xref: /openbmc/qemu/linux-user/main.c (revision c0bea68f9ea48f0dea7a06a259a613bfd3a7e35e)
1 /*
2  *  qemu user main
3  *
4  *  Copyright (c) 2003-2008 Fabrice Bellard
5  *
6  *  This program is free software; you can redistribute it and/or modify
7  *  it under the terms of the GNU General Public License as published by
8  *  the Free Software Foundation; either version 2 of the License, or
9  *  (at your option) any later version.
10  *
11  *  This program is distributed in the hope that it will be useful,
12  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
13  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14  *  GNU General Public License for more details.
15  *
16  *  You should have received a copy of the GNU General Public License
17  *  along with this program; if not, see <http://www.gnu.org/licenses/>.
18  */
19 #include "qemu/osdep.h"
20 #include <sys/mman.h>
21 #include <sys/syscall.h>
22 #include <sys/resource.h>
23 
24 #include "qemu.h"
25 #include "qemu/path.h"
26 #include "qemu/cutils.h"
27 #include "qemu/help_option.h"
28 #include "cpu.h"
29 #include "exec/exec-all.h"
30 #include "tcg.h"
31 #include "qemu/timer.h"
32 #include "qemu/envlist.h"
33 #include "elf.h"
34 #include "exec/log.h"
35 
36 char *exec_path;
37 
38 int singlestep;
39 static const char *filename;
40 static const char *argv0;
41 static int gdbstub_port;
42 static envlist_t *envlist;
43 static const char *cpu_model;
44 unsigned long mmap_min_addr;
45 unsigned long guest_base;
46 int have_guest_base;
47 
48 #define EXCP_DUMP(env, fmt, ...)                                        \
49 do {                                                                    \
50     CPUState *cs = ENV_GET_CPU(env);                                    \
51     fprintf(stderr, fmt , ## __VA_ARGS__);                              \
52     cpu_dump_state(cs, stderr, fprintf, 0);                             \
53     if (qemu_log_separate()) {                                          \
54         qemu_log(fmt, ## __VA_ARGS__);                                  \
55         log_cpu_state(cs, 0);                                           \
56     }                                                                   \
57 } while (0)
58 
59 #if (TARGET_LONG_BITS == 32) && (HOST_LONG_BITS == 64)
60 /*
61  * When running 32-on-64 we should make sure we can fit all of the possible
62  * guest address space into a contiguous chunk of virtual host memory.
63  *
64  * This way we will never overlap with our own libraries or binaries or stack
65  * or anything else that QEMU maps.
66  */
67 # ifdef TARGET_MIPS
68 /* MIPS only supports 31 bits of virtual address space for user space */
69 unsigned long reserved_va = 0x77000000;
70 # else
71 unsigned long reserved_va = 0xf7000000;
72 # endif
73 #else
74 unsigned long reserved_va;
75 #endif
76 
77 static void usage(int exitcode);
78 
79 static const char *interp_prefix = CONFIG_QEMU_INTERP_PREFIX;
80 const char *qemu_uname_release;
81 
82 /* XXX: on x86 MAP_GROWSDOWN only works if ESP <= address + 32, so
83    we allocate a bigger stack. Need a better solution, for example
84    by remapping the process stack directly at the right place */
85 unsigned long guest_stack_size = 8 * 1024 * 1024UL;
86 
87 void gemu_log(const char *fmt, ...)
88 {
89     va_list ap;
90 
91     va_start(ap, fmt);
92     vfprintf(stderr, fmt, ap);
93     va_end(ap);
94 }
95 
96 #if defined(TARGET_I386)
97 int cpu_get_pic_interrupt(CPUX86State *env)
98 {
99     return -1;
100 }
101 #endif
102 
103 /***********************************************************/
104 /* Helper routines for implementing atomic operations.  */
105 
106 /* To implement exclusive operations we force all cpus to syncronise.
107    We don't require a full sync, only that no cpus are executing guest code.
108    The alternative is to map target atomic ops onto host equivalents,
109    which requires quite a lot of per host/target work.  */
110 static pthread_mutex_t cpu_list_mutex = PTHREAD_MUTEX_INITIALIZER;
111 static pthread_mutex_t exclusive_lock = PTHREAD_MUTEX_INITIALIZER;
112 static pthread_cond_t exclusive_cond = PTHREAD_COND_INITIALIZER;
113 static pthread_cond_t exclusive_resume = PTHREAD_COND_INITIALIZER;
114 static int pending_cpus;
115 
116 /* Make sure everything is in a consistent state for calling fork().  */
117 void fork_start(void)
118 {
119     qemu_mutex_lock(&tcg_ctx.tb_ctx.tb_lock);
120     pthread_mutex_lock(&exclusive_lock);
121     mmap_fork_start();
122 }
123 
124 void fork_end(int child)
125 {
126     mmap_fork_end(child);
127     if (child) {
128         CPUState *cpu, *next_cpu;
129         /* Child processes created by fork() only have a single thread.
130            Discard information about the parent threads.  */
131         CPU_FOREACH_SAFE(cpu, next_cpu) {
132             if (cpu != thread_cpu) {
133                 QTAILQ_REMOVE(&cpus, thread_cpu, node);
134             }
135         }
136         pending_cpus = 0;
137         pthread_mutex_init(&exclusive_lock, NULL);
138         pthread_mutex_init(&cpu_list_mutex, NULL);
139         pthread_cond_init(&exclusive_cond, NULL);
140         pthread_cond_init(&exclusive_resume, NULL);
141         qemu_mutex_init(&tcg_ctx.tb_ctx.tb_lock);
142         gdbserver_fork(thread_cpu);
143     } else {
144         pthread_mutex_unlock(&exclusive_lock);
145         qemu_mutex_unlock(&tcg_ctx.tb_ctx.tb_lock);
146     }
147 }
148 
149 /* Wait for pending exclusive operations to complete.  The exclusive lock
150    must be held.  */
151 static inline void exclusive_idle(void)
152 {
153     while (pending_cpus) {
154         pthread_cond_wait(&exclusive_resume, &exclusive_lock);
155     }
156 }
157 
158 /* Start an exclusive operation.
