xref: /openbmc/qemu/linux-user/main.c (revision 56411125)
1 /*
2  *  qemu user main
3  *
4  *  Copyright (c) 2003-2008 Fabrice Bellard
5  *
6  *  This program is free software; you can redistribute it and/or modify
7  *  it under the terms of the GNU General Public License as published by
8  *  the Free Software Foundation; either version 2 of the License, or
9  *  (at your option) any later version.
10  *
11  *  This program is distributed in the hope that it will be useful,
12  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
13  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14  *  GNU General Public License for more details.
15  *
16  *  You should have received a copy of the GNU General Public License
17  *  along with this program; if not, see <http://www.gnu.org/licenses/>.
18  */
19 #include <stdlib.h>
20 #include <stdio.h>
21 #include <stdarg.h>
22 #include <string.h>
23 #include <errno.h>
24 #include <unistd.h>
25 #include <sys/mman.h>
26 #include <sys/syscall.h>
27 #include <sys/resource.h>
28 
29 #include "qemu.h"
30 #include "qemu-common.h"
31 #include "cpu.h"
32 #include "tcg.h"
33 #include "qemu/timer.h"
34 #include "qemu/envlist.h"
35 #include "elf.h"
36 
37 char *exec_path;
38 
39 int singlestep;
40 static const char *filename;
41 static const char *argv0;
42 static int gdbstub_port;
43 static envlist_t *envlist;
44 static const char *cpu_model;
45 unsigned long mmap_min_addr;
46 unsigned long guest_base;
47 int have_guest_base;
48 #if (TARGET_LONG_BITS == 32) && (HOST_LONG_BITS == 64)
49 /*
50  * When running 32-on-64 we should make sure we can fit all of the possible
51  * guest address space into a contiguous chunk of virtual host memory.
52  *
53  * This way we will never overlap with our own libraries or binaries or stack
54  * or anything else that QEMU maps.
55  */
56 # ifdef TARGET_MIPS
57 /* MIPS only supports 31 bits of virtual address space for user space */
58 unsigned long reserved_va = 0x77000000;
59 # else
60 unsigned long reserved_va = 0xf7000000;
61 # endif
62 #else
63 unsigned long reserved_va;
64 #endif
65 
66 static void usage(int exitcode);
67 
68 static const char *interp_prefix = CONFIG_QEMU_INTERP_PREFIX;
69 const char *qemu_uname_release;
70 
71 /* XXX: on x86 MAP_GROWSDOWN only works if ESP <= address + 32, so
72    we allocate a bigger stack. Need a better solution, for example
73    by remapping the process stack directly at the right place */
74 unsigned long guest_stack_size = 8 * 1024 * 1024UL;
75 
76 void gemu_log(const char *fmt, ...)
77 {
78     va_list ap;
79 
80     va_start(ap, fmt);
81     vfprintf(stderr, fmt, ap);
82     va_end(ap);
83 }
84 
85 #if defined(TARGET_I386)
86 int cpu_get_pic_interrupt(CPUX86State *env)
87 {
88     return -1;
89 }
90 #endif
91 
92 /***********************************************************/
93 /* Helper routines for implementing atomic operations.  */
94 
95 /* To implement exclusive operations we force all cpus to syncronise.
96    We don't require a full sync, only that no cpus are executing guest code.
97    The alternative is to map target atomic ops onto host equivalents,
98    which requires quite a lot of per host/target work.  */
99 static pthread_mutex_t cpu_list_mutex = PTHREAD_MUTEX_INITIALIZER;
100 static pthread_mutex_t exclusive_lock = PTHREAD_MUTEX_INITIALIZER;
101 static pthread_cond_t exclusive_cond = PTHREAD_COND_INITIALIZER;
102 static pthread_cond_t exclusive_resume = PTHREAD_COND_INITIALIZER;
103 static int pending_cpus;
104 
105 /* Make sure everything is in a consistent state for calling fork().  */
106 void fork_start(void)
107 {
108     qemu_mutex_lock(&tcg_ctx.tb_ctx.tb_lock);
109     pthread_mutex_lock(&exclusive_lock);
110     mmap_fork_start();
111 }
112 
113 void fork_end(int child)
114 {
115     mmap_fork_end(child);
116     if (child) {
117         CPUState *cpu, *next_cpu;
118         /* Child processes created by fork() only have a single thread.
119            Discard information about the parent threads.  */
120         CPU_FOREACH_SAFE(cpu, next_cpu) {
121             if (cpu != thread_cpu) {
122                 QTAILQ_REMOVE(&cpus, thread_cpu, node);
123             }
124         }
125         pending_cpus = 0;
126         pthread_mutex_init(&exclusive_lock, NULL);
127         pthread_mutex_init(&cpu_list_mutex, NULL);
128         pthread_cond_init(&exclusive_cond, NULL);
129         pthread_cond_init(&exclusive_resume, NULL);
130         qemu_mutex_init(&tcg_ctx.tb_ctx.tb_lock);
131         gdbserver_fork(thread_cpu);
132     } else {
133         pthread_mutex_unlock(&exclusive_lock);
134         qemu_mutex_unlock(&tcg_ctx.tb_ctx.tb_lock);
135     }
136 }
137 
138 /* Wait for pending exclusive operations to complete.  The exclusive lock
139    must be held.  */
140 static inline void exclusive_idle(void)
141 {
142     while (pending_cpus) {
143         pthread_cond_wait(&exclusive_resume, &exclusive_lock);
144     }
145 }
146 
147 /* Start an exclusive operation.
148    Must only be called from outside cpu_arm_exec.   */
149 static inline void start_exclusive(void)
150 {
151     CPUState *other_cpu;
152 
153     pthread_mutex_lock(&exclusive_lock);
154     exclusive_idle();
155 
156     pending_cpus = 1;
157     /* Make all other cpus stop executing.  */
158     CPU_FOREACH(other_cpu) {
159         if (other_cpu->running) {
160             pending_cpus++;
161             cpu_exit(other_cpu);
162         }
163     }
164     if (pending_cpus > 1) {
165         pthread_cond_wait(&exclusive_cond, &exclusive_lock);
166     }
167 }
168 
169 /* Finish an exclusive operation.  */
170 static inline void __attribute__((unused)) end_exclusive(void)
171 {
172     pending_cpus = 0;
173     pthread_cond_broadcast(&exclusive_resume);
174     pthread_mutex_unlock(&exclusive_lock);
175 }
176 
177 /* Wait for exclusive ops to finish, and begin cpu execution.  */
178 static inline void cpu_exec_start(CPUState *cpu)
179 {
180     pthread_mutex_lock(&exclusive_lock);
181     exclusive_idle();
182     cpu->running = true;
183     pthread_mutex_unlock(&exclusive_lock);
184 }
185 
186 /* Mark cpu as not executing, and release pending exclusive ops.  */
187 static inline void cpu_exec_end(CPUState *cpu)
188 {
189     pthread_mutex_lock(&exclusive_lock);
190     cpu->running = false;
191     if (pending_cpus > 1) {
192         pending_cpus--;
193         if (pending_cpus == 1) {
194             pthread_cond_signal(&exclusive_cond);
195         }
196     }
197     exclusive_idle();
198     pthread_mutex_unlock(&exclusive_lock);
199 }
200 
201 void cpu_list_lock(void)
202 {
203     pthread_mutex_lock(&cpu_list_mutex);
204 }
205 
206 void cpu_list_unlock(void)
207 {
208     pthread_mutex_unlock(&cpu_list_mutex);
209 }
210 
211 
212 #ifdef TARGET_I386
213 /***********************************************************/
214 /* CPUX86 core interface */
215 
216 uint64_t cpu_get_tsc(CPUX86State *env)
217 {
218     return cpu_get_host_ticks();
219 }
220 
221 static void write_dt(void *ptr, unsigned long addr, unsigned long limit,
222                      int flags)
223 {
224     unsigned int e1, e2;
225     uint32_t *p;
226     e1 = (addr << 16) | (limit & 0xffff);
227     e2 = ((addr >> 16) & 0xff) | (addr & 0xff000000) | (limit & 0x000f0000);
228     e2 |= flags;
229     p = ptr;
230     p[0] = tswap32(e1);
231     p[1] = tswap32(e2);
232 }
233 
234 static uint64_t *idt_table;
235 #ifdef TARGET_X86_64
236 static void set_gate64(void *ptr, unsigned int type, unsigned int dpl,
237                        uint64_t addr, unsigned int sel)
238 {
239     uint32_t *p, e1, e2;
240     e1 = (addr & 0xffff) | (sel << 16);
241     e2 = (addr & 0xffff0000) | 0x8000 | (dpl << 13) | (type << 8);
242     p = ptr;
243     p[0] = tswap32(e1);
244     p[1] = tswap32(e2);
245     p[2] = tswap32(addr >> 32);
246     p[3] = 0;
247 }
248 /* only dpl matters as we do only user space emulation */
249 static void set_idt(int n, unsigned int dpl)
250 {
251     set_gate64(idt_table + n * 2, 0, dpl, 0, 0);
252 }
253 #else
254 static void set_gate(void *ptr, unsigned int type, unsigned int dpl,
255                      uint32_t addr, unsigned int sel)
256 {
257     uint32_t *p, e1, e2;
258     e1 = (addr & 0xffff) | (sel << 16);
259     e2 = (addr & 0xffff0000) | 0x8000 | (dpl << 13) | (type << 8);
260     p = ptr;
261     p[0] = tswap32(e1);
262     p[1] = tswap32(e2);
263 }
264 
265 /* only dpl matters as we do only user space emulation */
266 static void set_idt(int n, unsigned int dpl)
267 {
268     set_gate(idt_table + n, 0, dpl, 0, 0);
269 }
270 #endif
271 
272 void cpu_loop(CPUX86State *env)
273 {
274     CPUState *cs = CPU(x86_env_get_cpu(env));
275     int trapnr;
276     abi_ulong pc;
277     target_siginfo_t info;
278 
279     for(;;) {
280         cpu_exec_start(cs);
281         trapnr = cpu_x86_exec(cs);
282         cpu_exec_end(cs);
283         switch(trapnr) {
284         case 0x80:
285             /* linux syscall from int $0x80 */
286             env->regs[R_EAX] = do_syscall(env,
287                                           env->regs[R_EAX],
288                                           env->regs[R_EBX],
289                                           env->regs[R_ECX],
290                                           env->regs[R_EDX],
291                                           env->regs[R_ESI],
292                                           env->regs[R_EDI],
293                                           env->regs[R_EBP],
294                                           0, 0);
295             break;
296 #ifndef TARGET_ABI32
297         case EXCP_SYSCALL:
298             /* linux syscall from syscall instruction */
299             env->regs[R_EAX] = do_syscall(env,
300                                           env->regs[R_EAX],
301                                           env->regs[R_EDI],
302                                           env->regs[R_ESI],
303                                           env->regs[R_EDX],
304                                           env->regs[10],
305                                           env->regs[8],
306                                           env->regs[9],
307                                           0, 0);
308             break;
309 #endif
310         case EXCP0B_NOSEG:
311         case EXCP0C_STACK:
312             info.si_signo = TARGET_SIGBUS;
313             info.si_errno = 0;
314             info.si_code = TARGET_SI_KERNEL;
315             info._sifields._sigfault._addr = 0;
316             queue_signal(env, info.si_signo, &info);
317             break;
318         case EXCP0D_GPF:
319             /* XXX: potential problem if ABI32 */
320 #ifndef TARGET_X86_64
321             if (env->eflags & VM_MASK) {
322                 handle_vm86_fault(env);
323             } else
324 #endif
325             {
326                 info.si_signo = TARGET_SIGSEGV;
327                 info.si_errno = 0;
328                 info.si_code = TARGET_SI_KERNEL;
329                 info._sifields._sigfault._addr = 0;
330                 queue_signal(env, info.si_signo, &info);
331             }
332             break;
333         case EXCP0E_PAGE:
334             info.si_signo = TARGET_SIGSEGV;
335             info.si_errno = 0;
336             if (!(env->error_code & 1))
337                 info.si_code = TARGET_SEGV_MAPERR;
338             else
339                 info.si_code = TARGET_SEGV_ACCERR;
340             info._sifields._sigfault._addr = env->cr[2];
341             queue_signal(env, info.si_signo, &info);
342             break;
343         case EXCP00_DIVZ:
344 #ifndef TARGET_X86_64
345             if (env->eflags & VM_MASK) {
346                 handle_vm86_trap(env, trapnr);
347             } else
348 #endif
349             {
350                 /* division by zero */
351                 info.si_signo = TARGET_SIGFPE;
352                 info.si_errno = 0;
353                 info.si_code = TARGET_FPE_INTDIV;
354                 info._sifields._sigfault._addr = env->eip;
355                 queue_signal(env, info.si_signo, &info);
356             }
357             break;
358         case EXCP01_DB:
359         case EXCP03_INT3:
360 #ifndef TARGET_X86_64
361             if (env->eflags & VM_MASK) {
362                 handle_vm86_trap(env, trapnr);
363             } else
364 #endif
365             {
366                 info.si_signo = TARGET_SIGTRAP;
367                 info.si_errno = 0;
368                 if (trapnr == EXCP01_DB) {
369                     info.si_code = TARGET_TRAP_BRKPT;
370                     info._sifields._sigfault._addr = env->eip;
371                 } else {
372                     info.si_code = TARGET_SI_KERNEL;
373                     info._sifields._sigfault._addr = 0;
374                 }
375                 queue_signal(env, info.si_signo, &info);
376             }
377             break;
378         case EXCP04_INTO:
379         case EXCP05_BOUND:
380 #ifndef TARGET_X86_64
381             if (env->eflags & VM_MASK) {
382                 handle_vm86_trap(env, trapnr);
383             } else
384 #endif
385             {
386                 info.si_signo = TARGET_SIGSEGV;
387                 info.si_errno = 0;
388                 info.si_code = TARGET_SI_KERNEL;
389                 info._sifields._sigfault._addr = 0;
390                 queue_signal(env, info.si_signo, &info);
391             }
392             break;
393         case EXCP06_ILLOP:
394             info.si_signo = TARGET_SIGILL;
395             info.si_errno = 0;
396             info.si_code = TARGET_ILL_ILLOPN;
397             info._sifields._sigfault._addr = env->eip;
398             queue_signal(env, info.si_signo, &info);
399             break;
400         case EXCP_INTERRUPT:
401             /* just indicate that signals should be handled asap */
402             break;
403         case EXCP_DEBUG:
404             {
405                 int sig;
406 
407                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
408                 if (sig)
409                   {
410                     info.si_signo = sig;
411                     info.si_errno = 0;
412                     info.si_code = TARGET_TRAP_BRKPT;
413                     queue_signal(env, info.si_signo, &info);
414                   }
415             }
416             break;
417         default:
418             pc = env->segs[R_CS].base + env->eip;
419             fprintf(stderr, "qemu: 0x%08lx: unhandled CPU exception 0x%x - aborting\n",
420                     (long)pc, trapnr);
421             abort();
422         }
423         process_pending_signals(env);
424     }
425 }
426 #endif
427 
428 #ifdef TARGET_ARM
429 
430 #define get_user_code_u32(x, gaddr, doswap)             \
431     ({ abi_long __r = get_user_u32((x), (gaddr));       \
432         if (!__r && (doswap)) {                         \
433             (x) = bswap32(x);                           \
434         }                                               \
435         __r;                                            \
436     })
437 
438 #define get_user_code_u16(x, gaddr, doswap)             \
439     ({ abi_long __r = get_user_u16((x), (gaddr));       \
440         if (!__r && (doswap)) {                         \
441             (x) = bswap16(x);                           \
442         }                                               \
443         __r;                                            \
444     })
445 
446 #ifdef TARGET_ABI32
447 /* Commpage handling -- there is no commpage for AArch64 */
448 
449 /*
450  * See the Linux kernel's Documentation/arm/kernel_user_helpers.txt
451  * Input:
452  * r0 = pointer to oldval
453  * r1 = pointer to newval
454  * r2 = pointer to target value
455  *
456  * Output:
457  * r0 = 0 if *ptr was changed, non-0 if no exchange happened
458  * C set if *ptr was changed, clear if no exchange happened
459  *
460  * Note segv's in kernel helpers are a bit tricky, we can set the
461  * data address sensibly but the PC address is just the entry point.
462  */
463 static void arm_kernel_cmpxchg64_helper(CPUARMState *env)
464 {
465     uint64_t oldval, newval, val;
466     uint32_t addr, cpsr;
467     target_siginfo_t info;
468 
469     /* Based on the 32 bit code in do_kernel_trap */
470 
471     /* XXX: This only works between threads, not between processes.
472        It's probably possible to implement this with native host
473        operations. However things like ldrex/strex are much harder so
474        there's not much point trying.  */
475     start_exclusive();
476     cpsr = cpsr_read(env);
477     addr = env->regs[2];
478 
479     if (get_user_u64(oldval, env->regs[0])) {
480         env->exception.vaddress = env->regs[0];
481         goto segv;
482     };
483 
484     if (get_user_u64(newval, env->regs[1])) {
485         env->exception.vaddress = env->regs[1];
486         goto segv;
487     };
488 
489     if (get_user_u64(val, addr)) {
490         env->exception.vaddress = addr;
491         goto segv;
492     }
493 
494     if (val == oldval) {
495         val = newval;
496 
497         if (put_user_u64(val, addr)) {
498             env->exception.vaddress = addr;
499             goto segv;
500         };
501 
502         env->regs[0] = 0;
503         cpsr |= CPSR_C;
504     } else {
505         env->regs[0] = -1;
506         cpsr &= ~CPSR_C;
507     }
508     cpsr_write(env, cpsr, CPSR_C);
509     end_exclusive();
510     return;
511 
512 segv:
513     end_exclusive();
514     /* We get the PC of the entry address - which is as good as anything,
515        on a real kernel what you get depends on which mode it uses. */
516     info.si_signo = TARGET_SIGSEGV;
517     info.si_errno = 0;
518     /* XXX: check env->error_code */
519     info.si_code = TARGET_SEGV_MAPERR;
520     info._sifields._sigfault._addr = env->exception.vaddress;
521     queue_signal(env, info.si_signo, &info);
522 }
523 
524 /* Handle a jump to the kernel code page.  */
525 static int
526 do_kernel_trap(CPUARMState *env)
527 {
528     uint32_t addr;
529     uint32_t cpsr;
530     uint32_t val;
531 
532     switch (env->regs[15]) {
533     case 0xffff0fa0: /* __kernel_memory_barrier */
534         /* ??? No-op. Will need to do better for SMP.  */
535         break;
536     case 0xffff0fc0: /* __kernel_cmpxchg */
537          /* XXX: This only works between threads, not between processes.
538             It's probably possible to implement this with native host
539             operations. However things like ldrex/strex are much harder so
540             there's not much point trying.  */
541         start_exclusive();
542         cpsr = cpsr_read(env);
543         addr = env->regs[2];
544         /* FIXME: This should SEGV if the access fails.  */
545         if (get_user_u32(val, addr))
546             val = ~env->regs[0];
547         if (val == env->regs[0]) {
548             val = env->regs[1];
549             /* FIXME: Check for segfaults.  */
550             put_user_u32(val, addr);
551             env->regs[0] = 0;
552             cpsr |= CPSR_C;
553         } else {
554             env->regs[0] = -1;
555             cpsr &= ~CPSR_C;
556         }
557         cpsr_write(env, cpsr, CPSR_C);
558         end_exclusive();
559         break;
560     case 0xffff0fe0: /* __kernel_get_tls */
561         env->regs[0] = cpu_get_tls(env);
562         break;
563     case 0xffff0f60: /* __kernel_cmpxchg64 */
564         arm_kernel_cmpxchg64_helper(env);
565         break;
566 
567     default:
568         return 1;
569     }
570     /* Jump back to the caller.  */
571     addr = env->regs[14];
572     if (addr & 1) {
573         env->thumb = 1;
574         addr &= ~1;
575     }
576     env->regs[15] = addr;
577 
578     return 0;
579 }
580 
581 /* Store exclusive handling for AArch32 */
582 static int do_strex(CPUARMState *env)
583 {
584     uint64_t val;
585     int size;
586     int rc = 1;
587     int segv = 0;
588     uint32_t addr;
589     start_exclusive();
590     if (env->exclusive_addr != env->exclusive_test) {
591         goto fail;
592     }
593     /* We know we're always AArch32 so the address is in uint32_t range
594      * unless it was the -1 exclusive-monitor-lost value (which won't
595      * match exclusive_test above).
