xref: /openbmc/qemu/linux-user/main.c (revision 5c75fb10)
1 /*
2  *  qemu user main
3  *
4  *  Copyright (c) 2003-2008 Fabrice Bellard
5  *
6  *  This program is free software; you can redistribute it and/or modify
7  *  it under the terms of the GNU General Public License as published by
8  *  the Free Software Foundation; either version 2 of the License, or
9  *  (at your option) any later version.
10  *
11  *  This program is distributed in the hope that it will be useful,
12  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
13  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14  *  GNU General Public License for more details.
15  *
16  *  You should have received a copy of the GNU General Public License
17  *  along with this program; if not, see <http://www.gnu.org/licenses/>.
18  */
19 #include <stdlib.h>
20 #include <stdio.h>
21 #include <stdarg.h>
22 #include <string.h>
23 #include <errno.h>
24 #include <unistd.h>
25 #include <sys/mman.h>
26 #include <sys/syscall.h>
27 #include <sys/resource.h>
28 
29 #include "qemu.h"
30 #include "qemu-common.h"
31 #include "qemu/cache-utils.h"
32 #include "cpu.h"
33 #include "tcg.h"
34 #include "qemu/timer.h"
35 #include "qemu/envlist.h"
36 #include "elf.h"
37 
38 char *exec_path;
39 
40 int singlestep;
41 const char *filename;
42 const char *argv0;
43 int gdbstub_port;
44 envlist_t *envlist;
45 const char *cpu_model;
46 unsigned long mmap_min_addr;
47 #if defined(CONFIG_USE_GUEST_BASE)
48 unsigned long guest_base;
49 int have_guest_base;
50 #if (TARGET_LONG_BITS == 32) && (HOST_LONG_BITS == 64)
51 /*
52  * When running 32-on-64 we should make sure we can fit all of the possible
53  * guest address space into a contiguous chunk of virtual host memory.
54  *
55  * This way we will never overlap with our own libraries or binaries or stack
56  * or anything else that QEMU maps.
57  */
58 # ifdef TARGET_MIPS
59 /* MIPS only supports 31 bits of virtual address space for user space */
60 unsigned long reserved_va = 0x77000000;
61 # else
62 unsigned long reserved_va = 0xf7000000;
63 # endif
64 #else
65 unsigned long reserved_va;
66 #endif
67 #endif
68 
69 static void usage(void);
70 
71 static const char *interp_prefix = CONFIG_QEMU_INTERP_PREFIX;
72 const char *qemu_uname_release = CONFIG_UNAME_RELEASE;
73 
74 /* XXX: on x86 MAP_GROWSDOWN only works if ESP <= address + 32, so
75    we allocate a bigger stack. Need a better solution, for example
76    by remapping the process stack directly at the right place */
77 unsigned long guest_stack_size = 8 * 1024 * 1024UL;
78 
79 void gemu_log(const char *fmt, ...)
80 {
81     va_list ap;
82 
83     va_start(ap, fmt);
84     vfprintf(stderr, fmt, ap);
85     va_end(ap);
86 }
87 
88 #if defined(TARGET_I386)
89 int cpu_get_pic_interrupt(CPUX86State *env)
90 {
91     return -1;
92 }
93 #endif
94 
95 #if defined(CONFIG_USE_NPTL)
96 /***********************************************************/
97 /* Helper routines for implementing atomic operations.  */
98 
99 /* To implement exclusive operations we force all cpus to syncronise.
100    We don't require a full sync, only that no cpus are executing guest code.
101    The alternative is to map target atomic ops onto host equivalents,
102    which requires quite a lot of per host/target work.  */
103 static pthread_mutex_t cpu_list_mutex = PTHREAD_MUTEX_INITIALIZER;
104 static pthread_mutex_t exclusive_lock = PTHREAD_MUTEX_INITIALIZER;
105 static pthread_cond_t exclusive_cond = PTHREAD_COND_INITIALIZER;
106 static pthread_cond_t exclusive_resume = PTHREAD_COND_INITIALIZER;
107 static int pending_cpus;
108 
109 /* Make sure everything is in a consistent state for calling fork().  */
110 void fork_start(void)
111 {
112     pthread_mutex_lock(&tcg_ctx.tb_ctx.tb_lock);
113     pthread_mutex_lock(&exclusive_lock);
114     mmap_fork_start();
115 }
116 
117 void fork_end(int child)
118 {
119     mmap_fork_end(child);
120     if (child) {
121         /* Child processes created by fork() only have a single thread.
122            Discard information about the parent threads.  */
123         first_cpu = thread_env;
124         thread_env->next_cpu = NULL;
125         pending_cpus = 0;
126         pthread_mutex_init(&exclusive_lock, NULL);
127         pthread_mutex_init(&cpu_list_mutex, NULL);
128         pthread_cond_init(&exclusive_cond, NULL);
129         pthread_cond_init(&exclusive_resume, NULL);
130         pthread_mutex_init(&tcg_ctx.tb_ctx.tb_lock, NULL);
131         gdbserver_fork(thread_env);
132     } else {
133         pthread_mutex_unlock(&exclusive_lock);
134         pthread_mutex_unlock(&tcg_ctx.tb_ctx.tb_lock);
135     }
136 }
137 
138 /* Wait for pending exclusive operations to complete.  The exclusive lock
139    must be held.  */
140 static inline void exclusive_idle(void)
141 {
142     while (pending_cpus) {
143         pthread_cond_wait(&exclusive_resume, &exclusive_lock);
144     }
145 }
146 
147 /* Start an exclusive operation.
148    Must only be called from outside cpu_arm_exec.   */
149 static inline void start_exclusive(void)
150 {
151     CPUArchState *other;
152     CPUState *other_cpu;
153 
154     pthread_mutex_lock(&exclusive_lock);
155     exclusive_idle();
156 
157     pending_cpus = 1;
158     /* Make all other cpus stop executing.  */
159     for (other = first_cpu; other; other = other->next_cpu) {
160         other_cpu = ENV_GET_CPU(other);
161         if (other_cpu->running) {
162             pending_cpus++;
163             cpu_exit(other);
164         }
165     }
166     if (pending_cpus > 1) {
167         pthread_cond_wait(&exclusive_cond, &exclusive_lock);
168     }
169 }
170 
171 /* Finish an exclusive operation.  */
172 static inline void end_exclusive(void)
173 {
174     pending_cpus = 0;
175     pthread_cond_broadcast(&exclusive_resume);
176     pthread_mutex_unlock(&exclusive_lock);
177 }
178 
179 /* Wait for exclusive ops to finish, and begin cpu execution.  */
180 static inline void cpu_exec_start(CPUState *cpu)
181 {
182     pthread_mutex_lock(&exclusive_lock);
183     exclusive_idle();
184     cpu->running = true;
185     pthread_mutex_unlock(&exclusive_lock);
186 }
187 
188 /* Mark cpu as not executing, and release pending exclusive ops.  */
189 static inline void cpu_exec_end(CPUState *cpu)
190 {
191     pthread_mutex_lock(&exclusive_lock);
192     cpu->running = false;
193     if (pending_cpus > 1) {
194         pending_cpus--;
195         if (pending_cpus == 1) {
196             pthread_cond_signal(&exclusive_cond);
197         }
198     }
199     exclusive_idle();
200     pthread_mutex_unlock(&exclusive_lock);
201 }
202 
203 void cpu_list_lock(void)
204 {
205     pthread_mutex_lock(&cpu_list_mutex);
206 }
207 
208 void cpu_list_unlock(void)
209 {
210     pthread_mutex_unlock(&cpu_list_mutex);
211 }
212 #else /* if !CONFIG_USE_NPTL */
213 /* These are no-ops because we are not threadsafe.  */
214 static inline void cpu_exec_start(CPUState *cpu)
215 {
216 }
217 
218 static inline void cpu_exec_end(CPUState *cpu)
219 {
220 }
221 
222 static inline void start_exclusive(void)
223 {
224 }
225 
226 static inline void end_exclusive(void)
227 {
228 }
229 
230 void fork_start(void)
231 {
232 }
233 
234 void fork_end(int child)
235 {
236     if (child) {
237         gdbserver_fork(thread_env);
238     }
239 }
240 
241 void cpu_list_lock(void)
242 {
243 }
244 
245 void cpu_list_unlock(void)
246 {
247 }
248 #endif
249 
250 
251 #ifdef TARGET_I386
252 /***********************************************************/
253 /* CPUX86 core interface */
254 
255 void cpu_smm_update(CPUX86State *env)
256 {
257 }
258 
259 uint64_t cpu_get_tsc(CPUX86State *env)
260 {
261     return cpu_get_real_ticks();
262 }
263 
264 static void write_dt(void *ptr, unsigned long addr, unsigned long limit,
265                      int flags)
266 {
267     unsigned int e1, e2;
268     uint32_t *p;
269     e1 = (addr << 16) | (limit & 0xffff);
270     e2 = ((addr >> 16) & 0xff) | (addr & 0xff000000) | (limit & 0x000f0000);
271     e2 |= flags;
272     p = ptr;
273     p[0] = tswap32(e1);
274     p[1] = tswap32(e2);
275 }
276 
277 static uint64_t *idt_table;
278 #ifdef TARGET_X86_64
279 static void set_gate64(void *ptr, unsigned int type, unsigned int dpl,
280                        uint64_t addr, unsigned int sel)
281 {
282     uint32_t *p, e1, e2;
283     e1 = (addr & 0xffff) | (sel << 16);
284     e2 = (addr & 0xffff0000) | 0x8000 | (dpl << 13) | (type << 8);
285     p = ptr;
286     p[0] = tswap32(e1);
287     p[1] = tswap32(e2);
288     p[2] = tswap32(addr >> 32);
289     p[3] = 0;
290 }
291 /* only dpl matters as we do only user space emulation */
292 static void set_idt(int n, unsigned int dpl)
293 {
294     set_gate64(idt_table + n * 2, 0, dpl, 0, 0);
295 }
296 #else
297 static void set_gate(void *ptr, unsigned int type, unsigned int dpl,
298                      uint32_t addr, unsigned int sel)
299 {
300     uint32_t *p, e1, e2;
301     e1 = (addr & 0xffff) | (sel << 16);
302     e2 = (addr & 0xffff0000) | 0x8000 | (dpl << 13) | (type << 8);
303     p = ptr;
304     p[0] = tswap32(e1);
305     p[1] = tswap32(e2);
306 }
307 
308 /* only dpl matters as we do only user space emulation */
309 static void set_idt(int n, unsigned int dpl)
310 {
311     set_gate(idt_table + n, 0, dpl, 0, 0);
312 }
313 #endif
314 
315 void cpu_loop(CPUX86State *env)
316 {
317     int trapnr;
318     abi_ulong pc;
319     target_siginfo_t info;
320 
321     for(;;) {
322         trapnr = cpu_x86_exec(env);
323         switch(trapnr) {
324         case 0x80:
325             /* linux syscall from int $0x80 */
326             env->regs[R_EAX] = do_syscall(env,
327                                           env->regs[R_EAX],
328                                           env->regs[R_EBX],
329                                           env->regs[R_ECX],
330                                           env->regs[R_EDX],
331                                           env->regs[R_ESI],
332                                           env->regs[R_EDI],
333                                           env->regs[R_EBP],
334                                           0, 0);
335             break;
336 #ifndef TARGET_ABI32
337         case EXCP_SYSCALL:
338             /* linux syscall from syscall instruction */
339             env->regs[R_EAX] = do_syscall(env,
340                                           env->regs[R_EAX],
341                                           env->regs[R_EDI],
342                                           env->regs[R_ESI],
343                                           env->regs[R_EDX],
344                                           env->regs[10],
345                                           env->regs[8],
346                                           env->regs[9],
347                                           0, 0);
348             env->eip = env->exception_next_eip;
349             break;
350 #endif
351         case EXCP0B_NOSEG:
352         case EXCP0C_STACK:
353             info.si_signo = SIGBUS;
354             info.si_errno = 0;
355             info.si_code = TARGET_SI_KERNEL;
356             info._sifields._sigfault._addr = 0;
357             queue_signal(env, info.si_signo, &info);
358             break;
359         case EXCP0D_GPF:
360             /* XXX: potential problem if ABI32 */
361 #ifndef TARGET_X86_64
362             if (env->eflags & VM_MASK) {
363                 handle_vm86_fault(env);
364             } else
365 #endif
366             {
367                 info.si_signo = SIGSEGV;
368                 info.si_errno = 0;
369                 info.si_code = TARGET_SI_KERNEL;
370                 info._sifields._sigfault._addr = 0;
371                 queue_signal(env, info.si_signo, &info);
372             }
373             break;
374         case EXCP0E_PAGE:
375             info.si_signo = SIGSEGV;
376             info.si_errno = 0;
377             if (!(env->error_code & 1))
378                 info.si_code = TARGET_SEGV_MAPERR;
379             else
380                 info.si_code = TARGET_SEGV_ACCERR;
381             info._sifields._sigfault._addr = env->cr[2];
382             queue_signal(env, info.si_signo, &info);
383             break;
384         case EXCP00_DIVZ:
385 #ifndef TARGET_X86_64
386             if (env->eflags & VM_MASK) {
387                 handle_vm86_trap(env, trapnr);
388             } else
389 #endif
390             {
391                 /* division by zero */
392                 info.si_signo = SIGFPE;
393                 info.si_errno = 0;
394                 info.si_code = TARGET_FPE_INTDIV;
395                 info._sifields._sigfault._addr = env->eip;
396                 queue_signal(env, info.si_signo, &info);
397             }
398             break;
399         case EXCP01_DB:
400         case EXCP03_INT3:
401 #ifndef TARGET_X86_64
402             if (env->eflags & VM_MASK) {
403                 handle_vm86_trap(env, trapnr);
404             } else
405 #endif
406             {
407                 info.si_signo = SIGTRAP;
408                 info.si_errno = 0;
409                 if (trapnr == EXCP01_DB) {
410                     info.si_code = TARGET_TRAP_BRKPT;
411                     info._sifields._sigfault._addr = env->eip;
412                 } else {
413                     info.si_code = TARGET_SI_KERNEL;
414                     info._sifields._sigfault._addr = 0;
415                 }
416                 queue_signal(env, info.si_signo, &info);
417             }
418             break;
419         case EXCP04_INTO:
420         case EXCP05_BOUND:
421 #ifndef TARGET_X86_64
422             if (env->eflags & VM_MASK) {
423                 handle_vm86_trap(env, trapnr);
424             } else
425 #endif
426             {
427                 info.si_signo = SIGSEGV;
428                 info.si_errno = 0;
429                 info.si_code = TARGET_SI_KERNEL;
430                 info._sifields._sigfault._addr = 0;
431                 queue_signal(env, info.si_signo, &info);
432             }
433             break;
434         case EXCP06_ILLOP:
435             info.si_signo = SIGILL;
436             info.si_errno = 0;
437             info.si_code = TARGET_ILL_ILLOPN;
438             info._sifields._sigfault._addr = env->eip;
439             queue_signal(env, info.si_signo, &info);
440             break;
441         case EXCP_INTERRUPT:
442             /* just indicate that signals should be handled asap */
443             break;
444         case EXCP_DEBUG:
445             {
446                 int sig;
447 
448                 sig = gdb_handlesig (env, TARGET_SIGTRAP);
449                 if (sig)
450                   {
451                     info.si_signo = sig;
452                     info.si_errno = 0;
453                     info.si_code = TARGET_TRAP_BRKPT;
454                     queue_signal(env, info.si_signo, &info);
455                   }
456             }
457             break;
458         default:
459             pc = env->segs[R_CS].base + env->eip;
460             fprintf(stderr, "qemu: 0x%08lx: unhandled CPU exception 0x%x - aborting\n",
461                     (long)pc, trapnr);
462             abort();
463         }
464         process_pending_signals(env);
465     }
466 }
467 #endif
468 
469 #ifdef TARGET_ARM
470 
471 #define get_user_code_u32(x, gaddr, doswap)             \
472     ({ abi_long __r = get_user_u32((x), (gaddr));       \
473         if (!__r && (doswap)) {                         \
474             (x) = bswap32(x);                           \
475         }                                               \
476         __r;                                            \
477     })
478 
479 #define get_user_code_u16(x, gaddr, doswap)             \
480     ({ abi_long __r = get_user_u16((x), (gaddr));       \
481         if (!__r && (doswap)) {                         \
482             (x) = bswap16(x);                           \
483         }                                               \
484         __r;                                            \
485     })
486 
487 /*
488  * See the Linux kernel's Documentation/arm/kernel_user_helpers.txt
489  * Input:
490  * r0 = pointer to oldval
491  * r1 = pointer to newval
492  * r2 = pointer to target value
493  *
494  * Output:
495  * r0 = 0 if *ptr was changed, non-0 if no exchange happened
496  * C set if *ptr was changed, clear if no exchange happened
497  *
498  * Note segv's in kernel helpers are a bit tricky, we can set the
499  * data address sensibly but the PC address is just the entry point.
500  */
501 static void arm_kernel_cmpxchg64_helper(CPUARMState *env)
502 {
503     uint64_t oldval, newval, val;
504     uint32_t addr, cpsr;
505     target_siginfo_t info;
506 
507     /* Based on the 32 bit code in do_kernel_trap */
508 
509     /* XXX: This only works between threads, not between processes.
510        It's probably possible to implement this with native host
511        operations. However things like ldrex/strex are much harder so
512        there's not much point trying.  */
513     start_exclusive();
514     cpsr = cpsr_read(env);
515     addr = env->regs[2];
516 
517     if (get_user_u64(oldval, env->regs[0])) {
518         env->cp15.c6_data = env->regs[0];
519         goto segv;
520     };
521 
522     if (get_user_u64(newval, env->regs[1])) {
523         env->cp15.c6_data = env->regs[1];
524         goto segv;
525     };
526 
527     if (get_user_u64(val, addr)) {
528         env->cp15.c6_data = addr;
529         goto segv;
530     }
531 
532     if (val == oldval) {
533         val = newval;
534 
535         if (put_user_u64(val, addr)) {
536             env->cp15.c6_data = addr;
537             goto segv;
538         };
539 
540         env->regs[0] = 0;
541         cpsr |= CPSR_C;
542     } else {
543         env->regs[0] = -1;
544         cpsr &= ~CPSR_C;
545     }
546     cpsr_write(env, cpsr, CPSR_C);
547     end_exclusive();
548     return;
549 
550 segv:
551     end_exclusive();
552     /* We get the PC of the entry address - which is as good as anything,
553        on a real kernel what you get depends on which mode it uses. */
554     info.si_signo = SIGSEGV;
555     info.si_errno = 0;
556     /* XXX: check env->error_code */
557     info.si_code = TARGET_SEGV_MAPERR;
558     info._sifields._sigfault._addr = env->cp15.c6_data;
559     queue_signal(env, info.si_signo, &info);
560 
561     end_exclusive();
562 }
563 
564 /* Handle a jump to the kernel code page.  */
565 static int
566 do_kernel_trap(CPUARMState *env)
567 {
568     uint32_t addr;
569     uint32_t cpsr;
570     uint32_t val;
571 
572     switch (env->regs[15]) {
573     case 0xffff0fa0: /* __kernel_memory_barrier */
574         /* ??? No-op. Will need to do better for SMP.  */
575         break;
576     case 0xffff0fc0: /* __kernel_cmpxchg */
577          /* XXX: This only works between threads, not between processes.
