xref: /openbmc/qemu/linux-user/main.c (revision 41b8280a)
1 /*
2  *  qemu user main
3  *
4  *  Copyright (c) 2003-2008 Fabrice Bellard
5  *
6  *  This program is free software; you can redistribute it and/or modify
7  *  it under the terms of the GNU General Public License as published by
8  *  the Free Software Foundation; either version 2 of the License, or
9  *  (at your option) any later version.
10  *
11  *  This program is distributed in the hope that it will be useful,
12  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
13  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14  *  GNU General Public License for more details.
15  *
16  *  You should have received a copy of the GNU General Public License
17  *  along with this program; if not, see <http://www.gnu.org/licenses/>.
18  */
19 #include <stdlib.h>
20 #include <stdio.h>
21 #include <stdarg.h>
22 #include <string.h>
23 #include <errno.h>
24 #include <unistd.h>
25 #include <sys/mman.h>
26 #include <sys/syscall.h>
27 #include <sys/resource.h>
28 
29 #include "qemu.h"
30 #include "qemu-common.h"
31 #include "qemu/cache-utils.h"
32 #include "cpu.h"
33 #include "tcg.h"
34 #include "qemu/timer.h"
35 #include "qemu/envlist.h"
36 #include "elf.h"
37 
38 char *exec_path;
39 
40 int singlestep;
41 const char *filename;
42 const char *argv0;
43 int gdbstub_port;
44 envlist_t *envlist;
45 const char *cpu_model;
46 unsigned long mmap_min_addr;
47 #if defined(CONFIG_USE_GUEST_BASE)
48 unsigned long guest_base;
49 int have_guest_base;
50 #if (TARGET_LONG_BITS == 32) && (HOST_LONG_BITS == 64)
51 /*
52  * When running 32-on-64 we should make sure we can fit all of the possible
53  * guest address space into a contiguous chunk of virtual host memory.
54  *
55  * This way we will never overlap with our own libraries or binaries or stack
56  * or anything else that QEMU maps.
57  */
58 # ifdef TARGET_MIPS
59 /* MIPS only supports 31 bits of virtual address space for user space */
60 unsigned long reserved_va = 0x77000000;
61 # else
62 unsigned long reserved_va = 0xf7000000;
63 # endif
64 #else
65 unsigned long reserved_va;
66 #endif
67 #endif
68 
69 static void usage(void);
70 
71 static const char *interp_prefix = CONFIG_QEMU_INTERP_PREFIX;
72 const char *qemu_uname_release = CONFIG_UNAME_RELEASE;
73 
74 /* XXX: on x86 MAP_GROWSDOWN only works if ESP <= address + 32, so
75    we allocate a bigger stack. Need a better solution, for example
76    by remapping the process stack directly at the right place */
77 unsigned long guest_stack_size = 8 * 1024 * 1024UL;
78 
79 void gemu_log(const char *fmt, ...)
80 {
81     va_list ap;
82 
83     va_start(ap, fmt);
84     vfprintf(stderr, fmt, ap);
85     va_end(ap);
86 }
87 
88 #if defined(TARGET_I386)
89 int cpu_get_pic_interrupt(CPUX86State *env)
90 {
91     return -1;
92 }
93 #endif
94 
95 #if defined(CONFIG_USE_NPTL)
96 /***********************************************************/
97 /* Helper routines for implementing atomic operations.  */
98 
99 /* To implement exclusive operations we force all cpus to syncronise.
100    We don't require a full sync, only that no cpus are executing guest code.
101    The alternative is to map target atomic ops onto host equivalents,
102    which requires quite a lot of per host/target work.  */
103 static pthread_mutex_t cpu_list_mutex = PTHREAD_MUTEX_INITIALIZER;
104 static pthread_mutex_t exclusive_lock = PTHREAD_MUTEX_INITIALIZER;
105 static pthread_cond_t exclusive_cond = PTHREAD_COND_INITIALIZER;
106 static pthread_cond_t exclusive_resume = PTHREAD_COND_INITIALIZER;
107 static int pending_cpus;
108 
109 /* Make sure everything is in a consistent state for calling fork().  */
110 void fork_start(void)
111 {
112     pthread_mutex_lock(&tcg_ctx.tb_ctx.tb_lock);
113     pthread_mutex_lock(&exclusive_lock);
114     mmap_fork_start();
115 }
116 
117 void fork_end(int child)
118 {
119     mmap_fork_end(child);
120     if (child) {
121         /* Child processes created by fork() only have a single thread.
122            Discard information about the parent threads.  */
123         first_cpu = thread_cpu;
124         first_cpu->next_cpu = NULL;
125         pending_cpus = 0;
126         pthread_mutex_init(&exclusive_lock, NULL);
127         pthread_mutex_init(&cpu_list_mutex, NULL);
128         pthread_cond_init(&exclusive_cond, NULL);
129         pthread_cond_init(&exclusive_resume, NULL);
130         pthread_mutex_init(&tcg_ctx.tb_ctx.tb_lock, NULL);
131         gdbserver_fork((CPUArchState *)thread_cpu->env_ptr);
132     } else {
133         pthread_mutex_unlock(&exclusive_lock);
134         pthread_mutex_unlock(&tcg_ctx.tb_ctx.tb_lock);
135     }
136 }
137 
138 /* Wait for pending exclusive operations to complete.  The exclusive lock
139    must be held.  */
140 static inline void exclusive_idle(void)
141 {
142     while (pending_cpus) {
143         pthread_cond_wait(&exclusive_resume, &exclusive_lock);
144     }
145 }
146 
147 /* Start an exclusive operation.
148    Must only be called from outside cpu_arm_exec.   */
149 static inline void start_exclusive(void)
150 {
151     CPUState *other_cpu;
152 
153     pthread_mutex_lock(&exclusive_lock);
154     exclusive_idle();
155 
156     pending_cpus = 1;
157     /* Make all other cpus stop executing.  */
158     for (other_cpu = first_cpu; other_cpu; other_cpu = other_cpu->next_cpu) {
159         if (other_cpu->running) {
160             pending_cpus++;
161             cpu_exit(other_cpu);
162         }
163     }
164     if (pending_cpus > 1) {
165         pthread_cond_wait(&exclusive_cond, &exclusive_lock);
166     }
167 }
168 
169 /* Finish an exclusive operation.  */
170 static inline void end_exclusive(void)
171 {
172     pending_cpus = 0;
173     pthread_cond_broadcast(&exclusive_resume);
174     pthread_mutex_unlock(&exclusive_lock);
175 }
176 
177 /* Wait for exclusive ops to finish, and begin cpu execution.  */
178 static inline void cpu_exec_start(CPUState *cpu)
179 {
180     pthread_mutex_lock(&exclusive_lock);
181     exclusive_idle();
182     cpu->running = true;
183     pthread_mutex_unlock(&exclusive_lock);
184 }
185 
186 /* Mark cpu as not executing, and release pending exclusive ops.  */
187 static inline void cpu_exec_end(CPUState *cpu)
188 {
189     pthread_mutex_lock(&exclusive_lock);
190     cpu->running = false;
191     if (pending_cpus > 1) {
192         pending_cpus--;
193         if (pending_cpus == 1) {
194             pthread_cond_signal(&exclusive_cond);
195         }
196     }
197     exclusive_idle();
198     pthread_mutex_unlock(&exclusive_lock);
199 }
200 
201 void cpu_list_lock(void)
202 {
203     pthread_mutex_lock(&cpu_list_mutex);
204 }
205 
206 void cpu_list_unlock(void)
207 {
208     pthread_mutex_unlock(&cpu_list_mutex);
209 }
210 #else /* if !CONFIG_USE_NPTL */
211 /* These are no-ops because we are not threadsafe.  */
212 static inline void cpu_exec_start(CPUState *cpu)
213 {
214 }
215 
216 static inline void cpu_exec_end(CPUState *cpu)
217 {
218 }
219 
220 static inline void start_exclusive(void)
221 {
222 }
223 
224 static inline void end_exclusive(void)
225 {
226 }
227 
228 void fork_start(void)
229 {
230 }
231 
232 void fork_end(int child)
233 {
234     if (child) {
235         gdbserver_fork((CPUArchState *)thread_cpu->env_ptr);
236     }
237 }
238 
239 void cpu_list_lock(void)
240 {
241 }
242 
243 void cpu_list_unlock(void)
244 {
245 }
246 #endif
247 
248 
249 #ifdef TARGET_I386
250 /***********************************************************/
251 /* CPUX86 core interface */
252 
253 void cpu_smm_update(CPUX86State *env)
254 {
255 }
256 
257 uint64_t cpu_get_tsc(CPUX86State *env)
258 {
259     return cpu_get_real_ticks();
260 }
261 
262 static void write_dt(void *ptr, unsigned long addr, unsigned long limit,
263                      int flags)
264 {
265     unsigned int e1, e2;
266     uint32_t *p;
267     e1 = (addr << 16) | (limit & 0xffff);
268     e2 = ((addr >> 16) & 0xff) | (addr & 0xff000000) | (limit & 0x000f0000);
269     e2 |= flags;
270     p = ptr;
271     p[0] = tswap32(e1);
272     p[1] = tswap32(e2);
273 }
274 
275 static uint64_t *idt_table;
276 #ifdef TARGET_X86_64
277 static void set_gate64(void *ptr, unsigned int type, unsigned int dpl,
278                        uint64_t addr, unsigned int sel)
279 {
280     uint32_t *p, e1, e2;
281     e1 = (addr & 0xffff) | (sel << 16);
282     e2 = (addr & 0xffff0000) | 0x8000 | (dpl << 13) | (type << 8);
283     p = ptr;
284     p[0] = tswap32(e1);
285     p[1] = tswap32(e2);
286     p[2] = tswap32(addr >> 32);
287     p[3] = 0;
288 }
289 /* only dpl matters as we do only user space emulation */
290 static void set_idt(int n, unsigned int dpl)
291 {
292     set_gate64(idt_table + n * 2, 0, dpl, 0, 0);
293 }
294 #else
295 static void set_gate(void *ptr, unsigned int type, unsigned int dpl,
296                      uint32_t addr, unsigned int sel)
297 {
298     uint32_t *p, e1, e2;
299     e1 = (addr & 0xffff) | (sel << 16);
300     e2 = (addr & 0xffff0000) | 0x8000 | (dpl << 13) | (type << 8);
301     p = ptr;
302     p[0] = tswap32(e1);
303     p[1] = tswap32(e2);
304 }
305 
306 /* only dpl matters as we do only user space emulation */
307 static void set_idt(int n, unsigned int dpl)
308 {
309     set_gate(idt_table + n, 0, dpl, 0, 0);
310 }
311 #endif
312 
313 void cpu_loop(CPUX86State *env)
314 {
315     CPUState *cs = CPU(x86_env_get_cpu(env));
316     int trapnr;
317     abi_ulong pc;
318     target_siginfo_t info;
319 
320     for(;;) {
321         trapnr = cpu_x86_exec(env);
322         switch(trapnr) {
323         case 0x80:
324             /* linux syscall from int $0x80 */
325             env->regs[R_EAX] = do_syscall(env,
326                                           env->regs[R_EAX],
327                                           env->regs[R_EBX],
328                                           env->regs[R_ECX],
329                                           env->regs[R_EDX],
330                                           env->regs[R_ESI],
331                                           env->regs[R_EDI],
332                                           env->regs[R_EBP],
333                                           0, 0);
334             break;
335 #ifndef TARGET_ABI32
336         case EXCP_SYSCALL:
337             /* linux syscall from syscall instruction */
338             env->regs[R_EAX] = do_syscall(env,
339                                           env->regs[R_EAX],
340                                           env->regs[R_EDI],
341                                           env->regs[R_ESI],
342                                           env->regs[R_EDX],
343                                           env->regs[10],
344                                           env->regs[8],
345                                           env->regs[9],
346                                           0, 0);
347             env->eip = env->exception_next_eip;
348             break;
349 #endif
350         case EXCP0B_NOSEG:
351         case EXCP0C_STACK:
352             info.si_signo = SIGBUS;
353             info.si_errno = 0;
354             info.si_code = TARGET_SI_KERNEL;
355             info._sifields._sigfault._addr = 0;
356             queue_signal(env, info.si_signo, &info);
357             break;
358         case EXCP0D_GPF:
359             /* XXX: potential problem if ABI32 */
360 #ifndef TARGET_X86_64
361             if (env->eflags & VM_MASK) {
362                 handle_vm86_fault(env);
363             } else
364 #endif
365             {
366                 info.si_signo = SIGSEGV;
367                 info.si_errno = 0;
368                 info.si_code = TARGET_SI_KERNEL;
369                 info._sifields._sigfault._addr = 0;
370                 queue_signal(env, info.si_signo, &info);
371             }
372             break;
373         case EXCP0E_PAGE:
374             info.si_signo = SIGSEGV;
375             info.si_errno = 0;
376             if (!(env->error_code & 1))
377                 info.si_code = TARGET_SEGV_MAPERR;
378             else
379                 info.si_code = TARGET_SEGV_ACCERR;
380             info._sifields._sigfault._addr = env->cr[2];
381             queue_signal(env, info.si_signo, &info);
382             break;
383         case EXCP00_DIVZ:
384 #ifndef TARGET_X86_64
385             if (env->eflags & VM_MASK) {
386                 handle_vm86_trap(env, trapnr);
387             } else
388 #endif
389             {
390                 /* division by zero */
391                 info.si_signo = SIGFPE;
392                 info.si_errno = 0;
393                 info.si_code = TARGET_FPE_INTDIV;
394                 info._sifields._sigfault._addr = env->eip;
395                 queue_signal(env, info.si_signo, &info);
396             }
397             break;
398         case EXCP01_DB:
399         case EXCP03_INT3:
400 #ifndef TARGET_X86_64
401             if (env->eflags & VM_MASK) {
402                 handle_vm86_trap(env, trapnr);
403             } else
404 #endif
405             {
406                 info.si_signo = SIGTRAP;
407                 info.si_errno = 0;
408                 if (trapnr == EXCP01_DB) {
409                     info.si_code = TARGET_TRAP_BRKPT;
410                     info._sifields._sigfault._addr = env->eip;
411                 } else {
412                     info.si_code = TARGET_SI_KERNEL;
413                     info._sifields._sigfault._addr = 0;
414                 }
415                 queue_signal(env, info.si_signo, &info);
416             }
417             break;
418         case EXCP04_INTO:
419         case EXCP05_BOUND:
420 #ifndef TARGET_X86_64
421             if (env->eflags & VM_MASK) {
422                 handle_vm86_trap(env, trapnr);
423             } else
424 #endif
425             {
426                 info.si_signo = SIGSEGV;
427                 info.si_errno = 0;
428                 info.si_code = TARGET_SI_KERNEL;
429                 info._sifields._sigfault._addr = 0;
430                 queue_signal(env, info.si_signo, &info);
431             }
432             break;
433         case EXCP06_ILLOP:
434             info.si_signo = SIGILL;
435             info.si_errno = 0;
436             info.si_code = TARGET_ILL_ILLOPN;
437             info._sifields._sigfault._addr = env->eip;
438             queue_signal(env, info.si_signo, &info);
439             break;
440         case EXCP_INTERRUPT:
441             /* just indicate that signals should be handled asap */
442             break;
443         case EXCP_DEBUG:
444             {
445                 int sig;
446 
447                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
448                 if (sig)
449                   {
450                     info.si_signo = sig;
451                     info.si_errno = 0;
452                     info.si_code = TARGET_TRAP_BRKPT;
453                     queue_signal(env, info.si_signo, &info);
454                   }
455             }
456             break;
457         default:
458             pc = env->segs[R_CS].base + env->eip;
459             fprintf(stderr, "qemu: 0x%08lx: unhandled CPU exception 0x%x - aborting\n",
460                     (long)pc, trapnr);
461             abort();
462         }
463         process_pending_signals(env);
464     }
465 }
466 #endif
467 
468 #ifdef TARGET_ARM
469 
470 #define get_user_code_u32(x, gaddr, doswap)             \
471     ({ abi_long __r = get_user_u32((x), (gaddr));       \
472         if (!__r && (doswap)) {                         \
473             (x) = bswap32(x);                           \
474         }                                               \
475         __r;                                            \
476     })
477 
478 #define get_user_code_u16(x, gaddr, doswap)             \
479     ({ abi_long __r = get_user_u16((x), (gaddr));       \
480         if (!__r && (doswap)) {                         \
481             (x) = bswap16(x);                           \
482         }                                               \
483         __r;                                            \
484     })
485 
486 /*
487  * See the Linux kernel's Documentation/arm/kernel_user_helpers.txt
488  * Input:
489  * r0 = pointer to oldval
490  * r1 = pointer to newval
491  * r2 = pointer to target value
492  *
493  * Output:
494  * r0 = 0 if *ptr was changed, non-0 if no exchange happened
495  * C set if *ptr was changed, clear if no exchange happened
496  *
497  * Note segv's in kernel helpers are a bit tricky, we can set the
498  * data address sensibly but the PC address is just the entry point.
499  */
500 static void arm_kernel_cmpxchg64_helper(CPUARMState *env)
501 {
502     uint64_t oldval, newval, val;
503     uint32_t addr, cpsr;
504     target_siginfo_t info;
505 
506     /* Based on the 32 bit code in do_kernel_trap */
507 
508     /* XXX: This only works between threads, not between processes.
509        It's probably possible to implement this with native host
510        operations. However things like ldrex/strex are much harder so
511        there's not much point trying.  */
512     start_exclusive();
513     cpsr = cpsr_read(env);
514     addr = env->regs[2];
515 
516     if (get_user_u64(oldval, env->regs[0])) {
517         env->cp15.c6_data = env->regs[0];
518         goto segv;
519     };
520 
521     if (get_user_u64(newval, env->regs[1])) {
522         env->cp15.c6_data = env->regs[1];
523         goto segv;
524     };
525 
526     if (get_user_u64(val, addr)) {
527         env->cp15.c6_data = addr;
528         goto segv;
529     }
530 
531     if (val == oldval) {
532         val = newval;
533 
534         if (put_user_u64(val, addr)) {
535             env->cp15.c6_data = addr;
536             goto segv;
537         };
538 
539         env->regs[0] = 0;
540         cpsr |= CPSR_C;
541     } else {
542         env->regs[0] = -1;
543         cpsr &= ~CPSR_C;
544     }
545     cpsr_write(env, cpsr, CPSR_C);
546     end_exclusive();
547     return;
548 
549 segv:
550     end_exclusive();
551     /* We get the PC of the entry address - which is as good as anything,
552        on a real kernel what you get depends on which mode it uses. */
553     info.si_signo = SIGSEGV;
554     info.si_errno = 0;
555     /* XXX: check env->error_code */
556     info.si_code = TARGET_SEGV_MAPERR;
557     info._sifields._sigfault._addr = env->cp15.c6_data;
558     queue_signal(env, info.si_signo, &info);
559 
560     end_exclusive();
561 }
562 
563 /* Handle a jump to the kernel code page.  */
564 static int
565 do_kernel_trap(CPUARMState *env)
566 {
567     uint32_t addr;
568     uint32_t cpsr;
569     uint32_t val;
570 
571     switch (env->regs[15]) {
572     case 0xffff0fa0: /* __kernel_memory_barrier */
573         /* ??? No-op. Will need to do better for SMP.  */
574         break;
575     case 0xffff0fc0: /* __kernel_cmpxchg */
576          /* XXX: This only works between threads, not between processes.