596      */
597     assert(extract64(env->exclusive_addr, 32, 32) == 0);
598     addr = env->exclusive_addr;
599     size = env->exclusive_info & 0xf;
600     switch (size) {
601     case 0:
602         segv = get_user_u8(val, addr);
603         break;
604     case 1:
605         segv = get_user_u16(val, addr);
606         break;
607     case 2:
608     case 3:
609         segv = get_user_u32(val, addr);
610         break;
611     default:
612         abort();
613     }
614     if (segv) {
615         env->exception.vaddress = addr;
616         goto done;
617     }
618     if (size == 3) {
619         uint32_t valhi;
620         segv = get_user_u32(valhi, addr + 4);
621         if (segv) {
622             env->exception.vaddress = addr + 4;
623             goto done;
624         }
625         val = deposit64(val, 32, 32, valhi);
626     }
627     if (val != env->exclusive_val) {
628         goto fail;
629     }
630 
631     val = env->regs[(env->exclusive_info >> 8) & 0xf];
632     switch (size) {
633     case 0:
634         segv = put_user_u8(val, addr);
635         break;
636     case 1:
637         segv = put_user_u16(val, addr);
638         break;
639     case 2:
640     case 3:
641         segv = put_user_u32(val, addr);
642         break;
643     }
644     if (segv) {
645         env->exception.vaddress = addr;
646         goto done;
647     }
648     if (size == 3) {
649         val = env->regs[(env->exclusive_info >> 12) & 0xf];
650         segv = put_user_u32(val, addr + 4);
651         if (segv) {
652             env->exception.vaddress = addr + 4;
653             goto done;
654         }
655     }
656     rc = 0;
657 fail:
658     env->regs[15] += 4;
659     env->regs[(env->exclusive_info >> 4) & 0xf] = rc;
660 done:
661     end_exclusive();
662     return segv;
663 }
664 
665 void cpu_loop(CPUARMState *env)
666 {
667     CPUState *cs = CPU(arm_env_get_cpu(env));
668     int trapnr;
669     unsigned int n, insn;
670     target_siginfo_t info;
671     uint32_t addr;
672 
673     for(;;) {
674         cpu_exec_start(cs);
675         trapnr = cpu_arm_exec(cs);
676         cpu_exec_end(cs);
677         switch(trapnr) {
678         case EXCP_UDEF:
679             {
680                 TaskState *ts = cs->opaque;
681                 uint32_t opcode;
682                 int rc;
683 
684                 /* we handle the FPU emulation here, as Linux */
685                 /* we get the opcode */
686                 /* FIXME - what to do if get_user() fails? */
687                 get_user_code_u32(opcode, env->regs[15], env->bswap_code);
688 
689                 rc = EmulateAll(opcode, &ts->fpa, env);
690                 if (rc == 0) { /* illegal instruction */
691                     info.si_signo = TARGET_SIGILL;
692                     info.si_errno = 0;
693                     info.si_code = TARGET_ILL_ILLOPN;
694                     info._sifields._sigfault._addr = env->regs[15];
695                     queue_signal(env, info.si_signo, &info);
696                 } else if (rc < 0) { /* FP exception */
697                     int arm_fpe=0;
698 
699                     /* translate softfloat flags to FPSR flags */
700                     if (-rc & float_flag_invalid)
701                       arm_fpe |= BIT_IOC;
702                     if (-rc & float_flag_divbyzero)
703                       arm_fpe |= BIT_DZC;
704                     if (-rc & float_flag_overflow)
705                       arm_fpe |= BIT_OFC;
706                     if (-rc & float_flag_underflow)
707                       arm_fpe |= BIT_UFC;
708                     if (-rc & float_flag_inexact)
709                       arm_fpe |= BIT_IXC;
710 
711                     FPSR fpsr = ts->fpa.fpsr;
712                     //printf("fpsr 0x%x, arm_fpe 0x%x\n",fpsr,arm_fpe);
713 
714                     if (fpsr & (arm_fpe << 16)) { /* exception enabled? */
715                       info.si_signo = TARGET_SIGFPE;
716                       info.si_errno = 0;
717 
718                       /* ordered by priority, least first */
719                       if (arm_fpe & BIT_IXC) info.si_code = TARGET_FPE_FLTRES;
720                       if (arm_fpe & BIT_UFC) info.si_code = TARGET_FPE_FLTUND;
721                       if (arm_fpe & BIT_OFC) info.si_code = TARGET_FPE_FLTOVF;
722                       if (arm_fpe & BIT_DZC) info.si_code = TARGET_FPE_FLTDIV;
723                       if (arm_fpe & BIT_IOC) info.si_code = TARGET_FPE_FLTINV;
724 
725                       info._sifields._sigfault._addr = env->regs[15];
726                       queue_signal(env, info.si_signo, &info);
727                     } else {
728                       env->regs[15] += 4;
729                     }
730 
731                     /* accumulate unenabled exceptions */
732                     if ((!(fpsr & BIT_IXE)) && (arm_fpe & BIT_IXC))
733                       fpsr |= BIT_IXC;
734                     if ((!(fpsr & BIT_UFE)) && (arm_fpe & BIT_UFC))
735                       fpsr |= BIT_UFC;
736                     if ((!(fpsr & BIT_OFE)) && (arm_fpe & BIT_OFC))
737                       fpsr |= BIT_OFC;
738                     if ((!(fpsr & BIT_DZE)) && (arm_fpe & BIT_DZC))
739                       fpsr |= BIT_DZC;
740                     if ((!(fpsr & BIT_IOE)) && (arm_fpe & BIT_IOC))
741                       fpsr |= BIT_IOC;
742                     ts->fpa.fpsr=fpsr;
743                 } else { /* everything OK */
744                     /* increment PC */
745                     env->regs[15] += 4;
746                 }
747             }
748             break;
749         case EXCP_SWI:
750         case EXCP_BKPT:
751             {
752                 env->eabi = 1;
753                 /* system call */
754                 if (trapnr == EXCP_BKPT) {
755                     if (env->thumb) {
756                         /* FIXME - what to do if get_user() fails? */
757                         get_user_code_u16(insn, env->regs[15], env->bswap_code);
758                         n = insn & 0xff;
759                         env->regs[15] += 2;
760                     } else {
761                         /* FIXME - what to do if get_user() fails? */
762                         get_user_code_u32(insn, env->regs[15], env->bswap_code);
763                         n = (insn & 0xf) | ((insn >> 4) & 0xff0);
764                         env->regs[15] += 4;
765                     }
766                 } else {
767                     if (env->thumb) {
768                         /* FIXME - what to do if get_user() fails? */
769                         get_user_code_u16(insn, env->regs[15] - 2,
770                                           env->bswap_code);
771                         n = insn & 0xff;
772                     } else {
773                         /* FIXME - what to do if get_user() fails? */
774                         get_user_code_u32(insn, env->regs[15] - 4,
775                                           env->bswap_code);
776                         n = insn & 0xffffff;
777                     }
778                 }
779 
780                 if (n == ARM_NR_cacheflush) {
781                     /* nop */
782                 } else if (n == ARM_NR_semihosting
783                            || n == ARM_NR_thumb_semihosting) {
784                     env->regs[0] = do_arm_semihosting (env);
785                 } else if (n == 0 || n >= ARM_SYSCALL_BASE || env->thumb) {
786                     /* linux syscall */
787                     if (env->thumb || n == 0) {
788                         n = env->regs[7];
789                     } else {
790                         n -= ARM_SYSCALL_BASE;
791                         env->eabi = 0;
792                     }
793                     if ( n > ARM_NR_BASE) {
794                         switch (n) {
795                         case ARM_NR_cacheflush:
796                             /* nop */
797                             break;
798                         case ARM_NR_set_tls:
799                             cpu_set_tls(env, env->regs[0]);
800                             env->regs[0] = 0;
801                             break;
802                         case ARM_NR_breakpoint:
803                             env->regs[15] -= env->thumb ? 2 : 4;
804                             goto excp_debug;
805                         default:
806                             gemu_log("qemu: Unsupported ARM syscall: 0x%x\n",
807                                      n);
808                             env->regs[0] = -TARGET_ENOSYS;
809                             break;
810                         }
811                     } else {
812                         env->regs[0] = do_syscall(env,
813                                                   n,
814                                                   env->regs[0],
815                                                   env->regs[1],
816                                                   env->regs[2],
817                                                   env->regs[3],
818                                                   env->regs[4],
819                                                   env->regs[5],
820                                                   0, 0);
821                     }
822                 } else {
823                     goto error;
824                 }
825             }
826             break;
827         case EXCP_INTERRUPT:
828             /* just indicate that signals should be handled asap */
829             break;
830         case EXCP_STREX:
831             if (!do_strex(env)) {
832                 break;
833             }
834             /* fall through for segv */
835         case EXCP_PREFETCH_ABORT:
836         case EXCP_DATA_ABORT:
837             addr = env->exception.vaddress;
838             {
839                 info.si_signo = TARGET_SIGSEGV;
840                 info.si_errno = 0;
841                 /* XXX: check env->error_code */
842                 info.si_code = TARGET_SEGV_MAPERR;
843                 info._sifields._sigfault._addr = addr;
844                 queue_signal(env, info.si_signo, &info);
845             }
846             break;
847         case EXCP_DEBUG:
848         excp_debug:
849             {
850                 int sig;
851 
852                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
853                 if (sig)
854                   {
855                     info.si_signo = sig;
856                     info.si_errno = 0;
857                     info.si_code = TARGET_TRAP_BRKPT;
858                     queue_signal(env, info.si_signo, &info);
859                   }
860             }
861             break;
862         case EXCP_KERNEL_TRAP:
863             if (do_kernel_trap(env))
864               goto error;
865             break;
866         default:
867         error:
868             fprintf(stderr, "qemu: unhandled CPU exception 0x%x - aborting\n",
869                     trapnr);
870             cpu_dump_state(cs, stderr, fprintf, 0);
871             abort();
872         }
873         process_pending_signals(env);
874     }
875 }
876 
877 #else
878 
879 /*
880  * Handle AArch64 store-release exclusive
881  *
882  * rs = gets the status result of store exclusive
883  * rt = is the register that is stored
884  * rt2 = is the second register store (in STP)
885  *
886  */
887 static int do_strex_a64(CPUARMState *env)
888 {
889     uint64_t val;
890     int size;
891     bool is_pair;
892     int rc = 1;
893     int segv = 0;
894     uint64_t addr;
895     int rs, rt, rt2;
896 
897     start_exclusive();
898     /* size | is_pair << 2 | (rs << 4) | (rt << 9) | (rt2 << 14)); */
899     size = extract32(env->exclusive_info, 0, 2);
900     is_pair = extract32(env->exclusive_info, 2, 1);
901     rs = extract32(env->exclusive_info, 4, 5);
902     rt = extract32(env->exclusive_info, 9, 5);
903     rt2 = extract32(env->exclusive_info, 14, 5);
904 
905     addr = env->exclusive_addr;
906 
907     if (addr != env->exclusive_test) {
908         goto finish;
909     }
910 
911     switch (size) {
912     case 0:
913         segv = get_user_u8(val, addr);
914         break;
915     case 1:
916         segv = get_user_u16(val, addr);
917         break;
918     case 2:
919         segv = get_user_u32(val, addr);
920         break;
921     case 3:
922         segv = get_user_u64(val, addr);
923         break;
924     default:
925         abort();
926     }
927     if (segv) {
928         env->exception.vaddress = addr;
929         goto error;
930     }
931     if (val != env->exclusive_val) {
932         goto finish;
933     }
934     if (is_pair) {
935         if (size == 2) {
936             segv = get_user_u32(val, addr + 4);
937         } else {
938             segv = get_user_u64(val, addr + 8);
939         }
940         if (segv) {
941             env->exception.vaddress = addr + (size == 2 ? 4 : 8);
942             goto error;
943         }
944         if (val != env->exclusive_high) {
945             goto finish;
946         }
947     }
948     /* handle the zero register */
949     val = rt == 31 ? 0 : env->xregs[rt];
950     switch (size) {
951     case 0:
952         segv = put_user_u8(val, addr);
953         break;
954     case 1:
955         segv = put_user_u16(val, addr);
956         break;
957     case 2:
958         segv = put_user_u32(val, addr);
959         break;
960     case 3:
961         segv = put_user_u64(val, addr);
962         break;
963     }
964     if (segv) {
965         goto error;
966     }
967     if (is_pair) {
968         /* handle the zero register */
969         val = rt2 == 31 ? 0 : env->xregs[rt2];
970         if (size == 2) {
971             segv = put_user_u32(val, addr + 4);
972         } else {
973             segv = put_user_u64(val, addr + 8);
974         }
975         if (segv) {
976             env->exception.vaddress = addr + (size == 2 ? 4 : 8);
977             goto error;
978         }
979     }
980     rc = 0;
981 finish:
982     env->pc += 4;
983     /* rs == 31 encodes a write to the ZR, thus throwing away
984      * the status return. This is rather silly but valid.
985      */
986     if (rs < 31) {
987         env->xregs[rs] = rc;
988     }
989 error:
990     /* instruction faulted, PC does not advance */
991     /* either way a strex releases any exclusive lock we have */
992     env->exclusive_addr = -1;
993     end_exclusive();
994     return segv;
995 }
996 
997 /* AArch64 main loop */
998 void cpu_loop(CPUARMState *env)
999 {
1000     CPUState *cs = CPU(arm_env_get_cpu(env));
1001     int trapnr, sig;
1002     target_siginfo_t info;
1003 
1004     for (;;) {
1005         cpu_exec_start(cs);
1006         trapnr = cpu_arm_exec(cs);
1007         cpu_exec_end(cs);
1008 
1009         switch (trapnr) {
1010         case EXCP_SWI:
1011             env->xregs[0] = do_syscall(env,
1012                                        env->xregs[8],
1013                                        env->xregs[0],
1014                                        env->xregs[1],
1015                                        env->xregs[2],
1016                                        env->xregs[3],
1017                                        env->xregs[4],
1018                                        env->xregs[5],
1019                                        0, 0);
1020             break;
1021         case EXCP_INTERRUPT:
1022             /* just indicate that signals should be handled asap */
1023             break;
1024         case EXCP_UDEF:
1025             info.si_signo = TARGET_SIGILL;
1026             info.si_errno = 0;
1027             info.si_code = TARGET_ILL_ILLOPN;
1028             info._sifields._sigfault._addr = env->pc;
1029             queue_signal(env, info.si_signo, &info);
1030             break;
1031         case EXCP_STREX:
1032             if (!do_strex_a64(env)) {
1033                 break;
1034             }
1035             /* fall through for segv */
1036         case EXCP_PREFETCH_ABORT:
1037         case EXCP_DATA_ABORT:
1038             info.si_signo = TARGET_SIGSEGV;
1039             info.si_errno = 0;
1040             /* XXX: check env->error_code */
1041             info.si_code = TARGET_SEGV_MAPERR;
1042             info._sifields._sigfault._addr = env->exception.vaddress;
1043             queue_signal(env, info.si_signo, &info);
1044             break;
1045         case EXCP_DEBUG:
1046         case EXCP_BKPT:
1047             sig = gdb_handlesig(cs, TARGET_SIGTRAP);
1048             if (sig) {
1049                 info.si_signo = sig;
1050                 info.si_errno = 0;
1051                 info.si_code = TARGET_TRAP_BRKPT;
1052                 queue_signal(env, info.si_signo, &info);
1053             }
1054             break;
1055         case EXCP_SEMIHOST:
1056             env->xregs[0] = do_arm_semihosting(env);
1057             break;
1058         default:
1059             fprintf(stderr, "qemu: unhandled CPU exception 0x%x - aborting\n",
1060                     trapnr);
1061             cpu_dump_state(cs, stderr, fprintf, 0);
1062             abort();
1063         }
1064         process_pending_signals(env);
1065         /* Exception return on AArch64 always clears the exclusive monitor,
1066          * so any return to running guest code implies this.
1067          * A strex (successful or otherwise) also clears the monitor, so
1068          * we don't need to specialcase EXCP_STREX.
1069          */
1070         env->exclusive_addr = -1;
1071     }
1072 }
1073 #endif /* ndef TARGET_ABI32 */
1074 
1075 #endif
1076 
1077 #ifdef TARGET_UNICORE32
1078 
1079 void cpu_loop(CPUUniCore32State *env)
1080 {
1081     CPUState *cs = CPU(uc32_env_get_cpu(env));
1082     int trapnr;
1083     unsigned int n, insn;
1084     target_siginfo_t info;
1085 
1086     for (;;) {
1087         cpu_exec_start(cs);
1088         trapnr = uc32_cpu_exec(cs);
1089         cpu_exec_end(cs);
1090         switch (trapnr) {
1091         case UC32_EXCP_PRIV:
1092             {
1093                 /* system call */
1094                 get_user_u32(insn, env->regs[31] - 4);
1095                 n = insn & 0xffffff;
1096 
1097                 if (n >= UC32_SYSCALL_BASE) {
1098                     /* linux syscall */
1099                     n -= UC32_SYSCALL_BASE;
1100                     if (n == UC32_SYSCALL_NR_set_tls) {
1101                             cpu_set_tls(env, env->regs[0]);
1102                             env->regs[0] = 0;
1103                     } else {
1104                         env->regs[0] = do_syscall(env,
1105                                                   n,
1106                                                   env->regs[0],
1107                                                   env->regs[1],
1108                                                   env->regs[2],
1109                                                   env->regs[3],
1110                                                   env->regs[4],
1111                                                   env->regs[5],
1112                                                   0, 0);
1113                     }
1114                 } else {
1115                     goto error;
1116                 }
1117             }
1118             break;
1119         case UC32_EXCP_DTRAP:
1120         case UC32_EXCP_ITRAP:
1121             info.si_signo = TARGET_SIGSEGV;
1122             info.si_errno = 0;
1123             /* XXX: check env->error_code */
1124             info.si_code = TARGET_SEGV_MAPERR;
1125             info._sifields._sigfault._addr = env->cp0.c4_faultaddr;
1126             queue_signal(env, info.si_signo, &info);
1127             break;
1128         case EXCP_INTERRUPT:
1129             /* just indicate that signals should be handled asap */
1130             break;
1131         case EXCP_DEBUG:
1132             {
1133                 int sig;
1134 
1135                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
1136                 if (sig) {
1137                     info.si_signo = sig;
1138                     info.si_errno = 0;
1139                     info.si_code = TARGET_TRAP_BRKPT;
1140                     queue_signal(env, info.si_signo, &info);
1141                 }
1142             }
1143             break;
1144         default:
1145             goto error;
1146         }
1147         process_pending_signals(env);
1148     }
1149 
1150 error:
1151     fprintf(stderr, "qemu: unhandled CPU exception 0x%x - aborting\n", trapnr);
1152     cpu_dump_state(cs, stderr, fprintf, 0);
1153     abort();
1154 }
1155 #endif
1156 
1157 #ifdef TARGET_SPARC
1158 #define SPARC64_STACK_BIAS 2047
1159 
1160 //#define DEBUG_WIN
1161 
1162 /* WARNING: dealing with register windows _is_ complicated. More info
1163    can be found at http://www.sics.se/~psm/sparcstack.html */
1164 static inline int get_reg_index(CPUSPARCState *env, int cwp, int index)
1165 {
1166     index = (index + cwp * 16) % (16 * env->nwindows);
1167     /* wrap handling : if cwp is on the last window, then we use the
1168        registers 'after' the end */
1169     if (index < 8 && env->cwp == env->nwindows - 1)
1170         index += 16 * env->nwindows;
1171     return index;
1172 }
1173 
1174 /* save the register window 'cwp1' */
1175 static inline void save_window_offset(CPUSPARCState *env, int cwp1)
1176 {
1177     unsigned int i;
1178     abi_ulong sp_ptr;
1179 
1180     sp_ptr = env->regbase[get_reg_index(env, cwp1, 6)];
1181 #ifdef TARGET_SPARC64
1182     if (sp_ptr & 3)
1183         sp_ptr += SPARC64_STACK_BIAS;
1184 #endif
1185 #if defined(DEBUG_WIN)
1186     printf("win_overflow: sp_ptr=0x" TARGET_ABI_FMT_lx " save_cwp=%d\n",
1187            sp_ptr, cwp1);
1188 #endif
1189     for(i = 0; i < 16; i++) {
1190         /* FIXME - what to do if put_user() fails? */
1191         put_user_ual(env->regbase[get_reg_index(env, cwp1, 8 + i)], sp_ptr);
1192         sp_ptr += sizeof(abi_ulong);
1193     }
1194 }
1195 
1196 static void save_window(CPUSPARCState *env)
1197 {
1198 #ifndef TARGET_SPARC64
1199     unsigned int new_wim;
1200     new_wim = ((env->wim >> 1) | (env->wim << (env->nwindows - 1))) &
1201         ((1LL << env->nwindows) - 1);
1202     save_window_offset(env, cpu_cwp_dec(env, env->cwp - 2));
1203     env->wim = new_wim;
1204 #else
1205     save_window_offset(env, cpu_cwp_dec(env, env->cwp - 2));
1206     env->cansave++;
1207     env->canrestore--;
1208 #endif
1209 }
1210 
1211 static void restore_window(CPUSPARCState *env)
1212 {
1213 #ifndef TARGET_SPARC64
1214     unsigned int new_wim;
1215 #endif
1216     unsigned int i, cwp1;
1217     abi_ulong sp_ptr;
1218 
1219 #ifndef TARGET_SPARC64
1220     new_wim = ((env->wim << 1) | (env->wim >> (env->nwindows - 1))) &
1221         ((1LL << env->nwindows) - 1);
1222 #endif
1223 
1224     /* restore the invalid window */
1225     cwp1 = cpu_cwp_inc(env, env->cwp + 1);
1226     sp_ptr = env->regbase[get_reg_index(env, cwp1, 6)];
1227 #ifdef TARGET_SPARC64
1228     if (sp_ptr & 3)
1229         sp_ptr += SPARC64_STACK_BIAS;
1230 #endif
1231 #if defined(DEBUG_WIN)
1232     printf("win_underflow: sp_ptr=0x" TARGET_ABI_FMT_lx " load_cwp=%d\n",
1233            sp_ptr, cwp1);
1234 #endif
1235     for(i = 0; i < 16; i++) {
1236         /* FIXME - what to do if get_user() fails? */
1237         get_user_ual(env->regbase[get_reg_index(env, cwp1, 8 + i)], sp_ptr);
1238         sp_ptr += sizeof(abi_ulong);
1239     }
1240 #ifdef TARGET_SPARC64
1241     env->canrestore++;
1242     if (env->cleanwin < env->nwindows - 1)
1243         env->cleanwin++;
1244     env->cansave--;
1245 #else
1246     env->wim = new_wim;
1247 #endif
1248 }
1249 
1250 static void flush_windows(CPUSPARCState *env)
1251 {
1252     int offset, cwp1;
1253 
1254     offset = 1;
1255     for(;;) {
1256         /* if restore would invoke restore_window(), then we can stop */
1257         cwp1 = cpu_cwp_inc(env, env->cwp + offset);
1258 #ifndef TARGET_SPARC64
1259         if (env->wim & (1 << cwp1))
1260             break;
1261 #else
1262         if (env->canrestore == 0)
1263             break;
1264         env->cansave++;
1265         env->canrestore--;
1266 #endif
1267         save_window_offset(env, cwp1);
1268         offset++;
1269     }
1270     cwp1 = cpu_cwp_inc(env, env->cwp + 1);
1271 #ifndef TARGET_SPARC64
1272     /* set wim so that restore will reload the registers */
1273     env->wim = 1 << cwp1;
1274 #endif
1275 #if defined(DEBUG_WIN)
1276     printf("flush_windows: nb=%d\n", offset - 1);
1277 #endif
1278 }
1279 
1280 void cpu_loop (CPUSPARCState *env)
1281 {
1282     CPUState *cs = CPU(sparc_env_get_cpu(env));
1283     int trapnr;
1284     abi_long ret;
1285     target_siginfo_t info;
1286 
1287     while (1) {
1288         cpu_exec_start(cs);
1289         trapnr = cpu_sparc_exec(cs);
1290         cpu_exec_end(cs);
1291 
1292         /* Compute PSR before exposing state.  */
1293         if (env->cc_op != CC_OP_FLAGS) {
1294             cpu_get_psr(env);
1295         }
1296 
1297         switch (trapnr) {
1298 #ifndef TARGET_SPARC64
1299         case 0x88:
1300         case 0x90:
1301 #else
1302         case 0x110:
1303         case 0x16d:
1304 #endif
1305             ret = do_syscall (env, env->gregs[1],
1306                               env->regwptr[0], env->regwptr[1],
1307                               env->regwptr[2], env->regwptr[3],
1308                               env->regwptr[4], env->regwptr[5],
1309                               0, 0);
1310             if ((abi_ulong)ret >= (abi_ulong)(-515)) {
1311 #if defined(TARGET_SPARC64) && !defined(TARGET_ABI32)
1312                 env->xcc |= PSR_CARRY;
1313 #else
1314                 env->psr |= PSR_CARRY;
1315 #endif
1316                 ret = -ret;
1317             } else {
1318 #if defined(TARGET_SPARC64) && !defined(TARGET_ABI32)
1319                 env->xcc &= ~PSR_CARRY;
1320 #else
1321                 env->psr &= ~PSR_CARRY;
1322 #endif
1323             }
1324             env->regwptr[0] = ret;
1325             /* next instruction */
1326             env->pc = env->npc;
1327             env->npc = env->npc + 4;
1328             break;
1329         case 0x83: /* flush windows */
1330 #ifdef TARGET_ABI32
1331         case 0x103:
1332 #endif
1333             flush_windows(env);
1334             /* next instruction */
1335             env->pc = env->npc;
1336             env->npc = env->npc + 4;
1337             break;
1338 #ifndef TARGET_SPARC64
1339         case TT_WIN_OVF: /* window overflow */
1340             save_window(env);
