xref: /openbmc/qemu/linux-user/main.c (revision 5b24c641)
1 /*
2  *  qemu user main
3  *
4  *  Copyright (c) 2003-2008 Fabrice Bellard
5  *
6  *  This program is free software; you can redistribute it and/or modify
7  *  it under the terms of the GNU General Public License as published by
8  *  the Free Software Foundation; either version 2 of the License, or
9  *  (at your option) any later version.
10  *
11  *  This program is distributed in the hope that it will be useful,
12  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
13  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14  *  GNU General Public License for more details.
15  *
16  *  You should have received a copy of the GNU General Public License
17  *  along with this program; if not, see <http://www.gnu.org/licenses/>.
18  */
19 #include <stdlib.h>
20 #include <stdio.h>
21 #include <stdarg.h>
22 #include <string.h>
23 #include <errno.h>
24 #include <unistd.h>
25 #include <sys/mman.h>
26 #include <sys/syscall.h>
27 #include <sys/resource.h>
28 
29 #include "qemu.h"
30 #include "qemu-common.h"
31 #include "qemu/cache-utils.h"
32 #include "cpu.h"
33 #include "tcg.h"
34 #include "qemu/timer.h"
35 #include "qemu/envlist.h"
36 #include "elf.h"
37 
38 char *exec_path;
39 
40 int singlestep;
41 const char *filename;
42 const char *argv0;
43 int gdbstub_port;
44 envlist_t *envlist;
45 const char *cpu_model;
46 unsigned long mmap_min_addr;
47 #if defined(CONFIG_USE_GUEST_BASE)
48 unsigned long guest_base;
49 int have_guest_base;
50 #if (TARGET_LONG_BITS == 32) && (HOST_LONG_BITS == 64)
51 /*
52  * When running 32-on-64 we should make sure we can fit all of the possible
53  * guest address space into a contiguous chunk of virtual host memory.
54  *
55  * This way we will never overlap with our own libraries or binaries or stack
56  * or anything else that QEMU maps.
57  */
58 # ifdef TARGET_MIPS
59 /* MIPS only supports 31 bits of virtual address space for user space */
60 unsigned long reserved_va = 0x77000000;
61 # else
62 unsigned long reserved_va = 0xf7000000;
63 # endif
64 #else
65 unsigned long reserved_va;
66 #endif
67 #endif
68 
69 static void usage(void);
70 
71 static const char *interp_prefix = CONFIG_QEMU_INTERP_PREFIX;
72 const char *qemu_uname_release = CONFIG_UNAME_RELEASE;
73 
74 /* XXX: on x86 MAP_GROWSDOWN only works if ESP <= address + 32, so
75    we allocate a bigger stack. Need a better solution, for example
76    by remapping the process stack directly at the right place */
77 unsigned long guest_stack_size = 8 * 1024 * 1024UL;
78 
79 void gemu_log(const char *fmt, ...)
80 {
81     va_list ap;
82 
83     va_start(ap, fmt);
84     vfprintf(stderr, fmt, ap);
85     va_end(ap);
86 }
87 
88 #if defined(TARGET_I386)
89 int cpu_get_pic_interrupt(CPUX86State *env)
90 {
91     return -1;
92 }
93 #endif
94 
95 /***********************************************************/
96 /* Helper routines for implementing atomic operations.  */
97 
98 /* To implement exclusive operations we force all cpus to syncronise.
99    We don't require a full sync, only that no cpus are executing guest code.
100    The alternative is to map target atomic ops onto host equivalents,
101    which requires quite a lot of per host/target work.  */
102 static pthread_mutex_t cpu_list_mutex = PTHREAD_MUTEX_INITIALIZER;
103 static pthread_mutex_t exclusive_lock = PTHREAD_MUTEX_INITIALIZER;
104 static pthread_cond_t exclusive_cond = PTHREAD_COND_INITIALIZER;
105 static pthread_cond_t exclusive_resume = PTHREAD_COND_INITIALIZER;
106 static int pending_cpus;
107 
108 /* Make sure everything is in a consistent state for calling fork().  */
109 void fork_start(void)
110 {
111     pthread_mutex_lock(&tcg_ctx.tb_ctx.tb_lock);
112     pthread_mutex_lock(&exclusive_lock);
113     mmap_fork_start();
114 }
115 
116 void fork_end(int child)
117 {
118     mmap_fork_end(child);
119     if (child) {
120         /* Child processes created by fork() only have a single thread.
121            Discard information about the parent threads.  */
122         first_cpu = thread_cpu;
123         first_cpu->next_cpu = NULL;
124         pending_cpus = 0;
125         pthread_mutex_init(&exclusive_lock, NULL);
126         pthread_mutex_init(&cpu_list_mutex, NULL);
127         pthread_cond_init(&exclusive_cond, NULL);
128         pthread_cond_init(&exclusive_resume, NULL);
129         pthread_mutex_init(&tcg_ctx.tb_ctx.tb_lock, NULL);
130         gdbserver_fork((CPUArchState *)thread_cpu->env_ptr);
131     } else {
132         pthread_mutex_unlock(&exclusive_lock);
133         pthread_mutex_unlock(&tcg_ctx.tb_ctx.tb_lock);
134     }
135 }
136 
137 /* Wait for pending exclusive operations to complete.  The exclusive lock
138    must be held.  */
139 static inline void exclusive_idle(void)
140 {
141     while (pending_cpus) {
142         pthread_cond_wait(&exclusive_resume, &exclusive_lock);
143     }
144 }
145 
146 /* Start an exclusive operation.
147    Must only be called from outside cpu_arm_exec.   */
148 static inline void start_exclusive(void)
149 {
150     CPUState *other_cpu;
151 
152     pthread_mutex_lock(&exclusive_lock);
153     exclusive_idle();
154 
155     pending_cpus = 1;
156     /* Make all other cpus stop executing.  */
157     for (other_cpu = first_cpu; other_cpu; other_cpu = other_cpu->next_cpu) {
158         if (other_cpu->running) {
159             pending_cpus++;
160             cpu_exit(other_cpu);
161         }
162     }
163     if (pending_cpus > 1) {
164         pthread_cond_wait(&exclusive_cond, &exclusive_lock);
165     }
166 }
167 
168 /* Finish an exclusive operation.  */
169 static inline void end_exclusive(void)
170 {
171     pending_cpus = 0;
172     pthread_cond_broadcast(&exclusive_resume);
173     pthread_mutex_unlock(&exclusive_lock);
174 }
175 
176 /* Wait for exclusive ops to finish, and begin cpu execution.  */
177 static inline void cpu_exec_start(CPUState *cpu)
178 {
179     pthread_mutex_lock(&exclusive_lock);
180     exclusive_idle();
181     cpu->running = true;
182     pthread_mutex_unlock(&exclusive_lock);
183 }
184 
185 /* Mark cpu as not executing, and release pending exclusive ops.  */
186 static inline void cpu_exec_end(CPUState *cpu)
187 {
188     pthread_mutex_lock(&exclusive_lock);
189     cpu->running = false;
190     if (pending_cpus > 1) {
191         pending_cpus--;
192         if (pending_cpus == 1) {
193             pthread_cond_signal(&exclusive_cond);
194         }
195     }
196     exclusive_idle();
197     pthread_mutex_unlock(&exclusive_lock);
198 }
199 
200 void cpu_list_lock(void)
201 {
202     pthread_mutex_lock(&cpu_list_mutex);
203 }
204 
205 void cpu_list_unlock(void)
206 {
207     pthread_mutex_unlock(&cpu_list_mutex);
208 }
209 
210 
211 #ifdef TARGET_I386
212 /***********************************************************/
213 /* CPUX86 core interface */
214 
215 void cpu_smm_update(CPUX86State *env)
216 {
217 }
218 
219 uint64_t cpu_get_tsc(CPUX86State *env)
220 {
221     return cpu_get_real_ticks();
222 }
223 
224 static void write_dt(void *ptr, unsigned long addr, unsigned long limit,
225                      int flags)
226 {
227     unsigned int e1, e2;
228     uint32_t *p;
229     e1 = (addr << 16) | (limit & 0xffff);
230     e2 = ((addr >> 16) & 0xff) | (addr & 0xff000000) | (limit & 0x000f0000);
231     e2 |= flags;
232     p = ptr;
233     p[0] = tswap32(e1);
234     p[1] = tswap32(e2);
235 }
236 
237 static uint64_t *idt_table;
238 #ifdef TARGET_X86_64
239 static void set_gate64(void *ptr, unsigned int type, unsigned int dpl,
240                        uint64_t addr, unsigned int sel)
241 {
242     uint32_t *p, e1, e2;
243     e1 = (addr & 0xffff) | (sel << 16);
244     e2 = (addr & 0xffff0000) | 0x8000 | (dpl << 13) | (type << 8);
245     p = ptr;
246     p[0] = tswap32(e1);
247     p[1] = tswap32(e2);
248     p[2] = tswap32(addr >> 32);
249     p[3] = 0;
250 }
251 /* only dpl matters as we do only user space emulation */
252 static void set_idt(int n, unsigned int dpl)
253 {
254     set_gate64(idt_table + n * 2, 0, dpl, 0, 0);
255 }
256 #else
257 static void set_gate(void *ptr, unsigned int type, unsigned int dpl,
258                      uint32_t addr, unsigned int sel)
259 {
260     uint32_t *p, e1, e2;
261     e1 = (addr & 0xffff) | (sel << 16);
262     e2 = (addr & 0xffff0000) | 0x8000 | (dpl << 13) | (type << 8);
263     p = ptr;
264     p[0] = tswap32(e1);
265     p[1] = tswap32(e2);
266 }
267 
268 /* only dpl matters as we do only user space emulation */
269 static void set_idt(int n, unsigned int dpl)
270 {
271     set_gate(idt_table + n, 0, dpl, 0, 0);
272 }
273 #endif
274 
275 void cpu_loop(CPUX86State *env)
276 {
277     CPUState *cs = CPU(x86_env_get_cpu(env));
278     int trapnr;
279     abi_ulong pc;
280     target_siginfo_t info;
281 
282     for(;;) {
283         trapnr = cpu_x86_exec(env);
284         switch(trapnr) {
285         case 0x80:
286             /* linux syscall from int $0x80 */
287             env->regs[R_EAX] = do_syscall(env,
288                                           env->regs[R_EAX],
289                                           env->regs[R_EBX],
290                                           env->regs[R_ECX],
291                                           env->regs[R_EDX],
292                                           env->regs[R_ESI],
293                                           env->regs[R_EDI],
294                                           env->regs[R_EBP],
295                                           0, 0);
296             break;
297 #ifndef TARGET_ABI32
298         case EXCP_SYSCALL:
299             /* linux syscall from syscall instruction */
300             env->regs[R_EAX] = do_syscall(env,
301                                           env->regs[R_EAX],
302                                           env->regs[R_EDI],
303                                           env->regs[R_ESI],
304                                           env->regs[R_EDX],
305                                           env->regs[10],
306                                           env->regs[8],
307                                           env->regs[9],
308                                           0, 0);
309             env->eip = env->exception_next_eip;
310             break;
311 #endif
312         case EXCP0B_NOSEG:
313         case EXCP0C_STACK:
314             info.si_signo = SIGBUS;
315             info.si_errno = 0;
316             info.si_code = TARGET_SI_KERNEL;
317             info._sifields._sigfault._addr = 0;
318             queue_signal(env, info.si_signo, &info);
319             break;
320         case EXCP0D_GPF:
321             /* XXX: potential problem if ABI32 */
322 #ifndef TARGET_X86_64
323             if (env->eflags & VM_MASK) {
324                 handle_vm86_fault(env);
325             } else
326 #endif
327             {
328                 info.si_signo = SIGSEGV;
329                 info.si_errno = 0;
330                 info.si_code = TARGET_SI_KERNEL;
331                 info._sifields._sigfault._addr = 0;
332                 queue_signal(env, info.si_signo, &info);
333             }
334             break;
335         case EXCP0E_PAGE:
336             info.si_signo = SIGSEGV;
337             info.si_errno = 0;
338             if (!(env->error_code & 1))
339                 info.si_code = TARGET_SEGV_MAPERR;
340             else
341                 info.si_code = TARGET_SEGV_ACCERR;
342             info._sifields._sigfault._addr = env->cr[2];
343             queue_signal(env, info.si_signo, &info);
344             break;
345         case EXCP00_DIVZ:
346 #ifndef TARGET_X86_64
347             if (env->eflags & VM_MASK) {
348                 handle_vm86_trap(env, trapnr);
349             } else
350 #endif
351             {
352                 /* division by zero */
353                 info.si_signo = SIGFPE;
354                 info.si_errno = 0;
355                 info.si_code = TARGET_FPE_INTDIV;
356                 info._sifields._sigfault._addr = env->eip;
357                 queue_signal(env, info.si_signo, &info);
358             }
359             break;
360         case EXCP01_DB:
361         case EXCP03_INT3:
362 #ifndef TARGET_X86_64
363             if (env->eflags & VM_MASK) {
364                 handle_vm86_trap(env, trapnr);
365             } else
366 #endif
367             {
368                 info.si_signo = SIGTRAP;
369                 info.si_errno = 0;
370                 if (trapnr == EXCP01_DB) {
371                     info.si_code = TARGET_TRAP_BRKPT;
372                     info._sifields._sigfault._addr = env->eip;
373                 } else {
374                     info.si_code = TARGET_SI_KERNEL;
375                     info._sifields._sigfault._addr = 0;
376                 }
377                 queue_signal(env, info.si_signo, &info);
378             }
379             break;
380         case EXCP04_INTO:
381         case EXCP05_BOUND:
382 #ifndef TARGET_X86_64
383             if (env->eflags & VM_MASK) {
384                 handle_vm86_trap(env, trapnr);
385             } else
386 #endif
387             {
388                 info.si_signo = SIGSEGV;
389                 info.si_errno = 0;
390                 info.si_code = TARGET_SI_KERNEL;
391                 info._sifields._sigfault._addr = 0;
392                 queue_signal(env, info.si_signo, &info);
393             }
394             break;
395         case EXCP06_ILLOP:
396             info.si_signo = SIGILL;
397             info.si_errno = 0;
398             info.si_code = TARGET_ILL_ILLOPN;
399             info._sifields._sigfault._addr = env->eip;
400             queue_signal(env, info.si_signo, &info);
401             break;
402         case EXCP_INTERRUPT:
403             /* just indicate that signals should be handled asap */
404             break;
405         case EXCP_DEBUG:
406             {
407                 int sig;
408 
409                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
410                 if (sig)
411                   {
412                     info.si_signo = sig;
413                     info.si_errno = 0;
414                     info.si_code = TARGET_TRAP_BRKPT;
415                     queue_signal(env, info.si_signo, &info);
416                   }
417             }
418             break;
419         default:
420             pc = env->segs[R_CS].base + env->eip;
421             fprintf(stderr, "qemu: 0x%08lx: unhandled CPU exception 0x%x - aborting\n",
422                     (long)pc, trapnr);
423             abort();
424         }
425         process_pending_signals(env);
426     }
427 }
428 #endif
429 
430 #ifdef TARGET_ARM
431 
432 #define get_user_code_u32(x, gaddr, doswap)             \
433     ({ abi_long __r = get_user_u32((x), (gaddr));       \
434         if (!__r && (doswap)) {                         \
435             (x) = bswap32(x);                           \
436         }                                               \
437         __r;                                            \
438     })
439 
440 #define get_user_code_u16(x, gaddr, doswap)             \
441     ({ abi_long __r = get_user_u16((x), (gaddr));       \
442         if (!__r && (doswap)) {                         \
443             (x) = bswap16(x);                           \
444         }                                               \
445         __r;                                            \
446     })
447 
448 /*
449  * See the Linux kernel's Documentation/arm/kernel_user_helpers.txt
450  * Input:
451  * r0 = pointer to oldval
452  * r1 = pointer to newval
453  * r2 = pointer to target value
454  *
455  * Output:
456  * r0 = 0 if *ptr was changed, non-0 if no exchange happened
457  * C set if *ptr was changed, clear if no exchange happened
458  *
459  * Note segv's in kernel helpers are a bit tricky, we can set the
460  * data address sensibly but the PC address is just the entry point.
461  */
462 static void arm_kernel_cmpxchg64_helper(CPUARMState *env)
463 {
464     uint64_t oldval, newval, val;
465     uint32_t addr, cpsr;
466     target_siginfo_t info;
467 
468     /* Based on the 32 bit code in do_kernel_trap */
469 
470     /* XXX: This only works between threads, not between processes.
471        It's probably possible to implement this with native host
472        operations. However things like ldrex/strex are much harder so
473        there's not much point trying.  */
474     start_exclusive();
475     cpsr = cpsr_read(env);
476     addr = env->regs[2];
477 
478     if (get_user_u64(oldval, env->regs[0])) {
479         env->cp15.c6_data = env->regs[0];
480         goto segv;
481     };
482 
483     if (get_user_u64(newval, env->regs[1])) {
484         env->cp15.c6_data = env->regs[1];
485         goto segv;
486     };
487 
488     if (get_user_u64(val, addr)) {
489         env->cp15.c6_data = addr;
490         goto segv;
491     }
492 
493     if (val == oldval) {
494         val = newval;
495 
496         if (put_user_u64(val, addr)) {
497             env->cp15.c6_data = addr;
498             goto segv;
499         };
500 
501         env->regs[0] = 0;
502         cpsr |= CPSR_C;
503     } else {
504         env->regs[0] = -1;
505         cpsr &= ~CPSR_C;
506     }
507     cpsr_write(env, cpsr, CPSR_C);
508     end_exclusive();
509     return;
510 
511 segv:
512     end_exclusive();
513     /* We get the PC of the entry address - which is as good as anything,
514        on a real kernel what you get depends on which mode it uses. */
515     info.si_signo = SIGSEGV;
516     info.si_errno = 0;
517     /* XXX: check env->error_code */
518     info.si_code = TARGET_SEGV_MAPERR;
519     info._sifields._sigfault._addr = env->cp15.c6_data;
520     queue_signal(env, info.si_signo, &info);
521 
522     end_exclusive();
523 }
524 
525 /* Handle a jump to the kernel code page.  */
526 static int
527 do_kernel_trap(CPUARMState *env)
528 {
529     uint32_t addr;
530     uint32_t cpsr;
531     uint32_t val;
532 
533     switch (env->regs[15]) {
534     case 0xffff0fa0: /* __kernel_memory_barrier */
535         /* ??? No-op. Will need to do better for SMP.  */
536         break;
537     case 0xffff0fc0: /* __kernel_cmpxchg */
538          /* XXX: This only works between threads, not between processes.