578             It's probably possible to implement this with native host
579             operations. However things like ldrex/strex are much harder so
580             there's not much point trying.  */
581         start_exclusive();
582         cpsr = cpsr_read(env);
583         addr = env->regs[2];
584         /* FIXME: This should SEGV if the access fails.  */
585         if (get_user_u32(val, addr))
586             val = ~env->regs[0];
587         if (val == env->regs[0]) {
588             val = env->regs[1];
589             /* FIXME: Check for segfaults.  */
590             put_user_u32(val, addr);
591             env->regs[0] = 0;
592             cpsr |= CPSR_C;
593         } else {
594             env->regs[0] = -1;
595             cpsr &= ~CPSR_C;
596         }
597         cpsr_write(env, cpsr, CPSR_C);
598         end_exclusive();
599         break;
600     case 0xffff0fe0: /* __kernel_get_tls */
601         env->regs[0] = env->cp15.c13_tls2;
602         break;
603     case 0xffff0f60: /* __kernel_cmpxchg64 */
604         arm_kernel_cmpxchg64_helper(env);
605         break;
606 
607     default:
608         return 1;
609     }
610     /* Jump back to the caller.  */
611     addr = env->regs[14];
612     if (addr & 1) {
613         env->thumb = 1;
614         addr &= ~1;
615     }
616     env->regs[15] = addr;
617 
618     return 0;
619 }
620 
621 static int do_strex(CPUARMState *env)
622 {
623     uint32_t val;
624     int size;
625     int rc = 1;
626     int segv = 0;
627     uint32_t addr;
628     start_exclusive();
629     addr = env->exclusive_addr;
630     if (addr != env->exclusive_test) {
631         goto fail;
632     }
633     size = env->exclusive_info & 0xf;
634     switch (size) {
635     case 0:
636         segv = get_user_u8(val, addr);
637         break;
638     case 1:
639         segv = get_user_u16(val, addr);
640         break;
641     case 2:
642     case 3:
643         segv = get_user_u32(val, addr);
644         break;
645     default:
646         abort();
647     }
648     if (segv) {
649         env->cp15.c6_data = addr;
650         goto done;
651     }
652     if (val != env->exclusive_val) {
653         goto fail;
654     }
655     if (size == 3) {
656         segv = get_user_u32(val, addr + 4);
657         if (segv) {
658             env->cp15.c6_data = addr + 4;
659             goto done;
660         }
661         if (val != env->exclusive_high) {
662             goto fail;
663         }
664     }
665     val = env->regs[(env->exclusive_info >> 8) & 0xf];
666     switch (size) {
667     case 0:
668         segv = put_user_u8(val, addr);
669         break;
670     case 1:
671         segv = put_user_u16(val, addr);
672         break;
673     case 2:
674     case 3:
675         segv = put_user_u32(val, addr);
676         break;
677     }
678     if (segv) {
679         env->cp15.c6_data = addr;
680         goto done;
681     }
682     if (size == 3) {
683         val = env->regs[(env->exclusive_info >> 12) & 0xf];
684         segv = put_user_u32(val, addr + 4);
685         if (segv) {
686             env->cp15.c6_data = addr + 4;
687             goto done;
688         }
689     }
690     rc = 0;
691 fail:
692     env->regs[15] += 4;
693     env->regs[(env->exclusive_info >> 4) & 0xf] = rc;
694 done:
695     end_exclusive();
696     return segv;
697 }
698 
699 void cpu_loop(CPUARMState *env)
700 {
701     CPUState *cs = CPU(arm_env_get_cpu(env));
702     int trapnr;
703     unsigned int n, insn;
704     target_siginfo_t info;
705     uint32_t addr;
706 
707     for(;;) {
708         cpu_exec_start(cs);
709         trapnr = cpu_arm_exec(env);
710         cpu_exec_end(cs);
711         switch(trapnr) {
712         case EXCP_UDEF:
713             {
714                 TaskState *ts = env->opaque;
715                 uint32_t opcode;
716                 int rc;
717 
718                 /* we handle the FPU emulation here, as Linux */
719                 /* we get the opcode */
720                 /* FIXME - what to do if get_user() fails? */
721                 get_user_code_u32(opcode, env->regs[15], env->bswap_code);
722 
723                 rc = EmulateAll(opcode, &ts->fpa, env);
724                 if (rc == 0) { /* illegal instruction */
725                     info.si_signo = SIGILL;
726                     info.si_errno = 0;
727                     info.si_code = TARGET_ILL_ILLOPN;
728                     info._sifields._sigfault._addr = env->regs[15];
729                     queue_signal(env, info.si_signo, &info);
730                 } else if (rc < 0) { /* FP exception */
731                     int arm_fpe=0;
732 
733                     /* translate softfloat flags to FPSR flags */
734                     if (-rc & float_flag_invalid)
735                       arm_fpe |= BIT_IOC;
736                     if (-rc & float_flag_divbyzero)
737                       arm_fpe |= BIT_DZC;
738                     if (-rc & float_flag_overflow)
739                       arm_fpe |= BIT_OFC;
740                     if (-rc & float_flag_underflow)
741                       arm_fpe |= BIT_UFC;
742                     if (-rc & float_flag_inexact)
743                       arm_fpe |= BIT_IXC;
744 
745                     FPSR fpsr = ts->fpa.fpsr;
746                     //printf("fpsr 0x%x, arm_fpe 0x%x\n",fpsr,arm_fpe);
747 
748                     if (fpsr & (arm_fpe << 16)) { /* exception enabled? */
749                       info.si_signo = SIGFPE;
750                       info.si_errno = 0;
751 
752                       /* ordered by priority, least first */
753                       if (arm_fpe & BIT_IXC) info.si_code = TARGET_FPE_FLTRES;
754                       if (arm_fpe & BIT_UFC) info.si_code = TARGET_FPE_FLTUND;
755                       if (arm_fpe & BIT_OFC) info.si_code = TARGET_FPE_FLTOVF;
756                       if (arm_fpe & BIT_DZC) info.si_code = TARGET_FPE_FLTDIV;
757                       if (arm_fpe & BIT_IOC) info.si_code = TARGET_FPE_FLTINV;
758 
759                       info._sifields._sigfault._addr = env->regs[15];
760                       queue_signal(env, info.si_signo, &info);
761                     } else {
762                       env->regs[15] += 4;
763                     }
764 
765                     /* accumulate unenabled exceptions */
766                     if ((!(fpsr & BIT_IXE)) && (arm_fpe & BIT_IXC))
767                       fpsr |= BIT_IXC;
768                     if ((!(fpsr & BIT_UFE)) && (arm_fpe & BIT_UFC))
769                       fpsr |= BIT_UFC;
770                     if ((!(fpsr & BIT_OFE)) && (arm_fpe & BIT_OFC))
771                       fpsr |= BIT_OFC;
772                     if ((!(fpsr & BIT_DZE)) && (arm_fpe & BIT_DZC))
773                       fpsr |= BIT_DZC;
774                     if ((!(fpsr & BIT_IOE)) && (arm_fpe & BIT_IOC))
775                       fpsr |= BIT_IOC;
776                     ts->fpa.fpsr=fpsr;
777                 } else { /* everything OK */
778                     /* increment PC */
779                     env->regs[15] += 4;
780                 }
781             }
782             break;
783         case EXCP_SWI:
784         case EXCP_BKPT:
785             {
786                 env->eabi = 1;
787                 /* system call */
788                 if (trapnr == EXCP_BKPT) {
789                     if (env->thumb) {
790                         /* FIXME - what to do if get_user() fails? */
791                         get_user_code_u16(insn, env->regs[15], env->bswap_code);
792                         n = insn & 0xff;
793                         env->regs[15] += 2;
794                     } else {
795                         /* FIXME - what to do if get_user() fails? */
796                         get_user_code_u32(insn, env->regs[15], env->bswap_code);
797                         n = (insn & 0xf) | ((insn >> 4) & 0xff0);
798                         env->regs[15] += 4;
799                     }
800                 } else {
801                     if (env->thumb) {
802                         /* FIXME - what to do if get_user() fails? */
803                         get_user_code_u16(insn, env->regs[15] - 2,
804                                           env->bswap_code);
805                         n = insn & 0xff;
806                     } else {
807                         /* FIXME - what to do if get_user() fails? */
808                         get_user_code_u32(insn, env->regs[15] - 4,
809                                           env->bswap_code);
810                         n = insn & 0xffffff;
811                     }
812                 }
813 
814                 if (n == ARM_NR_cacheflush) {
815                     /* nop */
816                 } else if (n == ARM_NR_semihosting
817                            || n == ARM_NR_thumb_semihosting) {
818                     env->regs[0] = do_arm_semihosting (env);
819                 } else if (n == 0 || n >= ARM_SYSCALL_BASE || env->thumb) {
820                     /* linux syscall */
821                     if (env->thumb || n == 0) {
822                         n = env->regs[7];
823                     } else {
824                         n -= ARM_SYSCALL_BASE;
825                         env->eabi = 0;
826                     }
827                     if ( n > ARM_NR_BASE) {
828                         switch (n) {
829                         case ARM_NR_cacheflush:
830                             /* nop */
831                             break;
832                         case ARM_NR_set_tls:
833                             cpu_set_tls(env, env->regs[0]);
834                             env->regs[0] = 0;
835                             break;
836                         default:
837                             gemu_log("qemu: Unsupported ARM syscall: 0x%x\n",
838                                      n);
839                             env->regs[0] = -TARGET_ENOSYS;
840                             break;
841                         }
842                     } else {
843                         env->regs[0] = do_syscall(env,
844                                                   n,
845                                                   env->regs[0],
846                                                   env->regs[1],
847                                                   env->regs[2],
848                                                   env->regs[3],
849                                                   env->regs[4],
850                                                   env->regs[5],
851                                                   0, 0);
852                     }
853                 } else {
854                     goto error;
855                 }
856             }
857             break;
858         case EXCP_INTERRUPT:
859             /* just indicate that signals should be handled asap */
860             break;
861         case EXCP_PREFETCH_ABORT:
862             addr = env->cp15.c6_insn;
863             goto do_segv;
864         case EXCP_DATA_ABORT:
865             addr = env->cp15.c6_data;
866         do_segv:
867             {
868                 info.si_signo = SIGSEGV;
869                 info.si_errno = 0;
870                 /* XXX: check env->error_code */
871                 info.si_code = TARGET_SEGV_MAPERR;
872                 info._sifields._sigfault._addr = addr;
873                 queue_signal(env, info.si_signo, &info);
874             }
875             break;
876         case EXCP_DEBUG:
877             {
878                 int sig;
879 
880                 sig = gdb_handlesig (env, TARGET_SIGTRAP);
881                 if (sig)
882                   {
883                     info.si_signo = sig;
884                     info.si_errno = 0;
885                     info.si_code = TARGET_TRAP_BRKPT;
886                     queue_signal(env, info.si_signo, &info);
887                   }
888             }
889             break;
890         case EXCP_KERNEL_TRAP:
891             if (do_kernel_trap(env))
892               goto error;
893             break;
894         case EXCP_STREX:
895             if (do_strex(env)) {
896                 addr = env->cp15.c6_data;
897                 goto do_segv;
898             }
899             break;
900         default:
901         error:
902             fprintf(stderr, "qemu: unhandled CPU exception 0x%x - aborting\n",
903                     trapnr);
904             cpu_dump_state(env, stderr, fprintf, 0);
905             abort();
906         }
907         process_pending_signals(env);
908     }
909 }
910 
911 #endif
912 
913 #ifdef TARGET_UNICORE32
914 
915 void cpu_loop(CPUUniCore32State *env)
916 {
917     CPUState *cs = CPU(uc32_env_get_cpu(env));
918     int trapnr;
919     unsigned int n, insn;
920     target_siginfo_t info;
921 
922     for (;;) {
923         cpu_exec_start(cs);
924         trapnr = uc32_cpu_exec(env);
925         cpu_exec_end(cs);
926         switch (trapnr) {
927         case UC32_EXCP_PRIV:
928             {
929                 /* system call */
930                 get_user_u32(insn, env->regs[31] - 4);
931                 n = insn & 0xffffff;
932 
933                 if (n >= UC32_SYSCALL_BASE) {
934                     /* linux syscall */
935                     n -= UC32_SYSCALL_BASE;
936                     if (n == UC32_SYSCALL_NR_set_tls) {
937                             cpu_set_tls(env, env->regs[0]);
938                             env->regs[0] = 0;
939                     } else {
940                         env->regs[0] = do_syscall(env,
941                                                   n,
942                                                   env->regs[0],
943                                                   env->regs[1],
944                                                   env->regs[2],
945                                                   env->regs[3],
946                                                   env->regs[4],
947                                                   env->regs[5],
948                                                   0, 0);
949                     }
950                 } else {
951                     goto error;
952                 }
953             }
954             break;
955         case UC32_EXCP_DTRAP:
956         case UC32_EXCP_ITRAP:
957             info.si_signo = SIGSEGV;
958             info.si_errno = 0;
959             /* XXX: check env->error_code */
960             info.si_code = TARGET_SEGV_MAPERR;
961             info._sifields._sigfault._addr = env->cp0.c4_faultaddr;
962             queue_signal(env, info.si_signo, &info);
963             break;
964         case EXCP_INTERRUPT:
965             /* just indicate that signals should be handled asap */
966             break;
967         case EXCP_DEBUG:
968             {
969                 int sig;
970 
971                 sig = gdb_handlesig(env, TARGET_SIGTRAP);
972                 if (sig) {
973                     info.si_signo = sig;
974                     info.si_errno = 0;
975                     info.si_code = TARGET_TRAP_BRKPT;
976                     queue_signal(env, info.si_signo, &info);
977                 }
978             }
979             break;
980         default:
981             goto error;
982         }
983         process_pending_signals(env);
984     }
985 
986 error:
987     fprintf(stderr, "qemu: unhandled CPU exception 0x%x - aborting\n", trapnr);
988     cpu_dump_state(env, stderr, fprintf, 0);
989     abort();
990 }
991 #endif
992 
993 #ifdef TARGET_SPARC
994 #define SPARC64_STACK_BIAS 2047
995 
996 //#define DEBUG_WIN
997 
998 /* WARNING: dealing with register windows _is_ complicated. More info
999    can be found at http://www.sics.se/~psm/sparcstack.html */
1000 static inline int get_reg_index(CPUSPARCState *env, int cwp, int index)
1001 {
1002     index = (index + cwp * 16) % (16 * env->nwindows);
1003     /* wrap handling : if cwp is on the last window, then we use the
1004        registers 'after' the end */
1005     if (index < 8 && env->cwp == env->nwindows - 1)
1006         index += 16 * env->nwindows;
1007     return index;
1008 }
1009 
1010 /* save the register window 'cwp1' */
1011 static inline void save_window_offset(CPUSPARCState *env, int cwp1)
1012 {
1013     unsigned int i;
1014     abi_ulong sp_ptr;
1015 
1016     sp_ptr = env->regbase[get_reg_index(env, cwp1, 6)];
1017 #ifdef TARGET_SPARC64
1018     if (sp_ptr & 3)
1019         sp_ptr += SPARC64_STACK_BIAS;
1020 #endif
1021 #if defined(DEBUG_WIN)
1022     printf("win_overflow: sp_ptr=0x" TARGET_ABI_FMT_lx " save_cwp=%d\n",
1023            sp_ptr, cwp1);
1024 #endif
1025     for(i = 0; i < 16; i++) {
1026         /* FIXME - what to do if put_user() fails? */
1027         put_user_ual(env->regbase[get_reg_index(env, cwp1, 8 + i)], sp_ptr);
1028         sp_ptr += sizeof(abi_ulong);
1029     }
1030 }
1031 
1032 static void save_window(CPUSPARCState *env)
1033 {
1034 #ifndef TARGET_SPARC64
1035     unsigned int new_wim;
1036     new_wim = ((env->wim >> 1) | (env->wim << (env->nwindows - 1))) &
1037         ((1LL << env->nwindows) - 1);
1038     save_window_offset(env, cpu_cwp_dec(env, env->cwp - 2));
1039     env->wim = new_wim;
1040 #else
1041     save_window_offset(env, cpu_cwp_dec(env, env->cwp - 2));
1042     env->cansave++;
1043     env->canrestore--;
1044 #endif
1045 }
1046 
1047 static void restore_window(CPUSPARCState *env)
1048 {
1049 #ifndef TARGET_SPARC64
1050     unsigned int new_wim;
1051 #endif
1052     unsigned int i, cwp1;
1053     abi_ulong sp_ptr;
1054 
1055 #ifndef TARGET_SPARC64
1056     new_wim = ((env->wim << 1) | (env->wim >> (env->nwindows - 1))) &
1057         ((1LL << env->nwindows) - 1);
1058 #endif
1059 
1060     /* restore the invalid window */
1061     cwp1 = cpu_cwp_inc(env, env->cwp + 1);
1062     sp_ptr = env->regbase[get_reg_index(env, cwp1, 6)];
1063 #ifdef TARGET_SPARC64
1064     if (sp_ptr & 3)
1065         sp_ptr += SPARC64_STACK_BIAS;
1066 #endif
1067 #if defined(DEBUG_WIN)
1068     printf("win_underflow: sp_ptr=0x" TARGET_ABI_FMT_lx " load_cwp=%d\n",
1069            sp_ptr, cwp1);
1070 #endif
1071     for(i = 0; i < 16; i++) {
1072         /* FIXME - what to do if get_user() fails? */
1073         get_user_ual(env->regbase[get_reg_index(env, cwp1, 8 + i)], sp_ptr);
1074         sp_ptr += sizeof(abi_ulong);
1075     }
1076 #ifdef TARGET_SPARC64
1077     env->canrestore++;
1078     if (env->cleanwin < env->nwindows - 1)
1079         env->cleanwin++;
1080     env->cansave--;
1081 #else
1082     env->wim = new_wim;
1083 #endif
1084 }
1085 
1086 static void flush_windows(CPUSPARCState *env)
1087 {
1088     int offset, cwp1;
1089 
1090     offset = 1;
1091     for(;;) {
1092         /* if restore would invoke restore_window(), then we can stop */
1093         cwp1 = cpu_cwp_inc(env, env->cwp + offset);
1094 #ifndef TARGET_SPARC64
1095         if (env->wim & (1 << cwp1))
1096             break;
1097 #else
1098         if (env->canrestore == 0)
1099             break;
1100         env->cansave++;
1101         env->canrestore--;
1102 #endif
1103         save_window_offset(env, cwp1);
1104         offset++;
1105     }
1106     cwp1 = cpu_cwp_inc(env, env->cwp + 1);
1107 #ifndef TARGET_SPARC64
1108     /* set wim so that restore will reload the registers */
1109     env->wim = 1 << cwp1;
1110 #endif
1111 #if defined(DEBUG_WIN)
1112     printf("flush_windows: nb=%d\n", offset - 1);
1113 #endif
1114 }
1115 
1116 void cpu_loop (CPUSPARCState *env)
1117 {
1118     int trapnr;
1119     abi_long ret;
1120     target_siginfo_t info;
1121 
1122     while (1) {
1123         trapnr = cpu_sparc_exec (env);
1124 
1125         /* Compute PSR before exposing state.  */
1126         if (env->cc_op != CC_OP_FLAGS) {
1127             cpu_get_psr(env);
1128         }
1129 
1130         switch (trapnr) {
1131 #ifndef TARGET_SPARC64
1132         case 0x88:
1133         case 0x90:
1134 #else
1135         case 0x110:
1136         case 0x16d:
1137 #endif
1138             ret = do_syscall (env, env->gregs[1],
1139                               env->regwptr[0], env->regwptr[1],
1140                               env->regwptr[2], env->regwptr[3],
1141                               env->regwptr[4], env->regwptr[5],
1142                               0, 0);
1143             if ((abi_ulong)ret >= (abi_ulong)(-515)) {
1144 #if defined(TARGET_SPARC64) && !defined(TARGET_ABI32)
1145                 env->xcc |= PSR_CARRY;
1146 #else
1147                 env->psr |= PSR_CARRY;
1148 #endif
1149                 ret = -ret;
1150             } else {
1151 #if defined(TARGET_SPARC64) && !defined(TARGET_ABI32)
1152                 env->xcc &= ~PSR_CARRY;
1153 #else
1154                 env->psr &= ~PSR_CARRY;
1155 #endif
1156             }
1157             env->regwptr[0] = ret;