159    Must only be called from outside cpu_arm_exec.   */
160 static inline void start_exclusive(void)
161 {
162     CPUState *other_cpu;
163 
164     pthread_mutex_lock(&exclusive_lock);
165     exclusive_idle();
166 
167     pending_cpus = 1;
168     /* Make all other cpus stop executing.  */
169     CPU_FOREACH(other_cpu) {
170         if (other_cpu->running) {
171             pending_cpus++;
172             cpu_exit(other_cpu);
173         }
174     }
175     if (pending_cpus > 1) {
176         pthread_cond_wait(&exclusive_cond, &exclusive_lock);
177     }
178 }
179 
180 /* Finish an exclusive operation.  */
181 static inline void __attribute__((unused)) end_exclusive(void)
182 {
183     pending_cpus = 0;
184     pthread_cond_broadcast(&exclusive_resume);
185     pthread_mutex_unlock(&exclusive_lock);
186 }
187 
188 /* Wait for exclusive ops to finish, and begin cpu execution.  */
189 static inline void cpu_exec_start(CPUState *cpu)
190 {
191     pthread_mutex_lock(&exclusive_lock);
192     exclusive_idle();
193     cpu->running = true;
194     pthread_mutex_unlock(&exclusive_lock);
195 }
196 
197 /* Mark cpu as not executing, and release pending exclusive ops.  */
198 static inline void cpu_exec_end(CPUState *cpu)
199 {
200     pthread_mutex_lock(&exclusive_lock);
201     cpu->running = false;
202     if (pending_cpus > 1) {
203         pending_cpus--;
204         if (pending_cpus == 1) {
205             pthread_cond_signal(&exclusive_cond);
206         }
207     }
208     exclusive_idle();
209     pthread_mutex_unlock(&exclusive_lock);
210 }
211 
212 void cpu_list_lock(void)
213 {
214     pthread_mutex_lock(&cpu_list_mutex);
215 }
216 
217 void cpu_list_unlock(void)
218 {
219     pthread_mutex_unlock(&cpu_list_mutex);
220 }
221 
222 
223 #ifdef TARGET_I386
224 /***********************************************************/
225 /* CPUX86 core interface */
226 
227 uint64_t cpu_get_tsc(CPUX86State *env)
228 {
229     return cpu_get_host_ticks();
230 }
231 
232 static void write_dt(void *ptr, unsigned long addr, unsigned long limit,
233                      int flags)
234 {
235     unsigned int e1, e2;
236     uint32_t *p;
237     e1 = (addr << 16) | (limit & 0xffff);
238     e2 = ((addr >> 16) & 0xff) | (addr & 0xff000000) | (limit & 0x000f0000);
239     e2 |= flags;
240     p = ptr;
241     p[0] = tswap32(e1);
242     p[1] = tswap32(e2);
243 }
244 
245 static uint64_t *idt_table;
246 #ifdef TARGET_X86_64
247 static void set_gate64(void *ptr, unsigned int type, unsigned int dpl,
248                        uint64_t addr, unsigned int sel)
249 {
250     uint32_t *p, e1, e2;
251     e1 = (addr & 0xffff) | (sel << 16);
252     e2 = (addr & 0xffff0000) | 0x8000 | (dpl << 13) | (type << 8);
253     p = ptr;
254     p[0] = tswap32(e1);
255     p[1] = tswap32(e2);
256     p[2] = tswap32(addr >> 32);
257     p[3] = 0;
258 }
259 /* only dpl matters as we do only user space emulation */
260 static void set_idt(int n, unsigned int dpl)
261 {
262     set_gate64(idt_table + n * 2, 0, dpl, 0, 0);
263 }
264 #else
265 static void set_gate(void *ptr, unsigned int type, unsigned int dpl,
266                      uint32_t addr, unsigned int sel)
267 {
268     uint32_t *p, e1, e2;
269     e1 = (addr & 0xffff) | (sel << 16);
270     e2 = (addr & 0xffff0000) | 0x8000 | (dpl << 13) | (type << 8);
271     p = ptr;
272     p[0] = tswap32(e1);
273     p[1] = tswap32(e2);
274 }
275 
276 /* only dpl matters as we do only user space emulation */
277 static void set_idt(int n, unsigned int dpl)
278 {
279     set_gate(idt_table + n, 0, dpl, 0, 0);
280 }
281 #endif
282 
283 void cpu_loop(CPUX86State *env)
284 {
285     CPUState *cs = CPU(x86_env_get_cpu(env));
286     int trapnr;
287     abi_ulong pc;
288     abi_ulong ret;
289     target_siginfo_t info;
290 
291     for(;;) {
292         cpu_exec_start(cs);
293         trapnr = cpu_x86_exec(cs);
294         cpu_exec_end(cs);
295         switch(trapnr) {
296         case 0x80:
297             /* linux syscall from int $0x80 */
298             ret = do_syscall(env,
299                              env->regs[R_EAX],
300                              env->regs[R_EBX],
301                              env->regs[R_ECX],
302                              env->regs[R_EDX],
303                              env->regs[R_ESI],
304                              env->regs[R_EDI],
305                              env->regs[R_EBP],
306                              0, 0);
307             if (ret == -TARGET_ERESTARTSYS) {
308                 env->eip -= 2;
309             } else if (ret != -TARGET_QEMU_ESIGRETURN) {
310                 env->regs[R_EAX] = ret;
311             }
312             break;
313 #ifndef TARGET_ABI32
314         case EXCP_SYSCALL:
315             /* linux syscall from syscall instruction */
316             ret = do_syscall(env,
317                              env->regs[R_EAX],
318                              env->regs[R_EDI],
319                              env->regs[R_ESI],
320                              env->regs[R_EDX],
321                              env->regs[10],
322                              env->regs[8],
323                              env->regs[9],
324                              0, 0);
325             if (ret == -TARGET_ERESTARTSYS) {
326                 env->eip -= 2;
327             } else if (ret != -TARGET_QEMU_ESIGRETURN) {
328                 env->regs[R_EAX] = ret;
329             }
330             break;
331 #endif
332         case EXCP0B_NOSEG:
333         case EXCP0C_STACK:
334             info.si_signo = TARGET_SIGBUS;
335             info.si_errno = 0;
336             info.si_code = TARGET_SI_KERNEL;
337             info._sifields._sigfault._addr = 0;