577             It's probably possible to implement this with native host
578             operations. However things like ldrex/strex are much harder so
579             there's not much point trying.  */
580         start_exclusive();
581         cpsr = cpsr_read(env);
582         addr = env->regs[2];
583         /* FIXME: This should SEGV if the access fails.  */
584         if (get_user_u32(val, addr))
585             val = ~env->regs[0];
586         if (val == env->regs[0]) {
587             val = env->regs[1];
588             /* FIXME: Check for segfaults.  */
589             put_user_u32(val, addr);
590             env->regs[0] = 0;
591             cpsr |= CPSR_C;
592         } else {
593             env->regs[0] = -1;
594             cpsr &= ~CPSR_C;
595         }
596         cpsr_write(env, cpsr, CPSR_C);
597         end_exclusive();
598         break;
599     case 0xffff0fe0: /* __kernel_get_tls */
600         env->regs[0] = env->cp15.c13_tls2;
601         break;
602     case 0xffff0f60: /* __kernel_cmpxchg64 */
603         arm_kernel_cmpxchg64_helper(env);
604         break;
605 
606     default:
607         return 1;
608     }
609     /* Jump back to the caller.  */
610     addr = env->regs[14];
611     if (addr & 1) {
612         env->thumb = 1;
613         addr &= ~1;
614     }
615     env->regs[15] = addr;
616 
617     return 0;
618 }
619 
620 static int do_strex(CPUARMState *env)
621 {
622     uint32_t val;
623     int size;
624     int rc = 1;
625     int segv = 0;
626     uint32_t addr;
627     start_exclusive();
628     addr = env->exclusive_addr;
629     if (addr != env->exclusive_test) {
630         goto fail;
631     }
632     size = env->exclusive_info & 0xf;
633     switch (size) {
634     case 0:
635         segv = get_user_u8(val, addr);
636         break;
637     case 1:
638         segv = get_user_u16(val, addr);
639         break;
640     case 2:
641     case 3:
642         segv = get_user_u32(val, addr);
643         break;
644     default:
645         abort();
646     }
647     if (segv) {
648         env->cp15.c6_data = addr;
649         goto done;
650     }
651     if (val != env->exclusive_val) {
652         goto fail;
653     }
654     if (size == 3) {
655         segv = get_user_u32(val, addr + 4);
656         if (segv) {
657             env->cp15.c6_data = addr + 4;
658             goto done;
659         }
660         if (val != env->exclusive_high) {
661             goto fail;
662         }
663     }
664     val = env->regs[(env->exclusive_info >> 8) & 0xf];
665     switch (size) {
666     case 0:
667         segv = put_user_u8(val, addr);
668         break;
669     case 1:
670         segv = put_user_u16(val, addr);
671         break;
672     case 2:
673     case 3:
674         segv = put_user_u32(val, addr);
675         break;
676     }
677     if (segv) {
678         env->cp15.c6_data = addr;
679         goto done;
680     }
681     if (size == 3) {
682         val = env->regs[(env->exclusive_info >> 12) & 0xf];
683         segv = put_user_u32(val, addr + 4);
684         if (segv) {
685             env->cp15.c6_data = addr + 4;
686             goto done;
687         }
688     }
689     rc = 0;
690 fail:
691     env->regs[15] += 4;
692     env->regs[(env->exclusive_info >> 4) & 0xf] = rc;
693 done:
694     end_exclusive();
695     return segv;
696 }
697 
698 void cpu_loop(CPUARMState *env)
699 {
700     CPUState *cs = CPU(arm_env_get_cpu(env));
701     int trapnr;
702     unsigned int n, insn;
703     target_siginfo_t info;
704     uint32_t addr;
705 
706     for(;;) {
707         cpu_exec_start(cs);
708         trapnr = cpu_arm_exec(env);
709         cpu_exec_end(cs);
710         switch(trapnr) {
711         case EXCP_UDEF:
712             {
713                 TaskState *ts = env->opaque;
714                 uint32_t opcode;
715                 int rc;
716 
717                 /* we handle the FPU emulation here, as Linux */
718                 /* we get the opcode */
719                 /* FIXME - what to do if get_user() fails? */
720                 get_user_code_u32(opcode, env->regs[15], env->bswap_code);
721 
722                 rc = EmulateAll(opcode, &ts->fpa, env);
723                 if (rc == 0) { /* illegal instruction */
724                     info.si_signo = SIGILL;
725                     info.si_errno = 0;
726                     info.si_code = TARGET_ILL_ILLOPN;
727                     info._sifields._sigfault._addr = env->regs[15];
728                     queue_signal(env, info.si_signo, &info);
729                 } else if (rc < 0) { /* FP exception */
730                     int arm_fpe=0;
731 
732                     /* translate softfloat flags to FPSR flags */
733                     if (-rc & float_flag_invalid)
734                       arm_fpe |= BIT_IOC;
735                     if (-rc & float_flag_divbyzero)
736                       arm_fpe |= BIT_DZC;
737                     if (-rc & float_flag_overflow)
738                       arm_fpe |= BIT_OFC;
739                     if (-rc & float_flag_underflow)
740                       arm_fpe |= BIT_UFC;
741                     if (-rc & float_flag_inexact)
742                       arm_fpe |= BIT_IXC;
743 
744                     FPSR fpsr = ts->fpa.fpsr;
745                     //printf("fpsr 0x%x, arm_fpe 0x%x\n",fpsr,arm_fpe);
746 
747                     if (fpsr & (arm_fpe << 16)) { /* exception enabled? */
748                       info.si_signo = SIGFPE;
749                       info.si_errno = 0;
750 
751                       /* ordered by priority, least first */
752                       if (arm_fpe & BIT_IXC) info.si_code = TARGET_FPE_FLTRES;
753                       if (arm_fpe & BIT_UFC) info.si_code = TARGET_FPE_FLTUND;
754                       if (arm_fpe & BIT_OFC) info.si_code = TARGET_FPE_FLTOVF;
755                       if (arm_fpe & BIT_DZC) info.si_code = TARGET_FPE_FLTDIV;
756                       if (arm_fpe & BIT_IOC) info.si_code = TARGET_FPE_FLTINV;
757 
758                       info._sifields._sigfault._addr = env->regs[15];
759                       queue_signal(env, info.si_signo, &info);
760                     } else {
761                       env->regs[15] += 4;
762                     }
763 
764                     /* accumulate unenabled exceptions */
765                     if ((!(fpsr & BIT_IXE)) && (arm_fpe & BIT_IXC))
766                       fpsr |= BIT_IXC;
767                     if ((!(fpsr & BIT_UFE)) && (arm_fpe & BIT_UFC))
768                       fpsr |= BIT_UFC;
769                     if ((!(fpsr & BIT_OFE)) && (arm_fpe & BIT_OFC))
770                       fpsr |= BIT_OFC;
771                     if ((!(fpsr & BIT_DZE)) && (arm_fpe & BIT_DZC))
772                       fpsr |= BIT_DZC;
773                     if ((!(fpsr & BIT_IOE)) && (arm_fpe & BIT_IOC))
774                       fpsr |= BIT_IOC;
775                     ts->fpa.fpsr=fpsr;
776                 } else { /* everything OK */
777                     /* increment PC */
778                     env->regs[15] += 4;
779                 }
780             }
781             break;
782         case EXCP_SWI:
783         case EXCP_BKPT:
784             {
785                 env->eabi = 1;
786                 /* system call */
787                 if (trapnr == EXCP_BKPT) {
788                     if (env->thumb) {
789                         /* FIXME - what to do if get_user() fails? */
790                         get_user_code_u16(insn, env->regs[15], env->bswap_code);
791                         n = insn & 0xff;
792                         env->regs[15] += 2;
793                     } else {
794                         /* FIXME - what to do if get_user() fails? */
795                         get_user_code_u32(insn, env->regs[15], env->bswap_code);
796                         n = (insn & 0xf) | ((insn >> 4) & 0xff0);
797                         env->regs[15] += 4;
798                     }
799                 } else {
800                     if (env->thumb) {
801                         /* FIXME - what to do if get_user() fails? */
802                         get_user_code_u16(insn, env->regs[15] - 2,
803                                           env->bswap_code);
804                         n = insn & 0xff;
805                     } else {
806                         /* FIXME - what to do if get_user() fails? */
807                         get_user_code_u32(insn, env->regs[15] - 4,
808                                           env->bswap_code);
809                         n = insn & 0xffffff;
810                     }
811                 }
812 
813                 if (n == ARM_NR_cacheflush) {
814                     /* nop */
815                 } else if (n == ARM_NR_semihosting
816                            || n == ARM_NR_thumb_semihosting) {
817                     env->regs[0] = do_arm_semihosting (env);
818                 } else if (n == 0 || n >= ARM_SYSCALL_BASE || env->thumb) {
819                     /* linux syscall */
820                     if (env->thumb || n == 0) {
821                         n = env->regs[7];
822                     } else {
823                         n -= ARM_SYSCALL_BASE;
824                         env->eabi = 0;
825                     }
826                     if ( n > ARM_NR_BASE) {
827                         switch (n) {
828                         case ARM_NR_cacheflush:
829                             /* nop */
830                             break;
831                         case ARM_NR_set_tls:
832                             cpu_set_tls(env, env->regs[0]);
833                             env->regs[0] = 0;
834                             break;
835                         default:
836                             gemu_log("qemu: Unsupported ARM syscall: 0x%x\n",
837                                      n);
838                             env->regs[0] = -TARGET_ENOSYS;
839                             break;
840                         }
841                     } else {
842                         env->regs[0] = do_syscall(env,
843                                                   n,
844                                                   env->regs[0],
845                                                   env->regs[1],
846                                                   env->regs[2],
847                                                   env->regs[3],
848                                                   env->regs[4],
849                                                   env->regs[5],
850                                                   0, 0);
851                     }
852                 } else {
853                     goto error;
854                 }
855             }
856             break;
857         case EXCP_INTERRUPT:
858             /* just indicate that signals should be handled asap */
859             break;
860         case EXCP_PREFETCH_ABORT:
861             addr = env->cp15.c6_insn;
862             goto do_segv;
863         case EXCP_DATA_ABORT:
864             addr = env->cp15.c6_data;
865         do_segv:
866             {
867                 info.si_signo = SIGSEGV;
868                 info.si_errno = 0;
869                 /* XXX: check env->error_code */
870                 info.si_code = TARGET_SEGV_MAPERR;
871                 info._sifields._sigfault._addr = addr;
872                 queue_signal(env, info.si_signo, &info);
873             }
874             break;
875         case EXCP_DEBUG:
876             {
877                 int sig;
878 
879                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
880                 if (sig)
881                   {
882                     info.si_signo = sig;
883                     info.si_errno = 0;
884                     info.si_code = TARGET_TRAP_BRKPT;
885                     queue_signal(env, info.si_signo, &info);
886                   }
887             }
888             break;
889         case EXCP_KERNEL_TRAP:
890             if (do_kernel_trap(env))
891               goto error;
892             break;
893         case EXCP_STREX:
894             if (do_strex(env)) {
895                 addr = env->cp15.c6_data;
896                 goto do_segv;
897             }
898             break;
899         default:
900         error:
901             fprintf(stderr, "qemu: unhandled CPU exception 0x%x - aborting\n",
902                     trapnr);
903             cpu_dump_state(cs, stderr, fprintf, 0);
904             abort();
905         }
906         process_pending_signals(env);
907     }
908 }
909 
910 #endif
911 
912 #ifdef TARGET_UNICORE32
913 
914 void cpu_loop(CPUUniCore32State *env)
915 {
916     CPUState *cs = CPU(uc32_env_get_cpu(env));
917     int trapnr;
918     unsigned int n, insn;
919     target_siginfo_t info;
920 
921     for (;;) {
922         cpu_exec_start(cs);
923         trapnr = uc32_cpu_exec(env);
924         cpu_exec_end(cs);
925         switch (trapnr) {
926         case UC32_EXCP_PRIV:
927             {
928                 /* system call */
929                 get_user_u32(insn, env->regs[31] - 4);
930                 n = insn & 0xffffff;
931 
932                 if (n >= UC32_SYSCALL_BASE) {
933                     /* linux syscall */
934                     n -= UC32_SYSCALL_BASE;
935                     if (n == UC32_SYSCALL_NR_set_tls) {
936                             cpu_set_tls(env, env->regs[0]);
937                             env->regs[0] = 0;
938                     } else {
939                         env->regs[0] = do_syscall(env,
940                                                   n,
941                                                   env->regs[0],
942                                                   env->regs[1],
943                                                   env->regs[2],
944                                                   env->regs[3],
945                                                   env->regs[4],
946                                                   env->regs[5],
947                                                   0, 0);
948                     }
949                 } else {
950                     goto error;
951                 }
952             }
953             break;
954         case UC32_EXCP_DTRAP:
955         case UC32_EXCP_ITRAP:
956             info.si_signo = SIGSEGV;
957             info.si_errno = 0;
958             /* XXX: check env->error_code */
959             info.si_code = TARGET_SEGV_MAPERR;
960             info._sifields._sigfault._addr = env->cp0.c4_faultaddr;
961             queue_signal(env, info.si_signo, &info);
962             break;
963         case EXCP_INTERRUPT:
964             /* just indicate that signals should be handled asap */
965             break;
966         case EXCP_DEBUG:
967             {
968                 int sig;
969 
970                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
971                 if (sig) {
972                     info.si_signo = sig;
973                     info.si_errno = 0;
974                     info.si_code = TARGET_TRAP_BRKPT;
975                     queue_signal(env, info.si_signo, &info);
976                 }
977             }
978             break;
979         default:
980             goto error;
981         }
982         process_pending_signals(env);
983     }
984 
985 error:
986     fprintf(stderr, "qemu: unhandled CPU exception 0x%x - aborting\n", trapnr);
987     cpu_dump_state(cs, stderr, fprintf, 0);
988     abort();
989 }
990 #endif
991 
992 #ifdef TARGET_SPARC
993 #define SPARC64_STACK_BIAS 2047
994 
995 //#define DEBUG_WIN
996 
997 /* WARNING: dealing with register windows _is_ complicated. More info
998    can be found at http://www.sics.se/~psm/sparcstack.html */
999 static inline int get_reg_index(CPUSPARCState *env, int cwp, int index)
1000 {
1001     index = (index + cwp * 16) % (16 * env->nwindows);
1002     /* wrap handling : if cwp is on the last window, then we use the
1003        registers 'after' the end */
1004     if (index < 8 && env->cwp == env->nwindows - 1)
1005         index += 16 * env->nwindows;
1006     return index;
1007 }
1008 
1009 /* save the register window 'cwp1' */
1010 static inline void save_window_offset(CPUSPARCState *env, int cwp1)
1011 {
1012     unsigned int i;
1013     abi_ulong sp_ptr;
1014 
1015     sp_ptr = env->regbase[get_reg_index(env, cwp1, 6)];
1016 #ifdef TARGET_SPARC64
1017     if (sp_ptr & 3)
1018         sp_ptr += SPARC64_STACK_BIAS;
1019 #endif
1020 #if defined(DEBUG_WIN)
1021     printf("win_overflow: sp_ptr=0x" TARGET_ABI_FMT_lx " save_cwp=%d\n",
1022            sp_ptr, cwp1);
1023 #endif
1024     for(i = 0; i < 16; i++) {
1025         /* FIXME - what to do if put_user() fails? */
1026         put_user_ual(env->regbase[get_reg_index(env, cwp1, 8 + i)], sp_ptr);
1027         sp_ptr += sizeof(abi_ulong);
1028     }
1029 }
1030 
1031 static void save_window(CPUSPARCState *env)
1032 {
1033 #ifndef TARGET_SPARC64
1034     unsigned int new_wim;
1035     new_wim = ((env->wim >> 1) | (env->wim << (env->nwindows - 1))) &
1036         ((1LL << env->nwindows) - 1);
1037     save_window_offset(env, cpu_cwp_dec(env, env->cwp - 2));
1038     env->wim = new_wim;
1039 #else
1040     save_window_offset(env, cpu_cwp_dec(env, env->cwp - 2));
1041     env->cansave++;
1042     env->canrestore--;
1043 #endif
1044 }
1045 
1046 static void restore_window(CPUSPARCState *env)
1047 {
1048 #ifndef TARGET_SPARC64
1049     unsigned int new_wim;
1050 #endif
1051     unsigned int i, cwp1;
1052     abi_ulong sp_ptr;
1053 
1054 #ifndef TARGET_SPARC64
1055     new_wim = ((env->wim << 1) | (env->wim >> (env->nwindows - 1))) &
1056         ((1LL << env->nwindows) - 1);
1057 #endif
1058 
1059     /* restore the invalid window */
1060     cwp1 = cpu_cwp_inc(env, env->cwp + 1);
1061     sp_ptr = env->regbase[get_reg_index(env, cwp1, 6)];
1062 #ifdef TARGET_SPARC64
1063     if (sp_ptr & 3)
1064         sp_ptr += SPARC64_STACK_BIAS;
1065 #endif
1066 #if defined(DEBUG_WIN)
1067     printf("win_underflow: sp_ptr=0x" TARGET_ABI_FMT_lx " load_cwp=%d\n",
1068            sp_ptr, cwp1);
1069 #endif
1070     for(i = 0; i < 16; i++) {
1071         /* FIXME - what to do if get_user() fails? */
1072         get_user_ual(env->regbase[get_reg_index(env, cwp1, 8 + i)], sp_ptr);
1073         sp_ptr += sizeof(abi_ulong);
1074     }
1075 #ifdef TARGET_SPARC64
1076     env->canrestore++;
1077     if (env->cleanwin < env->nwindows - 1)
1078         env->cleanwin++;
1079     env->cansave--;
1080 #else
1081     env->wim = new_wim;
1082 #endif
1083 }
1084 
1085 static void flush_windows(CPUSPARCState *env)
1086 {
1087     int offset, cwp1;
1088 
1089     offset = 1;
1090     for(;;) {
1091         /* if restore would invoke restore_window(), then we can stop */
1092         cwp1 = cpu_cwp_inc(env, env->cwp + offset);
1093 #ifndef TARGET_SPARC64
1094         if (env->wim & (1 << cwp1))
1095             break;
1096 #else
1097         if (env->canrestore == 0)
1098             break;
1099         env->cansave++;
1100         env->canrestore--;
1101 #endif
1102         save_window_offset(env, cwp1);
1103         offset++;
1104     }
1105     cwp1 = cpu_cwp_inc(env, env->cwp + 1);
1106 #ifndef TARGET_SPARC64
1107     /* set wim so that restore will reload the registers */
1108     env->wim = 1 << cwp1;
1109 #endif
1110 #if defined(DEBUG_WIN)
1111     printf("flush_windows: nb=%d\n", offset - 1);
1112 #endif
1113 }
1114 
1115 void cpu_loop (CPUSPARCState *env)
1116 {
1117     CPUState *cs = CPU(sparc_env_get_cpu(env));
1118     int trapnr;
1119     abi_long ret;
1120     target_siginfo_t info;
1121 
1122     while (1) {
1123         trapnr = cpu_sparc_exec (env);
1124 
1125         /* Compute PSR before exposing state.  */
1126         if (env->cc_op != CC_OP_FLAGS) {
1127             cpu_get_psr(env);
1128         }
1129 
1130         switch (trapnr) {
1131 #ifndef TARGET_SPARC64
1132         case 0x88:
1133         case 0x90:
1134 #else
1135         case 0x110:
1136         case 0x16d:
1137 #endif
1138             ret = do_syscall (env, env->gregs[1],
1139                               env->regwptr[0], env->regwptr[1],
1140                               env->regwptr[2], env->regwptr[3],
1141                               env->regwptr[4], env->regwptr[5],
1142                               0, 0);
1143             if ((abi_ulong)ret >= (abi_ulong)(-515)) {
1144 #if defined(TARGET_SPARC64) && !defined(TARGET_ABI32)
1145                 env->xcc |= PSR_CARRY;
1146 #else
1147                 env->psr |= PSR_CARRY;
1148 #endif
1149                 ret = -ret;
1150             } else {
1151 #if defined(TARGET_SPARC64) && !defined(TARGET_ABI32)
1152                 env->xcc &= ~PSR_CARRY;
1153 #else
1154                 env->psr &= ~PSR_CARRY;
1155 #endif
1156             }
1157             env->regwptr[0] = ret;