1158             /* next instruction */
1159             env->pc = env->npc;
1160             env->npc = env->npc + 4;
1161             break;
1162         case 0x83: /* flush windows */
1163 #ifdef TARGET_ABI32
1164         case 0x103:
1165 #endif
1166             flush_windows(env);
1167             /* next instruction */
1168             env->pc = env->npc;
1169             env->npc = env->npc + 4;
1170             break;
1171 #ifndef TARGET_SPARC64
1172         case TT_WIN_OVF: /* window overflow */
1173             save_window(env);
1174             break;
1175         case TT_WIN_UNF: /* window underflow */
1176             restore_window(env);
1177             break;
1178         case TT_TFAULT:
1179         case TT_DFAULT:
1180             {
1181                 info.si_signo = TARGET_SIGSEGV;
1182                 info.si_errno = 0;
1183                 /* XXX: check env->error_code */
1184                 info.si_code = TARGET_SEGV_MAPERR;
1185                 info._sifields._sigfault._addr = env->mmuregs[4];
1186                 queue_signal(env, info.si_signo, &info);
1187             }
1188             break;
1189 #else
1190         case TT_SPILL: /* window overflow */
1191             save_window(env);
1192             break;
1193         case TT_FILL: /* window underflow */
1194             restore_window(env);
1195             break;
1196         case TT_TFAULT:
1197         case TT_DFAULT:
1198             {
1199                 info.si_signo = TARGET_SIGSEGV;
1200                 info.si_errno = 0;
1201                 /* XXX: check env->error_code */
1202                 info.si_code = TARGET_SEGV_MAPERR;
1203                 if (trapnr == TT_DFAULT)
1204                     info._sifields._sigfault._addr = env->dmmuregs[4];
1205                 else
1206                     info._sifields._sigfault._addr = cpu_tsptr(env)->tpc;
1207                 queue_signal(env, info.si_signo, &info);
1208             }
1209             break;
1210 #ifndef TARGET_ABI32
1211         case 0x16e:
1212             flush_windows(env);
1213             sparc64_get_context(env);
1214             break;
1215         case 0x16f:
1216             flush_windows(env);
1217             sparc64_set_context(env);
1218             break;
1219 #endif
1220 #endif
1221         case EXCP_INTERRUPT:
1222             /* just indicate that signals should be handled asap */
1223             break;
1224         case TT_ILL_INSN:
1225             {
1226                 info.si_signo = TARGET_SIGILL;
1227                 info.si_errno = 0;
1228                 info.si_code = TARGET_ILL_ILLOPC;
1229                 info._sifields._sigfault._addr = env->pc;
1230                 queue_signal(env, info.si_signo, &info);
1231             }
1232             break;
1233         case EXCP_DEBUG:
1234             {
1235                 int sig;
1236 
1237                 sig = gdb_handlesig (env, TARGET_SIGTRAP);
1238                 if (sig)
1239                   {
1240                     info.si_signo = sig;
1241                     info.si_errno = 0;
1242                     info.si_code = TARGET_TRAP_BRKPT;
1243                     queue_signal(env, info.si_signo, &info);
1244                   }
1245             }
1246             break;
1247         default:
1248             printf ("Unhandled trap: 0x%x\n", trapnr);
1249             cpu_dump_state(env, stderr, fprintf, 0);
1250             exit (1);
1251         }
1252         process_pending_signals (env);
1253     }
1254 }
1255 
1256 #endif
1257 
1258 #ifdef TARGET_PPC
1259 static inline uint64_t cpu_ppc_get_tb(CPUPPCState *env)
1260 {
1261     /* TO FIX */
1262     return 0;
1263 }
1264 
1265 uint64_t cpu_ppc_load_tbl(CPUPPCState *env)
1266 {
1267     return cpu_ppc_get_tb(env);
1268 }
1269 
1270 uint32_t cpu_ppc_load_tbu(CPUPPCState *env)
1271 {
1272     return cpu_ppc_get_tb(env) >> 32;
1273 }
1274 
1275 uint64_t cpu_ppc_load_atbl(CPUPPCState *env)
1276 {
1277     return cpu_ppc_get_tb(env);
1278 }
1279 
1280 uint32_t cpu_ppc_load_atbu(CPUPPCState *env)
1281 {
1282     return cpu_ppc_get_tb(env) >> 32;
1283 }
1284 
1285 uint32_t cpu_ppc601_load_rtcu(CPUPPCState *env)
1286 __attribute__ (( alias ("cpu_ppc_load_tbu") ));
1287 
1288 uint32_t cpu_ppc601_load_rtcl(CPUPPCState *env)
1289 {
1290     return cpu_ppc_load_tbl(env) & 0x3FFFFF80;
1291 }
1292 
1293 /* XXX: to be fixed */
1294 int ppc_dcr_read (ppc_dcr_t *dcr_env, int dcrn, uint32_t *valp)
1295 {
1296     return -1;
1297 }
1298 
1299 int ppc_dcr_write (ppc_dcr_t *dcr_env, int dcrn, uint32_t val)
1300 {
1301     return -1;
1302 }
1303 
1304 #define EXCP_DUMP(env, fmt, ...)                                        \
1305 do {                                                                    \
1306     fprintf(stderr, fmt , ## __VA_ARGS__);                              \
1307     cpu_dump_state(env, stderr, fprintf, 0);                            \
1308     qemu_log(fmt, ## __VA_ARGS__);                                      \
1309     if (qemu_log_enabled()) {                                           \
1310         log_cpu_state(env, 0);                                          \
1311     }                                                                   \
1312 } while (0)
1313 
1314 static int do_store_exclusive(CPUPPCState *env)
1315 {
1316     target_ulong addr;
1317     target_ulong page_addr;
1318     target_ulong val;
1319     int flags;
1320     int segv = 0;
1321 
1322     addr = env->reserve_ea;
1323     page_addr = addr & TARGET_PAGE_MASK;
1324     start_exclusive();
1325     mmap_lock();
1326     flags = page_get_flags(page_addr);
1327     if ((flags & PAGE_READ) == 0) {
1328         segv = 1;
1329     } else {
1330         int reg = env->reserve_info & 0x1f;
1331         int size = (env->reserve_info >> 5) & 0xf;
1332         int stored = 0;
1333 
1334         if (addr == env->reserve_addr) {
1335             switch (size) {
1336             case 1: segv = get_user_u8(val, addr); break;
1337             case 2: segv = get_user_u16(val, addr); break;
1338             case 4: segv = get_user_u32(val, addr); break;
1339 #if defined(TARGET_PPC64)
1340             case 8: segv = get_user_u64(val, addr); break;
1341 #endif
1342             default: abort();
1343             }
1344             if (!segv && val == env->reserve_val) {
1345                 val = env->gpr[reg];
1346                 switch (size) {
1347                 case 1: segv = put_user_u8(val, addr); break;
1348                 case 2: segv = put_user_u16(val, addr); break;
1349                 case 4: segv = put_user_u32(val, addr); break;
1350 #if defined(TARGET_PPC64)
1351                 case 8: segv = put_user_u64(val, addr); break;
1352 #endif
1353                 default: abort();
1354                 }
1355                 if (!segv) {
1356                     stored = 1;
1357                 }
1358             }
1359         }
1360         env->crf[0] = (stored << 1) | xer_so;
1361         env->reserve_addr = (target_ulong)-1;
1362     }
1363     if (!segv) {
1364         env->nip += 4;
1365     }
1366     mmap_unlock();
1367     end_exclusive();
1368     return segv;
1369 }
1370 
1371 void cpu_loop(CPUPPCState *env)
1372 {
1373     CPUState *cs = CPU(ppc_env_get_cpu(env));
1374     target_siginfo_t info;
1375     int trapnr;
1376     target_ulong ret;
1377 
1378     for(;;) {
1379         cpu_exec_start(cs);
1380         trapnr = cpu_ppc_exec(env);
1381         cpu_exec_end(cs);
1382         switch(trapnr) {
1383         case POWERPC_EXCP_NONE:
1384             /* Just go on */
1385             break;
1386         case POWERPC_EXCP_CRITICAL: /* Critical input                        */
1387             cpu_abort(env, "Critical interrupt while in user mode. "
1388                       "Aborting\n");
1389             break;
1390         case POWERPC_EXCP_MCHECK:   /* Machine check exception               */
1391             cpu_abort(env, "Machine check exception while in user mode. "
1392                       "Aborting\n");
1393             break;
1394         case POWERPC_EXCP_DSI:      /* Data storage exception                */
1395             EXCP_DUMP(env, "Invalid data memory access: 0x" TARGET_FMT_lx "\n",
1396                       env->spr[SPR_DAR]);
1397             /* XXX: check this. Seems bugged */
1398             switch (env->error_code & 0xFF000000) {
1399             case 0x40000000:
1400                 info.si_signo = TARGET_SIGSEGV;
1401                 info.si_errno = 0;
1402                 info.si_code = TARGET_SEGV_MAPERR;
1403                 break;
1404             case 0x04000000:
1405                 info.si_signo = TARGET_SIGILL;
1406                 info.si_errno = 0;
1407                 info.si_code = TARGET_ILL_ILLADR;
1408                 break;
1409             case 0x08000000:
1410                 info.si_signo = TARGET_SIGSEGV;
1411                 info.si_errno = 0;
1412                 info.si_code = TARGET_SEGV_ACCERR;
1413                 break;
1414             default:
1415                 /* Let's send a regular segfault... */
1416                 EXCP_DUMP(env, "Invalid segfault errno (%02x)\n",
1417                           env->error_code);
1418                 info.si_signo = TARGET_SIGSEGV;
1419                 info.si_errno = 0;
1420                 info.si_code = TARGET_SEGV_MAPERR;
1421                 break;
1422             }
1423             info._sifields._sigfault._addr = env->nip;
1424             queue_signal(env, info.si_signo, &info);
1425             break;
1426         case POWERPC_EXCP_ISI:      /* Instruction storage exception         */
1427             EXCP_DUMP(env, "Invalid instruction fetch: 0x\n" TARGET_FMT_lx
1428                       "\n", env->spr[SPR_SRR0]);
1429             /* XXX: check this */
1430             switch (env->error_code & 0xFF000000) {
1431             case 0x40000000:
1432                 info.si_signo = TARGET_SIGSEGV;
1433             info.si_errno = 0;
1434                 info.si_code = TARGET_SEGV_MAPERR;
1435                 break;
1436             case 0x10000000:
1437             case 0x08000000:
1438                 info.si_signo = TARGET_SIGSEGV;
1439                 info.si_errno = 0;
1440                 info.si_code = TARGET_SEGV_ACCERR;
1441                 break;
1442             default:
1443                 /* Let's send a regular segfault... */
1444                 EXCP_DUMP(env, "Invalid segfault errno (%02x)\n",
1445                           env->error_code);
1446                 info.si_signo = TARGET_SIGSEGV;
1447                 info.si_errno = 0;
1448                 info.si_code = TARGET_SEGV_MAPERR;
1449                 break;
1450             }
1451             info._sifields._sigfault._addr = env->nip - 4;
1452             queue_signal(env, info.si_signo, &info);
1453             break;
1454         case POWERPC_EXCP_EXTERNAL: /* External input                        */
1455             cpu_abort(env, "External interrupt while in user mode. "
1456                       "Aborting\n");
1457             break;
1458         case POWERPC_EXCP_ALIGN:    /* Alignment exception                   */
1459             EXCP_DUMP(env, "Unaligned memory access\n");
1460             /* XXX: check this */
1461             info.si_signo = TARGET_SIGBUS;
1462             info.si_errno = 0;
1463             info.si_code = TARGET_BUS_ADRALN;
1464             info._sifields._sigfault._addr = env->nip - 4;
1465             queue_signal(env, info.si_signo, &info);
1466             break;
1467         case POWERPC_EXCP_PROGRAM:  /* Program exception                     */
1468             /* XXX: check this */
1469             switch (env->error_code & ~0xF) {
1470             case POWERPC_EXCP_FP:
1471                 EXCP_DUMP(env, "Floating point program exception\n");
1472                 info.si_signo = TARGET_SIGFPE;
1473                 info.si_errno = 0;
1474                 switch (env->error_code & 0xF) {
1475                 case POWERPC_EXCP_FP_OX:
1476                     info.si_code = TARGET_FPE_FLTOVF;
1477                     break;
1478                 case POWERPC_EXCP_FP_UX:
1479                     info.si_code = TARGET_FPE_FLTUND;
1480                     break;
1481                 case POWERPC_EXCP_FP_ZX:
1482                 case POWERPC_EXCP_FP_VXZDZ:
1483                     info.si_code = TARGET_FPE_FLTDIV;
1484                     break;
1485                 case POWERPC_EXCP_FP_XX:
1486                     info.si_code = TARGET_FPE_FLTRES;
1487                     break;
1488                 case POWERPC_EXCP_FP_VXSOFT:
1489                     info.si_code = TARGET_FPE_FLTINV;
1490                     break;
1491                 case POWERPC_EXCP_FP_VXSNAN:
1492                 case POWERPC_EXCP_FP_VXISI:
1493                 case POWERPC_EXCP_FP_VXIDI:
1494                 case POWERPC_EXCP_FP_VXIMZ:
1495                 case POWERPC_EXCP_FP_VXVC:
1496                 case POWERPC_EXCP_FP_VXSQRT:
1497                 case POWERPC_EXCP_FP_VXCVI:
1498                     info.si_code = TARGET_FPE_FLTSUB;
1499                     break;
1500                 default:
1501                     EXCP_DUMP(env, "Unknown floating point exception (%02x)\n",
1502                               env->error_code);
1503                     break;
1504                 }
1505                 break;
1506             case POWERPC_EXCP_INVAL:
1507                 EXCP_DUMP(env, "Invalid instruction\n");
1508                 info.si_signo = TARGET_SIGILL;
1509                 info.si_errno = 0;
1510                 switch (env->error_code & 0xF) {
1511                 case POWERPC_EXCP_INVAL_INVAL:
1512                     info.si_code = TARGET_ILL_ILLOPC;
1513                     break;
1514                 case POWERPC_EXCP_INVAL_LSWX:
1515                     info.si_code = TARGET_ILL_ILLOPN;
1516                     break;
1517                 case POWERPC_EXCP_INVAL_SPR:
1518                     info.si_code = TARGET_ILL_PRVREG;
1519                     break;
1520                 case POWERPC_EXCP_INVAL_FP:
1521                     info.si_code = TARGET_ILL_COPROC;
1522                     break;
1523                 default:
1524                     EXCP_DUMP(env, "Unknown invalid operation (%02x)\n",
1525                               env->error_code & 0xF);
1526                     info.si_code = TARGET_ILL_ILLADR;
1527                     break;
1528                 }
1529                 break;
1530             case POWERPC_EXCP_PRIV:
1531                 EXCP_DUMP(env, "Privilege violation\n");
1532                 info.si_signo = TARGET_SIGILL;
1533                 info.si_errno = 0;
1534                 switch (env->error_code & 0xF) {
1535                 case POWERPC_EXCP_PRIV_OPC:
1536                     info.si_code = TARGET_ILL_PRVOPC;
1537                     break;
1538                 case POWERPC_EXCP_PRIV_REG:
1539                     info.si_code = TARGET_ILL_PRVREG;
1540                     break;
1541                 default:
1542                     EXCP_DUMP(env, "Unknown privilege violation (%02x)\n",
1543                               env->error_code & 0xF);
1544                     info.si_code = TARGET_ILL_PRVOPC;
1545                     break;
1546                 }
1547                 break;
1548             case POWERPC_EXCP_TRAP:
1549                 cpu_abort(env, "Tried to call a TRAP\n");
1550                 break;
1551             default:
1552                 /* Should not happen ! */
1553                 cpu_abort(env, "Unknown program exception (%02x)\n",
1554                           env->error_code);
1555                 break;
1556             }
1557             info._sifields._sigfault._addr = env->nip - 4;
1558             queue_signal(env, info.si_signo, &info);
1559             break;
1560         case POWERPC_EXCP_FPU:      /* Floating-point unavailable exception  */
1561             EXCP_DUMP(env, "No floating point allowed\n");
1562             info.si_signo = TARGET_SIGILL;
1563             info.si_errno = 0;
1564             info.si_code = TARGET_ILL_COPROC;
1565             info._sifields._sigfault._addr = env->nip - 4;
1566             queue_signal(env, info.si_signo, &info);
1567             break;
1568         case POWERPC_EXCP_SYSCALL:  /* System call exception                 */
1569             cpu_abort(env, "Syscall exception while in user mode. "
1570                       "Aborting\n");
1571             break;
1572         case POWERPC_EXCP_APU:      /* Auxiliary processor unavailable       */
1573             EXCP_DUMP(env, "No APU instruction allowed\n");
1574             info.si_signo = TARGET_SIGILL;
1575             info.si_errno = 0;
1576             info.si_code = TARGET_ILL_COPROC;
1577             info._sifields._sigfault._addr = env->nip - 4;
1578             queue_signal(env, info.si_signo, &info);
1579             break;
1580         case POWERPC_EXCP_DECR:     /* Decrementer exception                 */
1581             cpu_abort(env, "Decrementer interrupt while in user mode. "
1582                       "Aborting\n");
1583             break;
1584         case POWERPC_EXCP_FIT:      /* Fixed-interval timer interrupt        */
1585             cpu_abort(env, "Fix interval timer interrupt while in user mode. "
1586                       "Aborting\n");
1587             break;
1588         case POWERPC_EXCP_WDT:      /* Watchdog timer interrupt              */
1589             cpu_abort(env, "Watchdog timer interrupt while in user mode. "
1590                       "Aborting\n");
1591             break;
1592         case POWERPC_EXCP_DTLB:     /* Data TLB error                        */
1593             cpu_abort(env, "Data TLB exception while in user mode. "
1594                       "Aborting\n");
1595             break;
1596         case POWERPC_EXCP_ITLB:     /* Instruction TLB error                 */
1597             cpu_abort(env, "Instruction TLB exception while in user mode. "
1598                       "Aborting\n");
1599             break;
1600         case POWERPC_EXCP_SPEU:     /* SPE/embedded floating-point unavail.  */
1601             EXCP_DUMP(env, "No SPE/floating-point instruction allowed\n");
1602             info.si_signo = TARGET_SIGILL;
1603             info.si_errno = 0;
1604             info.si_code = TARGET_ILL_COPROC;
1605             info._sifields._sigfault._addr = env->nip - 4;
1606             queue_signal(env, info.si_signo, &info);
1607             break;
1608         case POWERPC_EXCP_EFPDI:    /* Embedded floating-point data IRQ      */
1609             cpu_abort(env, "Embedded floating-point data IRQ not handled\n");
1610             break;
1611         case POWERPC_EXCP_EFPRI:    /* Embedded floating-point round IRQ     */
1612             cpu_abort(env, "Embedded floating-point round IRQ not handled\n");
1613             break;
1614         case POWERPC_EXCP_EPERFM:   /* Embedded performance monitor IRQ      */
1615             cpu_abort(env, "Performance monitor exception not handled\n");
1616             break;
1617         case POWERPC_EXCP_DOORI:    /* Embedded doorbell interrupt           */
1618             cpu_abort(env, "Doorbell interrupt while in user mode. "
1619                        "Aborting\n");
1620             break;
1621         case POWERPC_EXCP_DOORCI:   /* Embedded doorbell critical interrupt  */
1622             cpu_abort(env, "Doorbell critical interrupt while in user mode. "
1623                       "Aborting\n");
1624             break;
1625         case POWERPC_EXCP_RESET:    /* System reset exception                */
1626             cpu_abort(env, "Reset interrupt while in user mode. "
1627                       "Aborting\n");
1628             break;
1629         case POWERPC_EXCP_DSEG:     /* Data segment exception                */
1630             cpu_abort(env, "Data segment exception while in user mode. "
1631                       "Aborting\n");
1632             break;
1633         case POWERPC_EXCP_ISEG:     /* Instruction segment exception         */
1634             cpu_abort(env, "Instruction segment exception "
1635                       "while in user mode. Aborting\n");
1636             break;
1637         /* PowerPC 64 with hypervisor mode support */
1638         case POWERPC_EXCP_HDECR:    /* Hypervisor decrementer exception      */
1639             cpu_abort(env, "Hypervisor decrementer interrupt "
1640                       "while in user mode. Aborting\n");
1641             break;
1642         case POWERPC_EXCP_TRACE:    /* Trace exception                       */
1643             /* Nothing to do:
1644              * we use this exception to emulate step-by-step execution mode.