539             It's probably possible to implement this with native host
540             operations. However things like ldrex/strex are much harder so
541             there's not much point trying.  */
542         start_exclusive();
543         cpsr = cpsr_read(env);
544         addr = env->regs[2];
545         /* FIXME: This should SEGV if the access fails.  */
546         if (get_user_u32(val, addr))
547             val = ~env->regs[0];
548         if (val == env->regs[0]) {
549             val = env->regs[1];
550             /* FIXME: Check for segfaults.  */
551             put_user_u32(val, addr);
552             env->regs[0] = 0;
553             cpsr |= CPSR_C;
554         } else {
555             env->regs[0] = -1;
556             cpsr &= ~CPSR_C;
557         }
558         cpsr_write(env, cpsr, CPSR_C);
559         end_exclusive();
560         break;
561     case 0xffff0fe0: /* __kernel_get_tls */
562         env->regs[0] = env->cp15.c13_tls2;
563         break;
564     case 0xffff0f60: /* __kernel_cmpxchg64 */
565         arm_kernel_cmpxchg64_helper(env);
566         break;
567 
568     default:
569         return 1;
570     }
571     /* Jump back to the caller.  */
572     addr = env->regs[14];
573     if (addr & 1) {
574         env->thumb = 1;
575         addr &= ~1;
576     }
577     env->regs[15] = addr;
578 
579     return 0;
580 }
581 
582 static int do_strex(CPUARMState *env)
583 {
584     uint32_t val;
585     int size;
586     int rc = 1;
587     int segv = 0;
588     uint32_t addr;
589     start_exclusive();
590     addr = env->exclusive_addr;
591     if (addr != env->exclusive_test) {
592         goto fail;
593     }
594     size = env->exclusive_info & 0xf;
595     switch (size) {
596     case 0:
597         segv = get_user_u8(val, addr);
598         break;
599     case 1:
600         segv = get_user_u16(val, addr);
601         break;
602     case 2:
603     case 3:
604         segv = get_user_u32(val, addr);
605         break;
606     default:
607         abort();
608     }
609     if (segv) {
610         env->cp15.c6_data = addr;
611         goto done;
612     }
613     if (val != env->exclusive_val) {
614         goto fail;
615     }
616     if (size == 3) {
617         segv = get_user_u32(val, addr + 4);
618         if (segv) {
619             env->cp15.c6_data = addr + 4;
620             goto done;
621         }
622         if (val != env->exclusive_high) {
623             goto fail;
624         }
625     }
626     val = env->regs[(env->exclusive_info >> 8) & 0xf];
627     switch (size) {
628     case 0:
629         segv = put_user_u8(val, addr);
630         break;
631     case 1:
632         segv = put_user_u16(val, addr);
633         break;
634     case 2:
635     case 3:
636         segv = put_user_u32(val, addr);
637         break;
638     }
639     if (segv) {
640         env->cp15.c6_data = addr;
641         goto done;
642     }
643     if (size == 3) {
644         val = env->regs[(env->exclusive_info >> 12) & 0xf];
645         segv = put_user_u32(val, addr + 4);
646         if (segv) {
647             env->cp15.c6_data = addr + 4;
648             goto done;
649         }
650     }
651     rc = 0;
652 fail:
653     env->regs[15] += 4;
654     env->regs[(env->exclusive_info >> 4) & 0xf] = rc;
655 done:
656     end_exclusive();
657     return segv;
658 }
659 
660 void cpu_loop(CPUARMState *env)
661 {
662     CPUState *cs = CPU(arm_env_get_cpu(env));
663     int trapnr;
664     unsigned int n, insn;
665     target_siginfo_t info;
666     uint32_t addr;
667 
668     for(;;) {
669         cpu_exec_start(cs);
670         trapnr = cpu_arm_exec(env);
671         cpu_exec_end(cs);
672         switch(trapnr) {
673         case EXCP_UDEF:
674             {
675                 TaskState *ts = env->opaque;
676                 uint32_t opcode;
677                 int rc;
678 
679                 /* we handle the FPU emulation here, as Linux */
680                 /* we get the opcode */
681                 /* FIXME - what to do if get_user() fails? */
682                 get_user_code_u32(opcode, env->regs[15], env->bswap_code);
683 
684                 rc = EmulateAll(opcode, &ts->fpa, env);
685                 if (rc == 0) { /* illegal instruction */
686                     info.si_signo = SIGILL;
687                     info.si_errno = 0;
688                     info.si_code = TARGET_ILL_ILLOPN;
689                     info._sifields._sigfault._addr = env->regs[15];
690                     queue_signal(env, info.si_signo, &info);
691                 } else if (rc < 0) { /* FP exception */
692                     int arm_fpe=0;
693 
694                     /* translate softfloat flags to FPSR flags */
695                     if (-rc & float_flag_invalid)
696                       arm_fpe |= BIT_IOC;
697                     if (-rc & float_flag_divbyzero)
698                       arm_fpe |= BIT_DZC;
699                     if (-rc & float_flag_overflow)
700                       arm_fpe |= BIT_OFC;
701                     if (-rc & float_flag_underflow)
702                       arm_fpe |= BIT_UFC;
703                     if (-rc & float_flag_inexact)
704                       arm_fpe |= BIT_IXC;
705 
706                     FPSR fpsr = ts->fpa.fpsr;
707                     //printf("fpsr 0x%x, arm_fpe 0x%x\n",fpsr,arm_fpe);
708 
709                     if (fpsr & (arm_fpe << 16)) { /* exception enabled? */
710                       info.si_signo = SIGFPE;
711                       info.si_errno = 0;
712 
713                       /* ordered by priority, least first */
714                       if (arm_fpe & BIT_IXC) info.si_code = TARGET_FPE_FLTRES;
715                       if (arm_fpe & BIT_UFC) info.si_code = TARGET_FPE_FLTUND;
716                       if (arm_fpe & BIT_OFC) info.si_code = TARGET_FPE_FLTOVF;
717                       if (arm_fpe & BIT_DZC) info.si_code = TARGET_FPE_FLTDIV;
718                       if (arm_fpe & BIT_IOC) info.si_code = TARGET_FPE_FLTINV;
719 
720                       info._sifields._sigfault._addr = env->regs[15];
721                       queue_signal(env, info.si_signo, &info);
722                     } else {
723                       env->regs[15] += 4;
724                     }
725 
726                     /* accumulate unenabled exceptions */
727                     if ((!(fpsr & BIT_IXE)) && (arm_fpe & BIT_IXC))
728                       fpsr |= BIT_IXC;
729                     if ((!(fpsr & BIT_UFE)) && (arm_fpe & BIT_UFC))
730                       fpsr |= BIT_UFC;
731                     if ((!(fpsr & BIT_OFE)) && (arm_fpe & BIT_OFC))
732                       fpsr |= BIT_OFC;
733                     if ((!(fpsr & BIT_DZE)) && (arm_fpe & BIT_DZC))
734                       fpsr |= BIT_DZC;
735                     if ((!(fpsr & BIT_IOE)) && (arm_fpe & BIT_IOC))
736                       fpsr |= BIT_IOC;
737                     ts->fpa.fpsr=fpsr;
738                 } else { /* everything OK */
739                     /* increment PC */
740                     env->regs[15] += 4;
741                 }
742             }
743             break;
744         case EXCP_SWI:
745         case EXCP_BKPT:
746             {
747                 env->eabi = 1;
748                 /* system call */
749                 if (trapnr == EXCP_BKPT) {
750                     if (env->thumb) {
751                         /* FIXME - what to do if get_user() fails? */
752                         get_user_code_u16(insn, env->regs[15], env->bswap_code);
753                         n = insn & 0xff;
754                         env->regs[15] += 2;
755                     } else {
756                         /* FIXME - what to do if get_user() fails? */
757                         get_user_code_u32(insn, env->regs[15], env->bswap_code);
758                         n = (insn & 0xf) | ((insn >> 4) & 0xff0);
759                         env->regs[15] += 4;
760                     }
761                 } else {
762                     if (env->thumb) {
763                         /* FIXME - what to do if get_user() fails? */
764                         get_user_code_u16(insn, env->regs[15] - 2,
765                                           env->bswap_code);
766                         n = insn & 0xff;
767                     } else {
768                         /* FIXME - what to do if get_user() fails? */
769                         get_user_code_u32(insn, env->regs[15] - 4,
770                                           env->bswap_code);
771                         n = insn & 0xffffff;
772                     }
773                 }
774 
775                 if (n == ARM_NR_cacheflush) {
776                     /* nop */
777                 } else if (n == ARM_NR_semihosting
778                            || n == ARM_NR_thumb_semihosting) {
779                     env->regs[0] = do_arm_semihosting (env);
780                 } else if (n == 0 || n >= ARM_SYSCALL_BASE || env->thumb) {
781                     /* linux syscall */
782                     if (env->thumb || n == 0) {
783                         n = env->regs[7];
784                     } else {
785                         n -= ARM_SYSCALL_BASE;
786                         env->eabi = 0;
787                     }
788                     if ( n > ARM_NR_BASE) {
789                         switch (n) {
790                         case ARM_NR_cacheflush:
791                             /* nop */
792                             break;
793                         case ARM_NR_set_tls:
794                             cpu_set_tls(env, env->regs[0]);
795                             env->regs[0] = 0;
796                             break;
797                         default:
798                             gemu_log("qemu: Unsupported ARM syscall: 0x%x\n",
799                                      n);
800                             env->regs[0] = -TARGET_ENOSYS;
801                             break;
802                         }
803                     } else {
804                         env->regs[0] = do_syscall(env,
805                                                   n,
806                                                   env->regs[0],
807                                                   env->regs[1],
808                                                   env->regs[2],
809                                                   env->regs[3],
810                                                   env->regs[4],
811                                                   env->regs[5],
812                                                   0, 0);
813                     }
814                 } else {
815                     goto error;
816                 }
817             }
818             break;
819         case EXCP_INTERRUPT:
820             /* just indicate that signals should be handled asap */
821             break;
822         case EXCP_PREFETCH_ABORT:
823             addr = env->cp15.c6_insn;
824             goto do_segv;
825         case EXCP_DATA_ABORT:
826             addr = env->cp15.c6_data;
827         do_segv:
828             {
829                 info.si_signo = SIGSEGV;
830                 info.si_errno = 0;
831                 /* XXX: check env->error_code */
832                 info.si_code = TARGET_SEGV_MAPERR;
833                 info._sifields._sigfault._addr = addr;
834                 queue_signal(env, info.si_signo, &info);
835             }
836             break;
837         case EXCP_DEBUG:
838             {
839                 int sig;
840 
841                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
842                 if (sig)
843                   {
844                     info.si_signo = sig;
845                     info.si_errno = 0;
846                     info.si_code = TARGET_TRAP_BRKPT;
847                     queue_signal(env, info.si_signo, &info);
848                   }
849             }
850             break;
851         case EXCP_KERNEL_TRAP:
852             if (do_kernel_trap(env))
853               goto error;
854             break;
855         case EXCP_STREX:
856             if (do_strex(env)) {
857                 addr = env->cp15.c6_data;
858                 goto do_segv;
859             }
860             break;
861         default:
862         error:
863             fprintf(stderr, "qemu: unhandled CPU exception 0x%x - aborting\n",
864                     trapnr);
865             cpu_dump_state(cs, stderr, fprintf, 0);
866             abort();
867         }
868         process_pending_signals(env);
869     }
870 }
871 
872 #endif
873 
874 #ifdef TARGET_UNICORE32
875 
876 void cpu_loop(CPUUniCore32State *env)
877 {
878     CPUState *cs = CPU(uc32_env_get_cpu(env));
879     int trapnr;
880     unsigned int n, insn;
881     target_siginfo_t info;
882 
883     for (;;) {
884         cpu_exec_start(cs);
885         trapnr = uc32_cpu_exec(env);
886         cpu_exec_end(cs);
887         switch (trapnr) {
888         case UC32_EXCP_PRIV:
889             {
890                 /* system call */
891                 get_user_u32(insn, env->regs[31] - 4);
892                 n = insn & 0xffffff;
893 
894                 if (n >= UC32_SYSCALL_BASE) {
895                     /* linux syscall */
896                     n -= UC32_SYSCALL_BASE;
897                     if (n == UC32_SYSCALL_NR_set_tls) {
898                             cpu_set_tls(env, env->regs[0]);
899                             env->regs[0] = 0;
900                     } else {
901                         env->regs[0] = do_syscall(env,
902                                                   n,
903                                                   env->regs[0],
904                                                   env->regs[1],
905                                                   env->regs[2],
906                                                   env->regs[3],
907                                                   env->regs[4],
908                                                   env->regs[5],
909                                                   0, 0);
910                     }
911                 } else {
912                     goto error;
913                 }
914             }
915             break;
916         case UC32_EXCP_DTRAP:
917         case UC32_EXCP_ITRAP:
918             info.si_signo = SIGSEGV;
919             info.si_errno = 0;
920             /* XXX: check env->error_code */
921             info.si_code = TARGET_SEGV_MAPERR;
922             info._sifields._sigfault._addr = env->cp0.c4_faultaddr;
923             queue_signal(env, info.si_signo, &info);
924             break;
925         case EXCP_INTERRUPT:
926             /* just indicate that signals should be handled asap */
927             break;
928         case EXCP_DEBUG:
929             {
930                 int sig;
931 
932                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
933                 if (sig) {
934                     info.si_signo = sig;
935                     info.si_errno = 0;
936                     info.si_code = TARGET_TRAP_BRKPT;
937                     queue_signal(env, info.si_signo, &info);
938                 }
939             }
940             break;
941         default:
942             goto error;
943         }
944         process_pending_signals(env);
945     }
946 
947 error:
948     fprintf(stderr, "qemu: unhandled CPU exception 0x%x - aborting\n", trapnr);
949     cpu_dump_state(cs, stderr, fprintf, 0);
950     abort();
951 }
952 #endif
953 
954 #ifdef TARGET_SPARC
955 #define SPARC64_STACK_BIAS 2047
956 
957 //#define DEBUG_WIN
958 
959 /* WARNING: dealing with register windows _is_ complicated. More info
960    can be found at http://www.sics.se/~psm/sparcstack.html */
961 static inline int get_reg_index(CPUSPARCState *env, int cwp, int index)
962 {
963     index = (index + cwp * 16) % (16 * env->nwindows);
964     /* wrap handling : if cwp is on the last window, then we use the
965        registers 'after' the end */
966     if (index < 8 && env->cwp == env->nwindows - 1)
967         index += 16 * env->nwindows;
968     return index;
969 }
970 
971 /* save the register window 'cwp1' */
972 static inline void save_window_offset(CPUSPARCState *env, int cwp1)
973 {
974     unsigned int i;
975     abi_ulong sp_ptr;
976 
977     sp_ptr = env->regbase[get_reg_index(env, cwp1, 6)];
978 #ifdef TARGET_SPARC64
979     if (sp_ptr & 3)
980         sp_ptr += SPARC64_STACK_BIAS;
981 #endif
982 #if defined(DEBUG_WIN)
983     printf("win_overflow: sp_ptr=0x" TARGET_ABI_FMT_lx " save_cwp=%d\n",
984            sp_ptr, cwp1);
985 #endif
986     for(i = 0; i < 16; i++) {
987         /* FIXME - what to do if put_user() fails? */
988         put_user_ual(env->regbase[get_reg_index(env, cwp1, 8 + i)], sp_ptr);
989         sp_ptr += sizeof(abi_ulong);
990     }
991 }
992 
993 static void save_window(CPUSPARCState *env)
994 {
995 #ifndef TARGET_SPARC64
996     unsigned int new_wim;
997     new_wim = ((env->wim >> 1) | (env->wim << (env->nwindows - 1))) &
998         ((1LL << env->nwindows) - 1);
999     save_window_offset(env, cpu_cwp_dec(env, env->cwp - 2));
1000     env->wim = new_wim;
1001 #else
1002     save_window_offset(env, cpu_cwp_dec(env, env->cwp - 2));
1003     env->cansave++;
1004     env->canrestore--;
1005 #endif
1006 }
1007 
1008 static void restore_window(CPUSPARCState *env)
1009 {
1010 #ifndef TARGET_SPARC64
1011     unsigned int new_wim;
1012 #endif
1013     unsigned int i, cwp1;
1014     abi_ulong sp_ptr;
1015 
1016 #ifndef TARGET_SPARC64
1017     new_wim = ((env->wim << 1) | (env->wim >> (env->nwindows - 1))) &
1018         ((1LL << env->nwindows) - 1);
1019 #endif
1020 
1021     /* restore the invalid window */
1022     cwp1 = cpu_cwp_inc(env, env->cwp + 1);
1023     sp_ptr = env->regbase[get_reg_index(env, cwp1, 6)];
1024 #ifdef TARGET_SPARC64
1025     if (sp_ptr & 3)
1026         sp_ptr += SPARC64_STACK_BIAS;
1027 #endif
1028 #if defined(DEBUG_WIN)
1029     printf("win_underflow: sp_ptr=0x" TARGET_ABI_FMT_lx " load_cwp=%d\n",
1030            sp_ptr, cwp1);
1031 #endif
1032     for(i = 0; i < 16; i++) {
1033         /* FIXME - what to do if get_user() fails? */
1034         get_user_ual(env->regbase[get_reg_index(env, cwp1, 8 + i)], sp_ptr);
1035         sp_ptr += sizeof(abi_ulong);
1036     }
1037 #ifdef TARGET_SPARC64
1038     env->canrestore++;
1039     if (env->cleanwin < env->nwindows - 1)
1040         env->cleanwin++;
1041     env->cansave--;
1042 #else
1043     env->wim = new_wim;
1044 #endif
1045 }
1046 
1047 static void flush_windows(CPUSPARCState *env)
1048 {
1049     int offset, cwp1;
1050 
1051     offset = 1;
1052     for(;;) {
1053         /* if restore would invoke restore_window(), then we can stop */
1054         cwp1 = cpu_cwp_inc(env, env->cwp + offset);
1055 #ifndef TARGET_SPARC64
1056         if (env->wim & (1 << cwp1))
1057             break;
1058 #else
1059         if (env->canrestore == 0)
1060             break;
1061         env->cansave++;
1062         env->canrestore--;
1063 #endif
1064         save_window_offset(env, cwp1);
1065         offset++;
1066     }
1067     cwp1 = cpu_cwp_inc(env, env->cwp + 1);
1068 #ifndef TARGET_SPARC64
1069     /* set wim so that restore will reload the registers */
1070     env->wim = 1 << cwp1;
1071 #endif
1072 #if defined(DEBUG_WIN)
1073     printf("flush_windows: nb=%d\n", offset - 1);
1074 #endif
1075 }
1076 
1077 void cpu_loop (CPUSPARCState *env)
1078 {
1079     CPUState *cs = CPU(sparc_env_get_cpu(env));
1080     int trapnr;
1081     abi_long ret;
1082     target_siginfo_t info;
1083 
1084     while (1) {
1085         trapnr = cpu_sparc_exec (env);
1086 
1087         /* Compute PSR before exposing state.  */
1088         if (env->cc_op != CC_OP_FLAGS) {
1089             cpu_get_psr(env);
1090         }
1091 
1092         switch (trapnr) {
1093 #ifndef TARGET_SPARC64
1094         case 0x88:
1095         case 0x90:
1096 #else
1097         case 0x110:
1098         case 0x16d:
1099 #endif
1100             ret = do_syscall (env, env->gregs[1],
1101                               env->regwptr[0], env->regwptr[1],
1102                               env->regwptr[2], env->regwptr[3],
1103                               env->regwptr[4], env->regwptr[5],
1104                               0, 0);
1105             if ((abi_ulong)ret >= (abi_ulong)(-515)) {
1106 #if defined(TARGET_SPARC64) && !defined(TARGET_ABI32)
1107                 env->xcc |= PSR_CARRY;
1108 #else
1109                 env->psr |= PSR_CARRY;
1110 #endif
1111                 ret = -ret;
1112             } else {
1113 #if defined(TARGET_SPARC64) && !defined(TARGET_ABI32)
1114                 env->xcc &= ~PSR_CARRY;
1115 #else
1116                 env->psr &= ~PSR_CARRY;
1117 #endif
1118             }
1119             env->regwptr[0] = ret;
1120             /* next instruction */