1341             break;
1342         case TT_WIN_UNF: /* window underflow */
1343             restore_window(env);
1344             break;
1345         case TT_TFAULT:
1346         case TT_DFAULT:
1347             {
1348                 info.si_signo = TARGET_SIGSEGV;
1349                 info.si_errno = 0;
1350                 /* XXX: check env->error_code */
1351                 info.si_code = TARGET_SEGV_MAPERR;
1352                 info._sifields._sigfault._addr = env->mmuregs[4];
1353                 queue_signal(env, info.si_signo, &info);
1354             }
1355             break;
1356 #else
1357         case TT_SPILL: /* window overflow */
1358             save_window(env);
1359             break;
1360         case TT_FILL: /* window underflow */
1361             restore_window(env);
1362             break;
1363         case TT_TFAULT:
1364         case TT_DFAULT:
1365             {
1366                 info.si_signo = TARGET_SIGSEGV;
1367                 info.si_errno = 0;
1368                 /* XXX: check env->error_code */
1369                 info.si_code = TARGET_SEGV_MAPERR;
1370                 if (trapnr == TT_DFAULT)
1371                     info._sifields._sigfault._addr = env->dmmuregs[4];
1372                 else
1373                     info._sifields._sigfault._addr = cpu_tsptr(env)->tpc;
1374                 queue_signal(env, info.si_signo, &info);
1375             }
1376             break;
1377 #ifndef TARGET_ABI32
1378         case 0x16e:
1379             flush_windows(env);
1380             sparc64_get_context(env);
1381             break;
1382         case 0x16f:
1383             flush_windows(env);
1384             sparc64_set_context(env);
1385             break;
1386 #endif
1387 #endif
1388         case EXCP_INTERRUPT:
1389             /* just indicate that signals should be handled asap */
1390             break;
1391         case TT_ILL_INSN:
1392             {
1393                 info.si_signo = TARGET_SIGILL;
1394                 info.si_errno = 0;
1395                 info.si_code = TARGET_ILL_ILLOPC;
1396                 info._sifields._sigfault._addr = env->pc;
1397                 queue_signal(env, info.si_signo, &info);
1398             }
1399             break;
1400         case EXCP_DEBUG:
1401             {
1402                 int sig;
1403 
1404                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
1405                 if (sig)
1406                   {
1407                     info.si_signo = sig;
1408                     info.si_errno = 0;
1409                     info.si_code = TARGET_TRAP_BRKPT;
1410                     queue_signal(env, info.si_signo, &info);
1411                   }
1412             }
1413             break;
1414         default:
1415             printf ("Unhandled trap: 0x%x\n", trapnr);
1416             cpu_dump_state(cs, stderr, fprintf, 0);
1417             exit(EXIT_FAILURE);
1418         }
1419         process_pending_signals (env);
1420     }
1421 }
1422 
1423 #endif
1424 
1425 #ifdef TARGET_PPC
1426 static inline uint64_t cpu_ppc_get_tb(CPUPPCState *env)
1427 {
1428     return cpu_get_host_ticks();
1429 }
1430 
1431 uint64_t cpu_ppc_load_tbl(CPUPPCState *env)
1432 {
1433     return cpu_ppc_get_tb(env);
1434 }
1435 
1436 uint32_t cpu_ppc_load_tbu(CPUPPCState *env)
1437 {
1438     return cpu_ppc_get_tb(env) >> 32;
1439 }
1440 
1441 uint64_t cpu_ppc_load_atbl(CPUPPCState *env)
1442 {
1443     return cpu_ppc_get_tb(env);
1444 }
1445 
1446 uint32_t cpu_ppc_load_atbu(CPUPPCState *env)
1447 {
1448     return cpu_ppc_get_tb(env) >> 32;
1449 }
1450 
1451 uint32_t cpu_ppc601_load_rtcu(CPUPPCState *env)
1452 __attribute__ (( alias ("cpu_ppc_load_tbu") ));
1453 
1454 uint32_t cpu_ppc601_load_rtcl(CPUPPCState *env)
1455 {
1456     return cpu_ppc_load_tbl(env) & 0x3FFFFF80;
1457 }
1458 
1459 /* XXX: to be fixed */
1460 int ppc_dcr_read (ppc_dcr_t *dcr_env, int dcrn, uint32_t *valp)
1461 {
1462     return -1;
1463 }
1464 
1465 int ppc_dcr_write (ppc_dcr_t *dcr_env, int dcrn, uint32_t val)
1466 {
1467     return -1;
1468 }
1469 
1470 #define EXCP_DUMP(env, fmt, ...)                                        \
1471 do {                                                                    \
1472     CPUState *cs = ENV_GET_CPU(env);                                    \
1473     fprintf(stderr, fmt , ## __VA_ARGS__);                              \
1474     cpu_dump_state(cs, stderr, fprintf, 0);                             \
1475     qemu_log(fmt, ## __VA_ARGS__);                                      \
1476     if (qemu_log_enabled()) {                                           \
1477         log_cpu_state(cs, 0);                                           \
1478     }                                                                   \
1479 } while (0)
1480 
1481 static int do_store_exclusive(CPUPPCState *env)
1482 {
1483     target_ulong addr;
1484     target_ulong page_addr;
1485     target_ulong val, val2 __attribute__((unused)) = 0;
1486     int flags;
1487     int segv = 0;
1488 
1489     addr = env->reserve_ea;
1490     page_addr = addr & TARGET_PAGE_MASK;
1491     start_exclusive();
1492     mmap_lock();
1493     flags = page_get_flags(page_addr);
1494     if ((flags & PAGE_READ) == 0) {
1495         segv = 1;
1496     } else {
1497         int reg = env->reserve_info & 0x1f;
1498         int size = env->reserve_info >> 5;
1499         int stored = 0;
1500 
1501         if (addr == env->reserve_addr) {
1502             switch (size) {
1503             case 1: segv = get_user_u8(val, addr); break;
1504             case 2: segv = get_user_u16(val, addr); break;
1505             case 4: segv = get_user_u32(val, addr); break;
1506 #if defined(TARGET_PPC64)
1507             case 8: segv = get_user_u64(val, addr); break;
1508             case 16: {
1509                 segv = get_user_u64(val, addr);
1510                 if (!segv) {
1511                     segv = get_user_u64(val2, addr + 8);
1512                 }
1513                 break;
1514             }
1515 #endif
1516             default: abort();
1517             }
1518             if (!segv && val == env->reserve_val) {
1519                 val = env->gpr[reg];
1520                 switch (size) {
1521                 case 1: segv = put_user_u8(val, addr); break;
1522                 case 2: segv = put_user_u16(val, addr); break;
1523                 case 4: segv = put_user_u32(val, addr); break;
1524 #if defined(TARGET_PPC64)
1525                 case 8: segv = put_user_u64(val, addr); break;
1526                 case 16: {
1527                     if (val2 == env->reserve_val2) {
1528                         if (msr_le) {
1529                             val2 = val;
1530                             val = env->gpr[reg+1];
1531                         } else {
1532                             val2 = env->gpr[reg+1];
1533                         }
1534                         segv = put_user_u64(val, addr);
1535                         if (!segv) {
1536                             segv = put_user_u64(val2, addr + 8);
1537                         }
1538                     }
1539                     break;
1540                 }
1541 #endif
1542                 default: abort();
1543                 }
1544                 if (!segv) {
1545                     stored = 1;
1546                 }
1547             }
1548         }
1549         env->crf[0] = (stored << 1) | xer_so;
1550         env->reserve_addr = (target_ulong)-1;
1551     }
1552     if (!segv) {
1553         env->nip += 4;
1554     }
1555     mmap_unlock();
1556     end_exclusive();
1557     return segv;
1558 }
1559 
1560 void cpu_loop(CPUPPCState *env)
1561 {
1562     CPUState *cs = CPU(ppc_env_get_cpu(env));
1563     target_siginfo_t info;
1564     int trapnr;
1565     target_ulong ret;
1566 
1567     for(;;) {
1568         cpu_exec_start(cs);
1569         trapnr = cpu_ppc_exec(cs);
1570         cpu_exec_end(cs);
1571         switch(trapnr) {
1572         case POWERPC_EXCP_NONE:
1573             /* Just go on */
1574             break;
1575         case POWERPC_EXCP_CRITICAL: /* Critical input                        */
1576             cpu_abort(cs, "Critical interrupt while in user mode. "
1577                       "Aborting\n");
1578             break;
1579         case POWERPC_EXCP_MCHECK:   /* Machine check exception               */
1580             cpu_abort(cs, "Machine check exception while in user mode. "
1581                       "Aborting\n");
1582             break;
1583         case POWERPC_EXCP_DSI:      /* Data storage exception                */
1584             EXCP_DUMP(env, "Invalid data memory access: 0x" TARGET_FMT_lx "\n",
1585                       env->spr[SPR_DAR]);
1586             /* XXX: check this. Seems bugged */
1587             switch (env->error_code & 0xFF000000) {
1588             case 0x40000000:
1589                 info.si_signo = TARGET_SIGSEGV;
1590                 info.si_errno = 0;
1591                 info.si_code = TARGET_SEGV_MAPERR;
1592                 break;
1593             case 0x04000000:
1594                 info.si_signo = TARGET_SIGILL;
1595                 info.si_errno = 0;
1596                 info.si_code = TARGET_ILL_ILLADR;
1597                 break;
1598             case 0x08000000:
1599                 info.si_signo = TARGET_SIGSEGV;
1600                 info.si_errno = 0;
1601                 info.si_code = TARGET_SEGV_ACCERR;
1602                 break;
1603             default:
1604                 /* Let's send a regular segfault... */
1605                 EXCP_DUMP(env, "Invalid segfault errno (%02x)\n",
1606                           env->error_code);
1607                 info.si_signo = TARGET_SIGSEGV;
1608                 info.si_errno = 0;
1609                 info.si_code = TARGET_SEGV_MAPERR;
1610                 break;
1611             }
1612             info._sifields._sigfault._addr = env->nip;
1613             queue_signal(env, info.si_signo, &info);
1614             break;
1615         case POWERPC_EXCP_ISI:      /* Instruction storage exception         */
1616             EXCP_DUMP(env, "Invalid instruction fetch: 0x\n" TARGET_FMT_lx
1617                       "\n", env->spr[SPR_SRR0]);
1618             /* XXX: check this */
1619             switch (env->error_code & 0xFF000000) {
1620             case 0x40000000:
1621                 info.si_signo = TARGET_SIGSEGV;
1622             info.si_errno = 0;
1623                 info.si_code = TARGET_SEGV_MAPERR;
1624                 break;
1625             case 0x10000000:
1626             case 0x08000000:
1627                 info.si_signo = TARGET_SIGSEGV;
1628                 info.si_errno = 0;
1629                 info.si_code = TARGET_SEGV_ACCERR;
1630                 break;
1631             default:
1632                 /* Let's send a regular segfault... */
1633                 EXCP_DUMP(env, "Invalid segfault errno (%02x)\n",
1634                           env->error_code);
1635                 info.si_signo = TARGET_SIGSEGV;
1636                 info.si_errno = 0;
1637                 info.si_code = TARGET_SEGV_MAPERR;
1638                 break;
1639             }
1640             info._sifields._sigfault._addr = env->nip - 4;
1641             queue_signal(env, info.si_signo, &info);
1642             break;
1643         case POWERPC_EXCP_EXTERNAL: /* External input                        */
1644             cpu_abort(cs, "External interrupt while in user mode. "
1645                       "Aborting\n");
1646             break;
1647         case POWERPC_EXCP_ALIGN:    /* Alignment exception                   */
1648             EXCP_DUMP(env, "Unaligned memory access\n");
1649             /* XXX: check this */
1650             info.si_signo = TARGET_SIGBUS;
1651             info.si_errno = 0;
1652             info.si_code = TARGET_BUS_ADRALN;
1653             info._sifields._sigfault._addr = env->nip;
1654             queue_signal(env, info.si_signo, &info);
1655             break;
1656         case POWERPC_EXCP_PROGRAM:  /* Program exception                     */
1657             /* XXX: check this */
1658             switch (env->error_code & ~0xF) {
1659             case POWERPC_EXCP_FP:
1660                 EXCP_DUMP(env, "Floating point program exception\n");
1661                 info.si_signo = TARGET_SIGFPE;
1662                 info.si_errno = 0;
1663                 switch (env->error_code & 0xF) {
1664                 case POWERPC_EXCP_FP_OX:
1665                     info.si_code = TARGET_FPE_FLTOVF;
1666                     break;
1667                 case POWERPC_EXCP_FP_UX:
1668                     info.si_code = TARGET_FPE_FLTUND;
1669                     break;
1670                 case POWERPC_EXCP_FP_ZX:
1671                 case POWERPC_EXCP_FP_VXZDZ:
1672                     info.si_code = TARGET_FPE_FLTDIV;
1673                     break;
1674                 case POWERPC_EXCP_FP_XX:
1675                     info.si_code = TARGET_FPE_FLTRES;
1676                     break;
1677                 case POWERPC_EXCP_FP_VXSOFT:
1678                     info.si_code = TARGET_FPE_FLTINV;
1679                     break;
1680                 case POWERPC_EXCP_FP_VXSNAN:
1681                 case POWERPC_EXCP_FP_VXISI:
1682                 case POWERPC_EXCP_FP_VXIDI:
1683                 case POWERPC_EXCP_FP_VXIMZ:
1684                 case POWERPC_EXCP_FP_VXVC:
1685                 case POWERPC_EXCP_FP_VXSQRT:
1686                 case POWERPC_EXCP_FP_VXCVI:
1687                     info.si_code = TARGET_FPE_FLTSUB;
1688                     break;
1689                 default:
1690                     EXCP_DUMP(env, "Unknown floating point exception (%02x)\n",
1691                               env->error_code);
1692                     break;
1693                 }
1694                 break;
1695             case POWERPC_EXCP_INVAL:
1696                 EXCP_DUMP(env, "Invalid instruction\n");
1697                 info.si_signo = TARGET_SIGILL;
1698                 info.si_errno = 0;
1699                 switch (env->error_code & 0xF) {
1700                 case POWERPC_EXCP_INVAL_INVAL:
1701                     info.si_code = TARGET_ILL_ILLOPC;
1702                     break;
1703                 case POWERPC_EXCP_INVAL_LSWX:
1704                     info.si_code = TARGET_ILL_ILLOPN;
1705                     break;
1706                 case POWERPC_EXCP_INVAL_SPR:
1707                     info.si_code = TARGET_ILL_PRVREG;
1708                     break;
1709                 case POWERPC_EXCP_INVAL_FP:
1710                     info.si_code = TARGET_ILL_COPROC;
1711                     break;
1712                 default:
1713                     EXCP_DUMP(env, "Unknown invalid operation (%02x)\n",
1714                               env->error_code & 0xF);
1715                     info.si_code = TARGET_ILL_ILLADR;
1716                     break;
1717                 }
1718                 break;
1719             case POWERPC_EXCP_PRIV:
1720                 EXCP_DUMP(env, "Privilege violation\n");
1721                 info.si_signo = TARGET_SIGILL;
1722                 info.si_errno = 0;
1723                 switch (env->error_code & 0xF) {
1724                 case POWERPC_EXCP_PRIV_OPC:
1725                     info.si_code = TARGET_ILL_PRVOPC;
1726                     break;
1727                 case POWERPC_EXCP_PRIV_REG:
1728                     info.si_code = TARGET_ILL_PRVREG;
1729                     break;
1730                 default:
1731                     EXCP_DUMP(env, "Unknown privilege violation (%02x)\n",
1732                               env->error_code & 0xF);
1733                     info.si_code = TARGET_ILL_PRVOPC;
1734                     break;
1735                 }
1736                 break;
1737             case POWERPC_EXCP_TRAP:
1738                 cpu_abort(cs, "Tried to call a TRAP\n");
1739                 break;
1740             default:
1741                 /* Should not happen ! */
1742                 cpu_abort(cs, "Unknown program exception (%02x)\n",
1743                           env->error_code);
1744                 break;
1745             }
1746             info._sifields._sigfault._addr = env->nip - 4;
1747             queue_signal(env, info.si_signo, &info);
1748             break;
1749         case POWERPC_EXCP_FPU:      /* Floating-point unavailable exception  */
1750             EXCP_DUMP(env, "No floating point allowed\n");
1751             info.si_signo = TARGET_SIGILL;
1752             info.si_errno = 0;
1753             info.si_code = TARGET_ILL_COPROC;
1754             info._sifields._sigfault._addr = env->nip - 4;
1755             queue_signal(env, info.si_signo, &info);
1756             break;
1757         case POWERPC_EXCP_SYSCALL:  /* System call exception                 */
1758             cpu_abort(cs, "Syscall exception while in user mode. "
1759                       "Aborting\n");
1760             break;
1761         case POWERPC_EXCP_APU:      /* Auxiliary processor unavailable       */
1762             EXCP_DUMP(env, "No APU instruction allowed\n");
1763             info.si_signo = TARGET_SIGILL;
1764             info.si_errno = 0;
1765             info.si_code = TARGET_ILL_COPROC;
1766             info._sifields._sigfault._addr = env->nip - 4;
1767             queue_signal(env, info.si_signo, &info);
1768             break;
1769         case POWERPC_EXCP_DECR:     /* Decrementer exception                 */
1770             cpu_abort(cs, "Decrementer interrupt while in user mode. "
1771                       "Aborting\n");
1772             break;
1773         case POWERPC_EXCP_FIT:      /* Fixed-interval timer interrupt        */
1774             cpu_abort(cs, "Fix interval timer interrupt while in user mode. "
1775                       "Aborting\n");
1776             break;
1777         case POWERPC_EXCP_WDT:      /* Watchdog timer interrupt              */
1778             cpu_abort(cs, "Watchdog timer interrupt while in user mode. "
1779                       "Aborting\n");
1780             break;
1781         case POWERPC_EXCP_DTLB:     /* Data TLB error                        */
1782             cpu_abort(cs, "Data TLB exception while in user mode. "
1783                       "Aborting\n");
1784             break;
1785         case POWERPC_EXCP_ITLB:     /* Instruction TLB error                 */
1786             cpu_abort(cs, "Instruction TLB exception while in user mode. "
1787                       "Aborting\n");
1788             break;
1789         case POWERPC_EXCP_SPEU:     /* SPE/embedded floating-point unavail.  */
1790             EXCP_DUMP(env, "No SPE/floating-point instruction allowed\n");
1791             info.si_signo = TARGET_SIGILL;
1792             info.si_errno = 0;
1793             info.si_code = TARGET_ILL_COPROC;
1794             info._sifields._sigfault._addr = env->nip - 4;
1795             queue_signal(env, info.si_signo, &info);
1796             break;
1797         case POWERPC_EXCP_EFPDI:    /* Embedded floating-point data IRQ      */
1798             cpu_abort(cs, "Embedded floating-point data IRQ not handled\n");
1799             break;
1800         case POWERPC_EXCP_EFPRI:    /* Embedded floating-point round IRQ     */
1801             cpu_abort(cs, "Embedded floating-point round IRQ not handled\n");
1802             break;
1803         case POWERPC_EXCP_EPERFM:   /* Embedded performance monitor IRQ      */
1804             cpu_abort(cs, "Performance monitor exception not handled\n");
1805             break;
1806         case POWERPC_EXCP_DOORI:    /* Embedded doorbell interrupt           */
1807             cpu_abort(cs, "Doorbell interrupt while in user mode. "
1808                        "Aborting\n");
1809             break;
1810         case POWERPC_EXCP_DOORCI:   /* Embedded doorbell critical interrupt  */
1811             cpu_abort(cs, "Doorbell critical interrupt while in user mode. "
1812                       "Aborting\n");
1813             break;
1814         case POWERPC_EXCP_RESET:    /* System reset exception                */
1815             cpu_abort(cs, "Reset interrupt while in user mode. "
1816                       "Aborting\n");
1817             break;
1818         case POWERPC_EXCP_DSEG:     /* Data segment exception                */
1819             cpu_abort(cs, "Data segment exception while in user mode. "
1820                       "Aborting\n");
1821             break;
1822         case POWERPC_EXCP_ISEG:     /* Instruction segment exception         */
1823             cpu_abort(cs, "Instruction segment exception "
1824                       "while in user mode. Aborting\n");
1825             break;
1826         /* PowerPC 64 with hypervisor mode support */
1827         case POWERPC_EXCP_HDECR:    /* Hypervisor decrementer exception      */
1828             cpu_abort(cs, "Hypervisor decrementer interrupt "
1829                       "while in user mode. Aborting\n");
1830             break;
1831         case POWERPC_EXCP_TRACE:    /* Trace exception                       */
1832             /* Nothing to do:
1833              * we use this exception to emulate step-by-step execution mode.
1834              */
1835             break;
1836         /* PowerPC 64 with hypervisor mode support */
1837         case POWERPC_EXCP_HDSI:     /* Hypervisor data storage exception     */
1838             cpu_abort(cs, "Hypervisor data storage exception "
1839                       "while in user mode. Aborting\n");
1840             break;
1841         case POWERPC_EXCP_HISI:     /* Hypervisor instruction storage excp   */
1842             cpu_abort(cs, "Hypervisor instruction storage exception "
1843                       "while in user mode. Aborting\n");
1844             break;
1845         case POWERPC_EXCP_HDSEG:    /* Hypervisor data segment exception     */
1846             cpu_abort(cs, "Hypervisor data segment exception "
1847                       "while in user mode. Aborting\n");
1848             break;
1849         case POWERPC_EXCP_HISEG:    /* Hypervisor instruction segment excp   */
1850             cpu_abort(cs, "Hypervisor instruction segment exception "
1851                       "while in user mode. Aborting\n");
1852             break;
1853         case POWERPC_EXCP_VPU:      /* Vector unavailable exception          */
1854             EXCP_DUMP(env, "No Altivec instructions allowed\n");
1855             info.si_signo = TARGET_SIGILL;
1856             info.si_errno = 0;
1857             info.si_code = TARGET_ILL_COPROC;
1858             info._sifields._sigfault._addr = env->nip - 4;
1859             queue_signal(env, info.si_signo, &info);
1860             break;
1861         case POWERPC_EXCP_PIT:      /* Programmable interval timer IRQ       */
1862             cpu_abort(cs, "Programmable interval timer interrupt "
1863                       "while in user mode. Aborting\n");
1864             break;
1865         case POWERPC_EXCP_IO:       /* IO error exception                    */
1866             cpu_abort(cs, "IO error exception while in user mode. "
1867                       "Aborting\n");
1868             break;
1869         case POWERPC_EXCP_RUNM:     /* Run mode exception                    */
1870             cpu_abort(cs, "Run mode exception while in user mode. "
1871                       "Aborting\n");
1872             break;
1873         case POWERPC_EXCP_EMUL:     /* Emulation trap exception              */
1874             cpu_abort(cs, "Emulation trap exception not handled\n");
1875             break;
1876         case POWERPC_EXCP_IFTLB:    /* Instruction fetch TLB error           */
1877             cpu_abort(cs, "Instruction fetch TLB exception "
1878                       "while in user-mode. Aborting");
1879             break;
1880         case POWERPC_EXCP_DLTLB:    /* Data load TLB miss                    */
1881             cpu_abort(cs, "Data load TLB exception while in user-mode. "
1882                       "Aborting");
1883             break;
1884         case POWERPC_EXCP_DSTLB:    /* Data store TLB miss                   */
1885             cpu_abort(cs, "Data store TLB exception while in user-mode. "
1886                       "Aborting");
1887             break;
1888         case POWERPC_EXCP_FPA:      /* Floating-point assist exception       */
1889             cpu_abort(cs, "Floating-point assist exception not handled\n");
1890             break;
1891         case POWERPC_EXCP_IABR:     /* Instruction address breakpoint        */
1892             cpu_abort(cs, "Instruction address breakpoint exception "
1893                       "not handled\n");
1894             break;
1895         case POWERPC_EXCP_SMI:      /* System management interrupt           */
1896             cpu_abort(cs, "System management interrupt while in user mode. "
1897                       "Aborting\n");
1898             break;
1899         case POWERPC_EXCP_THERM:    /* Thermal interrupt                     */
1900             cpu_abort(cs, "Thermal interrupt interrupt while in user mode. "
1901                       "Aborting\n");
1902             break;
1903         case POWERPC_EXCP_PERFM:   /* Embedded performance monitor IRQ      */
1904             cpu_abort(cs, "Performance monitor exception not handled\n");
1905             break;
1906         case POWERPC_EXCP_VPUA:     /* Vector assist exception               */
1907             cpu_abort(cs, "Vector assist exception not handled\n");
1908             break;
1909         case POWERPC_EXCP_SOFTP:    /* Soft patch exception                  */
1910             cpu_abort(cs, "Soft patch exception not handled\n");
1911             break;
1912         case POWERPC_EXCP_MAINT:    /* Maintenance exception                 */
1913             cpu_abort(cs, "Maintenance exception while in user mode. "
1914                       "Aborting\n");
1915             break;
1916         case POWERPC_EXCP_STOP:     /* stop translation                      */
1917             /* We did invalidate the instruction cache. Go on */
1918             break;
1919         case POWERPC_EXCP_BRANCH:   /* branch instruction:                   */
1920             /* We just stopped because of a branch. Go on */
1921             break;
1922         case POWERPC_EXCP_SYSCALL_USER:
1923             /* system call in user-mode emulation */
1924             /* WARNING:
1925              * PPC ABI uses overflow flag in cr0 to signal an error
1926              * in syscalls.
