xref: /openbmc/qemu/linux-user/main.c (revision 84a3a53c)
1 /*
2  *  qemu user main
3  *
4  *  Copyright (c) 2003-2008 Fabrice Bellard
5  *
6  *  This program is free software; you can redistribute it and/or modify
7  *  it under the terms of the GNU General Public License as published by
8  *  the Free Software Foundation; either version 2 of the License, or
9  *  (at your option) any later version.
10  *
11  *  This program is distributed in the hope that it will be useful,
12  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
13  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14  *  GNU General Public License for more details.
15  *
16  *  You should have received a copy of the GNU General Public License
17  *  along with this program; if not, see <http://www.gnu.org/licenses/>.
18  */
19 #include <stdlib.h>
20 #include <stdio.h>
21 #include <stdarg.h>
22 #include <string.h>
23 #include <errno.h>
24 #include <unistd.h>
25 #include <sys/mman.h>
26 #include <sys/syscall.h>
27 #include <sys/resource.h>
28 
29 #include "qemu.h"
30 #include "qemu-common.h"
31 #include "cpu.h"
32 #include "tcg.h"
33 #include "qemu/timer.h"
34 #include "qemu/envlist.h"
35 #include "elf.h"
36 
37 char *exec_path;
38 
39 int singlestep;
40 static const char *filename;
41 static const char *argv0;
42 static int gdbstub_port;
43 static envlist_t *envlist;
44 static const char *cpu_model;
45 unsigned long mmap_min_addr;
46 unsigned long guest_base;
47 int have_guest_base;
48 
49 #define EXCP_DUMP(env, fmt, ...)                                        \
50 do {                                                                    \
51     CPUState *cs = ENV_GET_CPU(env);                                    \
52     fprintf(stderr, fmt , ## __VA_ARGS__);                              \
53     cpu_dump_state(cs, stderr, fprintf, 0);                             \
54     if (qemu_log_separate()) {                                          \
55         qemu_log(fmt, ## __VA_ARGS__);                                  \
56         log_cpu_state(cs, 0);                                           \
57     }                                                                   \
58 } while (0)
59 
60 #if (TARGET_LONG_BITS == 32) && (HOST_LONG_BITS == 64)
61 /*
62  * When running 32-on-64 we should make sure we can fit all of the possible
63  * guest address space into a contiguous chunk of virtual host memory.
64  *
65  * This way we will never overlap with our own libraries or binaries or stack
66  * or anything else that QEMU maps.
67  */
68 # ifdef TARGET_MIPS
69 /* MIPS only supports 31 bits of virtual address space for user space */
70 unsigned long reserved_va = 0x77000000;
71 # else
72 unsigned long reserved_va = 0xf7000000;
73 # endif
74 #else
75 unsigned long reserved_va;
76 #endif
77 
78 static void usage(int exitcode);
79 
80 static const char *interp_prefix = CONFIG_QEMU_INTERP_PREFIX;
81 const char *qemu_uname_release;
82 
83 /* XXX: on x86 MAP_GROWSDOWN only works if ESP <= address + 32, so
84    we allocate a bigger stack. Need a better solution, for example
85    by remapping the process stack directly at the right place */
86 unsigned long guest_stack_size = 8 * 1024 * 1024UL;
87 
88 void gemu_log(const char *fmt, ...)
89 {
90     va_list ap;
91 
92     va_start(ap, fmt);
93     vfprintf(stderr, fmt, ap);
94     va_end(ap);
95 }
96 
97 #if defined(TARGET_I386)
98 int cpu_get_pic_interrupt(CPUX86State *env)
99 {
100     return -1;
101 }
102 #endif
103 
104 /***********************************************************/
105 /* Helper routines for implementing atomic operations.  */
106 
107 /* To implement exclusive operations we force all cpus to syncronise.
108    We don't require a full sync, only that no cpus are executing guest code.
109    The alternative is to map target atomic ops onto host equivalents,
110    which requires quite a lot of per host/target work.  */
111 static pthread_mutex_t cpu_list_mutex = PTHREAD_MUTEX_INITIALIZER;
112 static pthread_mutex_t exclusive_lock = PTHREAD_MUTEX_INITIALIZER;
113 static pthread_cond_t exclusive_cond = PTHREAD_COND_INITIALIZER;
114 static pthread_cond_t exclusive_resume = PTHREAD_COND_INITIALIZER;
115 static int pending_cpus;
116 
117 /* Make sure everything is in a consistent state for calling fork().  */
118 void fork_start(void)
119 {
120     qemu_mutex_lock(&tcg_ctx.tb_ctx.tb_lock);
121     pthread_mutex_lock(&exclusive_lock);
122     mmap_fork_start();
123 }
124 
125 void fork_end(int child)
126 {
127     mmap_fork_end(child);
128     if (child) {
129         CPUState *cpu, *next_cpu;
130         /* Child processes created by fork() only have a single thread.
131            Discard information about the parent threads.  */
132         CPU_FOREACH_SAFE(cpu, next_cpu) {
133             if (cpu != thread_cpu) {
134                 QTAILQ_REMOVE(&cpus, thread_cpu, node);
135             }
136         }
137         pending_cpus = 0;
138         pthread_mutex_init(&exclusive_lock, NULL);
139         pthread_mutex_init(&cpu_list_mutex, NULL);
140         pthread_cond_init(&exclusive_cond, NULL);
141         pthread_cond_init(&exclusive_resume, NULL);
142         qemu_mutex_init(&tcg_ctx.tb_ctx.tb_lock);
143         gdbserver_fork(thread_cpu);
144     } else {
145         pthread_mutex_unlock(&exclusive_lock);
146         qemu_mutex_unlock(&tcg_ctx.tb_ctx.tb_lock);
147     }
148 }
149 
150 /* Wait for pending exclusive operations to complete.  The exclusive lock
151    must be held.  */
152 static inline void exclusive_idle(void)
153 {
154     while (pending_cpus) {
155         pthread_cond_wait(&exclusive_resume, &exclusive_lock);
156     }
157 }
158 
159 /* Start an exclusive operation.
160    Must only be called from outside cpu_arm_exec.   */
161 static inline void start_exclusive(void)
162 {
163     CPUState *other_cpu;
164 
165     pthread_mutex_lock(&exclusive_lock);
166     exclusive_idle();
167 
168     pending_cpus = 1;
169     /* Make all other cpus stop executing.  */
170     CPU_FOREACH(other_cpu) {
171         if (other_cpu->running) {
172             pending_cpus++;
173             cpu_exit(other_cpu);
174         }
175     }
176     if (pending_cpus > 1) {
177         pthread_cond_wait(&exclusive_cond, &exclusive_lock);
178     }
179 }
180 
181 /* Finish an exclusive operation.  */
182 static inline void __attribute__((unused)) end_exclusive(void)
183 {
184     pending_cpus = 0;
185     pthread_cond_broadcast(&exclusive_resume);
186     pthread_mutex_unlock(&exclusive_lock);
187 }
188 
189 /* Wait for exclusive ops to finish, and begin cpu execution.  */
190 static inline void cpu_exec_start(CPUState *cpu)
191 {
192     pthread_mutex_lock(&exclusive_lock);
193     exclusive_idle();
194     cpu->running = true;
195     pthread_mutex_unlock(&exclusive_lock);
196 }
197 
198 /* Mark cpu as not executing, and release pending exclusive ops.  */
199 static inline void cpu_exec_end(CPUState *cpu)
200 {
201     pthread_mutex_lock(&exclusive_lock);
202     cpu->running = false;
203     if (pending_cpus > 1) {
204         pending_cpus--;
205         if (pending_cpus == 1) {
206             pthread_cond_signal(&exclusive_cond);
207         }
208     }
209     exclusive_idle();
210     pthread_mutex_unlock(&exclusive_lock);
211 }
212 
213 void cpu_list_lock(void)
214 {
215     pthread_mutex_lock(&cpu_list_mutex);
216 }
217 
218 void cpu_list_unlock(void)
219 {
220     pthread_mutex_unlock(&cpu_list_mutex);
221 }
222 
223 
224 #ifdef TARGET_I386
225 /***********************************************************/
226 /* CPUX86 core interface */
227 
228 uint64_t cpu_get_tsc(CPUX86State *env)
229 {
230     return cpu_get_host_ticks();
231 }
232 
233 static void write_dt(void *ptr, unsigned long addr, unsigned long limit,
234                      int flags)
235 {
236     unsigned int e1, e2;
237     uint32_t *p;
238     e1 = (addr << 16) | (limit & 0xffff);
239     e2 = ((addr >> 16) & 0xff) | (addr & 0xff000000) | (limit & 0x000f0000);
240     e2 |= flags;
241     p = ptr;
242     p[0] = tswap32(e1);
243     p[1] = tswap32(e2);
244 }
245 
246 static uint64_t *idt_table;
247 #ifdef TARGET_X86_64
248 static void set_gate64(void *ptr, unsigned int type, unsigned int dpl,
249                        uint64_t addr, unsigned int sel)
250 {
251     uint32_t *p, e1, e2;
252     e1 = (addr & 0xffff) | (sel << 16);
253     e2 = (addr & 0xffff0000) | 0x8000 | (dpl << 13) | (type << 8);
254     p = ptr;
255     p[0] = tswap32(e1);
256     p[1] = tswap32(e2);
257     p[2] = tswap32(addr >> 32);
258     p[3] = 0;
259 }
260 /* only dpl matters as we do only user space emulation */
261 static void set_idt(int n, unsigned int dpl)
262 {
263     set_gate64(idt_table + n * 2, 0, dpl, 0, 0);
264 }
265 #else
266 static void set_gate(void *ptr, unsigned int type, unsigned int dpl,
267                      uint32_t addr, unsigned int sel)
268 {
269     uint32_t *p, e1, e2;
270     e1 = (addr & 0xffff) | (sel << 16);
271     e2 = (addr & 0xffff0000) | 0x8000 | (dpl << 13) | (type << 8);
272     p = ptr;
273     p[0] = tswap32(e1);
274     p[1] = tswap32(e2);
275 }
276 
277 /* only dpl matters as we do only user space emulation */
278 static void set_idt(int n, unsigned int dpl)
279 {
280     set_gate(idt_table + n, 0, dpl, 0, 0);
281 }
282 #endif
283 
284 void cpu_loop(CPUX86State *env)
285 {
286     CPUState *cs = CPU(x86_env_get_cpu(env));
287     int trapnr;
288     abi_ulong pc;
289     target_siginfo_t info;
290 
291     for(;;) {
292         cpu_exec_start(cs);
293         trapnr = cpu_x86_exec(cs);
294         cpu_exec_end(cs);
295         switch(trapnr) {
296         case 0x80:
297             /* linux syscall from int $0x80 */
298             env->regs[R_EAX] = do_syscall(env,
299                                           env->regs[R_EAX],
300                                           env->regs[R_EBX],
301                                           env->regs[R_ECX],
302                                           env->regs[R_EDX],
303                                           env->regs[R_ESI],
304                                           env->regs[R_EDI],
305                                           env->regs[R_EBP],
306                                           0, 0);
307             break;
308 #ifndef TARGET_ABI32
309         case EXCP_SYSCALL:
310             /* linux syscall from syscall instruction */
311             env->regs[R_EAX] = do_syscall(env,
312                                           env->regs[R_EAX],
313                                           env->regs[R_EDI],
314                                           env->regs[R_ESI],
315                                           env->regs[R_EDX],
316                                           env->regs[10],
317                                           env->regs[8],
318                                           env->regs[9],
319                                           0, 0);
320             break;
321 #endif
322         case EXCP0B_NOSEG:
323         case EXCP0C_STACK:
324             info.si_signo = TARGET_SIGBUS;
325             info.si_errno = 0;
326             info.si_code = TARGET_SI_KERNEL;
327             info._sifields._sigfault._addr = 0;
328             queue_signal(env, info.si_signo, &info);
329             break;
330         case EXCP0D_GPF:
331             /* XXX: potential problem if ABI32 */
332 #ifndef TARGET_X86_64
333             if (env->eflags & VM_MASK) {
334                 handle_vm86_fault(env);
335             } else
336 #endif
337             {
338                 info.si_signo = TARGET_SIGSEGV;
339                 info.si_errno = 0;
340                 info.si_code = TARGET_SI_KERNEL;
341                 info._sifields._sigfault._addr = 0;
342                 queue_signal(env, info.si_signo, &info);
343             }
344             break;
345         case EXCP0E_PAGE:
346             info.si_signo = TARGET_SIGSEGV;
347             info.si_errno = 0;
348             if (!(env->error_code & 1))
349                 info.si_code = TARGET_SEGV_MAPERR;
350             else
351                 info.si_code = TARGET_SEGV_ACCERR;
352             info._sifields._sigfault._addr = env->cr[2];
353             queue_signal(env, info.si_signo, &info);
354             break;
355         case EXCP00_DIVZ:
356 #ifndef TARGET_X86_64
357             if (env->eflags & VM_MASK) {
358                 handle_vm86_trap(env, trapnr);
359             } else
360 #endif
361             {
362                 /* division by zero */
363                 info.si_signo = TARGET_SIGFPE;
364                 info.si_errno = 0;
365                 info.si_code = TARGET_FPE_INTDIV;
366                 info._sifields._sigfault._addr = env->eip;
367                 queue_signal(env, info.si_signo, &info);
368             }
369             break;
370         case EXCP01_DB:
371         case EXCP03_INT3:
372 #ifndef TARGET_X86_64
373             if (env->eflags & VM_MASK) {
374                 handle_vm86_trap(env, trapnr);
375             } else
376 #endif
377             {
378                 info.si_signo = TARGET_SIGTRAP;
379                 info.si_errno = 0;
380                 if (trapnr == EXCP01_DB) {
381                     info.si_code = TARGET_TRAP_BRKPT;
382                     info._sifields._sigfault._addr = env->eip;
383                 } else {
384                     info.si_code = TARGET_SI_KERNEL;
385                     info._sifields._sigfault._addr = 0;
386                 }
387                 queue_signal(env, info.si_signo, &info);
388             }
389             break;
390         case EXCP04_INTO:
391         case EXCP05_BOUND:
392 #ifndef TARGET_X86_64
393             if (env->eflags & VM_MASK) {
394                 handle_vm86_trap(env, trapnr);
395             } else
396 #endif
397             {
398                 info.si_signo = TARGET_SIGSEGV;
399                 info.si_errno = 0;
400                 info.si_code = TARGET_SI_KERNEL;
401                 info._sifields._sigfault._addr = 0;
402                 queue_signal(env, info.si_signo, &info);
403             }
404             break;
405         case EXCP06_ILLOP:
406             info.si_signo = TARGET_SIGILL;
407             info.si_errno = 0;
408             info.si_code = TARGET_ILL_ILLOPN;
409             info._sifields._sigfault._addr = env->eip;
410             queue_signal(env, info.si_signo, &info);
411             break;
412         case EXCP_INTERRUPT:
413             /* just indicate that signals should be handled asap */
414             break;
415         case EXCP_DEBUG:
416             {
417                 int sig;
418 
419                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
420                 if (sig)
421                   {
422                     info.si_signo = sig;
423                     info.si_errno = 0;
424                     info.si_code = TARGET_TRAP_BRKPT;
425                     queue_signal(env, info.si_signo, &info);
426                   }
427             }
428             break;
429         default:
430             pc = env->segs[R_CS].base + env->eip;
431             EXCP_DUMP(env, "qemu: 0x%08lx: unhandled CPU exception 0x%x - aborting\n",
432                       (long)pc, trapnr);
433             abort();
434         }
435         process_pending_signals(env);
436     }
437 }
438 #endif
439 
440 #ifdef TARGET_ARM
441 
442 #define get_user_code_u32(x, gaddr, doswap)             \
443     ({ abi_long __r = get_user_u32((x), (gaddr));       \
444         if (!__r && (doswap)) {                         \
445             (x) = bswap32(x);                           \
446         }                                               \
447         __r;                                            \
448     })
449 
450 #define get_user_code_u16(x, gaddr, doswap)             \
451     ({ abi_long __r = get_user_u16((x), (gaddr));       \
452         if (!__r && (doswap)) {                         \
453             (x) = bswap16(x);                           \
454         }                                               \
455         __r;                                            \
456     })
457 
458 #ifdef TARGET_ABI32
459 /* Commpage handling -- there is no commpage for AArch64 */
460 
461 /*
462  * See the Linux kernel's Documentation/arm/kernel_user_helpers.txt
463  * Input:
464  * r0 = pointer to oldval
465  * r1 = pointer to newval
466  * r2 = pointer to target value
467  *
468  * Output:
469  * r0 = 0 if *ptr was changed, non-0 if no exchange happened
470  * C set if *ptr was changed, clear if no exchange happened
471  *
472  * Note segv's in kernel helpers are a bit tricky, we can set the
473  * data address sensibly but the PC address is just the entry point.
474  */
475 static void arm_kernel_cmpxchg64_helper(CPUARMState *env)
476 {
477     uint64_t oldval, newval, val;
478     uint32_t addr, cpsr;
479     target_siginfo_t info;
480 
481     /* Based on the 32 bit code in do_kernel_trap */
482 
483     /* XXX: This only works between threads, not between processes.
484        It's probably possible to implement this with native host
485        operations. However things like ldrex/strex are much harder so
486        there's not much point trying.  */
487     start_exclusive();
488     cpsr = cpsr_read(env);
489     addr = env->regs[2];
490 
491     if (get_user_u64(oldval, env->regs[0])) {
492         env->exception.vaddress = env->regs[0];
493         goto segv;
494     };
495 
496     if (get_user_u64(newval, env->regs[1])) {
497         env->exception.vaddress = env->regs[1];
498         goto segv;
499     };
500 
501     if (get_user_u64(val, addr)) {
502         env->exception.vaddress = addr;
503         goto segv;
504     }
505 
506     if (val == oldval) {
507         val = newval;
508 
509         if (put_user_u64(val, addr)) {
510             env->exception.vaddress = addr;
511             goto segv;
512         };
513 
514         env->regs[0] = 0;
515         cpsr |= CPSR_C;
516     } else {
517         env->regs[0] = -1;
518         cpsr &= ~CPSR_C;
519     }
520     cpsr_write(env, cpsr, CPSR_C);
521     end_exclusive();
522     return;
523 
524 segv:
525     end_exclusive();
526     /* We get the PC of the entry address - which is as good as anything,
527        on a real kernel what you get depends on which mode it uses. */
528     info.si_signo = TARGET_SIGSEGV;
529     info.si_errno = 0;
530     /* XXX: check env->error_code */
531     info.si_code = TARGET_SEGV_MAPERR;
532     info._sifields._sigfault._addr = env->exception.vaddress;
533     queue_signal(env, info.si_signo, &info);
534 }
535 
536 /* Handle a jump to the kernel code page.  */
537 static int
538 do_kernel_trap(CPUARMState *env)
539 {
540     uint32_t addr;
541     uint32_t cpsr;
542     uint32_t val;
543 
544     switch (env->regs[15]) {
545     case 0xffff0fa0: /* __kernel_memory_barrier */
546         /* ??? No-op. Will need to do better for SMP.  */
547         break;
548     case 0xffff0fc0: /* __kernel_cmpxchg */
549          /* XXX: This only works between threads, not between processes.
550             It's probably possible to implement this with native host
551             operations. However things like ldrex/strex are much harder so
552             there's not much point trying.  */
553         start_exclusive();
554         cpsr = cpsr_read(env);
555         addr = env->regs[2];
556         /* FIXME: This should SEGV if the access fails.  */
557         if (get_user_u32(val, addr))
558             val = ~env->regs[0];
559         if (val == env->regs[0]) {
560             val = env->regs[1];
561             /* FIXME: Check for segfaults.  */
562             put_user_u32(val, addr);
563             env->regs[0] = 0;
564             cpsr |= CPSR_C;
565         } else {
566             env->regs[0] = -1;
567             cpsr &= ~CPSR_C;
568         }
569         cpsr_write(env, cpsr, CPSR_C);
570         end_exclusive();
571         break;
572     case 0xffff0fe0: /* __kernel_get_tls */
573         env->regs[0] = cpu_get_tls(env);
574         break;
575     case 0xffff0f60: /* __kernel_cmpxchg64 */
576         arm_kernel_cmpxchg64_helper(env);
577         break;
578 
579     default:
580         return 1;
581     }
582     /* Jump back to the caller.  */
583     addr = env->regs[14];
584     if (addr & 1) {
585         env->thumb = 1;
586         addr &= ~1;
587     }
588     env->regs[15] = addr;
589 
590     return 0;
591 }
592 
593 /* Store exclusive handling for AArch32 */
594 static int do_strex(CPUARMState *env)
595 {
596     uint64_t val;
597     int size;
598     int rc = 1;
599     int segv = 0;
600     uint32_t addr;
601     start_exclusive();
602     if (env->exclusive_addr != env->exclusive_test) {
603         goto fail;
604     }
605     /* We know we're always AArch32 so the address is in uint32_t range
606      * unless it was the -1 exclusive-monitor-lost value (which won't
607      * match exclusive_test above).