1121             env->pc = env->npc;
1122             env->npc = env->npc + 4;
1123             break;
1124         case 0x83: /* flush windows */
1125 #ifdef TARGET_ABI32
1126         case 0x103:
1127 #endif
1128             flush_windows(env);
1129             /* next instruction */
1130             env->pc = env->npc;
1131             env->npc = env->npc + 4;
1132             break;
1133 #ifndef TARGET_SPARC64
1134         case TT_WIN_OVF: /* window overflow */
1135             save_window(env);
1136             break;
1137         case TT_WIN_UNF: /* window underflow */
1138             restore_window(env);
1139             break;
1140         case TT_TFAULT:
1141         case TT_DFAULT:
1142             {
1143                 info.si_signo = TARGET_SIGSEGV;
1144                 info.si_errno = 0;
1145                 /* XXX: check env->error_code */
1146                 info.si_code = TARGET_SEGV_MAPERR;
1147                 info._sifields._sigfault._addr = env->mmuregs[4];
1148                 queue_signal(env, info.si_signo, &info);
1149             }
1150             break;
1151 #else
1152         case TT_SPILL: /* window overflow */
1153             save_window(env);
1154             break;
1155         case TT_FILL: /* window underflow */
1156             restore_window(env);
1157             break;
1158         case TT_TFAULT:
1159         case TT_DFAULT:
1160             {
1161                 info.si_signo = TARGET_SIGSEGV;
1162                 info.si_errno = 0;
1163                 /* XXX: check env->error_code */
1164                 info.si_code = TARGET_SEGV_MAPERR;
1165                 if (trapnr == TT_DFAULT)
1166                     info._sifields._sigfault._addr = env->dmmuregs[4];
1167                 else
1168                     info._sifields._sigfault._addr = cpu_tsptr(env)->tpc;
1169                 queue_signal(env, info.si_signo, &info);
1170             }
1171             break;
1172 #ifndef TARGET_ABI32
1173         case 0x16e:
1174             flush_windows(env);
1175             sparc64_get_context(env);
1176             break;
1177         case 0x16f:
1178             flush_windows(env);
1179             sparc64_set_context(env);
1180             break;
1181 #endif
1182 #endif
1183         case EXCP_INTERRUPT:
1184             /* just indicate that signals should be handled asap */
1185             break;
1186         case TT_ILL_INSN:
1187             {
1188                 info.si_signo = TARGET_SIGILL;
1189                 info.si_errno = 0;
1190                 info.si_code = TARGET_ILL_ILLOPC;
1191                 info._sifields._sigfault._addr = env->pc;
1192                 queue_signal(env, info.si_signo, &info);
1193             }
1194             break;
1195         case EXCP_DEBUG:
1196             {
1197                 int sig;
1198 
1199                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
1200                 if (sig)
1201                   {
1202                     info.si_signo = sig;
1203                     info.si_errno = 0;
1204                     info.si_code = TARGET_TRAP_BRKPT;
1205                     queue_signal(env, info.si_signo, &info);
1206                   }
1207             }
1208             break;
1209         default:
1210             printf ("Unhandled trap: 0x%x\n", trapnr);
1211             cpu_dump_state(cs, stderr, fprintf, 0);
1212             exit (1);
1213         }
1214         process_pending_signals (env);
1215     }
1216 }
1217 
1218 #endif
1219 
1220 #ifdef TARGET_PPC
1221 static inline uint64_t cpu_ppc_get_tb(CPUPPCState *env)
1222 {
1223     /* TO FIX */
1224     return 0;
1225 }
1226 
1227 uint64_t cpu_ppc_load_tbl(CPUPPCState *env)
1228 {
1229     return cpu_ppc_get_tb(env);
1230 }
1231 
1232 uint32_t cpu_ppc_load_tbu(CPUPPCState *env)
1233 {
1234     return cpu_ppc_get_tb(env) >> 32;
1235 }
1236 
1237 uint64_t cpu_ppc_load_atbl(CPUPPCState *env)
1238 {
1239     return cpu_ppc_get_tb(env);
1240 }
1241 
1242 uint32_t cpu_ppc_load_atbu(CPUPPCState *env)
1243 {
1244     return cpu_ppc_get_tb(env) >> 32;
1245 }
1246 
1247 uint32_t cpu_ppc601_load_rtcu(CPUPPCState *env)
1248 __attribute__ (( alias ("cpu_ppc_load_tbu") ));
1249 
1250 uint32_t cpu_ppc601_load_rtcl(CPUPPCState *env)
1251 {
1252     return cpu_ppc_load_tbl(env) & 0x3FFFFF80;
1253 }
1254 
1255 /* XXX: to be fixed */
1256 int ppc_dcr_read (ppc_dcr_t *dcr_env, int dcrn, uint32_t *valp)
1257 {
1258     return -1;
1259 }
1260 
1261 int ppc_dcr_write (ppc_dcr_t *dcr_env, int dcrn, uint32_t val)
1262 {
1263     return -1;
1264 }
1265 
1266 #define EXCP_DUMP(env, fmt, ...)                                        \
1267 do {                                                                    \
1268     CPUState *cs = ENV_GET_CPU(env);                                    \
1269     fprintf(stderr, fmt , ## __VA_ARGS__);                              \
1270     cpu_dump_state(cs, stderr, fprintf, 0);                             \
1271     qemu_log(fmt, ## __VA_ARGS__);                                      \
1272     if (qemu_log_enabled()) {                                           \
1273         log_cpu_state(cs, 0);                                           \
1274     }                                                                   \
1275 } while (0)
1276 
1277 static int do_store_exclusive(CPUPPCState *env)
1278 {
1279     target_ulong addr;
1280     target_ulong page_addr;
1281     target_ulong val;
1282     int flags;
1283     int segv = 0;
1284 
1285     addr = env->reserve_ea;
1286     page_addr = addr & TARGET_PAGE_MASK;
1287     start_exclusive();
1288     mmap_lock();
1289     flags = page_get_flags(page_addr);
1290     if ((flags & PAGE_READ) == 0) {
1291         segv = 1;
1292     } else {
1293         int reg = env->reserve_info & 0x1f;
1294         int size = (env->reserve_info >> 5) & 0xf;
1295         int stored = 0;
1296 
1297         if (addr == env->reserve_addr) {
1298             switch (size) {
1299             case 1: segv = get_user_u8(val, addr); break;
1300             case 2: segv = get_user_u16(val, addr); break;
1301             case 4: segv = get_user_u32(val, addr); break;
1302 #if defined(TARGET_PPC64)
1303             case 8: segv = get_user_u64(val, addr); break;
1304 #endif
1305             default: abort();
1306             }
1307             if (!segv && val == env->reserve_val) {
1308                 val = env->gpr[reg];
1309                 switch (size) {
1310                 case 1: segv = put_user_u8(val, addr); break;
1311                 case 2: segv = put_user_u16(val, addr); break;
1312                 case 4: segv = put_user_u32(val, addr); break;
1313 #if defined(TARGET_PPC64)
1314                 case 8: segv = put_user_u64(val, addr); break;
1315 #endif
1316                 default: abort();
1317                 }
1318                 if (!segv) {
1319                     stored = 1;
1320                 }
1321             }
1322         }
1323         env->crf[0] = (stored << 1) | xer_so;
1324         env->reserve_addr = (target_ulong)-1;
1325     }
1326     if (!segv) {
1327         env->nip += 4;
1328     }
1329     mmap_unlock();
1330     end_exclusive();
1331     return segv;
1332 }
1333 
1334 void cpu_loop(CPUPPCState *env)
1335 {
1336     CPUState *cs = CPU(ppc_env_get_cpu(env));
1337     target_siginfo_t info;
1338     int trapnr;
1339     target_ulong ret;
1340 
1341     for(;;) {
1342         cpu_exec_start(cs);
1343         trapnr = cpu_ppc_exec(env);
1344         cpu_exec_end(cs);
1345         switch(trapnr) {
1346         case POWERPC_EXCP_NONE:
1347             /* Just go on */
1348             break;
1349         case POWERPC_EXCP_CRITICAL: /* Critical input                        */
1350             cpu_abort(env, "Critical interrupt while in user mode. "
1351                       "Aborting\n");
1352             break;
1353         case POWERPC_EXCP_MCHECK:   /* Machine check exception               */
1354             cpu_abort(env, "Machine check exception while in user mode. "
1355                       "Aborting\n");
1356             break;
1357         case POWERPC_EXCP_DSI:      /* Data storage exception                */
1358             EXCP_DUMP(env, "Invalid data memory access: 0x" TARGET_FMT_lx "\n",
1359                       env->spr[SPR_DAR]);
1360             /* XXX: check this. Seems bugged */
1361             switch (env->error_code & 0xFF000000) {
1362             case 0x40000000:
1363                 info.si_signo = TARGET_SIGSEGV;
1364                 info.si_errno = 0;
1365                 info.si_code = TARGET_SEGV_MAPERR;
1366                 break;
1367             case 0x04000000:
1368                 info.si_signo = TARGET_SIGILL;
1369                 info.si_errno = 0;
1370                 info.si_code = TARGET_ILL_ILLADR;
1371                 break;
1372             case 0x08000000:
1373                 info.si_signo = TARGET_SIGSEGV;
1374                 info.si_errno = 0;
1375                 info.si_code = TARGET_SEGV_ACCERR;
1376                 break;
1377             default:
1378                 /* Let's send a regular segfault... */
1379                 EXCP_DUMP(env, "Invalid segfault errno (%02x)\n",
1380                           env->error_code);
1381                 info.si_signo = TARGET_SIGSEGV;
1382                 info.si_errno = 0;
1383                 info.si_code = TARGET_SEGV_MAPERR;
1384                 break;
1385             }
1386             info._sifields._sigfault._addr = env->nip;
1387             queue_signal(env, info.si_signo, &info);
1388             break;
1389         case POWERPC_EXCP_ISI:      /* Instruction storage exception         */
1390             EXCP_DUMP(env, "Invalid instruction fetch: 0x\n" TARGET_FMT_lx
1391                       "\n", env->spr[SPR_SRR0]);
1392             /* XXX: check this */
1393             switch (env->error_code & 0xFF000000) {
1394             case 0x40000000:
1395                 info.si_signo = TARGET_SIGSEGV;
1396             info.si_errno = 0;
1397                 info.si_code = TARGET_SEGV_MAPERR;
1398                 break;
1399             case 0x10000000:
1400             case 0x08000000:
1401                 info.si_signo = TARGET_SIGSEGV;
1402                 info.si_errno = 0;
1403                 info.si_code = TARGET_SEGV_ACCERR;
1404                 break;
1405             default:
1406                 /* Let's send a regular segfault... */
1407                 EXCP_DUMP(env, "Invalid segfault errno (%02x)\n",
1408                           env->error_code);
1409                 info.si_signo = TARGET_SIGSEGV;
1410                 info.si_errno = 0;
1411                 info.si_code = TARGET_SEGV_MAPERR;
1412                 break;
1413             }
1414             info._sifields._sigfault._addr = env->nip - 4;
1415             queue_signal(env, info.si_signo, &info);
1416             break;
1417         case POWERPC_EXCP_EXTERNAL: /* External input                        */
1418             cpu_abort(env, "External interrupt while in user mode. "
1419                       "Aborting\n");
1420             break;
1421         case POWERPC_EXCP_ALIGN:    /* Alignment exception                   */
1422             EXCP_DUMP(env, "Unaligned memory access\n");
1423             /* XXX: check this */
1424             info.si_signo = TARGET_SIGBUS;
1425             info.si_errno = 0;
1426             info.si_code = TARGET_BUS_ADRALN;
1427             info._sifields._sigfault._addr = env->nip - 4;
1428             queue_signal(env, info.si_signo, &info);
1429             break;
1430         case POWERPC_EXCP_PROGRAM:  /* Program exception                     */
1431             /* XXX: check this */
1432             switch (env->error_code & ~0xF) {
1433             case POWERPC_EXCP_FP:
1434                 EXCP_DUMP(env, "Floating point program exception\n");
1435                 info.si_signo = TARGET_SIGFPE;
1436                 info.si_errno = 0;
1437                 switch (env->error_code & 0xF) {
1438                 case POWERPC_EXCP_FP_OX:
1439                     info.si_code = TARGET_FPE_FLTOVF;
1440                     break;
1441                 case POWERPC_EXCP_FP_UX:
1442                     info.si_code = TARGET_FPE_FLTUND;
1443                     break;
1444                 case POWERPC_EXCP_FP_ZX:
1445                 case POWERPC_EXCP_FP_VXZDZ:
1446                     info.si_code = TARGET_FPE_FLTDIV;
1447                     break;
1448                 case POWERPC_EXCP_FP_XX:
1449                     info.si_code = TARGET_FPE_FLTRES;
1450                     break;
1451                 case POWERPC_EXCP_FP_VXSOFT:
1452                     info.si_code = TARGET_FPE_FLTINV;
1453                     break;
1454                 case POWERPC_EXCP_FP_VXSNAN:
1455                 case POWERPC_EXCP_FP_VXISI:
1456                 case POWERPC_EXCP_FP_VXIDI:
1457                 case POWERPC_EXCP_FP_VXIMZ:
1458                 case POWERPC_EXCP_FP_VXVC:
1459                 case POWERPC_EXCP_FP_VXSQRT:
1460                 case POWERPC_EXCP_FP_VXCVI:
1461                     info.si_code = TARGET_FPE_FLTSUB;
1462                     break;
1463                 default:
1464                     EXCP_DUMP(env, "Unknown floating point exception (%02x)\n",
1465                               env->error_code);
1466                     break;
1467                 }
1468                 break;
1469             case POWERPC_EXCP_INVAL:
1470                 EXCP_DUMP(env, "Invalid instruction\n");
1471                 info.si_signo = TARGET_SIGILL;
1472                 info.si_errno = 0;
1473                 switch (env->error_code & 0xF) {
1474                 case POWERPC_EXCP_INVAL_INVAL:
1475                     info.si_code = TARGET_ILL_ILLOPC;
1476                     break;
1477                 case POWERPC_EXCP_INVAL_LSWX:
1478                     info.si_code = TARGET_ILL_ILLOPN;
1479                     break;
1480                 case POWERPC_EXCP_INVAL_SPR:
1481                     info.si_code = TARGET_ILL_PRVREG;
1482                     break;
1483                 case POWERPC_EXCP_INVAL_FP:
1484                     info.si_code = TARGET_ILL_COPROC;
1485                     break;
1486                 default:
1487                     EXCP_DUMP(env, "Unknown invalid operation (%02x)\n",
1488                               env->error_code & 0xF);
1489                     info.si_code = TARGET_ILL_ILLADR;
1490                     break;
1491                 }
1492                 break;
1493             case POWERPC_EXCP_PRIV:
1494                 EXCP_DUMP(env, "Privilege violation\n");
1495                 info.si_signo = TARGET_SIGILL;
1496                 info.si_errno = 0;
1497                 switch (env->error_code & 0xF) {
1498                 case POWERPC_EXCP_PRIV_OPC:
1499                     info.si_code = TARGET_ILL_PRVOPC;
1500                     break;
1501                 case POWERPC_EXCP_PRIV_REG:
1502                     info.si_code = TARGET_ILL_PRVREG;
1503                     break;
1504                 default:
1505                     EXCP_DUMP(env, "Unknown privilege violation (%02x)\n",
1506                               env->error_code & 0xF);
1507                     info.si_code = TARGET_ILL_PRVOPC;
1508                     break;
1509                 }
1510                 break;
1511             case POWERPC_EXCP_TRAP:
1512                 cpu_abort(env, "Tried to call a TRAP\n");
1513                 break;
1514             default:
1515                 /* Should not happen ! */
1516                 cpu_abort(env, "Unknown program exception (%02x)\n",
1517                           env->error_code);
1518                 break;
1519             }
1520             info._sifields._sigfault._addr = env->nip - 4;
1521             queue_signal(env, info.si_signo, &info);
1522             break;
1523         case POWERPC_EXCP_FPU:      /* Floating-point unavailable exception  */
1524             EXCP_DUMP(env, "No floating point allowed\n");
1525             info.si_signo = TARGET_SIGILL;
1526             info.si_errno = 0;
1527             info.si_code = TARGET_ILL_COPROC;
1528             info._sifields._sigfault._addr = env->nip - 4;
1529             queue_signal(env, info.si_signo, &info);
1530             break;
1531         case POWERPC_EXCP_SYSCALL:  /* System call exception                 */
1532             cpu_abort(env, "Syscall exception while in user mode. "
1533                       "Aborting\n");
1534             break;
1535         case POWERPC_EXCP_APU:      /* Auxiliary processor unavailable       */
1536             EXCP_DUMP(env, "No APU instruction allowed\n");
1537             info.si_signo = TARGET_SIGILL;
1538             info.si_errno = 0;
1539             info.si_code = TARGET_ILL_COPROC;
1540             info._sifields._sigfault._addr = env->nip - 4;
1541             queue_signal(env, info.si_signo, &info);
1542             break;
1543         case POWERPC_EXCP_DECR:     /* Decrementer exception                 */
1544             cpu_abort(env, "Decrementer interrupt while in user mode. "
1545                       "Aborting\n");
1546             break;
1547         case POWERPC_EXCP_FIT:      /* Fixed-interval timer interrupt        */
1548             cpu_abort(env, "Fix interval timer interrupt while in user mode. "
1549                       "Aborting\n");
1550             break;
1551         case POWERPC_EXCP_WDT:      /* Watchdog timer interrupt              */
1552             cpu_abort(env, "Watchdog timer interrupt while in user mode. "
1553                       "Aborting\n");
1554             break;
1555         case POWERPC_EXCP_DTLB:     /* Data TLB error                        */
1556             cpu_abort(env, "Data TLB exception while in user mode. "
1557                       "Aborting\n");
1558             break;
1559         case POWERPC_EXCP_ITLB:     /* Instruction TLB error                 */
1560             cpu_abort(env, "Instruction TLB exception while in user mode. "
1561                       "Aborting\n");
1562             break;
1563         case POWERPC_EXCP_SPEU:     /* SPE/embedded floating-point unavail.  */
1564             EXCP_DUMP(env, "No SPE/floating-point instruction allowed\n");
1565             info.si_signo = TARGET_SIGILL;
1566             info.si_errno = 0;
1567             info.si_code = TARGET_ILL_COPROC;
1568             info._sifields._sigfault._addr = env->nip - 4;
1569             queue_signal(env, info.si_signo, &info);
1570             break;
1571         case POWERPC_EXCP_EFPDI:    /* Embedded floating-point data IRQ      */
1572             cpu_abort(env, "Embedded floating-point data IRQ not handled\n");
1573             break;
1574         case POWERPC_EXCP_EFPRI:    /* Embedded floating-point round IRQ     */
1575             cpu_abort(env, "Embedded floating-point round IRQ not handled\n");
1576             break;
1577         case POWERPC_EXCP_EPERFM:   /* Embedded performance monitor IRQ      */
1578             cpu_abort(env, "Performance monitor exception not handled\n");
1579             break;
1580         case POWERPC_EXCP_DOORI:    /* Embedded doorbell interrupt           */
1581             cpu_abort(env, "Doorbell interrupt while in user mode. "
1582                        "Aborting\n");
1583             break;
1584         case POWERPC_EXCP_DOORCI:   /* Embedded doorbell critical interrupt  */
1585             cpu_abort(env, "Doorbell critical interrupt while in user mode. "
1586                       "Aborting\n");
1587             break;
1588         case POWERPC_EXCP_RESET:    /* System reset exception                */
1589             cpu_abort(env, "Reset interrupt while in user mode. "
1590                       "Aborting\n");
1591             break;
1592         case POWERPC_EXCP_DSEG:     /* Data segment exception                */
1593             cpu_abort(env, "Data segment exception while in user mode. "
1594                       "Aborting\n");
1595             break;
1596         case POWERPC_EXCP_ISEG:     /* Instruction segment exception         */
1597             cpu_abort(env, "Instruction segment exception "
1598                       "while in user mode. Aborting\n");
1599             break;
1600         /* PowerPC 64 with hypervisor mode support */
1601         case POWERPC_EXCP_HDECR:    /* Hypervisor decrementer exception      */
1602             cpu_abort(env, "Hypervisor decrementer interrupt "
1603                       "while in user mode. Aborting\n");
1604             break;
1605         case POWERPC_EXCP_TRACE:    /* Trace exception                       */
1606             /* Nothing to do:
1607              * we use this exception to emulate step-by-step execution mode.