1645              */
1646             break;
1647         /* PowerPC 64 with hypervisor mode support */
1648         case POWERPC_EXCP_HDSI:     /* Hypervisor data storage exception     */
1649             cpu_abort(env, "Hypervisor data storage exception "
1650                       "while in user mode. Aborting\n");
1651             break;
1652         case POWERPC_EXCP_HISI:     /* Hypervisor instruction storage excp   */
1653             cpu_abort(env, "Hypervisor instruction storage exception "
1654                       "while in user mode. Aborting\n");
1655             break;
1656         case POWERPC_EXCP_HDSEG:    /* Hypervisor data segment exception     */
1657             cpu_abort(env, "Hypervisor data segment exception "
1658                       "while in user mode. Aborting\n");
1659             break;
1660         case POWERPC_EXCP_HISEG:    /* Hypervisor instruction segment excp   */
1661             cpu_abort(env, "Hypervisor instruction segment exception "
1662                       "while in user mode. Aborting\n");
1663             break;
1664         case POWERPC_EXCP_VPU:      /* Vector unavailable exception          */
1665             EXCP_DUMP(env, "No Altivec instructions allowed\n");
1666             info.si_signo = TARGET_SIGILL;
1667             info.si_errno = 0;
1668             info.si_code = TARGET_ILL_COPROC;
1669             info._sifields._sigfault._addr = env->nip - 4;
1670             queue_signal(env, info.si_signo, &info);
1671             break;
1672         case POWERPC_EXCP_PIT:      /* Programmable interval timer IRQ       */
1673             cpu_abort(env, "Programmable interval timer interrupt "
1674                       "while in user mode. Aborting\n");
1675             break;
1676         case POWERPC_EXCP_IO:       /* IO error exception                    */
1677             cpu_abort(env, "IO error exception while in user mode. "
1678                       "Aborting\n");
1679             break;
1680         case POWERPC_EXCP_RUNM:     /* Run mode exception                    */
1681             cpu_abort(env, "Run mode exception while in user mode. "
1682                       "Aborting\n");
1683             break;
1684         case POWERPC_EXCP_EMUL:     /* Emulation trap exception              */
1685             cpu_abort(env, "Emulation trap exception not handled\n");
1686             break;
1687         case POWERPC_EXCP_IFTLB:    /* Instruction fetch TLB error           */
1688             cpu_abort(env, "Instruction fetch TLB exception "
1689                       "while in user-mode. Aborting");
1690             break;
1691         case POWERPC_EXCP_DLTLB:    /* Data load TLB miss                    */
1692             cpu_abort(env, "Data load TLB exception while in user-mode. "
1693                       "Aborting");
1694             break;
1695         case POWERPC_EXCP_DSTLB:    /* Data store TLB miss                   */
1696             cpu_abort(env, "Data store TLB exception while in user-mode. "
1697                       "Aborting");
1698             break;
1699         case POWERPC_EXCP_FPA:      /* Floating-point assist exception       */
1700             cpu_abort(env, "Floating-point assist exception not handled\n");
1701             break;
1702         case POWERPC_EXCP_IABR:     /* Instruction address breakpoint        */
1703             cpu_abort(env, "Instruction address breakpoint exception "
1704                       "not handled\n");
1705             break;
1706         case POWERPC_EXCP_SMI:      /* System management interrupt           */
1707             cpu_abort(env, "System management interrupt while in user mode. "
1708                       "Aborting\n");
1709             break;
1710         case POWERPC_EXCP_THERM:    /* Thermal interrupt                     */
1711             cpu_abort(env, "Thermal interrupt interrupt while in user mode. "
1712                       "Aborting\n");
1713             break;
1714         case POWERPC_EXCP_PERFM:   /* Embedded performance monitor IRQ      */
1715             cpu_abort(env, "Performance monitor exception not handled\n");
1716             break;
1717         case POWERPC_EXCP_VPUA:     /* Vector assist exception               */
1718             cpu_abort(env, "Vector assist exception not handled\n");
1719             break;
1720         case POWERPC_EXCP_SOFTP:    /* Soft patch exception                  */
1721             cpu_abort(env, "Soft patch exception not handled\n");
1722             break;
1723         case POWERPC_EXCP_MAINT:    /* Maintenance exception                 */
1724             cpu_abort(env, "Maintenance exception while in user mode. "
1725                       "Aborting\n");
1726             break;
1727         case POWERPC_EXCP_STOP:     /* stop translation                      */
1728             /* We did invalidate the instruction cache. Go on */
1729             break;
1730         case POWERPC_EXCP_BRANCH:   /* branch instruction:                   */
1731             /* We just stopped because of a branch. Go on */
1732             break;
1733         case POWERPC_EXCP_SYSCALL_USER:
1734             /* system call in user-mode emulation */
1735             /* WARNING:
1736              * PPC ABI uses overflow flag in cr0 to signal an error
1737              * in syscalls.
1738              */
1739             env->crf[0] &= ~0x1;
1740             ret = do_syscall(env, env->gpr[0], env->gpr[3], env->gpr[4],
1741                              env->gpr[5], env->gpr[6], env->gpr[7],
1742                              env->gpr[8], 0, 0);
1743             if (ret == (target_ulong)(-TARGET_QEMU_ESIGRETURN)) {
1744                 /* Returning from a successful sigreturn syscall.
1745                    Avoid corrupting register state.  */
1746                 break;
1747             }
1748             if (ret > (target_ulong)(-515)) {
1749                 env->crf[0] |= 0x1;
1750                 ret = -ret;
1751             }
1752             env->gpr[3] = ret;
1753             break;
1754         case POWERPC_EXCP_STCX:
1755             if (do_store_exclusive(env)) {
1756                 info.si_signo = TARGET_SIGSEGV;
1757                 info.si_errno = 0;
1758                 info.si_code = TARGET_SEGV_MAPERR;
1759                 info._sifields._sigfault._addr = env->nip;
1760                 queue_signal(env, info.si_signo, &info);
1761             }
1762             break;
1763         case EXCP_DEBUG:
1764             {
1765                 int sig;
1766 
1767                 sig = gdb_handlesig(env, TARGET_SIGTRAP);
1768                 if (sig) {
1769                     info.si_signo = sig;
1770                     info.si_errno = 0;
1771                     info.si_code = TARGET_TRAP_BRKPT;
1772                     queue_signal(env, info.si_signo, &info);
1773                   }
1774             }
1775             break;
1776         case EXCP_INTERRUPT:
1777             /* just indicate that signals should be handled asap */
1778             break;
1779         default:
1780             cpu_abort(env, "Unknown exception 0x%d. Aborting\n", trapnr);
1781             break;
1782         }
1783         process_pending_signals(env);
1784     }
1785 }
1786 #endif
1787 
1788 #ifdef TARGET_MIPS
1789 
1790 #define MIPS_SYS(name, args) args,
1791 
1792 static const uint8_t mips_syscall_args[] = {
1793 	MIPS_SYS(sys_syscall	, 8)	/* 4000 */
1794 	MIPS_SYS(sys_exit	, 1)
1795 	MIPS_SYS(sys_fork	, 0)
1796 	MIPS_SYS(sys_read	, 3)
1797 	MIPS_SYS(sys_write	, 3)
1798 	MIPS_SYS(sys_open	, 3)	/* 4005 */
1799 	MIPS_SYS(sys_close	, 1)
1800 	MIPS_SYS(sys_waitpid	, 3)
1801 	MIPS_SYS(sys_creat	, 2)
1802 	MIPS_SYS(sys_link	, 2)
1803 	MIPS_SYS(sys_unlink	, 1)	/* 4010 */
1804 	MIPS_SYS(sys_execve	, 0)
1805 	MIPS_SYS(sys_chdir	, 1)
1806 	MIPS_SYS(sys_time	, 1)
1807 	MIPS_SYS(sys_mknod	, 3)
1808 	MIPS_SYS(sys_chmod	, 2)	/* 4015 */
1809 	MIPS_SYS(sys_lchown	, 3)
1810 	MIPS_SYS(sys_ni_syscall	, 0)
1811 	MIPS_SYS(sys_ni_syscall	, 0)	/* was sys_stat */
1812 	MIPS_SYS(sys_lseek	, 3)
1813 	MIPS_SYS(sys_getpid	, 0)	/* 4020 */
1814 	MIPS_SYS(sys_mount	, 5)
1815 	MIPS_SYS(sys_oldumount	, 1)
1816 	MIPS_SYS(sys_setuid	, 1)
1817 	MIPS_SYS(sys_getuid	, 0)
1818 	MIPS_SYS(sys_stime	, 1)	/* 4025 */
1819 	MIPS_SYS(sys_ptrace	, 4)
1820 	MIPS_SYS(sys_alarm	, 1)
1821 	MIPS_SYS(sys_ni_syscall	, 0)	/* was sys_fstat */
1822 	MIPS_SYS(sys_pause	, 0)
1823 	MIPS_SYS(sys_utime	, 2)	/* 4030 */
1824 	MIPS_SYS(sys_ni_syscall	, 0)
1825 	MIPS_SYS(sys_ni_syscall	, 0)
1826 	MIPS_SYS(sys_access	, 2)
1827 	MIPS_SYS(sys_nice	, 1)
1828 	MIPS_SYS(sys_ni_syscall	, 0)	/* 4035 */
1829 	MIPS_SYS(sys_sync	, 0)
1830 	MIPS_SYS(sys_kill	, 2)
1831 	MIPS_SYS(sys_rename	, 2)
1832 	MIPS_SYS(sys_mkdir	, 2)
1833 	MIPS_SYS(sys_rmdir	, 1)	/* 4040 */
1834 	MIPS_SYS(sys_dup		, 1)
1835 	MIPS_SYS(sys_pipe	, 0)
1836 	MIPS_SYS(sys_times	, 1)
1837 	MIPS_SYS(sys_ni_syscall	, 0)
1838 	MIPS_SYS(sys_brk		, 1)	/* 4045 */
1839 	MIPS_SYS(sys_setgid	, 1)
1840 	MIPS_SYS(sys_getgid	, 0)
1841 	MIPS_SYS(sys_ni_syscall	, 0)	/* was signal(2) */
1842 	MIPS_SYS(sys_geteuid	, 0)
1843 	MIPS_SYS(sys_getegid	, 0)	/* 4050 */
1844 	MIPS_SYS(sys_acct	, 0)
1845 	MIPS_SYS(sys_umount	, 2)
1846 	MIPS_SYS(sys_ni_syscall	, 0)
1847 	MIPS_SYS(sys_ioctl	, 3)
1848 	MIPS_SYS(sys_fcntl	, 3)	/* 4055 */
1849 	MIPS_SYS(sys_ni_syscall	, 2)
1850 	MIPS_SYS(sys_setpgid	, 2)
1851 	MIPS_SYS(sys_ni_syscall	, 0)
1852 	MIPS_SYS(sys_olduname	, 1)
1853 	MIPS_SYS(sys_umask	, 1)	/* 4060 */
1854 	MIPS_SYS(sys_chroot	, 1)
1855 	MIPS_SYS(sys_ustat	, 2)
1856 	MIPS_SYS(sys_dup2	, 2)
1857 	MIPS_SYS(sys_getppid	, 0)
1858 	MIPS_SYS(sys_getpgrp	, 0)	/* 4065 */
1859 	MIPS_SYS(sys_setsid	, 0)
1860 	MIPS_SYS(sys_sigaction	, 3)
1861 	MIPS_SYS(sys_sgetmask	, 0)
1862 	MIPS_SYS(sys_ssetmask	, 1)
1863 	MIPS_SYS(sys_setreuid	, 2)	/* 4070 */
1864 	MIPS_SYS(sys_setregid	, 2)
1865 	MIPS_SYS(sys_sigsuspend	, 0)
1866 	MIPS_SYS(sys_sigpending	, 1)
1867 	MIPS_SYS(sys_sethostname	, 2)
1868 	MIPS_SYS(sys_setrlimit	, 2)	/* 4075 */
1869 	MIPS_SYS(sys_getrlimit	, 2)
1870 	MIPS_SYS(sys_getrusage	, 2)
1871 	MIPS_SYS(sys_gettimeofday, 2)
1872 	MIPS_SYS(sys_settimeofday, 2)
1873 	MIPS_SYS(sys_getgroups	, 2)	/* 4080 */
1874 	MIPS_SYS(sys_setgroups	, 2)
1875 	MIPS_SYS(sys_ni_syscall	, 0)	/* old_select */
1876 	MIPS_SYS(sys_symlink	, 2)
1877 	MIPS_SYS(sys_ni_syscall	, 0)	/* was sys_lstat */
1878 	MIPS_SYS(sys_readlink	, 3)	/* 4085 */
1879 	MIPS_SYS(sys_uselib	, 1)
1880 	MIPS_SYS(sys_swapon	, 2)
1881 	MIPS_SYS(sys_reboot	, 3)
1882 	MIPS_SYS(old_readdir	, 3)
1883 	MIPS_SYS(old_mmap	, 6)	/* 4090 */
1884 	MIPS_SYS(sys_munmap	, 2)
1885 	MIPS_SYS(sys_truncate	, 2)
1886 	MIPS_SYS(sys_ftruncate	, 2)
1887 	MIPS_SYS(sys_fchmod	, 2)
1888 	MIPS_SYS(sys_fchown	, 3)	/* 4095 */
1889 	MIPS_SYS(sys_getpriority	, 2)
1890 	MIPS_SYS(sys_setpriority	, 3)
1891 	MIPS_SYS(sys_ni_syscall	, 0)
1892 	MIPS_SYS(sys_statfs	, 2)
1893 	MIPS_SYS(sys_fstatfs	, 2)	/* 4100 */
1894 	MIPS_SYS(sys_ni_syscall	, 0)	/* was ioperm(2) */
1895 	MIPS_SYS(sys_socketcall	, 2)
1896 	MIPS_SYS(sys_syslog	, 3)
1897 	MIPS_SYS(sys_setitimer	, 3)
1898 	MIPS_SYS(sys_getitimer	, 2)	/* 4105 */
1899 	MIPS_SYS(sys_newstat	, 2)
1900 	MIPS_SYS(sys_newlstat	, 2)
1901 	MIPS_SYS(sys_newfstat	, 2)
1902 	MIPS_SYS(sys_uname	, 1)
1903 	MIPS_SYS(sys_ni_syscall	, 0)	/* 4110 was iopl(2) */
1904 	MIPS_SYS(sys_vhangup	, 0)
1905 	MIPS_SYS(sys_ni_syscall	, 0)	/* was sys_idle() */
1906 	MIPS_SYS(sys_ni_syscall	, 0)	/* was sys_vm86 */
1907 	MIPS_SYS(sys_wait4	, 4)
1908 	MIPS_SYS(sys_swapoff	, 1)	/* 4115 */
1909 	MIPS_SYS(sys_sysinfo	, 1)
1910 	MIPS_SYS(sys_ipc		, 6)
1911 	MIPS_SYS(sys_fsync	, 1)
1912 	MIPS_SYS(sys_sigreturn	, 0)
1913 	MIPS_SYS(sys_clone	, 6)	/* 4120 */
1914 	MIPS_SYS(sys_setdomainname, 2)
1915 	MIPS_SYS(sys_newuname	, 1)
1916 	MIPS_SYS(sys_ni_syscall	, 0)	/* sys_modify_ldt */
1917 	MIPS_SYS(sys_adjtimex	, 1)
1918 	MIPS_SYS(sys_mprotect	, 3)	/* 4125 */
1919 	MIPS_SYS(sys_sigprocmask	, 3)
1920 	MIPS_SYS(sys_ni_syscall	, 0)	/* was create_module */