1158             /* next instruction */
1159             env->pc = env->npc;
1160             env->npc = env->npc + 4;
1161             break;
1162         case 0x83: /* flush windows */
1163 #ifdef TARGET_ABI32
1164         case 0x103:
1165 #endif
1166             flush_windows(env);
1167             /* next instruction */
1168             env->pc = env->npc;
1169             env->npc = env->npc + 4;
1170             break;
1171 #ifndef TARGET_SPARC64
1172         case TT_WIN_OVF: /* window overflow */
1173             save_window(env);
1174             break;
1175         case TT_WIN_UNF: /* window underflow */
1176             restore_window(env);
1177             break;
1178         case TT_TFAULT:
1179         case TT_DFAULT:
1180             {
1181                 info.si_signo = TARGET_SIGSEGV;
1182                 info.si_errno = 0;
1183                 /* XXX: check env->error_code */
1184                 info.si_code = TARGET_SEGV_MAPERR;
1185                 info._sifields._sigfault._addr = env->mmuregs[4];
1186                 queue_signal(env, info.si_signo, &info);
1187             }
1188             break;
1189 #else
1190         case TT_SPILL: /* window overflow */
1191             save_window(env);
1192             break;
1193         case TT_FILL: /* window underflow */
1194             restore_window(env);
1195             break;
1196         case TT_TFAULT:
1197         case TT_DFAULT:
1198             {
1199                 info.si_signo = TARGET_SIGSEGV;
1200                 info.si_errno = 0;
1201                 /* XXX: check env->error_code */
1202                 info.si_code = TARGET_SEGV_MAPERR;
1203                 if (trapnr == TT_DFAULT)
1204                     info._sifields._sigfault._addr = env->dmmuregs[4];
1205                 else
1206                     info._sifields._sigfault._addr = cpu_tsptr(env)->tpc;
1207                 queue_signal(env, info.si_signo, &info);
1208             }
1209             break;
1210 #ifndef TARGET_ABI32
1211         case 0x16e:
1212             flush_windows(env);
1213             sparc64_get_context(env);
1214             break;
1215         case 0x16f:
1216             flush_windows(env);
1217             sparc64_set_context(env);
1218             break;
1219 #endif
1220 #endif
1221         case EXCP_INTERRUPT:
1222             /* just indicate that signals should be handled asap */
1223             break;
1224         case TT_ILL_INSN:
1225             {
1226                 info.si_signo = TARGET_SIGILL;
1227                 info.si_errno = 0;
1228                 info.si_code = TARGET_ILL_ILLOPC;
1229                 info._sifields._sigfault._addr = env->pc;
1230                 queue_signal(env, info.si_signo, &info);
1231             }
1232             break;
1233         case EXCP_DEBUG:
1234             {
1235                 int sig;
1236 
1237                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
1238                 if (sig)
1239                   {
1240                     info.si_signo = sig;
1241                     info.si_errno = 0;
1242                     info.si_code = TARGET_TRAP_BRKPT;
1243                     queue_signal(env, info.si_signo, &info);
1244                   }
1245             }
1246             break;
1247         default:
1248             printf ("Unhandled trap: 0x%x\n", trapnr);
1249             cpu_dump_state(cs, stderr, fprintf, 0);
1250             exit (1);
1251         }
1252         process_pending_signals (env);
1253     }
1254 }
1255 
1256 #endif
1257 
1258 #ifdef TARGET_PPC
1259 static inline uint64_t cpu_ppc_get_tb(CPUPPCState *env)
1260 {
1261     /* TO FIX */
1262     return 0;
1263 }
1264 
1265 uint64_t cpu_ppc_load_tbl(CPUPPCState *env)
1266 {
1267     return cpu_ppc_get_tb(env);
1268 }
1269 
1270 uint32_t cpu_ppc_load_tbu(CPUPPCState *env)
1271 {
1272     return cpu_ppc_get_tb(env) >> 32;
1273 }
1274 
1275 uint64_t cpu_ppc_load_atbl(CPUPPCState *env)
1276 {
1277     return cpu_ppc_get_tb(env);
1278 }
1279 
1280 uint32_t cpu_ppc_load_atbu(CPUPPCState *env)
1281 {
1282     return cpu_ppc_get_tb(env) >> 32;
1283 }
1284 
1285 uint32_t cpu_ppc601_load_rtcu(CPUPPCState *env)
1286 __attribute__ (( alias ("cpu_ppc_load_tbu") ));
1287 
1288 uint32_t cpu_ppc601_load_rtcl(CPUPPCState *env)
1289 {
1290     return cpu_ppc_load_tbl(env) & 0x3FFFFF80;
1291 }
1292 
1293 /* XXX: to be fixed */
1294 int ppc_dcr_read (ppc_dcr_t *dcr_env, int dcrn, uint32_t *valp)
1295 {
1296     return -1;
1297 }
1298 
1299 int ppc_dcr_write (ppc_dcr_t *dcr_env, int dcrn, uint32_t val)
1300 {
1301     return -1;
1302 }
1303 
1304 #define EXCP_DUMP(env, fmt, ...)                                        \
1305 do {                                                                    \
1306     CPUState *cs = ENV_GET_CPU(env);                                    \
1307     fprintf(stderr, fmt , ## __VA_ARGS__);                              \
1308     cpu_dump_state(cs, stderr, fprintf, 0);                             \
1309     qemu_log(fmt, ## __VA_ARGS__);                                      \
1310     if (qemu_log_enabled()) {                                           \
1311         log_cpu_state(cs, 0);                                           \
1312     }                                                                   \
1313 } while (0)
1314 
1315 static int do_store_exclusive(CPUPPCState *env)
1316 {
1317     target_ulong addr;
1318     target_ulong page_addr;
1319     target_ulong val;
1320     int flags;
1321     int segv = 0;
1322 
1323     addr = env->reserve_ea;
1324     page_addr = addr & TARGET_PAGE_MASK;
1325     start_exclusive();
1326     mmap_lock();
1327     flags = page_get_flags(page_addr);
1328     if ((flags & PAGE_READ) == 0) {
1329         segv = 1;
1330     } else {
1331         int reg = env->reserve_info & 0x1f;
1332         int size = (env->reserve_info >> 5) & 0xf;
1333         int stored = 0;
1334 
1335         if (addr == env->reserve_addr) {
1336             switch (size) {
1337             case 1: segv = get_user_u8(val, addr); break;
1338             case 2: segv = get_user_u16(val, addr); break;
1339             case 4: segv = get_user_u32(val, addr); break;
1340 #if defined(TARGET_PPC64)
1341             case 8: segv = get_user_u64(val, addr); break;
1342 #endif
1343             default: abort();
1344             }
1345             if (!segv && val == env->reserve_val) {
1346                 val = env->gpr[reg];
1347                 switch (size) {
1348                 case 1: segv = put_user_u8(val, addr); break;
1349                 case 2: segv = put_user_u16(val, addr); break;
1350                 case 4: segv = put_user_u32(val, addr); break;
1351 #if defined(TARGET_PPC64)
1352                 case 8: segv = put_user_u64(val, addr); break;
1353 #endif
1354                 default: abort();
1355                 }
1356                 if (!segv) {
1357                     stored = 1;
1358                 }
1359             }
1360         }
1361         env->crf[0] = (stored << 1) | xer_so;
1362         env->reserve_addr = (target_ulong)-1;
1363     }
1364     if (!segv) {
1365         env->nip += 4;
1366     }
1367     mmap_unlock();
1368     end_exclusive();
1369     return segv;
1370 }
1371 
1372 void cpu_loop(CPUPPCState *env)
1373 {
1374     CPUState *cs = CPU(ppc_env_get_cpu(env));
1375     target_siginfo_t info;
1376     int trapnr;
1377     target_ulong ret;
1378 
1379     for(;;) {
1380         cpu_exec_start(cs);
1381         trapnr = cpu_ppc_exec(env);
1382         cpu_exec_end(cs);
1383         switch(trapnr) {
1384         case POWERPC_EXCP_NONE:
1385             /* Just go on */
1386             break;
1387         case POWERPC_EXCP_CRITICAL: /* Critical input                        */
1388             cpu_abort(env, "Critical interrupt while in user mode. "
1389                       "Aborting\n");
1390             break;
1391         case POWERPC_EXCP_MCHECK:   /* Machine check exception               */
1392             cpu_abort(env, "Machine check exception while in user mode. "
1393                       "Aborting\n");
1394             break;
1395         case POWERPC_EXCP_DSI:      /* Data storage exception                */
1396             EXCP_DUMP(env, "Invalid data memory access: 0x" TARGET_FMT_lx "\n",
1397                       env->spr[SPR_DAR]);
1398             /* XXX: check this. Seems bugged */
1399             switch (env->error_code & 0xFF000000) {
1400             case 0x40000000:
1401                 info.si_signo = TARGET_SIGSEGV;
1402                 info.si_errno = 0;
1403                 info.si_code = TARGET_SEGV_MAPERR;
1404                 break;
1405             case 0x04000000:
1406                 info.si_signo = TARGET_SIGILL;
1407                 info.si_errno = 0;
1408                 info.si_code = TARGET_ILL_ILLADR;
1409                 break;
1410             case 0x08000000:
1411                 info.si_signo = TARGET_SIGSEGV;
1412                 info.si_errno = 0;
1413                 info.si_code = TARGET_SEGV_ACCERR;
1414                 break;
1415             default:
1416                 /* Let's send a regular segfault... */
1417                 EXCP_DUMP(env, "Invalid segfault errno (%02x)\n",
1418                           env->error_code);
1419                 info.si_signo = TARGET_SIGSEGV;
1420                 info.si_errno = 0;
1421                 info.si_code = TARGET_SEGV_MAPERR;
1422                 break;
1423             }
1424             info._sifields._sigfault._addr = env->nip;
1425             queue_signal(env, info.si_signo, &info);
1426             break;
1427         case POWERPC_EXCP_ISI:      /* Instruction storage exception         */
1428             EXCP_DUMP(env, "Invalid instruction fetch: 0x\n" TARGET_FMT_lx
1429                       "\n", env->spr[SPR_SRR0]);
1430             /* XXX: check this */
1431             switch (env->error_code & 0xFF000000) {
1432             case 0x40000000:
1433                 info.si_signo = TARGET_SIGSEGV;
1434             info.si_errno = 0;
1435                 info.si_code = TARGET_SEGV_MAPERR;
1436                 break;
1437             case 0x10000000:
1438             case 0x08000000:
1439                 info.si_signo = TARGET_SIGSEGV;
1440                 info.si_errno = 0;
1441                 info.si_code = TARGET_SEGV_ACCERR;
1442                 break;
1443             default:
1444                 /* Let's send a regular segfault... */
1445                 EXCP_DUMP(env, "Invalid segfault errno (%02x)\n",
1446                           env->error_code);
1447                 info.si_signo = TARGET_SIGSEGV;
1448                 info.si_errno = 0;
1449                 info.si_code = TARGET_SEGV_MAPERR;
1450                 break;
1451             }
1452             info._sifields._sigfault._addr = env->nip - 4;
1453             queue_signal(env, info.si_signo, &info);
1454             break;
1455         case POWERPC_EXCP_EXTERNAL: /* External input                        */
1456             cpu_abort(env, "External interrupt while in user mode. "
1457                       "Aborting\n");
1458             break;
1459         case POWERPC_EXCP_ALIGN:    /* Alignment exception                   */
1460             EXCP_DUMP(env, "Unaligned memory access\n");
1461             /* XXX: check this */
1462             info.si_signo = TARGET_SIGBUS;
1463             info.si_errno = 0;
1464             info.si_code = TARGET_BUS_ADRALN;
1465             info._sifields._sigfault._addr = env->nip - 4;
1466             queue_signal(env, info.si_signo, &info);
1467             break;
1468         case POWERPC_EXCP_PROGRAM:  /* Program exception                     */
1469             /* XXX: check this */
1470             switch (env->error_code & ~0xF) {
1471             case POWERPC_EXCP_FP:
1472                 EXCP_DUMP(env, "Floating point program exception\n");
1473                 info.si_signo = TARGET_SIGFPE;
1474                 info.si_errno = 0;
1475                 switch (env->error_code & 0xF) {
1476                 case POWERPC_EXCP_FP_OX:
1477                     info.si_code = TARGET_FPE_FLTOVF;
1478                     break;
1479                 case POWERPC_EXCP_FP_UX:
1480                     info.si_code = TARGET_FPE_FLTUND;
1481                     break;
1482                 case POWERPC_EXCP_FP_ZX:
1483                 case POWERPC_EXCP_FP_VXZDZ:
1484                     info.si_code = TARGET_FPE_FLTDIV;
1485                     break;
1486                 case POWERPC_EXCP_FP_XX:
1487                     info.si_code = TARGET_FPE_FLTRES;
1488                     break;
1489                 case POWERPC_EXCP_FP_VXSOFT:
1490                     info.si_code = TARGET_FPE_FLTINV;
1491                     break;
1492                 case POWERPC_EXCP_FP_VXSNAN:
1493                 case POWERPC_EXCP_FP_VXISI:
1494                 case POWERPC_EXCP_FP_VXIDI:
1495                 case POWERPC_EXCP_FP_VXIMZ:
1496                 case POWERPC_EXCP_FP_VXVC:
1497                 case POWERPC_EXCP_FP_VXSQRT:
1498                 case POWERPC_EXCP_FP_VXCVI:
1499                     info.si_code = TARGET_FPE_FLTSUB;
1500                     break;
1501                 default:
1502                     EXCP_DUMP(env, "Unknown floating point exception (%02x)\n",
1503                               env->error_code);
1504                     break;
1505                 }
1506                 break;
1507             case POWERPC_EXCP_INVAL:
1508                 EXCP_DUMP(env, "Invalid instruction\n");
1509                 info.si_signo = TARGET_SIGILL;
1510                 info.si_errno = 0;
1511                 switch (env->error_code & 0xF) {
1512                 case POWERPC_EXCP_INVAL_INVAL:
1513                     info.si_code = TARGET_ILL_ILLOPC;
1514                     break;
1515                 case POWERPC_EXCP_INVAL_LSWX:
1516                     info.si_code = TARGET_ILL_ILLOPN;
1517                     break;
1518                 case POWERPC_EXCP_INVAL_SPR:
1519                     info.si_code = TARGET_ILL_PRVREG;
1520                     break;
1521                 case POWERPC_EXCP_INVAL_FP:
1522                     info.si_code = TARGET_ILL_COPROC;
1523                     break;
1524                 default:
1525                     EXCP_DUMP(env, "Unknown invalid operation (%02x)\n",
1526                               env->error_code & 0xF);
1527                     info.si_code = TARGET_ILL_ILLADR;
1528                     break;
1529                 }
1530                 break;
1531             case POWERPC_EXCP_PRIV:
1532                 EXCP_DUMP(env, "Privilege violation\n");
1533                 info.si_signo = TARGET_SIGILL;
1534                 info.si_errno = 0;
1535                 switch (env->error_code & 0xF) {
1536                 case POWERPC_EXCP_PRIV_OPC:
1537                     info.si_code = TARGET_ILL_PRVOPC;
1538                     break;
1539                 case POWERPC_EXCP_PRIV_REG:
1540                     info.si_code = TARGET_ILL_PRVREG;
1541                     break;
1542                 default:
1543                     EXCP_DUMP(env, "Unknown privilege violation (%02x)\n",
1544                               env->error_code & 0xF);
1545                     info.si_code = TARGET_ILL_PRVOPC;
1546                     break;
1547                 }
1548                 break;
1549             case POWERPC_EXCP_TRAP:
1550                 cpu_abort(env, "Tried to call a TRAP\n");
1551                 break;
1552             default:
1553                 /* Should not happen ! */
1554                 cpu_abort(env, "Unknown program exception (%02x)\n",
1555                           env->error_code);
1556                 break;
1557             }
1558             info._sifields._sigfault._addr = env->nip - 4;
1559             queue_signal(env, info.si_signo, &info);
1560             break;
1561         case POWERPC_EXCP_FPU:      /* Floating-point unavailable exception  */
1562             EXCP_DUMP(env, "No floating point allowed\n");
1563             info.si_signo = TARGET_SIGILL;
1564             info.si_errno = 0;
1565             info.si_code = TARGET_ILL_COPROC;
1566             info._sifields._sigfault._addr = env->nip - 4;
1567             queue_signal(env, info.si_signo, &info);
1568             break;
1569         case POWERPC_EXCP_SYSCALL:  /* System call exception                 */
1570             cpu_abort(env, "Syscall exception while in user mode. "
1571                       "Aborting\n");
1572             break;
1573         case POWERPC_EXCP_APU:      /* Auxiliary processor unavailable       */
1574             EXCP_DUMP(env, "No APU instruction allowed\n");
1575             info.si_signo = TARGET_SIGILL;
1576             info.si_errno = 0;
1577             info.si_code = TARGET_ILL_COPROC;
1578             info._sifields._sigfault._addr = env->nip - 4;
1579             queue_signal(env, info.si_signo, &info);
1580             break;
1581         case POWERPC_EXCP_DECR:     /* Decrementer exception                 */
1582             cpu_abort(env, "Decrementer interrupt while in user mode. "
1583                       "Aborting\n");
1584             break;
1585         case POWERPC_EXCP_FIT:      /* Fixed-interval timer interrupt        */
1586             cpu_abort(env, "Fix interval timer interrupt while in user mode. "
1587                       "Aborting\n");
1588             break;
1589         case POWERPC_EXCP_WDT:      /* Watchdog timer interrupt              */
1590             cpu_abort(env, "Watchdog timer interrupt while in user mode. "
1591                       "Aborting\n");
1592             break;
1593         case POWERPC_EXCP_DTLB:     /* Data TLB error                        */
1594             cpu_abort(env, "Data TLB exception while in user mode. "
1595                       "Aborting\n");
1596             break;
1597         case POWERPC_EXCP_ITLB:     /* Instruction TLB error                 */
1598             cpu_abort(env, "Instruction TLB exception while in user mode. "
1599                       "Aborting\n");
1600             break;
1601         case POWERPC_EXCP_SPEU:     /* SPE/embedded floating-point unavail.  */
1602             EXCP_DUMP(env, "No SPE/floating-point instruction allowed\n");
1603             info.si_signo = TARGET_SIGILL;
1604             info.si_errno = 0;
1605             info.si_code = TARGET_ILL_COPROC;
1606             info._sifields._sigfault._addr = env->nip - 4;
1607             queue_signal(env, info.si_signo, &info);
1608             break;
1609         case POWERPC_EXCP_EFPDI:    /* Embedded floating-point data IRQ      */
1610             cpu_abort(env, "Embedded floating-point data IRQ not handled\n");
1611             break;
1612         case POWERPC_EXCP_EFPRI:    /* Embedded floating-point round IRQ     */
1613             cpu_abort(env, "Embedded floating-point round IRQ not handled\n");
1614             break;
1615         case POWERPC_EXCP_EPERFM:   /* Embedded performance monitor IRQ      */
1616             cpu_abort(env, "Performance monitor exception not handled\n");
1617             break;
1618         case POWERPC_EXCP_DOORI:    /* Embedded doorbell interrupt           */
1619             cpu_abort(env, "Doorbell interrupt while in user mode. "
1620                        "Aborting\n");
1621             break;
1622         case POWERPC_EXCP_DOORCI:   /* Embedded doorbell critical interrupt  */
1623             cpu_abort(env, "Doorbell critical interrupt while in user mode. "
1624                       "Aborting\n");
1625             break;
1626         case POWERPC_EXCP_RESET:    /* System reset exception                */
1627             cpu_abort(env, "Reset interrupt while in user mode. "
1628                       "Aborting\n");
1629             break;
1630         case POWERPC_EXCP_DSEG:     /* Data segment exception                */
1631             cpu_abort(env, "Data segment exception while in user mode. "
1632                       "Aborting\n");
1633             break;
1634         case POWERPC_EXCP_ISEG:     /* Instruction segment exception         */
1635             cpu_abort(env, "Instruction segment exception "
1636                       "while in user mode. Aborting\n");
1637             break;
1638         /* PowerPC 64 with hypervisor mode support */
1639         case POWERPC_EXCP_HDECR:    /* Hypervisor decrementer exception      */
1640             cpu_abort(env, "Hypervisor decrementer interrupt "
1641                       "while in user mode. Aborting\n");
1642             break;
1643         case POWERPC_EXCP_TRACE:    /* Trace exception                       */
1644             /* Nothing to do:
1645              * we use this exception to emulate step-by-step execution mode.