1927              */
1928             env->crf[0] &= ~0x1;
1929             ret = do_syscall(env, env->gpr[0], env->gpr[3], env->gpr[4],
1930                              env->gpr[5], env->gpr[6], env->gpr[7],
1931                              env->gpr[8], 0, 0);
1932             if (ret == (target_ulong)(-TARGET_QEMU_ESIGRETURN)) {
1933                 /* Returning from a successful sigreturn syscall.
1934                    Avoid corrupting register state.  */
1935                 break;
1936             }
1937             if (ret > (target_ulong)(-515)) {
1938                 env->crf[0] |= 0x1;
1939                 ret = -ret;
1940             }
1941             env->gpr[3] = ret;
1942             break;
1943         case POWERPC_EXCP_STCX:
1944             if (do_store_exclusive(env)) {
1945                 info.si_signo = TARGET_SIGSEGV;
1946                 info.si_errno = 0;
1947                 info.si_code = TARGET_SEGV_MAPERR;
1948                 info._sifields._sigfault._addr = env->nip;
1949                 queue_signal(env, info.si_signo, &info);
1950             }
1951             break;
1952         case EXCP_DEBUG:
1953             {
1954                 int sig;
1955 
1956                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
1957                 if (sig) {
1958                     info.si_signo = sig;
1959                     info.si_errno = 0;
1960                     info.si_code = TARGET_TRAP_BRKPT;
1961                     queue_signal(env, info.si_signo, &info);
1962                   }
1963             }
1964             break;
1965         case EXCP_INTERRUPT:
1966             /* just indicate that signals should be handled asap */
1967             break;
1968         default:
1969             cpu_abort(cs, "Unknown exception 0x%d. Aborting\n", trapnr);
1970             break;
1971         }
1972         process_pending_signals(env);
1973     }
1974 }
1975 #endif
1976 
1977 #ifdef TARGET_MIPS
1978 
1979 # ifdef TARGET_ABI_MIPSO32
1980 #  define MIPS_SYS(name, args) args,
1981 static const uint8_t mips_syscall_args[] = {
1982 	MIPS_SYS(sys_syscall	, 8)	/* 4000 */
1983 	MIPS_SYS(sys_exit	, 1)
1984 	MIPS_SYS(sys_fork	, 0)
1985 	MIPS_SYS(sys_read	, 3)
1986 	MIPS_SYS(sys_write	, 3)
1987 	MIPS_SYS(sys_open	, 3)	/* 4005 */
1988 	MIPS_SYS(sys_close	, 1)
1989 	MIPS_SYS(sys_waitpid	, 3)
1990 	MIPS_SYS(sys_creat	, 2)
1991 	MIPS_SYS(sys_link	, 2)
1992 	MIPS_SYS(sys_unlink	, 1)	/* 4010 */
1993 	MIPS_SYS(sys_execve	, 0)
1994 	MIPS_SYS(sys_chdir	, 1)
1995 	MIPS_SYS(sys_time	, 1)
1996 	MIPS_SYS(sys_mknod	, 3)
1997 	MIPS_SYS(sys_chmod	, 2)	/* 4015 */
1998 	MIPS_SYS(sys_lchown	, 3)
1999 	MIPS_SYS(sys_ni_syscall	, 0)
2000 	MIPS_SYS(sys_ni_syscall	, 0)	/* was sys_stat */
2001 	MIPS_SYS(sys_lseek	, 3)
2002 	MIPS_SYS(sys_getpid	, 0)	/* 4020 */
2003 	MIPS_SYS(sys_mount	, 5)
2004 	MIPS_SYS(sys_umount	, 1)
2005 	MIPS_SYS(sys_setuid	, 1)
2006 	MIPS_SYS(sys_getuid	, 0)
2007 	MIPS_SYS(sys_stime	, 1)	/* 4025 */
2008 	MIPS_SYS(sys_ptrace	, 4)
2009 	MIPS_SYS(sys_alarm	, 1)
2010 	MIPS_SYS(sys_ni_syscall	, 0)	/* was sys_fstat */
2011 	MIPS_SYS(sys_pause	, 0)
2012 	MIPS_SYS(sys_utime	, 2)	/* 4030 */
2013 	MIPS_SYS(sys_ni_syscall	, 0)
2014 	MIPS_SYS(sys_ni_syscall	, 0)
2015 	MIPS_SYS(sys_access	, 2)
2016 	MIPS_SYS(sys_nice	, 1)
2017 	MIPS_SYS(sys_ni_syscall	, 0)	/* 4035 */
2018 	MIPS_SYS(sys_sync	, 0)
2019 	MIPS_SYS(sys_kill	, 2)
2020 	MIPS_SYS(sys_rename	, 2)
2021 	MIPS_SYS(sys_mkdir	, 2)
2022 	MIPS_SYS(sys_rmdir	, 1)	/* 4040 */
2023 	MIPS_SYS(sys_dup		, 1)
2024 	MIPS_SYS(sys_pipe	, 0)
2025 	MIPS_SYS(sys_times	, 1)
2026 	MIPS_SYS(sys_ni_syscall	, 0)
2027 	MIPS_SYS(sys_brk		, 1)	/* 4045 */
2028 	MIPS_SYS(sys_setgid	, 1)
2029 	MIPS_SYS(sys_getgid	, 0)
2030 	MIPS_SYS(sys_ni_syscall	, 0)	/* was signal(2) */
2031 	MIPS_SYS(sys_geteuid	, 0)
2032 	MIPS_SYS(sys_getegid	, 0)	/* 4050 */
2033 	MIPS_SYS(sys_acct	, 0)
2034 	MIPS_SYS(sys_umount2	, 2)
2035 	MIPS_SYS(sys_ni_syscall	, 0)
2036 	MIPS_SYS(sys_ioctl	, 3)
2037 	MIPS_SYS(sys_fcntl	, 3)	/* 4055 */
2038 	MIPS_SYS(sys_ni_syscall	, 2)
2039 	MIPS_SYS(sys_setpgid	, 2)
2040 	MIPS_SYS(sys_ni_syscall	, 0)
2041 	MIPS_SYS(sys_olduname	, 1)
2042 	MIPS_SYS(sys_umask	, 1)	/* 4060 */
2043 	MIPS_SYS(sys_chroot	, 1)
2044 	MIPS_SYS(sys_ustat	, 2)
2045 	MIPS_SYS(sys_dup2	, 2)
2046 	MIPS_SYS(sys_getppid	, 0)
2047 	MIPS_SYS(sys_getpgrp	, 0)	/* 4065 */
2048 	MIPS_SYS(sys_setsid	, 0)
2049 	MIPS_SYS(sys_sigaction	, 3)
2050 	MIPS_SYS(sys_sgetmask	, 0)
2051 	MIPS_SYS(sys_ssetmask	, 1)
2052 	MIPS_SYS(sys_setreuid	, 2)	/* 4070 */
2053 	MIPS_SYS(sys_setregid	, 2)
2054 	MIPS_SYS(sys_sigsuspend	, 0)
2055 	MIPS_SYS(sys_sigpending	, 1)
2056 	MIPS_SYS(sys_sethostname	, 2)
2057 	MIPS_SYS(sys_setrlimit	, 2)	/* 4075 */
2058 	MIPS_SYS(sys_getrlimit	, 2)
2059 	MIPS_SYS(sys_getrusage	, 2)
2060 	MIPS_SYS(sys_gettimeofday, 2)
2061 	MIPS_SYS(sys_settimeofday, 2)
2062 	MIPS_SYS(sys_getgroups	, 2)	/* 4080 */
2063 	MIPS_SYS(sys_setgroups	, 2)
2064 	MIPS_SYS(sys_ni_syscall	, 0)	/* old_select */
2065 	MIPS_SYS(sys_symlink	, 2)
2066 	MIPS_SYS(sys_ni_syscall	, 0)	/* was sys_lstat */
2067 	MIPS_SYS(sys_readlink	, 3)	/* 4085 */
2068 	MIPS_SYS(sys_uselib	, 1)
2069 	MIPS_SYS(sys_swapon	, 2)
2070 	MIPS_SYS(sys_reboot	, 3)
2071 	MIPS_SYS(old_readdir	, 3)
2072 	MIPS_SYS(old_mmap	, 6)	/* 4090 */
2073 	MIPS_SYS(sys_munmap	, 2)
2074 	MIPS_SYS(sys_truncate	, 2)
2075 	MIPS_SYS(sys_ftruncate	, 2)
2076 	MIPS_SYS(sys_fchmod	, 2)
2077 	MIPS_SYS(sys_fchown	, 3)	/* 4095 */
2078 	MIPS_SYS(sys_getpriority	, 2)
2079 	MIPS_SYS(sys_setpriority	, 3)
2080 	MIPS_SYS(sys_ni_syscall	, 0)
2081 	MIPS_SYS(sys_statfs	, 2)
2082 	MIPS_SYS(sys_fstatfs	, 2)	/* 4100 */
2083 	MIPS_SYS(sys_ni_syscall	, 0)	/* was ioperm(2) */
2084 	MIPS_SYS(sys_socketcall	, 2)
2085 	MIPS_SYS(sys_syslog	, 3)
2086 	MIPS_SYS(sys_setitimer	, 3)
2087 	MIPS_SYS(sys_getitimer	, 2)	/* 4105 */
2088 	MIPS_SYS(sys_newstat	, 2)
2089 	MIPS_SYS(sys_newlstat	, 2)
2090 	MIPS_SYS(sys_newfstat	, 2)
2091 	MIPS_SYS(sys_uname	, 1)
2092 	MIPS_SYS(sys_ni_syscall	, 0)	/* 4110 was iopl(2) */
2093 	MIPS_SYS(sys_vhangup	, 0)
2094 	MIPS_SYS(sys_ni_syscall	, 0)	/* was sys_idle() */
2095 	MIPS_SYS(sys_ni_syscall	, 0)	/* was sys_vm86 */
2096 	MIPS_SYS(sys_wait4	, 4)
2097 	MIPS_SYS(sys_swapoff	, 1)	/* 4115 */
2098 	MIPS_SYS(sys_sysinfo	, 1)
2099 	MIPS_SYS(sys_ipc		, 6)
2100 	MIPS_SYS(sys_fsync	, 1)
2101 	MIPS_SYS(sys_sigreturn	, 0)
2102 	MIPS_SYS(sys_clone	, 6)	/* 4120 */
2103 	MIPS_SYS(sys_setdomainname, 2)
2104 	MIPS_SYS(sys_newuname	, 1)
2105 	MIPS_SYS(sys_ni_syscall	, 0)	/* sys_modify_ldt */
2106 	MIPS_SYS(sys_adjtimex	, 1)
2107 	MIPS_SYS(sys_mprotect	, 3)	/* 4125 */
2108 	MIPS_SYS(sys_sigprocmask	, 3)
2109 	MIPS_SYS(sys_ni_syscall	, 0)	/* was create_module */
2110 	MIPS_SYS(sys_init_module	, 5)
2111 	MIPS_SYS(sys_delete_module, 1)
2112 	MIPS_SYS(sys_ni_syscall	, 0)	/* 4130	was get_kernel_syms */
2113 	MIPS_SYS(sys_quotactl	, 0)
2114 	MIPS_SYS(sys_getpgid	, 1)
2115 	MIPS_SYS(sys_fchdir	, 1)
2116 	MIPS_SYS(sys_bdflush	, 2)
2117 	MIPS_SYS(sys_sysfs	, 3)	/* 4135 */
2118 	MIPS_SYS(sys_personality	, 1)
2119 	MIPS_SYS(sys_ni_syscall	, 0)	/* for afs_syscall */
2120 	MIPS_SYS(sys_setfsuid	, 1)
2121 	MIPS_SYS(sys_setfsgid	, 1)
2122 	MIPS_SYS(sys_llseek	, 5)	/* 4140 */
2123 	MIPS_SYS(sys_getdents	, 3)
2124 	MIPS_SYS(sys_select	, 5)
2125 	MIPS_SYS(sys_flock	, 2)
2126 	MIPS_SYS(sys_msync	, 3)
2127 	MIPS_SYS(sys_readv	, 3)	/* 4145 */
2128 	MIPS_SYS(sys_writev	, 3)
2129 	MIPS_SYS(sys_cacheflush	, 3)
2130 	MIPS_SYS(sys_cachectl	, 3)
2131 	MIPS_SYS(sys_sysmips	, 4)
2132 	MIPS_SYS(sys_ni_syscall	, 0)	/* 4150 */
2133 	MIPS_SYS(sys_getsid	, 1)
2134 	MIPS_SYS(sys_fdatasync	, 0)
2135 	MIPS_SYS(sys_sysctl	, 1)
2136 	MIPS_SYS(sys_mlock	, 2)
2137 	MIPS_SYS(sys_munlock	, 2)	/* 4155 */
2138 	MIPS_SYS(sys_mlockall	, 1)
2139 	MIPS_SYS(sys_munlockall	, 0)
2140 	MIPS_SYS(sys_sched_setparam, 2)
2141 	MIPS_SYS(sys_sched_getparam, 2)
2142 	MIPS_SYS(sys_sched_setscheduler, 3)	/* 4160 */
2143 	MIPS_SYS(sys_sched_getscheduler, 1)
2144 	MIPS_SYS(sys_sched_yield	, 0)
2145 	MIPS_SYS(sys_sched_get_priority_max, 1)
2146 	MIPS_SYS(sys_sched_get_priority_min, 1)
2147 	MIPS_SYS(sys_sched_rr_get_interval, 2)	/* 4165 */
2148 	MIPS_SYS(sys_nanosleep,	2)
2149 	MIPS_SYS(sys_mremap	, 5)
2150 	MIPS_SYS(sys_accept	, 3)
2151 	MIPS_SYS(sys_bind	, 3)
2152 	MIPS_SYS(sys_connect	, 3)	/* 4170 */
2153 	MIPS_SYS(sys_getpeername	, 3)
2154 	MIPS_SYS(sys_getsockname	, 3)
2155 	MIPS_SYS(sys_getsockopt	, 5)
2156 	MIPS_SYS(sys_listen	, 2)
2157 	MIPS_SYS(sys_recv	, 4)	/* 4175 */
2158 	MIPS_SYS(sys_recvfrom	, 6)
2159 	MIPS_SYS(sys_recvmsg	, 3)
2160 	MIPS_SYS(sys_send	, 4)
2161 	MIPS_SYS(sys_sendmsg	, 3)
2162 	MIPS_SYS(sys_sendto	, 6)	/* 4180 */
2163 	MIPS_SYS(sys_setsockopt	, 5)
2164 	MIPS_SYS(sys_shutdown	, 2)
2165 	MIPS_SYS(sys_socket	, 3)
2166 	MIPS_SYS(sys_socketpair	, 4)
2167 	MIPS_SYS(sys_setresuid	, 3)	/* 4185 */
2168 	MIPS_SYS(sys_getresuid	, 3)
2169 	MIPS_SYS(sys_ni_syscall	, 0)	/* was sys_query_module */
2170 	MIPS_SYS(sys_poll	, 3)
2171 	MIPS_SYS(sys_nfsservctl	, 3)
2172 	MIPS_SYS(sys_setresgid	, 3)	/* 4190 */
2173 	MIPS_SYS(sys_getresgid	, 3)
2174 	MIPS_SYS(sys_prctl	, 5)
2175 	MIPS_SYS(sys_rt_sigreturn, 0)
2176 	MIPS_SYS(sys_rt_sigaction, 4)
2177 	MIPS_SYS(sys_rt_sigprocmask, 4)	/* 4195 */
2178 	MIPS_SYS(sys_rt_sigpending, 2)
2179 	MIPS_SYS(sys_rt_sigtimedwait, 4)
2180 	MIPS_SYS(sys_rt_sigqueueinfo, 3)
2181 	MIPS_SYS(sys_rt_sigsuspend, 0)
2182 	MIPS_SYS(sys_pread64	, 6)	/* 4200 */
2183 	MIPS_SYS(sys_pwrite64	, 6)
2184 	MIPS_SYS(sys_chown	, 3)
2185 	MIPS_SYS(sys_getcwd	, 2)
2186 	MIPS_SYS(sys_capget	, 2)
2187 	MIPS_SYS(sys_capset	, 2)	/* 4205 */
2188 	MIPS_SYS(sys_sigaltstack	, 2)
2189 	MIPS_SYS(sys_sendfile	, 4)
2190 	MIPS_SYS(sys_ni_syscall	, 0)
2191 	MIPS_SYS(sys_ni_syscall	, 0)
2192 	MIPS_SYS(sys_mmap2	, 6)	/* 4210 */
2193 	MIPS_SYS(sys_truncate64	, 4)
2194 	MIPS_SYS(sys_ftruncate64	, 4)
2195 	MIPS_SYS(sys_stat64	, 2)
2196 	MIPS_SYS(sys_lstat64	, 2)
2197 	MIPS_SYS(sys_fstat64	, 2)	/* 4215 */
2198 	MIPS_SYS(sys_pivot_root	, 2)
2199 	MIPS_SYS(sys_mincore	, 3)
2200 	MIPS_SYS(sys_madvise	, 3)
2201 	MIPS_SYS(sys_getdents64	, 3)
2202 	MIPS_SYS(sys_fcntl64	, 3)	/* 4220 */
2203 	MIPS_SYS(sys_ni_syscall	, 0)
2204 	MIPS_SYS(sys_gettid	, 0)
2205 	MIPS_SYS(sys_readahead	, 5)
2206 	MIPS_SYS(sys_setxattr	, 5)
2207 	MIPS_SYS(sys_lsetxattr	, 5)	/* 4225 */
2208 	MIPS_SYS(sys_fsetxattr	, 5)
2209 	MIPS_SYS(sys_getxattr	, 4)
2210 	MIPS_SYS(sys_lgetxattr	, 4)
2211 	MIPS_SYS(sys_fgetxattr	, 4)
2212 	MIPS_SYS(sys_listxattr	, 3)	/* 4230 */
2213 	MIPS_SYS(sys_llistxattr	, 3)
2214 	MIPS_SYS(sys_flistxattr	, 3)
2215 	MIPS_SYS(sys_removexattr	, 2)
2216 	MIPS_SYS(sys_lremovexattr, 2)
2217 	MIPS_SYS(sys_fremovexattr, 2)	/* 4235 */
2218 	MIPS_SYS(sys_tkill	, 2)
2219 	MIPS_SYS(sys_sendfile64	, 5)
2220 	MIPS_SYS(sys_futex	, 6)
2221 	MIPS_SYS(sys_sched_setaffinity, 3)
2222 	MIPS_SYS(sys_sched_getaffinity, 3)	/* 4240 */
2223 	MIPS_SYS(sys_io_setup	, 2)
2224 	MIPS_SYS(sys_io_destroy	, 1)
2225 	MIPS_SYS(sys_io_getevents, 5)
2226 	MIPS_SYS(sys_io_submit	, 3)
2227 	MIPS_SYS(sys_io_cancel	, 3)	/* 4245 */
2228 	MIPS_SYS(sys_exit_group	, 1)
2229 	MIPS_SYS(sys_lookup_dcookie, 3)
2230 	MIPS_SYS(sys_epoll_create, 1)
2231 	MIPS_SYS(sys_epoll_ctl	, 4)
2232 	MIPS_SYS(sys_epoll_wait	, 3)	/* 4250 */
2233 	MIPS_SYS(sys_remap_file_pages, 5)
2234 	MIPS_SYS(sys_set_tid_address, 1)
2235 	MIPS_SYS(sys_restart_syscall, 0)
2236 	MIPS_SYS(sys_fadvise64_64, 7)
2237 	MIPS_SYS(sys_statfs64	, 3)	/* 4255 */
2238 	MIPS_SYS(sys_fstatfs64	, 2)
2239 	MIPS_SYS(sys_timer_create, 3)
2240 	MIPS_SYS(sys_timer_settime, 4)
2241 	MIPS_SYS(sys_timer_gettime, 2)
2242 	MIPS_SYS(sys_timer_getoverrun, 1)	/* 4260 */
2243 	MIPS_SYS(sys_timer_delete, 1)
2244 	MIPS_SYS(sys_clock_settime, 2)
2245 	MIPS_SYS(sys_clock_gettime, 2)
2246 	MIPS_SYS(sys_clock_getres, 2)
2247 	MIPS_SYS(sys_clock_nanosleep, 4)	/* 4265 */
2248 	MIPS_SYS(sys_tgkill	, 3)
2249 	MIPS_SYS(sys_utimes	, 2)
2250 	MIPS_SYS(sys_mbind	, 4)
2251 	MIPS_SYS(sys_ni_syscall	, 0)	/* sys_get_mempolicy */
2252 	MIPS_SYS(sys_ni_syscall	, 0)	/* 4270 sys_set_mempolicy */
2253 	MIPS_SYS(sys_mq_open	, 4)
2254 	MIPS_SYS(sys_mq_unlink	, 1)
2255 	MIPS_SYS(sys_mq_timedsend, 5)
2256 	MIPS_SYS(sys_mq_timedreceive, 5)
2257 	MIPS_SYS(sys_mq_notify	, 2)	/* 4275 */
2258 	MIPS_SYS(sys_mq_getsetattr, 3)
2259 	MIPS_SYS(sys_ni_syscall	, 0)	/* sys_vserver */
2260 	MIPS_SYS(sys_waitid	, 4)
2261 	MIPS_SYS(sys_ni_syscall	, 0)	/* available, was setaltroot */
2262 	MIPS_SYS(sys_add_key	, 5)
2263 	MIPS_SYS(sys_request_key, 4)
2264 	MIPS_SYS(sys_keyctl	, 5)
2265 	MIPS_SYS(sys_set_thread_area, 1)
2266 	MIPS_SYS(sys_inotify_init, 0)
2267 	MIPS_SYS(sys_inotify_add_watch, 3) /* 4285 */
2268 	MIPS_SYS(sys_inotify_rm_watch, 2)
2269 	MIPS_SYS(sys_migrate_pages, 4)
2270 	MIPS_SYS(sys_openat, 4)
2271 	MIPS_SYS(sys_mkdirat, 3)
2272 	MIPS_SYS(sys_mknodat, 4)	/* 4290 */
2273 	MIPS_SYS(sys_fchownat, 5)
2274 	MIPS_SYS(sys_futimesat, 3)
2275 	MIPS_SYS(sys_fstatat64, 4)
2276 	MIPS_SYS(sys_unlinkat, 3)
2277 	MIPS_SYS(sys_renameat, 4)	/* 4295 */
2278 	MIPS_SYS(sys_linkat, 5)
2279 	MIPS_SYS(sys_symlinkat, 3)
2280 	MIPS_SYS(sys_readlinkat, 4)
2281 	MIPS_SYS(sys_fchmodat, 3)
2282 	MIPS_SYS(sys_faccessat, 3)	/* 4300 */
2283 	MIPS_SYS(sys_pselect6, 6)
2284 	MIPS_SYS(sys_ppoll, 5)
2285 	MIPS_SYS(sys_unshare, 1)
2286 	MIPS_SYS(sys_splice, 6)
2287 	MIPS_SYS(sys_sync_file_range, 7) /* 4305 */
2288 	MIPS_SYS(sys_tee, 4)
2289 	MIPS_SYS(sys_vmsplice, 4)
2290 	MIPS_SYS(sys_move_pages, 6)
2291 	MIPS_SYS(sys_set_robust_list, 2)
2292 	MIPS_SYS(sys_get_robust_list, 3) /* 4310 */
2293 	MIPS_SYS(sys_kexec_load, 4)
2294 	MIPS_SYS(sys_getcpu, 3)
2295 	MIPS_SYS(sys_epoll_pwait, 6)
2296 	MIPS_SYS(sys_ioprio_set, 3)
2297 	MIPS_SYS(sys_ioprio_get, 2)
2298         MIPS_SYS(sys_utimensat, 4)
2299         MIPS_SYS(sys_signalfd, 3)
2300         MIPS_SYS(sys_ni_syscall, 0)     /* was timerfd */
2301         MIPS_SYS(sys_eventfd, 1)
2302         MIPS_SYS(sys_fallocate, 6)      /* 4320 */
2303         MIPS_SYS(sys_timerfd_create, 2)
2304         MIPS_SYS(sys_timerfd_gettime, 2)
2305         MIPS_SYS(sys_timerfd_settime, 4)
2306         MIPS_SYS(sys_signalfd4, 4)
2307         MIPS_SYS(sys_eventfd2, 2)       /* 4325 */
2308         MIPS_SYS(sys_epoll_create1, 1)
2309         MIPS_SYS(sys_dup3, 3)
2310         MIPS_SYS(sys_pipe2, 2)
2311         MIPS_SYS(sys_inotify_init1, 1)
2312         MIPS_SYS(sys_preadv, 6)         /* 4330 */
2313         MIPS_SYS(sys_pwritev, 6)
2314         MIPS_SYS(sys_rt_tgsigqueueinfo, 4)
2315         MIPS_SYS(sys_perf_event_open, 5)
2316         MIPS_SYS(sys_accept4, 4)
2317         MIPS_SYS(sys_recvmmsg, 5)       /* 4335 */
2318         MIPS_SYS(sys_fanotify_init, 2)
2319         MIPS_SYS(sys_fanotify_mark, 6)
2320         MIPS_SYS(sys_prlimit64, 4)
2321         MIPS_SYS(sys_name_to_handle_at, 5)
2322         MIPS_SYS(sys_open_by_handle_at, 3) /* 4340 */
2323         MIPS_SYS(sys_clock_adjtime, 2)
2324         MIPS_SYS(sys_syncfs, 1)
2325 };
2326 #  undef MIPS_SYS
2327 # endif /* O32 */
2328 
2329 static int do_store_exclusive(CPUMIPSState *env)
2330 {
2331     target_ulong addr;
2332     target_ulong page_addr;
2333     target_ulong val;
2334     int flags;
2335     int segv = 0;
2336     int reg;
2337     int d;
2338 
2339     addr = env->lladdr;
2340     page_addr = addr & TARGET_PAGE_MASK;
2341     start_exclusive();
2342     mmap_lock();
2343     flags = page_get_flags(page_addr);
2344     if ((flags & PAGE_READ) == 0) {
2345         segv = 1;
2346     } else {
2347         reg = env->llreg & 0x1f;
2348         d = (env->llreg & 0x20) != 0;
2349         if (d) {
2350             segv = get_user_s64(val, addr);
2351         } else {
2352             segv = get_user_s32(val, addr);
2353         }
2354         if (!segv) {
2355             if (val != env->llval) {
2356                 env->active_tc.gpr[reg] = 0;
2357             } else {
2358                 if (d) {
2359                     segv = put_user_u64(env->llnewval, addr);
2360                 } else {
2361                     segv = put_user_u32(env->llnewval, addr);
2362                 }
2363                 if (!segv) {
2364                     env->active_tc.gpr[reg] = 1;
2365                 }
2366             }
2367         }
2368     }
2369     env->lladdr = -1;
2370     if (!segv) {
2371         env->active_tc.PC += 4;
2372     }
2373     mmap_unlock();
2374     end_exclusive();
2375     return segv;
2376 }
2377 
2378 /* Break codes */
2379 enum {
2380     BRK_OVERFLOW = 6,
2381     BRK_DIVZERO = 7
2382 };
2383 
2384 static int do_break(CPUMIPSState *env, target_siginfo_t *info,
2385                     unsigned int code)
2386 {
2387     int ret = -1;
2388 
2389     switch (code) {
2390     case BRK_OVERFLOW:
2391     case BRK_DIVZERO:
2392         info->si_signo = TARGET_SIGFPE;
2393         info->si_errno = 0;
2394         info->si_code = (code == BRK_OVERFLOW) ? FPE_INTOVF : FPE_INTDIV;
2395         queue_signal(env, info->si_signo, &*info);
2396         ret = 0;
2397         break;
2398     default:
2399         info->si_signo = TARGET_SIGTRAP;
2400         info->si_errno = 0;
2401         queue_signal(env, info->si_signo, &*info);
2402         ret = 0;
2403         break;
2404     }
2405 
2406     return ret;
2407 }
2408 
2409 void cpu_loop(CPUMIPSState *env)
2410 {
2411     CPUState *cs = CPU(mips_env_get_cpu(env));
2412     target_siginfo_t info;
2413     int trapnr;
2414     abi_long ret;
2415 # ifdef TARGET_ABI_MIPSO32
2416     unsigned int syscall_num;
2417 # endif
2418 
2419     for(;;) {
2420         cpu_exec_start(cs);
2421         trapnr = cpu_mips_exec(cs);
2422         cpu_exec_end(cs);
2423         switch(trapnr) {
2424         case EXCP_SYSCALL:
2425             env->active_tc.PC += 4;
2426 # ifdef TARGET_ABI_MIPSO32
2427             syscall_num = env->active_tc.gpr[2] - 4000;
2428             if (syscall_num >= sizeof(mips_syscall_args)) {
2429                 ret = -TARGET_ENOSYS;
2430             } else {
2431                 int nb_args;
2432                 abi_ulong sp_reg;
2433                 abi_ulong arg5 = 0, arg6 = 0, arg7 = 0, arg8 = 0;
2434 
2435                 nb_args = mips_syscall_args[syscall_num];
2436                 sp_reg = env->active_tc.gpr[29];
2437                 switch (nb_args) {
2438                 /* these arguments are taken from the stack */
2439                 case 8:
2440                     if ((ret = get_user_ual(arg8, sp_reg + 28)) != 0) {
2441                         goto done_syscall;
2442                     }
2443                 case 7:
2444                     if ((ret = get_user_ual(arg7, sp_reg + 24)) != 0) {
2445                         goto done_syscall;
2446                     }
2447                 case 6:
2448                     if ((ret = get_user_ual(arg6, sp_reg + 20)) != 0) {
2449                         goto done_syscall;
2450                     }
2451                 case 5:
2452                     if ((ret = get_user_ual(arg5, sp_reg + 16)) != 0) {
2453                         goto done_syscall;
2454                     }
2455                 default:
2456                     break;
2457                 }
2458                 ret = do_syscall(env, env->active_tc.gpr[2],
2459                                  env->active_tc.gpr[4],
2460                                  env->active_tc.gpr[5],
2461                                  env->active_tc.gpr[6],
2462                                  env->active_tc.gpr[7],
2463                                  arg5, arg6, arg7, arg8);
2464             }
2465 done_syscall:
2466 # else