1921 	MIPS_SYS(sys_init_module	, 5)
1922 	MIPS_SYS(sys_delete_module, 1)
1923 	MIPS_SYS(sys_ni_syscall	, 0)	/* 4130	was get_kernel_syms */
1924 	MIPS_SYS(sys_quotactl	, 0)
1925 	MIPS_SYS(sys_getpgid	, 1)
1926 	MIPS_SYS(sys_fchdir	, 1)
1927 	MIPS_SYS(sys_bdflush	, 2)
1928 	MIPS_SYS(sys_sysfs	, 3)	/* 4135 */
1929 	MIPS_SYS(sys_personality	, 1)
1930 	MIPS_SYS(sys_ni_syscall	, 0)	/* for afs_syscall */
1931 	MIPS_SYS(sys_setfsuid	, 1)
1932 	MIPS_SYS(sys_setfsgid	, 1)
1933 	MIPS_SYS(sys_llseek	, 5)	/* 4140 */
1934 	MIPS_SYS(sys_getdents	, 3)
1935 	MIPS_SYS(sys_select	, 5)
1936 	MIPS_SYS(sys_flock	, 2)
1937 	MIPS_SYS(sys_msync	, 3)
1938 	MIPS_SYS(sys_readv	, 3)	/* 4145 */
1939 	MIPS_SYS(sys_writev	, 3)
1940 	MIPS_SYS(sys_cacheflush	, 3)
1941 	MIPS_SYS(sys_cachectl	, 3)
1942 	MIPS_SYS(sys_sysmips	, 4)
1943 	MIPS_SYS(sys_ni_syscall	, 0)	/* 4150 */
1944 	MIPS_SYS(sys_getsid	, 1)
1945 	MIPS_SYS(sys_fdatasync	, 0)
1946 	MIPS_SYS(sys_sysctl	, 1)
1947 	MIPS_SYS(sys_mlock	, 2)
1948 	MIPS_SYS(sys_munlock	, 2)	/* 4155 */
1949 	MIPS_SYS(sys_mlockall	, 1)
1950 	MIPS_SYS(sys_munlockall	, 0)
1951 	MIPS_SYS(sys_sched_setparam, 2)
1952 	MIPS_SYS(sys_sched_getparam, 2)
1953 	MIPS_SYS(sys_sched_setscheduler, 3)	/* 4160 */
1954 	MIPS_SYS(sys_sched_getscheduler, 1)
1955 	MIPS_SYS(sys_sched_yield	, 0)
1956 	MIPS_SYS(sys_sched_get_priority_max, 1)
1957 	MIPS_SYS(sys_sched_get_priority_min, 1)
1958 	MIPS_SYS(sys_sched_rr_get_interval, 2)	/* 4165 */
1959 	MIPS_SYS(sys_nanosleep,	2)
1960 	MIPS_SYS(sys_mremap	, 4)
1961 	MIPS_SYS(sys_accept	, 3)
1962 	MIPS_SYS(sys_bind	, 3)
1963 	MIPS_SYS(sys_connect	, 3)	/* 4170 */
1964 	MIPS_SYS(sys_getpeername	, 3)
1965 	MIPS_SYS(sys_getsockname	, 3)
1966 	MIPS_SYS(sys_getsockopt	, 5)
1967 	MIPS_SYS(sys_listen	, 2)
1968 	MIPS_SYS(sys_recv	, 4)	/* 4175 */
1969 	MIPS_SYS(sys_recvfrom	, 6)
1970 	MIPS_SYS(sys_recvmsg	, 3)
1971 	MIPS_SYS(sys_send	, 4)
1972 	MIPS_SYS(sys_sendmsg	, 3)
1973 	MIPS_SYS(sys_sendto	, 6)	/* 4180 */
1974 	MIPS_SYS(sys_setsockopt	, 5)
1975 	MIPS_SYS(sys_shutdown	, 2)
1976 	MIPS_SYS(sys_socket	, 3)
1977 	MIPS_SYS(sys_socketpair	, 4)
1978 	MIPS_SYS(sys_setresuid	, 3)	/* 4185 */
1979 	MIPS_SYS(sys_getresuid	, 3)
1980 	MIPS_SYS(sys_ni_syscall	, 0)	/* was sys_query_module */
1981 	MIPS_SYS(sys_poll	, 3)
1982 	MIPS_SYS(sys_nfsservctl	, 3)
1983 	MIPS_SYS(sys_setresgid	, 3)	/* 4190 */
1984 	MIPS_SYS(sys_getresgid	, 3)
1985 	MIPS_SYS(sys_prctl	, 5)
1986 	MIPS_SYS(sys_rt_sigreturn, 0)
1987 	MIPS_SYS(sys_rt_sigaction, 4)
1988 	MIPS_SYS(sys_rt_sigprocmask, 4)	/* 4195 */
1989 	MIPS_SYS(sys_rt_sigpending, 2)
1990 	MIPS_SYS(sys_rt_sigtimedwait, 4)
1991 	MIPS_SYS(sys_rt_sigqueueinfo, 3)
1992 	MIPS_SYS(sys_rt_sigsuspend, 0)
1993 	MIPS_SYS(sys_pread64	, 6)	/* 4200 */
1994 	MIPS_SYS(sys_pwrite64	, 6)
1995 	MIPS_SYS(sys_chown	, 3)
1996 	MIPS_SYS(sys_getcwd	, 2)
1997 	MIPS_SYS(sys_capget	, 2)
1998 	MIPS_SYS(sys_capset	, 2)	/* 4205 */
1999 	MIPS_SYS(sys_sigaltstack	, 2)
2000 	MIPS_SYS(sys_sendfile	, 4)
2001 	MIPS_SYS(sys_ni_syscall	, 0)
2002 	MIPS_SYS(sys_ni_syscall	, 0)
2003 	MIPS_SYS(sys_mmap2	, 6)	/* 4210 */
2004 	MIPS_SYS(sys_truncate64	, 4)
2005 	MIPS_SYS(sys_ftruncate64	, 4)
2006 	MIPS_SYS(sys_stat64	, 2)
2007 	MIPS_SYS(sys_lstat64	, 2)
2008 	MIPS_SYS(sys_fstat64	, 2)	/* 4215 */
2009 	MIPS_SYS(sys_pivot_root	, 2)
2010 	MIPS_SYS(sys_mincore	, 3)
2011 	MIPS_SYS(sys_madvise	, 3)
2012 	MIPS_SYS(sys_getdents64	, 3)
2013 	MIPS_SYS(sys_fcntl64	, 3)	/* 4220 */
2014 	MIPS_SYS(sys_ni_syscall	, 0)
2015 	MIPS_SYS(sys_gettid	, 0)
2016 	MIPS_SYS(sys_readahead	, 5)
2017 	MIPS_SYS(sys_setxattr	, 5)
2018 	MIPS_SYS(sys_lsetxattr	, 5)	/* 4225 */
2019 	MIPS_SYS(sys_fsetxattr	, 5)
2020 	MIPS_SYS(sys_getxattr	, 4)
2021 	MIPS_SYS(sys_lgetxattr	, 4)
2022 	MIPS_SYS(sys_fgetxattr	, 4)
2023 	MIPS_SYS(sys_listxattr	, 3)	/* 4230 */
2024 	MIPS_SYS(sys_llistxattr	, 3)
2025 	MIPS_SYS(sys_flistxattr	, 3)
2026 	MIPS_SYS(sys_removexattr	, 2)
2027 	MIPS_SYS(sys_lremovexattr, 2)
2028 	MIPS_SYS(sys_fremovexattr, 2)	/* 4235 */
2029 	MIPS_SYS(sys_tkill	, 2)
2030 	MIPS_SYS(sys_sendfile64	, 5)
2031 	MIPS_SYS(sys_futex	, 2)
2032 	MIPS_SYS(sys_sched_setaffinity, 3)
2033 	MIPS_SYS(sys_sched_getaffinity, 3)	/* 4240 */
2034 	MIPS_SYS(sys_io_setup	, 2)
2035 	MIPS_SYS(sys_io_destroy	, 1)
2036 	MIPS_SYS(sys_io_getevents, 5)
2037 	MIPS_SYS(sys_io_submit	, 3)
2038 	MIPS_SYS(sys_io_cancel	, 3)	/* 4245 */
2039 	MIPS_SYS(sys_exit_group	, 1)
2040 	MIPS_SYS(sys_lookup_dcookie, 3)
2041 	MIPS_SYS(sys_epoll_create, 1)
2042 	MIPS_SYS(sys_epoll_ctl	, 4)
2043 	MIPS_SYS(sys_epoll_wait	, 3)	/* 4250 */
2044 	MIPS_SYS(sys_remap_file_pages, 5)
2045 	MIPS_SYS(sys_set_tid_address, 1)
2046 	MIPS_SYS(sys_restart_syscall, 0)
2047 	MIPS_SYS(sys_fadvise64_64, 7)
2048 	MIPS_SYS(sys_statfs64	, 3)	/* 4255 */
2049 	MIPS_SYS(sys_fstatfs64	, 2)
2050 	MIPS_SYS(sys_timer_create, 3)
2051 	MIPS_SYS(sys_timer_settime, 4)
2052 	MIPS_SYS(sys_timer_gettime, 2)
2053 	MIPS_SYS(sys_timer_getoverrun, 1)	/* 4260 */
2054 	MIPS_SYS(sys_timer_delete, 1)
2055 	MIPS_SYS(sys_clock_settime, 2)
2056 	MIPS_SYS(sys_clock_gettime, 2)
2057 	MIPS_SYS(sys_clock_getres, 2)
2058 	MIPS_SYS(sys_clock_nanosleep, 4)	/* 4265 */
2059 	MIPS_SYS(sys_tgkill	, 3)
2060 	MIPS_SYS(sys_utimes	, 2)
2061 	MIPS_SYS(sys_mbind	, 4)
2062 	MIPS_SYS(sys_ni_syscall	, 0)	/* sys_get_mempolicy */
2063 	MIPS_SYS(sys_ni_syscall	, 0)	/* 4270 sys_set_mempolicy */
2064 	MIPS_SYS(sys_mq_open	, 4)
2065 	MIPS_SYS(sys_mq_unlink	, 1)
2066 	MIPS_SYS(sys_mq_timedsend, 5)
2067 	MIPS_SYS(sys_mq_timedreceive, 5)
2068 	MIPS_SYS(sys_mq_notify	, 2)	/* 4275 */
2069 	MIPS_SYS(sys_mq_getsetattr, 3)
2070 	MIPS_SYS(sys_ni_syscall	, 0)	/* sys_vserver */
2071 	MIPS_SYS(sys_waitid	, 4)
2072 	MIPS_SYS(sys_ni_syscall	, 0)	/* available, was setaltroot */
2073 	MIPS_SYS(sys_add_key	, 5)
2074 	MIPS_SYS(sys_request_key, 4)
2075 	MIPS_SYS(sys_keyctl	, 5)
2076 	MIPS_SYS(sys_set_thread_area, 1)
2077 	MIPS_SYS(sys_inotify_init, 0)
2078 	MIPS_SYS(sys_inotify_add_watch, 3) /* 4285 */
2079 	MIPS_SYS(sys_inotify_rm_watch, 2)
2080 	MIPS_SYS(sys_migrate_pages, 4)
2081 	MIPS_SYS(sys_openat, 4)
2082 	MIPS_SYS(sys_mkdirat, 3)
2083 	MIPS_SYS(sys_mknodat, 4)	/* 4290 */
2084 	MIPS_SYS(sys_fchownat, 5)
2085 	MIPS_SYS(sys_futimesat, 3)
2086 	MIPS_SYS(sys_fstatat64, 4)
2087 	MIPS_SYS(sys_unlinkat, 3)
2088 	MIPS_SYS(sys_renameat, 4)	/* 4295 */
2089 	MIPS_SYS(sys_linkat, 5)
2090 	MIPS_SYS(sys_symlinkat, 3)
2091 	MIPS_SYS(sys_readlinkat, 4)
2092 	MIPS_SYS(sys_fchmodat, 3)
2093 	MIPS_SYS(sys_faccessat, 3)	/* 4300 */
2094 	MIPS_SYS(sys_pselect6, 6)
2095 	MIPS_SYS(sys_ppoll, 5)
2096 	MIPS_SYS(sys_unshare, 1)
2097 	MIPS_SYS(sys_splice, 4)
2098 	MIPS_SYS(sys_sync_file_range, 7) /* 4305 */
2099 	MIPS_SYS(sys_tee, 4)
2100 	MIPS_SYS(sys_vmsplice, 4)
2101 	MIPS_SYS(sys_move_pages, 6)
2102 	MIPS_SYS(sys_set_robust_list, 2)
2103 	MIPS_SYS(sys_get_robust_list, 3) /* 4310 */
2104 	MIPS_SYS(sys_kexec_load, 4)
2105 	MIPS_SYS(sys_getcpu, 3)
2106 	MIPS_SYS(sys_epoll_pwait, 6)
2107 	MIPS_SYS(sys_ioprio_set, 3)
2108 	MIPS_SYS(sys_ioprio_get, 2)
2109         MIPS_SYS(sys_utimensat, 4)
2110         MIPS_SYS(sys_signalfd, 3)
2111         MIPS_SYS(sys_ni_syscall, 0)     /* was timerfd */
2112         MIPS_SYS(sys_eventfd, 1)
2113         MIPS_SYS(sys_fallocate, 6)      /* 4320 */
2114         MIPS_SYS(sys_timerfd_create, 2)
2115         MIPS_SYS(sys_timerfd_gettime, 2)
2116         MIPS_SYS(sys_timerfd_settime, 4)
2117         MIPS_SYS(sys_signalfd4, 4)
2118         MIPS_SYS(sys_eventfd2, 2)       /* 4325 */
2119         MIPS_SYS(sys_epoll_create1, 1)
2120         MIPS_SYS(sys_dup3, 3)
2121         MIPS_SYS(sys_pipe2, 2)
2122         MIPS_SYS(sys_inotify_init1, 1)
2123         MIPS_SYS(sys_preadv, 6)         /* 4330 */
2124         MIPS_SYS(sys_pwritev, 6)
2125         MIPS_SYS(sys_rt_tgsigqueueinfo, 4)
2126         MIPS_SYS(sys_perf_event_open, 5)
2127         MIPS_SYS(sys_accept4, 4)
2128         MIPS_SYS(sys_recvmmsg, 5)       /* 4335 */
2129         MIPS_SYS(sys_fanotify_init, 2)
2130         MIPS_SYS(sys_fanotify_mark, 6)
2131         MIPS_SYS(sys_prlimit64, 4)
2132         MIPS_SYS(sys_name_to_handle_at, 5)
2133         MIPS_SYS(sys_open_by_handle_at, 3) /* 4340 */
2134         MIPS_SYS(sys_clock_adjtime, 2)
2135         MIPS_SYS(sys_syncfs, 1)
2136 };
2137 
2138 #undef MIPS_SYS
2139 
2140 static int do_store_exclusive(CPUMIPSState *env)
2141 {
2142     target_ulong addr;
2143     target_ulong page_addr;
2144     target_ulong val;
2145     int flags;
2146     int segv = 0;
2147     int reg;
2148     int d;
2149 
2150     addr = env->lladdr;
2151     page_addr = addr & TARGET_PAGE_MASK;
2152     start_exclusive();
2153     mmap_lock();
2154     flags = page_get_flags(page_addr);
2155     if ((flags & PAGE_READ) == 0) {
2156         segv = 1;
2157     } else {
2158         reg = env->llreg & 0x1f;
2159         d = (env->llreg & 0x20) != 0;
2160         if (d) {
2161             segv = get_user_s64(val, addr);
2162         } else {
2163             segv = get_user_s32(val, addr);
2164         }
2165         if (!segv) {
2166             if (val != env->llval) {
2167                 env->active_tc.gpr[reg] = 0;
2168             } else {
2169                 if (d) {
2170                     segv = put_user_u64(env->llnewval, addr);
2171                 } else {
2172                     segv = put_user_u32(env->llnewval, addr);
2173                 }
2174                 if (!segv) {
2175                     env->active_tc.gpr[reg] = 1;
2176                 }
2177             }
2178         }
2179     }
2180     env->lladdr = -1;
2181     if (!segv) {
2182         env->active_tc.PC += 4;
2183     }
2184     mmap_unlock();
2185     end_exclusive();
2186     return segv;
2187 }
2188 
2189 void cpu_loop(CPUMIPSState *env)
2190 {
2191     CPUState *cs = CPU(mips_env_get_cpu(env));
2192     target_siginfo_t info;
2193     int trapnr, ret;
2194     unsigned int syscall_num;
2195 
2196     for(;;) {
2197         cpu_exec_start(cs);
2198         trapnr = cpu_mips_exec(env);
2199         cpu_exec_end(cs);
2200         switch(trapnr) {
2201         case EXCP_SYSCALL:
2202             syscall_num = env->active_tc.gpr[2] - 4000;
2203             env->active_tc.PC += 4;
2204             if (syscall_num >= sizeof(mips_syscall_args)) {
2205                 ret = -TARGET_ENOSYS;
2206             } else {
2207                 int nb_args;
2208                 abi_ulong sp_reg;
2209                 abi_ulong arg5 = 0, arg6 = 0, arg7 = 0, arg8 = 0;
2210 
2211                 nb_args = mips_syscall_args[syscall_num];
2212                 sp_reg = env->active_tc.gpr[29];
2213                 switch (nb_args) {
2214                 /* these arguments are taken from the stack */
2215                 case 8:
2216                     if ((ret = get_user_ual(arg8, sp_reg + 28)) != 0) {
2217                         goto done_syscall;
2218                     }
2219                 case 7:
2220                     if ((ret = get_user_ual(arg7, sp_reg + 24)) != 0) {
2221                         goto done_syscall;
2222                     }
2223                 case 6:
2224                     if ((ret = get_user_ual(arg6, sp_reg + 20)) != 0) {
2225                         goto done_syscall;
2226                     }
2227                 case 5:
2228                     if ((ret = get_user_ual(arg5, sp_reg + 16)) != 0) {
2229                         goto done_syscall;
2230                     }
2231                 default:
2232                     break;
2233                 }
2234                 ret = do_syscall(env, env->active_tc.gpr[2],
2235                                  env->active_tc.gpr[4],
2236                                  env->active_tc.gpr[5],
2237                                  env->active_tc.gpr[6],
2238                                  env->active_tc.gpr[7],
2239                                  arg5, arg6, arg7, arg8);
2240             }
2241 done_syscall:
2242             if (ret == -TARGET_QEMU_ESIGRETURN) {
2243                 /* Returning from a successful sigreturn syscall.