608      */
609     assert(extract64(env->exclusive_addr, 32, 32) == 0);
610     addr = env->exclusive_addr;
611     size = env->exclusive_info & 0xf;
612     switch (size) {
613     case 0:
614         segv = get_user_u8(val, addr);
615         break;
616     case 1:
617         segv = get_user_u16(val, addr);
618         break;
619     case 2:
620     case 3:
621         segv = get_user_u32(val, addr);
622         break;
623     default:
624         abort();
625     }
626     if (segv) {
627         env->exception.vaddress = addr;
628         goto done;
629     }
630     if (size == 3) {
631         uint32_t valhi;
632         segv = get_user_u32(valhi, addr + 4);
633         if (segv) {
634             env->exception.vaddress = addr + 4;
635             goto done;
636         }
637         val = deposit64(val, 32, 32, valhi);
638     }
639     if (val != env->exclusive_val) {
640         goto fail;
641     }
642 
643     val = env->regs[(env->exclusive_info >> 8) & 0xf];
644     switch (size) {
645     case 0:
646         segv = put_user_u8(val, addr);
647         break;
648     case 1:
649         segv = put_user_u16(val, addr);
650         break;
651     case 2:
652     case 3:
653         segv = put_user_u32(val, addr);
654         break;
655     }
656     if (segv) {
657         env->exception.vaddress = addr;
658         goto done;
659     }
660     if (size == 3) {
661         val = env->regs[(env->exclusive_info >> 12) & 0xf];
662         segv = put_user_u32(val, addr + 4);
663         if (segv) {
664             env->exception.vaddress = addr + 4;
665             goto done;
666         }
667     }
668     rc = 0;
669 fail:
670     env->regs[15] += 4;
671     env->regs[(env->exclusive_info >> 4) & 0xf] = rc;
672 done:
673     end_exclusive();
674     return segv;
675 }
676 
677 void cpu_loop(CPUARMState *env)
678 {
679     CPUState *cs = CPU(arm_env_get_cpu(env));
680     int trapnr;
681     unsigned int n, insn;
682     target_siginfo_t info;
683     uint32_t addr;
684 
685     for(;;) {
686         cpu_exec_start(cs);
687         trapnr = cpu_arm_exec(cs);
688         cpu_exec_end(cs);
689         switch(trapnr) {
690         case EXCP_UDEF:
691             {
692                 TaskState *ts = cs->opaque;
693                 uint32_t opcode;
694                 int rc;
695 
696                 /* we handle the FPU emulation here, as Linux */
697                 /* we get the opcode */
698                 /* FIXME - what to do if get_user() fails? */
699                 get_user_code_u32(opcode, env->regs[15], env->bswap_code);
700 
701                 rc = EmulateAll(opcode, &ts->fpa, env);
702                 if (rc == 0) { /* illegal instruction */
703                     info.si_signo = TARGET_SIGILL;
704                     info.si_errno = 0;
705                     info.si_code = TARGET_ILL_ILLOPN;
706                     info._sifields._sigfault._addr = env->regs[15];
707                     queue_signal(env, info.si_signo, &info);
708                 } else if (rc < 0) { /* FP exception */
709                     int arm_fpe=0;
710 
711                     /* translate softfloat flags to FPSR flags */
712                     if (-rc & float_flag_invalid)
713                       arm_fpe |= BIT_IOC;
714                     if (-rc & float_flag_divbyzero)
715                       arm_fpe |= BIT_DZC;
716                     if (-rc & float_flag_overflow)
717                       arm_fpe |= BIT_OFC;
718                     if (-rc & float_flag_underflow)
719                       arm_fpe |= BIT_UFC;
720                     if (-rc & float_flag_inexact)
721                       arm_fpe |= BIT_IXC;
722 
723                     FPSR fpsr = ts->fpa.fpsr;
724                     //printf("fpsr 0x%x, arm_fpe 0x%x\n",fpsr,arm_fpe);
725 
726                     if (fpsr & (arm_fpe << 16)) { /* exception enabled? */
727                       info.si_signo = TARGET_SIGFPE;
728                       info.si_errno = 0;
729 
730                       /* ordered by priority, least first */
731                       if (arm_fpe & BIT_IXC) info.si_code = TARGET_FPE_FLTRES;
732                       if (arm_fpe & BIT_UFC) info.si_code = TARGET_FPE_FLTUND;
733                       if (arm_fpe & BIT_OFC) info.si_code = TARGET_FPE_FLTOVF;
734                       if (arm_fpe & BIT_DZC) info.si_code = TARGET_FPE_FLTDIV;
735                       if (arm_fpe & BIT_IOC) info.si_code = TARGET_FPE_FLTINV;
736 
737                       info._sifields._sigfault._addr = env->regs[15];
738                       queue_signal(env, info.si_signo, &info);
739                     } else {
740                       env->regs[15] += 4;
741                     }
742 
743                     /* accumulate unenabled exceptions */
744                     if ((!(fpsr & BIT_IXE)) && (arm_fpe & BIT_IXC))
745                       fpsr |= BIT_IXC;
746                     if ((!(fpsr & BIT_UFE)) && (arm_fpe & BIT_UFC))
747                       fpsr |= BIT_UFC;
748                     if ((!(fpsr & BIT_OFE)) && (arm_fpe & BIT_OFC))
749                       fpsr |= BIT_OFC;
750                     if ((!(fpsr & BIT_DZE)) && (arm_fpe & BIT_DZC))
751                       fpsr |= BIT_DZC;
752                     if ((!(fpsr & BIT_IOE)) && (arm_fpe & BIT_IOC))
753                       fpsr |= BIT_IOC;
754                     ts->fpa.fpsr=fpsr;
755                 } else { /* everything OK */
756                     /* increment PC */
757                     env->regs[15] += 4;
758                 }
759             }
760             break;
761         case EXCP_SWI:
762         case EXCP_BKPT:
763             {
764                 env->eabi = 1;
765                 /* system call */
766                 if (trapnr == EXCP_BKPT) {
767                     if (env->thumb) {
768                         /* FIXME - what to do if get_user() fails? */
769                         get_user_code_u16(insn, env->regs[15], env->bswap_code);
770                         n = insn & 0xff;
771                         env->regs[15] += 2;
772                     } else {
773                         /* FIXME - what to do if get_user() fails? */
774                         get_user_code_u32(insn, env->regs[15], env->bswap_code);
775                         n = (insn & 0xf) | ((insn >> 4) & 0xff0);
776                         env->regs[15] += 4;
777                     }
778                 } else {
779                     if (env->thumb) {
780                         /* FIXME - what to do if get_user() fails? */
781                         get_user_code_u16(insn, env->regs[15] - 2,
782                                           env->bswap_code);
783                         n = insn & 0xff;
784                     } else {
785                         /* FIXME - what to do if get_user() fails? */
786                         get_user_code_u32(insn, env->regs[15] - 4,
787                                           env->bswap_code);
788                         n = insn & 0xffffff;
789                     }
790                 }
791 
792                 if (n == ARM_NR_cacheflush) {
793                     /* nop */
794                 } else if (n == ARM_NR_semihosting
795                            || n == ARM_NR_thumb_semihosting) {
796                     env->regs[0] = do_arm_semihosting (env);
797                 } else if (n == 0 || n >= ARM_SYSCALL_BASE || env->thumb) {
798                     /* linux syscall */
799                     if (env->thumb || n == 0) {
800                         n = env->regs[7];
801                     } else {
802                         n -= ARM_SYSCALL_BASE;
803                         env->eabi = 0;
804                     }
805                     if ( n > ARM_NR_BASE) {
806                         switch (n) {
807                         case ARM_NR_cacheflush:
808                             /* nop */
809                             break;
810                         case ARM_NR_set_tls:
811                             cpu_set_tls(env, env->regs[0]);
812                             env->regs[0] = 0;
813                             break;
814                         case ARM_NR_breakpoint:
815                             env->regs[15] -= env->thumb ? 2 : 4;
816                             goto excp_debug;
817                         default:
818                             gemu_log("qemu: Unsupported ARM syscall: 0x%x\n",
819                                      n);
820                             env->regs[0] = -TARGET_ENOSYS;
821                             break;
822                         }
823                     } else {
824                         env->regs[0] = do_syscall(env,
825                                                   n,
826                                                   env->regs[0],
827                                                   env->regs[1],
828                                                   env->regs[2],
829                                                   env->regs[3],
830                                                   env->regs[4],
831                                                   env->regs[5],
832                                                   0, 0);
833                     }
834                 } else {
835                     goto error;
836                 }
837             }
838             break;
839         case EXCP_INTERRUPT:
840             /* just indicate that signals should be handled asap */
841             break;
842         case EXCP_STREX:
843             if (!do_strex(env)) {
844                 break;
845             }
846             /* fall through for segv */
847         case EXCP_PREFETCH_ABORT:
848         case EXCP_DATA_ABORT:
849             addr = env->exception.vaddress;
850             {
851                 info.si_signo = TARGET_SIGSEGV;
852                 info.si_errno = 0;
853                 /* XXX: check env->error_code */
854                 info.si_code = TARGET_SEGV_MAPERR;
855                 info._sifields._sigfault._addr = addr;
856                 queue_signal(env, info.si_signo, &info);
857             }
858             break;
859         case EXCP_DEBUG:
860         excp_debug:
861             {
862                 int sig;
863 
864                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
865                 if (sig)
866                   {
867                     info.si_signo = sig;
868                     info.si_errno = 0;
869                     info.si_code = TARGET_TRAP_BRKPT;
870                     queue_signal(env, info.si_signo, &info);
871                   }
872             }
873             break;
874         case EXCP_KERNEL_TRAP:
875             if (do_kernel_trap(env))
876               goto error;
877             break;
878         default:
879         error:
880             EXCP_DUMP(env, "qemu: unhandled CPU exception 0x%x - aborting\n", trapnr);
881             abort();
882         }
883         process_pending_signals(env);
884     }
885 }
886 
887 #else
888 
889 /*
890  * Handle AArch64 store-release exclusive
891  *
892  * rs = gets the status result of store exclusive
893  * rt = is the register that is stored
894  * rt2 = is the second register store (in STP)
895  *
896  */
897 static int do_strex_a64(CPUARMState *env)
898 {
899     uint64_t val;
900     int size;
901     bool is_pair;
902     int rc = 1;
903     int segv = 0;
904     uint64_t addr;
905     int rs, rt, rt2;
906 
907     start_exclusive();
908     /* size | is_pair << 2 | (rs << 4) | (rt << 9) | (rt2 << 14)); */
909     size = extract32(env->exclusive_info, 0, 2);
910     is_pair = extract32(env->exclusive_info, 2, 1);
911     rs = extract32(env->exclusive_info, 4, 5);
912     rt = extract32(env->exclusive_info, 9, 5);
913     rt2 = extract32(env->exclusive_info, 14, 5);
914 
915     addr = env->exclusive_addr;
916 
917     if (addr != env->exclusive_test) {
918         goto finish;
919     }
920 
921     switch (size) {
922     case 0:
923         segv = get_user_u8(val, addr);
924         break;
925     case 1:
926         segv = get_user_u16(val, addr);
927         break;
928     case 2:
929         segv = get_user_u32(val, addr);
930         break;
931     case 3:
932         segv = get_user_u64(val, addr);
933         break;
934     default:
935         abort();
936     }
937     if (segv) {
938         env->exception.vaddress = addr;
939         goto error;
940     }
941     if (val != env->exclusive_val) {
942         goto finish;
943     }
944     if (is_pair) {
945         if (size == 2) {
946             segv = get_user_u32(val, addr + 4);
947         } else {
948             segv = get_user_u64(val, addr + 8);
949         }
950         if (segv) {
951             env->exception.vaddress = addr + (size == 2 ? 4 : 8);
952             goto error;
953         }
954         if (val != env->exclusive_high) {
955             goto finish;
956         }
957     }
958     /* handle the zero register */
959     val = rt == 31 ? 0 : env->xregs[rt];
960     switch (size) {
961     case 0:
962         segv = put_user_u8(val, addr);
963         break;
964     case 1:
965         segv = put_user_u16(val, addr);
966         break;
967     case 2:
968         segv = put_user_u32(val, addr);
969         break;
970     case 3:
971         segv = put_user_u64(val, addr);
972         break;
973     }
974     if (segv) {
975         goto error;
976     }
977     if (is_pair) {
978         /* handle the zero register */
979         val = rt2 == 31 ? 0 : env->xregs[rt2];
980         if (size == 2) {
981             segv = put_user_u32(val, addr + 4);
982         } else {
983             segv = put_user_u64(val, addr + 8);
984         }
985         if (segv) {
986             env->exception.vaddress = addr + (size == 2 ? 4 : 8);
987             goto error;
988         }
989     }
990     rc = 0;
991 finish:
992     env->pc += 4;
993     /* rs == 31 encodes a write to the ZR, thus throwing away
994      * the status return. This is rather silly but valid.
995      */
996     if (rs < 31) {
997         env->xregs[rs] = rc;
998     }
999 error:
1000     /* instruction faulted, PC does not advance */
1001     /* either way a strex releases any exclusive lock we have */
1002     env->exclusive_addr = -1;
1003     end_exclusive();
1004     return segv;
1005 }
1006 
1007 /* AArch64 main loop */
1008 void cpu_loop(CPUARMState *env)
1009 {
1010     CPUState *cs = CPU(arm_env_get_cpu(env));
1011     int trapnr, sig;
1012     target_siginfo_t info;
1013 
1014     for (;;) {
1015         cpu_exec_start(cs);
1016         trapnr = cpu_arm_exec(cs);
1017         cpu_exec_end(cs);
1018 
1019         switch (trapnr) {
1020         case EXCP_SWI:
1021             env->xregs[0] = do_syscall(env,
1022                                        env->xregs[8],
1023                                        env->xregs[0],
1024                                        env->xregs[1],
1025                                        env->xregs[2],
1026                                        env->xregs[3],
1027                                        env->xregs[4],
1028                                        env->xregs[5],
1029                                        0, 0);
1030             break;
1031         case EXCP_INTERRUPT:
1032             /* just indicate that signals should be handled asap */
1033             break;
1034         case EXCP_UDEF:
1035             info.si_signo = TARGET_SIGILL;
1036             info.si_errno = 0;
1037             info.si_code = TARGET_ILL_ILLOPN;
1038             info._sifields._sigfault._addr = env->pc;
1039             queue_signal(env, info.si_signo, &info);
1040             break;
1041         case EXCP_STREX:
1042             if (!do_strex_a64(env)) {
1043                 break;
1044             }
1045             /* fall through for segv */
1046         case EXCP_PREFETCH_ABORT:
1047         case EXCP_DATA_ABORT:
1048             info.si_signo = TARGET_SIGSEGV;
1049             info.si_errno = 0;
1050             /* XXX: check env->error_code */
1051             info.si_code = TARGET_SEGV_MAPERR;
1052             info._sifields._sigfault._addr = env->exception.vaddress;
1053             queue_signal(env, info.si_signo, &info);
1054             break;
1055         case EXCP_DEBUG:
1056         case EXCP_BKPT:
1057             sig = gdb_handlesig(cs, TARGET_SIGTRAP);
1058             if (sig) {
1059                 info.si_signo = sig;
1060                 info.si_errno = 0;
1061                 info.si_code = TARGET_TRAP_BRKPT;
1062                 queue_signal(env, info.si_signo, &info);
1063             }
1064             break;
1065         case EXCP_SEMIHOST:
1066             env->xregs[0] = do_arm_semihosting(env);
1067             break;
1068         default:
1069             EXCP_DUMP(env, "qemu: unhandled CPU exception 0x%x - aborting\n", trapnr);
1070             abort();
1071         }
1072         process_pending_signals(env);
1073         /* Exception return on AArch64 always clears the exclusive monitor,
1074          * so any return to running guest code implies this.
1075          * A strex (successful or otherwise) also clears the monitor, so
1076          * we don't need to specialcase EXCP_STREX.
1077          */
1078         env->exclusive_addr = -1;
1079     }
1080 }
1081 #endif /* ndef TARGET_ABI32 */
1082 
1083 #endif
1084 
1085 #ifdef TARGET_UNICORE32
1086 
1087 void cpu_loop(CPUUniCore32State *env)
1088 {
1089     CPUState *cs = CPU(uc32_env_get_cpu(env));
1090     int trapnr;
1091     unsigned int n, insn;
1092     target_siginfo_t info;
1093 
1094     for (;;) {
1095         cpu_exec_start(cs);
1096         trapnr = uc32_cpu_exec(cs);
1097         cpu_exec_end(cs);
1098         switch (trapnr) {
1099         case UC32_EXCP_PRIV:
1100             {
1101                 /* system call */
1102                 get_user_u32(insn, env->regs[31] - 4);
1103                 n = insn & 0xffffff;
1104 
1105                 if (n >= UC32_SYSCALL_BASE) {
1106                     /* linux syscall */
1107                     n -= UC32_SYSCALL_BASE;
1108                     if (n == UC32_SYSCALL_NR_set_tls) {
1109                             cpu_set_tls(env, env->regs[0]);
1110                             env->regs[0] = 0;
1111                     } else {
1112                         env->regs[0] = do_syscall(env,
1113                                                   n,
1114                                                   env->regs[0],
1115                                                   env->regs[1],
1116                                                   env->regs[2],
1117                                                   env->regs[3],
1118                                                   env->regs[4],
1119                                                   env->regs[5],
1120                                                   0, 0);
1121                     }
1122                 } else {
1123                     goto error;
1124                 }
1125             }
1126             break;
1127         case UC32_EXCP_DTRAP:
1128         case UC32_EXCP_ITRAP:
1129             info.si_signo = TARGET_SIGSEGV;
1130             info.si_errno = 0;
1131             /* XXX: check env->error_code */
1132             info.si_code = TARGET_SEGV_MAPERR;
1133             info._sifields._sigfault._addr = env->cp0.c4_faultaddr;
1134             queue_signal(env, info.si_signo, &info);
1135             break;
1136         case EXCP_INTERRUPT:
1137             /* just indicate that signals should be handled asap */
1138             break;
1139         case EXCP_DEBUG:
1140             {
1141                 int sig;
1142 
1143                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
1144                 if (sig) {
1145                     info.si_signo = sig;
1146                     info.si_errno = 0;
1147                     info.si_code = TARGET_TRAP_BRKPT;
1148                     queue_signal(env, info.si_signo, &info);
1149                 }
1150             }
1151             break;
1152         default:
1153             goto error;
1154         }
1155         process_pending_signals(env);
1156     }
1157 
1158 error:
1159     EXCP_DUMP(env, "qemu: unhandled CPU exception 0x%x - aborting\n", trapnr);
1160     abort();
1161 }
1162 #endif
1163 
1164 #ifdef TARGET_SPARC
1165 #define SPARC64_STACK_BIAS 2047
1166 
1167 //#define DEBUG_WIN
1168 
1169 /* WARNING: dealing with register windows _is_ complicated. More info
1170    can be found at http://www.sics.se/~psm/sparcstack.html */
1171 static inline int get_reg_index(CPUSPARCState *env, int cwp, int index)
1172 {
1173     index = (index + cwp * 16) % (16 * env->nwindows);
1174     /* wrap handling : if cwp is on the last window, then we use the
1175        registers 'after' the end */
1176     if (index < 8 && env->cwp == env->nwindows - 1)
1177         index += 16 * env->nwindows;
1178     return index;
1179 }
1180 
1181 /* save the register window 'cwp1' */
1182 static inline void save_window_offset(CPUSPARCState *env, int cwp1)
1183 {
1184     unsigned int i;
1185     abi_ulong sp_ptr;
1186 
1187     sp_ptr = env->regbase[get_reg_index(env, cwp1, 6)];
1188 #ifdef TARGET_SPARC64
1189     if (sp_ptr & 3)
1190         sp_ptr += SPARC64_STACK_BIAS;
1191 #endif
1192 #if defined(DEBUG_WIN)
1193     printf("win_overflow: sp_ptr=0x" TARGET_ABI_FMT_lx " save_cwp=%d\n",
1194            sp_ptr, cwp1);
1195 #endif
1196     for(i = 0; i < 16; i++) {
1197         /* FIXME - what to do if put_user() fails? */
1198         put_user_ual(env->regbase[get_reg_index(env, cwp1, 8 + i)], sp_ptr);
1199         sp_ptr += sizeof(abi_ulong);
1200     }
1201 }
1202 
1203 static void save_window(CPUSPARCState *env)
1204 {
1205 #ifndef TARGET_SPARC64
1206     unsigned int new_wim;
1207     new_wim = ((env->wim >> 1) | (env->wim << (env->nwindows - 1))) &
1208         ((1LL << env->nwindows) - 1);
1209     save_window_offset(env, cpu_cwp_dec(env, env->cwp - 2));
1210     env->wim = new_wim;
1211 #else
1212     save_window_offset(env, cpu_cwp_dec(env, env->cwp - 2));
1213     env->cansave++;
1214     env->canrestore--;
1215 #endif
1216 }
1217 
1218 static void restore_window(CPUSPARCState *env)
1219 {
1220 #ifndef TARGET_SPARC64
1221     unsigned int new_wim;
1222 #endif
1223     unsigned int i, cwp1;
1224     abi_ulong sp_ptr;
1225 
1226 #ifndef TARGET_SPARC64
1227     new_wim = ((env->wim << 1) | (env->wim >> (env->nwindows - 1))) &
1228         ((1LL << env->nwindows) - 1);
1229 #endif
1230 
1231     /* restore the invalid window */
1232     cwp1 = cpu_cwp_inc(env, env->cwp + 1);
1233     sp_ptr = env->regbase[get_reg_index(env, cwp1, 6)];
1234 #ifdef TARGET_SPARC64
1235     if (sp_ptr & 3)
1236         sp_ptr += SPARC64_STACK_BIAS;
1237 #endif
1238 #if defined(DEBUG_WIN)
1239     printf("win_underflow: sp_ptr=0x" TARGET_ABI_FMT_lx " load_cwp=%d\n",
1240            sp_ptr, cwp1);
1241 #endif
1242     for(i = 0; i < 16; i++) {
1243         /* FIXME - what to do if get_user() fails? */
1244         get_user_ual(env->regbase[get_reg_index(env, cwp1, 8 + i)], sp_ptr);
1245         sp_ptr += sizeof(abi_ulong);
1246     }
1247 #ifdef TARGET_SPARC64
1248     env->canrestore++;
1249     if (env->cleanwin < env->nwindows - 1)
1250         env->cleanwin++;
1251     env->cansave--;
1252 #else
1253     env->wim = new_wim;
1254 #endif
1255 }
1256 
1257 static void flush_windows(CPUSPARCState *env)
1258 {
1259     int offset, cwp1;
1260 
1261     offset = 1;
1262     for(;;) {
1263         /* if restore would invoke restore_window(), then we can stop */
1264         cwp1 = cpu_cwp_inc(env, env->cwp + offset);
1265 #ifndef TARGET_SPARC64
1266         if (env->wim & (1 << cwp1))
1267             break;
1268 #else
1269         if (env->canrestore == 0)
1270             break;
1271         env->cansave++;
1272         env->canrestore--;
1273 #endif
1274         save_window_offset(env, cwp1);
1275         offset++;
1276     }
1277     cwp1 = cpu_cwp_inc(env, env->cwp + 1);
1278 #ifndef TARGET_SPARC64
1279     /* set wim so that restore will reload the registers */
1280     env->wim = 1 << cwp1;
1281 #endif
1282 #if defined(DEBUG_WIN)
1283     printf("flush_windows: nb=%d\n", offset - 1);
1284 #endif
1285 }
1286 
1287 void cpu_loop (CPUSPARCState *env)
1288 {
1289     CPUState *cs = CPU(sparc_env_get_cpu(env));
1290     int trapnr;
1291     abi_long ret;
1292     target_siginfo_t info;
1293 
1294     while (1) {
1295         cpu_exec_start(cs);
1296         trapnr = cpu_sparc_exec(cs);
1297         cpu_exec_end(cs);
1298 
1299         /* Compute PSR before exposing state.  */
1300         if (env->cc_op != CC_OP_FLAGS) {
1301             cpu_get_psr(env);
1302         }
1303 
1304         switch (trapnr) {
1305 #ifndef TARGET_SPARC64
1306         case 0x88:
1307         case 0x90:
1308 #else
1309         case 0x110:
1310         case 0x16d:
1311 #endif
1312             ret = do_syscall (env, env->gregs[1],
1313                               env->regwptr[0], env->regwptr[1],
1314                               env->regwptr[2], env->regwptr[3],
1315                               env->regwptr[4], env->regwptr[5],
1316                               0, 0);
1317             if ((abi_ulong)ret >= (abi_ulong)(-515)) {
1318 #if defined(TARGET_SPARC64) && !defined(TARGET_ABI32)
1319                 env->xcc |= PSR_CARRY;
1320 #else
1321                 env->psr |= PSR_CARRY;
1322 #endif
1323                 ret = -ret;
1324             } else {
1325 #if defined(TARGET_SPARC64) && !defined(TARGET_ABI32)
1326                 env->xcc &= ~PSR_CARRY;
1327 #else
1328                 env->psr &= ~PSR_CARRY;
1329 #endif
1330             }
1331             env->regwptr[0] = ret;
1332             /* next instruction */
1333             env->pc = env->npc;
1334             env->npc = env->npc + 4;
1335             break;
1336         case 0x83: /* flush windows */
1337 #ifdef TARGET_ABI32
1338         case 0x103:
1339 #endif
1340             flush_windows(env);