2467             ret = do_syscall(env, env->active_tc.gpr[2],
2468                              env->active_tc.gpr[4], env->active_tc.gpr[5],
2469                              env->active_tc.gpr[6], env->active_tc.gpr[7],
2470                              env->active_tc.gpr[8], env->active_tc.gpr[9],
2471                              env->active_tc.gpr[10], env->active_tc.gpr[11]);
2472 # endif /* O32 */
2473             if (ret == -TARGET_QEMU_ESIGRETURN) {
2474                 /* Returning from a successful sigreturn syscall.
2475                    Avoid clobbering register state.  */
2476                 break;
2477             }
2478             if ((abi_ulong)ret >= (abi_ulong)-1133) {
2479                 env->active_tc.gpr[7] = 1; /* error flag */
2480                 ret = -ret;
2481             } else {
2482                 env->active_tc.gpr[7] = 0; /* error flag */
2483             }
2484             env->active_tc.gpr[2] = ret;
2485             break;
2486         case EXCP_TLBL:
2487         case EXCP_TLBS:
2488         case EXCP_AdEL:
2489         case EXCP_AdES:
2490             info.si_signo = TARGET_SIGSEGV;
2491             info.si_errno = 0;
2492             /* XXX: check env->error_code */
2493             info.si_code = TARGET_SEGV_MAPERR;
2494             info._sifields._sigfault._addr = env->CP0_BadVAddr;
2495             queue_signal(env, info.si_signo, &info);
2496             break;
2497         case EXCP_CpU:
2498         case EXCP_RI:
2499             info.si_signo = TARGET_SIGILL;
2500             info.si_errno = 0;
2501             info.si_code = 0;
2502             queue_signal(env, info.si_signo, &info);
2503             break;
2504         case EXCP_INTERRUPT:
2505             /* just indicate that signals should be handled asap */
2506             break;
2507         case EXCP_DEBUG:
2508             {
2509                 int sig;
2510 
2511                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
2512                 if (sig)
2513                   {
2514                     info.si_signo = sig;
2515                     info.si_errno = 0;
2516                     info.si_code = TARGET_TRAP_BRKPT;
2517                     queue_signal(env, info.si_signo, &info);
2518                   }
2519             }
2520             break;
2521         case EXCP_SC:
2522             if (do_store_exclusive(env)) {
2523                 info.si_signo = TARGET_SIGSEGV;
2524                 info.si_errno = 0;
2525                 info.si_code = TARGET_SEGV_MAPERR;
2526                 info._sifields._sigfault._addr = env->active_tc.PC;
2527                 queue_signal(env, info.si_signo, &info);
2528             }
2529             break;
2530         case EXCP_DSPDIS:
2531             info.si_signo = TARGET_SIGILL;
2532             info.si_errno = 0;
2533             info.si_code = TARGET_ILL_ILLOPC;
2534             queue_signal(env, info.si_signo, &info);
2535             break;
2536         /* The code below was inspired by the MIPS Linux kernel trap
2537          * handling code in arch/mips/kernel/traps.c.
2538          */
2539         case EXCP_BREAK:
2540             {
2541                 abi_ulong trap_instr;
2542                 unsigned int code;
2543 
2544                 if (env->hflags & MIPS_HFLAG_M16) {
2545                     if (env->insn_flags & ASE_MICROMIPS) {
2546                         /* microMIPS mode */
2547                         ret = get_user_u16(trap_instr, env->active_tc.PC);
2548                         if (ret != 0) {
2549                             goto error;
2550                         }
2551 
2552                         if ((trap_instr >> 10) == 0x11) {
2553                             /* 16-bit instruction */
2554                             code = trap_instr & 0xf;
2555                         } else {
2556                             /* 32-bit instruction */
2557                             abi_ulong instr_lo;
2558 
2559                             ret = get_user_u16(instr_lo,
2560                                                env->active_tc.PC + 2);
2561                             if (ret != 0) {
2562                                 goto error;
2563                             }
2564                             trap_instr = (trap_instr << 16) | instr_lo;
2565                             code = ((trap_instr >> 6) & ((1 << 20) - 1));
2566                             /* Unfortunately, microMIPS also suffers from
2567                                the old assembler bug...  */
2568                             if (code >= (1 << 10)) {
2569                                 code >>= 10;
2570                             }
2571                         }
2572                     } else {
2573                         /* MIPS16e mode */
2574                         ret = get_user_u16(trap_instr, env->active_tc.PC);
2575                         if (ret != 0) {
2576                             goto error;
2577                         }
2578                         code = (trap_instr >> 6) & 0x3f;
2579                     }
2580                 } else {
2581                     ret = get_user_u32(trap_instr, env->active_tc.PC);
2582                     if (ret != 0) {
2583                         goto error;
2584                     }
2585 
2586                     /* As described in the original Linux kernel code, the
2587                      * below checks on 'code' are to work around an old
2588                      * assembly bug.
2589                      */
2590                     code = ((trap_instr >> 6) & ((1 << 20) - 1));
2591                     if (code >= (1 << 10)) {
2592                         code >>= 10;
2593                     }
2594                 }
2595 
2596                 if (do_break(env, &info, code) != 0) {
2597                     goto error;
2598                 }
2599             }
2600             break;
2601         case EXCP_TRAP:
2602             {
2603                 abi_ulong trap_instr;
2604                 unsigned int code = 0;
2605 
2606                 if (env->hflags & MIPS_HFLAG_M16) {
2607                     /* microMIPS mode */
2608                     abi_ulong instr[2];
2609 
2610                     ret = get_user_u16(instr[0], env->active_tc.PC) ||
2611                           get_user_u16(instr[1], env->active_tc.PC + 2);
2612 
2613                     trap_instr = (instr[0] << 16) | instr[1];
2614                 } else {
2615                     ret = get_user_u32(trap_instr, env->active_tc.PC);
2616                 }
2617 
2618                 if (ret != 0) {
2619                     goto error;
2620                 }
2621 
2622                 /* The immediate versions don't provide a code.  */
2623                 if (!(trap_instr & 0xFC000000)) {
2624                     if (env->hflags & MIPS_HFLAG_M16) {
2625                         /* microMIPS mode */
2626                         code = ((trap_instr >> 12) & ((1 << 4) - 1));
2627                     } else {
2628                         code = ((trap_instr >> 6) & ((1 << 10) - 1));
2629                     }
2630                 }
2631 
2632                 if (do_break(env, &info, code) != 0) {
2633                     goto error;
2634                 }
2635             }
2636             break;
2637         default:
2638 error:
2639             fprintf(stderr, "qemu: unhandled CPU exception 0x%x - aborting\n",
2640                     trapnr);
2641             cpu_dump_state(cs, stderr, fprintf, 0);
2642             abort();
2643         }
2644         process_pending_signals(env);
2645     }
2646 }
2647 #endif
2648 
2649 #ifdef TARGET_OPENRISC
2650 
2651 void cpu_loop(CPUOpenRISCState *env)
2652 {
2653     CPUState *cs = CPU(openrisc_env_get_cpu(env));
2654     int trapnr, gdbsig;
2655 
2656     for (;;) {
2657         cpu_exec_start(cs);
2658         trapnr = cpu_openrisc_exec(cs);
2659         cpu_exec_end(cs);
2660         gdbsig = 0;
2661 
2662         switch (trapnr) {
2663         case EXCP_RESET:
2664             qemu_log("\nReset request, exit, pc is %#x\n", env->pc);
2665             exit(EXIT_FAILURE);
2666             break;
2667         case EXCP_BUSERR:
2668             qemu_log("\nBus error, exit, pc is %#x\n", env->pc);
2669             gdbsig = TARGET_SIGBUS;
2670             break;
2671         case EXCP_DPF:
2672         case EXCP_IPF:
2673             cpu_dump_state(cs, stderr, fprintf, 0);
2674             gdbsig = TARGET_SIGSEGV;
2675             break;
2676         case EXCP_TICK:
2677             qemu_log("\nTick time interrupt pc is %#x\n", env->pc);
2678             break;
2679         case EXCP_ALIGN:
2680             qemu_log("\nAlignment pc is %#x\n", env->pc);
2681             gdbsig = TARGET_SIGBUS;
2682             break;
2683         case EXCP_ILLEGAL:
2684             qemu_log("\nIllegal instructionpc is %#x\n", env->pc);
2685             gdbsig = TARGET_SIGILL;
2686             break;
2687         case EXCP_INT:
2688             qemu_log("\nExternal interruptpc is %#x\n", env->pc);
2689             break;
2690         case EXCP_DTLBMISS:
2691         case EXCP_ITLBMISS:
2692             qemu_log("\nTLB miss\n");
2693             break;
2694         case EXCP_RANGE:
2695             qemu_log("\nRange\n");
2696             gdbsig = TARGET_SIGSEGV;
2697             break;
2698         case EXCP_SYSCALL:
2699             env->pc += 4;   /* 0xc00; */
2700             env->gpr[11] = do_syscall(env,
2701                                       env->gpr[11], /* return value       */
2702                                       env->gpr[3],  /* r3 - r7 are params */
2703                                       env->gpr[4],
2704                                       env->gpr[5],
2705                                       env->gpr[6],
2706                                       env->gpr[7],
2707                                       env->gpr[8], 0, 0);
2708             break;
2709         case EXCP_FPE:
2710             qemu_log("\nFloating point error\n");
2711             break;
2712         case EXCP_TRAP:
2713             qemu_log("\nTrap\n");
2714             gdbsig = TARGET_SIGTRAP;
2715             break;
2716         case EXCP_NR:
2717             qemu_log("\nNR\n");
2718             break;
2719         default:
2720             qemu_log("\nqemu: unhandled CPU exception %#x - aborting\n",
2721                      trapnr);
2722             cpu_dump_state(cs, stderr, fprintf, 0);
2723             gdbsig = TARGET_SIGILL;
2724             break;
2725         }
2726         if (gdbsig) {
2727             gdb_handlesig(cs, gdbsig);
2728             if (gdbsig != TARGET_SIGTRAP) {
2729                 exit(EXIT_FAILURE);
2730             }
2731         }
2732 
2733         process_pending_signals(env);
2734     }
2735 }
2736 
2737 #endif /* TARGET_OPENRISC */
2738 
2739 #ifdef TARGET_SH4
2740 void cpu_loop(CPUSH4State *env)
2741 {
2742     CPUState *cs = CPU(sh_env_get_cpu(env));
2743     int trapnr, ret;
2744     target_siginfo_t info;
2745 
2746     while (1) {
2747         cpu_exec_start(cs);
2748         trapnr = cpu_sh4_exec(cs);
2749         cpu_exec_end(cs);
2750 
2751         switch (trapnr) {
2752         case 0x160:
2753             env->pc += 2;
2754             ret = do_syscall(env,
2755                              env->gregs[3],
2756                              env->gregs[4],
2757                              env->gregs[5],
2758                              env->gregs[6],
2759                              env->gregs[7],
2760                              env->gregs[0],
2761                              env->gregs[1],
2762                              0, 0);
2763             env->gregs[0] = ret;
2764             break;
2765         case EXCP_INTERRUPT:
2766             /* just indicate that signals should be handled asap */
2767             break;
2768         case EXCP_DEBUG:
2769             {
2770                 int sig;
2771 
2772                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
2773                 if (sig)
2774                   {
2775                     info.si_signo = sig;
2776                     info.si_errno = 0;
2777                     info.si_code = TARGET_TRAP_BRKPT;
2778                     queue_signal(env, info.si_signo, &info);
2779                   }
2780             }
2781             break;
2782 	case 0xa0:
2783 	case 0xc0:
2784             info.si_signo = TARGET_SIGSEGV;
2785             info.si_errno = 0;
2786             info.si_code = TARGET_SEGV_MAPERR;
2787             info._sifields._sigfault._addr = env->tea;
2788             queue_signal(env, info.si_signo, &info);
2789 	    break;
2790 
2791         default:
2792             printf ("Unhandled trap: 0x%x\n", trapnr);
2793             cpu_dump_state(cs, stderr, fprintf, 0);
2794             exit(EXIT_FAILURE);
2795         }
2796         process_pending_signals (env);
2797     }
2798 }
2799 #endif
2800 
2801 #ifdef TARGET_CRIS
2802 void cpu_loop(CPUCRISState *env)
2803 {
2804     CPUState *cs = CPU(cris_env_get_cpu(env));
2805     int trapnr, ret;
2806     target_siginfo_t info;
2807 
2808     while (1) {
2809         cpu_exec_start(cs);
2810         trapnr = cpu_cris_exec(cs);
2811         cpu_exec_end(cs);
2812         switch (trapnr) {
2813         case 0xaa:
2814             {
2815                 info.si_signo = TARGET_SIGSEGV;
2816                 info.si_errno = 0;
2817                 /* XXX: check env->error_code */
2818                 info.si_code = TARGET_SEGV_MAPERR;
2819                 info._sifields._sigfault._addr = env->pregs[PR_EDA];
2820                 queue_signal(env, info.si_signo, &info);
2821             }
2822             break;
2823 	case EXCP_INTERRUPT:
2824 	  /* just indicate that signals should be handled asap */
2825 	  break;
2826         case EXCP_BREAK:
2827             ret = do_syscall(env,
2828                              env->regs[9],
2829                              env->regs[10],
2830                              env->regs[11],
2831                              env->regs[12],
2832                              env->regs[13],
2833                              env->pregs[7],
2834                              env->pregs[11],
2835                              0, 0);
2836             env->regs[10] = ret;
2837             break;
2838         case EXCP_DEBUG:
2839             {
2840                 int sig;
2841 
2842                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
2843                 if (sig)
2844                   {
2845                     info.si_signo = sig;
2846                     info.si_errno = 0;
2847                     info.si_code = TARGET_TRAP_BRKPT;
2848                     queue_signal(env, info.si_signo, &info);
2849                   }
2850             }
2851             break;
2852         default:
2853             printf ("Unhandled trap: 0x%x\n", trapnr);
2854             cpu_dump_state(cs, stderr, fprintf, 0);
2855             exit(EXIT_FAILURE);
2856         }
2857         process_pending_signals (env);
2858     }
2859 }
2860 #endif
2861 
2862 #ifdef TARGET_MICROBLAZE
2863 void cpu_loop(CPUMBState *env)
2864 {
2865     CPUState *cs = CPU(mb_env_get_cpu(env));
2866     int trapnr, ret;
2867     target_siginfo_t info;
2868 
2869     while (1) {
2870         cpu_exec_start(cs);
2871         trapnr = cpu_mb_exec(cs);
2872         cpu_exec_end(cs);
2873         switch (trapnr) {
2874         case 0xaa:
2875             {
2876                 info.si_signo = TARGET_SIGSEGV;
2877                 info.si_errno = 0;
2878                 /* XXX: check env->error_code */
2879                 info.si_code = TARGET_SEGV_MAPERR;
2880                 info._sifields._sigfault._addr = 0;
2881                 queue_signal(env, info.si_signo, &info);
2882             }
2883             break;
2884 	case EXCP_INTERRUPT:
2885 	  /* just indicate that signals should be handled asap */
2886 	  break;
2887         case EXCP_BREAK:
2888             /* Return address is 4 bytes after the call.  */
2889             env->regs[14] += 4;
2890             env->sregs[SR_PC] = env->regs[14];
2891             ret = do_syscall(env,
2892                              env->regs[12],
2893                              env->regs[5],
2894                              env->regs[6],
2895                              env->regs[7],
2896                              env->regs[8],
2897                              env->regs[9],
2898                              env->regs[10],
2899                              0, 0);
2900             env->regs[3] = ret;
2901             break;
2902         case EXCP_HW_EXCP:
2903             env->regs[17] = env->sregs[SR_PC] + 4;
2904             if (env->iflags & D_FLAG) {
2905                 env->sregs[SR_ESR] |= 1 << 12;
2906                 env->sregs[SR_PC] -= 4;
2907                 /* FIXME: if branch was immed, replay the imm as well.  */
2908             }
2909 
2910             env->iflags &= ~(IMM_FLAG | D_FLAG);
2911 
2912             switch (env->sregs[SR_ESR] & 31) {
2913                 case ESR_EC_DIVZERO:
2914                     info.si_signo = TARGET_SIGFPE;
2915                     info.si_errno = 0;
2916                     info.si_code = TARGET_FPE_FLTDIV;
2917                     info._sifields._sigfault._addr = 0;
2918                     queue_signal(env, info.si_signo, &info);
2919                     break;
2920                 case ESR_EC_FPU:
2921                     info.si_signo = TARGET_SIGFPE;
2922                     info.si_errno = 0;
2923                     if (env->sregs[SR_FSR] & FSR_IO) {
2924                         info.si_code = TARGET_FPE_FLTINV;
2925                     }
2926                     if (env->sregs[SR_FSR] & FSR_DZ) {
2927                         info.si_code = TARGET_FPE_FLTDIV;
2928                     }
2929                     info._sifields._sigfault._addr = 0;
2930                     queue_signal(env, info.si_signo, &info);
2931                     break;
2932                 default:
2933                     printf ("Unhandled hw-exception: 0x%x\n",
2934                             env->sregs[SR_ESR] & ESR_EC_MASK);
2935                     cpu_dump_state(cs, stderr, fprintf, 0);
2936                     exit(EXIT_FAILURE);
2937                     break;
2938             }
2939             break;
2940         case EXCP_DEBUG:
2941             {
2942                 int sig;
2943 
2944                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
2945                 if (sig)
2946                   {
2947                     info.si_signo = sig;
2948                     info.si_errno = 0;
2949                     info.si_code = TARGET_TRAP_BRKPT;
2950                     queue_signal(env, info.si_signo, &info);
2951                   }
2952             }
2953             break;
2954         default:
2955             printf ("Unhandled trap: 0x%x\n", trapnr);
2956             cpu_dump_state(cs, stderr, fprintf, 0);
2957             exit(EXIT_FAILURE);
2958         }
2959         process_pending_signals (env);
2960     }
2961 }
2962 #endif
2963 
2964 #ifdef TARGET_M68K
2965 
2966 void cpu_loop(CPUM68KState *env)
2967 {
2968     CPUState *cs = CPU(m68k_env_get_cpu(env));
2969     int trapnr;
2970     unsigned int n;
2971     target_siginfo_t info;
2972     TaskState *ts = cs->opaque;
2973 
2974     for(;;) {
2975         cpu_exec_start(cs);
2976         trapnr = cpu_m68k_exec(cs);
2977         cpu_exec_end(cs);