2244                    Avoid clobbering register state.  */
2245                 break;
2246             }
2247             if ((unsigned int)ret >= (unsigned int)(-1133)) {
2248                 env->active_tc.gpr[7] = 1; /* error flag */
2249                 ret = -ret;
2250             } else {
2251                 env->active_tc.gpr[7] = 0; /* error flag */
2252             }
2253             env->active_tc.gpr[2] = ret;
2254             break;
2255         case EXCP_TLBL:
2256         case EXCP_TLBS:
2257         case EXCP_AdEL:
2258         case EXCP_AdES:
2259             info.si_signo = TARGET_SIGSEGV;
2260             info.si_errno = 0;
2261             /* XXX: check env->error_code */
2262             info.si_code = TARGET_SEGV_MAPERR;
2263             info._sifields._sigfault._addr = env->CP0_BadVAddr;
2264             queue_signal(env, info.si_signo, &info);
2265             break;
2266         case EXCP_CpU:
2267         case EXCP_RI:
2268             info.si_signo = TARGET_SIGILL;
2269             info.si_errno = 0;
2270             info.si_code = 0;
2271             queue_signal(env, info.si_signo, &info);
2272             break;
2273         case EXCP_INTERRUPT:
2274             /* just indicate that signals should be handled asap */
2275             break;
2276         case EXCP_DEBUG:
2277             {
2278                 int sig;
2279 
2280                 sig = gdb_handlesig (env, TARGET_SIGTRAP);
2281                 if (sig)
2282                   {
2283                     info.si_signo = sig;
2284                     info.si_errno = 0;
2285                     info.si_code = TARGET_TRAP_BRKPT;
2286                     queue_signal(env, info.si_signo, &info);
2287                   }
2288             }
2289             break;
2290         case EXCP_SC:
2291             if (do_store_exclusive(env)) {
2292                 info.si_signo = TARGET_SIGSEGV;
2293                 info.si_errno = 0;
2294                 info.si_code = TARGET_SEGV_MAPERR;
2295                 info._sifields._sigfault._addr = env->active_tc.PC;
2296                 queue_signal(env, info.si_signo, &info);
2297             }
2298             break;
2299         case EXCP_DSPDIS:
2300             info.si_signo = TARGET_SIGILL;
2301             info.si_errno = 0;
2302             info.si_code = TARGET_ILL_ILLOPC;
2303             queue_signal(env, info.si_signo, &info);
2304             break;
2305         default:
2306             //        error:
2307             fprintf(stderr, "qemu: unhandled CPU exception 0x%x - aborting\n",
2308                     trapnr);
2309             cpu_dump_state(env, stderr, fprintf, 0);
2310             abort();
2311         }
2312         process_pending_signals(env);
2313     }
2314 }
2315 #endif
2316 
2317 #ifdef TARGET_OPENRISC
2318 
2319 void cpu_loop(CPUOpenRISCState *env)
2320 {
2321     int trapnr, gdbsig;
2322 
2323     for (;;) {
2324         trapnr = cpu_exec(env);
2325         gdbsig = 0;
2326 
2327         switch (trapnr) {
2328         case EXCP_RESET:
2329             qemu_log("\nReset request, exit, pc is %#x\n", env->pc);
2330             exit(1);
2331             break;
2332         case EXCP_BUSERR:
2333             qemu_log("\nBus error, exit, pc is %#x\n", env->pc);
2334             gdbsig = SIGBUS;
2335             break;
2336         case EXCP_DPF:
2337         case EXCP_IPF:
2338             cpu_dump_state(env, stderr, fprintf, 0);
2339             gdbsig = TARGET_SIGSEGV;
2340             break;
2341         case EXCP_TICK:
2342             qemu_log("\nTick time interrupt pc is %#x\n", env->pc);
2343             break;
2344         case EXCP_ALIGN:
2345             qemu_log("\nAlignment pc is %#x\n", env->pc);
2346             gdbsig = SIGBUS;
2347             break;
2348         case EXCP_ILLEGAL:
2349             qemu_log("\nIllegal instructionpc is %#x\n", env->pc);
2350             gdbsig = SIGILL;
2351             break;
2352         case EXCP_INT:
2353             qemu_log("\nExternal interruptpc is %#x\n", env->pc);
2354             break;
2355         case EXCP_DTLBMISS:
2356         case EXCP_ITLBMISS:
2357             qemu_log("\nTLB miss\n");
2358             break;
2359         case EXCP_RANGE:
2360             qemu_log("\nRange\n");
2361             gdbsig = SIGSEGV;
2362             break;
2363         case EXCP_SYSCALL:
2364             env->pc += 4;   /* 0xc00; */
2365             env->gpr[11] = do_syscall(env,
2366                                       env->gpr[11], /* return value       */
2367                                       env->gpr[3],  /* r3 - r7 are params */
2368                                       env->gpr[4],
2369                                       env->gpr[5],
2370                                       env->gpr[6],
2371                                       env->gpr[7],
2372                                       env->gpr[8], 0, 0);
2373             break;
2374         case EXCP_FPE:
2375             qemu_log("\nFloating point error\n");
2376             break;
2377         case EXCP_TRAP:
2378             qemu_log("\nTrap\n");
2379             gdbsig = SIGTRAP;
2380             break;
2381         case EXCP_NR:
2382             qemu_log("\nNR\n");
2383             break;
2384         default:
2385             qemu_log("\nqemu: unhandled CPU exception %#x - aborting\n",
2386                      trapnr);
2387             cpu_dump_state(env, stderr, fprintf, 0);
2388             gdbsig = TARGET_SIGILL;
2389             break;
2390         }
2391         if (gdbsig) {
2392             gdb_handlesig(env, gdbsig);
2393             if (gdbsig != TARGET_SIGTRAP) {
2394                 exit(1);
2395             }
2396         }
2397 
2398         process_pending_signals(env);
2399     }
2400 }
2401 
2402 #endif /* TARGET_OPENRISC */
2403 
2404 #ifdef TARGET_SH4
2405 void cpu_loop(CPUSH4State *env)
2406 {
2407     int trapnr, ret;
2408     target_siginfo_t info;
2409 
2410     while (1) {
2411         trapnr = cpu_sh4_exec (env);
2412 
2413         switch (trapnr) {
2414         case 0x160:
2415             env->pc += 2;
2416             ret = do_syscall(env,
2417                              env->gregs[3],
2418                              env->gregs[4],
2419                              env->gregs[5],
2420                              env->gregs[6],
2421                              env->gregs[7],
2422                              env->gregs[0],
2423                              env->gregs[1],
2424                              0, 0);
2425             env->gregs[0] = ret;
2426             break;
2427         case EXCP_INTERRUPT:
2428             /* just indicate that signals should be handled asap */
2429             break;
2430         case EXCP_DEBUG:
2431             {
2432                 int sig;
2433 
2434                 sig = gdb_handlesig (env, TARGET_SIGTRAP);
2435                 if (sig)
2436                   {
2437                     info.si_signo = sig;
2438                     info.si_errno = 0;
2439                     info.si_code = TARGET_TRAP_BRKPT;
2440                     queue_signal(env, info.si_signo, &info);
2441                   }
2442             }
2443             break;
2444 	case 0xa0:
2445 	case 0xc0:
2446             info.si_signo = SIGSEGV;
2447             info.si_errno = 0;
2448             info.si_code = TARGET_SEGV_MAPERR;
2449             info._sifields._sigfault._addr = env->tea;
2450             queue_signal(env, info.si_signo, &info);
2451 	    break;
2452 
2453         default:
2454             printf ("Unhandled trap: 0x%x\n", trapnr);
2455             cpu_dump_state(env, stderr, fprintf, 0);
2456             exit (1);
2457         }
2458         process_pending_signals (env);
2459     }
2460 }
2461 #endif
2462 
2463 #ifdef TARGET_CRIS
2464 void cpu_loop(CPUCRISState *env)
2465 {
2466     int trapnr, ret;
2467     target_siginfo_t info;
2468 
2469     while (1) {
2470         trapnr = cpu_cris_exec (env);
2471         switch (trapnr) {
2472         case 0xaa:
2473             {
2474                 info.si_signo = SIGSEGV;
2475                 info.si_errno = 0;
2476                 /* XXX: check env->error_code */
2477                 info.si_code = TARGET_SEGV_MAPERR;
2478                 info._sifields._sigfault._addr = env->pregs[PR_EDA];
2479                 queue_signal(env, info.si_signo, &info);
2480             }
2481             break;
2482 	case EXCP_INTERRUPT:
2483 	  /* just indicate that signals should be handled asap */
2484 	  break;
2485         case EXCP_BREAK:
2486             ret = do_syscall(env,
2487                              env->regs[9],
2488                              env->regs[10],
2489                              env->regs[11],
2490                              env->regs[12],
2491                              env->regs[13],
2492                              env->pregs[7],
2493                              env->pregs[11],
2494                              0, 0);
2495             env->regs[10] = ret;
2496             break;
2497         case EXCP_DEBUG:
2498             {
2499                 int sig;
2500 
2501                 sig = gdb_handlesig (env, TARGET_SIGTRAP);
2502                 if (sig)
2503                   {
2504                     info.si_signo = sig;
2505                     info.si_errno = 0;
2506                     info.si_code = TARGET_TRAP_BRKPT;
2507                     queue_signal(env, info.si_signo, &info);
2508                   }
2509             }
2510             break;
2511         default:
2512             printf ("Unhandled trap: 0x%x\n", trapnr);
2513             cpu_dump_state(env, stderr, fprintf, 0);
2514             exit (1);
2515         }
2516         process_pending_signals (env);
2517     }
2518 }
2519 #endif
2520 
2521 #ifdef TARGET_MICROBLAZE
2522 void cpu_loop(CPUMBState *env)
2523 {
2524     int trapnr, ret;
2525     target_siginfo_t info;
2526 
2527     while (1) {
2528         trapnr = cpu_mb_exec (env);
2529         switch (trapnr) {
2530         case 0xaa:
2531             {
2532                 info.si_signo = SIGSEGV;
2533                 info.si_errno = 0;
2534                 /* XXX: check env->error_code */
2535                 info.si_code = TARGET_SEGV_MAPERR;
2536                 info._sifields._sigfault._addr = 0;
2537                 queue_signal(env, info.si_signo, &info);
2538             }
2539             break;
2540 	case EXCP_INTERRUPT:
2541 	  /* just indicate that signals should be handled asap */
2542 	  break;
2543         case EXCP_BREAK:
2544             /* Return address is 4 bytes after the call.  */
2545             env->regs[14] += 4;
2546             env->sregs[SR_PC] = env->regs[14];
2547             ret = do_syscall(env,
2548                              env->regs[12],
2549                              env->regs[5],
2550                              env->regs[6],
2551                              env->regs[7],
2552                              env->regs[8],
2553                              env->regs[9],
2554                              env->regs[10],
2555                              0, 0);
2556             env->regs[3] = ret;
2557             break;
2558         case EXCP_HW_EXCP:
2559             env->regs[17] = env->sregs[SR_PC] + 4;
2560             if (env->iflags & D_FLAG) {
2561                 env->sregs[SR_ESR] |= 1 << 12;
2562                 env->sregs[SR_PC] -= 4;
2563                 /* FIXME: if branch was immed, replay the imm as well.  */
2564             }
2565 
2566             env->iflags &= ~(IMM_FLAG | D_FLAG);
2567 
2568             switch (env->sregs[SR_ESR] & 31) {
2569                 case ESR_EC_DIVZERO:
2570                     info.si_signo = SIGFPE;
2571                     info.si_errno = 0;
2572                     info.si_code = TARGET_FPE_FLTDIV;
2573                     info._sifields._sigfault._addr = 0;
2574                     queue_signal(env, info.si_signo, &info);
2575                     break;
2576                 case ESR_EC_FPU:
2577                     info.si_signo = SIGFPE;
2578                     info.si_errno = 0;
2579                     if (env->sregs[SR_FSR] & FSR_IO) {
2580                         info.si_code = TARGET_FPE_FLTINV;
2581                     }
2582                     if (env->sregs[SR_FSR] & FSR_DZ) {
2583                         info.si_code = TARGET_FPE_FLTDIV;
2584                     }
2585                     info._sifields._sigfault._addr = 0;
2586                     queue_signal(env, info.si_signo, &info);
2587                     break;
2588                 default:
2589                     printf ("Unhandled hw-exception: 0x%x\n",
2590                             env->sregs[SR_ESR] & ESR_EC_MASK);
2591                     cpu_dump_state(env, stderr, fprintf, 0);
2592                     exit (1);
2593                     break;
2594             }
2595             break;
2596         case EXCP_DEBUG:
2597             {
2598                 int sig;
2599 
2600                 sig = gdb_handlesig (env, TARGET_SIGTRAP);
2601                 if (sig)
2602                   {
2603                     info.si_signo = sig;
2604                     info.si_errno = 0;
2605                     info.si_code = TARGET_TRAP_BRKPT;
2606                     queue_signal(env, info.si_signo, &info);
2607                   }
2608             }
2609             break;
2610         default:
2611             printf ("Unhandled trap: 0x%x\n", trapnr);
2612             cpu_dump_state(env, stderr, fprintf, 0);
2613             exit (1);
2614         }
2615         process_pending_signals (env);
2616     }
2617 }
2618 #endif
2619 
2620 #ifdef TARGET_M68K
2621 
2622 void cpu_loop(CPUM68KState *env)
2623 {
2624     int trapnr;
2625     unsigned int n;
2626     target_siginfo_t info;
2627     TaskState *ts = env->opaque;
2628 
2629     for(;;) {
2630         trapnr = cpu_m68k_exec(env);
2631         switch(trapnr) {
2632         case EXCP_ILLEGAL:
2633             {
2634                 if (ts->sim_syscalls) {
2635                     uint16_t nr;
2636                     nr = lduw(env->pc + 2);
2637                     env->pc += 4;
2638                     do_m68k_simcall(env, nr);
2639                 } else {
2640                     goto do_sigill;
2641                 }
2642             }
2643             break;
2644         case EXCP_HALT_INSN:
2645             /* Semihosing syscall.  */
2646             env->pc += 4;
2647             do_m68k_semihosting(env, env->dregs[0]);
2648             break;
2649         case EXCP_LINEA:
2650         case EXCP_LINEF:
2651         case EXCP_UNSUPPORTED:
2652         do_sigill:
2653             info.si_signo = SIGILL;
2654             info.si_errno = 0;
2655             info.si_code = TARGET_ILL_ILLOPN;
2656             info._sifields._sigfault._addr = env->pc;
2657             queue_signal(env, info.si_signo, &info);
2658             break;
2659         case EXCP_TRAP0:
2660             {
2661                 ts->sim_syscalls = 0;
2662                 n = env->dregs[0];
2663                 env->pc += 2;
2664                 env->dregs[0] = do_syscall(env,
2665                                           n,
2666                                           env->dregs[1],
2667                                           env->dregs[2],
2668                                           env->dregs[3],
2669                                           env->dregs[4],
2670                                           env->dregs[5],
2671                                           env->aregs[0],
2672                                           0, 0);
2673             }
2674             break;
2675         case EXCP_INTERRUPT:
2676             /* just indicate that signals should be handled asap */
2677             break;
2678         case EXCP_ACCESS:
2679             {
2680                 info.si_signo = SIGSEGV;
2681                 info.si_errno = 0;
2682                 /* XXX: check env->error_code */
2683                 info.si_code = TARGET_SEGV_MAPERR;
2684                 info._sifields._sigfault._addr = env->mmu.ar;
2685                 queue_signal(env, info.si_signo, &info);
2686             }
2687             break;
2688         case EXCP_DEBUG:
2689             {
2690                 int sig;
2691 
2692                 sig = gdb_handlesig (env, TARGET_SIGTRAP);
2693                 if (sig)
2694                   {
2695                     info.si_signo = sig;
2696                     info.si_errno = 0;
2697                     info.si_code = TARGET_TRAP_BRKPT;
2698                     queue_signal(env, info.si_signo, &info);
2699                   }
2700             }
2701             break;
2702         default:
2703             fprintf(stderr, "qemu: unhandled CPU exception 0x%x - aborting\n",
2704                     trapnr);
2705             cpu_dump_state(env, stderr, fprintf, 0);
2706             abort();
2707         }
2708         process_pending_signals(env);
2709     }
2710 }
2711 #endif /* TARGET_M68K */
2712 
2713 #ifdef TARGET_ALPHA
2714 static void do_store_exclusive(CPUAlphaState *env, int reg, int quad)
2715 {
2716     target_ulong addr, val, tmp;
2717     target_siginfo_t info;
2718     int ret = 0;
2719 
2720     addr = env->lock_addr;
2721     tmp = env->lock_st_addr;
2722     env->lock_addr = -1;
2723     env->lock_st_addr = 0;
2724 
2725     start_exclusive();
2726     mmap_lock();
2727 
2728     if (addr == tmp) {
2729         if (quad ? get_user_s64(val, addr) : get_user_s32(val, addr)) {
2730             goto do_sigsegv;
2731         }
2732 
2733         if (val == env->lock_value) {
2734             tmp = env->ir[reg];
2735             if (quad ? put_user_u64(tmp, addr) : put_user_u32(tmp, addr)) {
2736                 goto do_sigsegv;
2737             }
2738             ret = 1;
2739         }
2740     }
2741     env->ir[reg] = ret;
2742     env->pc += 4;
2743 
2744     mmap_unlock();
2745     end_exclusive();
2746     return;
2747 
2748  do_sigsegv:
2749     mmap_unlock();
2750     end_exclusive();
2751 
2752     info.si_signo = TARGET_SIGSEGV;
2753     info.si_errno = 0;
2754     info.si_code = TARGET_SEGV_MAPERR;
2755     info._sifields._sigfault._addr = addr;
2756     queue_signal(env, TARGET_SIGSEGV, &info);
2757 }
2758 
2759 void cpu_loop(CPUAlphaState *env)
2760 {
2761     int trapnr;
2762     target_siginfo_t info;
2763     abi_long sysret;
2764 
2765     while (1) {
2766         trapnr = cpu_alpha_exec (env);
2767 
2768         /* All of the traps imply a transition through PALcode, which
2769            implies an REI instruction has been executed.  Which means
2770            that the intr_flag should be cleared.  */
2771         env->intr_flag = 0;
2772 
2773         switch (trapnr) {
2774         case EXCP_RESET:
2775             fprintf(stderr, "Reset requested. Exit\n");
2776             exit(1);
2777             break;
2778         case EXCP_MCHK:
2779             fprintf(stderr, "Machine check exception. Exit\n");
2780             exit(1);
2781             break;
2782         case EXCP_SMP_INTERRUPT:
2783         case EXCP_CLK_INTERRUPT:
2784         case EXCP_DEV_INTERRUPT:
2785             fprintf(stderr, "External interrupt. Exit\n");
2786             exit(1);
2787             break;
2788         case EXCP_MMFAULT:
2789             env->lock_addr = -1;
2790             info.si_signo = TARGET_SIGSEGV;
2791             info.si_errno = 0;
2792             info.si_code = (page_get_flags(env->trap_arg0) & PAGE_VALID
2793                             ? TARGET_SEGV_ACCERR : TARGET_SEGV_MAPERR);
2794             info._sifields._sigfault._addr = env->trap_arg0;
2795             queue_signal(env, info.si_signo, &info);
2796             break;
2797         case EXCP_UNALIGN:
2798             env->lock_addr = -1;
2799             info.si_signo = TARGET_SIGBUS;
2800             info.si_errno = 0;
2801             info.si_code = TARGET_BUS_ADRALN;
2802             info._sifields._sigfault._addr = env->trap_arg0;
2803             queue_signal(env, info.si_signo, &info);
2804             break;
2805         case EXCP_OPCDEC:
2806         do_sigill:
2807             env->lock_addr = -1;
2808             info.si_signo = TARGET_SIGILL;
2809             info.si_errno = 0;
2810             info.si_code = TARGET_ILL_ILLOPC;
2811             info._sifields._sigfault._addr = env->pc;
2812             queue_signal(env, info.si_signo, &info);
2813             break;
2814         case EXCP_ARITH:
2815             env->lock_addr = -1;
2816             info.si_signo = TARGET_SIGFPE;
2817             info.si_errno = 0;
2818             info.si_code = TARGET_FPE_FLTINV;
2819             info._sifields._sigfault._addr = env->pc;
2820             queue_signal(env, info.si_signo, &info);
2821             break;
2822         case EXCP_FEN:
2823             /* No-op.  Linux simply re-enables the FPU.  */
2824             break;
2825         case EXCP_CALL_PAL:
2826             env->lock_addr = -1;
2827             switch (env->error_code) {
2828             case 0x80:
2829                 /* BPT */
2830                 info.si_signo = TARGET_SIGTRAP;
2831                 info.si_errno = 0;
2832                 info.si_code = TARGET_TRAP_BRKPT;
2833                 info._sifields._sigfault._addr = env->pc;
2834                 queue_signal(env, info.si_signo, &info);
2835                 break;
2836             case 0x81:
2837                 /* BUGCHK */
2838                 info.si_signo = TARGET_SIGTRAP;
2839                 info.si_errno = 0;
2840                 info.si_code = 0;
2841                 info._sifields._sigfault._addr = env->pc;
2842                 queue_signal(env, info.si_signo, &info);
2843                 break;
2844             case 0x83:
2845                 /* CALLSYS */
2846                 trapnr = env->ir[IR_V0];
2847                 sysret = do_syscall(env, trapnr,
2848                                     env->ir[IR_A0], env->ir[IR_A1],
2849                                     env->ir[IR_A2], env->ir[IR_A3],
2850                                     env->ir[IR_A4], env->ir[IR_A5],
2851                                     0, 0);
2852                 if (trapnr == TARGET_NR_sigreturn
2853                     || trapnr == TARGET_NR_rt_sigreturn) {
2854                     break;
2855                 }
2856                 /* Syscall writes 0 to V0 to bypass error check, similar
2857                    to how this is handled internal to Linux kernel.