1646              */
1647             break;
1648         /* PowerPC 64 with hypervisor mode support */
1649         case POWERPC_EXCP_HDSI:     /* Hypervisor data storage exception     */
1650             cpu_abort(env, "Hypervisor data storage exception "
1651                       "while in user mode. Aborting\n");
1652             break;
1653         case POWERPC_EXCP_HISI:     /* Hypervisor instruction storage excp   */
1654             cpu_abort(env, "Hypervisor instruction storage exception "
1655                       "while in user mode. Aborting\n");
1656             break;
1657         case POWERPC_EXCP_HDSEG:    /* Hypervisor data segment exception     */
1658             cpu_abort(env, "Hypervisor data segment exception "
1659                       "while in user mode. Aborting\n");
1660             break;
1661         case POWERPC_EXCP_HISEG:    /* Hypervisor instruction segment excp   */
1662             cpu_abort(env, "Hypervisor instruction segment exception "
1663                       "while in user mode. Aborting\n");
1664             break;
1665         case POWERPC_EXCP_VPU:      /* Vector unavailable exception          */
1666             EXCP_DUMP(env, "No Altivec instructions allowed\n");
1667             info.si_signo = TARGET_SIGILL;
1668             info.si_errno = 0;
1669             info.si_code = TARGET_ILL_COPROC;
1670             info._sifields._sigfault._addr = env->nip - 4;
1671             queue_signal(env, info.si_signo, &info);
1672             break;
1673         case POWERPC_EXCP_PIT:      /* Programmable interval timer IRQ       */
1674             cpu_abort(env, "Programmable interval timer interrupt "
1675                       "while in user mode. Aborting\n");
1676             break;
1677         case POWERPC_EXCP_IO:       /* IO error exception                    */
1678             cpu_abort(env, "IO error exception while in user mode. "
1679                       "Aborting\n");
1680             break;
1681         case POWERPC_EXCP_RUNM:     /* Run mode exception                    */
1682             cpu_abort(env, "Run mode exception while in user mode. "
1683                       "Aborting\n");
1684             break;
1685         case POWERPC_EXCP_EMUL:     /* Emulation trap exception              */
1686             cpu_abort(env, "Emulation trap exception not handled\n");
1687             break;
1688         case POWERPC_EXCP_IFTLB:    /* Instruction fetch TLB error           */
1689             cpu_abort(env, "Instruction fetch TLB exception "
1690                       "while in user-mode. Aborting");
1691             break;
1692         case POWERPC_EXCP_DLTLB:    /* Data load TLB miss                    */
1693             cpu_abort(env, "Data load TLB exception while in user-mode. "
1694                       "Aborting");
1695             break;
1696         case POWERPC_EXCP_DSTLB:    /* Data store TLB miss                   */
1697             cpu_abort(env, "Data store TLB exception while in user-mode. "
1698                       "Aborting");
1699             break;
1700         case POWERPC_EXCP_FPA:      /* Floating-point assist exception       */
1701             cpu_abort(env, "Floating-point assist exception not handled\n");
1702             break;
1703         case POWERPC_EXCP_IABR:     /* Instruction address breakpoint        */
1704             cpu_abort(env, "Instruction address breakpoint exception "
1705                       "not handled\n");
1706             break;
1707         case POWERPC_EXCP_SMI:      /* System management interrupt           */
1708             cpu_abort(env, "System management interrupt while in user mode. "
1709                       "Aborting\n");
1710             break;
1711         case POWERPC_EXCP_THERM:    /* Thermal interrupt                     */
1712             cpu_abort(env, "Thermal interrupt interrupt while in user mode. "
1713                       "Aborting\n");
1714             break;
1715         case POWERPC_EXCP_PERFM:   /* Embedded performance monitor IRQ      */
1716             cpu_abort(env, "Performance monitor exception not handled\n");
1717             break;
1718         case POWERPC_EXCP_VPUA:     /* Vector assist exception               */
1719             cpu_abort(env, "Vector assist exception not handled\n");
1720             break;
1721         case POWERPC_EXCP_SOFTP:    /* Soft patch exception                  */
1722             cpu_abort(env, "Soft patch exception not handled\n");
1723             break;
1724         case POWERPC_EXCP_MAINT:    /* Maintenance exception                 */
1725             cpu_abort(env, "Maintenance exception while in user mode. "
1726                       "Aborting\n");
1727             break;
1728         case POWERPC_EXCP_STOP:     /* stop translation                      */
1729             /* We did invalidate the instruction cache. Go on */
1730             break;
1731         case POWERPC_EXCP_BRANCH:   /* branch instruction:                   */
1732             /* We just stopped because of a branch. Go on */
1733             break;
1734         case POWERPC_EXCP_SYSCALL_USER:
1735             /* system call in user-mode emulation */
1736             /* WARNING:
1737              * PPC ABI uses overflow flag in cr0 to signal an error
1738              * in syscalls.
1739              */
1740             env->crf[0] &= ~0x1;
1741             ret = do_syscall(env, env->gpr[0], env->gpr[3], env->gpr[4],
1742                              env->gpr[5], env->gpr[6], env->gpr[7],
1743                              env->gpr[8], 0, 0);
1744             if (ret == (target_ulong)(-TARGET_QEMU_ESIGRETURN)) {
1745                 /* Returning from a successful sigreturn syscall.
1746                    Avoid corrupting register state.  */
1747                 break;
1748             }
1749             if (ret > (target_ulong)(-515)) {
1750                 env->crf[0] |= 0x1;
1751                 ret = -ret;
1752             }
1753             env->gpr[3] = ret;
1754             break;
1755         case POWERPC_EXCP_STCX:
1756             if (do_store_exclusive(env)) {
1757                 info.si_signo = TARGET_SIGSEGV;
1758                 info.si_errno = 0;
1759                 info.si_code = TARGET_SEGV_MAPERR;
1760                 info._sifields._sigfault._addr = env->nip;
1761                 queue_signal(env, info.si_signo, &info);
1762             }
1763             break;
1764         case EXCP_DEBUG:
1765             {
1766                 int sig;
1767 
1768                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
1769                 if (sig) {
1770                     info.si_signo = sig;
1771                     info.si_errno = 0;
1772                     info.si_code = TARGET_TRAP_BRKPT;
1773                     queue_signal(env, info.si_signo, &info);
1774                   }
1775             }
1776             break;
1777         case EXCP_INTERRUPT:
1778             /* just indicate that signals should be handled asap */
1779             break;
1780         default:
1781             cpu_abort(env, "Unknown exception 0x%d. Aborting\n", trapnr);
1782             break;
1783         }
1784         process_pending_signals(env);
1785     }
1786 }
1787 #endif
1788 
1789 #ifdef TARGET_MIPS
1790 
1791 # ifdef TARGET_ABI_MIPSO32
1792 #  define MIPS_SYS(name, args) args,
1793 static const uint8_t mips_syscall_args[] = {
1794 	MIPS_SYS(sys_syscall	, 8)	/* 4000 */
1795 	MIPS_SYS(sys_exit	, 1)
1796 	MIPS_SYS(sys_fork	, 0)
1797 	MIPS_SYS(sys_read	, 3)
1798 	MIPS_SYS(sys_write	, 3)
1799 	MIPS_SYS(sys_open	, 3)	/* 4005 */
1800 	MIPS_SYS(sys_close	, 1)
1801 	MIPS_SYS(sys_waitpid	, 3)
1802 	MIPS_SYS(sys_creat	, 2)
1803 	MIPS_SYS(sys_link	, 2)
1804 	MIPS_SYS(sys_unlink	, 1)	/* 4010 */
1805 	MIPS_SYS(sys_execve	, 0)
1806 	MIPS_SYS(sys_chdir	, 1)
1807 	MIPS_SYS(sys_time	, 1)
1808 	MIPS_SYS(sys_mknod	, 3)
1809 	MIPS_SYS(sys_chmod	, 2)	/* 4015 */
1810 	MIPS_SYS(sys_lchown	, 3)
1811 	MIPS_SYS(sys_ni_syscall	, 0)
1812 	MIPS_SYS(sys_ni_syscall	, 0)	/* was sys_stat */
1813 	MIPS_SYS(sys_lseek	, 3)
1814 	MIPS_SYS(sys_getpid	, 0)	/* 4020 */
1815 	MIPS_SYS(sys_mount	, 5)
1816 	MIPS_SYS(sys_oldumount	, 1)
1817 	MIPS_SYS(sys_setuid	, 1)
1818 	MIPS_SYS(sys_getuid	, 0)
1819 	MIPS_SYS(sys_stime	, 1)	/* 4025 */
1820 	MIPS_SYS(sys_ptrace	, 4)
1821 	MIPS_SYS(sys_alarm	, 1)
1822 	MIPS_SYS(sys_ni_syscall	, 0)	/* was sys_fstat */
1823 	MIPS_SYS(sys_pause	, 0)
1824 	MIPS_SYS(sys_utime	, 2)	/* 4030 */
1825 	MIPS_SYS(sys_ni_syscall	, 0)
1826 	MIPS_SYS(sys_ni_syscall	, 0)
1827 	MIPS_SYS(sys_access	, 2)
1828 	MIPS_SYS(sys_nice	, 1)
1829 	MIPS_SYS(sys_ni_syscall	, 0)	/* 4035 */
1830 	MIPS_SYS(sys_sync	, 0)
1831 	MIPS_SYS(sys_kill	, 2)
1832 	MIPS_SYS(sys_rename	, 2)
1833 	MIPS_SYS(sys_mkdir	, 2)
1834 	MIPS_SYS(sys_rmdir	, 1)	/* 4040 */
1835 	MIPS_SYS(sys_dup		, 1)
1836 	MIPS_SYS(sys_pipe	, 0)
1837 	MIPS_SYS(sys_times	, 1)
1838 	MIPS_SYS(sys_ni_syscall	, 0)
1839 	MIPS_SYS(sys_brk		, 1)	/* 4045 */
1840 	MIPS_SYS(sys_setgid	, 1)
1841 	MIPS_SYS(sys_getgid	, 0)
1842 	MIPS_SYS(sys_ni_syscall	, 0)	/* was signal(2) */
1843 	MIPS_SYS(sys_geteuid	, 0)
1844 	MIPS_SYS(sys_getegid	, 0)	/* 4050 */
1845 	MIPS_SYS(sys_acct	, 0)
1846 	MIPS_SYS(sys_umount	, 2)
1847 	MIPS_SYS(sys_ni_syscall	, 0)
1848 	MIPS_SYS(sys_ioctl	, 3)
1849 	MIPS_SYS(sys_fcntl	, 3)	/* 4055 */
1850 	MIPS_SYS(sys_ni_syscall	, 2)
1851 	MIPS_SYS(sys_setpgid	, 2)
1852 	MIPS_SYS(sys_ni_syscall	, 0)
1853 	MIPS_SYS(sys_olduname	, 1)
1854 	MIPS_SYS(sys_umask	, 1)	/* 4060 */
1855 	MIPS_SYS(sys_chroot	, 1)
1856 	MIPS_SYS(sys_ustat	, 2)
1857 	MIPS_SYS(sys_dup2	, 2)
1858 	MIPS_SYS(sys_getppid	, 0)
1859 	MIPS_SYS(sys_getpgrp	, 0)	/* 4065 */
1860 	MIPS_SYS(sys_setsid	, 0)
1861 	MIPS_SYS(sys_sigaction	, 3)
1862 	MIPS_SYS(sys_sgetmask	, 0)
1863 	MIPS_SYS(sys_ssetmask	, 1)
1864 	MIPS_SYS(sys_setreuid	, 2)	/* 4070 */
1865 	MIPS_SYS(sys_setregid	, 2)
1866 	MIPS_SYS(sys_sigsuspend	, 0)
1867 	MIPS_SYS(sys_sigpending	, 1)
1868 	MIPS_SYS(sys_sethostname	, 2)
1869 	MIPS_SYS(sys_setrlimit	, 2)	/* 4075 */
1870 	MIPS_SYS(sys_getrlimit	, 2)
1871 	MIPS_SYS(sys_getrusage	, 2)
1872 	MIPS_SYS(sys_gettimeofday, 2)
1873 	MIPS_SYS(sys_settimeofday, 2)
1874 	MIPS_SYS(sys_getgroups	, 2)	/* 4080 */
1875 	MIPS_SYS(sys_setgroups	, 2)
1876 	MIPS_SYS(sys_ni_syscall	, 0)	/* old_select */
1877 	MIPS_SYS(sys_symlink	, 2)
1878 	MIPS_SYS(sys_ni_syscall	, 0)	/* was sys_lstat */
1879 	MIPS_SYS(sys_readlink	, 3)	/* 4085 */
1880 	MIPS_SYS(sys_uselib	, 1)
1881 	MIPS_SYS(sys_swapon	, 2)
1882 	MIPS_SYS(sys_reboot	, 3)
1883 	MIPS_SYS(old_readdir	, 3)
1884 	MIPS_SYS(old_mmap	, 6)	/* 4090 */
1885 	MIPS_SYS(sys_munmap	, 2)
1886 	MIPS_SYS(sys_truncate	, 2)
1887 	MIPS_SYS(sys_ftruncate	, 2)
1888 	MIPS_SYS(sys_fchmod	, 2)
1889 	MIPS_SYS(sys_fchown	, 3)	/* 4095 */
1890 	MIPS_SYS(sys_getpriority	, 2)
1891 	MIPS_SYS(sys_setpriority	, 3)
1892 	MIPS_SYS(sys_ni_syscall	, 0)
1893 	MIPS_SYS(sys_statfs	, 2)
1894 	MIPS_SYS(sys_fstatfs	, 2)	/* 4100 */
1895 	MIPS_SYS(sys_ni_syscall	, 0)	/* was ioperm(2) */
1896 	MIPS_SYS(sys_socketcall	, 2)
1897 	MIPS_SYS(sys_syslog	, 3)
1898 	MIPS_SYS(sys_setitimer	, 3)
1899 	MIPS_SYS(sys_getitimer	, 2)	/* 4105 */
1900 	MIPS_SYS(sys_newstat	, 2)
1901 	MIPS_SYS(sys_newlstat	, 2)
1902 	MIPS_SYS(sys_newfstat	, 2)
1903 	MIPS_SYS(sys_uname	, 1)
1904 	MIPS_SYS(sys_ni_syscall	, 0)	/* 4110 was iopl(2) */
1905 	MIPS_SYS(sys_vhangup	, 0)
1906 	MIPS_SYS(sys_ni_syscall	, 0)	/* was sys_idle() */
1907 	MIPS_SYS(sys_ni_syscall	, 0)	/* was sys_vm86 */
1908 	MIPS_SYS(sys_wait4	, 4)
1909 	MIPS_SYS(sys_swapoff	, 1)	/* 4115 */
1910 	MIPS_SYS(sys_sysinfo	, 1)
1911 	MIPS_SYS(sys_ipc		, 6)
1912 	MIPS_SYS(sys_fsync	, 1)
1913 	MIPS_SYS(sys_sigreturn	, 0)
1914 	MIPS_SYS(sys_clone	, 6)	/* 4120 */
1915 	MIPS_SYS(sys_setdomainname, 2)
1916 	MIPS_SYS(sys_newuname	, 1)
1917 	MIPS_SYS(sys_ni_syscall	, 0)	/* sys_modify_ldt */
1918 	MIPS_SYS(sys_adjtimex	, 1)
1919 	MIPS_SYS(sys_mprotect	, 3)	/* 4125 */
1920 	MIPS_SYS(sys_sigprocmask	, 3)
1921 	MIPS_SYS(sys_ni_syscall	, 0)	/* was create_module */
1922 	MIPS_SYS(sys_init_module	, 5)
1923 	MIPS_SYS(sys_delete_module, 1)
1924 	MIPS_SYS(sys_ni_syscall	, 0)	/* 4130	was get_kernel_syms */
1925 	MIPS_SYS(sys_quotactl	, 0)
1926 	MIPS_SYS(sys_getpgid	, 1)
1927 	MIPS_SYS(sys_fchdir	, 1)
1928 	MIPS_SYS(sys_bdflush	, 2)
1929 	MIPS_SYS(sys_sysfs	, 3)	/* 4135 */
1930 	MIPS_SYS(sys_personality	, 1)
1931 	MIPS_SYS(sys_ni_syscall	, 0)	/* for afs_syscall */
1932 	MIPS_SYS(sys_setfsuid	, 1)
1933 	MIPS_SYS(sys_setfsgid	, 1)
1934 	MIPS_SYS(sys_llseek	, 5)	/* 4140 */
1935 	MIPS_SYS(sys_getdents	, 3)
1936 	MIPS_SYS(sys_select	, 5)
1937 	MIPS_SYS(sys_flock	, 2)
1938 	MIPS_SYS(sys_msync	, 3)
1939 	MIPS_SYS(sys_readv	, 3)	/* 4145 */
1940 	MIPS_SYS(sys_writev	, 3)
1941 	MIPS_SYS(sys_cacheflush	, 3)
1942 	MIPS_SYS(sys_cachectl	, 3)
1943 	MIPS_SYS(sys_sysmips	, 4)
1944 	MIPS_SYS(sys_ni_syscall	, 0)	/* 4150 */
1945 	MIPS_SYS(sys_getsid	, 1)
1946 	MIPS_SYS(sys_fdatasync	, 0)
1947 	MIPS_SYS(sys_sysctl	, 1)
1948 	MIPS_SYS(sys_mlock	, 2)
1949 	MIPS_SYS(sys_munlock	, 2)	/* 4155 */
1950 	MIPS_SYS(sys_mlockall	, 1)
1951 	MIPS_SYS(sys_munlockall	, 0)
1952 	MIPS_SYS(sys_sched_setparam, 2)
1953 	MIPS_SYS(sys_sched_getparam, 2)
1954 	MIPS_SYS(sys_sched_setscheduler, 3)	/* 4160 */
1955 	MIPS_SYS(sys_sched_getscheduler, 1)
1956 	MIPS_SYS(sys_sched_yield	, 0)
1957 	MIPS_SYS(sys_sched_get_priority_max, 1)
1958 	MIPS_SYS(sys_sched_get_priority_min, 1)
1959 	MIPS_SYS(sys_sched_rr_get_interval, 2)	/* 4165 */
1960 	MIPS_SYS(sys_nanosleep,	2)
1961 	MIPS_SYS(sys_mremap	, 4)
1962 	MIPS_SYS(sys_accept	, 3)
1963 	MIPS_SYS(sys_bind	, 3)
1964 	MIPS_SYS(sys_connect	, 3)	/* 4170 */
1965 	MIPS_SYS(sys_getpeername	, 3)
1966 	MIPS_SYS(sys_getsockname	, 3)
1967 	MIPS_SYS(sys_getsockopt	, 5)
1968 	MIPS_SYS(sys_listen	, 2)
1969 	MIPS_SYS(sys_recv	, 4)	/* 4175 */
1970 	MIPS_SYS(sys_recvfrom	, 6)
1971 	MIPS_SYS(sys_recvmsg	, 3)
1972 	MIPS_SYS(sys_send	, 4)
1973 	MIPS_SYS(sys_sendmsg	, 3)
1974 	MIPS_SYS(sys_sendto	, 6)	/* 4180 */
1975 	MIPS_SYS(sys_setsockopt	, 5)
1976 	MIPS_SYS(sys_shutdown	, 2)
1977 	MIPS_SYS(sys_socket	, 3)
1978 	MIPS_SYS(sys_socketpair	, 4)
1979 	MIPS_SYS(sys_setresuid	, 3)	/* 4185 */