338             queue_signal(env, info.si_signo, &info);
339             break;
340         case EXCP0D_GPF:
341             /* XXX: potential problem if ABI32 */
342 #ifndef TARGET_X86_64
343             if (env->eflags & VM_MASK) {
344                 handle_vm86_fault(env);
345             } else
346 #endif
347             {
348                 info.si_signo = TARGET_SIGSEGV;
349                 info.si_errno = 0;
350                 info.si_code = TARGET_SI_KERNEL;
351                 info._sifields._sigfault._addr = 0;
352                 queue_signal(env, info.si_signo, &info);
353             }
354             break;
355         case EXCP0E_PAGE:
356             info.si_signo = TARGET_SIGSEGV;
357             info.si_errno = 0;
358             if (!(env->error_code & 1))
359                 info.si_code = TARGET_SEGV_MAPERR;
360             else
361                 info.si_code = TARGET_SEGV_ACCERR;
362             info._sifields._sigfault._addr = env->cr[2];
363             queue_signal(env, info.si_signo, &info);
364             break;
365         case EXCP00_DIVZ:
366 #ifndef TARGET_X86_64
367             if (env->eflags & VM_MASK) {
368                 handle_vm86_trap(env, trapnr);
369             } else
370 #endif
371             {
372                 /* division by zero */
373                 info.si_signo = TARGET_SIGFPE;
374                 info.si_errno = 0;
375                 info.si_code = TARGET_FPE_INTDIV;
376                 info._sifields._sigfault._addr = env->eip;
377                 queue_signal(env, info.si_signo, &info);
378             }
379             break;
380         case EXCP01_DB:
381         case EXCP03_INT3:
382 #ifndef TARGET_X86_64
383             if (env->eflags & VM_MASK) {
384                 handle_vm86_trap(env, trapnr);
385             } else
386 #endif
387             {
388                 info.si_signo = TARGET_SIGTRAP;
389                 info.si_errno = 0;
390                 if (trapnr == EXCP01_DB) {
391                     info.si_code = TARGET_TRAP_BRKPT;
392                     info._sifields._sigfault._addr = env->eip;
393                 } else {
394                     info.si_code = TARGET_SI_KERNEL;
395                     info._sifields._sigfault._addr = 0;
396                 }
397                 queue_signal(env, info.si_signo, &info);
398             }
399             break;
400         case EXCP04_INTO:
401         case EXCP05_BOUND:
402 #ifndef TARGET_X86_64
403             if (env->eflags & VM_MASK) {
404                 handle_vm86_trap(env, trapnr);
405             } else
406 #endif
407             {
408                 info.si_signo = TARGET_SIGSEGV;
409                 info.si_errno = 0;
410                 info.si_code = TARGET_SI_KERNEL;
411                 info._sifields._sigfault._addr = 0;
412                 queue_signal(env, info.si_signo, &info);
413             }
414             break;
415         case EXCP06_ILLOP:
416             info.si_signo = TARGET_SIGILL;
417             info.si_errno = 0;
418             info.si_code = TARGET_ILL_ILLOPN;
419             info._sifields._sigfault._addr = env->eip;
420             queue_signal(env, info.si_signo, &info);
421             break;
422         case EXCP_INTERRUPT:
423             /* just indicate that signals should be handled asap */
424             break;
425         case EXCP_DEBUG:
426             {
427                 int sig;
428 
429                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
430                 if (sig)
431                   {
432                     info.si_signo = sig;
433                     info.si_errno = 0;
434                     info.si_code = TARGET_TRAP_BRKPT;
435                     queue_signal(env, info.si_signo, &info);
436                   }
437             }
438             break;
439         default:
440             pc = env->segs[R_CS].base + env->eip;
441             EXCP_DUMP(env, "qemu: 0x%08lx: unhandled CPU exception 0x%x - aborting\n",
442                       (long)pc, trapnr);
443             abort();
444         }
445         process_pending_signals(env);
446     }
447 }
448 #endif
449 
450 #ifdef TARGET_ARM
451 
452 #define get_user_code_u32(x, gaddr, env)                \
453     ({ abi_long __r = get_user_u32((x), (gaddr));       \
454         if (!__r && bswap_code(arm_sctlr_b(env))) {     \
455             (x) = bswap32(x);                           \
456         }                                               \
457         __r;                                            \
458     })
459 
460 #define get_user_code_u16(x, gaddr, env)                \
461     ({ abi_long __r = get_user_u16((x), (gaddr));       \
462         if (!__r && bswap_code(arm_sctlr_b(env))) {     \
463             (x) = bswap16(x);                           \
464         }                                               \
465         __r;                                            \
466     })
467 
468 #define get_user_data_u32(x, gaddr, env)                \
469     ({ abi_long __r = get_user_u32((x), (gaddr));       \
470         if (!__r && arm_cpu_bswap_data(env)) {          \
471             (x) = bswap32(x);                           \
472         }                                               \
473         __r;                                            \
474     })
475 
476 #define get_user_data_u16(x, gaddr, env)                \
477     ({ abi_long __r = get_user_u16((x), (gaddr));       \
478         if (!__r && arm_cpu_bswap_data(env)) {          \
479             (x) = bswap16(x);                           \
480         }                                               \