2858                    (Ab)use trapnr temporarily as boolean indicating error.  */
2859                 trapnr = (env->ir[IR_V0] != 0 && sysret < 0);
2860                 env->ir[IR_V0] = (trapnr ? -sysret : sysret);
2861                 env->ir[IR_A3] = trapnr;
2862                 break;
2863             case 0x86:
2864                 /* IMB */
2865                 /* ??? We can probably elide the code using page_unprotect
2866                    that is checking for self-modifying code.  Instead we
2867                    could simply call tb_flush here.  Until we work out the
2868                    changes required to turn off the extra write protection,
2869                    this can be a no-op.  */
2870                 break;
2871             case 0x9E:
2872                 /* RDUNIQUE */
2873                 /* Handled in the translator for usermode.  */
2874                 abort();
2875             case 0x9F:
2876                 /* WRUNIQUE */
2877                 /* Handled in the translator for usermode.  */
2878                 abort();
2879             case 0xAA:
2880                 /* GENTRAP */
2881                 info.si_signo = TARGET_SIGFPE;
2882                 switch (env->ir[IR_A0]) {
2883                 case TARGET_GEN_INTOVF:
2884                     info.si_code = TARGET_FPE_INTOVF;
2885                     break;
2886                 case TARGET_GEN_INTDIV:
2887                     info.si_code = TARGET_FPE_INTDIV;
2888                     break;
2889                 case TARGET_GEN_FLTOVF:
2890                     info.si_code = TARGET_FPE_FLTOVF;
2891                     break;
2892                 case TARGET_GEN_FLTUND:
2893                     info.si_code = TARGET_FPE_FLTUND;
2894                     break;
2895                 case TARGET_GEN_FLTINV:
2896                     info.si_code = TARGET_FPE_FLTINV;
2897                     break;
2898                 case TARGET_GEN_FLTINE:
2899                     info.si_code = TARGET_FPE_FLTRES;
2900                     break;
2901                 case TARGET_GEN_ROPRAND:
2902                     info.si_code = 0;
2903                     break;
2904                 default:
2905                     info.si_signo = TARGET_SIGTRAP;
2906                     info.si_code = 0;
2907                     break;
2908                 }
2909                 info.si_errno = 0;
2910                 info._sifields._sigfault._addr = env->pc;
2911                 queue_signal(env, info.si_signo, &info);
2912                 break;
2913             default:
2914                 goto do_sigill;
2915             }
2916             break;
2917         case EXCP_DEBUG:
2918             info.si_signo = gdb_handlesig (env, TARGET_SIGTRAP);
2919             if (info.si_signo) {
2920                 env->lock_addr = -1;
2921                 info.si_errno = 0;
2922                 info.si_code = TARGET_TRAP_BRKPT;
2923                 queue_signal(env, info.si_signo, &info);
2924             }
2925             break;
2926         case EXCP_STL_C:
2927         case EXCP_STQ_C:
2928             do_store_exclusive(env, env->error_code, trapnr - EXCP_STL_C);
2929             break;
2930         case EXCP_INTERRUPT:
2931             /* Just indicate that signals should be handled asap.  */
2932             break;
2933         default:
2934             printf ("Unhandled trap: 0x%x\n", trapnr);
2935             cpu_dump_state(env, stderr, fprintf, 0);
2936             exit (1);
2937         }
2938         process_pending_signals (env);
2939     }
2940 }
2941 #endif /* TARGET_ALPHA */
2942 
2943 #ifdef TARGET_S390X
2944 void cpu_loop(CPUS390XState *env)
2945 {
2946     int trapnr, n, sig;
2947     target_siginfo_t info;
2948     target_ulong addr;
2949 
2950     while (1) {
2951         trapnr = cpu_s390x_exec(env);
2952         switch (trapnr) {
2953         case EXCP_INTERRUPT:
2954             /* Just indicate that signals should be handled asap.  */
2955             break;
2956 
2957         case EXCP_SVC:
2958             n = env->int_svc_code;
2959             if (!n) {
2960                 /* syscalls > 255 */
2961                 n = env->regs[1];
2962             }
2963             env->psw.addr += env->int_svc_ilen;
2964             env->regs[2] = do_syscall(env, n, env->regs[2], env->regs[3],
2965                                       env->regs[4], env->regs[5],
2966                                       env->regs[6], env->regs[7], 0, 0);
2967             break;
2968 
2969         case EXCP_DEBUG:
2970             sig = gdb_handlesig(env, TARGET_SIGTRAP);
2971             if (sig) {
2972                 n = TARGET_TRAP_BRKPT;
2973                 goto do_signal_pc;
2974             }
2975             break;
2976         case EXCP_PGM:
2977             n = env->int_pgm_code;
2978             switch (n) {
2979             case PGM_OPERATION:
2980             case PGM_PRIVILEGED:
2981                 sig = SIGILL;
2982                 n = TARGET_ILL_ILLOPC;
2983                 goto do_signal_pc;
2984             case PGM_PROTECTION:
2985             case PGM_ADDRESSING:
2986                 sig = SIGSEGV;
2987                 /* XXX: check env->error_code */
2988                 n = TARGET_SEGV_MAPERR;
2989                 addr = env->__excp_addr;
2990                 goto do_signal;
2991             case PGM_EXECUTE:
2992             case PGM_SPECIFICATION:
2993             case PGM_SPECIAL_OP:
2994             case PGM_OPERAND:
2995             do_sigill_opn:
2996                 sig = SIGILL;
2997                 n = TARGET_ILL_ILLOPN;
2998                 goto do_signal_pc;
2999 
3000             case PGM_FIXPT_OVERFLOW:
3001                 sig = SIGFPE;
3002                 n = TARGET_FPE_INTOVF;
3003                 goto do_signal_pc;
3004             case PGM_FIXPT_DIVIDE:
3005                 sig = SIGFPE;
3006                 n = TARGET_FPE_INTDIV;
3007                 goto do_signal_pc;
3008 
3009             case PGM_DATA:
3010                 n = (env->fpc >> 8) & 0xff;
3011                 if (n == 0xff) {
3012                     /* compare-and-trap */
3013                     goto do_sigill_opn;
3014                 } else {
3015                     /* An IEEE exception, simulated or otherwise.  */
3016                     if (n & 0x80) {
3017                         n = TARGET_FPE_FLTINV;
3018                     } else if (n & 0x40) {
3019                         n = TARGET_FPE_FLTDIV;
3020                     } else if (n & 0x20) {
3021                         n = TARGET_FPE_FLTOVF;
3022                     } else if (n & 0x10) {
3023                         n = TARGET_FPE_FLTUND;
3024                     } else if (n & 0x08) {
3025                         n = TARGET_FPE_FLTRES;
3026                     } else {
3027                         /* ??? Quantum exception; BFP, DFP error.  */
3028                         goto do_sigill_opn;
3029                     }
3030                     sig = SIGFPE;
3031                     goto do_signal_pc;
3032                 }
3033 
3034             default:
3035                 fprintf(stderr, "Unhandled program exception: %#x\n", n);
3036                 cpu_dump_state(env, stderr, fprintf, 0);
3037                 exit(1);
3038             }
3039             break;
3040 
3041         do_signal_pc:
3042             addr = env->psw.addr;
3043         do_signal:
3044             info.si_signo = sig;
3045             info.si_errno = 0;
3046             info.si_code = n;
3047             info._sifields._sigfault._addr = addr;
3048             queue_signal(env, info.si_signo, &info);
3049             break;
3050 
3051         default:
3052             fprintf(stderr, "Unhandled trap: 0x%x\n", trapnr);
3053             cpu_dump_state(env, stderr, fprintf, 0);
3054             exit(1);
3055         }
3056         process_pending_signals (env);
3057     }
3058 }
3059 
3060 #endif /* TARGET_S390X */
3061 
3062 THREAD CPUArchState *thread_env;
3063 
3064 void task_settid(TaskState *ts)
3065 {
3066     if (ts->ts_tid == 0) {
3067 #ifdef CONFIG_USE_NPTL
3068         ts->ts_tid = (pid_t)syscall(SYS_gettid);
3069 #else
3070         /* when no threads are used, tid becomes pid */
3071         ts->ts_tid = getpid();
3072 #endif
3073     }
3074 }
3075 
3076 void stop_all_tasks(void)
3077 {
3078     /*
3079      * We trust that when using NPTL, start_exclusive()
3080      * handles thread stopping correctly.
3081      */
3082     start_exclusive();
3083 }
3084 
3085 /* Assumes contents are already zeroed.  */
3086 void init_task_state(TaskState *ts)
3087 {
3088     int i;
3089 
3090     ts->used = 1;
3091     ts->first_free = ts->sigqueue_table;
3092     for (i = 0; i < MAX_SIGQUEUE_SIZE - 1; i++) {
3093         ts->sigqueue_table[i].next = &ts->sigqueue_table[i + 1];
3094     }
3095     ts->sigqueue_table[i].next = NULL;
3096 }
3097 
3098 static void handle_arg_help(const char *arg)
3099 {
3100     usage();
3101 }
3102 
3103 static void handle_arg_log(const char *arg)
3104 {
3105     int mask;
3106 
3107     mask = qemu_str_to_log_mask(arg);
3108     if (!mask) {
3109         qemu_print_log_usage(stdout);
3110         exit(1);
3111     }
3112     qemu_set_log(mask);
3113 }
3114 
3115 static void handle_arg_log_filename(const char *arg)
3116 {
3117     qemu_set_log_filename(arg);
3118 }
3119 
3120 static void handle_arg_set_env(const char *arg)
3121 {
3122     char *r, *p, *token;
3123     r = p = strdup(arg);
3124     while ((token = strsep(&p, ",")) != NULL) {
3125         if (envlist_setenv(envlist, token) != 0) {
3126             usage();
3127         }
3128     }
3129     free(r);
3130 }
3131 
3132 static void handle_arg_unset_env(const char *arg)
3133 {
3134     char *r, *p, *token;
3135     r = p = strdup(arg);
3136     while ((token = strsep(&p, ",")) != NULL) {
3137         if (envlist_unsetenv(envlist, token) != 0) {
3138             usage();
3139         }
3140     }
3141     free(r);
3142 }
3143 
3144 static void handle_arg_argv0(const char *arg)
3145 {
3146     argv0 = strdup(arg);
3147 }
3148 
3149 static void handle_arg_stack_size(const char *arg)
3150 {
3151     char *p;
3152     guest_stack_size = strtoul(arg, &p, 0);
3153     if (guest_stack_size == 0) {
3154         usage();
3155     }
3156 
3157     if (*p == 'M') {
3158         guest_stack_size *= 1024 * 1024;
3159     } else if (*p == 'k' || *p == 'K') {
3160         guest_stack_size *= 1024;
3161     }
3162 }
3163 
3164 static void handle_arg_ld_prefix(const char *arg)
3165 {
3166     interp_prefix = strdup(arg);
3167 }
3168 
3169 static void handle_arg_pagesize(const char *arg)
3170 {
3171     qemu_host_page_size = atoi(arg);
3172     if (qemu_host_page_size == 0 ||
3173         (qemu_host_page_size & (qemu_host_page_size - 1)) != 0) {
3174         fprintf(stderr, "page size must be a power of two\n");
3175         exit(1);
3176     }
3177 }
3178 
3179 static void handle_arg_gdb(const char *arg)
3180 {
3181     gdbstub_port = atoi(arg);
3182 }
3183 
3184 static void handle_arg_uname(const char *arg)
3185 {
3186     qemu_uname_release = strdup(arg);
3187 }
3188 
3189 static void handle_arg_cpu(const char *arg)
3190 {
3191     cpu_model = strdup(arg);
3192     if (cpu_model == NULL || is_help_option(cpu_model)) {
3193         /* XXX: implement xxx_cpu_list for targets that still miss it */
3194 #if defined(cpu_list)
3195         cpu_list(stdout, &fprintf);
3196 #endif
3197         exit(1);
3198     }
3199 }
3200 
3201 #if defined(CONFIG_USE_GUEST_BASE)
3202 static void handle_arg_guest_base(const char *arg)
3203 {
3204     guest_base = strtol(arg, NULL, 0);
3205     have_guest_base = 1;
3206 }
3207 
3208 static void handle_arg_reserved_va(const char *arg)
3209 {
3210     char *p;
3211     int shift = 0;
3212     reserved_va = strtoul(arg, &p, 0);
3213     switch (*p) {
3214     case 'k':
3215     case 'K':
3216         shift = 10;
3217         break;
3218     case 'M':
3219         shift = 20;
3220         break;
3221     case 'G':
3222         shift = 30;
3223         break;
3224     }
3225     if (shift) {
3226         unsigned long unshifted = reserved_va;
3227         p++;
3228         reserved_va <<= shift;
3229         if (((reserved_va >> shift) != unshifted)
3230 #if HOST_LONG_BITS > TARGET_VIRT_ADDR_SPACE_BITS
3231             || (reserved_va > (1ul << TARGET_VIRT_ADDR_SPACE_BITS))
3232 #endif
3233             ) {
3234             fprintf(stderr, "Reserved virtual address too big\n");
3235             exit(1);
3236         }
3237     }
3238     if (*p) {
3239         fprintf(stderr, "Unrecognised -R size suffix '%s'\n", p);
3240         exit(1);
3241     }
3242 }
3243 #endif
3244 
3245 static void handle_arg_singlestep(const char *arg)
3246 {
3247     singlestep = 1;
3248 }
3249 
3250 static void handle_arg_strace(const char *arg)
3251 {
3252     do_strace = 1;
3253 }
3254 
3255 static void handle_arg_version(const char *arg)
3256 {
3257     printf("qemu-" TARGET_ARCH " version " QEMU_VERSION QEMU_PKGVERSION
3258            ", Copyright (c) 2003-2008 Fabrice Bellard\n");
3259     exit(0);
3260 }
3261 
3262 struct qemu_argument {
3263     const char *argv;
3264     const char *env;
3265     bool has_arg;
3266     void (*handle_opt)(const char *arg);
3267     const char *example;
3268     const char *help;
3269 };
3270 
3271 static const struct qemu_argument arg_table[] = {
3272     {"h",          "",                 false, handle_arg_help,
3273      "",           "print this help"},
3274     {"g",          "QEMU_GDB",         true,  handle_arg_gdb,
3275      "port",       "wait gdb connection to 'port'"},
3276     {"L",          "QEMU_LD_PREFIX",   true,  handle_arg_ld_prefix,
3277      "path",       "set the elf interpreter prefix to 'path'"},
3278     {"s",          "QEMU_STACK_SIZE",  true,  handle_arg_stack_size,
3279      "size",       "set the stack size to 'size' bytes"},
3280     {"cpu",        "QEMU_CPU",         true,  handle_arg_cpu,
3281      "model",      "select CPU (-cpu help for list)"},
3282     {"E",          "QEMU_SET_ENV",     true,  handle_arg_set_env,
3283      "var=value",  "sets targets environment variable (see below)"},
3284     {"U",          "QEMU_UNSET_ENV",   true,  handle_arg_unset_env,
3285      "var",        "unsets targets environment variable (see below)"},
3286     {"0",          "QEMU_ARGV0",       true,  handle_arg_argv0,
3287      "argv0",      "forces target process argv[0] to be 'argv0'"},
3288     {"r",          "QEMU_UNAME",       true,  handle_arg_uname,
3289      "uname",      "set qemu uname release string to 'uname'"},
3290 #if defined(CONFIG_USE_GUEST_BASE)
3291     {"B",          "QEMU_GUEST_BASE",  true,  handle_arg_guest_base,
3292      "address",    "set guest_base address to 'address'"},
3293     {"R",          "QEMU_RESERVED_VA", true,  handle_arg_reserved_va,
3294      "size",       "reserve 'size' bytes for guest virtual address space"},
3295 #endif
3296     {"d",          "QEMU_LOG",         true,  handle_arg_log,
3297      "item[,...]", "enable logging of specified items "
3298      "(use '-d help' for a list of items)"},
3299     {"D",          "QEMU_LOG_FILENAME", true, handle_arg_log_filename,
3300      "logfile",     "write logs to 'logfile' (default stderr)"},
3301     {"p",          "QEMU_PAGESIZE",    true,  handle_arg_pagesize,
3302      "pagesize",   "set the host page size to 'pagesize'"},
3303     {"singlestep", "QEMU_SINGLESTEP",  false, handle_arg_singlestep,
3304      "",           "run in singlestep mode"},
3305     {"strace",     "QEMU_STRACE",      false, handle_arg_strace,
3306      "",           "log system calls"},
3307     {"version",    "QEMU_VERSION",     false, handle_arg_version,
3308      "",           "display version information and exit"},
3309     {NULL, NULL, false, NULL, NULL, NULL}
3310 };
3311 
3312 static void usage(void)
3313 {
3314     const struct qemu_argument *arginfo;
3315     int maxarglen;
3316     int maxenvlen;
3317 
3318     printf("usage: qemu-" TARGET_ARCH " [options] program [arguments...]\n"
3319            "Linux CPU emulator (compiled for " TARGET_ARCH " emulation)\n"
3320            "\n"
3321            "Options and associated environment variables:\n"
3322            "\n");
3323 
3324     maxarglen = maxenvlen = 0;
3325 
3326     for (arginfo = arg_table; arginfo->handle_opt != NULL; arginfo++) {
3327         if (strlen(arginfo->env) > maxenvlen) {
3328             maxenvlen = strlen(arginfo->env);
3329         }
3330         if (strlen(arginfo->argv) > maxarglen) {
3331             maxarglen = strlen(arginfo->argv);
3332         }
3333     }
3334 
3335     printf("%-*s%-*sDescription\n", maxarglen+3, "Argument",
3336             maxenvlen+1, "Env-variable");
3337 
3338     for (arginfo = arg_table; arginfo->handle_opt != NULL; arginfo++) {
3339         if (arginfo->has_arg) {
3340             printf("-%s %-*s %-*s %s\n", arginfo->argv,
3341                     (int)(maxarglen-strlen(arginfo->argv)), arginfo->example,
3342                     maxenvlen, arginfo->env, arginfo->help);
3343         } else {
3344             printf("-%-*s %-*s %s\n", maxarglen+1, arginfo->argv,
3345                     maxenvlen, arginfo->env,
3346                     arginfo->help);
3347         }
3348     }
3349 
3350     printf("\n"
3351            "Defaults:\n"
3352            "QEMU_LD_PREFIX  = %s\n"
3353            "QEMU_STACK_SIZE = %ld byte\n",
3354            interp_prefix,
3355            guest_stack_size);
3356 
3357     printf("\n"
3358            "You can use -E and -U options or the QEMU_SET_ENV and\n"
3359            "QEMU_UNSET_ENV environment variables to set and unset\n"
3360            "environment variables for the target process.\n"
3361            "It is possible to provide several variables by separating them\n"
3362            "by commas in getsubopt(3) style. Additionally it is possible to\n"
3363            "provide the -E and -U options multiple times.\n"
3364            "The following lines are equivalent:\n"
3365            "    -E var1=val2 -E var2=val2 -U LD_PRELOAD -U LD_DEBUG\n"
3366            "    -E var1=val2,var2=val2 -U LD_PRELOAD,LD_DEBUG\n"
3367            "    QEMU_SET_ENV=var1=val2,var2=val2 QEMU_UNSET_ENV=LD_PRELOAD,LD_DEBUG\n"
3368            "Note that if you provide several changes to a single variable\n"
3369            "the last change will stay in effect.\n");
3370 
3371     exit(1);
3372 }
3373 
3374 static int parse_args(int argc, char **argv)
3375 {
3376     const char *r;
3377     int optind;
3378     const struct qemu_argument *arginfo;
3379 
3380     for (arginfo = arg_table; arginfo->handle_opt != NULL; arginfo++) {
3381         if (arginfo->env == NULL) {
3382             continue;
3383         }
3384 
3385         r = getenv(arginfo->env);
3386         if (r != NULL) {
3387             arginfo->handle_opt(r);
3388         }
3389     }
3390 
3391     optind = 1;
3392     for (;;) {
3393         if (optind >= argc) {
3394             break;
3395         }
3396         r = argv[optind];
3397         if (r[0] != '-') {
3398             break;
3399         }
3400         optind++;
3401         r++;
3402         if (!strcmp(r, "-")) {
3403             break;
3404         }
3405 
3406         for (arginfo = arg_table; arginfo->handle_opt != NULL; arginfo++) {
3407             if (!strcmp(r, arginfo->argv)) {
3408                 if (arginfo->has_arg) {
3409                     if (optind >= argc) {
3410                         usage();
3411                     }
3412                     arginfo->handle_opt(argv[optind]);
3413                     optind++;
3414                 } else {
3415                     arginfo->handle_opt(NULL);
3416                 }
3417                 break;
3418             }
3419         }
3420 
3421         /* no option matched the current argv */
3422         if (arginfo->handle_opt == NULL) {
3423             usage();
3424         }
3425     }
3426 
3427     if (optind >= argc) {
3428         usage();
3429     }
3430 
3431     filename = argv[optind];
3432     exec_path = argv[optind];
3433 
3434     return optind;
3435 }
3436 
3437 int main(int argc, char **argv, char **envp)
3438 {
3439     struct target_pt_regs regs1, *regs = &regs1;
3440     struct image_info info1, *info = &info1;
3441     struct linux_binprm bprm;
3442     TaskState *ts;
3443     CPUArchState *env;
3444     int optind;
3445     char **target_environ, **wrk;
3446     char **target_argv;
3447     int target_argc;
3448     int i;
3449     int ret;
3450 
3451     module_call_init(MODULE_INIT_QOM);
3452 
3453     qemu_cache_utils_init(envp);
3454 
3455     if ((envlist = envlist_create()) == NULL) {
3456         (void) fprintf(stderr, "Unable to allocate envlist\n");
3457         exit(1);
3458     }
3459 
3460     /* add current environment into the list */
3461     for (wrk = environ; *wrk != NULL; wrk++) {
3462         (void) envlist_setenv(envlist, *wrk);
3463     }
3464 
3465     /* Read the stack limit from the kernel.  If it's "unlimited",
3466        then we can do little else besides use the default.  */
3467     {
3468         struct rlimit lim;
3469         if (getrlimit(RLIMIT_STACK, &lim) == 0
3470             && lim.rlim_cur != RLIM_INFINITY
3471             && lim.rlim_cur == (target_long)lim.rlim_cur) {
3472             guest_stack_size = lim.rlim_cur;
3473         }
3474     }
3475 
3476     cpu_model = NULL;
3477 #if defined(cpudef_setup)
3478     cpudef_setup(); /* parse cpu definitions in target config file (TBD) */
3479 #endif
3480 
3481     optind = parse_args(argc, argv);
3482 
3483     /* Zero out regs */
3484     memset(regs, 0, sizeof(struct target_pt_regs));
3485 
3486     /* Zero out image_info */
3487     memset(info, 0, sizeof(struct image_info));
3488 
3489     memset(&bprm, 0, sizeof (bprm));
3490 
3491     /* Scan interp_prefix dir for replacement files. */
3492     init_paths(interp_prefix);
3493 
3494     if (cpu_model == NULL) {
3495 #if defined(TARGET_I386)
3496 #ifdef TARGET_X86_64
3497         cpu_model = "qemu64";
3498 #else
3499         cpu_model = "qemu32";
3500 #endif
3501 #elif defined(TARGET_ARM)
3502         cpu_model = "any";
3503 #elif defined(TARGET_UNICORE32)
3504         cpu_model = "any";
3505 #elif defined(TARGET_M68K)
3506         cpu_model = "any";
3507 #elif defined(TARGET_SPARC)
3508 #ifdef TARGET_SPARC64
3509         cpu_model = "TI UltraSparc II";
3510 #else
3511         cpu_model = "Fujitsu MB86904";
3512 #endif
3513 #elif defined(TARGET_MIPS)
3514 #if defined(TARGET_ABI_MIPSN32) || defined(TARGET_ABI_MIPSN64)
3515         cpu_model = "20Kc";
3516 #else
3517         cpu_model = "24Kf";
3518 #endif
3519 #elif defined TARGET_OPENRISC
3520         cpu_model = "or1200";
3521 #elif defined(TARGET_PPC)
3522 #ifdef TARGET_PPC64
3523         cpu_model = "970fx";
3524 #else
3525         cpu_model = "750";
3526 #endif
3527 #else
3528         cpu_model = "any";
3529 #endif
3530     }
3531     tcg_exec_init(0);
3532     cpu_exec_init_all();
3533     /* NOTE: we need to init the CPU at this stage to get
3534        qemu_host_page_size */
3535     env = cpu_init(cpu_model);
3536     if (!env) {
3537         fprintf(stderr, "Unable to find CPU definition\n");
3538         exit(1);
3539     }
3540 #if defined(TARGET_SPARC) || defined(TARGET_PPC)
3541     cpu_reset(ENV_GET_CPU(env));
3542 #endif
3543 
3544     thread_env = env;
3545 
3546     if (getenv("QEMU_STRACE")) {
3547         do_strace = 1;
3548     }
3549 
3550     target_environ = envlist_to_environ(envlist, NULL);
3551     envlist_free(envlist);
3552 
3553 #if defined(CONFIG_USE_GUEST_BASE)
3554     /*
3555      * Now that page sizes are configured in cpu_init() we can do
3556      * proper page alignment for guest_base.