2978         switch(trapnr) {
2979         case EXCP_ILLEGAL:
2980             {
2981                 if (ts->sim_syscalls) {
2982                     uint16_t nr;
2983                     get_user_u16(nr, env->pc + 2);
2984                     env->pc += 4;
2985                     do_m68k_simcall(env, nr);
2986                 } else {
2987                     goto do_sigill;
2988                 }
2989             }
2990             break;
2991         case EXCP_HALT_INSN:
2992             /* Semihosing syscall.  */
2993             env->pc += 4;
2994             do_m68k_semihosting(env, env->dregs[0]);
2995             break;
2996         case EXCP_LINEA:
2997         case EXCP_LINEF:
2998         case EXCP_UNSUPPORTED:
2999         do_sigill:
3000             info.si_signo = TARGET_SIGILL;
3001             info.si_errno = 0;
3002             info.si_code = TARGET_ILL_ILLOPN;
3003             info._sifields._sigfault._addr = env->pc;
3004             queue_signal(env, info.si_signo, &info);
3005             break;
3006         case EXCP_TRAP0:
3007             {
3008                 ts->sim_syscalls = 0;
3009                 n = env->dregs[0];
3010                 env->pc += 2;
3011                 env->dregs[0] = do_syscall(env,
3012                                           n,
3013                                           env->dregs[1],
3014                                           env->dregs[2],
3015                                           env->dregs[3],
3016                                           env->dregs[4],
3017                                           env->dregs[5],
3018                                           env->aregs[0],
3019                                           0, 0);
3020             }
3021             break;
3022         case EXCP_INTERRUPT:
3023             /* just indicate that signals should be handled asap */
3024             break;
3025         case EXCP_ACCESS:
3026             {
3027                 info.si_signo = TARGET_SIGSEGV;
3028                 info.si_errno = 0;
3029                 /* XXX: check env->error_code */
3030                 info.si_code = TARGET_SEGV_MAPERR;
3031                 info._sifields._sigfault._addr = env->mmu.ar;
3032                 queue_signal(env, info.si_signo, &info);
3033             }
3034             break;
3035         case EXCP_DEBUG:
3036             {
3037                 int sig;
3038 
3039                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
3040                 if (sig)
3041                   {
3042                     info.si_signo = sig;
3043                     info.si_errno = 0;
3044                     info.si_code = TARGET_TRAP_BRKPT;
3045                     queue_signal(env, info.si_signo, &info);
3046                   }
3047             }
3048             break;
3049         default:
3050             fprintf(stderr, "qemu: unhandled CPU exception 0x%x - aborting\n",
3051                     trapnr);
3052             cpu_dump_state(cs, stderr, fprintf, 0);
3053             abort();
3054         }
3055         process_pending_signals(env);
3056     }
3057 }
3058 #endif /* TARGET_M68K */
3059 
3060 #ifdef TARGET_ALPHA
3061 static void do_store_exclusive(CPUAlphaState *env, int reg, int quad)
3062 {
3063     target_ulong addr, val, tmp;
3064     target_siginfo_t info;
3065     int ret = 0;
3066 
3067     addr = env->lock_addr;
3068     tmp = env->lock_st_addr;
3069     env->lock_addr = -1;
3070     env->lock_st_addr = 0;
3071 
3072     start_exclusive();
3073     mmap_lock();
3074 
3075     if (addr == tmp) {
3076         if (quad ? get_user_s64(val, addr) : get_user_s32(val, addr)) {
3077             goto do_sigsegv;
3078         }
3079 
3080         if (val == env->lock_value) {
3081             tmp = env->ir[reg];
3082             if (quad ? put_user_u64(tmp, addr) : put_user_u32(tmp, addr)) {
3083                 goto do_sigsegv;
3084             }
3085             ret = 1;
3086         }
3087     }
3088     env->ir[reg] = ret;
3089     env->pc += 4;
3090 
3091     mmap_unlock();
3092     end_exclusive();
3093     return;
3094 
3095  do_sigsegv:
3096     mmap_unlock();
3097     end_exclusive();
3098 
3099     info.si_signo = TARGET_SIGSEGV;
3100     info.si_errno = 0;
3101     info.si_code = TARGET_SEGV_MAPERR;
3102     info._sifields._sigfault._addr = addr;
3103     queue_signal(env, TARGET_SIGSEGV, &info);
3104 }
3105 
3106 void cpu_loop(CPUAlphaState *env)
3107 {
3108     CPUState *cs = CPU(alpha_env_get_cpu(env));
3109     int trapnr;
3110     target_siginfo_t info;
3111     abi_long sysret;
3112 
3113     while (1) {
3114         cpu_exec_start(cs);
3115         trapnr = cpu_alpha_exec(cs);
3116         cpu_exec_end(cs);
3117 
3118         /* All of the traps imply a transition through PALcode, which
3119            implies an REI instruction has been executed.  Which means
3120            that the intr_flag should be cleared.  */
3121         env->intr_flag = 0;
3122 
3123         switch (trapnr) {
3124         case EXCP_RESET:
3125             fprintf(stderr, "Reset requested. Exit\n");
3126             exit(EXIT_FAILURE);
3127             break;
3128         case EXCP_MCHK:
3129             fprintf(stderr, "Machine check exception. Exit\n");
3130             exit(EXIT_FAILURE);
3131             break;
3132         case EXCP_SMP_INTERRUPT:
3133         case EXCP_CLK_INTERRUPT:
3134         case EXCP_DEV_INTERRUPT:
3135             fprintf(stderr, "External interrupt. Exit\n");
3136             exit(EXIT_FAILURE);
3137             break;
3138         case EXCP_MMFAULT:
3139             env->lock_addr = -1;
3140             info.si_signo = TARGET_SIGSEGV;
3141             info.si_errno = 0;
3142             info.si_code = (page_get_flags(env->trap_arg0) & PAGE_VALID
3143                             ? TARGET_SEGV_ACCERR : TARGET_SEGV_MAPERR);
3144             info._sifields._sigfault._addr = env->trap_arg0;
3145             queue_signal(env, info.si_signo, &info);
3146             break;
3147         case EXCP_UNALIGN:
3148             env->lock_addr = -1;
3149             info.si_signo = TARGET_SIGBUS;
3150             info.si_errno = 0;
3151             info.si_code = TARGET_BUS_ADRALN;
3152             info._sifields._sigfault._addr = env->trap_arg0;
3153             queue_signal(env, info.si_signo, &info);
3154             break;
3155         case EXCP_OPCDEC:
3156         do_sigill:
3157             env->lock_addr = -1;
3158             info.si_signo = TARGET_SIGILL;
3159             info.si_errno = 0;
3160             info.si_code = TARGET_ILL_ILLOPC;
3161             info._sifields._sigfault._addr = env->pc;
3162             queue_signal(env, info.si_signo, &info);
3163             break;
3164         case EXCP_ARITH:
3165             env->lock_addr = -1;
3166             info.si_signo = TARGET_SIGFPE;
3167             info.si_errno = 0;
3168             info.si_code = TARGET_FPE_FLTINV;
3169             info._sifields._sigfault._addr = env->pc;
3170             queue_signal(env, info.si_signo, &info);
3171             break;
3172         case EXCP_FEN:
3173             /* No-op.  Linux simply re-enables the FPU.  */
3174             break;
3175         case EXCP_CALL_PAL:
3176             env->lock_addr = -1;
3177             switch (env->error_code) {
3178             case 0x80:
3179                 /* BPT */
3180                 info.si_signo = TARGET_SIGTRAP;
3181                 info.si_errno = 0;
3182                 info.si_code = TARGET_TRAP_BRKPT;
3183                 info._sifields._sigfault._addr = env->pc;
3184                 queue_signal(env, info.si_signo, &info);
3185                 break;
3186             case 0x81:
3187                 /* BUGCHK */
3188                 info.si_signo = TARGET_SIGTRAP;
3189                 info.si_errno = 0;
3190                 info.si_code = 0;
3191                 info._sifields._sigfault._addr = env->pc;
3192                 queue_signal(env, info.si_signo, &info);
3193                 break;
3194             case 0x83:
3195                 /* CALLSYS */
3196                 trapnr = env->ir[IR_V0];
3197                 sysret = do_syscall(env, trapnr,
3198                                     env->ir[IR_A0], env->ir[IR_A1],
3199                                     env->ir[IR_A2], env->ir[IR_A3],
3200                                     env->ir[IR_A4], env->ir[IR_A5],
3201                                     0, 0);
3202                 if (trapnr == TARGET_NR_sigreturn
3203                     || trapnr == TARGET_NR_rt_sigreturn) {
3204                     break;
3205                 }
3206                 /* Syscall writes 0 to V0 to bypass error check, similar
3207                    to how this is handled internal to Linux kernel.
3208                    (Ab)use trapnr temporarily as boolean indicating error.  */
3209                 trapnr = (env->ir[IR_V0] != 0 && sysret < 0);
3210                 env->ir[IR_V0] = (trapnr ? -sysret : sysret);
3211                 env->ir[IR_A3] = trapnr;
3212                 break;
3213             case 0x86:
3214                 /* IMB */
3215                 /* ??? We can probably elide the code using page_unprotect
3216                    that is checking for self-modifying code.  Instead we
3217                    could simply call tb_flush here.  Until we work out the
3218                    changes required to turn off the extra write protection,
3219                    this can be a no-op.  */
3220                 break;
3221             case 0x9E:
3222                 /* RDUNIQUE */
3223                 /* Handled in the translator for usermode.  */
3224                 abort();
3225             case 0x9F:
3226                 /* WRUNIQUE */
3227                 /* Handled in the translator for usermode.  */
3228                 abort();
3229             case 0xAA:
3230                 /* GENTRAP */
3231                 info.si_signo = TARGET_SIGFPE;
3232                 switch (env->ir[IR_A0]) {
3233                 case TARGET_GEN_INTOVF:
3234                     info.si_code = TARGET_FPE_INTOVF;
3235                     break;
3236                 case TARGET_GEN_INTDIV:
3237                     info.si_code = TARGET_FPE_INTDIV;
3238                     break;
3239                 case TARGET_GEN_FLTOVF:
3240                     info.si_code = TARGET_FPE_FLTOVF;
3241                     break;
3242                 case TARGET_GEN_FLTUND:
3243                     info.si_code = TARGET_FPE_FLTUND;
3244                     break;
3245                 case TARGET_GEN_FLTINV:
3246                     info.si_code = TARGET_FPE_FLTINV;
3247                     break;
3248                 case TARGET_GEN_FLTINE:
3249                     info.si_code = TARGET_FPE_FLTRES;
3250                     break;
3251                 case TARGET_GEN_ROPRAND:
3252                     info.si_code = 0;
3253                     break;
3254                 default:
3255                     info.si_signo = TARGET_SIGTRAP;
3256                     info.si_code = 0;
3257                     break;
3258                 }
3259                 info.si_errno = 0;
3260                 info._sifields._sigfault._addr = env->pc;
3261                 queue_signal(env, info.si_signo, &info);
3262                 break;
3263             default:
3264                 goto do_sigill;
3265             }
3266             break;
3267         case EXCP_DEBUG:
3268             info.si_signo = gdb_handlesig(cs, TARGET_SIGTRAP);
3269             if (info.si_signo) {
3270                 env->lock_addr = -1;
3271                 info.si_errno = 0;
3272                 info.si_code = TARGET_TRAP_BRKPT;
3273                 queue_signal(env, info.si_signo, &info);
3274             }
3275             break;
3276         case EXCP_STL_C:
3277         case EXCP_STQ_C:
3278             do_store_exclusive(env, env->error_code, trapnr - EXCP_STL_C);
3279             break;
3280         case EXCP_INTERRUPT:
3281             /* Just indicate that signals should be handled asap.  */
3282             break;
3283         default:
3284             printf ("Unhandled trap: 0x%x\n", trapnr);
3285             cpu_dump_state(cs, stderr, fprintf, 0);
3286             exit(EXIT_FAILURE);
3287         }
3288         process_pending_signals (env);
3289     }
3290 }
3291 #endif /* TARGET_ALPHA */
3292 
3293 #ifdef TARGET_S390X
3294 void cpu_loop(CPUS390XState *env)
3295 {
3296     CPUState *cs = CPU(s390_env_get_cpu(env));
3297     int trapnr, n, sig;
3298     target_siginfo_t info;
3299     target_ulong addr;
3300 
3301     while (1) {
3302         cpu_exec_start(cs);
3303         trapnr = cpu_s390x_exec(cs);
3304         cpu_exec_end(cs);
3305         switch (trapnr) {
3306         case EXCP_INTERRUPT:
3307             /* Just indicate that signals should be handled asap.  */
3308             break;
3309 
3310         case EXCP_SVC:
3311             n = env->int_svc_code;
3312             if (!n) {
3313                 /* syscalls > 255 */
3314                 n = env->regs[1];
3315             }
3316             env->psw.addr += env->int_svc_ilen;
3317             env->regs[2] = do_syscall(env, n, env->regs[2], env->regs[3],
3318                                       env->regs[4], env->regs[5],
3319                                       env->regs[6], env->regs[7], 0, 0);
3320             break;
3321 
3322         case EXCP_DEBUG:
3323             sig = gdb_handlesig(cs, TARGET_SIGTRAP);
3324             if (sig) {
3325                 n = TARGET_TRAP_BRKPT;
3326                 goto do_signal_pc;
3327             }
3328             break;
3329         case EXCP_PGM:
3330             n = env->int_pgm_code;
3331             switch (n) {
3332             case PGM_OPERATION:
3333             case PGM_PRIVILEGED:
3334                 sig = TARGET_SIGILL;
3335                 n = TARGET_ILL_ILLOPC;
3336                 goto do_signal_pc;
3337             case PGM_PROTECTION:
3338             case PGM_ADDRESSING:
3339                 sig = TARGET_SIGSEGV;
3340                 /* XXX: check env->error_code */
3341                 n = TARGET_SEGV_MAPERR;
3342                 addr = env->__excp_addr;
3343                 goto do_signal;
3344             case PGM_EXECUTE:
3345             case PGM_SPECIFICATION:
3346             case PGM_SPECIAL_OP:
3347             case PGM_OPERAND:
3348             do_sigill_opn:
3349                 sig = TARGET_SIGILL;
3350                 n = TARGET_ILL_ILLOPN;
3351                 goto do_signal_pc;
3352 
3353             case PGM_FIXPT_OVERFLOW:
3354                 sig = TARGET_SIGFPE;
3355                 n = TARGET_FPE_INTOVF;
3356                 goto do_signal_pc;
3357             case PGM_FIXPT_DIVIDE:
3358                 sig = TARGET_SIGFPE;
3359                 n = TARGET_FPE_INTDIV;
3360                 goto do_signal_pc;
3361 
3362             case PGM_DATA:
3363                 n = (env->fpc >> 8) & 0xff;
3364                 if (n == 0xff) {
3365                     /* compare-and-trap */
3366                     goto do_sigill_opn;
3367                 } else {
3368                     /* An IEEE exception, simulated or otherwise.  */
3369                     if (n & 0x80) {
3370                         n = TARGET_FPE_FLTINV;
3371                     } else if (n & 0x40) {
3372                         n = TARGET_FPE_FLTDIV;
3373                     } else if (n & 0x20) {
3374                         n = TARGET_FPE_FLTOVF;
3375                     } else if (n & 0x10) {
3376                         n = TARGET_FPE_FLTUND;
3377                     } else if (n & 0x08) {
3378                         n = TARGET_FPE_FLTRES;
3379                     } else {
3380                         /* ??? Quantum exception; BFP, DFP error.  */
3381                         goto do_sigill_opn;
3382                     }
3383                     sig = TARGET_SIGFPE;
3384                     goto do_signal_pc;
3385                 }
3386 
3387             default:
3388                 fprintf(stderr, "Unhandled program exception: %#x\n", n);
3389                 cpu_dump_state(cs, stderr, fprintf, 0);
3390                 exit(EXIT_FAILURE);
3391             }
3392             break;
3393 
3394         do_signal_pc:
3395             addr = env->psw.addr;
3396         do_signal:
3397             info.si_signo = sig;
3398             info.si_errno = 0;
3399             info.si_code = n;
3400             info._sifields._sigfault._addr = addr;
3401             queue_signal(env, info.si_signo, &info);
3402             break;
3403 
3404         default:
3405             fprintf(stderr, "Unhandled trap: 0x%x\n", trapnr);
3406             cpu_dump_state(cs, stderr, fprintf, 0);
3407             exit(EXIT_FAILURE);
3408         }
3409         process_pending_signals (env);
3410     }
3411 }
3412 
3413 #endif /* TARGET_S390X */
3414 
3415 #ifdef TARGET_TILEGX
3416 
3417 static void gen_sigill_reg(CPUTLGState *env)
3418 {
3419     target_siginfo_t info;
3420 
3421     info.si_signo = TARGET_SIGILL;
3422     info.si_errno = 0;
3423     info.si_code = TARGET_ILL_PRVREG;
3424     info._sifields._sigfault._addr = env->pc;
3425     queue_signal(env, info.si_signo, &info);
3426 }
3427 
3428 static void do_signal(CPUTLGState *env, int signo, int sigcode)
3429 {
3430     target_siginfo_t info;
3431 
3432     info.si_signo = signo;
3433     info.si_errno = 0;
3434     info._sifields._sigfault._addr = env->pc;
3435 
3436     if (signo == TARGET_SIGSEGV) {
3437         /* The passed in sigcode is a dummy; check for a page mapping
3438            and pass either MAPERR or ACCERR.  */
3439         target_ulong addr = env->excaddr;
3440         info._sifields._sigfault._addr = addr;
3441         if (page_check_range(addr, 1, PAGE_VALID) < 0) {
3442             sigcode = TARGET_SEGV_MAPERR;
3443         } else {
3444             sigcode = TARGET_SEGV_ACCERR;
3445         }
3446     }
3447     info.si_code = sigcode;
3448 
3449     queue_signal(env, info.si_signo, &info);
3450 }
3451 
3452 static void gen_sigsegv_maperr(CPUTLGState *env, target_ulong addr)
3453 {
3454     env->excaddr = addr;
3455     do_signal(env, TARGET_SIGSEGV, 0);
3456 }
3457 
3458 static void set_regval(CPUTLGState *env, uint8_t reg, uint64_t val)
3459 {
3460     if (unlikely(reg >= TILEGX_R_COUNT)) {
3461         switch (reg) {
3462         case TILEGX_R_SN:
3463         case TILEGX_R_ZERO:
3464             return;
3465         case TILEGX_R_IDN0:
3466         case TILEGX_R_IDN1:
3467         case TILEGX_R_UDN0:
3468         case TILEGX_R_UDN1:
3469         case TILEGX_R_UDN2:
3470         case TILEGX_R_UDN3:
3471             gen_sigill_reg(env);
3472             return;
3473         default:
3474             g_assert_not_reached();
3475         }
3476     }
3477     env->regs[reg] = val;
3478 }
3479 
3480 /*
3481  * Compare the 8-byte contents of the CmpValue SPR with the 8-byte value in
3482  * memory at the address held in the first source register. If the values are
3483  * not equal, then no memory operation is performed. If the values are equal,
3484  * the 8-byte quantity from the second source register is written into memory
3485  * at the address held in the first source register. In either case, the result
3486  * of the instruction is the value read from memory. The compare and write to
3487  * memory are atomic and thus can be used for synchronization purposes. This
3488  * instruction only operates for addresses aligned to a 8-byte boundary.
