;
4559         env->regs[1] = regs->r1;
4560         env->regs[2] = regs->r2;
4561         env->regs[3] = regs->r3;
4562         env->regs[4] = regs->r4;
4563         env->regs[5] = regs->r5;
4564         env->regs[6] = regs->r6;
4565         env->regs[7] = regs->r7;
4566         env->regs[8] = regs->r8;
4567         env->regs[9] = regs->r9;
4568         env->regs[10] = regs->r10;
4569         env->regs[11] = regs->r11;
4570         env->regs[12] = regs->r12;
4571         env->regs[13] = regs->r13;
4572         env->regs[14] = regs->r14;
4573         env->regs[15] = regs->r15;
4574         env->regs[16] = regs->r16;
4575         env->regs[17] = regs->r17;
4576         env->regs[18] = regs->r18;
4577         env->regs[19] = regs->r19;
4578         env->regs[20] = regs->r20;
4579         env->regs[21] = regs->r21;
4580         env->regs[22] = regs->r22;
4581         env->regs[23] = regs->r23;
4582         env->regs[24] = regs->r24;
4583         env->regs[25] = regs->r25;
4584         env->regs[26] = regs->r26;
4585         env->regs[27] = regs->r27;
4586         env->regs[28] = regs->r28;
4587         env->regs[29] = regs->r29;
4588         env->regs[30] = regs->r30;
4589         env->regs[31] = regs->r31;
4590         env->sregs[SR_PC] = regs->pc;
4591     }
4592 #elif defined(TARGET_MIPS)
4593     {
4594         int i;
4595 
4596         for(i = 0; i < 32; i++) {
4597             env->active_tc.gpr[i] = regs->regs[i];
4598         }
4599         env->active_tc.PC = regs->cp0_epc & ~(target_ulong)1;
4600         if (regs->cp0_epc & 1) {
4601             env->hflags |= MIPS_HFLAG_M16;
4602         }
4603     }
4604 #elif defined(TARGET_OPENRISC)
4605     {
4606         int i;
4607 
4608         for (i = 0; i < 32; i++) {
4609             env->gpr[i] = regs->gpr[i];
4610         }
4611 
4612         env->sr = regs->sr;
4613         env->pc = regs->pc;
4614     }
4615 #elif defined(TARGET_SH4)
4616     {
4617         int i;
4618 
4619         for(i = 0; i < 16; i++) {
4620             env->gregs[i] = regs->regs[i];
4621         }
4622         env->pc = regs->pc;
4623     }
4624 #elif defined(TARGET_ALPHA)
4625     {
4626         int i;
4627 
4628         for(i = 0; i < 28; i++) {
4629             env->ir[i] = ((abi_ulong *)regs)[i];
4630         }
4631         env->ir[IR_SP] = regs->usp;
4632         env->pc = regs->pc;
4633     }
4634 #elif defined(TARGET_CRIS)
4635     {
4636 	    env->regs[0] = regs->r0;
4637 	    env->regs[1] = regs->r1;
4638 	    env->regs[2] = regs->r2;
4639 	    env->regs[3] = regs->r3;
4640 	    env->regs[4] = regs->r4;
4641 	    env->regs[5] = regs->r5;
4642 	    env->regs[6] = regs->r6;
4643 	    env->regs[7] = regs->r7;
4644 	    env->regs[8] = regs->r8;
4645 	    env->regs[9] = regs->r9;
4646 	    env->regs[10] = regs->r10;
4647 	    env->regs[11] = regs->r11;
4648 	    env->regs[12] = regs->r12;
4649 	    env->regs[13] = regs->r13;
4650 	    env->regs[14] = info->start_stack;
4651 	    env->regs[15] = regs->acr;
4652 	    env->pc = regs->erp;
4653     }
4654 #elif defined(TARGET_S390X)
4655     {
4656             int i;
4657             for (i = 0; i < 16; i++) {
4658                 env->regs[i] = regs->gprs[i];
4659             }
4660             env->psw.mask = regs->psw.mask;
4661             env->psw.addr = regs->psw.addr;
4662     }
4663 #elif defined(TARGET_TILEGX)
4664     {
4665         int i;
4666         for (i = 0; i < TILEGX_R_COUNT; i++) {
4667             env->regs[i] = regs->regs[i];
4668         }
4669         for (i = 0; i < TILEGX_SPR_COUNT; i++) {
4670             env->spregs[i] = 0;
4671         }
4672         env->pc = regs->pc;
4673     }
4674 #else
4675 #error unsupported target CPU
4676 #endif
4677 
4678 #if defined(TARGET_ARM) || defined(TARGET_M68K) || defined(TARGET_UNICORE32)
4679     ts->stack_base = info->start_stack;
4680     ts->heap_base = info->brk;
4681     /* This will be filled in on the first SYS_HEAPINFO call.  */
4682     ts->heap_limit = 0;
4683 #endif
4684 
4685     if (gdbstub_port) {
4686         if (gdbserver_start(gdbstub_port) < 0) {
4687             fprintf(stderr, "qemu: could not open gdbserver on port %d\n",
4688                     gdbstub_port);
4689             exit(EXIT_FAILURE);
4690         }
4691         gdb_handlesig(cpu, 0);
4692     }
4693     cpu_loop(env);
4694     /* never exits */
4695     return 0;
4696 }
4697