1608              */
1609             break;
1610         /* PowerPC 64 with hypervisor mode support */
1611         case POWERPC_EXCP_HDSI:     /* Hypervisor data storage exception     */
1612             cpu_abort(env, "Hypervisor data storage exception "
1613                       "while in user mode. Aborting\n");
1614             break;
1615         case POWERPC_EXCP_HISI:     /* Hypervisor instruction storage excp   */
1616             cpu_abort(env, "Hypervisor instruction storage exception "
1617                       "while in user mode. Aborting\n");
1618             break;
1619         case POWERPC_EXCP_HDSEG:    /* Hypervisor data segment exception     */
1620             cpu_abort(env, "Hypervisor data segment exception "
1621                       "while in user mode. Aborting\n");
1622             break;
1623         case POWERPC_EXCP_HISEG:    /* Hypervisor instruction segment excp   */
1624             cpu_abort(env, "Hypervisor instruction segment exception "
1625                       "while in user mode. Aborting\n");
1626             break;
1627         case POWERPC_EXCP_VPU:      /* Vector unavailable exception          */
1628             EXCP_DUMP(env, "No Altivec instructions allowed\n");
1629             info.si_signo = TARGET_SIGILL;
1630             info.si_errno = 0;
1631             info.si_code = TARGET_ILL_COPROC;
1632             info._sifields._sigfault._addr = env->nip - 4;
1633             queue_signal(env, info.si_signo, &info);
1634             break;
1635         case POWERPC_EXCP_PIT:      /* Programmable interval timer IRQ       */
1636             cpu_abort(env, "Programmable interval timer interrupt "
1637                       "while in user mode. Aborting\n");
1638             break;
1639         case POWERPC_EXCP_IO:       /* IO error exception                    */
1640             cpu_abort(env, "IO error exception while in user mode. "
1641                       "Aborting\n");
1642             break;
1643         case POWERPC_EXCP_RUNM:     /* Run mode exception                    */
1644             cpu_abort(env, "Run mode exception while in user mode. "
1645                       "Aborting\n");
1646             break;
1647         case POWERPC_EXCP_EMUL:     /* Emulation trap exception              */
1648             cpu_abort(env, "Emulation trap exception not handled\n");
1649             break;
1650         case POWERPC_EXCP_IFTLB:    /* Instruction fetch TLB error           */
1651             cpu_abort(env, "Instruction fetch TLB exception "
1652                       "while in user-mode. Aborting");
1653             break;
1654         case POWERPC_EXCP_DLTLB:    /* Data load TLB miss                    */
1655             cpu_abort(env, "Data load TLB exception while in user-mode. "
1656                       "Aborting");
1657             break;
1658         case POWERPC_EXCP_DSTLB:    /* Data store TLB miss                   */
1659             cpu_abort(env, "Data store TLB exception while in user-mode. "
1660                       "Aborting");
1661             break;
1662         case POWERPC_EXCP_FPA:      /* Floating-point assist exception       */
1663             cpu_abort(env, "Floating-point assist exception not handled\n");
1664             break;
1665         case POWERPC_EXCP_IABR:     /* Instruction address breakpoint        */
1666             cpu_abort(env, "Instruction address breakpoint exception "
1667                       "not handled\n");
1668             break;
1669         case POWERPC_EXCP_SMI:      /* System management interrupt           */
1670             cpu_abort(env, "System management interrupt while in user mode. "
1671                       "Aborting\n");
1672             break;
1673         case POWERPC_EXCP_THERM:    /* Thermal interrupt                     */
1674             cpu_abort(env, "Thermal interrupt interrupt while in user mode. "
1675                       "Aborting\n");
1676             break;
1677         case POWERPC_EXCP_PERFM:   /* Embedded performance monitor IRQ      */
1678             cpu_abort(env, "Performance monitor exception not handled\n");
1679             break;
1680         case POWERPC_EXCP_VPUA:     /* Vector assist exception               */
1681             cpu_abort(env, "Vector assist exception not handled\n");
1682             break;
1683         case POWERPC_EXCP_SOFTP:    /* Soft patch exception                  */
1684             cpu_abort(env, "Soft patch exception not handled\n");
1685             break;
1686         case POWERPC_EXCP_MAINT:    /* Maintenance exception                 */
1687             cpu_abort(env, "Maintenance exception while in user mode. "
1688                       "Aborting\n");
1689             break;
1690         case POWERPC_EXCP_STOP:     /* stop translation                      */
1691             /* We did invalidate the instruction cache. Go on */
1692             break;
1693         case POWERPC_EXCP_BRANCH:   /* branch instruction:                   */
1694             /* We just stopped because of a branch. Go on */
1695             break;
1696         case POWERPC_EXCP_SYSCALL_USER:
1697             /* system call in user-mode emulation */
1698             /* WARNING:
1699              * PPC ABI uses overflow flag in cr0 to signal an error
1700              * in syscalls.
1701              */
1702             env->crf[0] &= ~0x1;
1703             ret = do_syscall(env, env->gpr[0], env->gpr[3], env->gpr[4],
1704                              env->gpr[5], env->gpr[6], env->gpr[7],
1705                              env->gpr[8], 0, 0);
1706             if (ret == (target_ulong)(-TARGET_QEMU_ESIGRETURN)) {
1707                 /* Returning from a successful sigreturn syscall.
1708                    Avoid corrupting register state.  */
1709                 break;
1710             }
1711             if (ret > (target_ulong)(-515)) {
1712                 env->crf[0] |= 0x1;
1713                 ret = -ret;
1714             }
1715             env->gpr[3] = ret;
1716             break;
1717         case POWERPC_EXCP_STCX:
1718             if (do_store_exclusive(env)) {
1719                 info.si_signo = TARGET_SIGSEGV;
1720                 info.si_errno = 0;
1721                 info.si_code = TARGET_SEGV_MAPERR;
1722                 info._sifields._sigfault._addr = env->nip;
1723                 queue_signal(env, info.si_signo, &info);
1724             }
1725             break;
1726         case EXCP_DEBUG:
1727             {
1728                 int sig;
1729 
1730                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
1731                 if (sig) {
1732                     info.si_signo = sig;
1733                     info.si_errno = 0;
1734                     info.si_code = TARGET_TRAP_BRKPT;
1735                     queue_signal(env, info.si_signo, &info);
1736                   }
1737             }
1738             break;
1739         case EXCP_INTERRUPT:
1740             /* just indicate that signals should be handled asap */
1741             break;
1742         default:
1743             cpu_abort(env, "Unknown exception 0x%d. Aborting\n", trapnr);
1744             break;
1745         }
1746         process_pending_signals(env);
1747     }
1748 }
1749 #endif
1750 
1751 #ifdef TARGET_MIPS
1752 
1753 # ifdef TARGET_ABI_MIPSO32
1754 #  define MIPS_SYS(name, args) args,
1755 static const uint8_t mips_syscall_args[] = {
1756 	MIPS_SYS(sys_syscall	, 8)	/* 4000 */
1757 	MIPS_SYS(sys_exit	, 1)
1758 	MIPS_SYS(sys_fork	, 0)
1759 	MIPS_SYS(sys_read	, 3)
1760 	MIPS_SYS(sys_write	, 3)
1761 	MIPS_SYS(sys_open	, 3)	/* 4005 */
1762 	MIPS_SYS(sys_close	, 1)
1763 	MIPS_SYS(sys_waitpid	, 3)
1764 	MIPS_SYS(sys_creat	, 2)
1765 	MIPS_SYS(sys_link	, 2)
1766 	MIPS_SYS(sys_unlink	, 1)	/* 4010 */
1767 	MIPS_SYS(sys_execve	, 0)
1768 	MIPS_SYS(sys_chdir	, 1)
1769 	MIPS_SYS(sys_time	, 1)
1770 	MIPS_SYS(sys_mknod	, 3)
1771 	MIPS_SYS(sys_chmod	, 2)	/* 4015 */
1772 	MIPS_SYS(sys_lchown	, 3)
1773 	MIPS_SYS(sys_ni_syscall	, 0)
1774 	MIPS_SYS(sys_ni_syscall	, 0)	/* was sys_stat */
1775 	MIPS_SYS(sys_lseek	, 3)
1776 	MIPS_SYS(sys_getpid	, 0)	/* 4020 */
1777 	MIPS_SYS(sys_mount	, 5)
1778 	MIPS_SYS(sys_oldumount	, 1)
1779 	MIPS_SYS(sys_setuid	, 1)
1780 	MIPS_SYS(sys_getuid	, 0)
1781 	MIPS_SYS(sys_stime	, 1)	/* 4025 */
1782 	MIPS_SYS(sys_ptrace	, 4)
1783 	MIPS_SYS(sys_alarm	, 1)
1784 	MIPS_SYS(sys_ni_syscall	, 0)	/* was sys_fstat */
1785 	MIPS_SYS(sys_pause	, 0)
1786 	MIPS_SYS(sys_utime	, 2)	/* 4030 */
1787 	MIPS_SYS(sys_ni_syscall	, 0)
1788 	MIPS_SYS(sys_ni_syscall	, 0)
1789 	MIPS_SYS(sys_access	, 2)
1790 	MIPS_SYS(sys_nice	, 1)
1791 	MIPS_SYS(sys_ni_syscall	, 0)	/* 4035 */
1792 	MIPS_SYS(sys_sync	, 0)
1793 	MIPS_SYS(sys_kill	, 2)
1794 	MIPS_SYS(sys_rename	, 2)
1795 	MIPS_SYS(sys_mkdir	, 2)
1796 	MIPS_SYS(sys_rmdir	, 1)	/* 4040 */
1797 	MIPS_SYS(sys_dup		, 1)
1798 	MIPS_SYS(sys_pipe	, 0)
1799 	MIPS_SYS(sys_times	, 1)
1800 	MIPS_SYS(sys_ni_syscall	, 0)
1801 	MIPS_SYS(sys_brk		, 1)	/* 4045 */
1802 	MIPS_SYS(sys_setgid	, 1)
1803 	MIPS_SYS(sys_getgid	, 0)
1804 	MIPS_SYS(sys_ni_syscall	, 0)	/* was signal(2) */
1805 	MIPS_SYS(sys_geteuid	, 0)
1806 	MIPS_SYS(sys_getegid	, 0)	/* 4050 */
1807 	MIPS_SYS(sys_acct	, 0)
1808 	MIPS_SYS(sys_umount	, 2)
1809 	MIPS_SYS(sys_ni_syscall	, 0)
1810 	MIPS_SYS(sys_ioctl	, 3)
1811 	MIPS_SYS(sys_fcntl	, 3)	/* 4055 */
1812 	MIPS_SYS(sys_ni_syscall	, 2)
1813 	MIPS_SYS(sys_setpgid	, 2)
1814 	MIPS_SYS(sys_ni_syscall	, 0)
1815 	MIPS_SYS(sys_olduname	, 1)
1816 	MIPS_SYS(sys_umask	, 1)	/* 4060 */
1817 	MIPS_SYS(sys_chroot	, 1)
1818 	MIPS_SYS(sys_ustat	, 2)
1819 	MIPS_SYS(sys_dup2	, 2)
1820 	MIPS_SYS(sys_getppid	, 0)
1821 	MIPS_SYS(sys_getpgrp	, 0)	/* 4065 */
1822 	MIPS_SYS(sys_setsid	, 0)
1823 	MIPS_SYS(sys_sigaction	, 3)
1824 	MIPS_SYS(sys_sgetmask	, 0)
1825 	MIPS_SYS(sys_ssetmask	, 1)
1826 	MIPS_SYS(sys_setreuid	, 2)	/* 4070 */
1827 	MIPS_SYS(sys_setregid	, 2)
1828 	MIPS_SYS(sys_sigsuspend	, 0)
1829 	MIPS_SYS(sys_sigpending	, 1)
1830 	MIPS_SYS(sys_sethostname	, 2)
1831 	MIPS_SYS(sys_setrlimit	, 2)	/* 4075 */
1832 	MIPS_SYS(sys_getrlimit	, 2)
1833 	MIPS_SYS(sys_getrusage	, 2)
1834 	MIPS_SYS(sys_gettimeofday, 2)
1835 	MIPS_SYS(sys_settimeofday, 2)
1836 	MIPS_SYS(sys_getgroups	, 2)	/* 4080 */
1837 	MIPS_SYS(sys_setgroups	, 2)
1838 	MIPS_SYS(sys_ni_syscall	, 0)	/* old_select */
1839 	MIPS_SYS(sys_symlink	, 2)
1840 	MIPS_SYS(sys_ni_syscall	, 0)	/* was sys_lstat */
1841 	MIPS_SYS(sys_readlink	, 3)	/* 4085 */
1842 	MIPS_SYS(sys_uselib	, 1)
1843 	MIPS_SYS(sys_swapon	, 2)
1844 	MIPS_SYS(sys_reboot	, 3)
1845 	MIPS_SYS(old_readdir	, 3)
1846 	MIPS_SYS(old_mmap	, 6)	/* 4090 */
1847 	MIPS_SYS(sys_munmap	, 2)
1848 	MIPS_SYS(sys_truncate	, 2)
1849 	MIPS_SYS(sys_ftruncate	, 2)
1850 	MIPS_SYS(sys_fchmod	, 2)
1851 	MIPS_SYS(sys_fchown	, 3)	/* 4095 */
1852 	MIPS_SYS(sys_getpriority	, 2)
1853 	MIPS_SYS(sys_setpriority	, 3)
1854 	MIPS_SYS(sys_ni_syscall	, 0)
1855 	MIPS_SYS(sys_statfs	, 2)
1856 	MIPS_SYS(sys_fstatfs	, 2)	/* 4100 */
1857 	MIPS_SYS(sys_ni_syscall	, 0)	/* was ioperm(2) */
1858 	MIPS_SYS(sys_socketcall	, 2)
1859 	MIPS_SYS(sys_syslog	, 3)
1860 	MIPS_SYS(sys_setitimer	, 3)
1861 	MIPS_SYS(sys_getitimer	, 2)	/* 4105 */
1862 	MIPS_SYS(sys_newstat	, 2)
1863 	MIPS_SYS(sys_newlstat	, 2)
1864 	MIPS_SYS(sys_newfstat	, 2)
1865 	MIPS_SYS(sys_uname	, 1)
1866 	MIPS_SYS(sys_ni_syscall	, 0)	/* 4110 was iopl(2) */
1867 	MIPS_SYS(sys_vhangup	, 0)
1868 	MIPS_SYS(sys_ni_syscall	, 0)	/* was sys_idle() */
1869 	MIPS_SYS(sys_ni_syscall	, 0)	/* was sys_vm86 */
1870 	MIPS_SYS(sys_wait4	, 4)
1871 	MIPS_SYS(sys_swapoff	, 1)	/* 4115 */
1872 	MIPS_SYS(sys_sysinfo	, 1)
1873 	MIPS_SYS(sys_ipc		, 6)
1874 	MIPS_SYS(sys_fsync	, 1)
1875 	MIPS_SYS(sys_sigreturn	, 0)
1876 	MIPS_SYS(sys_clone	, 6)	/* 4120 */
1877 	MIPS_SYS(sys_setdomainname, 2)
1878 	MIPS_SYS(sys_newuname	, 1)
1879 	MIPS_SYS(sys_ni_syscall	, 0)	/* sys_modify_ldt */
1880 	MIPS_SYS(sys_adjtimex	, 1)
1881 	MIPS_SYS(sys_mprotect	, 3)	/* 4125 */
1882 	MIPS_SYS(sys_sigprocmask	, 3)
1883 	MIPS_SYS(sys_ni_syscall	, 0)	/* was create_module */
1884 	MIPS_SYS(sys_init_module	, 5)
1885 	MIPS_SYS(sys_delete_module, 1)
1886 	MIPS_SYS(sys_ni_syscall	, 0)	/* 4130	was get_kernel_syms */
1887 	MIPS_SYS(sys_quotactl	, 0)
1888 	MIPS_SYS(sys_getpgid	, 1)
1889 	MIPS_SYS(sys_fchdir	, 1)
1890 	MIPS_SYS(sys_bdflush	, 2)
1891 	MIPS_SYS(sys_sysfs	, 3)	/* 4135 */
1892 	MIPS_SYS(sys_personality	, 1)
1893 	MIPS_SYS(sys_ni_syscall	, 0)	/* for afs_syscall */
1894 	MIPS_SYS(sys_setfsuid	, 1)
1895 	MIPS_SYS(sys_setfsgid	, 1)
1896 	MIPS_SYS(sys_llseek	, 5)	/* 4140 */
1897 	MIPS_SYS(sys_getdents	, 3)
1898 	MIPS_SYS(sys_select	, 5)
1899 	MIPS_SYS(sys_flock	, 2)
1900 	MIPS_SYS(sys_msync	, 3)
1901 	MIPS_SYS(sys_readv	, 3)	/* 4145 */
1902 	MIPS_SYS(sys_writev	, 3)
1903 	MIPS_SYS(sys_cacheflush	, 3)
1904 	MIPS_SYS(sys_cachectl	, 3)
1905 	MIPS_SYS(sys_sysmips	, 4)
1906 	MIPS_SYS(sys_ni_syscall	, 0)	/* 4150 */
1907 	MIPS_SYS(sys_getsid	, 1)
1908 	MIPS_SYS(sys_fdatasync	, 0)
1909 	MIPS_SYS(sys_sysctl	, 1)
1910 	MIPS_SYS(sys_mlock	, 2)
1911 	MIPS_SYS(sys_munlock	, 2)	/* 4155 */
1912 	MIPS_SYS(sys_mlockall	, 1)
1913 	MIPS_SYS(sys_munlockall	, 0)
1914 	MIPS_SYS(sys_sched_setparam, 2)
1915 	MIPS_SYS(sys_sched_getparam, 2)
1916 	MIPS_SYS(sys_sched_setscheduler, 3)	/* 4160 */
1917 	MIPS_SYS(sys_sched_getscheduler, 1)
1918 	MIPS_SYS(sys_sched_yield	, 0)
1919 	MIPS_SYS(sys_sched_get_priority_max, 1)
1920 	MIPS_SYS(sys_sched_get_priority_min, 1)
1921 	MIPS_SYS(sys_sched_rr_get_interval, 2)	/* 4165 */
1922 	MIPS_SYS(sys_nanosleep,	2)
1923 	MIPS_SYS(sys_mremap	, 4)
1924 	MIPS_SYS(sys_accept	, 3)
1925 	MIPS_SYS(sys_bind	, 3)
1926 	MIPS_SYS(sys_connect	, 3)	/* 4170 */
1927 	MIPS_SYS(sys_getpeername	, 3)
1928 	MIPS_SYS(sys_getsockname	, 3)
1929 	MIPS_SYS(sys_getsockopt	, 5)
1930 	MIPS_SYS(sys_listen	, 2)
1931 	MIPS_SYS(sys_recv	, 4)	/* 4175 */
1932 	MIPS_SYS(sys_recvfrom	, 6)
1933 	MIPS_SYS(sys_recvmsg	, 3)
1934 	MIPS_SYS(sys_send	, 4)
1935 	MIPS_SYS(sys_sendmsg	, 3)
1936 	MIPS_SYS(sys_sendto	, 6)	/* 4180 */
1937 	MIPS_SYS(sys_setsockopt	, 5)
1938 	MIPS_SYS(sys_shutdown	, 2)
1939 	MIPS_SYS(sys_socket	, 3)
1940 	MIPS_SYS(sys_socketpair	, 4)
1941 	MIPS_SYS(sys_setresuid	, 3)	/* 4185 */
1942 	MIPS_SYS(sys_getresuid	, 3)
1943 	MIPS_SYS(sys_ni_syscall	, 0)	/* was sys_query_module */
1944 	MIPS_SYS(sys_poll	, 3)
1945 	MIPS_SYS(sys_nfsservctl	, 3)
1946 	MIPS_SYS(sys_setresgid	, 3)	/* 4190 */
1947 	MIPS_SYS(sys_getresgid	, 3)
1948 	MIPS_SYS(sys_prctl	, 5)
1949 	MIPS_SYS(sys_rt_sigreturn, 0)
1950 	MIPS_SYS(sys_rt_sigaction, 4)
1951 	MIPS_SYS(sys_rt_sigprocmask, 4)	/* 4195 */
1952 	MIPS_SYS(sys_rt_sigpending, 2)
1953 	MIPS_SYS(sys_rt_sigtimedwait, 4)
1954 	MIPS_SYS(sys_rt_sigqueueinfo, 3)
1955 	MIPS_SYS(sys_rt_sigsuspend, 0)