3489  * Unaligned memory access causes an Unaligned Data Reference interrupt.
3490  *
3491  * Functional Description (64-bit)
3492  *       uint64_t memVal = memoryReadDoubleWord (rf[SrcA]);
3493  *       rf[Dest] = memVal;
3494  *       if (memVal == SPR[CmpValueSPR])
3495  *           memoryWriteDoubleWord (rf[SrcA], rf[SrcB]);
3496  *
3497  * Functional Description (32-bit)
3498  *       uint64_t memVal = signExtend32 (memoryReadWord (rf[SrcA]));
3499  *       rf[Dest] = memVal;
3500  *       if (memVal == signExtend32 (SPR[CmpValueSPR]))
3501  *           memoryWriteWord (rf[SrcA], rf[SrcB]);
3502  *
3503  *
3504  * This function also processes exch and exch4 which need not process SPR.
3505  */
3506 static void do_exch(CPUTLGState *env, bool quad, bool cmp)
3507 {
3508     target_ulong addr;
3509     target_long val, sprval;
3510 
3511     start_exclusive();
3512 
3513     addr = env->atomic_srca;
3514     if (quad ? get_user_s64(val, addr) : get_user_s32(val, addr)) {
3515         goto sigsegv_maperr;
3516     }
3517 
3518     if (cmp) {
3519         if (quad) {
3520             sprval = env->spregs[TILEGX_SPR_CMPEXCH];
3521         } else {
3522             sprval = sextract64(env->spregs[TILEGX_SPR_CMPEXCH], 0, 32);
3523         }
3524     }
3525 
3526     if (!cmp || val == sprval) {
3527         target_long valb = env->atomic_srcb;
3528         if (quad ? put_user_u64(valb, addr) : put_user_u32(valb, addr)) {
3529             goto sigsegv_maperr;
3530         }
3531     }
3532 
3533     set_regval(env, env->atomic_dstr, val);
3534     end_exclusive();
3535     return;
3536 
3537  sigsegv_maperr:
3538     end_exclusive();
3539     gen_sigsegv_maperr(env, addr);
3540 }
3541 
3542 static void do_fetch(CPUTLGState *env, int trapnr, bool quad)
3543 {
3544     int8_t write = 1;
3545     target_ulong addr;
3546     target_long val, valb;
3547 
3548     start_exclusive();
3549 
3550     addr = env->atomic_srca;
3551     valb = env->atomic_srcb;
3552     if (quad ? get_user_s64(val, addr) : get_user_s32(val, addr)) {
3553         goto sigsegv_maperr;
3554     }
3555 
3556     switch (trapnr) {
3557     case TILEGX_EXCP_OPCODE_FETCHADD:
3558     case TILEGX_EXCP_OPCODE_FETCHADD4:
3559         valb += val;
3560         break;
3561     case TILEGX_EXCP_OPCODE_FETCHADDGEZ:
3562         valb += val;
3563         if (valb < 0) {
3564             write = 0;
3565         }
3566         break;
3567     case TILEGX_EXCP_OPCODE_FETCHADDGEZ4:
3568         valb += val;
3569         if ((int32_t)valb < 0) {
3570             write = 0;
3571         }
3572         break;
3573     case TILEGX_EXCP_OPCODE_FETCHAND:
3574     case TILEGX_EXCP_OPCODE_FETCHAND4:
3575         valb &= val;
3576         break;
3577     case TILEGX_EXCP_OPCODE_FETCHOR:
3578     case TILEGX_EXCP_OPCODE_FETCHOR4:
3579         valb |= val;
3580         break;
3581     default:
3582         g_assert_not_reached();
3583     }
3584 
3585     if (write) {
3586         if (quad ? put_user_u64(valb, addr) : put_user_u32(valb, addr)) {
3587             goto sigsegv_maperr;
3588         }
3589     }
3590 
3591     set_regval(env, env->atomic_dstr, val);
3592     end_exclusive();
3593     return;
3594 
3595  sigsegv_maperr:
3596     end_exclusive();
3597     gen_sigsegv_maperr(env, addr);
3598 }
3599 
3600 void cpu_loop(CPUTLGState *env)
3601 {
3602     CPUState *cs = CPU(tilegx_env_get_cpu(env));
3603     int trapnr;
3604 
3605     while (1) {
3606         cpu_exec_start(cs);
3607         trapnr = cpu_tilegx_exec(cs);
3608         cpu_exec_end(cs);
3609         switch (trapnr) {
3610         case TILEGX_EXCP_SYSCALL:
3611             env->regs[TILEGX_R_RE] = do_syscall(env, env->regs[TILEGX_R_NR],
3612                                                 env->regs[0], env->regs[1],
3613                                                 env->regs[2], env->regs[3],
3614                                                 env->regs[4], env->regs[5],
3615                                                 env->regs[6], env->regs[7]);
3616             env->regs[TILEGX_R_ERR] = TILEGX_IS_ERRNO(env->regs[TILEGX_R_RE])
3617                                                       ? - env->regs[TILEGX_R_RE]
3618                                                       : 0;
3619             break;
3620         case TILEGX_EXCP_OPCODE_EXCH:
3621             do_exch(env, true, false);
3622             break;
3623         case TILEGX_EXCP_OPCODE_EXCH4:
3624             do_exch(env, false, false);
3625             break;
3626         case TILEGX_EXCP_OPCODE_CMPEXCH:
3627             do_exch(env, true, true);
3628             break;
3629         case TILEGX_EXCP_OPCODE_CMPEXCH4:
3630             do_exch(env, false, true);
3631             break;
3632         case TILEGX_EXCP_OPCODE_FETCHADD:
3633         case TILEGX_EXCP_OPCODE_FETCHADDGEZ:
3634         case TILEGX_EXCP_OPCODE_FETCHAND:
3635         case TILEGX_EXCP_OPCODE_FETCHOR:
3636             do_fetch(env, trapnr, true);
3637             break;
3638         case TILEGX_EXCP_OPCODE_FETCHADD4:
3639         case TILEGX_EXCP_OPCODE_FETCHADDGEZ4:
3640         case TILEGX_EXCP_OPCODE_FETCHAND4:
3641         case TILEGX_EXCP_OPCODE_FETCHOR4:
3642             do_fetch(env, trapnr, false);
3643             break;
3644         case TILEGX_EXCP_SIGNAL:
3645             do_signal(env, env->signo, env->sigcode);
3646             break;
3647         case TILEGX_EXCP_REG_IDN_ACCESS:
3648         case TILEGX_EXCP_REG_UDN_ACCESS:
3649             gen_sigill_reg(env);
3650             break;
3651         default:
3652             fprintf(stderr, "trapnr is %d[0x%x].\n", trapnr, trapnr);
3653             g_assert_not_reached();
3654         }
3655         process_pending_signals(env);
3656     }
3657 }
3658 
3659 #endif
3660 
3661 THREAD CPUState *thread_cpu;
3662 
3663 void task_settid(TaskState *ts)
3664 {
3665     if (ts->ts_tid == 0) {
3666         ts->ts_tid = (pid_t)syscall(SYS_gettid);
3667     }
3668 }
3669 
3670 void stop_all_tasks(void)
3671 {
3672     /*
3673      * We trust that when using NPTL, start_exclusive()
3674      * handles thread stopping correctly.
3675      */
3676     start_exclusive();
3677 }
3678 
3679 /* Assumes contents are already zeroed.  */
3680 void init_task_state(TaskState *ts)
3681 {
3682     int i;
3683 
3684     ts->used = 1;
3685     ts->first_free = ts->sigqueue_table;
3686     for (i = 0; i < MAX_SIGQUEUE_SIZE - 1; i++) {
3687         ts->sigqueue_table[i].next = &ts->sigqueue_table[i + 1];
3688     }
3689     ts->sigqueue_table[i].next = NULL;
3690 }
3691 
3692 CPUArchState *cpu_copy(CPUArchState *env)
3693 {
3694     CPUState *cpu = ENV_GET_CPU(env);
3695     CPUState *new_cpu = cpu_init(cpu_model);
3696     CPUArchState *new_env = new_cpu->env_ptr;
3697     CPUBreakpoint *bp;
3698     CPUWatchpoint *wp;
3699 
3700     /* Reset non arch specific state */
3701     cpu_reset(new_cpu);
3702 
3703     memcpy(new_env, env, sizeof(CPUArchState));
3704 
3705     /* Clone all break/watchpoints.
3706        Note: Once we support ptrace with hw-debug register access, make sure
3707        BP_CPU break/watchpoints are handled correctly on clone. */
3708     QTAILQ_INIT(&new_cpu->breakpoints);
3709     QTAILQ_INIT(&new_cpu->watchpoints);
3710     QTAILQ_FOREACH(bp, &cpu->breakpoints, entry) {
3711         cpu_breakpoint_insert(new_cpu, bp->pc, bp->flags, NULL);
3712     }
3713     QTAILQ_FOREACH(wp, &cpu->watchpoints, entry) {
3714         cpu_watchpoint_insert(new_cpu, wp->vaddr, wp->len, wp->flags, NULL);
3715     }
3716 
3717     return new_env;
3718 }
3719 
3720 static void handle_arg_help(const char *arg)
3721 {
3722     usage(EXIT_SUCCESS);
3723 }
3724 
3725 static void handle_arg_log(const char *arg)
3726 {
3727     int mask;
3728 
3729     mask = qemu_str_to_log_mask(arg);
3730     if (!mask) {
3731         qemu_print_log_usage(stdout);
3732         exit(EXIT_FAILURE);
3733     }
3734     qemu_set_log(mask);
3735 }
3736 
3737 static void handle_arg_log_filename(const char *arg)
3738 {
3739     qemu_set_log_filename(arg);
3740 }
3741 
3742 static void handle_arg_set_env(const char *arg)
3743 {
3744     char *r, *p, *token;
3745     r = p = strdup(arg);
3746     while ((token = strsep(&p, ",")) != NULL) {
3747         if (envlist_setenv(envlist, token) != 0) {
3748             usage(EXIT_FAILURE);
3749         }
3750     }
3751     free(r);
3752 }
3753 
3754 static void handle_arg_unset_env(const char *arg)
3755 {
3756     char *r, *p, *token;
3757     r = p = strdup(arg);
3758     while ((token = strsep(&p, ",")) != NULL) {
3759         if (envlist_unsetenv(envlist, token) != 0) {
3760             usage(EXIT_FAILURE);
3761         }
3762     }
3763     free(r);
3764 }
3765 
3766 static void handle_arg_argv0(const char *arg)
3767 {
3768     argv0 = strdup(arg);
3769 }
3770 
3771 static void handle_arg_stack_size(const char *arg)
3772 {
3773     char *p;
3774     guest_stack_size = strtoul(arg, &p, 0);
3775     if (guest_stack_size == 0) {
3776         usage(EXIT_FAILURE);
3777     }
3778 
3779     if (*p == 'M') {
3780         guest_stack_size *= 1024 * 1024;
3781     } else if (*p == 'k' || *p == 'K') {
3782         guest_stack_size *= 1024;
3783     }
3784 }
3785 
3786 static void handle_arg_ld_prefix(const char *arg)
3787 {
3788     interp_prefix = strdup(arg);
3789 }
3790 
3791 static void handle_arg_pagesize(const char *arg)
3792 {
3793     qemu_host_page_size = atoi(arg);
3794     if (qemu_host_page_size == 0 ||
3795         (qemu_host_page_size & (qemu_host_page_size - 1)) != 0) {
3796         fprintf(stderr, "page size must be a power of two\n");
3797         exit(EXIT_FAILURE);
3798     }
3799 }
3800 
3801 static void handle_arg_randseed(const char *arg)
3802 {
3803     unsigned long long seed;
3804 
3805     if (parse_uint_full(arg, &seed, 0) != 0 || seed > UINT_MAX) {
3806         fprintf(stderr, "Invalid seed number: %s\n", arg);
3807         exit(EXIT_FAILURE);
3808     }
3809     srand(seed);
3810 }
3811 
3812 static void handle_arg_gdb(const char *arg)
3813 {
3814     gdbstub_port = atoi(arg);
3815 }
3816 
3817 static void handle_arg_uname(const char *arg)
3818 {
3819     qemu_uname_release = strdup(arg);
3820 }
3821 
3822 static void handle_arg_cpu(const char *arg)
3823 {
3824     cpu_model = strdup(arg);
3825     if (cpu_model == NULL || is_help_option(cpu_model)) {
3826         /* XXX: implement xxx_cpu_list for targets that still miss it */
3827 #if defined(cpu_list)
3828         cpu_list(stdout, &fprintf);
3829 #endif
3830         exit(EXIT_FAILURE);
3831     }
3832 }
3833 
3834 static void handle_arg_guest_base(const char *arg)
3835 {
3836     guest_base = strtol(arg, NULL, 0);
3837     have_guest_base = 1;
3838 }
3839 
3840 static void handle_arg_reserved_va(const char *arg)
3841 {
3842     char *p;
3843     int shift = 0;
3844     reserved_va = strtoul(arg, &p, 0);
3845     switch (*p) {
3846     case 'k':
3847     case 'K':
3848         shift = 10;
3849         break;
3850     case 'M':
3851         shift = 20;
3852         break;
3853     case 'G':
3854         shift = 30;
3855         break;
3856     }
3857     if (shift) {
3858         unsigned long unshifted = reserved_va;
3859         p++;
3860         reserved_va <<= shift;
3861         if (((reserved_va >> shift) != unshifted)
3862 #if HOST_LONG_BITS > TARGET_VIRT_ADDR_SPACE_BITS
3863             || (reserved_va > (1ul << TARGET_VIRT_ADDR_SPACE_BITS))
3864 #endif
3865             ) {
3866             fprintf(stderr, "Reserved virtual address too big\n");
3867             exit(EXIT_FAILURE);
3868         }
3869     }
3870     if (*p) {
3871         fprintf(stderr, "Unrecognised -R size suffix '%s'\n", p);
3872         exit(EXIT_FAILURE);
3873     }
3874 }
3875 
3876 static void handle_arg_singlestep(const char *arg)
3877 {
3878     singlestep = 1;
3879 }
3880 
3881 static void handle_arg_strace(const char *arg)
3882 {
3883     do_strace = 1;
3884 }
3885 
3886 static void handle_arg_version(const char *arg)
3887 {
3888     printf("qemu-" TARGET_NAME " version " QEMU_VERSION QEMU_PKGVERSION
3889            ", Copyright (c) 2003-2008 Fabrice Bellard\n");
3890     exit(EXIT_SUCCESS);
3891 }
3892 
3893 struct qemu_argument {
3894     const char *argv;
3895     const char *env;
3896     bool has_arg;
3897     void (*handle_opt)(const char *arg);
3898     const char *example;
3899     const char *help;
3900 };
3901 
3902 static const struct qemu_argument arg_table[] = {
3903     {"h",          "",                 false, handle_arg_help,
3904      "",           "print this help"},
3905     {"help",       "",                 false, handle_arg_help,
3906      "",           ""},
3907     {"g",          "QEMU_GDB",         true,  handle_arg_gdb,
3908      "port",       "wait gdb connection to 'port'"},
3909     {"L",          "QEMU_LD_PREFIX",   true,  handle_arg_ld_prefix,
3910      "path",       "set the elf interpreter prefix to 'path'"},
3911     {"s",          "QEMU_STACK_SIZE",  true,  handle_arg_stack_size,
3912      "size",       "set the stack size to 'size' bytes"},
3913     {"cpu",        "QEMU_CPU",         true,  handle_arg_cpu,
3914      "model",      "select CPU (-cpu help for list)"},
3915     {"E",          "QEMU_SET_ENV",     true,  handle_arg_set_env,
3916      "var=value",  "sets targets environment variable (see below)"},
3917     {"U",          "QEMU_UNSET_ENV",   true,  handle_arg_unset_env,
3918      "var",        "unsets targets environment variable (see below)"},
3919     {"0",          "QEMU_ARGV0",       true,  handle_arg_argv0,
3920      "argv0",      "forces target process argv[0] to be 'argv0'"},
3921     {"r",          "QEMU_UNAME",       true,  handle_arg_uname,
3922      "uname",      "set qemu uname release string to 'uname'"},
3923     {"B",          "QEMU_GUEST_BASE",  true,  handle_arg_guest_base,
3924      "address",    "set guest_base address to 'address'"},
3925     {"R",          "QEMU_RESERVED_VA", true,  handle_arg_reserved_va,
3926      "size",       "reserve 'size' bytes for guest virtual address space"},
3927     {"d",          "QEMU_LOG",         true,  handle_arg_log,
3928      "item[,...]", "enable logging of specified items "
3929      "(use '-d help' for a list of items)"},
3930     {"D",          "QEMU_LOG_FILENAME", true, handle_arg_log_filename,
3931      "logfile",     "write logs to 'logfile' (default stderr)"},
3932     {"p",          "QEMU_PAGESIZE",    true,  handle_arg_pagesize,
3933      "pagesize",   "set the host page size to 'pagesize'"},
3934     {"singlestep", "QEMU_SINGLESTEP",  false, handle_arg_singlestep,
3935      "",           "run in singlestep mode"},
3936     {"strace",     "QEMU_STRACE",      false, handle_arg_strace,
3937      "",           "log system calls"},
3938     {"seed",       "QEMU_RAND_SEED",   true,  handle_arg_randseed,
3939      "",           "Seed for pseudo-random number generator"},
3940     {"version",    "QEMU_VERSION",     false, handle_arg_version,
3941      "",           "display version information and exit"},
3942     {NULL, NULL, false, NULL, NULL, NULL}
3943 };
3944 
3945 static void usage(int exitcode)
3946 {
3947     const struct qemu_argument *arginfo;
3948     int maxarglen;
3949     int maxenvlen;
3950 
3951     printf("usage: qemu-" TARGET_NAME " [options] program [arguments...]\n"
3952            "Linux CPU emulator (compiled for " TARGET_NAME " emulation)\n"
3953            "\n"
3954            "Options and associated environment variables:\n"
3955            "\n");
3956 
3957     /* Calculate column widths. We must always have at least enough space
3958      * for the column header.
3959      */
3960     maxarglen = strlen("Argument");
3961     maxenvlen = strlen("Env-variable");
3962 
3963     for (arginfo = arg_table; arginfo->handle_opt != NULL; arginfo++) {
3964         int arglen = strlen(arginfo->argv);
3965         if (arginfo->has_arg) {
3966             arglen += strlen(arginfo->example) + 1;
3967         }
3968         if (strlen(arginfo->env) > maxenvlen) {
3969             maxenvlen = strlen(arginfo->env);
3970         }
3971         if (arglen > maxarglen) {
3972             maxarglen = arglen;
3973         }
3974     }
3975 
3976     printf("%-*s %-*s Description\n", maxarglen+1, "Argument",
3977             maxenvlen, "Env-variable");
3978 
3979     for (arginfo = arg_table; arginfo->handle_opt != NULL; arginfo++) {
3980         if (arginfo->has_arg) {
3981             printf("-%s %-*s %-*s %s\n", arginfo->argv,
3982                    (int)(maxarglen - strlen(arginfo->argv) - 1),
3983                    arginfo->example, maxenvlen, arginfo->env, arginfo->help);
3984         } else {
3985             printf("-%-*s %-*s %s\n", maxarglen, arginfo->argv,
3986                     maxenvlen, arginfo->env,
3987                     arginfo->help);
3988         }
3989     }
3990 
3991     printf("\n"
3992            "Defaults:\n"
3993            "QEMU_LD_PREFIX  = %s\n"
3994            "QEMU_STACK_SIZE = %ld byte\n",
3995            interp_prefix,
3996            guest_stack_size);
3997 
3998     printf("\n"
3999            "You can use -E and -U options or the QEMU_SET_ENV and\n"
4000            "QEMU_UNSET_ENV environment variables to set and unset\n"
4001            "environment variables for the target process.\n"
4002            "It is possible to provide several variables by separating them\n"
4003            "by commas in getsubopt(3) style. Additionally it is possible to\n"
4004            "provide the -E and -U options multiple times.\n"
4005            "The following lines are equivalent:\n"
4006            "    -E var1=val2 -E var2=val2 -U LD_PRELOAD -U LD_DEBUG\n"
4007            "    -E var1=val2,var2=val2 -U LD_PRELOAD,LD_DEBUG\n"
4008            "    QEMU_SET_ENV=var1=val2,var2=val2 QEMU_UNSET_ENV=LD_PRELOAD,LD_DEBUG\n"
4009            "Note that if you provide several changes to a single variable\n"
4010            "the last change will stay in effect.\n");
4011 
4012     exit(exitcode);
4013 }
4014 
4015 static int parse_args(int argc, char **argv)
4016 {
4017     const char *r;
4018     int optind;
4019     const struct qemu_argument *arginfo;
4020 
4021     for (arginfo = arg_table; arginfo->handle_opt != NULL; arginfo++) {
4022         if (arginfo->env == NULL) {
4023             continue;
4024         }
4025 
4026         r = getenv(arginfo->env);
4027         if (r != NULL) {
4028             arginfo->handle_opt(r);
4029         }
4030     }
4031 
4032     optind = 1;
4033     for (;;) {
4034         if (optind >= argc) {
4035             break;
4036         }
4037         r = argv[optind];
4038         if (r[0] != '-') {
4039             break;
4040         }
4041         optind++;
4042         r++;
4043         if (!strcmp(r, "-")) {
4044             break;
4045         }
4046         /* Treat --foo the same as -foo.  */
4047         if (r[0] == '-') {
4048             r++;
4049         }
4050 
4051         for (arginfo = arg_table; arginfo->handle_opt != NULL; arginfo++) {
4052             if (!strcmp(r, arginfo->argv)) {
4053                 if (arginfo->has_arg) {
4054                     if (optind >= argc) {
4055                         (void) fprintf(stderr,
4056                             "qemu: missing argument for option '%s'\n", r);
4057                         exit(EXIT_FAILURE);
4058                     }
4059                     arginfo->handle_opt(argv[optind]);
4060                     optind++;
4061                 } else {
4062                     arginfo->handle_opt(NULL);
4063                 }
4064                 break;
4065             }
4066         }
4067 
4068         /* no option matched the current argv */
4069         if (arginfo->handle_opt == NULL) {
4070             (void) fprintf(stderr, "qemu: unknown option '%s'\n", r);
4071             exit(EXIT_FAILURE);
4072         }
4073     }
4074 
4075     if (optind >= argc) {
4076         (void) fprintf(stderr, "qemu: no user program specified\n");
4077         exit(EXIT_FAILURE);
4078     }
4079 
4080     filename = argv[optind];
4081     exec_path = argv[optind];
4082 
4083     return optind;
4084 }
4085 
4086 int main(int argc, char **argv, char **envp)
4087 {
4088     struct target_pt_regs regs1, *regs = &regs1;
4089     struct image_info info1, *info = &info1;
4090     struct linux_binprm bprm;
4091     TaskState *ts;
4092     CPUArchState *env;
4093     CPUState *cpu;
4094     int optind;
4095     char **target_environ, **wrk;
4096     char **target_argv;
4097     int target_argc;
4098     int i;
4099     int ret;
4100     int execfd;
4101 
4102     module_call_init(MODULE_INIT_QOM);
4103 
4104     if ((envlist = envlist_create()) == NULL) {
4105         (void) fprintf(stderr, "Unable to allocate envlist\n");
4106         exit(EXIT_FAILURE);
4107     }
4108 
4109     /* add current environment into the list */
4110     for (wrk = environ; *wrk != NULL; wrk++) {
4111         (void) envlist_setenv(envlist, *wrk);
4112     }
4113 
4114     /* Read the stack limit from the kernel.  If it's "unlimited",
4115        then we can do little else besides use the default.  */
4116     {
4117         struct rlimit lim;
4118         if (getrlimit(RLIMIT_STACK, &lim) == 0
4119             && lim.rlim_cur != RLIM_INFINITY
4120             && lim.rlim_cur == (target_long)lim.rlim_cur) {
4121             guest_stack_size = lim.rlim_cur;
4122         }
4123     }
4124 
4125     cpu_model = NULL;
4126 #if defined(cpudef_setup)
4127     cpudef_setup(); /* parse cpu definitions in target config file (TBD) */
4128 #endif
4129 
4130     srand(time(NULL));
4131 
4132     optind = parse_args(argc, argv);
4133 
4134     /* Zero out regs */
4135     memset(regs, 0, sizeof(struct target_pt_regs));
4136 
4137     /* Zero out image_info */
4138     memset(info, 0, sizeof(struct image_info));
4139 
4140     memset(&bprm, 0, sizeof (bprm));
4141 
4142     /* Scan interp_prefix dir for replacement files. */
4143     init_paths(interp_prefix);
4144 
4145     init_qemu_uname_release();
4146 
4147     if (cpu_model == NULL) {
4148 #if defined(TARGET_I386)
4149 #ifdef TARGET_X86_64
4150         cpu_model = "qemu64";
4151 #else
4152         cpu_model = "qemu32";
4153 #endif
4154 #elif defined(TARGET_ARM)
4155         cpu_model = "any";
4156 #elif defined(TARGET_UNICORE32)
4157         cpu_model = "any";
4158 #elif defined(TARGET_M68K)
4159         cpu_model = "any";
4160 #elif defined(TARGET_SPARC)
4161 #ifdef TARGET_SPARC64
4162         cpu_model = "TI UltraSparc II";
4163 #else
4164         cpu_model = "Fujitsu MB86904";
4165 #endif
4166 #elif defined(TARGET_MIPS)
4167 #if defined(TARGET_ABI_MIPSN32) || defined(TARGET_ABI_MIPSN64)
4168         cpu_model = "5KEf";
4169 #else
4170         cpu_model = "24Kf";
4171 #endif
4172 #elif defined TARGET_OPENRISC
4173         cpu_model = "or1200";
4174 #elif defined(TARGET_PPC)
4175 # ifdef TARGET_PPC64
4176         cpu_model = "POWER7";
4177 # else
4178         cpu_model = "750";
4179 # endif
4180 #elif defined TARGET_SH4
4181         cpu_model = TYPE_SH7785_CPU;
4182 #else
4183         cpu_model = "any";
4184 #endif
4185     }
4186     tcg_exec_init(0);
4187     /* NOTE: we need to init the CPU at this stage to get
4188        qemu_host_page_size */
4189     cpu = cpu_init(cpu_model);
4190     if (!cpu) {
4191         fprintf(stderr, "Unable to find CPU definition\n");
4192         exit(EXIT_FAILURE);
4193     }
4194     env = cpu->env_ptr;
4195     cpu_reset(cpu);
4196 
4197     thread_cpu = cpu;
4198 
4199     if (getenv("QEMU_STRACE")) {
4200         do_strace = 1;
4201     }
4202 
4203     if (getenv("QEMU_RAND_SEED")) {
4204         handle_arg_randseed(getenv("QEMU_RAND_SEED"));
4205     }
4206 
4207     target_environ = envlist_to_environ(envlist, NULL);
4208     envlist_free(envlist);
4209 
4210     /*
4211      * Now that page sizes are configured in cpu_init() we can do
4212      * proper page alignment for guest_base.