481         __r;                                            \
482     })
483 
484 #define put_user_data_u32(x, gaddr, env)                \
485     ({ typeof(x) __x = (x);                             \
486         if (arm_cpu_bswap_data(env)) {                  \
487             __x = bswap32(__x);                         \
488         }                                               \
489         put_user_u32(__x, (gaddr));                     \
490     })
491 
492 #define put_user_data_u16(x, gaddr, env)                \
493     ({ typeof(x) __x = (x);                             \
494         if (arm_cpu_bswap_data(env)) {                  \
495             __x = bswap16(__x);                         \
496         }                                               \
497         put_user_u16(__x, (gaddr));                     \
498     })
499 
500 #ifdef TARGET_ABI32
501 /* Commpage handling -- there is no commpage for AArch64 */
502 
503 /*
504  * See the Linux kernel's Documentation/arm/kernel_user_helpers.txt
505  * Input:
506  * r0 = pointer to oldval
507  * r1 = pointer to newval
508  * r2 = pointer to target value
509  *
510  * Output:
511  * r0 = 0 if *ptr was changed, non-0 if no exchange happened
512  * C set if *ptr was changed, clear if no exchange happened
513  *
514  * Note segv's in kernel helpers are a bit tricky, we can set the
515  * data address sensibly but the PC address is just the entry point.
516  */
517 static void arm_kernel_cmpxchg64_helper(CPUARMState *env)
518 {
519     uint64_t oldval, newval, val;
520     uint32_t addr, cpsr;
521     target_siginfo_t info;
522 
523     /* Based on the 32 bit code in do_kernel_trap */
524 
525     /* XXX: This only works between threads, not between processes.
526        It's probably possible to implement this with native host
527        operations. However things like ldrex/strex are much harder so
528        there's not much point trying.  */
529     start_exclusive();
530     cpsr = cpsr_read(env);
531     addr = env->regs[2];
532 
533     if (get_user_u64(oldval, env->regs[0])) {
534         env->exception.vaddress = env->regs[0];
535         goto segv;
536     };
537 
538     if (get_user_u64(newval, env->regs[1])) {
539         env->exception.vaddress = env->regs[1];
540         goto segv;
541     };
542 
543     if (get_user_u64(val, addr)) {
544         env->exception.vaddress = addr;
545         goto segv;
546     }
547 
548     if (val == oldval) {
549         val = newval;
550 
551         if (put_user_u64(val, addr)) {
552             env->exception.vaddress = addr;
553             goto segv;
554         };
555 
556         env->regs[0] = 0;
557         cpsr |= CPSR_C;
558     } else {
559         env->regs[0] = -1;
560         cpsr &= ~CPSR_C;
561     }
562     cpsr_write(env, cpsr, CPSR_C, CPSRWriteByInstr);
563     end_exclusive();
564     return;
565 
566 segv:
567     end_exclusive();
568     /* We get the PC of the entry address - which is as good as anything,
569        on a real kernel what you get depends on which mode it uses. */
570     info.si_signo = TARGET_SIGSEGV;
571     info.si_errno = 0;
572     /* XXX: check env->error_code */
573     info.si_code = TARGET_SEGV_MAPERR;
574     info._sifields._sigfault._addr = env->exception.vaddress;
575     queue_signal(env, info.si_signo, &info);
576 }
577 
578 /* Handle a jump to the kernel code page.  */
579 static int
580 do_kernel_trap(CPUARMState *env)
581 {
582     uint32_t addr;
583     uint32_t cpsr;
584     uint32_t val;
585 
586     switch (env->regs[15]) {
587     case 0xffff0fa0: /* __kernel_memory_barrier */
588         /* ??? No-op. Will need to do better for SMP.  */
589         break;
590     case 0xffff0fc0: /* __kernel_cmpxchg */
591          /* XXX: This only works between threads, not between processes.
592             It's probably possible to implement this with native host
593             operations. However things like ldrex/strex are much harder so
594             there's not much point trying.  */
595         start_exclusive();
596         cpsr = cpsr_read(env);
597         addr = env->regs[2];
598         /* FIXME: This should SEGV if the access fails.  */
599         if (get_user_u32(val, addr))
600             val = ~env->regs[0];
601         if (val == env->regs[0]) {
602             val = env->regs[1];
603             /* FIXME: Check for segfaults.  */
604             put_user_u32(val, addr);
605             env->regs[0] = 0;
606             cpsr |= CPSR_C;
607         } else {
608             env->regs[0] = -1;
609             cpsr &= ~CPSR_C;
610         }
611         cpsr_write(env, cpsr, CPSR_C, CPSRWriteByInstr);
612         end_exclusive();
613         break;
614     case 0xffff0fe0: /* __kernel_get_tls */
615         env->regs[0] = cpu_get_tls(env);
616         break;
617     case 0xffff0f60: /* __kernel_cmpxchg64 */
618         arm_kernel_cmpxchg64_helper(env);
619         break;
620 
621     default:
622         return 1;
623     }
624     /* Jump back to the caller.  */
625     addr = env->regs[14];
626     if (addr & 1) {
627         env->thumb = 1;
628         addr &= ~1;
629     }
630     env->regs[15] = addr;
631 
632     return 0;
633 }
634 
635 /* Store exclusive handling for AArch32 */
636 static int do_strex(CPUARMState *env)
637 {
638     uint64_t val;
639     int size;
640     int rc = 1;
641     int segv = 0;
642     uint32_t addr;
643     start_exclusive();
644     if (env->exclusive_addr != env->exclusive_test) {
645         goto fail;
646     }
647     /* We know we're always AArch32 so the address is in uint32_t range
648      * unless it was the -1 exclusive-monitor-lost value (which won't
649      * match exclusive_test above).