1980 	MIPS_SYS(sys_getresuid	, 3)
1981 	MIPS_SYS(sys_ni_syscall	, 0)	/* was sys_query_module */
1982 	MIPS_SYS(sys_poll	, 3)
1983 	MIPS_SYS(sys_nfsservctl	, 3)
1984 	MIPS_SYS(sys_setresgid	, 3)	/* 4190 */
1985 	MIPS_SYS(sys_getresgid	, 3)
1986 	MIPS_SYS(sys_prctl	, 5)
1987 	MIPS_SYS(sys_rt_sigreturn, 0)
1988 	MIPS_SYS(sys_rt_sigaction, 4)
1989 	MIPS_SYS(sys_rt_sigprocmask, 4)	/* 4195 */
1990 	MIPS_SYS(sys_rt_sigpending, 2)
1991 	MIPS_SYS(sys_rt_sigtimedwait, 4)
1992 	MIPS_SYS(sys_rt_sigqueueinfo, 3)
1993 	MIPS_SYS(sys_rt_sigsuspend, 0)
1994 	MIPS_SYS(sys_pread64	, 6)	/* 4200 */
1995 	MIPS_SYS(sys_pwrite64	, 6)
1996 	MIPS_SYS(sys_chown	, 3)
1997 	MIPS_SYS(sys_getcwd	, 2)
1998 	MIPS_SYS(sys_capget	, 2)
1999 	MIPS_SYS(sys_capset	, 2)	/* 4205 */
2000 	MIPS_SYS(sys_sigaltstack	, 2)
2001 	MIPS_SYS(sys_sendfile	, 4)
2002 	MIPS_SYS(sys_ni_syscall	, 0)
2003 	MIPS_SYS(sys_ni_syscall	, 0)
2004 	MIPS_SYS(sys_mmap2	, 6)	/* 4210 */
2005 	MIPS_SYS(sys_truncate64	, 4)
2006 	MIPS_SYS(sys_ftruncate64	, 4)
2007 	MIPS_SYS(sys_stat64	, 2)
2008 	MIPS_SYS(sys_lstat64	, 2)
2009 	MIPS_SYS(sys_fstat64	, 2)	/* 4215 */
2010 	MIPS_SYS(sys_pivot_root	, 2)
2011 	MIPS_SYS(sys_mincore	, 3)
2012 	MIPS_SYS(sys_madvise	, 3)
2013 	MIPS_SYS(sys_getdents64	, 3)
2014 	MIPS_SYS(sys_fcntl64	, 3)	/* 4220 */
2015 	MIPS_SYS(sys_ni_syscall	, 0)
2016 	MIPS_SYS(sys_gettid	, 0)
2017 	MIPS_SYS(sys_readahead	, 5)
2018 	MIPS_SYS(sys_setxattr	, 5)
2019 	MIPS_SYS(sys_lsetxattr	, 5)	/* 4225 */
2020 	MIPS_SYS(sys_fsetxattr	, 5)
2021 	MIPS_SYS(sys_getxattr	, 4)
2022 	MIPS_SYS(sys_lgetxattr	, 4)
2023 	MIPS_SYS(sys_fgetxattr	, 4)
2024 	MIPS_SYS(sys_listxattr	, 3)	/* 4230 */
2025 	MIPS_SYS(sys_llistxattr	, 3)
2026 	MIPS_SYS(sys_flistxattr	, 3)
2027 	MIPS_SYS(sys_removexattr	, 2)
2028 	MIPS_SYS(sys_lremovexattr, 2)
2029 	MIPS_SYS(sys_fremovexattr, 2)	/* 4235 */
2030 	MIPS_SYS(sys_tkill	, 2)
2031 	MIPS_SYS(sys_sendfile64	, 5)
2032 	MIPS_SYS(sys_futex	, 6)
2033 	MIPS_SYS(sys_sched_setaffinity, 3)
2034 	MIPS_SYS(sys_sched_getaffinity, 3)	/* 4240 */
2035 	MIPS_SYS(sys_io_setup	, 2)
2036 	MIPS_SYS(sys_io_destroy	, 1)
2037 	MIPS_SYS(sys_io_getevents, 5)
2038 	MIPS_SYS(sys_io_submit	, 3)
2039 	MIPS_SYS(sys_io_cancel	, 3)	/* 4245 */
2040 	MIPS_SYS(sys_exit_group	, 1)
2041 	MIPS_SYS(sys_lookup_dcookie, 3)
2042 	MIPS_SYS(sys_epoll_create, 1)
2043 	MIPS_SYS(sys_epoll_ctl	, 4)
2044 	MIPS_SYS(sys_epoll_wait	, 3)	/* 4250 */
2045 	MIPS_SYS(sys_remap_file_pages, 5)
2046 	MIPS_SYS(sys_set_tid_address, 1)
2047 	MIPS_SYS(sys_restart_syscall, 0)
2048 	MIPS_SYS(sys_fadvise64_64, 7)
2049 	MIPS_SYS(sys_statfs64	, 3)	/* 4255 */
2050 	MIPS_SYS(sys_fstatfs64	, 2)
2051 	MIPS_SYS(sys_timer_create, 3)
2052 	MIPS_SYS(sys_timer_settime, 4)
2053 	MIPS_SYS(sys_timer_gettime, 2)
2054 	MIPS_SYS(sys_timer_getoverrun, 1)	/* 4260 */
2055 	MIPS_SYS(sys_timer_delete, 1)
2056 	MIPS_SYS(sys_clock_settime, 2)
2057 	MIPS_SYS(sys_clock_gettime, 2)
2058 	MIPS_SYS(sys_clock_getres, 2)
2059 	MIPS_SYS(sys_clock_nanosleep, 4)	/* 4265 */
2060 	MIPS_SYS(sys_tgkill	, 3)
2061 	MIPS_SYS(sys_utimes	, 2)
2062 	MIPS_SYS(sys_mbind	, 4)
2063 	MIPS_SYS(sys_ni_syscall	, 0)	/* sys_get_mempolicy */
2064 	MIPS_SYS(sys_ni_syscall	, 0)	/* 4270 sys_set_mempolicy */
2065 	MIPS_SYS(sys_mq_open	, 4)
2066 	MIPS_SYS(sys_mq_unlink	, 1)
2067 	MIPS_SYS(sys_mq_timedsend, 5)
2068 	MIPS_SYS(sys_mq_timedreceive, 5)
2069 	MIPS_SYS(sys_mq_notify	, 2)	/* 4275 */
2070 	MIPS_SYS(sys_mq_getsetattr, 3)
2071 	MIPS_SYS(sys_ni_syscall	, 0)	/* sys_vserver */
2072 	MIPS_SYS(sys_waitid	, 4)
2073 	MIPS_SYS(sys_ni_syscall	, 0)	/* available, was setaltroot */
2074 	MIPS_SYS(sys_add_key	, 5)
2075 	MIPS_SYS(sys_request_key, 4)
2076 	MIPS_SYS(sys_keyctl	, 5)
2077 	MIPS_SYS(sys_set_thread_area, 1)
2078 	MIPS_SYS(sys_inotify_init, 0)
2079 	MIPS_SYS(sys_inotify_add_watch, 3) /* 4285 */
2080 	MIPS_SYS(sys_inotify_rm_watch, 2)
2081 	MIPS_SYS(sys_migrate_pages, 4)
2082 	MIPS_SYS(sys_openat, 4)
2083 	MIPS_SYS(sys_mkdirat, 3)
2084 	MIPS_SYS(sys_mknodat, 4)	/* 4290 */
2085 	MIPS_SYS(sys_fchownat, 5)
2086 	MIPS_SYS(sys_futimesat, 3)
2087 	MIPS_SYS(sys_fstatat64, 4)
2088 	MIPS_SYS(sys_unlinkat, 3)
2089 	MIPS_SYS(sys_renameat, 4)	/* 4295 */
2090 	MIPS_SYS(sys_linkat, 5)
2091 	MIPS_SYS(sys_symlinkat, 3)
2092 	MIPS_SYS(sys_readlinkat, 4)
2093 	MIPS_SYS(sys_fchmodat, 3)
2094 	MIPS_SYS(sys_faccessat, 3)	/* 4300 */
2095 	MIPS_SYS(sys_pselect6, 6)
2096 	MIPS_SYS(sys_ppoll, 5)
2097 	MIPS_SYS(sys_unshare, 1)
2098 	MIPS_SYS(sys_splice, 4)
2099 	MIPS_SYS(sys_sync_file_range, 7) /* 4305 */
2100 	MIPS_SYS(sys_tee, 4)
2101 	MIPS_SYS(sys_vmsplice, 4)
2102 	MIPS_SYS(sys_move_pages, 6)
2103 	MIPS_SYS(sys_set_robust_list, 2)
2104 	MIPS_SYS(sys_get_robust_list, 3) /* 4310 */
2105 	MIPS_SYS(sys_kexec_load, 4)
2106 	MIPS_SYS(sys_getcpu, 3)
2107 	MIPS_SYS(sys_epoll_pwait, 6)
2108 	MIPS_SYS(sys_ioprio_set, 3)
2109 	MIPS_SYS(sys_ioprio_get, 2)
2110         MIPS_SYS(sys_utimensat, 4)
2111         MIPS_SYS(sys_signalfd, 3)
2112         MIPS_SYS(sys_ni_syscall, 0)     /* was timerfd */
2113         MIPS_SYS(sys_eventfd, 1)
2114         MIPS_SYS(sys_fallocate, 6)      /* 4320 */
2115         MIPS_SYS(sys_timerfd_create, 2)
2116         MIPS_SYS(sys_timerfd_gettime, 2)
2117         MIPS_SYS(sys_timerfd_settime, 4)
2118         MIPS_SYS(sys_signalfd4, 4)
2119         MIPS_SYS(sys_eventfd2, 2)       /* 4325 */
2120         MIPS_SYS(sys_epoll_create1, 1)
2121         MIPS_SYS(sys_dup3, 3)
2122         MIPS_SYS(sys_pipe2, 2)
2123         MIPS_SYS(sys_inotify_init1, 1)
2124         MIPS_SYS(sys_preadv, 6)         /* 4330 */
2125         MIPS_SYS(sys_pwritev, 6)
2126         MIPS_SYS(sys_rt_tgsigqueueinfo, 4)
2127         MIPS_SYS(sys_perf_event_open, 5)
2128         MIPS_SYS(sys_accept4, 4)
2129         MIPS_SYS(sys_recvmmsg, 5)       /* 4335 */
2130         MIPS_SYS(sys_fanotify_init, 2)
2131         MIPS_SYS(sys_fanotify_mark, 6)
2132         MIPS_SYS(sys_prlimit64, 4)
2133         MIPS_SYS(sys_name_to_handle_at, 5)
2134         MIPS_SYS(sys_open_by_handle_at, 3) /* 4340 */
2135         MIPS_SYS(sys_clock_adjtime, 2)
2136         MIPS_SYS(sys_syncfs, 1)
2137 };
2138 #  undef MIPS_SYS
2139 # endif /* O32 */
2140 
2141 static int do_store_exclusive(CPUMIPSState *env)
2142 {
2143     target_ulong addr;
2144     target_ulong page_addr;
2145     target_ulong val;
2146     int flags;
2147     int segv = 0;
2148     int reg;
2149     int d;
2150 
2151     addr = env->lladdr;
2152     page_addr = addr & TARGET_PAGE_MASK;
2153     start_exclusive();
2154     mmap_lock();
2155     flags = page_get_flags(page_addr);
2156     if ((flags & PAGE_READ) == 0) {
2157         segv = 1;
2158     } else {
2159         reg = env->llreg & 0x1f;
2160         d = (env->llreg & 0x20) != 0;
2161         if (d) {
2162             segv = get_user_s64(val, addr);
2163         } else {
2164             segv = get_user_s32(val, addr);
2165         }
2166         if (!segv) {
2167             if (val != env->llval) {
2168                 env->active_tc.gpr[reg] = 0;
2169             } else {
2170                 if (d) {
2171                     segv = put_user_u64(env->llnewval, addr);
2172                 } else {
2173                     segv = put_user_u32(env->llnewval, addr);
2174                 }
2175                 if (!segv) {
2176                     env->active_tc.gpr[reg] = 1;
2177                 }
2178             }
2179         }
2180     }
2181     env->lladdr = -1;
2182     if (!segv) {
2183         env->active_tc.PC += 4;
2184     }
2185     mmap_unlock();
2186     end_exclusive();
2187     return segv;
2188 }
2189 
2190 /* Break codes */
2191 enum {
2192     BRK_OVERFLOW = 6,
2193     BRK_DIVZERO = 7
2194 };
2195 
2196 static int do_break(CPUMIPSState *env, target_siginfo_t *info,
2197                     unsigned int code)
2198 {
2199     int ret = -1;
2200 
2201     switch (code) {
2202     case BRK_OVERFLOW:
2203     case BRK_DIVZERO:
2204         info->si_signo = TARGET_SIGFPE;
2205         info->si_errno = 0;
2206         info->si_code = (code == BRK_OVERFLOW) ? FPE_INTOVF : FPE_INTDIV;
2207         queue_signal(env, info->si_signo, &*info);
2208         ret = 0;
2209         break;
2210     default:
2211         break;
2212     }
2213 
2214     return ret;
2215 }
2216 
2217 void cpu_loop(CPUMIPSState *env)
2218 {
2219     CPUState *cs = CPU(mips_env_get_cpu(env));
2220     target_siginfo_t info;
2221     int trapnr;
2222     abi_long ret;
2223 # ifdef TARGET_ABI_MIPSO32
2224     unsigned int syscall_num;
2225 # endif
2226 
2227     for(;;) {
2228         cpu_exec_start(cs);
2229         trapnr = cpu_mips_exec(env);
2230         cpu_exec_end(cs);
2231         switch(trapnr) {
2232         case EXCP_SYSCALL:
2233             env->active_tc.PC += 4;
2234 # ifdef TARGET_ABI_MIPSO32
2235             syscall_num = env->active_tc.gpr[2] - 4000;
2236             if (syscall_num >= sizeof(mips_syscall_args)) {
2237                 ret = -TARGET_ENOSYS;
2238             } else {
2239                 int nb_args;
2240                 abi_ulong sp_reg;
2241                 abi_ulong arg5 = 0, arg6 = 0, arg7 = 0, arg8 = 0;
2242 
2243                 nb_args = mips_syscall_args[syscall_num];
2244                 sp_reg = env->active_tc.gpr[29];
2245                 switch (nb_args) {
2246                 /* these arguments are taken from the stack */
2247                 case 8:
2248                     if ((ret = get_user_ual(arg8, sp_reg + 28)) != 0) {
2249                         goto done_syscall;
2250                     }
2251                 case 7:
2252                     if ((ret = get_user_ual(arg7, sp_reg + 24)) != 0) {
2253                         goto done_syscall;
2254                     }
2255                 case 6:
2256                     if ((ret = get_user_ual(arg6, sp_reg + 20)) != 0) {
2257                         goto done_syscall;
2258                     }
2259                 case 5:
2260                     if ((ret = get_user_ual(arg5, sp_reg + 16)) != 0) {
2261                         goto done_syscall;
2262                     }
2263                 default:
2264                     break;
2265                 }
2266                 ret = do_syscall(env, env->active_tc.gpr[2],
2267                                  env->active_tc.gpr[4],
2268                                  env->active_tc.gpr[5],
2269                                  env->active_tc.gpr[6],
2270                                  env->active_tc.gpr[7],
2271                                  arg5, arg6, arg7, arg8);
2272             }
2273 done_syscall:
2274 # else
2275             ret = do_syscall(env, env->active_tc.gpr[2],
2276                              env->active_tc.gpr[4], env->active_tc.gpr[5],
2277                              env->active_tc.gpr[6], env->active_tc.gpr[7],
2278                              env->active_tc.gpr[8], env->active_tc.gpr[9],
2279                              env->active_tc.gpr[10], env->active_tc.gpr[11]);
2280 # endif /* O32 */
2281             if (ret == -TARGET_QEMU_ESIGRETURN) {
2282                 /* Returning from a successful sigreturn syscall.
2283                    Avoid clobbering register state.  */
2284                 break;
2285             }
2286             if ((abi_ulong)ret >= (abi_ulong)-1133) {
2287                 env->active_tc.gpr[7] = 1; /* error flag */
2288                 ret = -ret;
2289             } else {
2290                 env->active_tc.gpr[7] = 0; /* error flag */
2291             }
2292             env->active_tc.gpr[2] = ret;
2293             break;
2294         case EXCP_TLBL:
2295         case EXCP_TLBS:
2296         case EXCP_AdEL:
2297         case EXCP_AdES:
2298             info.si_signo = TARGET_SIGSEGV;
2299             info.si_errno = 0;
2300             /* XXX: check env->error_code */
2301             info.si_code = TARGET_SEGV_MAPERR;
2302             info._sifields._sigfault._addr = env->CP0_BadVAddr;
2303             queue_signal(env, info.si_signo, &info);
2304             break;
2305         case EXCP_CpU:
2306         case EXCP_RI:
2307             info.si_signo = TARGET_SIGILL;
2308             info.si_errno = 0;
2309             info.si_code = 0;
2310             queue_signal(env, info.si_signo, &info);
2311             break;
2312         case EXCP_INTERRUPT:
2313             /* just indicate that signals should be handled asap */
2314             break;
2315         case EXCP_DEBUG:
2316             {
2317                 int sig;
2318 
2319                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
2320                 if (sig)
2321                   {
2322                     info.si_signo = sig;
2323                     info.si_errno = 0;
2324                     info.si_code = TARGET_TRAP_BRKPT;
2325                     queue_signal(env, info.si_signo, &info);
2326                   }
2327             }
2328             break;
2329         case EXCP_SC:
2330             if (do_store_exclusive(env)) {
2331                 info.si_signo = TARGET_SIGSEGV;
2332                 info.si_errno = 0;
2333                 info.si_code = TARGET_SEGV_MAPERR;
2334                 info._sifields._sigfault._addr = env->active_tc.PC;
2335                 queue_signal(env, info.si_signo, &info);
2336             }
2337             break;
2338         case EXCP_DSPDIS:
2339             info.si_signo = TARGET_SIGILL;
2340             info.si_errno = 0;
2341             info.si_code = TARGET_ILL_ILLOPC;
2342             queue_signal(env, info.si_signo, &info);
2343             break;
2344         /* The code below was inspired by the MIPS Linux kernel trap
2345          * handling code in arch/mips/kernel/traps.c.
2346          */
2347         case EXCP_BREAK:
2348             {
2349                 abi_ulong trap_instr;
2350                 unsigned int code;
2351 
2352                 ret = get_user_ual(trap_instr, env->active_tc.PC);
2353                 if (ret != 0) {
2354                     goto error;
2355                 }
2356 
2357                 /* As described in the original Linux kernel code, the
2358                  * below checks on 'code' are to work around an old
2359                  * assembly bug.