1341             /* next instruction */
1342             env->pc = env->npc;
1343             env->npc = env->npc + 4;
1344             break;
1345 #ifndef TARGET_SPARC64
1346         case TT_WIN_OVF: /* window overflow */
1347             save_window(env);
1348             break;
1349         case TT_WIN_UNF: /* window underflow */
1350             restore_window(env);
1351             break;
1352         case TT_TFAULT:
1353         case TT_DFAULT:
1354             {
1355                 info.si_signo = TARGET_SIGSEGV;
1356                 info.si_errno = 0;
1357                 /* XXX: check env->error_code */
1358                 info.si_code = TARGET_SEGV_MAPERR;
1359                 info._sifields._sigfault._addr = env->mmuregs[4];
1360                 queue_signal(env, info.si_signo, &info);
1361             }
1362             break;
1363 #else
1364         case TT_SPILL: /* window overflow */
1365             save_window(env);
1366             break;
1367         case TT_FILL: /* window underflow */
1368             restore_window(env);
1369             break;
1370         case TT_TFAULT:
1371         case TT_DFAULT:
1372             {
1373                 info.si_signo = TARGET_SIGSEGV;
1374                 info.si_errno = 0;
1375                 /* XXX: check env->error_code */
1376                 info.si_code = TARGET_SEGV_MAPERR;
1377                 if (trapnr == TT_DFAULT)
1378                     info._sifields._sigfault._addr = env->dmmuregs[4];
1379                 else
1380                     info._sifields._sigfault._addr = cpu_tsptr(env)->tpc;
1381                 queue_signal(env, info.si_signo, &info);
1382             }
1383             break;
1384 #ifndef TARGET_ABI32
1385         case 0x16e:
1386             flush_windows(env);
1387             sparc64_get_context(env);
1388             break;
1389         case 0x16f:
1390             flush_windows(env);
1391             sparc64_set_context(env);
1392             break;
1393 #endif
1394 #endif
1395         case EXCP_INTERRUPT:
1396             /* just indicate that signals should be handled asap */
1397             break;
1398         case TT_ILL_INSN:
1399             {
1400                 info.si_signo = TARGET_SIGILL;
1401                 info.si_errno = 0;
1402                 info.si_code = TARGET_ILL_ILLOPC;
1403                 info._sifields._sigfault._addr = env->pc;
1404                 queue_signal(env, info.si_signo, &info);
1405             }
1406             break;
1407         case EXCP_DEBUG:
1408             {
1409                 int sig;
1410 
1411                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
1412                 if (sig)
1413                   {
1414                     info.si_signo = sig;
1415                     info.si_errno = 0;
1416                     info.si_code = TARGET_TRAP_BRKPT;
1417                     queue_signal(env, info.si_signo, &info);
1418                   }
1419             }
1420             break;
1421         default:
1422             printf ("Unhandled trap: 0x%x\n", trapnr);
1423             cpu_dump_state(cs, stderr, fprintf, 0);
1424             exit(EXIT_FAILURE);
1425         }
1426         process_pending_signals (env);
1427     }
1428 }
1429 
1430 #endif
1431 
1432 #ifdef TARGET_PPC
1433 static inline uint64_t cpu_ppc_get_tb(CPUPPCState *env)
1434 {
1435     return cpu_get_host_ticks();
1436 }
1437 
1438 uint64_t cpu_ppc_load_tbl(CPUPPCState *env)
1439 {
1440     return cpu_ppc_get_tb(env);
1441 }
1442 
1443 uint32_t cpu_ppc_load_tbu(CPUPPCState *env)
1444 {
1445     return cpu_ppc_get_tb(env) >> 32;
1446 }
1447 
1448 uint64_t cpu_ppc_load_atbl(CPUPPCState *env)
1449 {
1450     return cpu_ppc_get_tb(env);
1451 }
1452 
1453 uint32_t cpu_ppc_load_atbu(CPUPPCState *env)
1454 {
1455     return cpu_ppc_get_tb(env) >> 32;
1456 }
1457 
1458 uint32_t cpu_ppc601_load_rtcu(CPUPPCState *env)
1459 __attribute__ (( alias ("cpu_ppc_load_tbu") ));
1460 
1461 uint32_t cpu_ppc601_load_rtcl(CPUPPCState *env)
1462 {
1463     return cpu_ppc_load_tbl(env) & 0x3FFFFF80;
1464 }
1465 
1466 /* XXX: to be fixed */
1467 int ppc_dcr_read (ppc_dcr_t *dcr_env, int dcrn, uint32_t *valp)
1468 {
1469     return -1;
1470 }
1471 
1472 int ppc_dcr_write (ppc_dcr_t *dcr_env, int dcrn, uint32_t val)
1473 {
1474     return -1;
1475 }
1476 
1477 static int do_store_exclusive(CPUPPCState *env)
1478 {
1479     target_ulong addr;
1480     target_ulong page_addr;
1481     target_ulong val, val2 __attribute__((unused)) = 0;
1482     int flags;
1483     int segv = 0;
1484 
1485     addr = env->reserve_ea;
1486     page_addr = addr & TARGET_PAGE_MASK;
1487     start_exclusive();
1488     mmap_lock();
1489     flags = page_get_flags(page_addr);
1490     if ((flags & PAGE_READ) == 0) {
1491         segv = 1;
1492     } else {
1493         int reg = env->reserve_info & 0x1f;
1494         int size = env->reserve_info >> 5;
1495         int stored = 0;
1496 
1497         if (addr == env->reserve_addr) {
1498             switch (size) {
1499             case 1: segv = get_user_u8(val, addr); break;
1500             case 2: segv = get_user_u16(val, addr); break;
1501             case 4: segv = get_user_u32(val, addr); break;
1502 #if defined(TARGET_PPC64)
1503             case 8: segv = get_user_u64(val, addr); break;
1504             case 16: {
1505                 segv = get_user_u64(val, addr);
1506                 if (!segv) {
1507                     segv = get_user_u64(val2, addr + 8);
1508                 }
1509                 break;
1510             }
1511 #endif
1512             default: abort();
1513             }
1514             if (!segv && val == env->reserve_val) {
1515                 val = env->gpr[reg];
1516                 switch (size) {
1517                 case 1: segv = put_user_u8(val, addr); break;
1518                 case 2: segv = put_user_u16(val, addr); break;
1519                 case 4: segv = put_user_u32(val, addr); break;
1520 #if defined(TARGET_PPC64)
1521                 case 8: segv = put_user_u64(val, addr); break;
1522                 case 16: {
1523                     if (val2 == env->reserve_val2) {
1524                         if (msr_le) {
1525                             val2 = val;
1526                             val = env->gpr[reg+1];
1527                         } else {
1528                             val2 = env->gpr[reg+1];
1529                         }
1530                         segv = put_user_u64(val, addr);
1531                         if (!segv) {
1532                             segv = put_user_u64(val2, addr + 8);
1533                         }
1534                     }
1535                     break;
1536                 }
1537 #endif
1538                 default: abort();
1539                 }
1540                 if (!segv) {
1541                     stored = 1;
1542                 }
1543             }
1544         }
1545         env->crf[0] = (stored << 1) | xer_so;
1546         env->reserve_addr = (target_ulong)-1;
1547     }
1548     if (!segv) {
1549         env->nip += 4;
1550     }
1551     mmap_unlock();
1552     end_exclusive();
1553     return segv;
1554 }
1555 
1556 void cpu_loop(CPUPPCState *env)
1557 {
1558     CPUState *cs = CPU(ppc_env_get_cpu(env));
1559     target_siginfo_t info;
1560     int trapnr;
1561     target_ulong ret;
1562 
1563     for(;;) {
1564         cpu_exec_start(cs);
1565         trapnr = cpu_ppc_exec(cs);
1566         cpu_exec_end(cs);
1567         switch(trapnr) {
1568         case POWERPC_EXCP_NONE:
1569             /* Just go on */
1570             break;
1571         case POWERPC_EXCP_CRITICAL: /* Critical input                        */
1572             cpu_abort(cs, "Critical interrupt while in user mode. "
1573                       "Aborting\n");
1574             break;
1575         case POWERPC_EXCP_MCHECK:   /* Machine check exception               */
1576             cpu_abort(cs, "Machine check exception while in user mode. "
1577                       "Aborting\n");
1578             break;
1579         case POWERPC_EXCP_DSI:      /* Data storage exception                */
1580             EXCP_DUMP(env, "Invalid data memory access: 0x" TARGET_FMT_lx "\n",
1581                       env->spr[SPR_DAR]);
1582             /* XXX: check this. Seems bugged */
1583             switch (env->error_code & 0xFF000000) {
1584             case 0x40000000:
1585                 info.si_signo = TARGET_SIGSEGV;
1586                 info.si_errno = 0;
1587                 info.si_code = TARGET_SEGV_MAPERR;
1588                 break;
1589             case 0x04000000:
1590                 info.si_signo = TARGET_SIGILL;
1591                 info.si_errno = 0;
1592                 info.si_code = TARGET_ILL_ILLADR;
1593                 break;
1594             case 0x08000000:
1595                 info.si_signo = TARGET_SIGSEGV;
1596                 info.si_errno = 0;
1597                 info.si_code = TARGET_SEGV_ACCERR;
1598                 break;
1599             default:
1600                 /* Let's send a regular segfault... */
1601                 EXCP_DUMP(env, "Invalid segfault errno (%02x)\n",
1602                           env->error_code);
1603                 info.si_signo = TARGET_SIGSEGV;
1604                 info.si_errno = 0;
1605                 info.si_code = TARGET_SEGV_MAPERR;
1606                 break;
1607             }
1608             info._sifields._sigfault._addr = env->nip;
1609             queue_signal(env, info.si_signo, &info);
1610             break;
1611         case POWERPC_EXCP_ISI:      /* Instruction storage exception         */
1612             EXCP_DUMP(env, "Invalid instruction fetch: 0x\n" TARGET_FMT_lx
1613                       "\n", env->spr[SPR_SRR0]);
1614             /* XXX: check this */
1615             switch (env->error_code & 0xFF000000) {
1616             case 0x40000000:
1617                 info.si_signo = TARGET_SIGSEGV;
1618             info.si_errno = 0;
1619                 info.si_code = TARGET_SEGV_MAPERR;
1620                 break;
1621             case 0x10000000:
1622             case 0x08000000:
1623                 info.si_signo = TARGET_SIGSEGV;
1624                 info.si_errno = 0;
1625                 info.si_code = TARGET_SEGV_ACCERR;
1626                 break;
1627             default:
1628                 /* Let's send a regular segfault... */
1629                 EXCP_DUMP(env, "Invalid segfault errno (%02x)\n",
1630                           env->error_code);
1631                 info.si_signo = TARGET_SIGSEGV;
1632                 info.si_errno = 0;
1633                 info.si_code = TARGET_SEGV_MAPERR;
1634                 break;
1635             }
1636             info._sifields._sigfault._addr = env->nip - 4;
1637             queue_signal(env, info.si_signo, &info);
1638             break;
1639         case POWERPC_EXCP_EXTERNAL: /* External input                        */
1640             cpu_abort(cs, "External interrupt while in user mode. "
1641                       "Aborting\n");
1642             break;
1643         case POWERPC_EXCP_ALIGN:    /* Alignment exception                   */
1644             EXCP_DUMP(env, "Unaligned memory access\n");
1645             /* XXX: check this */
1646             info.si_signo = TARGET_SIGBUS;
1647             info.si_errno = 0;
1648             info.si_code = TARGET_BUS_ADRALN;
1649             info._sifields._sigfault._addr = env->nip;
1650             queue_signal(env, info.si_signo, &info);
1651             break;
1652         case POWERPC_EXCP_PROGRAM:  /* Program exception                     */
1653             /* XXX: check this */
1654             switch (env->error_code & ~0xF) {
1655             case POWERPC_EXCP_FP:
1656                 EXCP_DUMP(env, "Floating point program exception\n");
1657                 info.si_signo = TARGET_SIGFPE;
1658                 info.si_errno = 0;
1659                 switch (env->error_code & 0xF) {
1660                 case POWERPC_EXCP_FP_OX:
1661                     info.si_code = TARGET_FPE_FLTOVF;
1662                     break;
1663                 case POWERPC_EXCP_FP_UX:
1664                     info.si_code = TARGET_FPE_FLTUND;
1665                     break;
1666                 case POWERPC_EXCP_FP_ZX:
1667                 case POWERPC_EXCP_FP_VXZDZ:
1668                     info.si_code = TARGET_FPE_FLTDIV;
1669                     break;
1670                 case POWERPC_EXCP_FP_XX:
1671                     info.si_code = TARGET_FPE_FLTRES;
1672                     break;
1673                 case POWERPC_EXCP_FP_VXSOFT:
1674                     info.si_code = TARGET_FPE_FLTINV;
1675                     break;
1676                 case POWERPC_EXCP_FP_VXSNAN:
1677                 case POWERPC_EXCP_FP_VXISI:
1678                 case POWERPC_EXCP_FP_VXIDI:
1679                 case POWERPC_EXCP_FP_VXIMZ:
1680                 case POWERPC_EXCP_FP_VXVC:
1681                 case POWERPC_EXCP_FP_VXSQRT:
1682                 case POWERPC_EXCP_FP_VXCVI:
1683                     info.si_code = TARGET_FPE_FLTSUB;
1684                     break;
1685                 default:
1686                     EXCP_DUMP(env, "Unknown floating point exception (%02x)\n",
1687                               env->error_code);
1688                     break;
1689                 }
1690                 break;
1691             case POWERPC_EXCP_INVAL:
1692                 EXCP_DUMP(env, "Invalid instruction\n");
1693                 info.si_signo = TARGET_SIGILL;
1694                 info.si_errno = 0;
1695                 switch (env->error_code & 0xF) {
1696                 case POWERPC_EXCP_INVAL_INVAL:
1697                     info.si_code = TARGET_ILL_ILLOPC;
1698                     break;
1699                 case POWERPC_EXCP_INVAL_LSWX:
1700                     info.si_code = TARGET_ILL_ILLOPN;
1701                     break;
1702                 case POWERPC_EXCP_INVAL_SPR:
1703                     info.si_code = TARGET_ILL_PRVREG;
1704                     break;
1705                 case POWERPC_EXCP_INVAL_FP:
1706                     info.si_code = TARGET_ILL_COPROC;
1707                     break;
1708                 default:
1709                     EXCP_DUMP(env, "Unknown invalid operation (%02x)\n",
1710                               env->error_code & 0xF);
1711                     info.si_code = TARGET_ILL_ILLADR;
1712                     break;
1713                 }
1714                 break;
1715             case POWERPC_EXCP_PRIV:
1716                 EXCP_DUMP(env, "Privilege violation\n");
1717                 info.si_signo = TARGET_SIGILL;
1718                 info.si_errno = 0;
1719                 switch (env->error_code & 0xF) {
1720                 case POWERPC_EXCP_PRIV_OPC:
1721                     info.si_code = TARGET_ILL_PRVOPC;
1722                     break;
1723                 case POWERPC_EXCP_PRIV_REG:
1724                     info.si_code = TARGET_ILL_PRVREG;
1725                     break;
1726                 default:
1727                     EXCP_DUMP(env, "Unknown privilege violation (%02x)\n",
1728                               env->error_code & 0xF);
1729                     info.si_code = TARGET_ILL_PRVOPC;
1730                     break;
1731                 }
1732                 break;
1733             case POWERPC_EXCP_TRAP:
1734                 cpu_abort(cs, "Tried to call a TRAP\n");
1735                 break;
1736             default:
1737                 /* Should not happen ! */
1738                 cpu_abort(cs, "Unknown program exception (%02x)\n",
1739                           env->error_code);
1740                 break;
1741             }
1742             info._sifields._sigfault._addr = env->nip - 4;
1743             queue_signal(env, info.si_signo, &info);
1744             break;
1745         case POWERPC_EXCP_FPU:      /* Floating-point unavailable exception  */
1746             EXCP_DUMP(env, "No floating point allowed\n");
1747             info.si_signo = TARGET_SIGILL;
1748             info.si_errno = 0;
1749             info.si_code = TARGET_ILL_COPROC;
1750             info._sifields._sigfault._addr = env->nip - 4;
1751             queue_signal(env, info.si_signo, &info);
1752             break;
1753         case POWERPC_EXCP_SYSCALL:  /* System call exception                 */
1754             cpu_abort(cs, "Syscall exception while in user mode. "
1755                       "Aborting\n");
1756             break;
1757         case POWERPC_EXCP_APU:      /* Auxiliary processor unavailable       */
1758             EXCP_DUMP(env, "No APU instruction allowed\n");
1759             info.si_signo = TARGET_SIGILL;
1760             info.si_errno = 0;
1761             info.si_code = TARGET_ILL_COPROC;
1762             info._sifields._sigfault._addr = env->nip - 4;
1763             queue_signal(env, info.si_signo, &info);
1764             break;
1765         case POWERPC_EXCP_DECR:     /* Decrementer exception                 */
1766             cpu_abort(cs, "Decrementer interrupt while in user mode. "
1767                       "Aborting\n");
1768             break;
1769         case POWERPC_EXCP_FIT:      /* Fixed-interval timer interrupt        */
1770             cpu_abort(cs, "Fix interval timer interrupt while in user mode. "
1771                       "Aborting\n");
1772             break;
1773         case POWERPC_EXCP_WDT:      /* Watchdog timer interrupt              */
1774             cpu_abort(cs, "Watchdog timer interrupt while in user mode. "
1775                       "Aborting\n");
1776             break;
1777         case POWERPC_EXCP_DTLB:     /* Data TLB error                        */
1778             cpu_abort(cs, "Data TLB exception while in user mode. "
1779                       "Aborting\n");
1780             break;
1781         case POWERPC_EXCP_ITLB:     /* Instruction TLB error                 */
1782             cpu_abort(cs, "Instruction TLB exception while in user mode. "
1783                       "Aborting\n");
1784             break;
1785         case POWERPC_EXCP_SPEU:     /* SPE/embedded floating-point unavail.  */
1786             EXCP_DUMP(env, "No SPE/floating-point instruction allowed\n");
1787             info.si_signo = TARGET_SIGILL;
1788             info.si_errno = 0;
1789             info.si_code = TARGET_ILL_COPROC;
1790             info._sifields._sigfault._addr = env->nip - 4;
1791             queue_signal(env, info.si_signo, &info);
1792             break;
1793         case POWERPC_EXCP_EFPDI:    /* Embedded floating-point data IRQ      */
1794             cpu_abort(cs, "Embedded floating-point data IRQ not handled\n");
1795             break;
1796         case POWERPC_EXCP_EFPRI:    /* Embedded floating-point round IRQ     */
1797             cpu_abort(cs, "Embedded floating-point round IRQ not handled\n");
1798             break;
1799         case POWERPC_EXCP_EPERFM:   /* Embedded performance monitor IRQ      */
1800             cpu_abort(cs, "Performance monitor exception not handled\n");
1801             break;
1802         case POWERPC_EXCP_DOORI:    /* Embedded doorbell interrupt           */
1803             cpu_abort(cs, "Doorbell interrupt while in user mode. "
1804                        "Aborting\n");
1805             break;
1806         case POWERPC_EXCP_DOORCI:   /* Embedded doorbell critical interrupt  */
1807             cpu_abort(cs, "Doorbell critical interrupt while in user mode. "
1808                       "Aborting\n");
1809             break;
1810         case POWERPC_EXCP_RESET:    /* System reset exception                */
1811             cpu_abort(cs, "Reset interrupt while in user mode. "
1812                       "Aborting\n");
1813             break;
1814         case POWERPC_EXCP_DSEG:     /* Data segment exception                */
1815             cpu_abort(cs, "Data segment exception while in user mode. "
1816                       "Aborting\n");
1817             break;
1818         case POWERPC_EXCP_ISEG:     /* Instruction segment exception         */
1819             cpu_abort(cs, "Instruction segment exception "
1820                       "while in user mode. Aborting\n");
1821             break;
1822         /* PowerPC 64 with hypervisor mode support */
1823         case POWERPC_EXCP_HDECR:    /* Hypervisor decrementer exception      */
1824             cpu_abort(cs, "Hypervisor decrementer interrupt "
1825                       "while in user mode. Aborting\n");
1826             break;
1827         case POWERPC_EXCP_TRACE:    /* Trace exception                       */
1828             /* Nothing to do:
1829              * we use this exception to emulate step-by-step execution mode.
1830              */
1831             break;
1832         /* PowerPC 64 with hypervisor mode support */
1833         case POWERPC_EXCP_HDSI:     /* Hypervisor data storage exception     */
1834             cpu_abort(cs, "Hypervisor data storage exception "
1835                       "while in user mode. Aborting\n");
1836             break;
1837         case POWERPC_EXCP_HISI:     /* Hypervisor instruction storage excp   */
1838             cpu_abort(cs, "Hypervisor instruction storage exception "
1839                       "while in user mode. Aborting\n");
1840             break;
1841         case POWERPC_EXCP_HDSEG:    /* Hypervisor data segment exception     */
1842             cpu_abort(cs, "Hypervisor data segment exception "
1843                       "while in user mode. Aborting\n");
1844             break;
1845         case POWERPC_EXCP_HISEG:    /* Hypervisor instruction segment excp   */
1846             cpu_abort(cs, "Hypervisor instruction segment exception "
1847                       "while in user mode. Aborting\n");
1848             break;
1849         case POWERPC_EXCP_VPU:      /* Vector unavailable exception          */
1850             EXCP_DUMP(env, "No Altivec instructions allowed\n");
1851             info.si_signo = TARGET_SIGILL;
1852             info.si_errno = 0;
1853             info.si_code = TARGET_ILL_COPROC;
1854             info._sifields._sigfault._addr = env->nip - 4;
1855             queue_signal(env, info.si_signo, &info);
1856             break;
1857         case POWERPC_EXCP_PIT:      /* Programmable interval timer IRQ       */
1858             cpu_abort(cs, "Programmable interval timer interrupt "
1859                       "while in user mode. Aborting\n");
1860             break;
1861         case POWERPC_EXCP_IO:       /* IO error exception                    */
1862             cpu_abort(cs, "IO error exception while in user mode. "
1863                       "Aborting\n");
1864             break;
1865         case POWERPC_EXCP_RUNM:     /* Run mode exception                    */
1866             cpu_abort(cs, "Run mode exception while in user mode. "
1867                       "Aborting\n");
1868             break;
1869         case POWERPC_EXCP_EMUL:     /* Emulation trap exception              */
1870             cpu_abort(cs, "Emulation trap exception not handled\n");
1871             break;
1872         case POWERPC_EXCP_IFTLB:    /* Instruction fetch TLB error           */
1873             cpu_abort(cs, "Instruction fetch TLB exception "
1874                       "while in user-mode. Aborting");
1875             break;
1876         case POWERPC_EXCP_DLTLB:    /* Data load TLB miss                    */
1877             cpu_abort(cs, "Data load TLB exception while in user-mode. "
1878                       "Aborting");
1879             break;
1880         case POWERPC_EXCP_DSTLB:    /* Data store TLB miss                   */
1881             cpu_abort(cs, "Data store TLB exception while in user-mode. "
1882                       "Aborting");
1883             break;
1884         case POWERPC_EXCP_FPA:      /* Floating-point assist exception       */
1885             cpu_abort(cs, "Floating-point assist exception not handled\n");
1886             break;
1887         case POWERPC_EXCP_IABR:     /* Instruction address breakpoint        */
1888             cpu_abort(cs, "Instruction address breakpoint exception "
1889                       "not handled\n");
1890             break;
1891         case POWERPC_EXCP_SMI:      /* System management interrupt           */
1892             cpu_abort(cs, "System management interrupt while in user mode. "
1893                       "Aborting\n");
1894             break;
1895         case POWERPC_EXCP_THERM:    /* Thermal interrupt                     */
1896             cpu_abort(cs, "Thermal interrupt interrupt while in user mode. "
1897                       "Aborting\n");
1898             break;
1899         case POWERPC_EXCP_PERFM:   /* Embedded performance monitor IRQ      */
1900             cpu_abort(cs, "Performance monitor exception not handled\n");
1901             break;
1902         case POWERPC_EXCP_VPUA:     /* Vector assist exception               */
1903             cpu_abort(cs, "Vector assist exception not handled\n");
1904             break;
1905         case POWERPC_EXCP_SOFTP:    /* Soft patch exception                  */
1906             cpu_abort(cs, "Soft patch exception not handled\n");
1907             break;
1908         case POWERPC_EXCP_MAINT:    /* Maintenance exception                 */
1909             cpu_abort(cs, "Maintenance exception while in user mode. "
1910                       "Aborting\n");
1911             break;
1912         case POWERPC_EXCP_STOP:     /* stop translation                      */
1913             /* We did invalidate the instruction cache. Go on */
1914             break;
1915         case POWERPC_EXCP_BRANCH:   /* branch instruction:                   */
1916             /* We just stopped because of a branch. Go on */
1917             break;
1918         case POWERPC_EXCP_SYSCALL_USER:
1919             /* system call in user-mode emulation */
1920             /* WARNING:
1921              * PPC ABI uses overflow flag in cr0 to signal an error
1922              * in syscalls.