650      */
651     assert(extract64(env->exclusive_addr, 32, 32) == 0);
652     addr = env->exclusive_addr;
653     size = env->exclusive_info & 0xf;
654     switch (size) {
655     case 0:
656         segv = get_user_u8(val, addr);
657         break;
658     case 1:
659         segv = get_user_data_u16(val, addr, env);
660         break;
661     case 2:
662     case 3:
663         segv = get_user_data_u32(val, addr, env);
664         break;
665     default:
666         abort();
667     }
668     if (segv) {
669         env->exception.vaddress = addr;
670         goto done;
671     }
672     if (size == 3) {
673         uint32_t valhi;
674         segv = get_user_data_u32(valhi, addr + 4, env);
675         if (segv) {
676             env->exception.vaddress = addr + 4;
677             goto done;
678         }
679         if (arm_cpu_bswap_data(env)) {
680             val = deposit64((uint64_t)valhi, 32, 32, val);
681         } else {
682             val = deposit64(val, 32, 32, valhi);
683         }
684     }
685     if (val != env->exclusive_val) {
686         goto fail;
687     }
688 
689     val = env->regs[(env->exclusive_info >> 8) & 0xf];
690     switch (size) {
691     case 0:
692         segv = put_user_u8(val, addr);
693         break;
694     case 1:
695         segv = put_user_data_u16(val, addr, env);
696         break;
697     case 2:
698     case 3:
699         segv = put_user_data_u32(val, addr, env);
700         break;
701     }
702     if (segv) {
703         env->exception.vaddress = addr;
704         goto done;
705     }
706     if (size == 3) {
707         val = env->regs[(env->exclusive_info >> 12) & 0xf];
708         segv = put_user_data_u32(val, addr + 4, env);
709         if (segv) {
710             env->exception.vaddress = addr + 4;
711             goto done;
712         }
713     }
714     rc = 0;
715 fail:
716     env->regs[15] += 4;
717     env->regs[(env->exclusive_info >> 4) & 0xf] = rc;
718 done:
719     end_exclusive();
720     return segv;
721 }
722 
723 void cpu_loop(CPUARMState *env)
724 {
725     CPUState *cs = CPU(arm_env_get_cpu(env));
726     int trapnr;
727     unsigned int n, insn;
728     target_siginfo_t info;
729     uint32_t addr;
730     abi_ulong ret;
731 
732     for(;;) {
733         cpu_exec_start(cs);
734         trapnr = cpu_arm_exec(cs);
735         cpu_exec_end(cs);
736         switch(trapnr) {
737         case EXCP_UDEF:
738             {
739                 TaskState *ts = cs->opaque;
740                 uint32_t opcode;
741                 int rc;
742 
743                 /* we handle the FPU emulation here, as Linux */
744                 /* we get the opcode */
745                 /* FIXME - what to do if get_user() fails? */
746                 get_user_code_u32(opcode, env->regs[15], env);
747 
748                 rc = EmulateAll(opcode, &ts->fpa, env);
749                 if (rc == 0) { /* illegal instruction */
750                     info.si_signo = TARGET_SIGILL;
751                     info.si_errno = 0;
752                     info.si_code = TARGET_ILL_ILLOPN;
753                     info._sifields._sigfault._addr = env->regs[15];
754                     queue_signal(env, info.si_signo, &info);
755                 } else if (rc < 0) { /* FP exception */
756                     int arm_fpe=0;
757 
758                     /* translate softfloat flags to FPSR flags */
759                     if (-rc & float_flag_invalid)
760                       arm_fpe |= BIT_IOC;
761                     if (-rc & float_flag_divbyzero)
762                       arm_fpe |= BIT_DZC;
763                     if (-rc & float_flag_overflow)
764                       arm_fpe |= BIT_OFC;
765                     if (-rc & float_flag_underflow)
766                       arm_fpe |= BIT_UFC;
767                     if (-rc & float_flag_inexact)
768                       arm_fpe |= BIT_IXC;
769 
770                     FPSR fpsr = ts->fpa.fpsr;
771                     //printf("fpsr 0x%x, arm_fpe 0x%x\n",fpsr,arm_fpe);
772 
773                     if (fpsr & (arm_fpe << 16)) { /* exception enabled? */
774                       info.si_signo = TARGET_SIGFPE;
775                       info.si_errno = 0;
776 
777                       /* ordered by priority, least first */
778                       if (arm_fpe & BIT_IXC) info.si_code = TARGET_FPE_FLTRES;
779                       if (arm_fpe & BIT_UFC) info.si_code = TARGET_FPE_FLTUND;
780                       if (arm_fpe & BIT_OFC) info.si_code = TARGET_FPE_FLTOVF;
781                       if (arm_fpe & BIT_DZC) info.si_code = TARGET_FPE_FLTDIV;
782                       if (arm_fpe & BIT_IOC) info.si_code = TARGET_FPE_FLTINV;
783 
784                       info._sifields._sigfault._addr = env->regs[15];
785                       queue_signal(env, info.si_signo, &info);
786                     } else {
787                       env->regs[15] += 4;
788                     }
789 
790                     /* accumulate unenabled exceptions */
791                     if ((!(fpsr & BIT_IXE)) && (arm_fpe & BIT_IXC))
792                       fpsr |= BIT_IXC;
793                     if ((!(fpsr & BIT_UFE)) && (arm_fpe & BIT_UFC))
794                       fpsr |= BIT_UFC;
795                     if ((!(fpsr & BIT_OFE)) && (arm_fpe & BIT_OFC))
796                       fpsr |= BIT_OFC;
797                     if ((!(fpsr & BIT_DZE)) && (arm_fpe & BIT_DZC))
798                       fpsr |= BIT_DZC;
799                     if ((!(fpsr & BIT_IOE)) && (arm_fpe & BIT_IOC))
800                       fpsr |= BIT_IOC;
801                     ts->fpa.fpsr=fpsr;
802                 } else { /* everything OK */
803                     /* increment PC */
804                     env->regs[15] += 4;
805                 }
806             }
807             break;
808         case EXCP_SWI:
809         case EXCP_BKPT:
810             {
811                 env->eabi = 1;
812                 /* system call */