1956 	MIPS_SYS(sys_pread64	, 6)	/* 4200 */
1957 	MIPS_SYS(sys_pwrite64	, 6)
1958 	MIPS_SYS(sys_chown	, 3)
1959 	MIPS_SYS(sys_getcwd	, 2)
1960 	MIPS_SYS(sys_capget	, 2)
1961 	MIPS_SYS(sys_capset	, 2)	/* 4205 */
1962 	MIPS_SYS(sys_sigaltstack	, 2)
1963 	MIPS_SYS(sys_sendfile	, 4)
1964 	MIPS_SYS(sys_ni_syscall	, 0)
1965 	MIPS_SYS(sys_ni_syscall	, 0)
1966 	MIPS_SYS(sys_mmap2	, 6)	/* 4210 */
1967 	MIPS_SYS(sys_truncate64	, 4)
1968 	MIPS_SYS(sys_ftruncate64	, 4)
1969 	MIPS_SYS(sys_stat64	, 2)
1970 	MIPS_SYS(sys_lstat64	, 2)
1971 	MIPS_SYS(sys_fstat64	, 2)	/* 4215 */
1972 	MIPS_SYS(sys_pivot_root	, 2)
1973 	MIPS_SYS(sys_mincore	, 3)
1974 	MIPS_SYS(sys_madvise	, 3)
1975 	MIPS_SYS(sys_getdents64	, 3)
1976 	MIPS_SYS(sys_fcntl64	, 3)	/* 4220 */
1977 	MIPS_SYS(sys_ni_syscall	, 0)
1978 	MIPS_SYS(sys_gettid	, 0)
1979 	MIPS_SYS(sys_readahead	, 5)
1980 	MIPS_SYS(sys_setxattr	, 5)
1981 	MIPS_SYS(sys_lsetxattr	, 5)	/* 4225 */
1982 	MIPS_SYS(sys_fsetxattr	, 5)
1983 	MIPS_SYS(sys_getxattr	, 4)
1984 	MIPS_SYS(sys_lgetxattr	, 4)
1985 	MIPS_SYS(sys_fgetxattr	, 4)
1986 	MIPS_SYS(sys_listxattr	, 3)	/* 4230 */
1987 	MIPS_SYS(sys_llistxattr	, 3)
1988 	MIPS_SYS(sys_flistxattr	, 3)
1989 	MIPS_SYS(sys_removexattr	, 2)
1990 	MIPS_SYS(sys_lremovexattr, 2)
1991 	MIPS_SYS(sys_fremovexattr, 2)	/* 4235 */
1992 	MIPS_SYS(sys_tkill	, 2)
1993 	MIPS_SYS(sys_sendfile64	, 5)
1994 	MIPS_SYS(sys_futex	, 6)
1995 	MIPS_SYS(sys_sched_setaffinity, 3)
1996 	MIPS_SYS(sys_sched_getaffinity, 3)	/* 4240 */
1997 	MIPS_SYS(sys_io_setup	, 2)
1998 	MIPS_SYS(sys_io_destroy	, 1)
1999 	MIPS_SYS(sys_io_getevents, 5)
2000 	MIPS_SYS(sys_io_submit	, 3)
2001 	MIPS_SYS(sys_io_cancel	, 3)	/* 4245 */
2002 	MIPS_SYS(sys_exit_group	, 1)
2003 	MIPS_SYS(sys_lookup_dcookie, 3)
2004 	MIPS_SYS(sys_epoll_create, 1)
2005 	MIPS_SYS(sys_epoll_ctl	, 4)
2006 	MIPS_SYS(sys_epoll_wait	, 3)	/* 4250 */
2007 	MIPS_SYS(sys_remap_file_pages, 5)
2008 	MIPS_SYS(sys_set_tid_address, 1)
2009 	MIPS_SYS(sys_restart_syscall, 0)
2010 	MIPS_SYS(sys_fadvise64_64, 7)
2011 	MIPS_SYS(sys_statfs64	, 3)	/* 4255 */
2012 	MIPS_SYS(sys_fstatfs64	, 2)
2013 	MIPS_SYS(sys_timer_create, 3)
2014 	MIPS_SYS(sys_timer_settime, 4)
2015 	MIPS_SYS(sys_timer_gettime, 2)
2016 	MIPS_SYS(sys_timer_getoverrun, 1)	/* 4260 */
2017 	MIPS_SYS(sys_timer_delete, 1)
2018 	MIPS_SYS(sys_clock_settime, 2)
2019 	MIPS_SYS(sys_clock_gettime, 2)
2020 	MIPS_SYS(sys_clock_getres, 2)
2021 	MIPS_SYS(sys_clock_nanosleep, 4)	/* 4265 */
2022 	MIPS_SYS(sys_tgkill	, 3)
2023 	MIPS_SYS(sys_utimes	, 2)
2024 	MIPS_SYS(sys_mbind	, 4)
2025 	MIPS_SYS(sys_ni_syscall	, 0)	/* sys_get_mempolicy */
2026 	MIPS_SYS(sys_ni_syscall	, 0)	/* 4270 sys_set_mempolicy */
2027 	MIPS_SYS(sys_mq_open	, 4)
2028 	MIPS_SYS(sys_mq_unlink	, 1)
2029 	MIPS_SYS(sys_mq_timedsend, 5)
2030 	MIPS_SYS(sys_mq_timedreceive, 5)
2031 	MIPS_SYS(sys_mq_notify	, 2)	/* 4275 */
2032 	MIPS_SYS(sys_mq_getsetattr, 3)
2033 	MIPS_SYS(sys_ni_syscall	, 0)	/* sys_vserver */
2034 	MIPS_SYS(sys_waitid	, 4)
2035 	MIPS_SYS(sys_ni_syscall	, 0)	/* available, was setaltroot */
2036 	MIPS_SYS(sys_add_key	, 5)
2037 	MIPS_SYS(sys_request_key, 4)
2038 	MIPS_SYS(sys_keyctl	, 5)
2039 	MIPS_SYS(sys_set_thread_area, 1)
2040 	MIPS_SYS(sys_inotify_init, 0)
2041 	MIPS_SYS(sys_inotify_add_watch, 3) /* 4285 */
2042 	MIPS_SYS(sys_inotify_rm_watch, 2)
2043 	MIPS_SYS(sys_migrate_pages, 4)
2044 	MIPS_SYS(sys_openat, 4)
2045 	MIPS_SYS(sys_mkdirat, 3)
2046 	MIPS_SYS(sys_mknodat, 4)	/* 4290 */
2047 	MIPS_SYS(sys_fchownat, 5)
2048 	MIPS_SYS(sys_futimesat, 3)
2049 	MIPS_SYS(sys_fstatat64, 4)
2050 	MIPS_SYS(sys_unlinkat, 3)
2051 	MIPS_SYS(sys_renameat, 4)	/* 4295 */
2052 	MIPS_SYS(sys_linkat, 5)
2053 	MIPS_SYS(sys_symlinkat, 3)
2054 	MIPS_SYS(sys_readlinkat, 4)
2055 	MIPS_SYS(sys_fchmodat, 3)
2056 	MIPS_SYS(sys_faccessat, 3)	/* 4300 */
2057 	MIPS_SYS(sys_pselect6, 6)
2058 	MIPS_SYS(sys_ppoll, 5)
2059 	MIPS_SYS(sys_unshare, 1)
2060 	MIPS_SYS(sys_splice, 4)
2061 	MIPS_SYS(sys_sync_file_range, 7) /* 4305 */
2062 	MIPS_SYS(sys_tee, 4)
2063 	MIPS_SYS(sys_vmsplice, 4)
2064 	MIPS_SYS(sys_move_pages, 6)
2065 	MIPS_SYS(sys_set_robust_list, 2)
2066 	MIPS_SYS(sys_get_robust_list, 3) /* 4310 */
2067 	MIPS_SYS(sys_kexec_load, 4)
2068 	MIPS_SYS(sys_getcpu, 3)
2069 	MIPS_SYS(sys_epoll_pwait, 6)
2070 	MIPS_SYS(sys_ioprio_set, 3)
2071 	MIPS_SYS(sys_ioprio_get, 2)
2072         MIPS_SYS(sys_utimensat, 4)
2073         MIPS_SYS(sys_signalfd, 3)
2074         MIPS_SYS(sys_ni_syscall, 0)     /* was timerfd */
2075         MIPS_SYS(sys_eventfd, 1)
2076         MIPS_SYS(sys_fallocate, 6)      /* 4320 */
2077         MIPS_SYS(sys_timerfd_create, 2)
2078         MIPS_SYS(sys_timerfd_gettime, 2)
2079         MIPS_SYS(sys_timerfd_settime, 4)
2080         MIPS_SYS(sys_signalfd4, 4)
2081         MIPS_SYS(sys_eventfd2, 2)       /* 4325 */
2082         MIPS_SYS(sys_epoll_create1, 1)
2083         MIPS_SYS(sys_dup3, 3)
2084         MIPS_SYS(sys_pipe2, 2)
2085         MIPS_SYS(sys_inotify_init1, 1)
2086         MIPS_SYS(sys_preadv, 6)         /* 4330 */
2087         MIPS_SYS(sys_pwritev, 6)
2088         MIPS_SYS(sys_rt_tgsigqueueinfo, 4)
2089         MIPS_SYS(sys_perf_event_open, 5)
2090         MIPS_SYS(sys_accept4, 4)
2091         MIPS_SYS(sys_recvmmsg, 5)       /* 4335 */
2092         MIPS_SYS(sys_fanotify_init, 2)
2093         MIPS_SYS(sys_fanotify_mark, 6)
2094         MIPS_SYS(sys_prlimit64, 4)
2095         MIPS_SYS(sys_name_to_handle_at, 5)
2096         MIPS_SYS(sys_open_by_handle_at, 3) /* 4340 */
2097         MIPS_SYS(sys_clock_adjtime, 2)
2098         MIPS_SYS(sys_syncfs, 1)
2099 };
2100 #  undef MIPS_SYS
2101 # endif /* O32 */
2102 
2103 static int do_store_exclusive(CPUMIPSState *env)
2104 {
2105     target_ulong addr;
2106     target_ulong page_addr;
2107     target_ulong val;
2108     int flags;
2109     int segv = 0;
2110     int reg;
2111     int d;
2112 
2113     addr = env->lladdr;
2114     page_addr = addr & TARGET_PAGE_MASK;
2115     start_exclusive();
2116     mmap_lock();
2117     flags = page_get_flags(page_addr);
2118     if ((flags & PAGE_READ) == 0) {
2119         segv = 1;
2120     } else {
2121         reg = env->llreg & 0x1f;
2122         d = (env->llreg & 0x20) != 0;
2123         if (d) {
2124             segv = get_user_s64(val, addr);
2125         } else {
2126             segv = get_user_s32(val, addr);
2127         }
2128         if (!segv) {
2129             if (val != env->llval) {
2130                 env->active_tc.gpr[reg] = 0;
2131             } else {
2132                 if (d) {
2133                     segv = put_user_u64(env->llnewval, addr);
2134                 } else {
2135                     segv = put_user_u32(env->llnewval, addr);
2136                 }
2137                 if (!segv) {
2138                     env->active_tc.gpr[reg] = 1;
2139                 }
2140             }
2141         }
2142     }
2143     env->lladdr = -1;
2144     if (!segv) {
2145         env->active_tc.PC += 4;
2146     }
2147     mmap_unlock();
2148     end_exclusive();
2149     return segv;
2150 }
2151 
2152 /* Break codes */
2153 enum {
2154     BRK_OVERFLOW = 6,
2155     BRK_DIVZERO = 7
2156 };
2157 
2158 static int do_break(CPUMIPSState *env, target_siginfo_t *info,
2159                     unsigned int code)
2160 {
2161     int ret = -1;
2162 
2163     switch (code) {
2164     case BRK_OVERFLOW:
2165     case BRK_DIVZERO:
2166         info->si_signo = TARGET_SIGFPE;
2167         info->si_errno = 0;
2168         info->si_code = (code == BRK_OVERFLOW) ? FPE_INTOVF : FPE_INTDIV;
2169         queue_signal(env, info->si_signo, &*info);
2170         ret = 0;
2171         break;
2172     default:
2173         break;
2174     }
2175 
2176     return ret;
2177 }
2178 
2179 void cpu_loop(CPUMIPSState *env)
2180 {
2181     CPUState *cs = CPU(mips_env_get_cpu(env));
2182     target_siginfo_t info;
2183     int trapnr;
2184     abi_long ret;
2185 # ifdef TARGET_ABI_MIPSO32
2186     unsigned int syscall_num;
2187 # endif
2188 
2189     for(;;) {
2190         cpu_exec_start(cs);
2191         trapnr = cpu_mips_exec(env);
2192         cpu_exec_end(cs);
2193         switch(trapnr) {
2194         case EXCP_SYSCALL:
2195             env->active_tc.PC += 4;
2196 # ifdef TARGET_ABI_MIPSO32
2197             syscall_num = env->active_tc.gpr[2] - 4000;
2198             if (syscall_num >= sizeof(mips_syscall_args)) {
2199                 ret = -TARGET_ENOSYS;
2200             } else {
2201                 int nb_args;
2202                 abi_ulong sp_reg;
2203                 abi_ulong arg5 = 0, arg6 = 0, arg7 = 0, arg8 = 0;
2204 
2205                 nb_args = mips_syscall_args[syscall_num];
2206                 sp_reg = env->active_tc.gpr[29];
2207                 switch (nb_args) {
2208                 /* these arguments are taken from the stack */
2209                 case 8:
2210                     if ((ret = get_user_ual(arg8, sp_reg + 28)) != 0) {
2211                         goto done_syscall;
2212                     }
2213                 case 7:
2214                     if ((ret = get_user_ual(arg7, sp_reg + 24)) != 0) {
2215                         goto done_syscall;
2216                     }
2217                 case 6:
2218                     if ((ret = get_user_ual(arg6, sp_reg + 20)) != 0) {
2219                         goto done_syscall;
2220                     }
2221                 case 5:
2222                     if ((ret = get_user_ual(arg5, sp_reg + 16)) != 0) {
2223                         goto done_syscall;
2224                     }
2225                 default:
2226                     break;
2227                 }
2228                 ret = do_syscall(env, env->active_tc.gpr[2],
2229                                  env->active_tc.gpr[4],
2230                                  env->active_tc.gpr[5],
2231                                  env->active_tc.gpr[6],
2232                                  env->active_tc.gpr[7],
2233                                  arg5, arg6, arg7, arg8);
2234             }
2235 done_syscall:
2236 # else
2237             ret = do_syscall(env, env->active_tc.gpr[2],
2238                              env->active_tc.gpr[4], env->active_tc.gpr[5],
2239                              env->active_tc.gpr[6], env->active_tc.gpr[7],
2240                              env->active_tc.gpr[8], env->active_tc.gpr[9],
2241                              env->active_tc.gpr[10], env->active_tc.gpr[11]);
2242 # endif /* O32 */
2243             if (ret == -TARGET_QEMU_ESIGRETURN) {
2244                 /* Returning from a successful sigreturn syscall.
2245                    Avoid clobbering register state.  */
2246                 break;
2247             }
2248             if ((abi_ulong)ret >= (abi_ulong)-1133) {
2249                 env->active_tc.gpr[7] = 1; /* error flag */
2250                 ret = -ret;
2251             } else {
2252                 env->active_tc.gpr[7] = 0; /* error flag */
2253             }
2254             env->active_tc.gpr[2] = ret;
2255             break;
2256         case EXCP_TLBL:
2257         case EXCP_TLBS:
2258         case EXCP_AdEL:
2259         case EXCP_AdES:
2260             info.si_signo = TARGET_SIGSEGV;
2261             info.si_errno = 0;
2262             /* XXX: check env->error_code */
2263             info.si_code = TARGET_SEGV_MAPERR;
2264             info._sifields._sigfault._addr = env->CP0_BadVAddr;
2265             queue_signal(env, info.si_signo, &info);
2266             break;
2267         case EXCP_CpU:
2268         case EXCP_RI:
2269             info.si_signo = TARGET_SIGILL;
2270             info.si_errno = 0;
2271             info.si_code = 0;
2272             queue_signal(env, info.si_signo, &info);
2273             break;
2274         case EXCP_INTERRUPT:
2275             /* just indicate that signals should be handled asap */
2276             break;
2277         case EXCP_DEBUG:
2278             {
2279                 int sig;
2280 
2281                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
2282                 if (sig)
2283                   {
2284                     info.si_signo = sig;
2285                     info.si_errno = 0;
2286                     info.si_code = TARGET_TRAP_BRKPT;
2287                     queue_signal(env, info.si_signo, &info);
2288                   }
2289             }
2290             break;
2291         case EXCP_SC:
2292             if (do_store_exclusive(env)) {
2293                 info.si_signo = TARGET_SIGSEGV;
2294                 info.si_errno = 0;
2295                 info.si_code = TARGET_SEGV_MAPERR;
2296                 info._sifields._sigfault._addr = env->active_tc.PC;
2297                 queue_signal(env, info.si_signo, &info);
2298             }
2299             break;
2300         case EXCP_DSPDIS:
2301             info.si_signo = TARGET_SIGILL;
2302             info.si_errno = 0;
2303             info.si_code = TARGET_ILL_ILLOPC;
2304             queue_signal(env, info.si_signo, &info);
2305             break;
2306         /* The code below was inspired by the MIPS Linux kernel trap
2307          * handling code in arch/mips/kernel/traps.c.
2308          */
2309         case EXCP_BREAK:
2310             {
2311                 abi_ulong trap_instr;
2312                 unsigned int code;
2313 
2314                 if (env->hflags & MIPS_HFLAG_M16) {
2315                     if (env->insn_flags & ASE_MICROMIPS) {
2316                         /* microMIPS mode */
2317                         abi_ulong instr[2];
2318 
2319                         ret = get_user_u16(instr[0], env->active_tc.PC) ||
2320                               get_user_u16(instr[1], env->active_tc.PC + 2);
2321 
2322                         trap_instr = (instr[0] << 16) | instr[1];
2323                     } else {
2324                         /* MIPS16e mode */
2325                         ret = get_user_u16(trap_instr, env->active_tc.PC);
2326                         if (ret != 0) {
2327                             goto error;
2328                         }
2329                         code = (trap_instr >> 6) & 0x3f;
2330                         if (do_break(env, &info, code) != 0) {
2331                             goto error;
2332                         }
2333                         break;
2334                     }
2335                 } else {
2336                     ret = get_user_ual(trap_instr, env->active_tc.PC);
2337                 }
2338 
2339                 if (ret != 0) {
2340                     goto error;
2341                 }
2342 
2343                 /* As described in the original Linux kernel code, the
2344                  * below checks on 'code' are to work around an old
2345                  * assembly bug.