1923              */
1924             env->crf[0] &= ~0x1;
1925             ret = do_syscall(env, env->gpr[0], env->gpr[3], env->gpr[4],
1926                              env->gpr[5], env->gpr[6], env->gpr[7],
1927                              env->gpr[8], 0, 0);
1928             if (ret == (target_ulong)(-TARGET_QEMU_ESIGRETURN)) {
1929                 /* Returning from a successful sigreturn syscall.
1930                    Avoid corrupting register state.  */
1931                 break;
1932             }
1933             if (ret > (target_ulong)(-515)) {
1934                 env->crf[0] |= 0x1;
1935                 ret = -ret;
1936             }
1937             env->gpr[3] = ret;
1938             break;
1939         case POWERPC_EXCP_STCX:
1940             if (do_store_exclusive(env)) {
1941                 info.si_signo = TARGET_SIGSEGV;
1942                 info.si_errno = 0;
1943                 info.si_code = TARGET_SEGV_MAPERR;
1944                 info._sifields._sigfault._addr = env->nip;
1945                 queue_signal(env, info.si_signo, &info);
1946             }
1947             break;
1948         case EXCP_DEBUG:
1949             {
1950                 int sig;
1951 
1952                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
1953                 if (sig) {
1954                     info.si_signo = sig;
1955                     info.si_errno = 0;
1956                     info.si_code = TARGET_TRAP_BRKPT;
1957                     queue_signal(env, info.si_signo, &info);
1958                   }
1959             }
1960             break;
1961         case EXCP_INTERRUPT:
1962             /* just indicate that signals should be handled asap */
1963             break;
1964         default:
1965             cpu_abort(cs, "Unknown exception 0x%d. Aborting\n", trapnr);
1966             break;
1967         }
1968         process_pending_signals(env);
1969     }
1970 }
1971 #endif
1972 
1973 #ifdef TARGET_MIPS
1974 
1975 # ifdef TARGET_ABI_MIPSO32
1976 #  define MIPS_SYS(name, args) args,
1977 static const uint8_t mips_syscall_args[] = {
1978 	MIPS_SYS(sys_syscall	, 8)	/* 4000 */
1979 	MIPS_SYS(sys_exit	, 1)
1980 	MIPS_SYS(sys_fork	, 0)
1981 	MIPS_SYS(sys_read	, 3)
1982 	MIPS_SYS(sys_write	, 3)
1983 	MIPS_SYS(sys_open	, 3)	/* 4005 */
1984 	MIPS_SYS(sys_close	, 1)
1985 	MIPS_SYS(sys_waitpid	, 3)
1986 	MIPS_SYS(sys_creat	, 2)
1987 	MIPS_SYS(sys_link	, 2)
1988 	MIPS_SYS(sys_unlink	, 1)	/* 4010 */
1989 	MIPS_SYS(sys_execve	, 0)
1990 	MIPS_SYS(sys_chdir	, 1)
1991 	MIPS_SYS(sys_time	, 1)
1992 	MIPS_SYS(sys_mknod	, 3)
1993 	MIPS_SYS(sys_chmod	, 2)	/* 4015 */
1994 	MIPS_SYS(sys_lchown	, 3)
1995 	MIPS_SYS(sys_ni_syscall	, 0)
1996 	MIPS_SYS(sys_ni_syscall	, 0)	/* was sys_stat */
1997 	MIPS_SYS(sys_lseek	, 3)
1998 	MIPS_SYS(sys_getpid	, 0)	/* 4020 */
1999 	MIPS_SYS(sys_mount	, 5)
2000 	MIPS_SYS(sys_umount	, 1)
2001 	MIPS_SYS(sys_setuid	, 1)
2002 	MIPS_SYS(sys_getuid	, 0)
2003 	MIPS_SYS(sys_stime	, 1)	/* 4025 */
2004 	MIPS_SYS(sys_ptrace	, 4)
2005 	MIPS_SYS(sys_alarm	, 1)
2006 	MIPS_SYS(sys_ni_syscall	, 0)	/* was sys_fstat */
2007 	MIPS_SYS(sys_pause	, 0)
2008 	MIPS_SYS(sys_utime	, 2)	/* 4030 */
2009 	MIPS_SYS(sys_ni_syscall	, 0)
2010 	MIPS_SYS(sys_ni_syscall	, 0)
2011 	MIPS_SYS(sys_access	, 2)
2012 	MIPS_SYS(sys_nice	, 1)
2013 	MIPS_SYS(sys_ni_syscall	, 0)	/* 4035 */
2014 	MIPS_SYS(sys_sync	, 0)
2015 	MIPS_SYS(sys_kill	, 2)
2016 	MIPS_SYS(sys_rename	, 2)
2017 	MIPS_SYS(sys_mkdir	, 2)
2018 	MIPS_SYS(sys_rmdir	, 1)	/* 4040 */
2019 	MIPS_SYS(sys_dup		, 1)
2020 	MIPS_SYS(sys_pipe	, 0)
2021 	MIPS_SYS(sys_times	, 1)
2022 	MIPS_SYS(sys_ni_syscall	, 0)
2023 	MIPS_SYS(sys_brk		, 1)	/* 4045 */
2024 	MIPS_SYS(sys_setgid	, 1)
2025 	MIPS_SYS(sys_getgid	, 0)
2026 	MIPS_SYS(sys_ni_syscall	, 0)	/* was signal(2) */
2027 	MIPS_SYS(sys_geteuid	, 0)
2028 	MIPS_SYS(sys_getegid	, 0)	/* 4050 */
2029 	MIPS_SYS(sys_acct	, 0)
2030 	MIPS_SYS(sys_umount2	, 2)
2031 	MIPS_SYS(sys_ni_syscall	, 0)
2032 	MIPS_SYS(sys_ioctl	, 3)
2033 	MIPS_SYS(sys_fcntl	, 3)	/* 4055 */
2034 	MIPS_SYS(sys_ni_syscall	, 2)
2035 	MIPS_SYS(sys_setpgid	, 2)
2036 	MIPS_SYS(sys_ni_syscall	, 0)
2037 	MIPS_SYS(sys_olduname	, 1)
2038 	MIPS_SYS(sys_umask	, 1)	/* 4060 */
2039 	MIPS_SYS(sys_chroot	, 1)
2040 	MIPS_SYS(sys_ustat	, 2)
2041 	MIPS_SYS(sys_dup2	, 2)
2042 	MIPS_SYS(sys_getppid	, 0)
2043 	MIPS_SYS(sys_getpgrp	, 0)	/* 4065 */
2044 	MIPS_SYS(sys_setsid	, 0)
2045 	MIPS_SYS(sys_sigaction	, 3)
2046 	MIPS_SYS(sys_sgetmask	, 0)
2047 	MIPS_SYS(sys_ssetmask	, 1)
2048 	MIPS_SYS(sys_setreuid	, 2)	/* 4070 */
2049 	MIPS_SYS(sys_setregid	, 2)
2050 	MIPS_SYS(sys_sigsuspend	, 0)
2051 	MIPS_SYS(sys_sigpending	, 1)
2052 	MIPS_SYS(sys_sethostname	, 2)
2053 	MIPS_SYS(sys_setrlimit	, 2)	/* 4075 */
2054 	MIPS_SYS(sys_getrlimit	, 2)
2055 	MIPS_SYS(sys_getrusage	, 2)
2056 	MIPS_SYS(sys_gettimeofday, 2)
2057 	MIPS_SYS(sys_settimeofday, 2)
2058 	MIPS_SYS(sys_getgroups	, 2)	/* 4080 */
2059 	MIPS_SYS(sys_setgroups	, 2)
2060 	MIPS_SYS(sys_ni_syscall	, 0)	/* old_select */
2061 	MIPS_SYS(sys_symlink	, 2)
2062 	MIPS_SYS(sys_ni_syscall	, 0)	/* was sys_lstat */
2063 	MIPS_SYS(sys_readlink	, 3)	/* 4085 */
2064 	MIPS_SYS(sys_uselib	, 1)
2065 	MIPS_SYS(sys_swapon	, 2)
2066 	MIPS_SYS(sys_reboot	, 3)
2067 	MIPS_SYS(old_readdir	, 3)
2068 	MIPS_SYS(old_mmap	, 6)	/* 4090 */
2069 	MIPS_SYS(sys_munmap	, 2)
2070 	MIPS_SYS(sys_truncate	, 2)
2071 	MIPS_SYS(sys_ftruncate	, 2)
2072 	MIPS_SYS(sys_fchmod	, 2)
2073 	MIPS_SYS(sys_fchown	, 3)	/* 4095 */
2074 	MIPS_SYS(sys_getpriority	, 2)
2075 	MIPS_SYS(sys_setpriority	, 3)
2076 	MIPS_SYS(sys_ni_syscall	, 0)
2077 	MIPS_SYS(sys_statfs	, 2)
2078 	MIPS_SYS(sys_fstatfs	, 2)	/* 4100 */
2079 	MIPS_SYS(sys_ni_syscall	, 0)	/* was ioperm(2) */
2080 	MIPS_SYS(sys_socketcall	, 2)
2081 	MIPS_SYS(sys_syslog	, 3)
2082 	MIPS_SYS(sys_setitimer	, 3)
2083 	MIPS_SYS(sys_getitimer	, 2)	/* 4105 */
2084 	MIPS_SYS(sys_newstat	, 2)
2085 	MIPS_SYS(sys_newlstat	, 2)
2086 	MIPS_SYS(sys_newfstat	, 2)
2087 	MIPS_SYS(sys_uname	, 1)
2088 	MIPS_SYS(sys_ni_syscall	, 0)	/* 4110 was iopl(2) */
2089 	MIPS_SYS(sys_vhangup	, 0)
2090 	MIPS_SYS(sys_ni_syscall	, 0)	/* was sys_idle() */
2091 	MIPS_SYS(sys_ni_syscall	, 0)	/* was sys_vm86 */
2092 	MIPS_SYS(sys_wait4	, 4)
2093 	MIPS_SYS(sys_swapoff	, 1)	/* 4115 */
2094 	MIPS_SYS(sys_sysinfo	, 1)
2095 	MIPS_SYS(sys_ipc		, 6)
2096 	MIPS_SYS(sys_fsync	, 1)
2097 	MIPS_SYS(sys_sigreturn	, 0)
2098 	MIPS_SYS(sys_clone	, 6)	/* 4120 */
2099 	MIPS_SYS(sys_setdomainname, 2)
2100 	MIPS_SYS(sys_newuname	, 1)
2101 	MIPS_SYS(sys_ni_syscall	, 0)	/* sys_modify_ldt */
2102 	MIPS_SYS(sys_adjtimex	, 1)
2103 	MIPS_SYS(sys_mprotect	, 3)	/* 4125 */
2104 	MIPS_SYS(sys_sigprocmask	, 3)
2105 	MIPS_SYS(sys_ni_syscall	, 0)	/* was create_module */
2106 	MIPS_SYS(sys_init_module	, 5)
2107 	MIPS_SYS(sys_delete_module, 1)
2108 	MIPS_SYS(sys_ni_syscall	, 0)	/* 4130	was get_kernel_syms */
2109 	MIPS_SYS(sys_quotactl	, 0)
2110 	MIPS_SYS(sys_getpgid	, 1)
2111 	MIPS_SYS(sys_fchdir	, 1)
2112 	MIPS_SYS(sys_bdflush	, 2)
2113 	MIPS_SYS(sys_sysfs	, 3)	/* 4135 */
2114 	MIPS_SYS(sys_personality	, 1)
2115 	MIPS_SYS(sys_ni_syscall	, 0)	/* for afs_syscall */
2116 	MIPS_SYS(sys_setfsuid	, 1)
2117 	MIPS_SYS(sys_setfsgid	, 1)
2118 	MIPS_SYS(sys_llseek	, 5)	/* 4140 */
2119 	MIPS_SYS(sys_getdents	, 3)
2120 	MIPS_SYS(sys_select	, 5)
2121 	MIPS_SYS(sys_flock	, 2)
2122 	MIPS_SYS(sys_msync	, 3)
2123 	MIPS_SYS(sys_readv	, 3)	/* 4145 */
2124 	MIPS_SYS(sys_writev	, 3)
2125 	MIPS_SYS(sys_cacheflush	, 3)
2126 	MIPS_SYS(sys_cachectl	, 3)
2127 	MIPS_SYS(sys_sysmips	, 4)
2128 	MIPS_SYS(sys_ni_syscall	, 0)	/* 4150 */
2129 	MIPS_SYS(sys_getsid	, 1)
2130 	MIPS_SYS(sys_fdatasync	, 0)
2131 	MIPS_SYS(sys_sysctl	, 1)
2132 	MIPS_SYS(sys_mlock	, 2)
2133 	MIPS_SYS(sys_munlock	, 2)	/* 4155 */
2134 	MIPS_SYS(sys_mlockall	, 1)
2135 	MIPS_SYS(sys_munlockall	, 0)
2136 	MIPS_SYS(sys_sched_setparam, 2)
2137 	MIPS_SYS(sys_sched_getparam, 2)
2138 	MIPS_SYS(sys_sched_setscheduler, 3)	/* 4160 */
2139 	MIPS_SYS(sys_sched_getscheduler, 1)
2140 	MIPS_SYS(sys_sched_yield	, 0)
2141 	MIPS_SYS(sys_sched_get_priority_max, 1)
2142 	MIPS_SYS(sys_sched_get_priority_min, 1)
2143 	MIPS_SYS(sys_sched_rr_get_interval, 2)	/* 4165 */
2144 	MIPS_SYS(sys_nanosleep,	2)
2145 	MIPS_SYS(sys_mremap	, 5)
2146 	MIPS_SYS(sys_accept	, 3)
2147 	MIPS_SYS(sys_bind	, 3)
2148 	MIPS_SYS(sys_connect	, 3)	/* 4170 */
2149 	MIPS_SYS(sys_getpeername	, 3)
2150 	MIPS_SYS(sys_getsockname	, 3)
2151 	MIPS_SYS(sys_getsockopt	, 5)
2152 	MIPS_SYS(sys_listen	, 2)
2153 	MIPS_SYS(sys_recv	, 4)	/* 4175 */
2154 	MIPS_SYS(sys_recvfrom	, 6)
2155 	MIPS_SYS(sys_recvmsg	, 3)
2156 	MIPS_SYS(sys_send	, 4)
2157 	MIPS_SYS(sys_sendmsg	, 3)
2158 	MIPS_SYS(sys_sendto	, 6)	/* 4180 */
2159 	MIPS_SYS(sys_setsockopt	, 5)
2160 	MIPS_SYS(sys_shutdown	, 2)
2161 	MIPS_SYS(sys_socket	, 3)
2162 	MIPS_SYS(sys_socketpair	, 4)
2163 	MIPS_SYS(sys_setresuid	, 3)	/* 4185 */
2164 	MIPS_SYS(sys_getresuid	, 3)
2165 	MIPS_SYS(sys_ni_syscall	, 0)	/* was sys_query_module */
2166 	MIPS_SYS(sys_poll	, 3)
2167 	MIPS_SYS(sys_nfsservctl	, 3)
2168 	MIPS_SYS(sys_setresgid	, 3)	/* 4190 */
2169 	MIPS_SYS(sys_getresgid	, 3)
2170 	MIPS_SYS(sys_prctl	, 5)
2171 	MIPS_SYS(sys_rt_sigreturn, 0)
2172 	MIPS_SYS(sys_rt_sigaction, 4)
2173 	MIPS_SYS(sys_rt_sigprocmask, 4)	/* 4195 */
2174 	MIPS_SYS(sys_rt_sigpending, 2)
2175 	MIPS_SYS(sys_rt_sigtimedwait, 4)
2176 	MIPS_SYS(sys_rt_sigqueueinfo, 3)
2177 	MIPS_SYS(sys_rt_sigsuspend, 0)
2178 	MIPS_SYS(sys_pread64	, 6)	/* 4200 */
2179 	MIPS_SYS(sys_pwrite64	, 6)
2180 	MIPS_SYS(sys_chown	, 3)
2181 	MIPS_SYS(sys_getcwd	, 2)
2182 	MIPS_SYS(sys_capget	, 2)
2183 	MIPS_SYS(sys_capset	, 2)	/* 4205 */
2184 	MIPS_SYS(sys_sigaltstack	, 2)
2185 	MIPS_SYS(sys_sendfile	, 4)
2186 	MIPS_SYS(sys_ni_syscall	, 0)
2187 	MIPS_SYS(sys_ni_syscall	, 0)
2188 	MIPS_SYS(sys_mmap2	, 6)	/* 4210 */
2189 	MIPS_SYS(sys_truncate64	, 4)
2190 	MIPS_SYS(sys_ftruncate64	, 4)
2191 	MIPS_SYS(sys_stat64	, 2)
2192 	MIPS_SYS(sys_lstat64	, 2)
2193 	MIPS_SYS(sys_fstat64	, 2)	/* 4215 */
2194 	MIPS_SYS(sys_pivot_root	, 2)
2195 	MIPS_SYS(sys_mincore	, 3)
2196 	MIPS_SYS(sys_madvise	, 3)
2197 	MIPS_SYS(sys_getdents64	, 3)
2198 	MIPS_SYS(sys_fcntl64	, 3)	/* 4220 */
2199 	MIPS_SYS(sys_ni_syscall	, 0)
2200 	MIPS_SYS(sys_gettid	, 0)
2201 	MIPS_SYS(sys_readahead	, 5)
2202 	MIPS_SYS(sys_setxattr	, 5)
2203 	MIPS_SYS(sys_lsetxattr	, 5)	/* 4225 */
2204 	MIPS_SYS(sys_fsetxattr	, 5)
2205 	MIPS_SYS(sys_getxattr	, 4)
2206 	MIPS_SYS(sys_lgetxattr	, 4)
2207 	MIPS_SYS(sys_fgetxattr	, 4)
2208 	MIPS_SYS(sys_listxattr	, 3)	/* 4230 */
2209 	MIPS_SYS(sys_llistxattr	, 3)
2210 	MIPS_SYS(sys_flistxattr	, 3)
2211 	MIPS_SYS(sys_removexattr	, 2)
2212 	MIPS_SYS(sys_lremovexattr, 2)
2213 	MIPS_SYS(sys_fremovexattr, 2)	/* 4235 */
2214 	MIPS_SYS(sys_tkill	, 2)
2215 	MIPS_SYS(sys_sendfile64	, 5)
2216 	MIPS_SYS(sys_futex	, 6)
2217 	MIPS_SYS(sys_sched_setaffinity, 3)
2218 	MIPS_SYS(sys_sched_getaffinity, 3)	/* 4240 */
2219 	MIPS_SYS(sys_io_setup	, 2)
2220 	MIPS_SYS(sys_io_destroy	, 1)
2221 	MIPS_SYS(sys_io_getevents, 5)
2222 	MIPS_SYS(sys_io_submit	, 3)
2223 	MIPS_SYS(sys_io_cancel	, 3)	/* 4245 */
2224 	MIPS_SYS(sys_exit_group	, 1)
2225 	MIPS_SYS(sys_lookup_dcookie, 3)
2226 	MIPS_SYS(sys_epoll_create, 1)
2227 	MIPS_SYS(sys_epoll_ctl	, 4)
2228 	MIPS_SYS(sys_epoll_wait	, 3)	/* 4250 */
2229 	MIPS_SYS(sys_remap_file_pages, 5)
2230 	MIPS_SYS(sys_set_tid_address, 1)
2231 	MIPS_SYS(sys_restart_syscall, 0)
2232 	MIPS_SYS(sys_fadvise64_64, 7)
2233 	MIPS_SYS(sys_statfs64	, 3)	/* 4255 */
2234 	MIPS_SYS(sys_fstatfs64	, 2)
2235 	MIPS_SYS(sys_timer_create, 3)
2236 	MIPS_SYS(sys_timer_settime, 4)
2237 	MIPS_SYS(sys_timer_gettime, 2)
2238 	MIPS_SYS(sys_timer_getoverrun, 1)	/* 4260 */
2239 	MIPS_SYS(sys_timer_delete, 1)
2240 	MIPS_SYS(sys_clock_settime, 2)
2241 	MIPS_SYS(sys_clock_gettime, 2)
2242 	MIPS_SYS(sys_clock_getres, 2)
2243 	MIPS_SYS(sys_clock_nanosleep, 4)	/* 4265 */
2244 	MIPS_SYS(sys_tgkill	, 3)
2245 	MIPS_SYS(sys_utimes	, 2)
2246 	MIPS_SYS(sys_mbind	, 4)
2247 	MIPS_SYS(sys_ni_syscall	, 0)	/* sys_get_mempolicy */
2248 	MIPS_SYS(sys_ni_syscall	, 0)	/* 4270 sys_set_mempolicy */
2249 	MIPS_SYS(sys_mq_open	, 4)
2250 	MIPS_SYS(sys_mq_unlink	, 1)
2251 	MIPS_SYS(sys_mq_timedsend, 5)
2252 	MIPS_SYS(sys_mq_timedreceive, 5)
2253 	MIPS_SYS(sys_mq_notify	, 2)	/* 4275 */
2254 	MIPS_SYS(sys_mq_getsetattr, 3)
2255 	MIPS_SYS(sys_ni_syscall	, 0)	/* sys_vserver */
2256 	MIPS_SYS(sys_waitid	, 4)
2257 	MIPS_SYS(sys_ni_syscall	, 0)	/* available, was setaltroot */
2258 	MIPS_SYS(sys_add_key	, 5)
2259 	MIPS_SYS(sys_request_key, 4)
2260 	MIPS_SYS(sys_keyctl	, 5)
2261 	MIPS_SYS(sys_set_thread_area, 1)
2262 	MIPS_SYS(sys_inotify_init, 0)
2263 	MIPS_SYS(sys_inotify_add_watch, 3) /* 4285 */
2264 	MIPS_SYS(sys_inotify_rm_watch, 2)
2265 	MIPS_SYS(sys_migrate_pages, 4)
2266 	MIPS_SYS(sys_openat, 4)
2267 	MIPS_SYS(sys_mkdirat, 3)
2268 	MIPS_SYS(sys_mknodat, 4)	/* 4290 */
2269 	MIPS_SYS(sys_fchownat, 5)
2270 	MIPS_SYS(sys_futimesat, 3)
2271 	MIPS_SYS(sys_fstatat64, 4)
2272 	MIPS_SYS(sys_unlinkat, 3)
2273 	MIPS_SYS(sys_renameat, 4)	/* 4295 */
2274 	MIPS_SYS(sys_linkat, 5)
2275 	MIPS_SYS(sys_symlinkat, 3)
2276 	MIPS_SYS(sys_readlinkat, 4)
2277 	MIPS_SYS(sys_fchmodat, 3)
2278 	MIPS_SYS(sys_faccessat, 3)	/* 4300 */
2279 	MIPS_SYS(sys_pselect6, 6)
2280 	MIPS_SYS(sys_ppoll, 5)
2281 	MIPS_SYS(sys_unshare, 1)
2282 	MIPS_SYS(sys_splice, 6)
2283 	MIPS_SYS(sys_sync_file_range, 7) /* 4305 */
2284 	MIPS_SYS(sys_tee, 4)
2285 	MIPS_SYS(sys_vmsplice, 4)
2286 	MIPS_SYS(sys_move_pages, 6)
2287 	MIPS_SYS(sys_set_robust_list, 2)
2288 	MIPS_SYS(sys_get_robust_list, 3) /* 4310 */
2289 	MIPS_SYS(sys_kexec_load, 4)
2290 	MIPS_SYS(sys_getcpu, 3)
2291 	MIPS_SYS(sys_epoll_pwait, 6)
2292 	MIPS_SYS(sys_ioprio_set, 3)
2293 	MIPS_SYS(sys_ioprio_get, 2)
2294         MIPS_SYS(sys_utimensat, 4)
2295         MIPS_SYS(sys_signalfd, 3)
2296         MIPS_SYS(sys_ni_syscall, 0)     /* was timerfd */
2297         MIPS_SYS(sys_eventfd, 1)
2298         MIPS_SYS(sys_fallocate, 6)      /* 4320 */
2299         MIPS_SYS(sys_timerfd_create, 2)
2300         MIPS_SYS(sys_timerfd_gettime, 2)
2301         MIPS_SYS(sys_timerfd_settime, 4)
2302         MIPS_SYS(sys_signalfd4, 4)
2303         MIPS_SYS(sys_eventfd2, 2)       /* 4325 */
2304         MIPS_SYS(sys_epoll_create1, 1)
2305         MIPS_SYS(sys_dup3, 3)
2306         MIPS_SYS(sys_pipe2, 2)
2307         MIPS_SYS(sys_inotify_init1, 1)
2308         MIPS_SYS(sys_preadv, 6)         /* 4330 */
2309         MIPS_SYS(sys_pwritev, 6)
2310         MIPS_SYS(sys_rt_tgsigqueueinfo, 4)
2311         MIPS_SYS(sys_perf_event_open, 5)
2312         MIPS_SYS(sys_accept4, 4)
2313         MIPS_SYS(sys_recvmmsg, 5)       /* 4335 */
2314         MIPS_SYS(sys_fanotify_init, 2)
2315         MIPS_SYS(sys_fanotify_mark, 6)
2316         MIPS_SYS(sys_prlimit64, 4)
2317         MIPS_SYS(sys_name_to_handle_at, 5)
2318         MIPS_SYS(sys_open_by_handle_at, 3) /* 4340 */
2319         MIPS_SYS(sys_clock_adjtime, 2)
2320         MIPS_SYS(sys_syncfs, 1)
2321 };
2322 #  undef MIPS_SYS
2323 # endif /* O32 */
2324 
2325 static int do_store_exclusive(CPUMIPSState *env)
2326 {
2327     target_ulong addr;
2328     target_ulong page_addr;
2329     target_ulong val;
2330     int flags;
2331     int segv = 0;
2332     int reg;
2333     int d;
2334 
2335     addr = env->lladdr;
2336     page_addr = addr & TARGET_PAGE_MASK;
2337     start_exclusive();
2338     mmap_lock();
2339     flags = page_get_flags(page_addr);
2340     if ((flags & PAGE_READ) == 0) {
2341         segv = 1;
2342     } else {
2343         reg = env->llreg & 0x1f;
2344         d = (env->llreg & 0x20) != 0;
2345         if (d) {
2346             segv = get_user_s64(val, addr);
2347         } else {
2348             segv = get_user_s32(val, addr);
2349         }
2350         if (!segv) {
2351             if (val != env->llval) {
2352                 env->active_tc.gpr[reg] = 0;
2353             } else {
2354                 if (d) {
2355                     segv = put_user_u64(env->llnewval, addr);
2356                 } else {
2357                     segv = put_user_u32(env->llnewval, addr);
2358                 }
2359                 if (!segv) {
2360                     env->active_tc.gpr[reg] = 1;
2361                 }
2362             }
2363         }
2364     }
2365     env->lladdr = -1;
2366     if (!segv) {
2367         env->active_tc.PC += 4;
2368     }
2369     mmap_unlock();
2370     end_exclusive();
2371     return segv;
2372 }
2373 
2374 /* Break codes */
2375 enum {
2376     BRK_OVERFLOW = 6,
2377     BRK_DIVZERO = 7
2378 };
2379 
2380 static int do_break(CPUMIPSState *env, target_siginfo_t *info,
2381                     unsigned int code)
2382 {
2383     int ret = -1;
2384 
2385     switch (code) {
2386     case BRK_OVERFLOW:
2387     case BRK_DIVZERO:
2388         info->si_signo = TARGET_SIGFPE;
2389         info->si_errno = 0;
2390         info->si_code = (code == BRK_OVERFLOW) ? FPE_INTOVF : FPE_INTDIV;
2391         queue_signal(env, info->si_signo, &*info);
2392         ret = 0;
2393         break;
2394     default:
2395         info->si_signo = TARGET_SIGTRAP;
2396         info->si_errno = 0;
2397         queue_signal(env, info->si_signo, &*info);
2398         ret = 0;
2399         break;
2400     }
2401 
2402     return ret;
2403 }
2404 
2405 void cpu_loop(CPUMIPSState *env)
2406 {
2407     CPUState *cs = CPU(mips_env_get_cpu(env));
2408     target_siginfo_t info;
2409     int trapnr;
2410     abi_long ret;
2411 # ifdef TARGET_ABI_MIPSO32
2412     unsigned int syscall_num;
2413 # endif
2414 
2415     for(;;) {
2416         cpu_exec_start(cs);
2417         trapnr = cpu_mips_exec(cs);
2418         cpu_exec_end(cs);
2419         switch(trapnr) {
2420         case EXCP_SYSCALL:
2421             env->active_tc.PC += 4;
2422 # ifdef TARGET_ABI_MIPSO32
2423             syscall_num = env->active_tc.gpr[2] - 4000;
2424             if (syscall_num >= sizeof(mips_syscall_args)) {
2425                 ret = -TARGET_ENOSYS;
2426             } else {
2427                 int nb_args;
2428                 abi_ulong sp_reg;
2429                 abi_ulong arg5 = 0, arg6 = 0, arg7 = 0, arg8 = 0;
2430 
2431                 nb_args = mips_syscall_args[syscall_num];
2432                 sp_reg = env->active_tc.gpr[29];
2433                 switch (nb_args) {
2434                 /* these arguments are taken from the stack */
2435                 case 8:
2436                     if ((ret = get_user_ual(arg8, sp_reg + 28)) != 0) {
2437                         goto done_syscall;
2438                     }
2439                 case 7:
2440                     if ((ret = get_user_ual(arg7, sp_reg + 24)) != 0) {
2441                         goto done_syscall;
2442                     }
2443                 case 6:
2444                     if ((ret = get_user_ual(arg6, sp_reg + 20)) != 0) {
2445                         goto done_syscall;
2446                     }
2447                 case 5:
2448                     if ((ret = get_user_ual(arg5, sp_reg + 16)) != 0) {
2449                         goto done_syscall;
2450                     }
2451                 default:
2452                     break;
2453                 }
2454                 ret = do_syscall(env, env->active_tc.gpr[2],
2455                                  env->active_tc.gpr[4],
2456                                  env->active_tc.gpr[5],
2457                                  env->active_tc.gpr[6],
2458                                  env->active_tc.gpr[7],
2459                                  arg5, arg6, arg7, arg8);
2460             }
2461 done_syscall:
2462 # else