4213      */
4214     guest_base = HOST_PAGE_ALIGN(guest_base);
4215 
4216     if (reserved_va || have_guest_base) {
4217         guest_base = init_guest_space(guest_base, reserved_va, 0,
4218                                       have_guest_base);
4219         if (guest_base == (unsigned long)-1) {
4220             fprintf(stderr, "Unable to reserve 0x%lx bytes of virtual address "
4221                     "space for use as guest address space (check your virtual "
4222                     "memory ulimit setting or reserve less using -R option)\n",
4223                     reserved_va);
4224             exit(EXIT_FAILURE);
4225         }
4226 
4227         if (reserved_va) {
4228             mmap_next_start = reserved_va;
4229         }
4230     }
4231 
4232     /*
4233      * Read in mmap_min_addr kernel parameter.  This value is used
4234      * When loading the ELF image to determine whether guest_base
4235      * is needed.  It is also used in mmap_find_vma.
4236      */
4237     {
4238         FILE *fp;
4239 
4240         if ((fp = fopen("/proc/sys/vm/mmap_min_addr", "r")) != NULL) {
4241             unsigned long tmp;
4242             if (fscanf(fp, "%lu", &tmp) == 1) {
4243                 mmap_min_addr = tmp;
4244                 qemu_log("host mmap_min_addr=0x%lx\n", mmap_min_addr);
4245             }
4246             fclose(fp);
4247         }
4248     }
4249 
4250     /*
4251      * Prepare copy of argv vector for target.
4252      */
4253     target_argc = argc - optind;
4254     target_argv = calloc(target_argc + 1, sizeof (char *));
4255     if (target_argv == NULL) {
4256 	(void) fprintf(stderr, "Unable to allocate memory for target_argv\n");
4257 	exit(EXIT_FAILURE);
4258     }
4259 
4260     /*
4261      * If argv0 is specified (using '-0' switch) we replace
4262      * argv[0] pointer with the given one.
4263      */
4264     i = 0;
4265     if (argv0 != NULL) {
4266         target_argv[i++] = strdup(argv0);
4267     }
4268     for (; i < target_argc; i++) {
4269         target_argv[i] = strdup(argv[optind + i]);
4270     }
4271     target_argv[target_argc] = NULL;
4272 
4273     ts = g_new0(TaskState, 1);
4274     init_task_state(ts);
4275     /* build Task State */
4276     ts->info = info;
4277     ts->bprm = &bprm;
4278     cpu->opaque = ts;
4279     task_settid(ts);
4280 
4281     execfd = qemu_getauxval(AT_EXECFD);
4282     if (execfd == 0) {
4283         execfd = open(filename, O_RDONLY);
4284         if (execfd < 0) {
4285             printf("Error while loading %s: %s\n", filename, strerror(errno));
4286             _exit(EXIT_FAILURE);
4287         }
4288     }
4289 
4290     ret = loader_exec(execfd, filename, target_argv, target_environ, regs,
4291         info, &bprm);
4292     if (ret != 0) {
4293         printf("Error while loading %s: %s\n", filename, strerror(-ret));
4294         _exit(EXIT_FAILURE);
4295     }
4296 
4297     for (wrk = target_environ; *wrk; wrk++) {
4298         free(*wrk);
4299     }
4300 
4301     free(target_environ);
4302 
4303     if (qemu_log_enabled()) {
4304         qemu_log("guest_base  0x%lx\n", guest_base);
4305         log_page_dump();
4306 
4307         qemu_log("start_brk   0x" TARGET_ABI_FMT_lx "\n", info->start_brk);
4308         qemu_log("end_code    0x" TARGET_ABI_FMT_lx "\n", info->end_code);
4309         qemu_log("start_code  0x" TARGET_ABI_FMT_lx "\n",
4310                  info->start_code);
4311         qemu_log("start_data  0x" TARGET_ABI_FMT_lx "\n",
4312                  info->start_data);
4313         qemu_log("end_data    0x" TARGET_ABI_FMT_lx "\n", info->end_data);
4314         qemu_log("start_stack 0x" TARGET_ABI_FMT_lx "\n",
4315                  info->start_stack);
4316         qemu_log("brk         0x" TARGET_ABI_FMT_lx "\n", info->brk);
4317         qemu_log("entry       0x" TARGET_ABI_FMT_lx "\n", info->entry);
4318     }
4319 
4320     target_set_brk(info->brk);
4321     syscall_init();
4322     signal_init();
4323 
4324     /* Now that we've loaded the binary, GUEST_BASE is fixed.  Delay
4325        generating the prologue until now so that the prologue can take
4326        the real value of GUEST_BASE into account.  */
4327     tcg_prologue_init(&tcg_ctx);
4328 
4329 #if defined(TARGET_I386)
4330     env->cr[0] = CR0_PG_MASK | CR0_WP_MASK | CR0_PE_MASK;
4331     env->hflags |= HF_PE_MASK | HF_CPL_MASK;
4332     if (env->features[FEAT_1_EDX] & CPUID_SSE) {
4333         env->cr[4] |= CR4_OSFXSR_MASK;
4334         env->hflags |= HF_OSFXSR_MASK;
4335     }
4336 #ifndef TARGET_ABI32
4337     /* enable 64 bit mode if possible */
4338     if (!(env->features[FEAT_8000_0001_EDX] & CPUID_EXT2_LM)) {
4339         fprintf(stderr, "The selected x86 CPU does not support 64 bit mode\n");
4340         exit(EXIT_FAILURE);
4341     }
4342     env->cr[4] |= CR4_PAE_MASK;
4343     env->efer |= MSR_EFER_LMA | MSR_EFER_LME;
4344     env->hflags |= HF_LMA_MASK;
4345 #endif
4346 
4347     /* flags setup : we activate the IRQs by default as in user mode */
4348     env->eflags |= IF_MASK;
4349 
4350     /* linux register setup */
4351 #ifndef TARGET_ABI32
4352     env->regs[R_EAX] = regs->rax;
4353     env->regs[R_EBX] = regs->rbx;
4354     env->regs[R_ECX] = regs->rcx;
4355     env->regs[R_EDX] = regs->rdx;
4356     env->regs[R_ESI] = regs->rsi;
4357     env->regs[R_EDI] = regs->rdi;
4358     env->regs[R_EBP] = regs->rbp;
4359     env->regs[R_ESP] = regs->rsp;
4360     env->eip = regs->rip;
4361 #else
4362     env->regs[R_EAX] = regs->eax;
4363     env->regs[R_EBX] = regs->ebx;
4364     env->regs[R_ECX] = regs->ecx;
4365     env->regs[R_EDX] = regs->edx;
4366     env->regs[R_ESI] = regs->esi;
4367     env->regs[R_EDI] = regs->edi;
4368     env->regs[R_EBP] = regs->ebp;
4369     env->regs[R_ESP] = regs->esp;
4370     env->eip = regs->eip;
4371 #endif
4372 
4373     /* linux interrupt setup */
4374 #ifndef TARGET_ABI32
4375     env->idt.limit = 511;
4376 #else
4377     env->idt.limit = 255;
4378 #endif
4379     env->idt.base = target_mmap(0, sizeof(uint64_t) * (env->idt.limit + 1),
4380                                 PROT_READ|PROT_WRITE,
4381                                 MAP_ANONYMOUS|MAP_PRIVATE, -1, 0);
4382     idt_table = g2h(env->idt.base);
4383     set_idt(0, 0);
4384     set_idt(1, 0);
4385     set_idt(2, 0);
4386     set_idt(3, 3);
4387     set_idt(4, 3);
4388     set_idt(5, 0);
4389     set_idt(6, 0);
4390     set_idt(7, 0);
4391     set_idt(8, 0);
4392     set_idt(9, 0);
4393     set_idt(10, 0);
4394     set_idt(11, 0);
4395     set_idt(12, 0);
4396     set_idt(13, 0);
4397     set_idt(14, 0);
4398     set_idt(15, 0);
4399     set_idt(16, 0);
4400     set_idt(17, 0);
4401     set_idt(18, 0);
4402     set_idt(19, 0);
4403     set_idt(0x80, 3);
4404 
4405     /* linux segment setup */
4406     {
4407         uint64_t *gdt_table;
4408         env->gdt.base = target_mmap(0, sizeof(uint64_t) * TARGET_GDT_ENTRIES,
4409                                     PROT_READ|PROT_WRITE,
4410                                     MAP_ANONYMOUS|MAP_PRIVATE, -1, 0);
4411         env->gdt.limit = sizeof(uint64_t) * TARGET_GDT_ENTRIES - 1;
4412         gdt_table = g2h(env->gdt.base);
4413 #ifdef TARGET_ABI32
4414         write_dt(&gdt_table[__USER_CS >> 3], 0, 0xfffff,
4415                  DESC_G_MASK | DESC_B_MASK | DESC_P_MASK | DESC_S_MASK |
4416                  (3 << DESC_DPL_SHIFT) | (0xa << DESC_TYPE_SHIFT));
4417 #else
4418         /* 64 bit code segment */
4419         write_dt(&gdt_table[__USER_CS >> 3], 0, 0xfffff,
4420                  DESC_G_MASK | DESC_B_MASK | DESC_P_MASK | DESC_S_MASK |
4421                  DESC_L_MASK |
4422                  (3 << DESC_DPL_SHIFT) | (0xa << DESC_TYPE_SHIFT));
4423 #endif
4424         write_dt(&gdt_table[__USER_DS >> 3], 0, 0xfffff,
4425                  DESC_G_MASK | DESC_B_MASK | DESC_P_MASK | DESC_S_MASK |
4426                  (3 << DESC_DPL_SHIFT) | (0x2 << DESC_TYPE_SHIFT));
4427     }
4428     cpu_x86_load_seg(env, R_CS, __USER_CS);
4429     cpu_x86_load_seg(env, R_SS, __USER_DS);
4430 #ifdef TARGET_ABI32
4431     cpu_x86_load_seg(env, R_DS, __USER_DS);
4432     cpu_x86_load_seg(env, R_ES, __USER_DS);
4433     cpu_x86_load_seg(env, R_FS, __USER_DS);
4434     cpu_x86_load_seg(env, R_GS, __USER_DS);
4435     /* This hack makes Wine work... */
4436     env->segs[R_FS].selector = 0;
4437 #else
4438     cpu_x86_load_seg(env, R_DS, 0);
4439     cpu_x86_load_seg(env, R_ES, 0);
4440     cpu_x86_load_seg(env, R_FS, 0);
4441     cpu_x86_load_seg(env, R_GS, 0);
4442 #endif
4443 #elif defined(TARGET_AARCH64)
4444     {
4445         int i;
4446 
4447         if (!(arm_feature(env, ARM_FEATURE_AARCH64))) {
4448             fprintf(stderr,
4449                     "The selected ARM CPU does not support 64 bit mode\n");
4450             exit(EXIT_FAILURE);
4451         }
4452 
4453         for (i = 0; i < 31; i++) {
4454             env->xregs[i] = regs->regs[i];
4455         }
4456         env->pc = regs->pc;
4457         env->xregs[31] = regs->sp;
4458     }
4459 #elif defined(TARGET_ARM)
4460     {
4461         int i;
4462         cpsr_write(env, regs->uregs[16], 0xffffffff);
4463         for(i = 0; i < 16; i++) {
4464             env->regs[i] = regs->uregs[i];
4465         }
4466         /* Enable BE8.  */
4467         if (EF_ARM_EABI_VERSION(info->elf_flags) >= EF_ARM_EABI_VER4
4468             && (info->elf_flags & EF_ARM_BE8)) {
4469             env->bswap_code = 1;
4470         }
4471     }
4472 #elif defined(TARGET_UNICORE32)
4473     {
4474         int i;
4475         cpu_asr_write(env, regs->uregs[32], 0xffffffff);
4476         for (i = 0; i < 32; i++) {
4477             env->regs[i] = regs->uregs[i];
4478         }
4479     }
4480 #elif defined(TARGET_SPARC)
4481     {
4482         int i;
4483 	env->pc = regs->pc;
4484 	env->npc = regs->npc;
4485         env->y = regs->y;
4486         for(i = 0; i < 8; i++)
4487             env->gregs[i] = regs->u_regs[i];
4488         for(i = 0; i < 8; i++)
4489             env->regwptr[i] = regs->u_regs[i + 8];
4490     }
4491 #elif defined(TARGET_PPC)
4492     {
4493         int i;
4494 
4495 #if defined(TARGET_PPC64)
4496 #if defined(TARGET_ABI32)
4497         env->msr &= ~((target_ulong)1 << MSR_SF);
4498 #else
4499         env->msr |= (target_ulong)1 << MSR_SF;
4500 #endif
4501 #endif
4502         env->nip = regs->nip;
4503         for(i = 0; i < 32; i++) {
4504             env->gpr[i] = regs->gpr[i];
4505         }
4506     }
4507 #elif defined(TARGET_M68K)
4508     {
4509         env->pc = regs->pc;
4510         env->dregs[0] = regs->d0;
4511         env->dregs[1] = regs->d1;
4512         env->dregs[2] = regs->d2;
4513         env->dregs[3] = regs->d3;
4514         env->dregs[4] = regs->d4;
4515         env->dregs[5] = regs->d5;
4516         env->dregs[6] = regs->d6;
4517         env->dregs[7] = regs->d7;
4518         env->aregs[0] = regs->a0;
4519         env->aregs[1] = regs->a1;
4520         env->aregs[2] = regs->a2;
4521         env->aregs[3] = regs->a3;
4522         env->aregs[4] = regs->a4;
4523         env->aregs[5] = regs->a5;
4524         env->aregs[6] = regs->a6;
4525         env->aregs[7] = regs->usp;
4526         env->sr = regs->sr;
4527         ts->sim_syscalls = 1;
4528     }
4529 #elif defined(TARGET_MICROBLAZE)
4530     {
4531         env->regs[0] = regs->r0;
4532         env->regs[1] = regs->r1;
4533         env->regs[2] = regs->r2;
4534         env->regs[3] = regs->r3;
4535         env->regs[4] = regs->r4;
4536         env->regs[5] = regs->r5;
4537         env->regs[6] = regs->r6;
4538         env->regs[7] = regs->r7;
4539         env->regs[8] = regs->r8;
4540         env->regs[9] = regs->r9;
4541         env->regs[10] = regs->r10;
4542         env->regs[11] = regs->r11;
4543         env->regs[12] = regs->r12;
4544         env->regs[13] = regs->r13;
4545         env->regs[14] = regs->r14;
4546         env->regs[15] = regs->r15;
4547         env->regs[16] = regs->r16;
4548         env->regs[17] = regs->r17;
4549         env->regs[18] = regs->r18;
4550         env->regs[19] = regs->r19;
4551         env->regs[20] = regs->r20;
4552         env->regs[21] = regs->r21;
4553         env->regs[22] = regs->r22;
4554         env->regs[23] = regs->r23;
4555         env->regs[24] = regs->r24;
4556         env->regs[25] = regs->r25;
4557         env->regs[26] = regs->r26;
4558         env->regs[27] = regs->r27;
4559         env->regs[28] = regs->r28;
4560         env->regs[29] = regs->r29;
4561         env->regs[30] = regs->r30;
4562         env->regs[31] = regs->r31;
4563         env->sregs[SR_PC] = regs->pc;
4564     }
4565 #elif defined(TARGET_MIPS)
4566     {
4567         int i;
4568 
4569         for(i = 0; i < 32; i++) {
4570             env->active_tc.gpr[i] = regs->regs[i];
4571         }
4572         env->active_tc.PC = regs->cp0_epc & ~(target_ulong)1;
4573         if (regs->cp0_epc & 1) {
4574             env->hflags |= MIPS_HFLAG_M16;
4575         }
4576     }
4577 #elif defined(TARGET_OPENRISC)
4578     {
4579         int i;
4580 
4581         for (i = 0; i < 32; i++) {
4582             env->gpr[i] = regs->gpr[i];
4583         }
4584 
4585         env->sr = regs->sr;
4586         env->pc = regs->pc;
4587     }
4588 #elif defined(TARGET_SH4)
4589     {
4590         int i;
4591 
4592         for(i = 0; i < 16; i++) {
4593             env->gregs[i] = regs->regs[i];
4594         }
4595         env->pc = regs->pc;
4596     }
4597 #elif defined(TARGET_ALPHA)
4598     {
4599         int i;
4600 
4601         for(i = 0; i < 28; i++) {
4602             env->ir[i] = ((abi_ulong *)regs)[i];
4603         }
4604         env->ir[IR_SP] = regs->usp;
4605         env->pc = regs->pc;
4606     }
4607 #elif defined(TARGET_CRIS)
4608     {
4609 	    env->regs[0] = regs->r0;
4610 	    env->regs[1] = regs->r1;
4611 	    env->regs[2] = regs->r2;
4612 	    env->regs[3] = regs->r3;
4613 	    env->regs[4] = regs->r4;
4614 	    env->regs[5] = regs->r5;
4615 	    env->regs[6] = regs->r6;
4616 	    env->regs[7] = regs->r7;
4617 	    env->regs[8] = regs->r8;
4618 	    env->regs[9] = regs->r9;
4619 	    env->regs[10] = regs->r10;
4620 	    env->regs[11] = regs->r11;
4621 	    env->regs[12] = regs->r12;
4622 	    env->regs[13] = regs->r13;
4623 	    env->regs[14] = info->start_stack;
4624 	    env->regs[15] = regs->acr;
4625 	    env->pc = regs->erp;
4626     }
4627 #elif defined(TARGET_S390X)
4628     {
4629             int i;
4630             for (i = 0; i < 16; i++) {
4631                 env->regs[i] = regs->gprs[i];
4632             }
4633             env->psw.mask = regs->psw.mask;
4634             env->psw.addr = regs->psw.addr;
4635     }
4636 #elif defined(TARGET_TILEGX)
4637     {
4638         int i;
4639         for (i = 0; i < TILEGX_R_COUNT; i++) {
4640             env->regs[i] = regs->regs[i];
4641         }
4642         for (i = 0; i < TILEGX_SPR_COUNT; i++) {
4643             env->spregs[i] = 0;
4644         }
4645         env->pc = regs->pc;
4646     }
4647 #else
4648 #error unsupported target CPU
4649 #endif
4650 
4651 #if defined(TARGET_ARM) || defined(TARGET_M68K) || defined(TARGET_UNICORE32)
4652     ts->stack_base = info->start_stack;
4653     ts->heap_base = info->brk;
4654     /* This will be filled in on the first SYS_HEAPINFO call.  */
4655     ts->heap_limit = 0;
4656 #endif
4657 
4658     if (gdbstub_port) {
4659         if (gdbserver_start(gdbstub_port) < 0) {
4660             fprintf(stderr, "qemu: could not open gdbserver on port %d\n",
4661                     gdbstub_port);
4662             exit(EXIT_FAILURE);
4663         }
4664         gdb_handlesig(cpu, 0);
4665     }
4666     cpu_loop(env);
4667     /* never exits */
4668     return 0;
4669 }
4670