2346                  */
2347                 code = ((trap_instr >> 6) & ((1 << 20) - 1));
2348                 if (code >= (1 << 10)) {
2349                     code >>= 10;
2350                 }
2351 
2352                 if (do_break(env, &info, code) != 0) {
2353                     goto error;
2354                 }
2355             }
2356             break;
2357         case EXCP_TRAP:
2358             {
2359                 abi_ulong trap_instr;
2360                 unsigned int code = 0;
2361 
2362                 if (env->hflags & MIPS_HFLAG_M16) {
2363                     /* microMIPS mode */
2364                     abi_ulong instr[2];
2365 
2366                     ret = get_user_u16(instr[0], env->active_tc.PC) ||
2367                           get_user_u16(instr[1], env->active_tc.PC + 2);
2368 
2369                     trap_instr = (instr[0] << 16) | instr[1];
2370                 } else {
2371                     ret = get_user_ual(trap_instr, env->active_tc.PC);
2372                 }
2373 
2374                 if (ret != 0) {
2375                     goto error;
2376                 }
2377 
2378                 /* The immediate versions don't provide a code.  */
2379                 if (!(trap_instr & 0xFC000000)) {
2380                     if (env->hflags & MIPS_HFLAG_M16) {
2381                         /* microMIPS mode */
2382                         code = ((trap_instr >> 12) & ((1 << 4) - 1));
2383                     } else {
2384                         code = ((trap_instr >> 6) & ((1 << 10) - 1));
2385                     }
2386                 }
2387 
2388                 if (do_break(env, &info, code) != 0) {
2389                     goto error;
2390                 }
2391             }
2392             break;
2393         default:
2394 error:
2395             fprintf(stderr, "qemu: unhandled CPU exception 0x%x - aborting\n",
2396                     trapnr);
2397             cpu_dump_state(cs, stderr, fprintf, 0);
2398             abort();
2399         }
2400         process_pending_signals(env);
2401     }
2402 }
2403 #endif
2404 
2405 #ifdef TARGET_OPENRISC
2406 
2407 void cpu_loop(CPUOpenRISCState *env)
2408 {
2409     CPUState *cs = CPU(openrisc_env_get_cpu(env));
2410     int trapnr, gdbsig;
2411 
2412     for (;;) {
2413         trapnr = cpu_exec(env);
2414         gdbsig = 0;
2415 
2416         switch (trapnr) {
2417         case EXCP_RESET:
2418             qemu_log("\nReset request, exit, pc is %#x\n", env->pc);
2419             exit(1);
2420             break;
2421         case EXCP_BUSERR:
2422             qemu_log("\nBus error, exit, pc is %#x\n", env->pc);
2423             gdbsig = SIGBUS;
2424             break;
2425         case EXCP_DPF:
2426         case EXCP_IPF:
2427             cpu_dump_state(cs, stderr, fprintf, 0);
2428             gdbsig = TARGET_SIGSEGV;
2429             break;
2430         case EXCP_TICK:
2431             qemu_log("\nTick time interrupt pc is %#x\n", env->pc);
2432             break;
2433         case EXCP_ALIGN:
2434             qemu_log("\nAlignment pc is %#x\n", env->pc);
2435             gdbsig = SIGBUS;
2436             break;
2437         case EXCP_ILLEGAL:
2438             qemu_log("\nIllegal instructionpc is %#x\n", env->pc);
2439             gdbsig = SIGILL;
2440             break;
2441         case EXCP_INT:
2442             qemu_log("\nExternal interruptpc is %#x\n", env->pc);
2443             break;
2444         case EXCP_DTLBMISS:
2445         case EXCP_ITLBMISS:
2446             qemu_log("\nTLB miss\n");
2447             break;
2448         case EXCP_RANGE:
2449             qemu_log("\nRange\n");
2450             gdbsig = SIGSEGV;
2451             break;
2452         case EXCP_SYSCALL:
2453             env->pc += 4;   /* 0xc00; */
2454             env->gpr[11] = do_syscall(env,
2455                                       env->gpr[11], /* return value       */
2456                                       env->gpr[3],  /* r3 - r7 are params */
2457                                       env->gpr[4],
2458                                       env->gpr[5],
2459                                       env->gpr[6],
2460                                       env->gpr[7],
2461                                       env->gpr[8], 0, 0);
2462             break;
2463         case EXCP_FPE:
2464             qemu_log("\nFloating point error\n");
2465             break;
2466         case EXCP_TRAP:
2467             qemu_log("\nTrap\n");
2468             gdbsig = SIGTRAP;
2469             break;
2470         case EXCP_NR:
2471             qemu_log("\nNR\n");
2472             break;
2473         default:
2474             qemu_log("\nqemu: unhandled CPU exception %#x - aborting\n",
2475                      trapnr);
2476             cpu_dump_state(cs, stderr, fprintf, 0);
2477             gdbsig = TARGET_SIGILL;
2478             break;
2479         }
2480         if (gdbsig) {
2481             gdb_handlesig(cs, gdbsig);
2482             if (gdbsig != TARGET_SIGTRAP) {
2483                 exit(1);
2484             }
2485         }
2486 
2487         process_pending_signals(env);
2488     }
2489 }
2490 
2491 #endif /* TARGET_OPENRISC */
2492 
2493 #ifdef TARGET_SH4
2494 void cpu_loop(CPUSH4State *env)
2495 {
2496     CPUState *cs = CPU(sh_env_get_cpu(env));
2497     int trapnr, ret;
2498     target_siginfo_t info;
2499 
2500     while (1) {
2501         trapnr = cpu_sh4_exec (env);
2502 
2503         switch (trapnr) {
2504         case 0x160:
2505             env->pc += 2;
2506             ret = do_syscall(env,
2507                              env->gregs[3],
2508                              env->gregs[4],
2509                              env->gregs[5],
2510                              env->gregs[6],
2511                              env->gregs[7],
2512                              env->gregs[0],
2513                              env->gregs[1],
2514                              0, 0);
2515             env->gregs[0] = ret;
2516             break;
2517         case EXCP_INTERRUPT:
2518             /* just indicate that signals should be handled asap */
2519             break;
2520         case EXCP_DEBUG:
2521             {
2522                 int sig;
2523 
2524                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
2525                 if (sig)
2526                   {
2527                     info.si_signo = sig;
2528                     info.si_errno = 0;
2529                     info.si_code = TARGET_TRAP_BRKPT;
2530                     queue_signal(env, info.si_signo, &info);
2531                   }
2532             }
2533             break;
2534 	case 0xa0:
2535 	case 0xc0:
2536             info.si_signo = SIGSEGV;
2537             info.si_errno = 0;
2538             info.si_code = TARGET_SEGV_MAPERR;
2539             info._sifields._sigfault._addr = env->tea;
2540             queue_signal(env, info.si_signo, &info);
2541 	    break;
2542 
2543         default:
2544             printf ("Unhandled trap: 0x%x\n", trapnr);
2545             cpu_dump_state(cs, stderr, fprintf, 0);
2546             exit (1);
2547         }
2548         process_pending_signals (env);
2549     }
2550 }
2551 #endif
2552 
2553 #ifdef TARGET_CRIS
2554 void cpu_loop(CPUCRISState *env)
2555 {
2556     CPUState *cs = CPU(cris_env_get_cpu(env));
2557     int trapnr, ret;
2558     target_siginfo_t info;
2559 
2560     while (1) {
2561         trapnr = cpu_cris_exec (env);
2562         switch (trapnr) {
2563         case 0xaa:
2564             {
2565                 info.si_signo = SIGSEGV;
2566                 info.si_errno = 0;
2567                 /* XXX: check env->error_code */
2568                 info.si_code = TARGET_SEGV_MAPERR;
2569                 info._sifields._sigfault._addr = env->pregs[PR_EDA];
2570                 queue_signal(env, info.si_signo, &info);
2571             }
2572             break;
2573 	case EXCP_INTERRUPT:
2574 	  /* just indicate that signals should be handled asap */
2575 	  break;
2576         case EXCP_BREAK:
2577             ret = do_syscall(env,
2578                              env->regs[9],
2579                              env->regs[10],
2580                              env->regs[11],
2581                              env->regs[12],
2582                              env->regs[13],
2583                              env->pregs[7],
2584                              env->pregs[11],
2585                              0, 0);
2586             env->regs[10] = ret;
2587             break;
2588         case EXCP_DEBUG:
2589             {
2590                 int sig;
2591 
2592                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
2593                 if (sig)
2594                   {
2595                     info.si_signo = sig;
2596                     info.si_errno = 0;
2597                     info.si_code = TARGET_TRAP_BRKPT;
2598                     queue_signal(env, info.si_signo, &info);
2599                   }
2600             }
2601             break;
2602         default:
2603             printf ("Unhandled trap: 0x%x\n", trapnr);
2604             cpu_dump_state(cs, stderr, fprintf, 0);
2605             exit (1);
2606         }
2607         process_pending_signals (env);
2608     }
2609 }
2610 #endif
2611 
2612 #ifdef TARGET_MICROBLAZE
2613 void cpu_loop(CPUMBState *env)
2614 {
2615     CPUState *cs = CPU(mb_env_get_cpu(env));
2616     int trapnr, ret;
2617     target_siginfo_t info;
2618 
2619     while (1) {
2620         trapnr = cpu_mb_exec (env);
2621         switch (trapnr) {
2622         case 0xaa:
2623             {
2624                 info.si_signo = SIGSEGV;
2625                 info.si_errno = 0;
2626                 /* XXX: check env->error_code */
2627                 info.si_code = TARGET_SEGV_MAPERR;
2628                 info._sifields._sigfault._addr = 0;
2629                 queue_signal(env, info.si_signo, &info);
2630             }
2631             break;
2632 	case EXCP_INTERRUPT:
2633 	  /* just indicate that signals should be handled asap */
2634 	  break;
2635         case EXCP_BREAK:
2636             /* Return address is 4 bytes after the call.  */
2637             env->regs[14] += 4;
2638             env->sregs[SR_PC] = env->regs[14];
2639             ret = do_syscall(env,
2640                              env->regs[12],
2641                              env->regs[5],
2642                              env->regs[6],
2643                              env->regs[7],
2644                              env->regs[8],
2645                              env->regs[9],
2646                              env->regs[10],
2647                              0, 0);
2648             env->regs[3] = ret;
2649             break;
2650         case EXCP_HW_EXCP:
2651             env->regs[17] = env->sregs[SR_PC] + 4;
2652             if (env->iflags & D_FLAG) {
2653                 env->sregs[SR_ESR] |= 1 << 12;
2654                 env->sregs[SR_PC] -= 4;
2655                 /* FIXME: if branch was immed, replay the imm as well.  */
2656             }
2657 
2658             env->iflags &= ~(IMM_FLAG | D_FLAG);
2659 
2660             switch (env->sregs[SR_ESR] & 31) {
2661                 case ESR_EC_DIVZERO:
2662                     info.si_signo = SIGFPE;
2663                     info.si_errno = 0;
2664                     info.si_code = TARGET_FPE_FLTDIV;
2665                     info._sifields._sigfault._addr = 0;
2666                     queue_signal(env, info.si_signo, &info);
2667                     break;
2668                 case ESR_EC_FPU:
2669                     info.si_signo = SIGFPE;
2670                     info.si_errno = 0;
2671                     if (env->sregs[SR_FSR] & FSR_IO) {
2672                         info.si_code = TARGET_FPE_FLTINV;
2673                     }
2674                     if (env->sregs[SR_FSR] & FSR_DZ) {
2675                         info.si_code = TARGET_FPE_FLTDIV;
2676                     }
2677                     info._sifields._sigfault._addr = 0;
2678                     queue_signal(env, info.si_signo, &info);
2679                     break;
2680                 default:
2681                     printf ("Unhandled hw-exception: 0x%x\n",
2682                             env->sregs[SR_ESR] & ESR_EC_MASK);
2683                     cpu_dump_state(cs, stderr, fprintf, 0);
2684                     exit (1);
2685                     break;
2686             }
2687             break;
2688         case EXCP_DEBUG:
2689             {
2690                 int sig;
2691 
2692                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
2693                 if (sig)
2694                   {
2695                     info.si_signo = sig;
2696                     info.si_errno = 0;
2697                     info.si_code = TARGET_TRAP_BRKPT;
2698                     queue_signal(env, info.si_signo, &info);
2699                   }
2700             }
2701             break;
2702         default:
2703             printf ("Unhandled trap: 0x%x\n", trapnr);
2704             cpu_dump_state(cs, stderr, fprintf, 0);
2705             exit (1);
2706         }
2707         process_pending_signals (env);
2708     }
2709 }
2710 #endif
2711 
2712 #ifdef TARGET_M68K
2713 
2714 void cpu_loop(CPUM68KState *env)
2715 {
2716     CPUState *cs = CPU(m68k_env_get_cpu(env));
2717     int trapnr;
2718     unsigned int n;
2719     target_siginfo_t info;
2720     TaskState *ts = env->opaque;
2721 
2722     for(;;) {
2723         trapnr = cpu_m68k_exec(env);
2724         switch(trapnr) {
2725         case EXCP_ILLEGAL:
2726             {
2727                 if (ts->sim_syscalls) {
2728                     uint16_t nr;
2729                     nr = lduw(env->pc + 2);
2730                     env->pc += 4;
2731                     do_m68k_simcall(env, nr);
2732                 } else {
2733                     goto do_sigill;
2734                 }
2735             }
2736             break;
2737         case EXCP_HALT_INSN:
2738             /* Semihosing syscall.  */
2739             env->pc += 4;
2740             do_m68k_semihosting(env, env->dregs[0]);
2741             break;
2742         case EXCP_LINEA:
2743         case EXCP_LINEF:
2744         case EXCP_UNSUPPORTED:
2745         do_sigill:
2746             info.si_signo = SIGILL;
2747             info.si_errno = 0;
2748             info.si_code = TARGET_ILL_ILLOPN;
2749             info._sifields._sigfault._addr = env->pc;
2750             queue_signal(env, info.si_signo, &info);
2751             break;
2752         case EXCP_TRAP0:
2753             {
2754                 ts->sim_syscalls = 0;
2755                 n = env->dregs[0];
2756                 env->pc += 2;
2757                 env->dregs[0] = do_syscall(env,
2758                                           n,
2759                                           env->dregs[1],
2760                                           env->dregs[2],
2761                                           env->dregs[3],
2762                                           env->dregs[4],
2763                                           env->dregs[5],
2764                                           env->aregs[0],
2765                                           0, 0);
2766             }
2767             break;
2768         case EXCP_INTERRUPT:
2769             /* just indicate that signals should be handled asap */
2770             break;
2771         case EXCP_ACCESS:
2772             {
2773                 info.si_signo = SIGSEGV;
2774                 info.si_errno = 0;
2775                 /* XXX: check env->error_code */
2776                 info.si_code = TARGET_SEGV_MAPERR;
2777                 info._sifields._sigfault._addr = env->mmu.ar;
2778                 queue_signal(env, info.si_signo, &info);
2779             }
2780             break;
2781         case EXCP_DEBUG:
2782             {
2783                 int sig;
2784 
2785                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
2786                 if (sig)
2787                   {
2788                     info.si_signo = sig;
2789                     info.si_errno = 0;
2790                     info.si_code = TARGET_TRAP_BRKPT;
2791                     queue_signal(env, info.si_signo, &info);
2792                   }
2793             }
2794             break;
2795         default:
2796             fprintf(stderr, "qemu: unhandled CPU exception 0x%x - aborting\n",
2797                     trapnr);
2798             cpu_dump_state(cs, stderr, fprintf, 0);
2799             abort();
2800         }
2801         process_pending_signals(env);
2802     }
2803 }
2804 #endif /* TARGET_M68K */
2805 
2806 #ifdef TARGET_ALPHA
2807 static void do_store_exclusive(CPUAlphaState *env, int reg, int quad)
2808 {
2809     target_ulong addr, val, tmp;
2810     target_siginfo_t info;
2811     int ret = 0;
2812 
2813     addr = env->lock_addr;
2814     tmp = env->lock_st_addr;
2815     env->lock_addr = -1;
2816     env->lock_st_addr = 0;
2817 
2818     start_exclusive();
2819     mmap_lock();
2820 
2821     if (addr == tmp) {
2822         if (quad ? get_user_s64(val, addr) : get_user_s32(val, addr)) {
2823             goto do_sigsegv;
2824         }
2825 
2826         if (val == env->lock_value) {
2827             tmp = env->ir[reg];
2828             if (quad ? put_user_u64(tmp, addr) : put_user_u32(tmp, addr)) {
2829                 goto do_sigsegv;
2830             }
2831             ret = 1;
2832         }
2833     }
2834     env->ir[reg] = ret;
2835     env->pc += 4;
2836 
2837     mmap_unlock();
2838     end_exclusive();
2839     return;
2840 
2841  do_sigsegv:
2842     mmap_unlock();
2843     end_exclusive();
2844 
2845     info.si_signo = TARGET_SIGSEGV;
2846     info.si_errno = 0;
2847     info.si_code = TARGET_SEGV_MAPERR;
2848     info._sifields._sigfault._addr = addr;
2849     queue_signal(env, TARGET_SIGSEGV, &info);
2850 }
2851 
2852 void cpu_loop(CPUAlphaState *env)
2853 {
2854     CPUState *cs = CPU(alpha_env_get_cpu(env));
2855     int trapnr;
2856     target_siginfo_t info;
2857     abi_long sysret;
2858 
2859     while (1) {
2860         trapnr = cpu_alpha_exec (env);
2861 
2862         /* All of the traps imply a transition through PALcode, which
2863            implies an REI instruction has been executed.  Which means
2864            that the intr_flag should be cleared.  */
2865         env->intr_flag = 0;
2866 
2867         switch (trapnr) {
2868         case EXCP_RESET:
2869             fprintf(stderr, "Reset requested. Exit\n");
2870             exit(1);
2871             break;
2872         case EXCP_MCHK:
2873             fprintf(stderr, "Machine check exception. Exit\n");
2874             exit(1);
2875             break;
2876         case EXCP_SMP_INTERRUPT:
2877         case EXCP_CLK_INTERRUPT:
2878         case EXCP_DEV_INTERRUPT:
2879             fprintf(stderr, "External interrupt. Exit\n");
2880             exit(1);
2881             break;
2882         case EXCP_MMFAULT:
2883             env->lock_addr = -1;
2884             info.si_signo = TARGET_SIGSEGV;
2885             info.si_errno = 0;
2886             info.si_code = (page_get_flags(env->trap_arg0) & PAGE_VALID
2887                             ? TARGET_SEGV_ACCERR : TARGET_SEGV_MAPERR);
2888             info._sifields._sigfault._addr = env->trap_arg0;
2889             queue_signal(env, info.si_signo, &info);
2890             break;
2891         case EXCP_UNALIGN:
2892             env->lock_addr = -1;
2893             info.si_signo = TARGET_SIGBUS;
2894             info.si_errno = 0;
2895             info.si_code = TARGET_BUS_ADRALN;
2896             info._sifields._sigfault._addr = env->trap_arg0;
2897             queue_signal(env, info.si_signo, &info);
2898             break;
2899         case EXCP_OPCDEC:
2900         do_sigill:
2901             env->lock_addr = -1;
2902             info.si_signo = TARGET_SIGILL;
2903             info.si_errno = 0;
2904             info.si_code = TARGET_ILL_ILLOPC;
2905             info._sifields._sigfault._addr = env->pc;
2906             queue_signal(env, info.si_signo, &info);
2907             break;
2908         case EXCP_ARITH:
2909             env->lock_addr = -1;
2910             info.si_signo = TARGET_SIGFPE;
2911             info.si_errno = 0;
2912             info.si_code = TARGET_FPE_FLTINV;
2913             info._sifields._sigfault._addr = env->pc;
2914             queue_signal(env, info.si_signo, &info);
2915             break;
2916         case EXCP_FEN:
2917             /* No-op.  Linux simply re-enables the FPU.  */
2918             break;
2919         case EXCP_CALL_PAL:
2920             env->lock_addr = -1;
2921             switch (env->error_code) {
2922             case 0x80:
2923                 /* BPT */
2924                 info.si_signo = TARGET_SIGTRAP;
2925                 info.si_errno = 0;
2926                 info.si_code = TARGET_TRAP_BRKPT;
2927                 info._sifields._sigfault._addr = env->pc;
2928                 queue_signal(env, info.si_signo, &info);
2929                 break;
2930             case 0x81:
2931                 /* BUGCHK */
2932                 info.si_signo = TARGET_SIGTRAP;
2933                 info.si_errno = 0;
2934                 info.si_code = 0;
2935                 info._sifields._sigfault._addr = env->pc;
2936                 queue_signal(env, info.si_signo, &info);
2937                 break;
2938             case 0x83:
2939                 /* CALLSYS */
2940                 trapnr = env->ir[IR_V0];
2941                 sysret = do_syscall(env, trapnr,
2942                                     env->ir[IR_A0], env->ir[IR_A1],
2943                                     env->ir[IR_A2], env->ir[IR_A3],
2944                                     env->ir[IR_A4], env->ir[IR_A5],
2945                                     0, 0);
2946                 if (trapnr == TARGET_NR_sigreturn
2947                     || trapnr == TARGET_NR_rt_sigreturn) {
2948                     break;
2949                 }
2950                 /* Syscall writes 0 to V0 to bypass error check, similar
2951                    to how this is handled internal to Linux kernel.