2463             ret = do_syscall(env, env->active_tc.gpr[2],
2464                              env->active_tc.gpr[4], env->active_tc.gpr[5],
2465                              env->active_tc.gpr[6], env->active_tc.gpr[7],
2466                              env->active_tc.gpr[8], env->active_tc.gpr[9],
2467                              env->active_tc.gpr[10], env->active_tc.gpr[11]);
2468 # endif /* O32 */
2469             if (ret == -TARGET_QEMU_ESIGRETURN) {
2470                 /* Returning from a successful sigreturn syscall.
2471                    Avoid clobbering register state.  */
2472                 break;
2473             }
2474             if ((abi_ulong)ret >= (abi_ulong)-1133) {
2475                 env->active_tc.gpr[7] = 1; /* error flag */
2476                 ret = -ret;
2477             } else {
2478                 env->active_tc.gpr[7] = 0; /* error flag */
2479             }
2480             env->active_tc.gpr[2] = ret;
2481             break;
2482         case EXCP_TLBL:
2483         case EXCP_TLBS:
2484         case EXCP_AdEL:
2485         case EXCP_AdES:
2486             info.si_signo = TARGET_SIGSEGV;
2487             info.si_errno = 0;
2488             /* XXX: check env->error_code */
2489             info.si_code = TARGET_SEGV_MAPERR;
2490             info._sifields._sigfault._addr = env->CP0_BadVAddr;
2491             queue_signal(env, info.si_signo, &info);
2492             break;
2493         case EXCP_CpU:
2494         case EXCP_RI:
2495             info.si_signo = TARGET_SIGILL;
2496             info.si_errno = 0;
2497             info.si_code = 0;
2498             queue_signal(env, info.si_signo, &info);
2499             break;
2500         case EXCP_INTERRUPT:
2501             /* just indicate that signals should be handled asap */
2502             break;
2503         case EXCP_DEBUG:
2504             {
2505                 int sig;
2506 
2507                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
2508                 if (sig)
2509                   {
2510                     info.si_signo = sig;
2511                     info.si_errno = 0;
2512                     info.si_code = TARGET_TRAP_BRKPT;
2513                     queue_signal(env, info.si_signo, &info);
2514                   }
2515             }
2516             break;
2517         case EXCP_SC:
2518             if (do_store_exclusive(env)) {
2519                 info.si_signo = TARGET_SIGSEGV;
2520                 info.si_errno = 0;
2521                 info.si_code = TARGET_SEGV_MAPERR;
2522                 info._sifields._sigfault._addr = env->active_tc.PC;
2523                 queue_signal(env, info.si_signo, &info);
2524             }
2525             break;
2526         case EXCP_DSPDIS:
2527             info.si_signo = TARGET_SIGILL;
2528             info.si_errno = 0;
2529             info.si_code = TARGET_ILL_ILLOPC;
2530             queue_signal(env, info.si_signo, &info);
2531             break;
2532         /* The code below was inspired by the MIPS Linux kernel trap
2533          * handling code in arch/mips/kernel/traps.c.
2534          */
2535         case EXCP_BREAK:
2536             {
2537                 abi_ulong trap_instr;
2538                 unsigned int code;
2539 
2540                 if (env->hflags & MIPS_HFLAG_M16) {
2541                     if (env->insn_flags & ASE_MICROMIPS) {
2542                         /* microMIPS mode */
2543                         ret = get_user_u16(trap_instr, env->active_tc.PC);
2544                         if (ret != 0) {
2545                             goto error;
2546                         }
2547 
2548                         if ((trap_instr >> 10) == 0x11) {
2549                             /* 16-bit instruction */
2550                             code = trap_instr & 0xf;
2551                         } else {
2552                             /* 32-bit instruction */
2553                             abi_ulong instr_lo;
2554 
2555                             ret = get_user_u16(instr_lo,
2556                                                env->active_tc.PC + 2);
2557                             if (ret != 0) {
2558                                 goto error;
2559                             }
2560                             trap_instr = (trap_instr << 16) | instr_lo;
2561                             code = ((trap_instr >> 6) & ((1 << 20) - 1));
2562                             /* Unfortunately, microMIPS also suffers from
2563                                the old assembler bug...  */
2564                             if (code >= (1 << 10)) {
2565                                 code >>= 10;
2566                             }
2567                         }
2568                     } else {
2569                         /* MIPS16e mode */
2570                         ret = get_user_u16(trap_instr, env->active_tc.PC);
2571                         if (ret != 0) {
2572                             goto error;
2573                         }
2574                         code = (trap_instr >> 6) & 0x3f;
2575                     }
2576                 } else {
2577                     ret = get_user_u32(trap_instr, env->active_tc.PC);
2578                     if (ret != 0) {
2579                         goto error;
2580                     }
2581 
2582                     /* As described in the original Linux kernel code, the
2583                      * below checks on 'code' are to work around an old
2584                      * assembly bug.
2585                      */
2586                     code = ((trap_instr >> 6) & ((1 << 20) - 1));
2587                     if (code >= (1 << 10)) {
2588                         code >>= 10;
2589                     }
2590                 }
2591 
2592                 if (do_break(env, &info, code) != 0) {
2593                     goto error;
2594                 }
2595             }
2596             break;
2597         case EXCP_TRAP:
2598             {
2599                 abi_ulong trap_instr;
2600                 unsigned int code = 0;
2601 
2602                 if (env->hflags & MIPS_HFLAG_M16) {
2603                     /* microMIPS mode */
2604                     abi_ulong instr[2];
2605 
2606                     ret = get_user_u16(instr[0], env->active_tc.PC) ||
2607                           get_user_u16(instr[1], env->active_tc.PC + 2);
2608 
2609                     trap_instr = (instr[0] << 16) | instr[1];
2610                 } else {
2611                     ret = get_user_u32(trap_instr, env->active_tc.PC);
2612                 }
2613 
2614                 if (ret != 0) {
2615                     goto error;
2616                 }
2617 
2618                 /* The immediate versions don't provide a code.  */
2619                 if (!(trap_instr & 0xFC000000)) {
2620                     if (env->hflags & MIPS_HFLAG_M16) {
2621                         /* microMIPS mode */
2622                         code = ((trap_instr >> 12) & ((1 << 4) - 1));
2623                     } else {
2624                         code = ((trap_instr >> 6) & ((1 << 10) - 1));
2625                     }
2626                 }
2627 
2628                 if (do_break(env, &info, code) != 0) {
2629                     goto error;
2630                 }
2631             }
2632             break;
2633         default:
2634 error:
2635             EXCP_DUMP(env, "qemu: unhandled CPU exception 0x%x - aborting\n", trapnr);
2636             abort();
2637         }
2638         process_pending_signals(env);
2639     }
2640 }
2641 #endif
2642 
2643 #ifdef TARGET_OPENRISC
2644 
2645 void cpu_loop(CPUOpenRISCState *env)
2646 {
2647     CPUState *cs = CPU(openrisc_env_get_cpu(env));
2648     int trapnr, gdbsig;
2649 
2650     for (;;) {
2651         cpu_exec_start(cs);
2652         trapnr = cpu_openrisc_exec(cs);
2653         cpu_exec_end(cs);
2654         gdbsig = 0;
2655 
2656         switch (trapnr) {
2657         case EXCP_RESET:
2658             qemu_log_mask(CPU_LOG_INT, "\nReset request, exit, pc is %#x\n", env->pc);
2659             exit(EXIT_FAILURE);
2660             break;
2661         case EXCP_BUSERR:
2662             qemu_log_mask(CPU_LOG_INT, "\nBus error, exit, pc is %#x\n", env->pc);
2663             gdbsig = TARGET_SIGBUS;
2664             break;
2665         case EXCP_DPF:
2666         case EXCP_IPF:
2667             cpu_dump_state(cs, stderr, fprintf, 0);
2668             gdbsig = TARGET_SIGSEGV;
2669             break;
2670         case EXCP_TICK:
2671             qemu_log_mask(CPU_LOG_INT, "\nTick time interrupt pc is %#x\n", env->pc);
2672             break;
2673         case EXCP_ALIGN:
2674             qemu_log_mask(CPU_LOG_INT, "\nAlignment pc is %#x\n", env->pc);
2675             gdbsig = TARGET_SIGBUS;
2676             break;
2677         case EXCP_ILLEGAL:
2678             qemu_log_mask(CPU_LOG_INT, "\nIllegal instructionpc is %#x\n", env->pc);
2679             gdbsig = TARGET_SIGILL;
2680             break;
2681         case EXCP_INT:
2682             qemu_log_mask(CPU_LOG_INT, "\nExternal interruptpc is %#x\n", env->pc);
2683             break;
2684         case EXCP_DTLBMISS:
2685         case EXCP_ITLBMISS:
2686             qemu_log_mask(CPU_LOG_INT, "\nTLB miss\n");
2687             break;
2688         case EXCP_RANGE:
2689             qemu_log_mask(CPU_LOG_INT, "\nRange\n");
2690             gdbsig = TARGET_SIGSEGV;
2691             break;
2692         case EXCP_SYSCALL:
2693             env->pc += 4;   /* 0xc00; */
2694             env->gpr[11] = do_syscall(env,
2695                                       env->gpr[11], /* return value       */
2696                                       env->gpr[3],  /* r3 - r7 are params */
2697                                       env->gpr[4],
2698                                       env->gpr[5],
2699                                       env->gpr[6],
2700                                       env->gpr[7],
2701                                       env->gpr[8], 0, 0);
2702             break;
2703         case EXCP_FPE:
2704             qemu_log_mask(CPU_LOG_INT, "\nFloating point error\n");
2705             break;
2706         case EXCP_TRAP:
2707             qemu_log_mask(CPU_LOG_INT, "\nTrap\n");
2708             gdbsig = TARGET_SIGTRAP;
2709             break;
2710         case EXCP_NR:
2711             qemu_log_mask(CPU_LOG_INT, "\nNR\n");
2712             break;
2713         default:
2714             EXCP_DUMP(env, "\nqemu: unhandled CPU exception %#x - aborting\n",
2715                      trapnr);
2716             gdbsig = TARGET_SIGILL;
2717             break;
2718         }
2719         if (gdbsig) {
2720             gdb_handlesig(cs, gdbsig);
2721             if (gdbsig != TARGET_SIGTRAP) {
2722                 exit(EXIT_FAILURE);
2723             }
2724         }
2725 
2726         process_pending_signals(env);
2727     }
2728 }
2729 
2730 #endif /* TARGET_OPENRISC */
2731 
2732 #ifdef TARGET_SH4
2733 void cpu_loop(CPUSH4State *env)
2734 {
2735     CPUState *cs = CPU(sh_env_get_cpu(env));
2736     int trapnr, ret;
2737     target_siginfo_t info;
2738 
2739     while (1) {
2740         cpu_exec_start(cs);
2741         trapnr = cpu_sh4_exec(cs);
2742         cpu_exec_end(cs);
2743 
2744         switch (trapnr) {
2745         case 0x160:
2746             env->pc += 2;
2747             ret = do_syscall(env,
2748                              env->gregs[3],
2749                              env->gregs[4],
2750                              env->gregs[5],
2751                              env->gregs[6],
2752                              env->gregs[7],
2753                              env->gregs[0],
2754                              env->gregs[1],
2755                              0, 0);
2756             env->gregs[0] = ret;
2757             break;
2758         case EXCP_INTERRUPT:
2759             /* just indicate that signals should be handled asap */
2760             break;
2761         case EXCP_DEBUG:
2762             {
2763                 int sig;
2764 
2765                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
2766                 if (sig)
2767                   {
2768                     info.si_signo = sig;
2769                     info.si_errno = 0;
2770                     info.si_code = TARGET_TRAP_BRKPT;
2771                     queue_signal(env, info.si_signo, &info);
2772                   }
2773             }
2774             break;
2775 	case 0xa0:
2776 	case 0xc0:
2777             info.si_signo = TARGET_SIGSEGV;
2778             info.si_errno = 0;
2779             info.si_code = TARGET_SEGV_MAPERR;
2780             info._sifields._sigfault._addr = env->tea;
2781             queue_signal(env, info.si_signo, &info);
2782 	    break;
2783 
2784         default:
2785             printf ("Unhandled trap: 0x%x\n", trapnr);
2786             cpu_dump_state(cs, stderr, fprintf, 0);
2787             exit(EXIT_FAILURE);
2788         }
2789         process_pending_signals (env);
2790     }
2791 }
2792 #endif
2793 
2794 #ifdef TARGET_CRIS
2795 void cpu_loop(CPUCRISState *env)
2796 {
2797     CPUState *cs = CPU(cris_env_get_cpu(env));
2798     int trapnr, ret;
2799     target_siginfo_t info;
2800 
2801     while (1) {
2802         cpu_exec_start(cs);
2803         trapnr = cpu_cris_exec(cs);
2804         cpu_exec_end(cs);
2805         switch (trapnr) {
2806         case 0xaa:
2807             {
2808                 info.si_signo = TARGET_SIGSEGV;
2809                 info.si_errno = 0;
2810                 /* XXX: check env->error_code */
2811                 info.si_code = TARGET_SEGV_MAPERR;
2812                 info._sifields._sigfault._addr = env->pregs[PR_EDA];
2813                 queue_signal(env, info.si_signo, &info);
2814             }
2815             break;
2816 	case EXCP_INTERRUPT:
2817 	  /* just indicate that signals should be handled asap */
2818 	  break;
2819         case EXCP_BREAK:
2820             ret = do_syscall(env,
2821                              env->regs[9],
2822                              env->regs[10],
2823                              env->regs[11],
2824                              env->regs[12],
2825                              env->regs[13],
2826                              env->pregs[7],
2827                              env->pregs[11],
2828                              0, 0);
2829             env->regs[10] = ret;
2830             break;
2831         case EXCP_DEBUG:
2832             {
2833                 int sig;
2834 
2835                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
2836                 if (sig)
2837                   {
2838                     info.si_signo = sig;
2839                     info.si_errno = 0;
2840                     info.si_code = TARGET_TRAP_BRKPT;
2841                     queue_signal(env, info.si_signo, &info);
2842                   }
2843             }
2844             break;
2845         default:
2846             printf ("Unhandled trap: 0x%x\n", trapnr);
2847             cpu_dump_state(cs, stderr, fprintf, 0);
2848             exit(EXIT_FAILURE);
2849         }
2850         process_pending_signals (env);
2851     }
2852 }
2853 #endif
2854 
2855 #ifdef TARGET_MICROBLAZE
2856 void cpu_loop(CPUMBState *env)
2857 {
2858     CPUState *cs = CPU(mb_env_get_cpu(env));
2859     int trapnr, ret;
2860     target_siginfo_t info;
2861 
2862     while (1) {
2863         cpu_exec_start(cs);
2864         trapnr = cpu_mb_exec(cs);
2865         cpu_exec_end(cs);
2866         switch (trapnr) {
2867         case 0xaa:
2868             {
2869                 info.si_signo = TARGET_SIGSEGV;
2870                 info.si_errno = 0;
2871                 /* XXX: check env->error_code */
2872                 info.si_code = TARGET_SEGV_MAPERR;
2873                 info._sifields._sigfault._addr = 0;
2874                 queue_signal(env, info.si_signo, &info);
2875             }
2876             break;
2877 	case EXCP_INTERRUPT:
2878 	  /* just indicate that signals should be handled asap */
2879 	  break;
2880         case EXCP_BREAK:
2881             /* Return address is 4 bytes after the call.  */
2882             env->regs[14] += 4;
2883             env->sregs[SR_PC] = env->regs[14];
2884             ret = do_syscall(env,
2885                              env->regs[12],
2886                              env->regs[5],
2887                              env->regs[6],
2888                              env->regs[7],
2889                              env->regs[8],
2890                              env->regs[9],
2891                              env->regs[10],
2892                              0, 0);
2893             env->regs[3] = ret;
2894             break;
2895         case EXCP_HW_EXCP:
2896             env->regs[17] = env->sregs[SR_PC] + 4;
2897             if (env->iflags & D_FLAG) {
2898                 env->sregs[SR_ESR] |= 1 << 12;
2899                 env->sregs[SR_PC] -= 4;
2900                 /* FIXME: if branch was immed, replay the imm as well.  */
2901             }
2902 
2903             env->iflags &= ~(IMM_FLAG | D_FLAG);
2904 
2905             switch (env->sregs[SR_ESR] & 31) {
2906                 case ESR_EC_DIVZERO:
2907                     info.si_signo = TARGET_SIGFPE;
2908                     info.si_errno = 0;
2909                     info.si_code = TARGET_FPE_FLTDIV;
2910                     info._sifields._sigfault._addr = 0;
2911                     queue_signal(env, info.si_signo, &info);
2912                     break;
2913                 case ESR_EC_FPU:
2914                     info.si_signo = TARGET_SIGFPE;
2915                     info.si_errno = 0;
2916                     if (env->sregs[SR_FSR] & FSR_IO) {
2917                         info.si_code = TARGET_FPE_FLTINV;
2918                     }
2919                     if (env->sregs[SR_FSR] & FSR_DZ) {
2920                         info.si_code = TARGET_FPE_FLTDIV;
2921                     }
2922                     info._sifields._sigfault._addr = 0;
2923                     queue_signal(env, info.si_signo, &info);
2924                     break;
2925                 default:
2926                     printf ("Unhandled hw-exception: 0x%x\n",
2927                             env->sregs[SR_ESR] & ESR_EC_MASK);
2928                     cpu_dump_state(cs, stderr, fprintf, 0);
2929                     exit(EXIT_FAILURE);
2930                     break;
2931             }
2932             break;
2933         case EXCP_DEBUG:
2934             {
2935                 int sig;
2936 
2937                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
2938                 if (sig)
2939                   {
2940                     info.si_signo = sig;
2941                     info.si_errno = 0;
2942                     info.si_code = TARGET_TRAP_BRKPT;
2943                     queue_signal(env, info.si_signo, &info);
2944                   }
2945             }
2946             break;
2947         default:
2948             printf ("Unhandled trap: 0x%x\n", trapnr);
2949             cpu_dump_state(cs, stderr, fprintf, 0);
2950             exit(EXIT_FAILURE);
2951         }
2952         process_pending_signals (env);
2953     }
2954 }
2955 #endif
2956 
2957 #ifdef TARGET_M68K
2958 
2959 void cpu_loop(CPUM68KState *env)
2960 {
2961     CPUState *cs = CPU(m68k_env_get_cpu(env));
2962     int trapnr;
2963     unsigned int n;
2964     target_siginfo_t info;
2965     TaskState *ts = cs->opaque;
2966 
2967     for(;;) {
2968         cpu_exec_start(cs);