2360                  */
2361                 code = ((trap_instr >> 6) & ((1 << 20) - 1));
2362                 if (code >= (1 << 10)) {
2363                     code >>= 10;
2364                 }
2365 
2366                 if (do_break(env, &info, code) != 0) {
2367                     goto error;
2368                 }
2369             }
2370             break;
2371         case EXCP_TRAP:
2372             {
2373                 abi_ulong trap_instr;
2374                 unsigned int code = 0;
2375 
2376                 ret = get_user_ual(trap_instr, env->active_tc.PC);
2377                 if (ret != 0) {
2378                     goto error;
2379                 }
2380 
2381                 /* The immediate versions don't provide a code.  */
2382                 if (!(trap_instr & 0xFC000000)) {
2383                     code = ((trap_instr >> 6) & ((1 << 10) - 1));
2384                 }
2385 
2386                 if (do_break(env, &info, code) != 0) {
2387                     goto error;
2388                 }
2389             }
2390             break;
2391         default:
2392 error:
2393             fprintf(stderr, "qemu: unhandled CPU exception 0x%x - aborting\n",
2394                     trapnr);
2395             cpu_dump_state(cs, stderr, fprintf, 0);
2396             abort();
2397         }
2398         process_pending_signals(env);
2399     }
2400 }
2401 #endif
2402 
2403 #ifdef TARGET_OPENRISC
2404 
2405 void cpu_loop(CPUOpenRISCState *env)
2406 {
2407     CPUState *cs = CPU(openrisc_env_get_cpu(env));
2408     int trapnr, gdbsig;
2409 
2410     for (;;) {
2411         trapnr = cpu_exec(env);
2412         gdbsig = 0;
2413 
2414         switch (trapnr) {
2415         case EXCP_RESET:
2416             qemu_log("\nReset request, exit, pc is %#x\n", env->pc);
2417             exit(1);
2418             break;
2419         case EXCP_BUSERR:
2420             qemu_log("\nBus error, exit, pc is %#x\n", env->pc);
2421             gdbsig = SIGBUS;
2422             break;
2423         case EXCP_DPF:
2424         case EXCP_IPF:
2425             cpu_dump_state(cs, stderr, fprintf, 0);
2426             gdbsig = TARGET_SIGSEGV;
2427             break;
2428         case EXCP_TICK:
2429             qemu_log("\nTick time interrupt pc is %#x\n", env->pc);
2430             break;
2431         case EXCP_ALIGN:
2432             qemu_log("\nAlignment pc is %#x\n", env->pc);
2433             gdbsig = SIGBUS;
2434             break;
2435         case EXCP_ILLEGAL:
2436             qemu_log("\nIllegal instructionpc is %#x\n", env->pc);
2437             gdbsig = SIGILL;
2438             break;
2439         case EXCP_INT:
2440             qemu_log("\nExternal interruptpc is %#x\n", env->pc);
2441             break;
2442         case EXCP_DTLBMISS:
2443         case EXCP_ITLBMISS:
2444             qemu_log("\nTLB miss\n");
2445             break;
2446         case EXCP_RANGE:
2447             qemu_log("\nRange\n");
2448             gdbsig = SIGSEGV;
2449             break;
2450         case EXCP_SYSCALL:
2451             env->pc += 4;   /* 0xc00; */
2452             env->gpr[11] = do_syscall(env,
2453                                       env->gpr[11], /* return value       */
2454                                       env->gpr[3],  /* r3 - r7 are params */
2455                                       env->gpr[4],
2456                                       env->gpr[5],
2457                                       env->gpr[6],
2458                                       env->gpr[7],
2459                                       env->gpr[8], 0, 0);
2460             break;
2461         case EXCP_FPE:
2462             qemu_log("\nFloating point error\n");
2463             break;
2464         case EXCP_TRAP:
2465             qemu_log("\nTrap\n");
2466             gdbsig = SIGTRAP;
2467             break;
2468         case EXCP_NR:
2469             qemu_log("\nNR\n");
2470             break;
2471         default:
2472             qemu_log("\nqemu: unhandled CPU exception %#x - aborting\n",
2473                      trapnr);
2474             cpu_dump_state(cs, stderr, fprintf, 0);
2475             gdbsig = TARGET_SIGILL;
2476             break;
2477         }
2478         if (gdbsig) {
2479             gdb_handlesig(cs, gdbsig);
2480             if (gdbsig != TARGET_SIGTRAP) {
2481                 exit(1);
2482             }
2483         }
2484 
2485         process_pending_signals(env);
2486     }
2487 }
2488 
2489 #endif /* TARGET_OPENRISC */
2490 
2491 #ifdef TARGET_SH4
2492 void cpu_loop(CPUSH4State *env)
2493 {
2494     CPUState *cs = CPU(sh_env_get_cpu(env));
2495     int trapnr, ret;
2496     target_siginfo_t info;
2497 
2498     while (1) {
2499         trapnr = cpu_sh4_exec (env);
2500 
2501         switch (trapnr) {
2502         case 0x160:
2503             env->pc += 2;
2504             ret = do_syscall(env,
2505                              env->gregs[3],
2506                              env->gregs[4],
2507                              env->gregs[5],
2508                              env->gregs[6],
2509                              env->gregs[7],
2510                              env->gregs[0],
2511                              env->gregs[1],
2512                              0, 0);
2513             env->gregs[0] = ret;
2514             break;
2515         case EXCP_INTERRUPT:
2516             /* just indicate that signals should be handled asap */
2517             break;
2518         case EXCP_DEBUG:
2519             {
2520                 int sig;
2521 
2522                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
2523                 if (sig)
2524                   {
2525                     info.si_signo = sig;
2526                     info.si_errno = 0;
2527                     info.si_code = TARGET_TRAP_BRKPT;
2528                     queue_signal(env, info.si_signo, &info);
2529                   }
2530             }
2531             break;
2532 	case 0xa0:
2533 	case 0xc0:
2534             info.si_signo = SIGSEGV;
2535             info.si_errno = 0;
2536             info.si_code = TARGET_SEGV_MAPERR;
2537             info._sifields._sigfault._addr = env->tea;
2538             queue_signal(env, info.si_signo, &info);
2539 	    break;
2540 
2541         default:
2542             printf ("Unhandled trap: 0x%x\n", trapnr);
2543             cpu_dump_state(cs, stderr, fprintf, 0);
2544             exit (1);
2545         }
2546         process_pending_signals (env);
2547     }
2548 }
2549 #endif
2550 
2551 #ifdef TARGET_CRIS
2552 void cpu_loop(CPUCRISState *env)
2553 {
2554     CPUState *cs = CPU(cris_env_get_cpu(env));
2555     int trapnr, ret;
2556     target_siginfo_t info;
2557 
2558     while (1) {
2559         trapnr = cpu_cris_exec (env);
2560         switch (trapnr) {
2561         case 0xaa:
2562             {
2563                 info.si_signo = SIGSEGV;
2564                 info.si_errno = 0;
2565                 /* XXX: check env->error_code */
2566                 info.si_code = TARGET_SEGV_MAPERR;
2567                 info._sifields._sigfault._addr = env->pregs[PR_EDA];
2568                 queue_signal(env, info.si_signo, &info);
2569             }
2570             break;
2571 	case EXCP_INTERRUPT:
2572 	  /* just indicate that signals should be handled asap */
2573 	  break;
2574         case EXCP_BREAK:
2575             ret = do_syscall(env,
2576                              env->regs[9],
2577                              env->regs[10],
2578                              env->regs[11],
2579                              env->regs[12],
2580                              env->regs[13],
2581                              env->pregs[7],
2582                              env->pregs[11],
2583                              0, 0);
2584             env->regs[10] = ret;
2585             break;
2586         case EXCP_DEBUG:
2587             {
2588                 int sig;
2589 
2590                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
2591                 if (sig)
2592                   {
2593                     info.si_signo = sig;
2594                     info.si_errno = 0;
2595                     info.si_code = TARGET_TRAP_BRKPT;
2596                     queue_signal(env, info.si_signo, &info);
2597                   }
2598             }
2599             break;
2600         default:
2601             printf ("Unhandled trap: 0x%x\n", trapnr);
2602             cpu_dump_state(cs, stderr, fprintf, 0);
2603             exit (1);
2604         }
2605         process_pending_signals (env);
2606     }
2607 }
2608 #endif
2609 
2610 #ifdef TARGET_MICROBLAZE
2611 void cpu_loop(CPUMBState *env)
2612 {
2613     CPUState *cs = CPU(mb_env_get_cpu(env));
2614     int trapnr, ret;
2615     target_siginfo_t info;
2616 
2617     while (1) {
2618         trapnr = cpu_mb_exec (env);
2619         switch (trapnr) {
2620         case 0xaa:
2621             {
2622                 info.si_signo = SIGSEGV;
2623                 info.si_errno = 0;
2624                 /* XXX: check env->error_code */
2625                 info.si_code = TARGET_SEGV_MAPERR;
2626                 info._sifields._sigfault._addr = 0;
2627                 queue_signal(env, info.si_signo, &info);
2628             }
2629             break;
2630 	case EXCP_INTERRUPT:
2631 	  /* just indicate that signals should be handled asap */
2632 	  break;
2633         case EXCP_BREAK:
2634             /* Return address is 4 bytes after the call.  */
2635             env->regs[14] += 4;
2636             env->sregs[SR_PC] = env->regs[14];
2637             ret = do_syscall(env,
2638                              env->regs[12],
2639                              env->regs[5],
2640                              env->regs[6],
2641                              env->regs[7],
2642                              env->regs[8],
2643                              env->regs[9],
2644                              env->regs[10],
2645                              0, 0);
2646             env->regs[3] = ret;
2647             break;
2648         case EXCP_HW_EXCP:
2649             env->regs[17] = env->sregs[SR_PC] + 4;
2650             if (env->iflags & D_FLAG) {
2651                 env->sregs[SR_ESR] |= 1 << 12;
2652                 env->sregs[SR_PC] -= 4;
2653                 /* FIXME: if branch was immed, replay the imm as well.  */
2654             }
2655 
2656             env->iflags &= ~(IMM_FLAG | D_FLAG);
2657 
2658             switch (env->sregs[SR_ESR] & 31) {
2659                 case ESR_EC_DIVZERO:
2660                     info.si_signo = SIGFPE;
2661                     info.si_errno = 0;
2662                     info.si_code = TARGET_FPE_FLTDIV;
2663                     info._sifields._sigfault._addr = 0;
2664                     queue_signal(env, info.si_signo, &info);
2665                     break;
2666                 case ESR_EC_FPU:
2667                     info.si_signo = SIGFPE;
2668                     info.si_errno = 0;
2669                     if (env->sregs[SR_FSR] & FSR_IO) {
2670                         info.si_code = TARGET_FPE_FLTINV;
2671                     }
2672                     if (env->sregs[SR_FSR] & FSR_DZ) {
2673                         info.si_code = TARGET_FPE_FLTDIV;
2674                     }
2675                     info._sifields._sigfault._addr = 0;
2676                     queue_signal(env, info.si_signo, &info);
2677                     break;
2678                 default:
2679                     printf ("Unhandled hw-exception: 0x%x\n",
2680                             env->sregs[SR_ESR] & ESR_EC_MASK);
2681                     cpu_dump_state(cs, stderr, fprintf, 0);
2682                     exit (1);
2683                     break;
2684             }
2685             break;
2686         case EXCP_DEBUG:
2687             {
2688                 int sig;
2689 
2690                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
2691                 if (sig)
2692                   {
2693                     info.si_signo = sig;
2694                     info.si_errno = 0;
2695                     info.si_code = TARGET_TRAP_BRKPT;
2696                     queue_signal(env, info.si_signo, &info);
2697                   }
2698             }
2699             break;
2700         default:
2701             printf ("Unhandled trap: 0x%x\n", trapnr);
2702             cpu_dump_state(cs, stderr, fprintf, 0);
2703             exit (1);
2704         }
2705         process_pending_signals (env);
2706     }
2707 }
2708 #endif
2709 
2710 #ifdef TARGET_M68K
2711 
2712 void cpu_loop(CPUM68KState *env)
2713 {
2714     CPUState *cs = CPU(m68k_env_get_cpu(env));
2715     int trapnr;
2716     unsigned int n;
2717     target_siginfo_t info;
2718     TaskState *ts = env->opaque;
2719 
2720     for(;;) {
2721         trapnr = cpu_m68k_exec(env);
2722         switch(trapnr) {
2723         case EXCP_ILLEGAL:
2724             {
2725                 if (ts->sim_syscalls) {
2726                     uint16_t nr;
2727                     nr = lduw(env->pc + 2);
2728                     env->pc += 4;
2729                     do_m68k_simcall(env, nr);
2730                 } else {
2731                     goto do_sigill;
2732                 }
2733             }
2734             break;
2735         case EXCP_HALT_INSN:
2736             /* Semihosing syscall.  */
2737             env->pc += 4;
2738             do_m68k_semihosting(env, env->dregs[0]);
2739             break;
2740         case EXCP_LINEA:
2741         case EXCP_LINEF:
2742         case EXCP_UNSUPPORTED:
2743         do_sigill:
2744             info.si_signo = SIGILL;
2745             info.si_errno = 0;
2746             info.si_code = TARGET_ILL_ILLOPN;
2747             info._sifields._sigfault._addr = env->pc;
2748             queue_signal(env, info.si_signo, &info);
2749             break;
2750         case EXCP_TRAP0:
2751             {
2752                 ts->sim_syscalls = 0;
2753                 n = env->dregs[0];
2754                 env->pc += 2;
2755                 env->dregs[0] = do_syscall(env,
2756                                           n,
2757                                           env->dregs[1],
2758                                           env->dregs[2],
2759                                           env->dregs[3],
2760                                           env->dregs[4],
2761                                           env->dregs[5],
2762                                           env->aregs[0],
2763                                           0, 0);
2764             }
2765             break;
2766         case EXCP_INTERRUPT:
2767             /* just indicate that signals should be handled asap */
2768             break;
2769         case EXCP_ACCESS:
2770             {
2771                 info.si_signo = SIGSEGV;
2772                 info.si_errno = 0;
2773                 /* XXX: check env->error_code */
2774                 info.si_code = TARGET_SEGV_MAPERR;
2775                 info._sifields._sigfault._addr = env->mmu.ar;
2776                 queue_signal(env, info.si_signo, &info);
2777             }
2778             break;
2779         case EXCP_DEBUG:
2780             {
2781                 int sig;
2782 
2783                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
2784                 if (sig)
2785                   {
2786                     info.si_signo = sig;
2787                     info.si_errno = 0;
2788                     info.si_code = TARGET_TRAP_BRKPT;
2789                     queue_signal(env, info.si_signo, &info);
2790                   }
2791             }
2792             break;
2793         default:
2794             fprintf(stderr, "qemu: unhandled CPU exception 0x%x - aborting\n",
2795                     trapnr);
2796             cpu_dump_state(cs, stderr, fprintf, 0);
2797             abort();
2798         }
2799         process_pending_signals(env);
2800     }
2801 }
2802 #endif /* TARGET_M68K */
2803 
2804 #ifdef TARGET_ALPHA
2805 static void do_store_exclusive(CPUAlphaState *env, int reg, int quad)
2806 {
2807     target_ulong addr, val, tmp;
2808     target_siginfo_t info;
2809     int ret = 0;
2810 
2811     addr = env->lock_addr;
2812     tmp = env->lock_st_addr;
2813     env->lock_addr = -1;
2814     env->lock_st_addr = 0;
2815 
2816     start_exclusive();
2817     mmap_lock();
2818 
2819     if (addr == tmp) {
2820         if (quad ? get_user_s64(val, addr) : get_user_s32(val, addr)) {
2821             goto do_sigsegv;
2822         }
2823 
2824         if (val == env->lock_value) {
2825             tmp = env->ir[reg];
2826             if (quad ? put_user_u64(tmp, addr) : put_user_u32(tmp, addr)) {
2827                 goto do_sigsegv;
2828             }
2829             ret = 1;
2830         }
2831     }
2832     env->ir[reg] = ret;
2833     env->pc += 4;
2834 
2835     mmap_unlock();
2836     end_exclusive();
2837     return;
2838 
2839  do_sigsegv:
2840     mmap_unlock();
2841     end_exclusive();
2842 
2843     info.si_signo = TARGET_SIGSEGV;
2844     info.si_errno = 0;
2845     info.si_code = TARGET_SEGV_MAPERR;
2846     info._sifields._sigfault._addr = addr;
2847     queue_signal(env, TARGET_SIGSEGV, &info);
2848 }
2849 
2850 void cpu_loop(CPUAlphaState *env)
2851 {
2852     CPUState *cs = CPU(alpha_env_get_cpu(env));
2853     int trapnr;
2854     target_siginfo_t info;
2855     abi_long sysret;
2856 
2857     while (1) {
2858         trapnr = cpu_alpha_exec (env);
2859 
2860         /* All of the traps imply a transition through PALcode, which
2861            implies an REI instruction has been executed.  Which means
2862            that the intr_flag should be cleared.  */
2863         env->intr_flag = 0;
2864 
2865         switch (trapnr) {
2866         case EXCP_RESET:
2867             fprintf(stderr, "Reset requested. Exit\n");
2868             exit(1);
2869             break;
2870         case EXCP_MCHK:
2871             fprintf(stderr, "Machine check exception. Exit\n");
2872             exit(1);
2873             break;
2874         case EXCP_SMP_INTERRUPT:
2875         case EXCP_CLK_INTERRUPT:
2876         case EXCP_DEV_INTERRUPT:
2877             fprintf(stderr, "External interrupt. Exit\n");
2878             exit(1);
2879             break;
2880         case EXCP_MMFAULT:
2881             env->lock_addr = -1;
2882             info.si_signo = TARGET_SIGSEGV;
2883             info.si_errno = 0;
2884             info.si_code = (page_get_flags(env->trap_arg0) & PAGE_VALID
2885                             ? TARGET_SEGV_ACCERR : TARGET_SEGV_MAPERR);
2886             info._sifields._sigfault._addr = env->trap_arg0;
2887             queue_signal(env, info.si_signo, &info);
2888             break;
2889         case EXCP_UNALIGN:
2890             env->lock_addr = -1;
2891             info.si_signo = TARGET_SIGBUS;
2892             info.si_errno = 0;
2893             info.si_code = TARGET_BUS_ADRALN;
2894             info._sifields._sigfault._addr = env->trap_arg0;
2895             queue_signal(env, info.si_signo, &info);
2896             break;
2897         case EXCP_OPCDEC:
2898         do_sigill:
2899             env->lock_addr = -1;
2900             info.si_signo = TARGET_SIGILL;
2901             info.si_errno = 0;
2902             info.si_code = TARGET_ILL_ILLOPC;
2903             info._sifields._sigfault._addr = env->pc;
2904             queue_signal(env, info.si_signo, &info);
2905             break;
2906         case EXCP_ARITH:
2907             env->lock_addr = -1;
2908             info.si_signo = TARGET_SIGFPE;
2909             info.si_errno = 0;
2910             info.si_code = TARGET_FPE_FLTINV;
2911             info._sifields._sigfault._addr = env->pc;
2912             queue_signal(env, info.si_signo, &info);
2913             break;
2914         case EXCP_FEN:
2915             /* No-op.  Linux simply re-enables the FPU.  */
2916             break;
2917         case EXCP_CALL_PAL:
2918             env->lock_addr = -1;
2919             switch (env->error_code) {
2920             case 0x80:
2921                 /* BPT */
2922                 info.si_signo = TARGET_SIGTRAP;
2923                 info.si_errno = 0;
2924                 info.si_code = TARGET_TRAP_BRKPT;
2925                 info._sifields._sigfault._addr = env->pc;
2926                 queue_signal(env, info.si_signo, &info);
2927                 break;
2928             case 0x81:
2929                 /* BUGCHK */
2930                 info.si_signo = TARGET_SIGTRAP;
2931                 info.si_errno = 0;
2932                 info.si_code = 0;
2933                 info._sifields._sigfault._addr = env->pc;
2934                 queue_signal(env, info.si_signo, &info);
2935                 break;
2936             case 0x83:
2937                 /* CALLSYS */
2938                 trapnr = env->ir[IR_V0];
2939                 sysret = do_syscall(env, trapnr,
2940                                     env->ir[IR_A0], env->ir[IR_A1],
2941                                     env->ir[IR_A2], env->ir[IR_A3],
2942                                     env->ir[IR_A4], env->ir[IR_A5],
2943                                     0, 0);
2944                 if (trapnr == TARGET_NR_sigreturn
2945                     || trapnr == TARGET_NR_rt_sigreturn) {
2946                     break;
2947                 }
2948                 /* Syscall writes 0 to V0 to bypass error check, similar
2949                    to how this is handled internal to Linux kernel.