813                 if (trapnr == EXCP_BKPT) {
814                     if (env->thumb) {
815                         /* FIXME - what to do if get_user() fails? */
816                         get_user_code_u16(insn, env->regs[15], env);
817                         n = insn & 0xff;
818                         env->regs[15] += 2;
819                     } else {
820                         /* FIXME - what to do if get_user() fails? */
821                         get_user_code_u32(insn, env->regs[15], env);
822                         n = (insn & 0xf) | ((insn >> 4) & 0xff0);
823                         env->regs[15] += 4;
824                     }
825                 } else {
826                     if (env->thumb) {
827                         /* FIXME - what to do if get_user() fails? */
828                         get_user_code_u16(insn, env->regs[15] - 2, env);
829                         n = insn & 0xff;
830                     } else {
831                         /* FIXME - what to do if get_user() fails? */
832                         get_user_code_u32(insn, env->regs[15] - 4, env);
833                         n = insn & 0xffffff;
834                     }
835                 }
836 
837                 if (n == ARM_NR_cacheflush) {
838                     /* nop */
839                 } else if (n == ARM_NR_semihosting
840                            || n == ARM_NR_thumb_semihosting) {
841                     env->regs[0] = do_arm_semihosting (env);
842                 } else if (n == 0 || n >= ARM_SYSCALL_BASE || env->thumb) {
843                     /* linux syscall */
844                     if (env->thumb || n == 0) {
845                         n = env->regs[7];
846                     } else {
847                         n -= ARM_SYSCALL_BASE;
848                         env->eabi = 0;
849                     }
850                     if ( n > ARM_NR_BASE) {
851                         switch (n) {
852                         case ARM_NR_cacheflush:
853                             /* nop */
854                             break;
855                         case ARM_NR_set_tls:
856                             cpu_set_tls(env, env->regs[0]);
857                             env->regs[0] = 0;
858                             break;
859                         case ARM_NR_breakpoint:
860                             env->regs[15] -= env->thumb ? 2 : 4;
861                             goto excp_debug;
862                         default:
863                             gemu_log("qemu: Unsupported ARM syscall: 0x%x\n",
864                                      n);
865                             env->regs[0] = -TARGET_ENOSYS;
866                             break;
867                         }
868                     } else {
869                         ret = do_syscall(env,
870                                          n,
871                                          env->regs[0],
872                                          env->regs[1],
873                                          env->regs[2],
874                                          env->regs[3],
875                                          env->regs[4],
876                                          env->regs[5],
877                                          0, 0);
878                         if (ret == -TARGET_ERESTARTSYS) {
879                             env->regs[15] -= env->thumb ? 2 : 4;
880                         } else if (ret != -TARGET_QEMU_ESIGRETURN) {
881                             env->regs[0] = ret;
882                         }
883                     }
884                 } else {
885                     goto error;
886                 }
887             }
888             break;
889         case EXCP_INTERRUPT:
890             /* just indicate that signals should be handled asap */
891             break;
892         case EXCP_STREX:
893             if (!do_strex(env)) {
894                 break;
895             }
896             /* fall through for segv */
897         case EXCP_PREFETCH_ABORT:
898         case EXCP_DATA_ABORT:
899             addr = env->exception.vaddress;
900             {
901                 info.si_signo = TARGET_SIGSEGV;
902                 info.si_errno = 0;
903                 /* XXX: check env->error_code */
904                 info.si_code = TARGET_SEGV_MAPERR;
905                 info._sifields._sigfault._addr = addr;
906                 queue_signal(env, info.si_signo, &info);
907             }
908             break;
909         case EXCP_DEBUG:
910         excp_debug:
911             {
912                 int sig;
913 
914                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
915                 if (sig)
916                   {
917                     info.si_signo = sig;
918                     info.si_errno = 0;
919                     info.si_code = TARGET_TRAP_BRKPT;
920                     queue_signal(env, info.si_signo, &info);
921                   }
922             }
923             break;
924         case EXCP_KERNEL_TRAP:
925             if (do_kernel_trap(env))
926               goto error;
927             break;
928         case EXCP_YIELD:
929             /* nothing to do here for user-mode, just resume guest code */
930             break;
931         default:
932         error:
933             EXCP_DUMP(env, "qemu: unhandled CPU exception 0x%x - aborting\n", trapnr);
934             abort();
935         }
936         process_pending_signals(env);
937     }
938 }
939 
940 #else
941 
942 /*
943  * Handle AArch64 store-release exclusive
944  *
945  * rs = gets the status result of store exclusive
946  * rt = is the register that is stored
947  * rt2 = is the second register store (in STP)
948  *
949  */
950 static int do_strex_a64(CPUARMState *env)
951 {
952     uint64_t val;
953     int size;
954     bool is_pair;
955     int rc = 1;
956     int segv = 0;
957     uint64_t addr;
958     int rs, rt, rt2;
959 
960     start_exclusive();