2969         trapnr = cpu_m68k_exec(cs);
2970         cpu_exec_end(cs);
2971         switch(trapnr) {
2972         case EXCP_ILLEGAL:
2973             {
2974                 if (ts->sim_syscalls) {
2975                     uint16_t nr;
2976                     get_user_u16(nr, env->pc + 2);
2977                     env->pc += 4;
2978                     do_m68k_simcall(env, nr);
2979                 } else {
2980                     goto do_sigill;
2981                 }
2982             }
2983             break;
2984         case EXCP_HALT_INSN:
2985             /* Semihosing syscall.  */
2986             env->pc += 4;
2987             do_m68k_semihosting(env, env->dregs[0]);
2988             break;
2989         case EXCP_LINEA:
2990         case EXCP_LINEF:
2991         case EXCP_UNSUPPORTED:
2992         do_sigill:
2993             info.si_signo = TARGET_SIGILL;
2994             info.si_errno = 0;
2995             info.si_code = TARGET_ILL_ILLOPN;
2996             info._sifields._sigfault._addr = env->pc;
2997             queue_signal(env, info.si_signo, &info);
2998             break;
2999         case EXCP_TRAP0:
3000             {
3001                 ts->sim_syscalls = 0;
3002                 n = env->dregs[0];
3003                 env->pc += 2;
3004                 env->dregs[0] = do_syscall(env,
3005                                           n,
3006                                           env->dregs[1],
3007                                           env->dregs[2],
3008                                           env->dregs[3],
3009                                           env->dregs[4],
3010                                           env->dregs[5],
3011                                           env->aregs[0],
3012                                           0, 0);
3013             }
3014             break;
3015         case EXCP_INTERRUPT:
3016             /* just indicate that signals should be handled asap */
3017             break;
3018         case EXCP_ACCESS:
3019             {
3020                 info.si_signo = TARGET_SIGSEGV;
3021                 info.si_errno = 0;
3022                 /* XXX: check env->error_code */
3023                 info.si_code = TARGET_SEGV_MAPERR;
3024                 info._sifields._sigfault._addr = env->mmu.ar;
3025                 queue_signal(env, info.si_signo, &info);
3026             }
3027             break;
3028         case EXCP_DEBUG:
3029             {
3030                 int sig;
3031 
3032                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
3033                 if (sig)
3034                   {
3035                     info.si_signo = sig;
3036                     info.si_errno = 0;
3037                     info.si_code = TARGET_TRAP_BRKPT;
3038                     queue_signal(env, info.si_signo, &info);
3039                   }
3040             }
3041             break;
3042         default:
3043             EXCP_DUMP(env, "qemu: unhandled CPU exception 0x%x - aborting\n", trapnr);
3044             abort();
3045         }
3046         process_pending_signals(env);
3047     }
3048 }
3049 #endif /* TARGET_M68K */
3050 
3051 #ifdef TARGET_ALPHA
3052 static void do_store_exclusive(CPUAlphaState *env, int reg, int quad)
3053 {
3054     target_ulong addr, val, tmp;
3055     target_siginfo_t info;
3056     int ret = 0;
3057 
3058     addr = env->lock_addr;
3059     tmp = env->lock_st_addr;
3060     env->lock_addr = -1;
3061     env->lock_st_addr = 0;
3062 
3063     start_exclusive();
3064     mmap_lock();
3065 
3066     if (addr == tmp) {
3067         if (quad ? get_user_s64(val, addr) : get_user_s32(val, addr)) {
3068             goto do_sigsegv;
3069         }
3070 
3071         if (val == env->lock_value) {
3072             tmp = env->ir[reg];
3073             if (quad ? put_user_u64(tmp, addr) : put_user_u32(tmp, addr)) {
3074                 goto do_sigsegv;
3075             }
3076             ret = 1;
3077         }
3078     }
3079     env->ir[reg] = ret;
3080     env->pc += 4;
3081 
3082     mmap_unlock();
3083     end_exclusive();
3084     return;
3085 
3086  do_sigsegv:
3087     mmap_unlock();
3088     end_exclusive();
3089 
3090     info.si_signo = TARGET_SIGSEGV;
3091     info.si_errno = 0;
3092     info.si_code = TARGET_SEGV_MAPERR;
3093     info._sifields._sigfault._addr = addr;
3094     queue_signal(env, TARGET_SIGSEGV, &info);
3095 }
3096 
3097 void cpu_loop(CPUAlphaState *env)
3098 {
3099     CPUState *cs = CPU(alpha_env_get_cpu(env));
3100     int trapnr;
3101     target_siginfo_t info;
3102     abi_long sysret;
3103 
3104     while (1) {
3105         cpu_exec_start(cs);
3106         trapnr = cpu_alpha_exec(cs);
3107         cpu_exec_end(cs);
3108 
3109         /* All of the traps imply a transition through PALcode, which
3110            implies an REI instruction has been executed.  Which means
3111            that the intr_flag should be cleared.  */
3112         env->intr_flag = 0;
3113 
3114         switch (trapnr) {
3115         case EXCP_RESET:
3116             fprintf(stderr, "Reset requested. Exit\n");
3117             exit(EXIT_FAILURE);
3118             break;
3119         case EXCP_MCHK:
3120             fprintf(stderr, "Machine check exception. Exit\n");
3121             exit(EXIT_FAILURE);
3122             break;
3123         case EXCP_SMP_INTERRUPT:
3124         case EXCP_CLK_INTERRUPT:
3125         case EXCP_DEV_INTERRUPT:
3126             fprintf(stderr, "External interrupt. Exit\n");
3127             exit(EXIT_FAILURE);
3128             break;
3129         case EXCP_MMFAULT:
3130             env->lock_addr = -1;
3131             info.si_signo = TARGET_SIGSEGV;
3132             info.si_errno = 0;
3133             info.si_code = (page_get_flags(env->trap_arg0) & PAGE_VALID
3134                             ? TARGET_SEGV_ACCERR : TARGET_SEGV_MAPERR);
3135             info._sifields._sigfault._addr = env->trap_arg0;
3136             queue_signal(env, info.si_signo, &info);
3137             break;
3138         case EXCP_UNALIGN:
3139             env->lock_addr = -1;
3140             info.si_signo = TARGET_SIGBUS;
3141             info.si_errno = 0;
3142             info.si_code = TARGET_BUS_ADRALN;
3143             info._sifields._sigfault._addr = env->trap_arg0;
3144             queue_signal(env, info.si_signo, &info);
3145             break;
3146         case EXCP_OPCDEC:
3147         do_sigill:
3148             env->lock_addr = -1;
3149             info.si_signo = TARGET_SIGILL;
3150             info.si_errno = 0;
3151             info.si_code = TARGET_ILL_ILLOPC;
3152             info._sifields._sigfault._addr = env->pc;
3153             queue_signal(env, info.si_signo, &info);
3154             break;
3155         case EXCP_ARITH:
3156             env->lock_addr = -1;
3157             info.si_signo = TARGET_SIGFPE;
3158             info.si_errno = 0;
3159             info.si_code = TARGET_FPE_FLTINV;
3160             info._sifields._sigfault._addr = env->pc;
3161             queue_signal(env, info.si_signo, &info);
3162             break;
3163         case EXCP_FEN:
3164             /* No-op.  Linux simply re-enables the FPU.  */
3165             break;
3166         case EXCP_CALL_PAL:
3167             env->lock_addr = -1;
3168             switch (env->error_code) {
3169             case 0x80:
3170                 /* BPT */
3171                 info.si_signo = TARGET_SIGTRAP;
3172                 info.si_errno = 0;
3173                 info.si_code = TARGET_TRAP_BRKPT;
3174                 info._sifields._sigfault._addr = env->pc;
3175                 queue_signal(env, info.si_signo, &info);
3176                 break;
3177             case 0x81:
3178                 /* BUGCHK */
3179                 info.si_signo = TARGET_SIGTRAP;
3180                 info.si_errno = 0;
3181                 info.si_code = 0;
3182                 info._sifields._sigfault._addr = env->pc;
3183                 queue_signal(env, info.si_signo, &info);
3184                 break;
3185             case 0x83:
3186                 /* CALLSYS */
3187                 trapnr = env->ir[IR_V0];
3188                 sysret = do_syscall(env, trapnr,
3189                                     env->ir[IR_A0], env->ir[IR_A1],
3190                                     env->ir[IR_A2], env->ir[IR_A3],
3191                                     env->ir[IR_A4], env->ir[IR_A5],
3192                                     0, 0);
3193                 if (trapnr == TARGET_NR_sigreturn
3194                     || trapnr == TARGET_NR_rt_sigreturn) {
3195                     break;
3196                 }
3197                 /* Syscall writes 0 to V0 to bypass error check, similar
3198                    to how this is handled internal to Linux kernel.
3199                    (Ab)use trapnr temporarily as boolean indicating error.  */
3200                 trapnr = (env->ir[IR_V0] != 0 && sysret < 0);
3201                 env->ir[IR_V0] = (trapnr ? -sysret : sysret);
3202                 env->ir[IR_A3] = trapnr;
3203                 break;
3204             case 0x86:
3205                 /* IMB */
3206                 /* ??? We can probably elide the code using page_unprotect
3207                    that is checking for self-modifying code.  Instead we
3208                    could simply call tb_flush here.  Until we work out the
3209                    changes required to turn off the extra write protection,
3210                    this can be a no-op.  */
3211                 break;
3212             case 0x9E:
3213                 /* RDUNIQUE */
3214                 /* Handled in the translator for usermode.  */
3215                 abort();
3216             case 0x9F:
3217                 /* WRUNIQUE */
3218                 /* Handled in the translator for usermode.  */
3219                 abort();
3220             case 0xAA:
3221                 /* GENTRAP */
3222                 info.si_signo = TARGET_SIGFPE;
3223                 switch (env->ir[IR_A0]) {
3224                 case TARGET_GEN_INTOVF:
3225                     info.si_code = TARGET_FPE_INTOVF;
3226                     break;
3227                 case TARGET_GEN_INTDIV:
3228                     info.si_code = TARGET_FPE_INTDIV;
3229                     break;
3230                 case TARGET_GEN_FLTOVF:
3231                     info.si_code = TARGET_FPE_FLTOVF;
3232                     break;
3233                 case TARGET_GEN_FLTUND:
3234                     info.si_code = TARGET_FPE_FLTUND;
3235                     break;
3236                 case TARGET_GEN_FLTINV:
3237                     info.si_code = TARGET_FPE_FLTINV;
3238                     break;
3239                 case TARGET_GEN_FLTINE:
3240                     info.si_code = TARGET_FPE_FLTRES;
3241                     break;
3242                 case TARGET_GEN_ROPRAND:
3243                     info.si_code = 0;
3244                     break;
3245                 default:
3246                     info.si_signo = TARGET_SIGTRAP;
3247                     info.si_code = 0;
3248                     break;
3249                 }
3250                 info.si_errno = 0;
3251                 info._sifields._sigfault._addr = env->pc;
3252                 queue_signal(env, info.si_signo, &info);
3253                 break;
3254             default:
3255                 goto do_sigill;
3256             }
3257             break;
3258         case EXCP_DEBUG:
3259             info.si_signo = gdb_handlesig(cs, TARGET_SIGTRAP);
3260             if (info.si_signo) {
3261                 env->lock_addr = -1;
3262                 info.si_errno = 0;
3263                 info.si_code = TARGET_TRAP_BRKPT;
3264                 queue_signal(env, info.si_signo, &info);
3265             }
3266             break;
3267         case EXCP_STL_C:
3268         case EXCP_STQ_C:
3269             do_store_exclusive(env, env->error_code, trapnr - EXCP_STL_C);
3270             break;
3271         case EXCP_INTERRUPT:
3272             /* Just indicate that signals should be handled asap.  */
3273             break;
3274         default:
3275             printf ("Unhandled trap: 0x%x\n", trapnr);
3276             cpu_dump_state(cs, stderr, fprintf, 0);
3277             exit(EXIT_FAILURE);
3278         }
3279         process_pending_signals (env);
3280     }
3281 }
3282 #endif /* TARGET_ALPHA */
3283 
3284 #ifdef TARGET_S390X
3285 void cpu_loop(CPUS390XState *env)
3286 {
3287     CPUState *cs = CPU(s390_env_get_cpu(env));
3288     int trapnr, n, sig;
3289     target_siginfo_t info;
3290     target_ulong addr;
3291 
3292     while (1) {
3293         cpu_exec_start(cs);
3294         trapnr = cpu_s390x_exec(cs);
3295         cpu_exec_end(cs);
3296         switch (trapnr) {
3297         case EXCP_INTERRUPT:
3298             /* Just indicate that signals should be handled asap.  */
3299             break;
3300 
3301         case EXCP_SVC:
3302             n = env->int_svc_code;
3303             if (!n) {
3304                 /* syscalls > 255 */
3305                 n = env->regs[1];
3306             }
3307             env->psw.addr += env->int_svc_ilen;
3308             env->regs[2] = do_syscall(env, n, env->regs[2], env->regs[3],
3309                                       env->regs[4], env->regs[5],
3310                                       env->regs[6], env->regs[7], 0, 0);
3311             break;
3312 
3313         case EXCP_DEBUG:
3314             sig = gdb_handlesig(cs, TARGET_SIGTRAP);
3315             if (sig) {
3316                 n = TARGET_TRAP_BRKPT;
3317                 goto do_signal_pc;
3318             }
3319             break;
3320         case EXCP_PGM:
3321             n = env->int_pgm_code;
3322             switch (n) {
3323             case PGM_OPERATION:
3324             case PGM_PRIVILEGED:
3325                 sig = TARGET_SIGILL;
3326                 n = TARGET_ILL_ILLOPC;
3327                 goto do_signal_pc;
3328             case PGM_PROTECTION:
3329             case PGM_ADDRESSING:
3330                 sig = TARGET_SIGSEGV;
3331                 /* XXX: check env->error_code */
3332                 n = TARGET_SEGV_MAPERR;
3333                 addr = env->__excp_addr;
3334                 goto do_signal;
3335             case PGM_EXECUTE:
3336             case PGM_SPECIFICATION:
3337             case PGM_SPECIAL_OP:
3338             case PGM_OPERAND:
3339             do_sigill_opn:
3340                 sig = TARGET_SIGILL;
3341                 n = TARGET_ILL_ILLOPN;
3342                 goto do_signal_pc;
3343 
3344             case PGM_FIXPT_OVERFLOW:
3345                 sig = TARGET_SIGFPE;
3346                 n = TARGET_FPE_INTOVF;
3347                 goto do_signal_pc;
3348             case PGM_FIXPT_DIVIDE:
3349                 sig = TARGET_SIGFPE;
3350                 n = TARGET_FPE_INTDIV;
3351                 goto do_signal_pc;
3352 
3353             case PGM_DATA:
3354                 n = (env->fpc >> 8) & 0xff;
3355                 if (n == 0xff) {
3356                     /* compare-and-trap */
3357                     goto do_sigill_opn;
3358                 } else {
3359                     /* An IEEE exception, simulated or otherwise.  */
3360                     if (n & 0x80) {
3361                         n = TARGET_FPE_FLTINV;
3362                     } else if (n & 0x40) {
3363                         n = TARGET_FPE_FLTDIV;
3364                     } else if (n & 0x20) {
3365                         n = TARGET_FPE_FLTOVF;
3366                     } else if (n & 0x10) {
3367                         n = TARGET_FPE_FLTUND;
3368                     } else if (n & 0x08) {
3369                         n = TARGET_FPE_FLTRES;
3370                     } else {
3371                         /* ??? Quantum exception; BFP, DFP error.  */
3372                         goto do_sigill_opn;
3373                     }
3374                     sig = TARGET_SIGFPE;
3375                     goto do_signal_pc;
3376                 }
3377 
3378             default:
3379                 fprintf(stderr, "Unhandled program exception: %#x\n", n);
3380                 cpu_dump_state(cs, stderr, fprintf, 0);
3381                 exit(EXIT_FAILURE);
3382             }
3383             break;
3384 
3385         do_signal_pc:
3386             addr = env->psw.addr;
3387         do_signal:
3388             info.si_signo = sig;
3389             info.si_errno = 0;
3390             info.si_code = n;
3391             info._sifields._sigfault._addr = addr;
3392             queue_signal(env, info.si_signo, &info);
3393             break;
3394 
3395         default:
3396             fprintf(stderr, "Unhandled trap: 0x%x\n", trapnr);
3397             cpu_dump_state(cs, stderr, fprintf, 0);
3398             exit(EXIT_FAILURE);
3399         }
3400         process_pending_signals (env);
3401     }
3402 }
3403 
3404 #endif /* TARGET_S390X */
3405 
3406 #ifdef TARGET_TILEGX
3407 
3408 static void gen_sigill_reg(CPUTLGState *env)
3409 {
3410     target_siginfo_t info;
3411 
3412     info.si_signo = TARGET_SIGILL;
3413     info.si_errno = 0;
3414     info.si_code = TARGET_ILL_PRVREG;
3415     info._sifields._sigfault._addr = env->pc;
3416     queue_signal(env, info.si_signo, &info);
3417 }
3418 
3419 static void do_signal(CPUTLGState *env, int signo, int sigcode)
3420 {
3421     target_siginfo_t info;
3422 
3423     info.si_signo = signo;
3424     info.si_errno = 0;
3425     info._sifields._sigfault._addr = env->pc;
3426 
3427     if (signo == TARGET_SIGSEGV) {
3428         /* The passed in sigcode is a dummy; check for a page mapping
3429            and pass either MAPERR or ACCERR.  */
3430         target_ulong addr = env->excaddr;
3431         info._sifields._sigfault._addr = addr;
3432         if (page_check_range(addr, 1, PAGE_VALID) < 0) {
3433             sigcode = TARGET_SEGV_MAPERR;
3434         } else {
3435             sigcode = TARGET_SEGV_ACCERR;
3436         }
3437     }
3438     info.si_code = sigcode;
3439 
3440     queue_signal(env, info.si_signo, &info);
3441 }
3442 
3443 static void gen_sigsegv_maperr(CPUTLGState *env, target_ulong addr)
3444 {
3445     env->excaddr = addr;
3446     do_signal(env, TARGET_SIGSEGV, 0);
3447 }
3448 
3449 static void set_regval(CPUTLGState *env, uint8_t reg, uint64_t val)
3450 {
3451     if (unlikely(reg >= TILEGX_R_COUNT)) {
3452         switch (reg) {
3453         case TILEGX_R_SN:
3454         case TILEGX_R_ZERO:
3455             return;
3456         case TILEGX_R_IDN0:
3457         case TILEGX_R_IDN1:
3458         case TILEGX_R_UDN0:
3459         case TILEGX_R_UDN1:
3460         case TILEGX_R_UDN2:
3461         case TILEGX_R_UDN3:
3462             gen_sigill_reg(env);
3463             return;
3464         default:
3465             g_assert_not_reached();
3466         }
3467     }
3468     env->regs[reg] = val;
3469 }
3470 
3471 /*
3472  * Compare the 8-byte contents of the CmpValue SPR with the 8-byte value in
3473  * memory at the address held in the first source register. If the values are
3474  * not equal, then no memory operation is performed. If the values are equal,
3475  * the 8-byte quantity from the second source register is written into memory
3476  * at the address held in the first source register. In either case, the result
3477  * of the instruction is the value read from memory. The compare and write to
3478  * memory are atomic and thus can be used for synchronization purposes. This
3479  * instruction only operates for addresses aligned to a 8-byte boundary.