2950                    (Ab)use trapnr temporarily as boolean indicating error.  */
2951                 trapnr = (env->ir[IR_V0] != 0 && sysret < 0);
2952                 env->ir[IR_V0] = (trapnr ? -sysret : sysret);
2953                 env->ir[IR_A3] = trapnr;
2954                 break;
2955             case 0x86:
2956                 /* IMB */
2957                 /* ??? We can probably elide the code using page_unprotect
2958                    that is checking for self-modifying code.  Instead we
2959                    could simply call tb_flush here.  Until we work out the
2960                    changes required to turn off the extra write protection,
2961                    this can be a no-op.  */
2962                 break;
2963             case 0x9E:
2964                 /* RDUNIQUE */
2965                 /* Handled in the translator for usermode.  */
2966                 abort();
2967             case 0x9F:
2968                 /* WRUNIQUE */
2969                 /* Handled in the translator for usermode.  */
2970                 abort();
2971             case 0xAA:
2972                 /* GENTRAP */
2973                 info.si_signo = TARGET_SIGFPE;
2974                 switch (env->ir[IR_A0]) {
2975                 case TARGET_GEN_INTOVF:
2976                     info.si_code = TARGET_FPE_INTOVF;
2977                     break;
2978                 case TARGET_GEN_INTDIV:
2979                     info.si_code = TARGET_FPE_INTDIV;
2980                     break;
2981                 case TARGET_GEN_FLTOVF:
2982                     info.si_code = TARGET_FPE_FLTOVF;
2983                     break;
2984                 case TARGET_GEN_FLTUND:
2985                     info.si_code = TARGET_FPE_FLTUND;
2986                     break;
2987                 case TARGET_GEN_FLTINV:
2988                     info.si_code = TARGET_FPE_FLTINV;
2989                     break;
2990                 case TARGET_GEN_FLTINE:
2991                     info.si_code = TARGET_FPE_FLTRES;
2992                     break;
2993                 case TARGET_GEN_ROPRAND:
2994                     info.si_code = 0;
2995                     break;
2996                 default:
2997                     info.si_signo = TARGET_SIGTRAP;
2998                     info.si_code = 0;
2999                     break;
3000                 }
3001                 info.si_errno = 0;
3002                 info._sifields._sigfault._addr = env->pc;
3003                 queue_signal(env, info.si_signo, &info);
3004                 break;
3005             default:
3006                 goto do_sigill;
3007             }
3008             break;
3009         case EXCP_DEBUG:
3010             info.si_signo = gdb_handlesig(cs, TARGET_SIGTRAP);
3011             if (info.si_signo) {
3012                 env->lock_addr = -1;
3013                 info.si_errno = 0;
3014                 info.si_code = TARGET_TRAP_BRKPT;
3015                 queue_signal(env, info.si_signo, &info);
3016             }
3017             break;
3018         case EXCP_STL_C:
3019         case EXCP_STQ_C:
3020             do_store_exclusive(env, env->error_code, trapnr - EXCP_STL_C);
3021             break;
3022         case EXCP_INTERRUPT:
3023             /* Just indicate that signals should be handled asap.  */
3024             break;
3025         default:
3026             printf ("Unhandled trap: 0x%x\n", trapnr);
3027             cpu_dump_state(cs, stderr, fprintf, 0);
3028             exit (1);
3029         }
3030         process_pending_signals (env);
3031     }
3032 }
3033 #endif /* TARGET_ALPHA */
3034 
3035 #ifdef TARGET_S390X
3036 void cpu_loop(CPUS390XState *env)
3037 {
3038     CPUState *cs = CPU(s390_env_get_cpu(env));
3039     int trapnr, n, sig;
3040     target_siginfo_t info;
3041     target_ulong addr;
3042 
3043     while (1) {
3044         trapnr = cpu_s390x_exec(env);
3045         switch (trapnr) {
3046         case EXCP_INTERRUPT:
3047             /* Just indicate that signals should be handled asap.  */
3048             break;
3049 
3050         case EXCP_SVC:
3051             n = env->int_svc_code;
3052             if (!n) {
3053                 /* syscalls > 255 */
3054                 n = env->regs[1];
3055             }
3056             env->psw.addr += env->int_svc_ilen;
3057             env->regs[2] = do_syscall(env, n, env->regs[2], env->regs[3],
3058                                       env->regs[4], env->regs[5],
3059                                       env->regs[6], env->regs[7], 0, 0);
3060             break;
3061 
3062         case EXCP_DEBUG:
3063             sig = gdb_handlesig(cs, TARGET_SIGTRAP);
3064             if (sig) {
3065                 n = TARGET_TRAP_BRKPT;
3066                 goto do_signal_pc;
3067             }
3068             break;
3069         case EXCP_PGM:
3070             n = env->int_pgm_code;
3071             switch (n) {
3072             case PGM_OPERATION:
3073             case PGM_PRIVILEGED:
3074                 sig = SIGILL;
3075                 n = TARGET_ILL_ILLOPC;
3076                 goto do_signal_pc;
3077             case PGM_PROTECTION:
3078             case PGM_ADDRESSING:
3079                 sig = SIGSEGV;
3080                 /* XXX: check env->error_code */
3081                 n = TARGET_SEGV_MAPERR;
3082                 addr = env->__excp_addr;
3083                 goto do_signal;
3084             case PGM_EXECUTE:
3085             case PGM_SPECIFICATION:
3086             case PGM_SPECIAL_OP:
3087             case PGM_OPERAND:
3088             do_sigill_opn:
3089                 sig = SIGILL;
3090                 n = TARGET_ILL_ILLOPN;
3091                 goto do_signal_pc;
3092 
3093             case PGM_FIXPT_OVERFLOW:
3094                 sig = SIGFPE;
3095                 n = TARGET_FPE_INTOVF;
3096                 goto do_signal_pc;
3097             case PGM_FIXPT_DIVIDE:
3098                 sig = SIGFPE;
3099                 n = TARGET_FPE_INTDIV;
3100                 goto do_signal_pc;
3101 
3102             case PGM_DATA:
3103                 n = (env->fpc >> 8) & 0xff;
3104                 if (n == 0xff) {
3105                     /* compare-and-trap */
3106                     goto do_sigill_opn;
3107                 } else {
3108                     /* An IEEE exception, simulated or otherwise.  */
3109                     if (n & 0x80) {
3110                         n = TARGET_FPE_FLTINV;
3111                     } else if (n & 0x40) {
3112                         n = TARGET_FPE_FLTDIV;
3113                     } else if (n & 0x20) {
3114                         n = TARGET_FPE_FLTOVF;
3115                     } else if (n & 0x10) {
3116                         n = TARGET_FPE_FLTUND;
3117                     } else if (n & 0x08) {
3118                         n = TARGET_FPE_FLTRES;
3119                     } else {
3120                         /* ??? Quantum exception; BFP, DFP error.  */
3121                         goto do_sigill_opn;
3122                     }
3123                     sig = SIGFPE;
3124                     goto do_signal_pc;
3125                 }
3126 
3127             default:
3128                 fprintf(stderr, "Unhandled program exception: %#x\n", n);
3129                 cpu_dump_state(cs, stderr, fprintf, 0);
3130                 exit(1);
3131             }
3132             break;
3133 
3134         do_signal_pc:
3135             addr = env->psw.addr;
3136         do_signal:
3137             info.si_signo = sig;
3138             info.si_errno = 0;
3139             info.si_code = n;
3140             info._sifields._sigfault._addr = addr;
3141             queue_signal(env, info.si_signo, &info);
3142             break;
3143 
3144         default:
3145             fprintf(stderr, "Unhandled trap: 0x%x\n", trapnr);
3146             cpu_dump_state(cs, stderr, fprintf, 0);
3147             exit(1);
3148         }
3149         process_pending_signals (env);
3150     }
3151 }
3152 
3153 #endif /* TARGET_S390X */
3154 
3155 THREAD CPUState *thread_cpu;
3156 
3157 void task_settid(TaskState *ts)
3158 {
3159     if (ts->ts_tid == 0) {
3160 #ifdef CONFIG_USE_NPTL
3161         ts->ts_tid = (pid_t)syscall(SYS_gettid);
3162 #else
3163         /* when no threads are used, tid becomes pid */
3164         ts->ts_tid = getpid();
3165 #endif
3166     }
3167 }
3168 
3169 void stop_all_tasks(void)
3170 {
3171     /*
3172      * We trust that when using NPTL, start_exclusive()
3173      * handles thread stopping correctly.
3174      */
3175     start_exclusive();
3176 }
3177 
3178 /* Assumes contents are already zeroed.  */
3179 void init_task_state(TaskState *ts)
3180 {
3181     int i;
3182 
3183     ts->used = 1;
3184     ts->first_free = ts->sigqueue_table;
3185     for (i = 0; i < MAX_SIGQUEUE_SIZE - 1; i++) {
3186         ts->sigqueue_table[i].next = &ts->sigqueue_table[i + 1];
3187     }
3188     ts->sigqueue_table[i].next = NULL;
3189 }
3190 
3191 static void handle_arg_help(const char *arg)
3192 {
3193     usage();
3194 }
3195 
3196 static void handle_arg_log(const char *arg)
3197 {
3198     int mask;
3199 
3200     mask = qemu_str_to_log_mask(arg);
3201     if (!mask) {
3202         qemu_print_log_usage(stdout);
3203         exit(1);
3204     }
3205     qemu_set_log(mask);
3206 }
3207 
3208 static void handle_arg_log_filename(const char *arg)
3209 {
3210     qemu_set_log_filename(arg);
3211 }
3212 
3213 static void handle_arg_set_env(const char *arg)
3214 {
3215     char *r, *p, *token;
3216     r = p = strdup(arg);
3217     while ((token = strsep(&p, ",")) != NULL) {
3218         if (envlist_setenv(envlist, token) != 0) {
3219             usage();
3220         }
3221     }
3222     free(r);
3223 }
3224 
3225 static void handle_arg_unset_env(const char *arg)
3226 {
3227     char *r, *p, *token;
3228     r = p = strdup(arg);
3229     while ((token = strsep(&p, ",")) != NULL) {
3230         if (envlist_unsetenv(envlist, token) != 0) {
3231             usage();
3232         }
3233     }
3234     free(r);
3235 }
3236 
3237 static void handle_arg_argv0(const char *arg)
3238 {
3239     argv0 = strdup(arg);
3240 }
3241 
3242 static void handle_arg_stack_size(const char *arg)
3243 {
3244     char *p;
3245     guest_stack_size = strtoul(arg, &p, 0);
3246     if (guest_stack_size == 0) {
3247         usage();
3248     }
3249 
3250     if (*p == 'M') {
3251         guest_stack_size *= 1024 * 1024;
3252     } else if (*p == 'k' || *p == 'K') {
3253         guest_stack_size *= 1024;
3254     }
3255 }
3256 
3257 static void handle_arg_ld_prefix(const char *arg)
3258 {
3259     interp_prefix = strdup(arg);
3260 }
3261 
3262 static void handle_arg_pagesize(const char *arg)
3263 {
3264     qemu_host_page_size = atoi(arg);
3265     if (qemu_host_page_size == 0 ||
3266         (qemu_host_page_size & (qemu_host_page_size - 1)) != 0) {
3267         fprintf(stderr, "page size must be a power of two\n");
3268         exit(1);
3269     }
3270 }
3271 
3272 static void handle_arg_gdb(const char *arg)
3273 {
3274     gdbstub_port = atoi(arg);
3275 }
3276 
3277 static void handle_arg_uname(const char *arg)
3278 {
3279     qemu_uname_release = strdup(arg);
3280 }
3281 
3282 static void handle_arg_cpu(const char *arg)
3283 {
3284     cpu_model = strdup(arg);
3285     if (cpu_model == NULL || is_help_option(cpu_model)) {
3286         /* XXX: implement xxx_cpu_list for targets that still miss it */
3287 #if defined(cpu_list)
3288         cpu_list(stdout, &fprintf);
3289 #endif
3290         exit(1);
3291     }
3292 }
3293 
3294 #if defined(CONFIG_USE_GUEST_BASE)
3295 static void handle_arg_guest_base(const char *arg)
3296 {
3297     guest_base = strtol(arg, NULL, 0);
3298     have_guest_base = 1;
3299 }
3300 
3301 static void handle_arg_reserved_va(const char *arg)
3302 {
3303     char *p;
3304     int shift = 0;
3305     reserved_va = strtoul(arg, &p, 0);
3306     switch (*p) {
3307     case 'k':
3308     case 'K':
3309         shift = 10;
3310         break;
3311     case 'M':
3312         shift = 20;
3313         break;
3314     case 'G':
3315         shift = 30;
3316         break;
3317     }
3318     if (shift) {
3319         unsigned long unshifted = reserved_va;
3320         p++;
3321         reserved_va <<= shift;
3322         if (((reserved_va >> shift) != unshifted)
3323 #if HOST_LONG_BITS > TARGET_VIRT_ADDR_SPACE_BITS
3324             || (reserved_va > (1ul << TARGET_VIRT_ADDR_SPACE_BITS))
3325 #endif
3326             ) {
3327             fprintf(stderr, "Reserved virtual address too big\n");
3328             exit(1);
3329         }
3330     }
3331     if (*p) {
3332         fprintf(stderr, "Unrecognised -R size suffix '%s'\n", p);
3333         exit(1);
3334     }
3335 }
3336 #endif
3337 
3338 static void handle_arg_singlestep(const char *arg)
3339 {
3340     singlestep = 1;
3341 }
3342 
3343 static void handle_arg_strace(const char *arg)
3344 {
3345     do_strace = 1;
3346 }
3347 
3348 static void handle_arg_version(const char *arg)
3349 {
3350     printf("qemu-" TARGET_NAME " version " QEMU_VERSION QEMU_PKGVERSION
3351            ", Copyright (c) 2003-2008 Fabrice Bellard\n");
3352     exit(0);
3353 }
3354 
3355 struct qemu_argument {
3356     const char *argv;
3357     const char *env;
3358     bool has_arg;
3359     void (*handle_opt)(const char *arg);
3360     const char *example;
3361     const char *help;
3362 };
3363 
3364 static const struct qemu_argument arg_table[] = {
3365     {"h",          "",                 false, handle_arg_help,
3366      "",           "print this help"},
3367     {"g",          "QEMU_GDB",         true,  handle_arg_gdb,
3368      "port",       "wait gdb connection to 'port'"},
3369     {"L",          "QEMU_LD_PREFIX",   true,  handle_arg_ld_prefix,
3370      "path",       "set the elf interpreter prefix to 'path'"},
3371     {"s",          "QEMU_STACK_SIZE",  true,  handle_arg_stack_size,
3372      "size",       "set the stack size to 'size' bytes"},
3373     {"cpu",        "QEMU_CPU",         true,  handle_arg_cpu,
3374      "model",      "select CPU (-cpu help for list)"},
3375     {"E",          "QEMU_SET_ENV",     true,  handle_arg_set_env,
3376      "var=value",  "sets targets environment variable (see below)"},
3377     {"U",          "QEMU_UNSET_ENV",   true,  handle_arg_unset_env,
3378      "var",        "unsets targets environment variable (see below)"},
3379     {"0",          "QEMU_ARGV0",       true,  handle_arg_argv0,
3380      "argv0",      "forces target process argv[0] to be 'argv0'"},
3381     {"r",          "QEMU_UNAME",       true,  handle_arg_uname,
3382      "uname",      "set qemu uname release string to 'uname'"},
3383 #if defined(CONFIG_USE_GUEST_BASE)
3384     {"B",          "QEMU_GUEST_BASE",  true,  handle_arg_guest_base,
3385      "address",    "set guest_base address to 'address'"},
3386     {"R",          "QEMU_RESERVED_VA", true,  handle_arg_reserved_va,
3387      "size",       "reserve 'size' bytes for guest virtual address space"},
3388 #endif
3389     {"d",          "QEMU_LOG",         true,  handle_arg_log,
3390      "item[,...]", "enable logging of specified items "
3391      "(use '-d help' for a list of items)"},
3392     {"D",          "QEMU_LOG_FILENAME", true, handle_arg_log_filename,
3393      "logfile",     "write logs to 'logfile' (default stderr)"},
3394     {"p",          "QEMU_PAGESIZE",    true,  handle_arg_pagesize,
3395      "pagesize",   "set the host page size to 'pagesize'"},
3396     {"singlestep", "QEMU_SINGLESTEP",  false, handle_arg_singlestep,
3397      "",           "run in singlestep mode"},
3398     {"strace",     "QEMU_STRACE",      false, handle_arg_strace,
3399      "",           "log system calls"},
3400     {"version",    "QEMU_VERSION",     false, handle_arg_version,
3401      "",           "display version information and exit"},
3402     {NULL, NULL, false, NULL, NULL, NULL}
3403 };
3404 
3405 static void usage(void)
3406 {
3407     const struct qemu_argument *arginfo;
3408     int maxarglen;
3409     int maxenvlen;
3410 
3411     printf("usage: qemu-" TARGET_NAME " [options] program [arguments...]\n"
3412            "Linux CPU emulator (compiled for " TARGET_NAME " emulation)\n"
3413            "\n"
3414            "Options and associated environment variables:\n"
3415            "\n");
3416 
3417     /* Calculate column widths. We must always have at least enough space
3418      * for the column header.
3419      */
3420     maxarglen = strlen("Argument");
3421     maxenvlen = strlen("Env-variable");
3422 
3423     for (arginfo = arg_table; arginfo->handle_opt != NULL; arginfo++) {
3424         int arglen = strlen(arginfo->argv);
3425         if (arginfo->has_arg) {
3426             arglen += strlen(arginfo->example) + 1;
3427         }
3428         if (strlen(arginfo->env) > maxenvlen) {
3429             maxenvlen = strlen(arginfo->env);
3430         }
3431         if (arglen > maxarglen) {
3432             maxarglen = arglen;
3433         }
3434     }
3435 
3436     printf("%-*s %-*s Description\n", maxarglen+1, "Argument",
3437             maxenvlen, "Env-variable");
3438 
3439     for (arginfo = arg_table; arginfo->handle_opt != NULL; arginfo++) {
3440         if (arginfo->has_arg) {
3441             printf("-%s %-*s %-*s %s\n", arginfo->argv,
3442                    (int)(maxarglen - strlen(arginfo->argv) - 1),
3443                    arginfo->example, maxenvlen, arginfo->env, arginfo->help);
3444         } else {
3445             printf("-%-*s %-*s %s\n", maxarglen, arginfo->argv,
3446                     maxenvlen, arginfo->env,
3447                     arginfo->help);
3448         }
3449     }
3450 
3451     printf("\n"
3452            "Defaults:\n"
3453            "QEMU_LD_PREFIX  = %s\n"
3454            "QEMU_STACK_SIZE = %ld byte\n",
3455            interp_prefix,
3456            guest_stack_size);
3457 
3458     printf("\n"
3459            "You can use -E and -U options or the QEMU_SET_ENV and\n"
3460            "QEMU_UNSET_ENV environment variables to set and unset\n"
3461            "environment variables for the target process.\n"
3462            "It is possible to provide several variables by separating them\n"
3463            "by commas in getsubopt(3) style. Additionally it is possible to\n"
3464            "provide the -E and -U options multiple times.\n"
3465            "The following lines are equivalent:\n"
3466            "    -E var1=val2 -E var2=val2 -U LD_PRELOAD -U LD_DEBUG\n"
3467            "    -E var1=val2,var2=val2 -U LD_PRELOAD,LD_DEBUG\n"
3468            "    QEMU_SET_ENV=var1=val2,var2=val2 QEMU_UNSET_ENV=LD_PRELOAD,LD_DEBUG\n"
3469            "Note that if you provide several changes to a single variable\n"
3470            "the last change will stay in effect.\n");
3471 
3472     exit(1);
3473 }
3474 
3475 static int parse_args(int argc, char **argv)
3476 {
3477     const char *r;
3478     int optind;
3479     const struct qemu_argument *arginfo;
3480 
3481     for (arginfo = arg_table; arginfo->handle_opt != NULL; arginfo++) {
3482         if (arginfo->env == NULL) {
3483             continue;
3484         }
3485 
3486         r = getenv(arginfo->env);
3487         if (r != NULL) {
3488             arginfo->handle_opt(r);
3489         }
3490     }
3491 
3492     optind = 1;
3493     for (;;) {
3494         if (optind >= argc) {
3495             break;
3496         }
3497         r = argv[optind];
3498         if (r[0] != '-') {
3499             break;
3500         }
3501         optind++;
3502         r++;
3503         if (!strcmp(r, "-")) {
3504             break;
3505         }
3506 
3507         for (arginfo = arg_table; arginfo->handle_opt != NULL; arginfo++) {
3508             if (!strcmp(r, arginfo->argv)) {
3509                 if (arginfo->has_arg) {
3510                     if (optind >= argc) {
3511                         usage();
3512                     }
3513                     arginfo->handle_opt(argv[optind]);
3514                     optind++;
3515                 } else {
3516                     arginfo->handle_opt(NULL);
3517                 }
3518                 break;
3519             }
3520         }
3521 
3522         /* no option matched the current argv */
3523         if (arginfo->handle_opt == NULL) {
3524             usage();
3525         }
3526     }
3527 
3528     if (optind >= argc) {
3529         usage();
3530     }
3531 
3532     filename = argv[optind];
3533     exec_path = argv[optind];
3534 
3535     return optind;
3536 }
3537 
3538 int main(int argc, char **argv, char **envp)
3539 {
3540     struct target_pt_regs regs1, *regs = &regs1;
3541     struct image_info info1, *info = &info1;
3542     struct linux_binprm bprm;
3543     TaskState *ts;
3544     CPUArchState *env;
3545     CPUState *cpu;
3546     int optind;
3547     char **target_environ, **wrk;
3548     char **target_argv;
3549     int target_argc;
3550     int i;
3551     int ret;
3552 
3553     module_call_init(MODULE_INIT_QOM);
3554 
3555     qemu_cache_utils_init(envp);
3556 
3557     if ((envlist = envlist_create()) == NULL) {
3558         (void) fprintf(stderr, "Unable to allocate envlist\n");
3559         exit(1);
3560     }
3561 
3562     /* add current environment into the list */
3563     for (wrk = environ; *wrk != NULL; wrk++) {
3564         (void) envlist_setenv(envlist, *wrk);
3565     }
3566 
3567     /* Read the stack limit from the kernel.  If it's "unlimited",
3568        then we can do little else besides use the default.  */
3569     {
3570         struct rlimit lim;
3571         if (getrlimit(RLIMIT_STACK, &lim) == 0
3572             && lim.rlim_cur != RLIM_INFINITY
3573             && lim.rlim_cur == (target_long)lim.rlim_cur) {
3574             guest_stack_size = lim.rlim_cur;
3575         }
3576     }
3577 
3578     cpu_model = NULL;
3579 #if defined(cpudef_setup)
3580     cpudef_setup(); /* parse cpu definitions in target config file (TBD) */
3581 #endif
3582 
3583     optind = parse_args(argc, argv);
3584 
3585     /* Zero out regs */
3586     memset(regs, 0, sizeof(struct target_pt_regs));
3587 
3588     /* Zero out image_info */
3589     memset(info, 0, sizeof(struct image_info));
3590 
3591     memset(&bprm, 0, sizeof (bprm));
3592 
3593     /* Scan interp_prefix dir for replacement files. */
3594     init_paths(interp_prefix);
3595 
3596     if (cpu_model == NULL) {
3597 #if defined(TARGET_I386)
3598 #ifdef TARGET_X86_64
3599         cpu_model = "qemu64";
3600 #else
3601         cpu_model = "qemu32";
3602 #endif
3603 #elif defined(TARGET_ARM)
3604         cpu_model = "any";
3605 #elif defined(TARGET_UNICORE32)
3606         cpu_model = "any";
3607 #elif defined(TARGET_M68K)
3608         cpu_model = "any";
3609 #elif defined(TARGET_SPARC)
3610 #ifdef TARGET_SPARC64
3611         cpu_model = "TI UltraSparc II";
3612 #else
3613         cpu_model = "Fujitsu MB86904";
3614 #endif
3615 #elif defined(TARGET_MIPS)
3616 #if defined(TARGET_ABI_MIPSN32) || defined(TARGET_ABI_MIPSN64)
3617         cpu_model = "20Kc";
3618 #else
3619         cpu_model = "24Kf";
3620 #endif
3621 #elif defined TARGET_OPENRISC
3622         cpu_model = "or1200";
3623 #elif defined(TARGET_PPC)
3624 #ifdef TARGET_PPC64
3625         cpu_model = "970fx";
3626 #else
3627         cpu_model = "750";
3628 #endif
3629 #else
3630         cpu_model = "any";
3631 #endif
3632     }
3633     tcg_exec_init(0);
3634     cpu_exec_init_all();
3635     /* NOTE: we need to init the CPU at this stage to get
3636        qemu_host_page_size */
3637     env = cpu_init(cpu_model);
3638     if (!env) {
3639         fprintf(stderr, "Unable to find CPU definition\n");
3640         exit(1);
3641     }
3642     cpu = ENV_GET_CPU(env);
3643 #if defined(TARGET_SPARC) || defined(TARGET_PPC)
3644     cpu_reset(cpu);
3645 #endif
3646 
3647     thread_cpu = cpu;
3648 
3649     if (getenv("QEMU_STRACE")) {
3650         do_strace = 1;
3651     }
3652 
3653     target_environ = envlist_to_environ(envlist, NULL);
3654     envlist_free(envlist);
3655 
3656 #if defined(CONFIG_USE_GUEST_BASE)
3657     /*
3658      * Now that page sizes are configured in cpu_init() we can do
3659      * proper page alignment for guest_base.