2952                    (Ab)use trapnr temporarily as boolean indicating error.  */
2953                 trapnr = (env->ir[IR_V0] != 0 && sysret < 0);
2954                 env->ir[IR_V0] = (trapnr ? -sysret : sysret);
2955                 env->ir[IR_A3] = trapnr;
2956                 break;
2957             case 0x86:
2958                 /* IMB */
2959                 /* ??? We can probably elide the code using page_unprotect
2960                    that is checking for self-modifying code.  Instead we
2961                    could simply call tb_flush here.  Until we work out the
2962                    changes required to turn off the extra write protection,
2963                    this can be a no-op.  */
2964                 break;
2965             case 0x9E:
2966                 /* RDUNIQUE */
2967                 /* Handled in the translator for usermode.  */
2968                 abort();
2969             case 0x9F:
2970                 /* WRUNIQUE */
2971                 /* Handled in the translator for usermode.  */
2972                 abort();
2973             case 0xAA:
2974                 /* GENTRAP */
2975                 info.si_signo = TARGET_SIGFPE;
2976                 switch (env->ir[IR_A0]) {
2977                 case TARGET_GEN_INTOVF:
2978                     info.si_code = TARGET_FPE_INTOVF;
2979                     break;
2980                 case TARGET_GEN_INTDIV:
2981                     info.si_code = TARGET_FPE_INTDIV;
2982                     break;
2983                 case TARGET_GEN_FLTOVF:
2984                     info.si_code = TARGET_FPE_FLTOVF;
2985                     break;
2986                 case TARGET_GEN_FLTUND:
2987                     info.si_code = TARGET_FPE_FLTUND;
2988                     break;
2989                 case TARGET_GEN_FLTINV:
2990                     info.si_code = TARGET_FPE_FLTINV;
2991                     break;
2992                 case TARGET_GEN_FLTINE:
2993                     info.si_code = TARGET_FPE_FLTRES;
2994                     break;
2995                 case TARGET_GEN_ROPRAND:
2996                     info.si_code = 0;
2997                     break;
2998                 default:
2999                     info.si_signo = TARGET_SIGTRAP;
3000                     info.si_code = 0;
3001                     break;
3002                 }
3003                 info.si_errno = 0;
3004                 info._sifields._sigfault._addr = env->pc;
3005                 queue_signal(env, info.si_signo, &info);
3006                 break;
3007             default:
3008                 goto do_sigill;
3009             }
3010             break;
3011         case EXCP_DEBUG:
3012             info.si_signo = gdb_handlesig(cs, TARGET_SIGTRAP);
3013             if (info.si_signo) {
3014                 env->lock_addr = -1;
3015                 info.si_errno = 0;
3016                 info.si_code = TARGET_TRAP_BRKPT;
3017                 queue_signal(env, info.si_signo, &info);
3018             }
3019             break;
3020         case EXCP_STL_C:
3021         case EXCP_STQ_C:
3022             do_store_exclusive(env, env->error_code, trapnr - EXCP_STL_C);
3023             break;
3024         case EXCP_INTERRUPT:
3025             /* Just indicate that signals should be handled asap.  */
3026             break;
3027         default:
3028             printf ("Unhandled trap: 0x%x\n", trapnr);
3029             cpu_dump_state(cs, stderr, fprintf, 0);
3030             exit (1);
3031         }
3032         process_pending_signals (env);
3033     }
3034 }
3035 #endif /* TARGET_ALPHA */
3036 
3037 #ifdef TARGET_S390X
3038 void cpu_loop(CPUS390XState *env)
3039 {
3040     CPUState *cs = CPU(s390_env_get_cpu(env));
3041     int trapnr, n, sig;
3042     target_siginfo_t info;
3043     target_ulong addr;
3044 
3045     while (1) {
3046         trapnr = cpu_s390x_exec(env);
3047         switch (trapnr) {
3048         case EXCP_INTERRUPT:
3049             /* Just indicate that signals should be handled asap.  */
3050             break;
3051 
3052         case EXCP_SVC:
3053             n = env->int_svc_code;
3054             if (!n) {
3055                 /* syscalls > 255 */
3056                 n = env->regs[1];
3057             }
3058             env->psw.addr += env->int_svc_ilen;
3059             env->regs[2] = do_syscall(env, n, env->regs[2], env->regs[3],
3060                                       env->regs[4], env->regs[5],
3061                                       env->regs[6], env->regs[7], 0, 0);
3062             break;
3063 
3064         case EXCP_DEBUG:
3065             sig = gdb_handlesig(cs, TARGET_SIGTRAP);
3066             if (sig) {
3067                 n = TARGET_TRAP_BRKPT;
3068                 goto do_signal_pc;
3069             }
3070             break;
3071         case EXCP_PGM:
3072             n = env->int_pgm_code;
3073             switch (n) {
3074             case PGM_OPERATION:
3075             case PGM_PRIVILEGED:
3076                 sig = SIGILL;
3077                 n = TARGET_ILL_ILLOPC;
3078                 goto do_signal_pc;
3079             case PGM_PROTECTION:
3080             case PGM_ADDRESSING:
3081                 sig = SIGSEGV;
3082                 /* XXX: check env->error_code */
3083                 n = TARGET_SEGV_MAPERR;
3084                 addr = env->__excp_addr;
3085                 goto do_signal;
3086             case PGM_EXECUTE:
3087             case PGM_SPECIFICATION:
3088             case PGM_SPECIAL_OP:
3089             case PGM_OPERAND:
3090             do_sigill_opn:
3091                 sig = SIGILL;
3092                 n = TARGET_ILL_ILLOPN;
3093                 goto do_signal_pc;
3094 
3095             case PGM_FIXPT_OVERFLOW:
3096                 sig = SIGFPE;
3097                 n = TARGET_FPE_INTOVF;
3098                 goto do_signal_pc;
3099             case PGM_FIXPT_DIVIDE:
3100                 sig = SIGFPE;
3101                 n = TARGET_FPE_INTDIV;
3102                 goto do_signal_pc;
3103 
3104             case PGM_DATA:
3105                 n = (env->fpc >> 8) & 0xff;
3106                 if (n == 0xff) {
3107                     /* compare-and-trap */
3108                     goto do_sigill_opn;
3109                 } else {
3110                     /* An IEEE exception, simulated or otherwise.  */
3111                     if (n & 0x80) {
3112                         n = TARGET_FPE_FLTINV;
3113                     } else if (n & 0x40) {
3114                         n = TARGET_FPE_FLTDIV;
3115                     } else if (n & 0x20) {
3116                         n = TARGET_FPE_FLTOVF;
3117                     } else if (n & 0x10) {
3118                         n = TARGET_FPE_FLTUND;
3119                     } else if (n & 0x08) {
3120                         n = TARGET_FPE_FLTRES;
3121                     } else {
3122                         /* ??? Quantum exception; BFP, DFP error.  */
3123                         goto do_sigill_opn;
3124                     }
3125                     sig = SIGFPE;
3126                     goto do_signal_pc;
3127                 }
3128 
3129             default:
3130                 fprintf(stderr, "Unhandled program exception: %#x\n", n);
3131                 cpu_dump_state(cs, stderr, fprintf, 0);
3132                 exit(1);
3133             }
3134             break;
3135 
3136         do_signal_pc:
3137             addr = env->psw.addr;
3138         do_signal:
3139             info.si_signo = sig;
3140             info.si_errno = 0;
3141             info.si_code = n;
3142             info._sifields._sigfault._addr = addr;
3143             queue_signal(env, info.si_signo, &info);
3144             break;
3145 
3146         default:
3147             fprintf(stderr, "Unhandled trap: 0x%x\n", trapnr);
3148             cpu_dump_state(cs, stderr, fprintf, 0);
3149             exit(1);
3150         }
3151         process_pending_signals (env);
3152     }
3153 }
3154 
3155 #endif /* TARGET_S390X */
3156 
3157 THREAD CPUState *thread_cpu;
3158 
3159 void task_settid(TaskState *ts)
3160 {
3161     if (ts->ts_tid == 0) {
3162         ts->ts_tid = (pid_t)syscall(SYS_gettid);
3163     }
3164 }
3165 
3166 void stop_all_tasks(void)
3167 {
3168     /*
3169      * We trust that when using NPTL, start_exclusive()
3170      * handles thread stopping correctly.
3171      */
3172     start_exclusive();
3173 }
3174 
3175 /* Assumes contents are already zeroed.  */
3176 void init_task_state(TaskState *ts)
3177 {
3178     int i;
3179 
3180     ts->used = 1;
3181     ts->first_free = ts->sigqueue_table;
3182     for (i = 0; i < MAX_SIGQUEUE_SIZE - 1; i++) {
3183         ts->sigqueue_table[i].next = &ts->sigqueue_table[i + 1];
3184     }
3185     ts->sigqueue_table[i].next = NULL;
3186 }
3187 
3188 static void handle_arg_help(const char *arg)
3189 {
3190     usage();
3191 }
3192 
3193 static void handle_arg_log(const char *arg)
3194 {
3195     int mask;
3196 
3197     mask = qemu_str_to_log_mask(arg);
3198     if (!mask) {
3199         qemu_print_log_usage(stdout);
3200         exit(1);
3201     }
3202     qemu_set_log(mask);
3203 }
3204 
3205 static void handle_arg_log_filename(const char *arg)
3206 {
3207     qemu_set_log_filename(arg);
3208 }
3209 
3210 static void handle_arg_set_env(const char *arg)
3211 {
3212     char *r, *p, *token;
3213     r = p = strdup(arg);
3214     while ((token = strsep(&p, ",")) != NULL) {
3215         if (envlist_setenv(envlist, token) != 0) {
3216             usage();
3217         }
3218     }
3219     free(r);
3220 }
3221 
3222 static void handle_arg_unset_env(const char *arg)
3223 {
3224     char *r, *p, *token;
3225     r = p = strdup(arg);
3226     while ((token = strsep(&p, ",")) != NULL) {
3227         if (envlist_unsetenv(envlist, token) != 0) {
3228             usage();
3229         }
3230     }
3231     free(r);
3232 }
3233 
3234 static void handle_arg_argv0(const char *arg)
3235 {
3236     argv0 = strdup(arg);
3237 }
3238 
3239 static void handle_arg_stack_size(const char *arg)
3240 {
3241     char *p;
3242     guest_stack_size = strtoul(arg, &p, 0);
3243     if (guest_stack_size == 0) {
3244         usage();
3245     }
3246 
3247     if (*p == 'M') {
3248         guest_stack_size *= 1024 * 1024;
3249     } else if (*p == 'k' || *p == 'K') {
3250         guest_stack_size *= 1024;
3251     }
3252 }
3253 
3254 static void handle_arg_ld_prefix(const char *arg)
3255 {
3256     interp_prefix = strdup(arg);
3257 }
3258 
3259 static void handle_arg_pagesize(const char *arg)
3260 {
3261     qemu_host_page_size = atoi(arg);
3262     if (qemu_host_page_size == 0 ||
3263         (qemu_host_page_size & (qemu_host_page_size - 1)) != 0) {
3264         fprintf(stderr, "page size must be a power of two\n");
3265         exit(1);
3266     }
3267 }
3268 
3269 static void handle_arg_gdb(const char *arg)
3270 {
3271     gdbstub_port = atoi(arg);
3272 }
3273 
3274 static void handle_arg_uname(const char *arg)
3275 {
3276     qemu_uname_release = strdup(arg);
3277 }
3278 
3279 static void handle_arg_cpu(const char *arg)
3280 {
3281     cpu_model = strdup(arg);
3282     if (cpu_model == NULL || is_help_option(cpu_model)) {
3283         /* XXX: implement xxx_cpu_list for targets that still miss it */
3284 #if defined(cpu_list)
3285         cpu_list(stdout, &fprintf);
3286 #endif
3287         exit(1);
3288     }
3289 }
3290 
3291 #if defined(CONFIG_USE_GUEST_BASE)
3292 static void handle_arg_guest_base(const char *arg)
3293 {
3294     guest_base = strtol(arg, NULL, 0);
3295     have_guest_base = 1;
3296 }
3297 
3298 static void handle_arg_reserved_va(const char *arg)
3299 {
3300     char *p;
3301     int shift = 0;
3302     reserved_va = strtoul(arg, &p, 0);
3303     switch (*p) {
3304     case 'k':
3305     case 'K':
3306         shift = 10;
3307         break;
3308     case 'M':
3309         shift = 20;
3310         break;
3311     case 'G':
3312         shift = 30;
3313         break;
3314     }
3315     if (shift) {
3316         unsigned long unshifted = reserved_va;
3317         p++;
3318         reserved_va <<= shift;
3319         if (((reserved_va >> shift) != unshifted)
3320 #if HOST_LONG_BITS > TARGET_VIRT_ADDR_SPACE_BITS
3321             || (reserved_va > (1ul << TARGET_VIRT_ADDR_SPACE_BITS))
3322 #endif
3323             ) {
3324             fprintf(stderr, "Reserved virtual address too big\n");
3325             exit(1);
3326         }
3327     }
3328     if (*p) {
3329         fprintf(stderr, "Unrecognised -R size suffix '%s'\n", p);
3330         exit(1);
3331     }
3332 }
3333 #endif
3334 
3335 static void handle_arg_singlestep(const char *arg)
3336 {
3337     singlestep = 1;
3338 }
3339 
3340 static void handle_arg_strace(const char *arg)
3341 {
3342     do_strace = 1;
3343 }
3344 
3345 static void handle_arg_version(const char *arg)
3346 {
3347     printf("qemu-" TARGET_NAME " version " QEMU_VERSION QEMU_PKGVERSION
3348            ", Copyright (c) 2003-2008 Fabrice Bellard\n");
3349     exit(0);
3350 }
3351 
3352 struct qemu_argument {
3353     const char *argv;
3354     const char *env;
3355     bool has_arg;
3356     void (*handle_opt)(const char *arg);
3357     const char *example;
3358     const char *help;
3359 };
3360 
3361 static const struct qemu_argument arg_table[] = {
3362     {"h",          "",                 false, handle_arg_help,
3363      "",           "print this help"},
3364     {"g",          "QEMU_GDB",         true,  handle_arg_gdb,
3365      "port",       "wait gdb connection to 'port'"},
3366     {"L",          "QEMU_LD_PREFIX",   true,  handle_arg_ld_prefix,
3367      "path",       "set the elf interpreter prefix to 'path'"},
3368     {"s",          "QEMU_STACK_SIZE",  true,  handle_arg_stack_size,
3369      "size",       "set the stack size to 'size' bytes"},
3370     {"cpu",        "QEMU_CPU",         true,  handle_arg_cpu,
3371      "model",      "select CPU (-cpu help for list)"},
3372     {"E",          "QEMU_SET_ENV",     true,  handle_arg_set_env,
3373      "var=value",  "sets targets environment variable (see below)"},
3374     {"U",          "QEMU_UNSET_ENV",   true,  handle_arg_unset_env,
3375      "var",        "unsets targets environment variable (see below)"},
3376     {"0",          "QEMU_ARGV0",       true,  handle_arg_argv0,
3377      "argv0",      "forces target process argv[0] to be 'argv0'"},
3378     {"r",          "QEMU_UNAME",       true,  handle_arg_uname,
3379      "uname",      "set qemu uname release string to 'uname'"},
3380 #if defined(CONFIG_USE_GUEST_BASE)
3381     {"B",          "QEMU_GUEST_BASE",  true,  handle_arg_guest_base,
3382      "address",    "set guest_base address to 'address'"},
3383     {"R",          "QEMU_RESERVED_VA", true,  handle_arg_reserved_va,
3384      "size",       "reserve 'size' bytes for guest virtual address space"},
3385 #endif
3386     {"d",          "QEMU_LOG",         true,  handle_arg_log,
3387      "item[,...]", "enable logging of specified items "
3388      "(use '-d help' for a list of items)"},
3389     {"D",          "QEMU_LOG_FILENAME", true, handle_arg_log_filename,
3390      "logfile",     "write logs to 'logfile' (default stderr)"},
3391     {"p",          "QEMU_PAGESIZE",    true,  handle_arg_pagesize,
3392      "pagesize",   "set the host page size to 'pagesize'"},
3393     {"singlestep", "QEMU_SINGLESTEP",  false, handle_arg_singlestep,
3394      "",           "run in singlestep mode"},
3395     {"strace",     "QEMU_STRACE",      false, handle_arg_strace,
3396      "",           "log system calls"},
3397     {"version",    "QEMU_VERSION",     false, handle_arg_version,
3398      "",           "display version information and exit"},
3399     {NULL, NULL, false, NULL, NULL, NULL}
3400 };
3401 
3402 static void usage(void)
3403 {
3404     const struct qemu_argument *arginfo;
3405     int maxarglen;
3406     int maxenvlen;
3407 
3408     printf("usage: qemu-" TARGET_NAME " [options] program [arguments...]\n"
3409            "Linux CPU emulator (compiled for " TARGET_NAME " emulation)\n"
3410            "\n"
3411            "Options and associated environment variables:\n"
3412            "\n");
3413 
3414     /* Calculate column widths. We must always have at least enough space
3415      * for the column header.
3416      */
3417     maxarglen = strlen("Argument");
3418     maxenvlen = strlen("Env-variable");
3419 
3420     for (arginfo = arg_table; arginfo->handle_opt != NULL; arginfo++) {
3421         int arglen = strlen(arginfo->argv);
3422         if (arginfo->has_arg) {
3423             arglen += strlen(arginfo->example) + 1;
3424         }
3425         if (strlen(arginfo->env) > maxenvlen) {
3426             maxenvlen = strlen(arginfo->env);
3427         }
3428         if (arglen > maxarglen) {
3429             maxarglen = arglen;
3430         }
3431     }
3432 
3433     printf("%-*s %-*s Description\n", maxarglen+1, "Argument",
3434             maxenvlen, "Env-variable");
3435 
3436     for (arginfo = arg_table; arginfo->handle_opt != NULL; arginfo++) {
3437         if (arginfo->has_arg) {
3438             printf("-%s %-*s %-*s %s\n", arginfo->argv,
3439                    (int)(maxarglen - strlen(arginfo->argv) - 1),
3440                    arginfo->example, maxenvlen, arginfo->env, arginfo->help);
3441         } else {
3442             printf("-%-*s %-*s %s\n", maxarglen, arginfo->argv,
3443                     maxenvlen, arginfo->env,
3444                     arginfo->help);
3445         }
3446     }
3447 
3448     printf("\n"
3449            "Defaults:\n"
3450            "QEMU_LD_PREFIX  = %s\n"
3451            "QEMU_STACK_SIZE = %ld byte\n",
3452            interp_prefix,
3453            guest_stack_size);
3454 
3455     printf("\n"
3456            "You can use -E and -U options or the QEMU_SET_ENV and\n"
3457            "QEMU_UNSET_ENV environment variables to set and unset\n"
3458            "environment variables for the target process.\n"
3459            "It is possible to provide several variables by separating them\n"
3460            "by commas in getsubopt(3) style. Additionally it is possible to\n"
3461            "provide the -E and -U options multiple times.\n"
3462            "The following lines are equivalent:\n"
3463            "    -E var1=val2 -E var2=val2 -U LD_PRELOAD -U LD_DEBUG\n"
3464            "    -E var1=val2,var2=val2 -U LD_PRELOAD,LD_DEBUG\n"
3465            "    QEMU_SET_ENV=var1=val2,var2=val2 QEMU_UNSET_ENV=LD_PRELOAD,LD_DEBUG\n"
3466            "Note that if you provide several changes to a single variable\n"
3467            "the last change will stay in effect.\n");
3468 
3469     exit(1);
3470 }
3471 
3472 static int parse_args(int argc, char **argv)
3473 {
3474     const char *r;
3475     int optind;
3476     const struct qemu_argument *arginfo;
3477 
3478     for (arginfo = arg_table; arginfo->handle_opt != NULL; arginfo++) {
3479         if (arginfo->env == NULL) {
3480             continue;
3481         }
3482 
3483         r = getenv(arginfo->env);
3484         if (r != NULL) {
3485             arginfo->handle_opt(r);
3486         }
3487     }
3488 
3489     optind = 1;
3490     for (;;) {
3491         if (optind >= argc) {
3492             break;
3493         }
3494         r = argv[optind];
3495         if (r[0] != '-') {
3496             break;
3497         }
3498         optind++;
3499         r++;
3500         if (!strcmp(r, "-")) {
3501             break;
3502         }
3503 
3504         for (arginfo = arg_table; arginfo->handle_opt != NULL; arginfo++) {
3505             if (!strcmp(r, arginfo->argv)) {
3506                 if (arginfo->has_arg) {
3507                     if (optind >= argc) {
3508                         usage();
3509                     }
3510                     arginfo->handle_opt(argv[optind]);
3511                     optind++;
3512                 } else {
3513                     arginfo->handle_opt(NULL);
3514                 }
3515                 break;
3516             }
3517         }
3518 
3519         /* no option matched the current argv */
3520         if (arginfo->handle_opt == NULL) {
3521             usage();
3522         }
3523     }
3524 
3525     if (optind >= argc) {
3526         usage();
3527     }
3528 
3529     filename = argv[optind];
3530     exec_path = argv[optind];
3531 
3532     return optind;
3533 }
3534 
3535 int main(int argc, char **argv, char **envp)
3536 {
3537     struct target_pt_regs regs1, *regs = &regs1;
3538     struct image_info info1, *info = &info1;
3539     struct linux_binprm bprm;
3540     TaskState *ts;
3541     CPUArchState *env;
3542     CPUState *cpu;
3543     int optind;
3544     char **target_environ, **wrk;
3545     char **target_argv;
3546     int target_argc;
3547     int i;
3548     int ret;
3549 
3550     module_call_init(MODULE_INIT_QOM);
3551 
3552     qemu_cache_utils_init(envp);
3553 
3554     if ((envlist = envlist_create()) == NULL) {
3555         (void) fprintf(stderr, "Unable to allocate envlist\n");
3556         exit(1);
3557     }
3558 
3559     /* add current environment into the list */
3560     for (wrk = environ; *wrk != NULL; wrk++) {
3561         (void) envlist_setenv(envlist, *wrk);
3562     }
3563 
3564     /* Read the stack limit from the kernel.  If it's "unlimited",
3565        then we can do little else besides use the default.  */
3566     {
3567         struct rlimit lim;
3568         if (getrlimit(RLIMIT_STACK, &lim) == 0
3569             && lim.rlim_cur != RLIM_INFINITY
3570             && lim.rlim_cur == (target_long)lim.rlim_cur) {
3571             guest_stack_size = lim.rlim_cur;
3572         }
3573     }
3574 
3575     cpu_model = NULL;
3576 #if defined(cpudef_setup)
3577     cpudef_setup(); /* parse cpu definitions in target config file (TBD) */
3578 #endif
3579 
3580     optind = parse_args(argc, argv);
3581 
3582     /* Zero out regs */
3583     memset(regs, 0, sizeof(struct target_pt_regs));
3584 
3585     /* Zero out image_info */
3586     memset(info, 0, sizeof(struct image_info));
3587 
3588     memset(&bprm, 0, sizeof (bprm));
3589 
3590     /* Scan interp_prefix dir for replacement files. */
3591     init_paths(interp_prefix);
3592 
3593     if (cpu_model == NULL) {
3594 #if defined(TARGET_I386)
3595 #ifdef TARGET_X86_64
3596         cpu_model = "qemu64";
3597 #else
3598         cpu_model = "qemu32";
3599 #endif
3600 #elif defined(TARGET_ARM)
3601         cpu_model = "any";
3602 #elif defined(TARGET_UNICORE32)
3603         cpu_model = "any";
3604 #elif defined(TARGET_M68K)
3605         cpu_model = "any";
3606 #elif defined(TARGET_SPARC)
3607 #ifdef TARGET_SPARC64
3608         cpu_model = "TI UltraSparc II";
3609 #else
3610         cpu_model = "Fujitsu MB86904";
3611 #endif
3612 #elif defined(TARGET_MIPS)
3613 #if defined(TARGET_ABI_MIPSN32) || defined(TARGET_ABI_MIPSN64)
3614         cpu_model = "20Kc";
3615 #else
3616         cpu_model = "24Kf";
3617 #endif
3618 #elif defined TARGET_OPENRISC
3619         cpu_model = "or1200";
3620 #elif defined(TARGET_PPC)
3621 #ifdef TARGET_PPC64
3622         cpu_model = "970fx";
3623 #else
3624         cpu_model = "750";
3625 #endif
3626 #else
3627         cpu_model = "any";
3628 #endif
3629     }
3630     tcg_exec_init(0);
3631     cpu_exec_init_all();
3632     /* NOTE: we need to init the CPU at this stage to get
3633        qemu_host_page_size */
3634     env = cpu_init(cpu_model);
3635     if (!env) {
3636         fprintf(stderr, "Unable to find CPU definition\n");
3637         exit(1);
3638     }
3639     cpu = ENV_GET_CPU(env);
3640     cpu_reset(cpu);
3641 
3642     thread_cpu = cpu;
3643 
3644     if (getenv("QEMU_STRACE")) {
3645         do_strace = 1;
3646     }
3647 
3648     target_environ = envlist_to_environ(envlist, NULL);
3649     envlist_free(envlist);
3650 
3651 #if defined(CONFIG_USE_GUEST_BASE)
3652     /*
3653      * Now that page sizes are configured in cpu_init() we can do
3654      * proper page alignment for guest_base.