3480  * Unaligned memory access causes an Unaligned Data Reference interrupt.
3481  *
3482  * Functional Description (64-bit)
3483  *       uint64_t memVal = memoryReadDoubleWord (rf[SrcA]);
3484  *       rf[Dest] = memVal;
3485  *       if (memVal == SPR[CmpValueSPR])
3486  *           memoryWriteDoubleWord (rf[SrcA], rf[SrcB]);
3487  *
3488  * Functional Description (32-bit)
3489  *       uint64_t memVal = signExtend32 (memoryReadWord (rf[SrcA]));
3490  *       rf[Dest] = memVal;
3491  *       if (memVal == signExtend32 (SPR[CmpValueSPR]))
3492  *           memoryWriteWord (rf[SrcA], rf[SrcB]);
3493  *
3494  *
3495  * This function also processes exch and exch4 which need not process SPR.
3496  */
3497 static void do_exch(CPUTLGState *env, bool quad, bool cmp)
3498 {
3499     target_ulong addr;
3500     target_long val, sprval;
3501 
3502     start_exclusive();
3503 
3504     addr = env->atomic_srca;
3505     if (quad ? get_user_s64(val, addr) : get_user_s32(val, addr)) {
3506         goto sigsegv_maperr;
3507     }
3508 
3509     if (cmp) {
3510         if (quad) {
3511             sprval = env->spregs[TILEGX_SPR_CMPEXCH];
3512         } else {
3513             sprval = sextract64(env->spregs[TILEGX_SPR_CMPEXCH], 0, 32);
3514         }
3515     }
3516 
3517     if (!cmp || val == sprval) {
3518         target_long valb = env->atomic_srcb;
3519         if (quad ? put_user_u64(valb, addr) : put_user_u32(valb, addr)) {
3520             goto sigsegv_maperr;
3521         }
3522     }
3523 
3524     set_regval(env, env->atomic_dstr, val);
3525     end_exclusive();
3526     return;
3527 
3528  sigsegv_maperr:
3529     end_exclusive();
3530     gen_sigsegv_maperr(env, addr);
3531 }
3532 
3533 static void do_fetch(CPUTLGState *env, int trapnr, bool quad)
3534 {
3535     int8_t write = 1;
3536     target_ulong addr;
3537     target_long val, valb;
3538 
3539     start_exclusive();
3540 
3541     addr = env->atomic_srca;
3542     valb = env->atomic_srcb;
3543     if (quad ? get_user_s64(val, addr) : get_user_s32(val, addr)) {
3544         goto sigsegv_maperr;
3545     }
3546 
3547     switch (trapnr) {
3548     case TILEGX_EXCP_OPCODE_FETCHADD:
3549     case TILEGX_EXCP_OPCODE_FETCHADD4:
3550         valb += val;
3551         break;
3552     case TILEGX_EXCP_OPCODE_FETCHADDGEZ:
3553         valb += val;
3554         if (valb < 0) {
3555             write = 0;
3556         }
3557         break;
3558     case TILEGX_EXCP_OPCODE_FETCHADDGEZ4:
3559         valb += val;
3560         if ((int32_t)valb < 0) {
3561             write = 0;
3562         }
3563         break;
3564     case TILEGX_EXCP_OPCODE_FETCHAND:
3565     case TILEGX_EXCP_OPCODE_FETCHAND4:
3566         valb &= val;
3567         break;
3568     case TILEGX_EXCP_OPCODE_FETCHOR:
3569     case TILEGX_EXCP_OPCODE_FETCHOR4:
3570         valb |= val;
3571         break;
3572     default:
3573         g_assert_not_reached();
3574     }
3575 
3576     if (write) {
3577         if (quad ? put_user_u64(valb, addr) : put_user_u32(valb, addr)) {
3578             goto sigsegv_maperr;
3579         }
3580     }
3581 
3582     set_regval(env, env->atomic_dstr, val);
3583     end_exclusive();
3584     return;
3585 
3586  sigsegv_maperr:
3587     end_exclusive();
3588     gen_sigsegv_maperr(env, addr);
3589 }
3590 
3591 void cpu_loop(CPUTLGState *env)
3592 {
3593     CPUState *cs = CPU(tilegx_env_get_cpu(env));
3594     int trapnr;
3595 
3596     while (1) {
3597         cpu_exec_start(cs);
3598         trapnr = cpu_tilegx_exec(cs);
3599         cpu_exec_end(cs);
3600         switch (trapnr) {
3601         case TILEGX_EXCP_SYSCALL:
3602             env->regs[TILEGX_R_RE] = do_syscall(env, env->regs[TILEGX_R_NR],
3603                                                 env->regs[0], env->regs[1],
3604                                                 env->regs[2], env->regs[3],
3605                                                 env->regs[4], env->regs[5],
3606                                                 env->regs[6], env->regs[7]);
3607             env->regs[TILEGX_R_ERR] = TILEGX_IS_ERRNO(env->regs[TILEGX_R_RE])
3608                                                       ? - env->regs[TILEGX_R_RE]
3609                                                       : 0;
3610             break;
3611         case TILEGX_EXCP_OPCODE_EXCH:
3612             do_exch(env, true, false);
3613             break;
3614         case TILEGX_EXCP_OPCODE_EXCH4:
3615             do_exch(env, false, false);
3616             break;
3617         case TILEGX_EXCP_OPCODE_CMPEXCH:
3618             do_exch(env, true, true);
3619             break;
3620         case TILEGX_EXCP_OPCODE_CMPEXCH4:
3621             do_exch(env, false, true);
3622             break;
3623         case TILEGX_EXCP_OPCODE_FETCHADD:
3624         case TILEGX_EXCP_OPCODE_FETCHADDGEZ:
3625         case TILEGX_EXCP_OPCODE_FETCHAND:
3626         case TILEGX_EXCP_OPCODE_FETCHOR:
3627             do_fetch(env, trapnr, true);
3628             break;
3629         case TILEGX_EXCP_OPCODE_FETCHADD4:
3630         case TILEGX_EXCP_OPCODE_FETCHADDGEZ4:
3631         case TILEGX_EXCP_OPCODE_FETCHAND4:
3632         case TILEGX_EXCP_OPCODE_FETCHOR4:
3633             do_fetch(env, trapnr, false);
3634             break;
3635         case TILEGX_EXCP_SIGNAL:
3636             do_signal(env, env->signo, env->sigcode);
3637             break;
3638         case TILEGX_EXCP_REG_IDN_ACCESS:
3639         case TILEGX_EXCP_REG_UDN_ACCESS:
3640             gen_sigill_reg(env);
3641             break;
3642         default:
3643             fprintf(stderr, "trapnr is %d[0x%x].\n", trapnr, trapnr);
3644             g_assert_not_reached();
3645         }
3646         process_pending_signals(env);
3647     }
3648 }
3649 
3650 #endif
3651 
3652 THREAD CPUState *thread_cpu;
3653 
3654 void task_settid(TaskState *ts)
3655 {
3656     if (ts->ts_tid == 0) {
3657         ts->ts_tid = (pid_t)syscall(SYS_gettid);
3658     }
3659 }
3660 
3661 void stop_all_tasks(void)
3662 {
3663     /*
3664      * We trust that when using NPTL, start_exclusive()
3665      * handles thread stopping correctly.
3666      */
3667     start_exclusive();
3668 }
3669 
3670 /* Assumes contents are already zeroed.  */
3671 void init_task_state(TaskState *ts)
3672 {
3673     int i;
3674 
3675     ts->used = 1;
3676     ts->first_free = ts->sigqueue_table;
3677     for (i = 0; i < MAX_SIGQUEUE_SIZE - 1; i++) {
3678         ts->sigqueue_table[i].next = &ts->sigqueue_table[i + 1];
3679     }
3680     ts->sigqueue_table[i].next = NULL;
3681 }
3682 
3683 CPUArchState *cpu_copy(CPUArchState *env)
3684 {
3685     CPUState *cpu = ENV_GET_CPU(env);
3686     CPUState *new_cpu = cpu_init(cpu_model);
3687     CPUArchState *new_env = new_cpu->env_ptr;
3688     CPUBreakpoint *bp;
3689     CPUWatchpoint *wp;
3690 
3691     /* Reset non arch specific state */
3692     cpu_reset(new_cpu);
3693 
3694     memcpy(new_env, env, sizeof(CPUArchState));
3695 
3696     /* Clone all break/watchpoints.
3697        Note: Once we support ptrace with hw-debug register access, make sure
3698        BP_CPU break/watchpoints are handled correctly on clone. */
3699     QTAILQ_INIT(&new_cpu->breakpoints);
3700     QTAILQ_INIT(&new_cpu->watchpoints);
3701     QTAILQ_FOREACH(bp, &cpu->breakpoints, entry) {
3702         cpu_breakpoint_insert(new_cpu, bp->pc, bp->flags, NULL);
3703     }
3704     QTAILQ_FOREACH(wp, &cpu->watchpoints, entry) {
3705         cpu_watchpoint_insert(new_cpu, wp->vaddr, wp->len, wp->flags, NULL);
3706     }
3707 
3708     return new_env;
3709 }
3710 
3711 static void handle_arg_help(const char *arg)
3712 {
3713     usage(EXIT_SUCCESS);
3714 }
3715 
3716 static void handle_arg_log(const char *arg)
3717 {
3718     int mask;
3719 
3720     mask = qemu_str_to_log_mask(arg);
3721     if (!mask) {
3722         qemu_print_log_usage(stdout);
3723         exit(EXIT_FAILURE);
3724     }
3725     qemu_set_log(mask);
3726 }
3727 
3728 static void handle_arg_log_filename(const char *arg)
3729 {
3730     qemu_set_log_filename(arg);
3731 }
3732 
3733 static void handle_arg_set_env(const char *arg)
3734 {
3735     char *r, *p, *token;
3736     r = p = strdup(arg);
3737     while ((token = strsep(&p, ",")) != NULL) {
3738         if (envlist_setenv(envlist, token) != 0) {
3739             usage(EXIT_FAILURE);
3740         }
3741     }
3742     free(r);
3743 }
3744 
3745 static void handle_arg_unset_env(const char *arg)
3746 {
3747     char *r, *p, *token;
3748     r = p = strdup(arg);
3749     while ((token = strsep(&p, ",")) != NULL) {
3750         if (envlist_unsetenv(envlist, token) != 0) {
3751             usage(EXIT_FAILURE);
3752         }
3753     }
3754     free(r);
3755 }
3756 
3757 static void handle_arg_argv0(const char *arg)
3758 {
3759     argv0 = strdup(arg);
3760 }
3761 
3762 static void handle_arg_stack_size(const char *arg)
3763 {
3764     char *p;
3765     guest_stack_size = strtoul(arg, &p, 0);
3766     if (guest_stack_size == 0) {
3767         usage(EXIT_FAILURE);
3768     }
3769 
3770     if (*p == 'M') {
3771         guest_stack_size *= 1024 * 1024;
3772     } else if (*p == 'k' || *p == 'K') {
3773         guest_stack_size *= 1024;
3774     }
3775 }
3776 
3777 static void handle_arg_ld_prefix(const char *arg)
3778 {
3779     interp_prefix = strdup(arg);
3780 }
3781 
3782 static void handle_arg_pagesize(const char *arg)
3783 {
3784     qemu_host_page_size = atoi(arg);
3785     if (qemu_host_page_size == 0 ||
3786         (qemu_host_page_size & (qemu_host_page_size - 1)) != 0) {
3787         fprintf(stderr, "page size must be a power of two\n");
3788         exit(EXIT_FAILURE);
3789     }
3790 }
3791 
3792 static void handle_arg_randseed(const char *arg)
3793 {
3794     unsigned long long seed;
3795 
3796     if (parse_uint_full(arg, &seed, 0) != 0 || seed > UINT_MAX) {
3797         fprintf(stderr, "Invalid seed number: %s\n", arg);
3798         exit(EXIT_FAILURE);
3799     }
3800     srand(seed);
3801 }
3802 
3803 static void handle_arg_gdb(const char *arg)
3804 {
3805     gdbstub_port = atoi(arg);
3806 }
3807 
3808 static void handle_arg_uname(const char *arg)
3809 {
3810     qemu_uname_release = strdup(arg);
3811 }
3812 
3813 static void handle_arg_cpu(const char *arg)
3814 {
3815     cpu_model = strdup(arg);
3816     if (cpu_model == NULL || is_help_option(cpu_model)) {
3817         /* XXX: implement xxx_cpu_list for targets that still miss it */
3818 #if defined(cpu_list)
3819         cpu_list(stdout, &fprintf);
3820 #endif
3821         exit(EXIT_FAILURE);
3822     }
3823 }
3824 
3825 static void handle_arg_guest_base(const char *arg)
3826 {
3827     guest_base = strtol(arg, NULL, 0);
3828     have_guest_base = 1;
3829 }
3830 
3831 static void handle_arg_reserved_va(const char *arg)
3832 {
3833     char *p;
3834     int shift = 0;
3835     reserved_va = strtoul(arg, &p, 0);
3836     switch (*p) {
3837     case 'k':
3838     case 'K':
3839         shift = 10;
3840         break;
3841     case 'M':
3842         shift = 20;
3843         break;
3844     case 'G':
3845         shift = 30;
3846         break;
3847     }
3848     if (shift) {
3849         unsigned long unshifted = reserved_va;
3850         p++;
3851         reserved_va <<= shift;
3852         if (((reserved_va >> shift) != unshifted)
3853 #if HOST_LONG_BITS > TARGET_VIRT_ADDR_SPACE_BITS
3854             || (reserved_va > (1ul << TARGET_VIRT_ADDR_SPACE_BITS))
3855 #endif
3856             ) {
3857             fprintf(stderr, "Reserved virtual address too big\n");
3858             exit(EXIT_FAILURE);
3859         }
3860     }
3861     if (*p) {
3862         fprintf(stderr, "Unrecognised -R size suffix '%s'\n", p);
3863         exit(EXIT_FAILURE);
3864     }
3865 }
3866 
3867 static void handle_arg_singlestep(const char *arg)
3868 {
3869     singlestep = 1;
3870 }
3871 
3872 static void handle_arg_strace(const char *arg)
3873 {
3874     do_strace = 1;
3875 }
3876 
3877 static void handle_arg_version(const char *arg)
3878 {
3879     printf("qemu-" TARGET_NAME " version " QEMU_VERSION QEMU_PKGVERSION
3880            ", Copyright (c) 2003-2008 Fabrice Bellard\n");
3881     exit(EXIT_SUCCESS);
3882 }
3883 
3884 struct qemu_argument {
3885     const char *argv;
3886     const char *env;
3887     bool has_arg;
3888     void (*handle_opt)(const char *arg);
3889     const char *example;
3890     const char *help;
3891 };
3892 
3893 static const struct qemu_argument arg_table[] = {
3894     {"h",          "",                 false, handle_arg_help,
3895      "",           "print this help"},
3896     {"help",       "",                 false, handle_arg_help,
3897      "",           ""},
3898     {"g",          "QEMU_GDB",         true,  handle_arg_gdb,
3899      "port",       "wait gdb connection to 'port'"},
3900     {"L",          "QEMU_LD_PREFIX",   true,  handle_arg_ld_prefix,
3901      "path",       "set the elf interpreter prefix to 'path'"},
3902     {"s",          "QEMU_STACK_SIZE",  true,  handle_arg_stack_size,
3903      "size",       "set the stack size to 'size' bytes"},
3904     {"cpu",        "QEMU_CPU",         true,  handle_arg_cpu,
3905      "model",      "select CPU (-cpu help for list)"},
3906     {"E",          "QEMU_SET_ENV",     true,  handle_arg_set_env,
3907      "var=value",  "sets targets environment variable (see below)"},
3908     {"U",          "QEMU_UNSET_ENV",   true,  handle_arg_unset_env,
3909      "var",        "unsets targets environment variable (see below)"},
3910     {"0",          "QEMU_ARGV0",       true,  handle_arg_argv0,
3911      "argv0",      "forces target process argv[0] to be 'argv0'"},
3912     {"r",          "QEMU_UNAME",       true,  handle_arg_uname,
3913      "uname",      "set qemu uname release string to 'uname'"},
3914     {"B",          "QEMU_GUEST_BASE",  true,  handle_arg_guest_base,
3915      "address",    "set guest_base address to 'address'"},
3916     {"R",          "QEMU_RESERVED_VA", true,  handle_arg_reserved_va,
3917      "size",       "reserve 'size' bytes for guest virtual address space"},
3918     {"d",          "QEMU_LOG",         true,  handle_arg_log,
3919      "item[,...]", "enable logging of specified items "
3920      "(use '-d help' for a list of items)"},
3921     {"D",          "QEMU_LOG_FILENAME", true, handle_arg_log_filename,
3922      "logfile",     "write logs to 'logfile' (default stderr)"},
3923     {"p",          "QEMU_PAGESIZE",    true,  handle_arg_pagesize,
3924      "pagesize",   "set the host page size to 'pagesize'"},
3925     {"singlestep", "QEMU_SINGLESTEP",  false, handle_arg_singlestep,
3926      "",           "run in singlestep mode"},
3927     {"strace",     "QEMU_STRACE",      false, handle_arg_strace,
3928      "",           "log system calls"},
3929     {"seed",       "QEMU_RAND_SEED",   true,  handle_arg_randseed,
3930      "",           "Seed for pseudo-random number generator"},
3931     {"version",    "QEMU_VERSION",     false, handle_arg_version,
3932      "",           "display version information and exit"},
3933     {NULL, NULL, false, NULL, NULL, NULL}
3934 };
3935 
3936 static void usage(int exitcode)
3937 {
3938     const struct qemu_argument *arginfo;
3939     int maxarglen;
3940     int maxenvlen;
3941 
3942     printf("usage: qemu-" TARGET_NAME " [options] program [arguments...]\n"
3943            "Linux CPU emulator (compiled for " TARGET_NAME " emulation)\n"
3944            "\n"
3945            "Options and associated environment variables:\n"
3946            "\n");
3947 
3948     /* Calculate column widths. We must always have at least enough space
3949      * for the column header.
3950      */
3951     maxarglen = strlen("Argument");
3952     maxenvlen = strlen("Env-variable");
3953 
3954     for (arginfo = arg_table; arginfo->handle_opt != NULL; arginfo++) {
3955         int arglen = strlen(arginfo->argv);
3956         if (arginfo->has_arg) {
3957             arglen += strlen(arginfo->example) + 1;
3958         }
3959         if (strlen(arginfo->env) > maxenvlen) {
3960             maxenvlen = strlen(arginfo->env);
3961         }
3962         if (arglen > maxarglen) {
3963             maxarglen = arglen;
3964         }
3965     }
3966 
3967     printf("%-*s %-*s Description\n", maxarglen+1, "Argument",
3968             maxenvlen, "Env-variable");
3969 
3970     for (arginfo = arg_table; arginfo->handle_opt != NULL; arginfo++) {
3971         if (arginfo->has_arg) {
3972             printf("-%s %-*s %-*s %s\n", arginfo->argv,
3973                    (int)(maxarglen - strlen(arginfo->argv) - 1),
3974                    arginfo->example, maxenvlen, arginfo->env, arginfo->help);
3975         } else {
3976             printf("-%-*s %-*s %s\n", maxarglen, arginfo->argv,
3977                     maxenvlen, arginfo->env,
3978                     arginfo->help);
3979         }
3980     }
3981 
3982     printf("\n"
3983            "Defaults:\n"
3984            "QEMU_LD_PREFIX  = %s\n"
3985            "QEMU_STACK_SIZE = %ld byte\n",
3986            interp_prefix,
3987            guest_stack_size);
3988 
3989     printf("\n"
3990            "You can use -E and -U options or the QEMU_SET_ENV and\n"
3991            "QEMU_UNSET_ENV environment variables to set and unset\n"
3992            "environment variables for the target process.\n"
3993            "It is possible to provide several variables by separating them\n"
3994            "by commas in getsubopt(3) style. Additionally it is possible to\n"
3995            "provide the -E and -U options multiple times.\n"
3996            "The following lines are equivalent:\n"
3997            "    -E var1=val2 -E var2=val2 -U LD_PRELOAD -U LD_DEBUG\n"
3998            "    -E var1=val2,var2=val2 -U LD_PRELOAD,LD_DEBUG\n"
3999            "    QEMU_SET_ENV=var1=val2,var2=val2 QEMU_UNSET_ENV=LD_PRELOAD,LD_DEBUG\n"
4000            "Note that if you provide several changes to a single variable\n"
4001            "the last change will stay in effect.\n");
4002 
4003     exit(exitcode);
4004 }
4005 
4006 static int parse_args(int argc, char **argv)
4007 {
4008     const char *r;
4009     int optind;
4010     const struct qemu_argument *arginfo;
4011 
4012     for (arginfo = arg_table; arginfo->handle_opt != NULL; arginfo++) {
4013         if (arginfo->env == NULL) {
4014             continue;
4015         }
4016 
4017         r = getenv(arginfo->env);
4018         if (r != NULL) {
4019             arginfo->handle_opt(r);
4020         }
4021     }
4022 
4023     optind = 1;
4024     for (;;) {
4025         if (optind >= argc) {
4026             break;
4027         }
4028         r = argv[optind];
4029         if (r[0] != '-') {
4030             break;
4031         }
4032         optind++;
4033         r++;
4034         if (!strcmp(r, "-")) {
4035             break;
4036         }
4037         /* Treat --foo the same as -foo.  */
4038         if (r[0] == '-') {
4039             r++;
4040         }
4041 
4042         for (arginfo = arg_table; arginfo->handle_opt != NULL; arginfo++) {
4043             if (!strcmp(r, arginfo->argv)) {
4044                 if (arginfo->has_arg) {
4045                     if (optind >= argc) {
4046                         (void) fprintf(stderr,
4047                             "qemu: missing argument for option '%s'\n", r);
4048                         exit(EXIT_FAILURE);
4049                     }
4050                     arginfo->handle_opt(argv[optind]);
4051                     optind++;
4052                 } else {
4053                     arginfo->handle_opt(NULL);
4054                 }
4055                 break;
4056             }
4057         }
4058 
4059         /* no option matched the current argv */
4060         if (arginfo->handle_opt == NULL) {
4061             (void) fprintf(stderr, "qemu: unknown option '%s'\n", r);
4062             exit(EXIT_FAILURE);
4063         }
4064     }
4065 
4066     if (optind >= argc) {
4067         (void) fprintf(stderr, "qemu: no user program specified\n");
4068         exit(EXIT_FAILURE);
4069     }
4070 
4071     filename = argv[optind];
4072     exec_path = argv[optind];
4073 
4074     return optind;
4075 }
4076 
4077 int main(int argc, char **argv, char **envp)
4078 {
4079     struct target_pt_regs regs1, *regs = &regs1;
4080     struct image_info info1, *info = &info1;
4081     struct linux_binprm bprm;
4082     TaskState *ts;
4083     CPUArchState *env;
4084     CPUState *cpu;
4085     int optind;
4086     char **target_environ, **wrk;
4087     char **target_argv;
4088     int target_argc;
4089     int i;
4090     int ret;
4091     int execfd;
4092 
4093     module_call_init(MODULE_INIT_QOM);
4094 
4095     if ((envlist = envlist_create()) == NULL) {
4096         (void) fprintf(stderr, "Unable to allocate envlist\n");
4097         exit(EXIT_FAILURE);
4098     }
4099 
4100     /* add current environment into the list */
4101     for (wrk = environ; *wrk != NULL; wrk++) {
4102         (void) envlist_setenv(envlist, *wrk);
4103     }
4104 
4105     /* Read the stack limit from the kernel.  If it's "unlimited",
4106        then we can do little else besides use the default.  */
4107     {
4108         struct rlimit lim;
4109         if (getrlimit(RLIMIT_STACK, &lim) == 0
4110             && lim.rlim_cur != RLIM_INFINITY
4111             && lim.rlim_cur == (target_long)lim.rlim_cur) {
4112             guest_stack_size = lim.rlim_cur;
4113         }
4114     }
4115 
4116     cpu_model = NULL;
4117 #if defined(cpudef_setup)
4118     cpudef_setup(); /* parse cpu definitions in target config file (TBD) */
4119 #endif
4120 
4121     srand(time(NULL));
4122 
4123     optind = parse_args(argc, argv);
4124 
4125     /* Zero out regs */
4126     memset(regs, 0, sizeof(struct target_pt_regs));
4127 
4128     /* Zero out image_info */
4129     memset(info, 0, sizeof(struct image_info));
4130 
4131     memset(&bprm, 0, sizeof (bprm));
4132 
4133     /* Scan interp_prefix dir for replacement files. */
4134     init_paths(interp_prefix);
4135 
4136     init_qemu_uname_release();
4137 
4138     if (cpu_model == NULL) {
4139 #if defined(TARGET_I386)
4140 #ifdef TARGET_X86_64
4141         cpu_model = "qemu64";
4142 #else
4143         cpu_model = "qemu32";
4144 #endif
4145 #elif defined(TARGET_ARM)
4146         cpu_model = "any";
4147 #elif defined(TARGET_UNICORE32)
4148         cpu_model = "any";
4149 #elif defined(TARGET_M68K)
4150         cpu_model = "any";
4151 #elif defined(TARGET_SPARC)
4152 #ifdef TARGET_SPARC64
4153         cpu_model = "TI UltraSparc II";
4154 #else
4155         cpu_model = "Fujitsu MB86904";
4156 #endif
4157 #elif defined(TARGET_MIPS)
4158 #if defined(TARGET_ABI_MIPSN32) || defined(TARGET_ABI_MIPSN64)
4159         cpu_model = "5KEf";
4160 #else
4161         cpu_model = "24Kf";
4162 #endif
4163 #elif defined TARGET_OPENRISC
4164         cpu_model = "or1200";
4165 #elif defined(TARGET_PPC)
4166 # ifdef TARGET_PPC64
4167         cpu_model = "POWER7";
4168 # else
4169         cpu_model = "750";
4170 # endif
4171 #elif defined TARGET_SH4
4172         cpu_model = TYPE_SH7785_CPU;
4173 #else
4174         cpu_model = "any";
4175 #endif
4176     }
4177     tcg_exec_init(0);
4178     /* NOTE: we need to init the CPU at this stage to get
4179        qemu_host_page_size */
4180     cpu = cpu_init(cpu_model);
4181     if (!cpu) {
4182         fprintf(stderr, "Unable to find CPU definition\n");
4183         exit(EXIT_FAILURE);
4184     }
4185     env = cpu->env_ptr;
4186     cpu_reset(cpu);
4187 
4188     thread_cpu = cpu;
4189 
4190     if (getenv("QEMU_STRACE")) {
4191         do_strace = 1;
4192     }
4193 
4194     if (getenv("QEMU_RAND_SEED")) {
4195         handle_arg_randseed(getenv("QEMU_RAND_SEED"));
4196     }
4197 
4198     target_environ = envlist_to_environ(envlist, NULL);
4199     envlist_free(envlist);
4200 
4201     /*
4202      * Now that page sizes are configured in cpu_init() we can do
4203      * proper page alignment for guest_base.