3660      */
3661     guest_base = HOST_PAGE_ALIGN(guest_base);
3662 
3663     if (reserved_va || have_guest_base) {
3664         guest_base = init_guest_space(guest_base, reserved_va, 0,
3665                                       have_guest_base);
3666         if (guest_base == (unsigned long)-1) {
3667             fprintf(stderr, "Unable to reserve 0x%lx bytes of virtual address "
3668                     "space for use as guest address space (check your virtual "
3669                     "memory ulimit setting or reserve less using -R option)\n",
3670                     reserved_va);
3671             exit(1);
3672         }
3673 
3674         if (reserved_va) {
3675             mmap_next_start = reserved_va;
3676         }
3677     }
3678 #endif /* CONFIG_USE_GUEST_BASE */
3679 
3680     /*
3681      * Read in mmap_min_addr kernel parameter.  This value is used
3682      * When loading the ELF image to determine whether guest_base
3683      * is needed.  It is also used in mmap_find_vma.
3684      */
3685     {
3686         FILE *fp;
3687 
3688         if ((fp = fopen("/proc/sys/vm/mmap_min_addr", "r")) != NULL) {
3689             unsigned long tmp;
3690             if (fscanf(fp, "%lu", &tmp) == 1) {
3691                 mmap_min_addr = tmp;
3692                 qemu_log("host mmap_min_addr=0x%lx\n", mmap_min_addr);
3693             }
3694             fclose(fp);
3695         }
3696     }
3697 
3698     /*
3699      * Prepare copy of argv vector for target.
3700      */
3701     target_argc = argc - optind;
3702     target_argv = calloc(target_argc + 1, sizeof (char *));
3703     if (target_argv == NULL) {
3704 	(void) fprintf(stderr, "Unable to allocate memory for target_argv\n");
3705 	exit(1);
3706     }
3707 
3708     /*
3709      * If argv0 is specified (using '-0' switch) we replace
3710      * argv[0] pointer with the given one.
3711      */
3712     i = 0;
3713     if (argv0 != NULL) {
3714         target_argv[i++] = strdup(argv0);
3715     }
3716     for (; i < target_argc; i++) {
3717         target_argv[i] = strdup(argv[optind + i]);
3718     }
3719     target_argv[target_argc] = NULL;
3720 
3721     ts = g_malloc0 (sizeof(TaskState));
3722     init_task_state(ts);
3723     /* build Task State */
3724     ts->info = info;
3725     ts->bprm = &bprm;
3726     env->opaque = ts;
3727     task_settid(ts);
3728 
3729     ret = loader_exec(filename, target_argv, target_environ, regs,
3730         info, &bprm);
3731     if (ret != 0) {
3732         printf("Error while loading %s: %s\n", filename, strerror(-ret));
3733         _exit(1);
3734     }
3735 
3736     for (wrk = target_environ; *wrk; wrk++) {
3737         free(*wrk);
3738     }
3739 
3740     free(target_environ);
3741 
3742     if (qemu_log_enabled()) {
3743 #if defined(CONFIG_USE_GUEST_BASE)
3744         qemu_log("guest_base  0x%lx\n", guest_base);
3745 #endif
3746         log_page_dump();
3747 
3748         qemu_log("start_brk   0x" TARGET_ABI_FMT_lx "\n", info->start_brk);
3749         qemu_log("end_code    0x" TARGET_ABI_FMT_lx "\n", info->end_code);
3750         qemu_log("start_code  0x" TARGET_ABI_FMT_lx "\n",
3751                  info->start_code);
3752         qemu_log("start_data  0x" TARGET_ABI_FMT_lx "\n",
3753                  info->start_data);
3754         qemu_log("end_data    0x" TARGET_ABI_FMT_lx "\n", info->end_data);
3755         qemu_log("start_stack 0x" TARGET_ABI_FMT_lx "\n",
3756                  info->start_stack);
3757         qemu_log("brk         0x" TARGET_ABI_FMT_lx "\n", info->brk);
3758         qemu_log("entry       0x" TARGET_ABI_FMT_lx "\n", info->entry);
3759     }
3760 
3761     target_set_brk(info->brk);
3762     syscall_init();
3763     signal_init();
3764 
3765 #if defined(CONFIG_USE_GUEST_BASE)
3766     /* Now that we've loaded the binary, GUEST_BASE is fixed.  Delay
3767        generating the prologue until now so that the prologue can take
3768        the real value of GUEST_BASE into account.  */
3769     tcg_prologue_init(&tcg_ctx);
3770 #endif
3771 
3772 #if defined(TARGET_I386)
3773     cpu_x86_set_cpl(env, 3);
3774 
3775     env->cr[0] = CR0_PG_MASK | CR0_WP_MASK | CR0_PE_MASK;
3776     env->hflags |= HF_PE_MASK;
3777     if (env->features[FEAT_1_EDX] & CPUID_SSE) {
3778         env->cr[4] |= CR4_OSFXSR_MASK;
3779         env->hflags |= HF_OSFXSR_MASK;
3780     }
3781 #ifndef TARGET_ABI32
3782     /* enable 64 bit mode if possible */
3783     if (!(env->features[FEAT_8000_0001_EDX] & CPUID_EXT2_LM)) {
3784         fprintf(stderr, "The selected x86 CPU does not support 64 bit mode\n");
3785         exit(1);
3786     }
3787     env->cr[4] |= CR4_PAE_MASK;
3788     env->efer |= MSR_EFER_LMA | MSR_EFER_LME;
3789     env->hflags |= HF_LMA_MASK;
3790 #endif
3791 
3792     /* flags setup : we activate the IRQs by default as in user mode */
3793     env->eflags |= IF_MASK;
3794 
3795     /* linux register setup */
3796 #ifndef TARGET_ABI32
3797     env->regs[R_EAX] = regs->rax;
3798     env->regs[R_EBX] = regs->rbx;
3799     env->regs[R_ECX] = regs->rcx;
3800     env->regs[R_EDX] = regs->rdx;
3801     env->regs[R_ESI] = regs->rsi;
3802     env->regs[R_EDI] = regs->rdi;
3803     env->regs[R_EBP] = regs->rbp;
3804     env->regs[R_ESP] = regs->rsp;
3805     env->eip = regs->rip;
3806 #else
3807     env->regs[R_EAX] = regs->eax;
3808     env->regs[R_EBX] = regs->ebx;
3809     env->regs[R_ECX] = regs->ecx;
3810     env->regs[R_EDX] = regs->edx;
3811     env->regs[R_ESI] = regs->esi;
3812     env->regs[R_EDI] = regs->edi;
3813     env->regs[R_EBP] = regs->ebp;
3814     env->regs[R_ESP] = regs->esp;
3815     env->eip = regs->eip;
3816 #endif
3817 
3818     /* linux interrupt setup */
3819 #ifndef TARGET_ABI32
3820     env->idt.limit = 511;
3821 #else
3822     env->idt.limit = 255;
3823 #endif
3824     env->idt.base = target_mmap(0, sizeof(uint64_t) * (env->idt.limit + 1),
3825                                 PROT_READ|PROT_WRITE,
3826                                 MAP_ANONYMOUS|MAP_PRIVATE, -1, 0);
3827     idt_table = g2h(env->idt.base);
3828     set_idt(0, 0);
3829     set_idt(1, 0);
3830     set_idt(2, 0);
3831     set_idt(3, 3);
3832     set_idt(4, 3);
3833     set_idt(5, 0);
3834     set_idt(6, 0);
3835     set_idt(7, 0);
3836     set_idt(8, 0);
3837     set_idt(9, 0);
3838     set_idt(10, 0);
3839     set_idt(11, 0);
3840     set_idt(12, 0);
3841     set_idt(13, 0);
3842     set_idt(14, 0);
3843     set_idt(15, 0);
3844     set_idt(16, 0);
3845     set_idt(17, 0);
3846     set_idt(18, 0);
3847     set_idt(19, 0);
3848     set_idt(0x80, 3);
3849 
3850     /* linux segment setup */
3851     {
3852         uint64_t *gdt_table;
3853         env->gdt.base = target_mmap(0, sizeof(uint64_t) * TARGET_GDT_ENTRIES,
3854                                     PROT_READ|PROT_WRITE,
3855                                     MAP_ANONYMOUS|MAP_PRIVATE, -1, 0);
3856         env->gdt.limit = sizeof(uint64_t) * TARGET_GDT_ENTRIES - 1;
3857         gdt_table = g2h(env->gdt.base);
3858 #ifdef TARGET_ABI32
3859         write_dt(&gdt_table[__USER_CS >> 3], 0, 0xfffff,
3860                  DESC_G_MASK | DESC_B_MASK | DESC_P_MASK | DESC_S_MASK |
3861                  (3 << DESC_DPL_SHIFT) | (0xa << DESC_TYPE_SHIFT));
3862 #else
3863         /* 64 bit code segment */
3864         write_dt(&gdt_table[__USER_CS >> 3], 0, 0xfffff,
3865                  DESC_G_MASK | DESC_B_MASK | DESC_P_MASK | DESC_S_MASK |
3866                  DESC_L_MASK |
3867                  (3 << DESC_DPL_SHIFT) | (0xa << DESC_TYPE_SHIFT));
3868 #endif
3869         write_dt(&gdt_table[__USER_DS >> 3], 0, 0xfffff,
3870                  DESC_G_MASK | DESC_B_MASK | DESC_P_MASK | DESC_S_MASK |
3871                  (3 << DESC_DPL_SHIFT) | (0x2 << DESC_TYPE_SHIFT));
3872     }
3873     cpu_x86_load_seg(env, R_CS, __USER_CS);
3874     cpu_x86_load_seg(env, R_SS, __USER_DS);
3875 #ifdef TARGET_ABI32
3876     cpu_x86_load_seg(env, R_DS, __USER_DS);
3877     cpu_x86_load_seg(env, R_ES, __USER_DS);
3878     cpu_x86_load_seg(env, R_FS, __USER_DS);
3879     cpu_x86_load_seg(env, R_GS, __USER_DS);
3880     /* This hack makes Wine work... */
3881     env->segs[R_FS].selector = 0;
3882 #else
3883     cpu_x86_load_seg(env, R_DS, 0);
3884     cpu_x86_load_seg(env, R_ES, 0);
3885     cpu_x86_load_seg(env, R_FS, 0);
3886     cpu_x86_load_seg(env, R_GS, 0);
3887 #endif
3888 #elif defined(TARGET_ARM)
3889     {
3890         int i;
3891         cpsr_write(env, regs->uregs[16], 0xffffffff);
3892         for(i = 0; i < 16; i++) {
3893             env->regs[i] = regs->uregs[i];
3894         }
3895         /* Enable BE8.  */
3896         if (EF_ARM_EABI_VERSION(info->elf_flags) >= EF_ARM_EABI_VER4
3897             && (info->elf_flags & EF_ARM_BE8)) {
3898             env->bswap_code = 1;
3899         }
3900     }
3901 #elif defined(TARGET_UNICORE32)
3902     {
3903         int i;
3904         cpu_asr_write(env, regs->uregs[32], 0xffffffff);
3905         for (i = 0; i < 32; i++) {
3906             env->regs[i] = regs->uregs[i];
3907         }
3908     }
3909 #elif defined(TARGET_SPARC)
3910     {
3911         int i;
3912 	env->pc = regs->pc;
3913 	env->npc = regs->npc;
3914         env->y = regs->y;
3915         for(i = 0; i < 8; i++)
3916             env->gregs[i] = regs->u_regs[i];
3917         for(i = 0; i < 8; i++)
3918             env->regwptr[i] = regs->u_regs[i + 8];
3919     }
3920 #elif defined(TARGET_PPC)
3921     {
3922         int i;
3923 
3924 #if defined(TARGET_PPC64)
3925 #if defined(TARGET_ABI32)
3926         env->msr &= ~((target_ulong)1 << MSR_SF);
3927 #else
3928         env->msr |= (target_ulong)1 << MSR_SF;
3929 #endif
3930 #endif
3931         env->nip = regs->nip;
3932         for(i = 0; i < 32; i++) {
3933             env->gpr[i] = regs->gpr[i];
3934         }
3935     }
3936 #elif defined(TARGET_M68K)
3937     {
3938         env->pc = regs->pc;
3939         env->dregs[0] = regs->d0;
3940         env->dregs[1] = regs->d1;
3941         env->dregs[2] = regs->d2;
3942         env->dregs[3] = regs->d3;
3943         env->dregs[4] = regs->d4;
3944         env->dregs[5] = regs->d5;
3945         env->dregs[6] = regs->d6;
3946         env->dregs[7] = regs->d7;
3947         env->aregs[0] = regs->a0;
3948         env->aregs[1] = regs->a1;
3949         env->aregs[2] = regs->a2;
3950         env->aregs[3] = regs->a3;
3951         env->aregs[4] = regs->a4;
3952         env->aregs[5] = regs->a5;
3953         env->aregs[6] = regs->a6;
3954         env->aregs[7] = regs->usp;
3955         env->sr = regs->sr;
3956         ts->sim_syscalls = 1;
3957     }
3958 #elif defined(TARGET_MICROBLAZE)
3959     {
3960         env->regs[0] = regs->r0;
3961         env->regs[1] = regs->r1;
3962         env->regs[2] = regs->r2;
3963         env->regs[3] = regs->r3;
3964         env->regs[4] = regs->r4;
3965         env->regs[5] = regs->r5;
3966         env->regs[6] = regs->r6;
3967         env->regs[7] = regs->r7;
3968         env->regs[8] = regs->r8;
3969         env->regs[9] = regs->r9;
3970         env->regs[10] = regs->r10;
3971         env->regs[11] = regs->r11;
3972         env->regs[12] = regs->r12;
3973         env->regs[13] = regs->r13;
3974         env->regs[14] = regs->r14;
3975         env->regs[15] = regs->r15;
3976         env->regs[16] = regs->r16;
3977         env->regs[17] = regs->r17;
3978         env->regs[18] = regs->r18;
3979         env->regs[19] = regs->r19;
3980         env->regs[20] = regs->r20;
3981         env->regs[21] = regs->r21;
3982         env->regs[22] = regs->r22;
3983         env->regs[23] = regs->r23;
3984         env->regs[24] = regs->r24;
3985         env->regs[25] = regs->r25;
3986         env->regs[26] = regs->r26;
3987         env->regs[27] = regs->r27;
3988         env->regs[28] = regs->r28;
3989         env->regs[29] = regs->r29;
3990         env->regs[30] = regs->r30;
3991         env->regs[31] = regs->r31;
3992         env->sregs[SR_PC] = regs->pc;
3993     }
3994 #elif defined(TARGET_MIPS)
3995     {
3996         int i;
3997 
3998         for(i = 0; i < 32; i++) {
3999             env->active_tc.gpr[i] = regs->regs[i];
4000         }
4001         env->active_tc.PC = regs->cp0_epc & ~(target_ulong)1;
4002         if (regs->cp0_epc & 1) {
4003             env->hflags |= MIPS_HFLAG_M16;
4004         }
4005     }
4006 #elif defined(TARGET_OPENRISC)
4007     {
4008         int i;
4009 
4010         for (i = 0; i < 32; i++) {
4011             env->gpr[i] = regs->gpr[i];
4012         }
4013 
4014         env->sr = regs->sr;
4015         env->pc = regs->pc;
4016     }
4017 #elif defined(TARGET_SH4)
4018     {
4019         int i;
4020 
4021         for(i = 0; i < 16; i++) {
4022             env->gregs[i] = regs->regs[i];
4023         }
4024         env->pc = regs->pc;
4025     }
4026 #elif defined(TARGET_ALPHA)
4027     {
4028         int i;
4029 
4030         for(i = 0; i < 28; i++) {
4031             env->ir[i] = ((abi_ulong *)regs)[i];
4032         }
4033         env->ir[IR_SP] = regs->usp;
4034         env->pc = regs->pc;
4035     }
4036 #elif defined(TARGET_CRIS)
4037     {
4038 	    env->regs[0] = regs->r0;
4039 	    env->regs[1] = regs->r1;
4040 	    env->regs[2] = regs->r2;
4041 	    env->regs[3] = regs->r3;
4042 	    env->regs[4] = regs->r4;
4043 	    env->regs[5] = regs->r5;
4044 	    env->regs[6] = regs->r6;
4045 	    env->regs[7] = regs->r7;
4046 	    env->regs[8] = regs->r8;
4047 	    env->regs[9] = regs->r9;
4048 	    env->regs[10] = regs->r10;
4049 	    env->regs[11] = regs->r11;
4050 	    env->regs[12] = regs->r12;
4051 	    env->regs[13] = regs->r13;
4052 	    env->regs[14] = info->start_stack;
4053 	    env->regs[15] = regs->acr;
4054 	    env->pc = regs->erp;
4055     }
4056 #elif defined(TARGET_S390X)
4057     {
4058             int i;
4059             for (i = 0; i < 16; i++) {
4060                 env->regs[i] = regs->gprs[i];
4061             }
4062             env->psw.mask = regs->psw.mask;
4063             env->psw.addr = regs->psw.addr;
4064     }
4065 #else
4066 #error unsupported target CPU
4067 #endif
4068 
4069 #if defined(TARGET_ARM) || defined(TARGET_M68K) || defined(TARGET_UNICORE32)
4070     ts->stack_base = info->start_stack;
4071     ts->heap_base = info->brk;
4072     /* This will be filled in on the first SYS_HEAPINFO call.  */
4073     ts->heap_limit = 0;
4074 #endif
4075 
4076     if (gdbstub_port) {
4077         if (gdbserver_start(gdbstub_port) < 0) {
4078             fprintf(stderr, "qemu: could not open gdbserver on port %d\n",
4079                     gdbstub_port);
4080             exit(1);
4081         }
4082         gdb_handlesig(cpu, 0);
4083     }
4084     cpu_loop(env);
4085     /* never exits */
4086     return 0;
4087 }
4088