961     /* size | is_pair << 2 | (rs << 4) | (rt << 9) | (rt2 << 14)); */
962     size = extract32(env->exclusive_info, 0, 2);
963     is_pair = extract32(env->exclusive_info, 2, 1);
964     rs = extract32(env->exclusive_info, 4, 5);
965     rt = extract32(env->exclusive_info, 9, 5);
966     rt2 = extract32(env->exclusive_info, 14, 5);
967 
968     addr = env->exclusive_addr;
969 
970     if (addr != env->exclusive_test) {
971         goto finish;
972     }
973 
974     switch (size) {
975     case 0:
976         segv = get_user_u8(val, addr);
977         break;
978     case 1:
979         segv = get_user_u16(val, addr);
980         break;
981     case 2:
982         segv = get_user_u32(val, addr);
983         break;
984     case 3:
985         segv = get_user_u64(val, addr);
986         break;
987     default:
988         abort();
989     }
990     if (segv) {
991         env->exception.vaddress = addr;
992         goto error;
993     }
994     if (val != env->exclusive_val) {
995         goto finish;
996     }
997     if (is_pair) {
998         if (size == 2) {
999             segv = get_user_u32(val, addr + 4);
1000         } else {
1001             segv = get_user_u64(val, addr + 8);
1002         }
1003         if (segv) {
1004             env->exception.vaddress = addr + (size == 2 ? 4 : 8);
1005             goto error;
1006         }
1007         if (val != env->exclusive_high) {
1008             goto finish;
1009         }
1010     }
1011     /* handle the zero register */
1012     val = rt == 31 ? 0 : env->xregs[rt];
1013     switch (size) {
1014     case 0:
1015         segv = put_user_u8(val, addr);
1016         break;
1017     case 1:
1018         segv = put_user_u16(val, addr);
1019         break;
1020     case 2:
1021         segv = put_user_u32(val, addr);
1022         break;
1023     case 3:
1024         segv = put_user_u64(val, addr);
1025         break;
1026     }
1027     if (segv) {
1028         goto error;
1029     }
1030     if (is_pair) {
1031         /* handle the zero register */
1032         val = rt2 == 31 ? 0 : env->xregs[rt2];
1033         if (size == 2) {
1034             segv = put_user_u32(val, addr + 4);
1035         } else {
1036             segv = put_user_u64(val, addr + 8);
1037         }
1038         if (segv) {
1039             env->exception.vaddress = addr + (size == 2 ? 4 : 8);
1040             goto error;
1041         }
1042     }
1043     rc = 0;
1044 finish:
1045     env->pc += 4;
1046     /* rs == 31 encodes a write to the ZR, thus throwing away
1047      * the status return. This is rather silly but valid.
1048      */
1049     if (rs < 31) {
1050         env->xregs[rs] = rc;
1051     }
1052 error:
1053     /* instruction faulted, PC does not advance */
1054     /* either way a strex releases any exclusive lock we have */
1055     env->exclusive_addr = -1;
1056     end_exclusive();
1057     return segv;
1058 }
1059 
1060 /* AArch64 main loop */
1061 void cpu_loop(CPUARMState *env)
1062 {
1063     CPUState *cs = CPU(arm_env_get_cpu(env));
1064     int trapnr, sig;
1065     abi_long ret;
1066     target_siginfo_t info;
1067 
1068     for (;;) {
1069         cpu_exec_start(cs);
1070         trapnr = cpu_arm_exec(cs);
1071         cpu_exec_end(cs);
1072 
1073         switch (trapnr) {
1074         case EXCP_SWI:
1075             ret = do_syscall(env,
1076                              env->xregs[8],
1077                              env->xregs[0],
1078                              env->xregs[1],
1079                              env->xregs[2],
1080                              env->xregs[3],
1081                              env->xregs[4],
1082                              env->xregs[5],
1083                              0, 0);
1084             if (ret == -TARGET_ERESTARTSYS) {
1085                 env->pc -= 4;
1086             } else if (ret != -TARGET_QEMU_ESIGRETURN) {
1087                 env->xregs[0] = ret;
1088             }
1089             break;
1090         case EXCP_INTERRUPT:
1091             /* just indicate that signals should be handled asap */
1092             break;
1093         case EXCP_UDEF:
1094             info.si_signo = TARGET_SIGILL;
1095             info.si_errno = 0;
1096             info.si_code = TARGET_ILL_ILLOPN;
1097             info._sifields._sigfault._addr = env->pc;
1098             queue_signal(env, info.si_signo, &info);
1099             break;
1100         case EXCP_STREX:
1101             if (!do_strex_a64(env)) {
1102                 break;
1103             }
1104             /* fall through for segv */
1105         case EXCP_PREFETCH_ABORT:
1106         case EXCP_DATA_ABORT:
1107             info.si_signo = TARGET_SIGSEGV;
1108             info.si_errno = 0;
1109             /* XXX: check env->error_code */
1110             info.si_code = TARGET_SEGV_MAPERR;
1111             info._sifields._sigfault._addr = env->exception.vaddress;
1112             queue_signal(env, info.si_signo, &info);
1113             break;
1114         case EXCP_DEBUG:
1115         case EXCP_BKPT:
1116             sig = gdb_handlesig(cs, TARGET_SIGTRAP);
1117             if (sig) {
1118                 info.si_signo = sig;
1119                 info.si_errno = 0;
1120                 info.si_code = TARGET_TRAP_BRKPT;
1121                 queue_signal(env, info.si_signo, &info);
1122             }
1123             break;
1124         case EXCP_SEMIHOST:
1125             env->xregs[0] = do_arm_semihosting(env);
1126             break;
1127         case EXCP_YIELD:
1128             /* nothing to do here for user-mode, just resume guest code */
1129             break;
1130         default:
1131             EXCP_DUMP(env, "qemu: unhandled CPU exception 0x%x - aborting\n", trapnr);
1132             abort();
1133         }
1134         process_pending_signals(env);
1135         /* Exception return on AArch64 always clears the exclusive monitor,
1136          * so any return to running guest code implies this.