3557      */
3558     guest_base = HOST_PAGE_ALIGN(guest_base);
3559 
3560     if (reserved_va || have_guest_base) {
3561         guest_base = init_guest_space(guest_base, reserved_va, 0,
3562                                       have_guest_base);
3563         if (guest_base == (unsigned long)-1) {
3564             fprintf(stderr, "Unable to reserve 0x%lx bytes of virtual address "
3565                     "space for use as guest address space (check your virtual "
3566                     "memory ulimit setting or reserve less using -R option)\n",
3567                     reserved_va);
3568             exit(1);
3569         }
3570 
3571         if (reserved_va) {
3572             mmap_next_start = reserved_va;
3573         }
3574     }
3575 #endif /* CONFIG_USE_GUEST_BASE */
3576 
3577     /*
3578      * Read in mmap_min_addr kernel parameter.  This value is used
3579      * When loading the ELF image to determine whether guest_base
3580      * is needed.  It is also used in mmap_find_vma.
3581      */
3582     {
3583         FILE *fp;
3584 
3585         if ((fp = fopen("/proc/sys/vm/mmap_min_addr", "r")) != NULL) {
3586             unsigned long tmp;
3587             if (fscanf(fp, "%lu", &tmp) == 1) {
3588                 mmap_min_addr = tmp;
3589                 qemu_log("host mmap_min_addr=0x%lx\n", mmap_min_addr);
3590             }
3591             fclose(fp);
3592         }
3593     }
3594 
3595     /*
3596      * Prepare copy of argv vector for target.
3597      */
3598     target_argc = argc - optind;
3599     target_argv = calloc(target_argc + 1, sizeof (char *));
3600     if (target_argv == NULL) {
3601 	(void) fprintf(stderr, "Unable to allocate memory for target_argv\n");
3602 	exit(1);
3603     }
3604 
3605     /*
3606      * If argv0 is specified (using '-0' switch) we replace
3607      * argv[0] pointer with the given one.
3608      */
3609     i = 0;
3610     if (argv0 != NULL) {
3611         target_argv[i++] = strdup(argv0);
3612     }
3613     for (; i < target_argc; i++) {
3614         target_argv[i] = strdup(argv[optind + i]);
3615     }
3616     target_argv[target_argc] = NULL;
3617 
3618     ts = g_malloc0 (sizeof(TaskState));
3619     init_task_state(ts);
3620     /* build Task State */
3621     ts->info = info;
3622     ts->bprm = &bprm;
3623     env->opaque = ts;
3624     task_settid(ts);
3625 
3626     ret = loader_exec(filename, target_argv, target_environ, regs,
3627         info, &bprm);
3628     if (ret != 0) {
3629         printf("Error while loading %s: %s\n", filename, strerror(-ret));
3630         _exit(1);
3631     }
3632 
3633     for (wrk = target_environ; *wrk; wrk++) {
3634         free(*wrk);
3635     }
3636 
3637     free(target_environ);
3638 
3639     if (qemu_log_enabled()) {
3640 #if defined(CONFIG_USE_GUEST_BASE)
3641         qemu_log("guest_base  0x%lx\n", guest_base);
3642 #endif
3643         log_page_dump();
3644 
3645         qemu_log("start_brk   0x" TARGET_ABI_FMT_lx "\n", info->start_brk);
3646         qemu_log("end_code    0x" TARGET_ABI_FMT_lx "\n", info->end_code);
3647         qemu_log("start_code  0x" TARGET_ABI_FMT_lx "\n",
3648                  info->start_code);
3649         qemu_log("start_data  0x" TARGET_ABI_FMT_lx "\n",
3650                  info->start_data);
3651         qemu_log("end_data    0x" TARGET_ABI_FMT_lx "\n", info->end_data);
3652         qemu_log("start_stack 0x" TARGET_ABI_FMT_lx "\n",
3653                  info->start_stack);
3654         qemu_log("brk         0x" TARGET_ABI_FMT_lx "\n", info->brk);
3655         qemu_log("entry       0x" TARGET_ABI_FMT_lx "\n", info->entry);
3656     }
3657 
3658     target_set_brk(info->brk);
3659     syscall_init();
3660     signal_init();
3661 
3662 #if defined(CONFIG_USE_GUEST_BASE)
3663     /* Now that we've loaded the binary, GUEST_BASE is fixed.  Delay
3664        generating the prologue until now so that the prologue can take
3665        the real value of GUEST_BASE into account.  */
3666     tcg_prologue_init(&tcg_ctx);
3667 #endif
3668 
3669 #if defined(TARGET_I386)
3670     cpu_x86_set_cpl(env, 3);
3671 
3672     env->cr[0] = CR0_PG_MASK | CR0_WP_MASK | CR0_PE_MASK;
3673     env->hflags |= HF_PE_MASK;
3674     if (env->cpuid_features & CPUID_SSE) {
3675         env->cr[4] |= CR4_OSFXSR_MASK;
3676         env->hflags |= HF_OSFXSR_MASK;
3677     }
3678 #ifndef TARGET_ABI32
3679     /* enable 64 bit mode if possible */
3680     if (!(env->cpuid_ext2_features & CPUID_EXT2_LM)) {
3681         fprintf(stderr, "The selected x86 CPU does not support 64 bit mode\n");
3682         exit(1);
3683     }
3684     env->cr[4] |= CR4_PAE_MASK;
3685     env->efer |= MSR_EFER_LMA | MSR_EFER_LME;
3686     env->hflags |= HF_LMA_MASK;
3687 #endif
3688 
3689     /* flags setup : we activate the IRQs by default as in user mode */
3690     env->eflags |= IF_MASK;
3691 
3692     /* linux register setup */
3693 #ifndef TARGET_ABI32
3694     env->regs[R_EAX] = regs->rax;
3695     env->regs[R_EBX] = regs->rbx;
3696     env->regs[R_ECX] = regs->rcx;
3697     env->regs[R_EDX] = regs->rdx;
3698     env->regs[R_ESI] = regs->rsi;
3699     env->regs[R_EDI] = regs->rdi;
3700     env->regs[R_EBP] = regs->rbp;
3701     env->regs[R_ESP] = regs->rsp;
3702     env->eip = regs->rip;
3703 #else
3704     env->regs[R_EAX] = regs->eax;
3705     env->regs[R_EBX] = regs->ebx;
3706     env->regs[R_ECX] = regs->ecx;
3707     env->regs[R_EDX] = regs->edx;
3708     env->regs[R_ESI] = regs->esi;
3709     env->regs[R_EDI] = regs->edi;
3710     env->regs[R_EBP] = regs->ebp;
3711     env->regs[R_ESP] = regs->esp;
3712     env->eip = regs->eip;
3713 #endif
3714 
3715     /* linux interrupt setup */
3716 #ifndef TARGET_ABI32
3717     env->idt.limit = 511;
3718 #else
3719     env->idt.limit = 255;
3720 #endif
3721     env->idt.base = target_mmap(0, sizeof(uint64_t) * (env->idt.limit + 1),
3722                                 PROT_READ|PROT_WRITE,
3723                                 MAP_ANONYMOUS|MAP_PRIVATE, -1, 0);
3724     idt_table = g2h(env->idt.base);
3725     set_idt(0, 0);
3726     set_idt(1, 0);
3727     set_idt(2, 0);
3728     set_idt(3, 3);
3729     set_idt(4, 3);
3730     set_idt(5, 0);
3731     set_idt(6, 0);
3732     set_idt(7, 0);
3733     set_idt(8, 0);
3734     set_idt(9, 0);
3735     set_idt(10, 0);
3736     set_idt(11, 0);
3737     set_idt(12, 0);
3738     set_idt(13, 0);
3739     set_idt(14, 0);
3740     set_idt(15, 0);
3741     set_idt(16, 0);
3742     set_idt(17, 0);
3743     set_idt(18, 0);
3744     set_idt(19, 0);
3745     set_idt(0x80, 3);
3746 
3747     /* linux segment setup */
3748     {
3749         uint64_t *gdt_table;
3750         env->gdt.base = target_mmap(0, sizeof(uint64_t) * TARGET_GDT_ENTRIES,
3751                                     PROT_READ|PROT_WRITE,
3752                                     MAP_ANONYMOUS|MAP_PRIVATE, -1, 0);
3753         env->gdt.limit = sizeof(uint64_t) * TARGET_GDT_ENTRIES - 1;
3754         gdt_table = g2h(env->gdt.base);
3755 #ifdef TARGET_ABI32
3756         write_dt(&gdt_table[__USER_CS >> 3], 0, 0xfffff,
3757                  DESC_G_MASK | DESC_B_MASK | DESC_P_MASK | DESC_S_MASK |
3758                  (3 << DESC_DPL_SHIFT) | (0xa << DESC_TYPE_SHIFT));
3759 #else
3760         /* 64 bit code segment */
3761         write_dt(&gdt_table[__USER_CS >> 3], 0, 0xfffff,
3762                  DESC_G_MASK | DESC_B_MASK | DESC_P_MASK | DESC_S_MASK |
3763                  DESC_L_MASK |
3764                  (3 << DESC_DPL_SHIFT) | (0xa << DESC_TYPE_SHIFT));
3765 #endif
3766         write_dt(&gdt_table[__USER_DS >> 3], 0, 0xfffff,
3767                  DESC_G_MASK | DESC_B_MASK | DESC_P_MASK | DESC_S_MASK |
3768                  (3 << DESC_DPL_SHIFT) | (0x2 << DESC_TYPE_SHIFT));
3769     }
3770     cpu_x86_load_seg(env, R_CS, __USER_CS);
3771     cpu_x86_load_seg(env, R_SS, __USER_DS);
3772 #ifdef TARGET_ABI32
3773     cpu_x86_load_seg(env, R_DS, __USER_DS);
3774     cpu_x86_load_seg(env, R_ES, __USER_DS);
3775     cpu_x86_load_seg(env, R_FS, __USER_DS);
3776     cpu_x86_load_seg(env, R_GS, __USER_DS);
3777     /* This hack makes Wine work... */
3778     env->segs[R_FS].selector = 0;
3779 #else
3780     cpu_x86_load_seg(env, R_DS, 0);
3781     cpu_x86_load_seg(env, R_ES, 0);
3782     cpu_x86_load_seg(env, R_FS, 0);
3783     cpu_x86_load_seg(env, R_GS, 0);
3784 #endif
3785 #elif defined(TARGET_ARM)
3786     {
3787         int i;
3788         cpsr_write(env, regs->uregs[16], 0xffffffff);
3789         for(i = 0; i < 16; i++) {
3790             env->regs[i] = regs->uregs[i];
3791         }
3792         /* Enable BE8.  */
3793         if (EF_ARM_EABI_VERSION(info->elf_flags) >= EF_ARM_EABI_VER4
3794             && (info->elf_flags & EF_ARM_BE8)) {
3795             env->bswap_code = 1;
3796         }
3797     }
3798 #elif defined(TARGET_UNICORE32)
3799     {
3800         int i;
3801         cpu_asr_write(env, regs->uregs[32], 0xffffffff);
3802         for (i = 0; i < 32; i++) {
3803             env->regs[i] = regs->uregs[i];
3804         }
3805     }
3806 #elif defined(TARGET_SPARC)
3807     {
3808         int i;
3809 	env->pc = regs->pc;
3810 	env->npc = regs->npc;
3811         env->y = regs->y;
3812         for(i = 0; i < 8; i++)
3813             env->gregs[i] = regs->u_regs[i];
3814         for(i = 0; i < 8; i++)
3815             env->regwptr[i] = regs->u_regs[i + 8];
3816     }
3817 #elif defined(TARGET_PPC)
3818     {
3819         int i;
3820 
3821 #if defined(TARGET_PPC64)
3822 #if defined(TARGET_ABI32)
3823         env->msr &= ~((target_ulong)1 << MSR_SF);
3824 #else
3825         env->msr |= (target_ulong)1 << MSR_SF;
3826 #endif
3827 #endif
3828         env->nip = regs->nip;
3829         for(i = 0; i < 32; i++) {
3830             env->gpr[i] = regs->gpr[i];
3831         }
3832     }
3833 #elif defined(TARGET_M68K)
3834     {
3835         env->pc = regs->pc;
3836         env->dregs[0] = regs->d0;
3837         env->dregs[1] = regs->d1;
3838         env->dregs[2] = regs->d2;
3839         env->dregs[3] = regs->d3;
3840         env->dregs[4] = regs->d4;
3841         env->dregs[5] = regs->d5;
3842         env->dregs[6] = regs->d6;
3843         env->dregs[7] = regs->d7;
3844         env->aregs[0] = regs->a0;
3845         env->aregs[1] = regs->a1;
3846         env->aregs[2] = regs->a2;
3847         env->aregs[3] = regs->a3;
3848         env->aregs[4] = regs->a4;
3849         env->aregs[5] = regs->a5;
3850         env->aregs[6] = regs->a6;
3851         env->aregs[7] = regs->usp;
3852         env->sr = regs->sr;
3853         ts->sim_syscalls = 1;
3854     }
3855 #elif defined(TARGET_MICROBLAZE)
3856     {
3857         env->regs[0] = regs->r0;
3858         env->regs[1] = regs->r1;
3859         env->regs[2] = regs->r2;
3860         env->regs[3] = regs->r3;
3861         env->regs[4] = regs->r4;
3862         env->regs[5] = regs->r5;
3863         env->regs[6] = regs->r6;
3864         env->regs[7] = regs->r7;
3865         env->regs[8] = regs->r8;
3866         env->regs[9] = regs->r9;
3867         env->regs[10] = regs->r10;
3868         env->regs[11] = regs->r11;
3869         env->regs[12] = regs->r12;
3870         env->regs[13] = regs->r13;
3871         env->regs[14] = regs->r14;
3872         env->regs[15] = regs->r15;
3873         env->regs[16] = regs->r16;
3874         env->regs[17] = regs->r17;
3875         env->regs[18] = regs->r18;
3876         env->regs[19] = regs->r19;
3877         env->regs[20] = regs->r20;
3878         env->regs[21] = regs->r21;
3879         env->regs[22] = regs->r22;
3880         env->regs[23] = regs->r23;
3881         env->regs[24] = regs->r24;
3882         env->regs[25] = regs->r25;
3883         env->regs[26] = regs->r26;
3884         env->regs[27] = regs->r27;
3885         env->regs[28] = regs->r28;
3886         env->regs[29] = regs->r29;
3887         env->regs[30] = regs->r30;
3888         env->regs[31] = regs->r31;
3889         env->sregs[SR_PC] = regs->pc;
3890     }
3891 #elif defined(TARGET_MIPS)
3892     {
3893         int i;
3894 
3895         for(i = 0; i < 32; i++) {
3896             env->active_tc.gpr[i] = regs->regs[i];
3897         }
3898         env->active_tc.PC = regs->cp0_epc & ~(target_ulong)1;
3899         if (regs->cp0_epc & 1) {
3900             env->hflags |= MIPS_HFLAG_M16;
3901         }
3902     }
3903 #elif defined(TARGET_OPENRISC)
3904     {
3905         int i;
3906 
3907         for (i = 0; i < 32; i++) {
3908             env->gpr[i] = regs->gpr[i];
3909         }
3910 
3911         env->sr = regs->sr;
3912         env->pc = regs->pc;
3913     }
3914 #elif defined(TARGET_SH4)
3915     {
3916         int i;
3917 
3918         for(i = 0; i < 16; i++) {
3919             env->gregs[i] = regs->regs[i];
3920         }
3921         env->pc = regs->pc;
3922     }
3923 #elif defined(TARGET_ALPHA)
3924     {
3925         int i;
3926 
3927         for(i = 0; i < 28; i++) {
3928             env->ir[i] = ((abi_ulong *)regs)[i];
3929         }
3930         env->ir[IR_SP] = regs->usp;
3931         env->pc = regs->pc;
3932     }
3933 #elif defined(TARGET_CRIS)
3934     {
3935 	    env->regs[0] = regs->r0;
3936 	    env->regs[1] = regs->r1;
3937 	    env->regs[2] = regs->r2;
3938 	    env->regs[3] = regs->r3;
3939 	    env->regs[4] = regs->r4;
3940 	    env->regs[5] = regs->r5;
3941 	    env->regs[6] = regs->r6;
3942 	    env->regs[7] = regs->r7;
3943 	    env->regs[8] = regs->r8;
3944 	    env->regs[9] = regs->r9;
3945 	    env->regs[10] = regs->r10;
3946 	    env->regs[11] = regs->r11;
3947 	    env->regs[12] = regs->r12;
3948 	    env->regs[13] = regs->r13;
3949 	    env->regs[14] = info->start_stack;
3950 	    env->regs[15] = regs->acr;
3951 	    env->pc = regs->erp;
3952     }
3953 #elif defined(TARGET_S390X)
3954     {
3955             int i;
3956             for (i = 0; i < 16; i++) {
3957                 env->regs[i] = regs->gprs[i];
3958             }
3959             env->psw.mask = regs->psw.mask;
3960             env->psw.addr = regs->psw.addr;
3961     }
3962 #else
3963 #error unsupported target CPU
3964 #endif
3965 
3966 #if defined(TARGET_ARM) || defined(TARGET_M68K) || defined(TARGET_UNICORE32)
3967     ts->stack_base = info->start_stack;
3968     ts->heap_base = info->brk;
3969     /* This will be filled in on the first SYS_HEAPINFO call.  */
3970     ts->heap_limit = 0;
3971 #endif
3972 
3973     if (gdbstub_port) {
3974         if (gdbserver_start(gdbstub_port) < 0) {
3975             fprintf(stderr, "qemu: could not open gdbserver on port %d\n",
3976                     gdbstub_port);
3977             exit(1);
3978         }
3979         gdb_handlesig(env, 0);
3980     }
3981     cpu_loop(env);
3982     /* never exits */
3983     return 0;
3984 }
3985