4204      */
4205     guest_base = HOST_PAGE_ALIGN(guest_base);
4206 
4207     if (reserved_va || have_guest_base) {
4208         guest_base = init_guest_space(guest_base, reserved_va, 0,
4209                                       have_guest_base);
4210         if (guest_base == (unsigned long)-1) {
4211             fprintf(stderr, "Unable to reserve 0x%lx bytes of virtual address "
4212                     "space for use as guest address space (check your virtual "
4213                     "memory ulimit setting or reserve less using -R option)\n",
4214                     reserved_va);
4215             exit(EXIT_FAILURE);
4216         }
4217 
4218         if (reserved_va) {
4219             mmap_next_start = reserved_va;
4220         }
4221     }
4222 
4223     /*
4224      * Read in mmap_min_addr kernel parameter.  This value is used
4225      * When loading the ELF image to determine whether guest_base
4226      * is needed.  It is also used in mmap_find_vma.
4227      */
4228     {
4229         FILE *fp;
4230 
4231         if ((fp = fopen("/proc/sys/vm/mmap_min_addr", "r")) != NULL) {
4232             unsigned long tmp;
4233             if (fscanf(fp, "%lu", &tmp) == 1) {
4234                 mmap_min_addr = tmp;
4235                 qemu_log_mask(CPU_LOG_PAGE, "host mmap_min_addr=0x%lx\n", mmap_min_addr);
4236             }
4237             fclose(fp);
4238         }
4239     }
4240 
4241     /*
4242      * Prepare copy of argv vector for target.
4243      */
4244     target_argc = argc - optind;
4245     target_argv = calloc(target_argc + 1, sizeof (char *));
4246     if (target_argv == NULL) {
4247 	(void) fprintf(stderr, "Unable to allocate memory for target_argv\n");
4248 	exit(EXIT_FAILURE);
4249     }
4250 
4251     /*
4252      * If argv0 is specified (using '-0' switch) we replace
4253      * argv[0] pointer with the given one.
4254      */
4255     i = 0;
4256     if (argv0 != NULL) {
4257         target_argv[i++] = strdup(argv0);
4258     }
4259     for (; i < target_argc; i++) {
4260         target_argv[i] = strdup(argv[optind + i]);
4261     }
4262     target_argv[target_argc] = NULL;
4263 
4264     ts = g_new0(TaskState, 1);
4265     init_task_state(ts);
4266     /* build Task State */
4267     ts->info = info;
4268     ts->bprm = &bprm;
4269     cpu->opaque = ts;
4270     task_settid(ts);
4271 
4272     execfd = qemu_getauxval(AT_EXECFD);
4273     if (execfd == 0) {
4274         execfd = open(filename, O_RDONLY);
4275         if (execfd < 0) {
4276             printf("Error while loading %s: %s\n", filename, strerror(errno));
4277             _exit(EXIT_FAILURE);
4278         }
4279     }
4280 
4281     ret = loader_exec(execfd, filename, target_argv, target_environ, regs,
4282         info, &bprm);
4283     if (ret != 0) {
4284         printf("Error while loading %s: %s\n", filename, strerror(-ret));
4285         _exit(EXIT_FAILURE);
4286     }
4287 
4288     for (wrk = target_environ; *wrk; wrk++) {
4289         free(*wrk);
4290     }
4291 
4292     free(target_environ);
4293 
4294     if (qemu_loglevel_mask(CPU_LOG_PAGE)) {
4295         qemu_log("guest_base  0x%lx\n", guest_base);
4296         log_page_dump();
4297 
4298         qemu_log("start_brk   0x" TARGET_ABI_FMT_lx "\n", info->start_brk);
4299         qemu_log("end_code    0x" TARGET_ABI_FMT_lx "\n", info->end_code);
4300         qemu_log("start_code  0x" TARGET_ABI_FMT_lx "\n",
4301                  info->start_code);
4302         qemu_log("start_data  0x" TARGET_ABI_FMT_lx "\n",
4303                  info->start_data);
4304         qemu_log("end_data    0x" TARGET_ABI_FMT_lx "\n", info->end_data);
4305         qemu_log("start_stack 0x" TARGET_ABI_FMT_lx "\n",
4306                  info->start_stack);
4307         qemu_log("brk         0x" TARGET_ABI_FMT_lx "\n", info->brk);
4308         qemu_log("entry       0x" TARGET_ABI_FMT_lx "\n", info->entry);
4309     }
4310 
4311     target_set_brk(info->brk);
4312     syscall_init();
4313     signal_init();
4314 
4315     /* Now that we've loaded the binary, GUEST_BASE is fixed.  Delay
4316        generating the prologue until now so that the prologue can take
4317        the real value of GUEST_BASE into account.  */
4318     tcg_prologue_init(&tcg_ctx);
4319 
4320 #if defined(TARGET_I386)
4321     env->cr[0] = CR0_PG_MASK | CR0_WP_MASK | CR0_PE_MASK;
4322     env->hflags |= HF_PE_MASK | HF_CPL_MASK;
4323     if (env->features[FEAT_1_EDX] & CPUID_SSE) {
4324         env->cr[4] |= CR4_OSFXSR_MASK;
4325         env->hflags |= HF_OSFXSR_MASK;
4326     }
4327 #ifndef TARGET_ABI32
4328     /* enable 64 bit mode if possible */
4329     if (!(env->features[FEAT_8000_0001_EDX] & CPUID_EXT2_LM)) {
4330         fprintf(stderr, "The selected x86 CPU does not support 64 bit mode\n");
4331         exit(EXIT_FAILURE);
4332     }
4333     env->cr[4] |= CR4_PAE_MASK;
4334     env->efer |= MSR_EFER_LMA | MSR_EFER_LME;
4335     env->hflags |= HF_LMA_MASK;
4336 #endif
4337 
4338     /* flags setup : we activate the IRQs by default as in user mode */
4339     env->eflags |= IF_MASK;
4340 
4341     /* linux register setup */
4342 #ifndef TARGET_ABI32
4343     env->regs[R_EAX] = regs->rax;
4344     env->regs[R_EBX] = regs->rbx;
4345     env->regs[R_ECX] = regs->rcx;
4346     env->regs[R_EDX] = regs->rdx;
4347     env->regs[R_ESI] = regs->rsi;
4348     env->regs[R_EDI] = regs->rdi;
4349     env->regs[R_EBP] = regs->rbp;
4350     env->regs[R_ESP] = regs->rsp;
4351     env->eip = regs->rip;
4352 #else
4353     env->regs[R_EAX] = regs->eax;
4354     env->regs[R_EBX] = regs->ebx;
4355     env->regs[R_ECX] = regs->ecx;
4356     env->regs[R_EDX] = regs->edx;
4357     env->regs[R_ESI] = regs->esi;
4358     env->regs[R_EDI] = regs->edi;
4359     env->regs[R_EBP] = regs->ebp;
4360     env->regs[R_ESP] = regs->esp;
4361     env->eip = regs->eip;
4362 #endif
4363 
4364     /* linux interrupt setup */
4365 #ifndef TARGET_ABI32
4366     env->idt.limit = 511;
4367 #else
4368     env->idt.limit = 255;
4369 #endif
4370     env->idt.base = target_mmap(0, sizeof(uint64_t) * (env->idt.limit + 1),
4371                                 PROT_READ|PROT_WRITE,
4372                                 MAP_ANONYMOUS|MAP_PRIVATE, -1, 0);
4373     idt_table = g2h(env->idt.base);
4374     set_idt(0, 0);
4375     set_idt(1, 0);
4376     set_idt(2, 0);
4377     set_idt(3, 3);
4378     set_idt(4, 3);
4379     set_idt(5, 0);
4380     set_idt(6, 0);
4381     set_idt(7, 0);
4382     set_idt(8, 0);
4383     set_idt(9, 0);
4384     set_idt(10, 0);
4385     set_idt(11, 0);
4386     set_idt(12, 0);
4387     set_idt(13, 0);
4388     set_idt(14, 0);
4389     set_idt(15, 0);
4390     set_idt(16, 0);
4391     set_idt(17, 0);
4392     set_idt(18, 0);
4393     set_idt(19, 0);
4394     set_idt(0x80, 3);
4395 
4396     /* linux segment setup */
4397     {
4398         uint64_t *gdt_table;
4399         env->gdt.base = target_mmap(0, sizeof(uint64_t) * TARGET_GDT_ENTRIES,
4400                                     PROT_READ|PROT_WRITE,
4401                                     MAP_ANONYMOUS|MAP_PRIVATE, -1, 0);
4402         env->gdt.limit = sizeof(uint64_t) * TARGET_GDT_ENTRIES - 1;
4403         gdt_table = g2h(env->gdt.base);
4404 #ifdef TARGET_ABI32
4405         write_dt(&gdt_table[__USER_CS >> 3], 0, 0xfffff,
4406                  DESC_G_MASK | DESC_B_MASK | DESC_P_MASK | DESC_S_MASK |
4407                  (3 << DESC_DPL_SHIFT) | (0xa << DESC_TYPE_SHIFT));
4408 #else
4409         /* 64 bit code segment */
4410         write_dt(&gdt_table[__USER_CS >> 3], 0, 0xfffff,
4411                  DESC_G_MASK | DESC_B_MASK | DESC_P_MASK | DESC_S_MASK |
4412                  DESC_L_MASK |
4413                  (3 << DESC_DPL_SHIFT) | (0xa << DESC_TYPE_SHIFT));
4414 #endif
4415         write_dt(&gdt_table[__USER_DS >> 3], 0, 0xfffff,
4416                  DESC_G_MASK | DESC_B_MASK | DESC_P_MASK | DESC_S_MASK |
4417                  (3 << DESC_DPL_SHIFT) | (0x2 << DESC_TYPE_SHIFT));
4418     }
4419     cpu_x86_load_seg(env, R_CS, __USER_CS);
4420     cpu_x86_load_seg(env, R_SS, __USER_DS);
4421 #ifdef TARGET_ABI32
4422     cpu_x86_load_seg(env, R_DS, __USER_DS);
4423     cpu_x86_load_seg(env, R_ES, __USER_DS);
4424     cpu_x86_load_seg(env, R_FS, __USER_DS);
4425     cpu_x86_load_seg(env, R_GS, __USER_DS);
4426     /* This hack makes Wine work... */
4427     env->segs[R_FS].selector = 0;
4428 #else
4429     cpu_x86_load_seg(env, R_DS, 0);
4430     cpu_x86_load_seg(env, R_ES, 0);
4431     cpu_x86_load_seg(env, R_FS, 0);
4432     cpu_x86_load_seg(env, R_GS, 0);
4433 #endif
4434 #elif defined(TARGET_AARCH64)
4435     {
4436         int i;
4437 
4438         if (!(arm_feature(env, ARM_FEATURE_AARCH64))) {
4439             fprintf(stderr,
4440                     "The selected ARM CPU does not support 64 bit mode\n");
4441             exit(EXIT_FAILURE);
4442         }
4443 
4444         for (i = 0; i < 31; i++) {
4445             env->xregs[i] = regs->regs[i];
4446         }
4447         env->pc = regs->pc;
4448         env->xregs[31] = regs->sp;
4449     }
4450 #elif defined(TARGET_ARM)
4451     {
4452         int i;
4453         cpsr_write(env, regs->uregs[16], 0xffffffff);
4454         for(i = 0; i < 16; i++) {
4455             env->regs[i] = regs->uregs[i];
4456         }
4457         /* Enable BE8.  */
4458         if (EF_ARM_EABI_VERSION(info->elf_flags) >= EF_ARM_EABI_VER4
4459             && (info->elf_flags & EF_ARM_BE8)) {
4460             env->bswap_code = 1;
4461         }
4462     }
4463 #elif defined(TARGET_UNICORE32)
4464     {
4465         int i;
4466         cpu_asr_write(env, regs->uregs[32], 0xffffffff);
4467         for (i = 0; i < 32; i++) {
4468             env->regs[i] = regs->uregs[i];
4469         }
4470     }
4471 #elif defined(TARGET_SPARC)
4472     {
4473         int i;
4474 	env->pc = regs->pc;
4475 	env->npc = regs->npc;
4476         env->y = regs->y;
4477         for(i = 0; i < 8; i++)
4478             env->gregs[i] = regs->u_regs[i];
4479         for(i = 0; i < 8; i++)
4480             env->regwptr[i] = regs->u_regs[i + 8];
4481     }
4482 #elif defined(TARGET_PPC)
4483     {
4484         int i;
4485 
4486 #if defined(TARGET_PPC64)
4487 #if defined(TARGET_ABI32)
4488         env->msr &= ~((target_ulong)1 << MSR_SF);
4489 #else
4490         env->msr |= (target_ulong)1 << MSR_SF;
4491 #endif
4492 #endif
4493         env->nip = regs->nip;
4494         for(i = 0; i < 32; i++) {
4495             env->gpr[i] = regs->gpr[i];
4496         }
4497     }
4498 #elif defined(TARGET_M68K)
4499     {
4500         env->pc = regs->pc;
4501         env->dregs[0] = regs->d0;
4502         env->dregs[1] = regs->d1;
4503         env->dregs[2] = regs->d2;
4504         env->dregs[3] = regs->d3;
4505         env->dregs[4] = regs->d4;
4506         env->dregs[5] = regs->d5;
4507         env->dregs[6] = regs->d6;
4508         env->dregs[7] = regs->d7;
4509         env->aregs[0] = regs->a0;
4510         env->aregs[1] = regs->a1;
4511         env->aregs[2] = regs->a2;
4512         env->aregs[3] = regs->a3;
4513         env->aregs[4] = regs->a4;
4514         env->aregs[5] = regs->a5;
4515         env->aregs[6] = regs->a6;
4516         env->aregs[7] = regs->usp;
4517         env->sr = regs->sr;
4518         ts->sim_syscalls = 1;
4519     }
4520 #elif defined(TARGET_MICROBLAZE)
4521     {
4522         env->regs[0] = regs->r0;
4523         env->regs[1] = regs->r1;
4524         env->regs[2] = regs->r2;
4525         env->regs[3] = regs->r3;
4526         env->regs[4] = regs->r4;
4527         env->regs[5] = regs->r5;
4528         env->regs[6] = regs->r6;
4529         env->regs[7] = regs->r7;
4530         env->regs[8] = regs->r8;
4531         env->regs[9] = regs->r9;
4532         env->regs[10] = regs->r10;
4533         env->regs[11] = regs->r11;
4534         env->regs[12] = regs->r12;
4535         env->regs[13] = regs->r13;
4536         env->regs[14] = regs->r14;
4537         env->regs[15] = regs->r15;
4538         env->regs[16] = regs->r16;
4539         env->regs[17] = regs->r17;
4540         env->regs[18] = regs->r18;
4541         env->regs[19] = regs->r19;
4542         env->regs[20] = regs->r20;
4543         env->regs[21] = regs->r21;
4544         env->regs[22] = regs->r22;
4545         env->regs[23] = regs->r23;
4546         env->regs[24] = regs->r24;
4547         env->regs[25] = regs->r25;
4548         env->regs[26] = regs->r26;
4549         env->regs[27] = regs->r27;
4550         env->regs[28] = regs->r28;
4551         env->regs[29] = regs->r29;
4552         env->regs[30] = regs->r30;
4553         env->regs[31] = regs->r31;
4554         env->sregs[SR_PC] = regs->pc;
4555     }
4556 #elif defined(TARGET_MIPS)
4557     {
4558         int i;
4559 
4560         for(i = 0; i < 32; i++) {
4561             env->active_tc.gpr[i] = regs->regs[i];
4562         }
4563         env->active_tc.PC = regs->cp0_epc & ~(target_ulong)1;
4564         if (regs->cp0_epc & 1) {
4565             env->hflags |= MIPS_HFLAG_M16;
4566         }
4567     }
4568 #elif defined(TARGET_OPENRISC)
4569     {
4570         int i;
4571 
4572         for (i = 0; i < 32; i++) {
4573             env->gpr[i] = regs->gpr[i];
4574         }
4575 
4576         env->sr = regs->sr;
4577         env->pc = regs->pc;
4578     }
4579 #elif defined(TARGET_SH4)
4580     {
4581         int i;
4582 
4583         for(i = 0; i < 16; i++) {
4584             env->gregs[i] = regs->regs[i];
4585         }
4586         env->pc = regs->pc;
4587     }
4588 #elif defined(TARGET_ALPHA)
4589     {
4590         int i;
4591 
4592         for(i = 0; i < 28; i++) {
4593             env->ir[i] = ((abi_ulong *)regs)[i];
4594         }
4595         env->ir[IR_SP] = regs->usp;
4596         env->pc = regs->pc;
4597     }
4598 #elif defined(TARGET_CRIS)
4599     {
4600 	    env->regs[0] = regs->r0;
4601 	    env->regs[1] = regs->r1;
4602 	    env->regs[2] = regs->r2;
4603 	    env->regs[3] = regs->r3;
4604 	    env->regs[4] = regs->r4;
4605 	    env->regs[5] = regs->r5;
4606 	    env->regs[6] = regs->r6;
4607 	    env->regs[7] = regs->r7;
4608 	    env->regs[8] = regs->r8;
4609 	    env->regs[9] = regs->r9;
4610 	    env->regs[10] = regs->r10;
4611 	    env->regs[11] = regs->r11;
4612 	    env->regs[12] = regs->r12;
4613 	    env->regs[13] = regs->r13;
4614 	    env->regs[14] = info->start_stack;
4615 	    env->regs[15] = regs->acr;
4616 	    env->pc = regs->erp;
4617     }
4618 #elif defined(TARGET_S390X)
4619     {
4620             int i;
4621             for (i = 0; i < 16; i++) {
4622                 env->regs[i] = regs->gprs[i];
4623             }
4624             env->psw.mask = regs->psw.mask;
4625             env->psw.addr = regs->psw.addr;
4626     }
4627 #elif defined(TARGET_TILEGX)
4628     {
4629         int i;
4630         for (i = 0; i < TILEGX_R_COUNT; i++) {
4631             env->regs[i] = regs->regs[i];
4632         }
4633         for (i = 0; i < TILEGX_SPR_COUNT; i++) {
4634             env->spregs[i] = 0;
4635         }
4636         env->pc = regs->pc;
4637     }
4638 #else
4639 #error unsupported target CPU
4640 #endif
4641 
4642 #if defined(TARGET_ARM) || defined(TARGET_M68K) || defined(TARGET_UNICORE32)
4643     ts->stack_base = info->start_stack;
4644     ts->heap_base = info->brk;
4645     /* This will be filled in on the first SYS_HEAPINFO call.  */
4646     ts->heap_limit = 0;
4647 #endif
4648 
4649     if (gdbstub_port) {
4650         if (gdbserver_start(gdbstub_port) < 0) {
4651             fprintf(stderr, "qemu: could not open gdbserver on port %d\n",
4652                     gdbstub_port);
4653             exit(EXIT_FAILURE);
4654         }
4655         gdb_handlesig(cpu, 0);
4656     }
4657     cpu_loop(env);
4658     /* never exits */
4659     return 0;
4660 }
4661