3655      */
3656     guest_base = HOST_PAGE_ALIGN(guest_base);
3657 
3658     if (reserved_va || have_guest_base) {
3659         guest_base = init_guest_space(guest_base, reserved_va, 0,
3660                                       have_guest_base);
3661         if (guest_base == (unsigned long)-1) {
3662             fprintf(stderr, "Unable to reserve 0x%lx bytes of virtual address "
3663                     "space for use as guest address space (check your virtual "
3664                     "memory ulimit setting or reserve less using -R option)\n",
3665                     reserved_va);
3666             exit(1);
3667         }
3668 
3669         if (reserved_va) {
3670             mmap_next_start = reserved_va;
3671         }
3672     }
3673 #endif /* CONFIG_USE_GUEST_BASE */
3674 
3675     /*
3676      * Read in mmap_min_addr kernel parameter.  This value is used
3677      * When loading the ELF image to determine whether guest_base
3678      * is needed.  It is also used in mmap_find_vma.
3679      */
3680     {
3681         FILE *fp;
3682 
3683         if ((fp = fopen("/proc/sys/vm/mmap_min_addr", "r")) != NULL) {
3684             unsigned long tmp;
3685             if (fscanf(fp, "%lu", &tmp) == 1) {
3686                 mmap_min_addr = tmp;
3687                 qemu_log("host mmap_min_addr=0x%lx\n", mmap_min_addr);
3688             }
3689             fclose(fp);
3690         }
3691     }
3692 
3693     /*
3694      * Prepare copy of argv vector for target.
3695      */
3696     target_argc = argc - optind;
3697     target_argv = calloc(target_argc + 1, sizeof (char *));
3698     if (target_argv == NULL) {
3699 	(void) fprintf(stderr, "Unable to allocate memory for target_argv\n");
3700 	exit(1);
3701     }
3702 
3703     /*
3704      * If argv0 is specified (using '-0' switch) we replace
3705      * argv[0] pointer with the given one.
3706      */
3707     i = 0;
3708     if (argv0 != NULL) {
3709         target_argv[i++] = strdup(argv0);
3710     }
3711     for (; i < target_argc; i++) {
3712         target_argv[i] = strdup(argv[optind + i]);
3713     }
3714     target_argv[target_argc] = NULL;
3715 
3716     ts = g_malloc0 (sizeof(TaskState));
3717     init_task_state(ts);
3718     /* build Task State */
3719     ts->info = info;
3720     ts->bprm = &bprm;
3721     env->opaque = ts;
3722     task_settid(ts);
3723 
3724     ret = loader_exec(filename, target_argv, target_environ, regs,
3725         info, &bprm);
3726     if (ret != 0) {
3727         printf("Error while loading %s: %s\n", filename, strerror(-ret));
3728         _exit(1);
3729     }
3730 
3731     for (wrk = target_environ; *wrk; wrk++) {
3732         free(*wrk);
3733     }
3734 
3735     free(target_environ);
3736 
3737     if (qemu_log_enabled()) {
3738 #if defined(CONFIG_USE_GUEST_BASE)
3739         qemu_log("guest_base  0x%lx\n", guest_base);
3740 #endif
3741         log_page_dump();
3742 
3743         qemu_log("start_brk   0x" TARGET_ABI_FMT_lx "\n", info->start_brk);
3744         qemu_log("end_code    0x" TARGET_ABI_FMT_lx "\n", info->end_code);
3745         qemu_log("start_code  0x" TARGET_ABI_FMT_lx "\n",
3746                  info->start_code);
3747         qemu_log("start_data  0x" TARGET_ABI_FMT_lx "\n",
3748                  info->start_data);
3749         qemu_log("end_data    0x" TARGET_ABI_FMT_lx "\n", info->end_data);
3750         qemu_log("start_stack 0x" TARGET_ABI_FMT_lx "\n",
3751                  info->start_stack);
3752         qemu_log("brk         0x" TARGET_ABI_FMT_lx "\n", info->brk);
3753         qemu_log("entry       0x" TARGET_ABI_FMT_lx "\n", info->entry);
3754     }
3755 
3756     target_set_brk(info->brk);
3757     syscall_init();
3758     signal_init();
3759 
3760 #if defined(CONFIG_USE_GUEST_BASE)
3761     /* Now that we've loaded the binary, GUEST_BASE is fixed.  Delay
3762        generating the prologue until now so that the prologue can take
3763        the real value of GUEST_BASE into account.  */
3764     tcg_prologue_init(&tcg_ctx);
3765 #endif
3766 
3767 #if defined(TARGET_I386)
3768     cpu_x86_set_cpl(env, 3);
3769 
3770     env->cr[0] = CR0_PG_MASK | CR0_WP_MASK | CR0_PE_MASK;
3771     env->hflags |= HF_PE_MASK;
3772     if (env->features[FEAT_1_EDX] & CPUID_SSE) {
3773         env->cr[4] |= CR4_OSFXSR_MASK;
3774         env->hflags |= HF_OSFXSR_MASK;
3775     }
3776 #ifndef TARGET_ABI32
3777     /* enable 64 bit mode if possible */
3778     if (!(env->features[FEAT_8000_0001_EDX] & CPUID_EXT2_LM)) {
3779         fprintf(stderr, "The selected x86 CPU does not support 64 bit mode\n");
3780         exit(1);
3781     }
3782     env->cr[4] |= CR4_PAE_MASK;
3783     env->efer |= MSR_EFER_LMA | MSR_EFER_LME;
3784     env->hflags |= HF_LMA_MASK;
3785 #endif
3786 
3787     /* flags setup : we activate the IRQs by default as in user mode */
3788     env->eflags |= IF_MASK;
3789 
3790     /* linux register setup */
3791 #ifndef TARGET_ABI32
3792     env->regs[R_EAX] = regs->rax;
3793     env->regs[R_EBX] = regs->rbx;
3794     env->regs[R_ECX] = regs->rcx;
3795     env->regs[R_EDX] = regs->rdx;
3796     env->regs[R_ESI] = regs->rsi;
3797     env->regs[R_EDI] = regs->rdi;
3798     env->regs[R_EBP] = regs->rbp;
3799     env->regs[R_ESP] = regs->rsp;
3800     env->eip = regs->rip;
3801 #else
3802     env->regs[R_EAX] = regs->eax;
3803     env->regs[R_EBX] = regs->ebx;
3804     env->regs[R_ECX] = regs->ecx;
3805     env->regs[R_EDX] = regs->edx;
3806     env->regs[R_ESI] = regs->esi;
3807     env->regs[R_EDI] = regs->edi;
3808     env->regs[R_EBP] = regs->ebp;
3809     env->regs[R_ESP] = regs->esp;
3810     env->eip = regs->eip;
3811 #endif
3812 
3813     /* linux interrupt setup */
3814 #ifndef TARGET_ABI32
3815     env->idt.limit = 511;
3816 #else
3817     env->idt.limit = 255;
3818 #endif
3819     env->idt.base = target_mmap(0, sizeof(uint64_t) * (env->idt.limit + 1),
3820                                 PROT_READ|PROT_WRITE,
3821                                 MAP_ANONYMOUS|MAP_PRIVATE, -1, 0);
3822     idt_table = g2h(env->idt.base);
3823     set_idt(0, 0);
3824     set_idt(1, 0);
3825     set_idt(2, 0);
3826     set_idt(3, 3);
3827     set_idt(4, 3);
3828     set_idt(5, 0);
3829     set_idt(6, 0);
3830     set_idt(7, 0);
3831     set_idt(8, 0);
3832     set_idt(9, 0);
3833     set_idt(10, 0);
3834     set_idt(11, 0);
3835     set_idt(12, 0);
3836     set_idt(13, 0);
3837     set_idt(14, 0);
3838     set_idt(15, 0);
3839     set_idt(16, 0);
3840     set_idt(17, 0);
3841     set_idt(18, 0);
3842     set_idt(19, 0);
3843     set_idt(0x80, 3);
3844 
3845     /* linux segment setup */
3846     {
3847         uint64_t *gdt_table;
3848         env->gdt.base = target_mmap(0, sizeof(uint64_t) * TARGET_GDT_ENTRIES,
3849                                     PROT_READ|PROT_WRITE,
3850                                     MAP_ANONYMOUS|MAP_PRIVATE, -1, 0);
3851         env->gdt.limit = sizeof(uint64_t) * TARGET_GDT_ENTRIES - 1;
3852         gdt_table = g2h(env->gdt.base);
3853 #ifdef TARGET_ABI32
3854         write_dt(&gdt_table[__USER_CS >> 3], 0, 0xfffff,
3855                  DESC_G_MASK | DESC_B_MASK | DESC_P_MASK | DESC_S_MASK |
3856                  (3 << DESC_DPL_SHIFT) | (0xa << DESC_TYPE_SHIFT));
3857 #else
3858         /* 64 bit code segment */
3859         write_dt(&gdt_table[__USER_CS >> 3], 0, 0xfffff,
3860                  DESC_G_MASK | DESC_B_MASK | DESC_P_MASK | DESC_S_MASK |
3861                  DESC_L_MASK |
3862                  (3 << DESC_DPL_SHIFT) | (0xa << DESC_TYPE_SHIFT));
3863 #endif
3864         write_dt(&gdt_table[__USER_DS >> 3], 0, 0xfffff,
3865                  DESC_G_MASK | DESC_B_MASK | DESC_P_MASK | DESC_S_MASK |
3866                  (3 << DESC_DPL_SHIFT) | (0x2 << DESC_TYPE_SHIFT));
3867     }
3868     cpu_x86_load_seg(env, R_CS, __USER_CS);
3869     cpu_x86_load_seg(env, R_SS, __USER_DS);
3870 #ifdef TARGET_ABI32
3871     cpu_x86_load_seg(env, R_DS, __USER_DS);
3872     cpu_x86_load_seg(env, R_ES, __USER_DS);
3873     cpu_x86_load_seg(env, R_FS, __USER_DS);
3874     cpu_x86_load_seg(env, R_GS, __USER_DS);
3875     /* This hack makes Wine work... */
3876     env->segs[R_FS].selector = 0;
3877 #else
3878     cpu_x86_load_seg(env, R_DS, 0);
3879     cpu_x86_load_seg(env, R_ES, 0);
3880     cpu_x86_load_seg(env, R_FS, 0);
3881     cpu_x86_load_seg(env, R_GS, 0);
3882 #endif
3883 #elif defined(TARGET_ARM)
3884     {
3885         int i;
3886         cpsr_write(env, regs->uregs[16], 0xffffffff);
3887         for(i = 0; i < 16; i++) {
3888             env->regs[i] = regs->uregs[i];
3889         }
3890         /* Enable BE8.  */
3891         if (EF_ARM_EABI_VERSION(info->elf_flags) >= EF_ARM_EABI_VER4
3892             && (info->elf_flags & EF_ARM_BE8)) {
3893             env->bswap_code = 1;
3894         }
3895     }
3896 #elif defined(TARGET_UNICORE32)
3897     {
3898         int i;
3899         cpu_asr_write(env, regs->uregs[32], 0xffffffff);
3900         for (i = 0; i < 32; i++) {
3901             env->regs[i] = regs->uregs[i];
3902         }
3903     }
3904 #elif defined(TARGET_SPARC)
3905     {
3906         int i;
3907 	env->pc = regs->pc;
3908 	env->npc = regs->npc;
3909         env->y = regs->y;
3910         for(i = 0; i < 8; i++)
3911             env->gregs[i] = regs->u_regs[i];
3912         for(i = 0; i < 8; i++)
3913             env->regwptr[i] = regs->u_regs[i + 8];
3914     }
3915 #elif defined(TARGET_PPC)
3916     {
3917         int i;
3918 
3919 #if defined(TARGET_PPC64)
3920 #if defined(TARGET_ABI32)
3921         env->msr &= ~((target_ulong)1 << MSR_SF);
3922 #else
3923         env->msr |= (target_ulong)1 << MSR_SF;
3924 #endif
3925 #endif
3926         env->nip = regs->nip;
3927         for(i = 0; i < 32; i++) {
3928             env->gpr[i] = regs->gpr[i];
3929         }
3930     }
3931 #elif defined(TARGET_M68K)
3932     {
3933         env->pc = regs->pc;
3934         env->dregs[0] = regs->d0;
3935         env->dregs[1] = regs->d1;
3936         env->dregs[2] = regs->d2;
3937         env->dregs[3] = regs->d3;
3938         env->dregs[4] = regs->d4;
3939         env->dregs[5] = regs->d5;
3940         env->dregs[6] = regs->d6;
3941         env->dregs[7] = regs->d7;
3942         env->aregs[0] = regs->a0;
3943         env->aregs[1] = regs->a1;
3944         env->aregs[2] = regs->a2;
3945         env->aregs[3] = regs->a3;
3946         env->aregs[4] = regs->a4;
3947         env->aregs[5] = regs->a5;
3948         env->aregs[6] = regs->a6;
3949         env->aregs[7] = regs->usp;
3950         env->sr = regs->sr;
3951         ts->sim_syscalls = 1;
3952     }
3953 #elif defined(TARGET_MICROBLAZE)
3954     {
3955         env->regs[0] = regs->r0;
3956         env->regs[1] = regs->r1;
3957         env->regs[2] = regs->r2;
3958         env->regs[3] = regs->r3;
3959         env->regs[4] = regs->r4;
3960         env->regs[5] = regs->r5;
3961         env->regs[6] = regs->r6;
3962         env->regs[7] = regs->r7;
3963         env->regs[8] = regs->r8;
3964         env->regs[9] = regs->r9;
3965         env->regs[10] = regs->r10;
3966         env->regs[11] = regs->r11;
3967         env->regs[12] = regs->r12;
3968         env->regs[13] = regs->r13;
3969         env->regs[14] = regs->r14;
3970         env->regs[15] = regs->r15;
3971         env->regs[16] = regs->r16;
3972         env->regs[17] = regs->r17;
3973         env->regs[18] = regs->r18;
3974         env->regs[19] = regs->r19;
3975         env->regs[20] = regs->r20;
3976         env->regs[21] = regs->r21;
3977         env->regs[22] = regs->r22;
3978         env->regs[23] = regs->r23;
3979         env->regs[24] = regs->r24;
3980         env->regs[25] = regs->r25;
3981         env->regs[26] = regs->r26;
3982         env->regs[27] = regs->r27;
3983         env->regs[28] = regs->r28;
3984         env->regs[29] = regs->r29;
3985         env->regs[30] = regs->r30;
3986         env->regs[31] = regs->r31;
3987         env->sregs[SR_PC] = regs->pc;
3988     }
3989 #elif defined(TARGET_MIPS)
3990     {
3991         int i;
3992 
3993         for(i = 0; i < 32; i++) {
3994             env->active_tc.gpr[i] = regs->regs[i];
3995         }
3996         env->active_tc.PC = regs->cp0_epc & ~(target_ulong)1;
3997         if (regs->cp0_epc & 1) {
3998             env->hflags |= MIPS_HFLAG_M16;
3999         }
4000     }
4001 #elif defined(TARGET_OPENRISC)
4002     {
4003         int i;
4004 
4005         for (i = 0; i < 32; i++) {
4006             env->gpr[i] = regs->gpr[i];
4007         }
4008 
4009         env->sr = regs->sr;
4010         env->pc = regs->pc;
4011     }
4012 #elif defined(TARGET_SH4)
4013     {
4014         int i;
4015 
4016         for(i = 0; i < 16; i++) {
4017             env->gregs[i] = regs->regs[i];
4018         }
4019         env->pc = regs->pc;
4020     }
4021 #elif defined(TARGET_ALPHA)
4022     {
4023         int i;
4024 
4025         for(i = 0; i < 28; i++) {
4026             env->ir[i] = ((abi_ulong *)regs)[i];
4027         }
4028         env->ir[IR_SP] = regs->usp;
4029         env->pc = regs->pc;
4030     }
4031 #elif defined(TARGET_CRIS)
4032     {
4033 	    env->regs[0] = regs->r0;
4034 	    env->regs[1] = regs->r1;
4035 	    env->regs[2] = regs->r2;
4036 	    env->regs[3] = regs->r3;
4037 	    env->regs[4] = regs->r4;
4038 	    env->regs[5] = regs->r5;
4039 	    env->regs[6] = regs->r6;
4040 	    env->regs[7] = regs->r7;
4041 	    env->regs[8] = regs->r8;
4042 	    env->regs[9] = regs->r9;
4043 	    env->regs[10] = regs->r10;
4044 	    env->regs[11] = regs->r11;
4045 	    env->regs[12] = regs->r12;
4046 	    env->regs[13] = regs->r13;
4047 	    env->regs[14] = info->start_stack;
4048 	    env->regs[15] = regs->acr;
4049 	    env->pc = regs->erp;
4050     }
4051 #elif defined(TARGET_S390X)
4052     {
4053             int i;
4054             for (i = 0; i < 16; i++) {
4055                 env->regs[i] = regs->gprs[i];
4056             }
4057             env->psw.mask = regs->psw.mask;
4058             env->psw.addr = regs->psw.addr;
4059     }
4060 #else
4061 #error unsupported target CPU
4062 #endif
4063 
4064 #if defined(TARGET_ARM) || defined(TARGET_M68K) || defined(TARGET_UNICORE32)
4065     ts->stack_base = info->start_stack;
4066     ts->heap_base = info->brk;
4067     /* This will be filled in on the first SYS_HEAPINFO call.  */
4068     ts->heap_limit = 0;
4069 #endif
4070 
4071     if (gdbstub_port) {
4072         if (gdbserver_start(gdbstub_port) < 0) {
4073             fprintf(stderr, "qemu: could not open gdbserver on port %d\n",
4074                     gdbstub_port);
4075             exit(1);
4076         }
4077         gdb_handlesig(cpu, 0);
4078     }
4079     cpu_loop(env);
4080     /* never exits */
4081     return 0;
4082 }
4083