1137          * A strex (successful or otherwise) also clears the monitor, so
1138          * we don't need to specialcase EXCP_STREX.
1139          */
1140         env->exclusive_addr = -1;
1141     }
1142 }
1143 #endif /* ndef TARGET_ABI32 */
1144 
1145 #endif
1146 
1147 #ifdef TARGET_UNICORE32
1148 
1149 void cpu_loop(CPUUniCore32State *env)
1150 {
1151     CPUState *cs = CPU(uc32_env_get_cpu(env));
1152     int trapnr;
1153     unsigned int n, insn;
1154     target_siginfo_t info;
1155 
1156     for (;;) {
1157         cpu_exec_start(cs);
1158         trapnr = uc32_cpu_exec(cs);
1159         cpu_exec_end(cs);
1160         switch (trapnr) {
1161         case UC32_EXCP_PRIV:
1162             {
1163                 /* system call */
1164                 get_user_u32(insn, env->regs[31] - 4);
1165                 n = insn & 0xffffff;
1166 
1167                 if (n >= UC32_SYSCALL_BASE) {
1168                     /* linux syscall */
1169                     n -= UC32_SYSCALL_BASE;
1170                     if (n == UC32_SYSCALL_NR_set_tls) {
1171                             cpu_set_tls(env, env->regs[0]);
1172                             env->regs[0] = 0;
1173                     } else {
1174                         env->regs[0] = do_syscall(env,
1175                                                   n,
1176                                                   env->regs[0],
1177                                                   env->regs[1],
1178                                                   env->regs[2],
1179                                                   env->regs[3],
1180                                                   env->regs[4],
1181                                                   env->regs[5],
1182                                                   0, 0);
1183                     }
1184                 } else {
1185                     goto error;
1186                 }
1187             }
1188             break;
1189         case UC32_EXCP_DTRAP:
1190         case UC32_EXCP_ITRAP:
1191             info.si_signo = TARGET_SIGSEGV;
1192             info.si_errno = 0;
1193             /* XXX: check env->error_code */
1194             info.si_code = TARGET_SEGV_MAPERR;
1195             info._sifields._sigfault._addr = env->cp0.c4_faultaddr;
1196             queue_signal(env, info.si_signo, &info);
1197             break;
1198         case EXCP_INTERRUPT:
1199             /* just indicate that signals should be handled asap */
1200             break;
1201         case EXCP_DEBUG:
1202             {
1203                 int sig;
1204 
1205                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
1206                 if (sig) {
1207                     info.si_signo = sig;
1208                     info.si_errno = 0;
1209                     info.si_code = TARGET_TRAP_BRKPT;
1210                     queue_signal(env, info.si_signo, &info);
1211                 }
1212             }
1213             break;
1214         default:
1215             goto error;
1216         }
1217         process_pending_signals(env);
1218     }
1219 
1220 error:
1221     EXCP_DUMP(env, "qemu: unhandled CPU exception 0x%x - aborting\n", trapnr);
1222     abort();
1223 }
1224 #endif
1225 
1226 #ifdef TARGET_SPARC
1227 #define SPARC64_STACK_BIAS 2047
1228 
1229 //#define DEBUG_WIN
1230 
1231 /* WARNING: dealing with register windows _is_ complicated. More info
1232    can be found at http://www.sics.se/~psm/sparcstack.html */
1233 static inline int get_reg_index(CPUSPARCState *env, int cwp, int index)
1234 {
1235     index = (index + cwp * 16) % (16 * env->nwindows);
1236     /* wrap handling : if cwp is on the last window, then we use the
1237        registers 'after' the end */
1238     if (index < 8 && env->cwp == env->nwindows - 1)
1239         index += 16 * env->nwindows;
1240     return index;
1241 }
1242 
1243 /* save the register window 'cwp1' */
1244 static inline void save_window_offset(CPUSPARCState *env, int cwp1)
1245 {
1246     unsigned int i;
1247     abi_ulong sp_ptr;
1248 
1249     sp_ptr = env->regbase[get_reg_index(env, cwp1, 6)];
1250 #ifdef TARGET_SPARC64
1251     if (sp_ptr & 3)
1252         sp_ptr += SPARC64_STACK_BIAS;
1253 #endif
1254 #if defined(DEBUG_WIN)
1255     printf("win_overflow: sp_ptr=0x" TARGET_ABI_FMT_lx " save_cwp=%d\n",
1256            sp_ptr, cwp1);
1257 #endif
1258     for(i = 0; i < 16; i++) {
1259         /* FIXME - what to do if put_user() fails? */
1260         put_user_ual(env->regbase[get_reg_index(env, cwp1, 8 + i)], sp_ptr);
1261         sp_ptr += sizeof(abi_ulong);
1262     }
1263 }
1264 
1265 static void save_window(CPUSPARCState *env)
1266 {
1267 #ifndef TARGET_SPARC64
1268     unsigned int new_wim;
1269     new_wim = ((env->wim >> 1) | (env->wim << (env->nwindows - 1))) &
1270         ((1LL << env->nwindows) - 1);
1271     save_window_offset(env, cpu_cwp_dec(env, env->cwp - 2));
1272     env->wim = new_wim;
1273 #else
1274     save_window_offset(env, cpu_cwp_dec(env, env->cwp - 2));
1275     env->cansave++;
1276     env->canrestore--;
1277 #endif
1278 }
1279 
1280 static void restore_window(CPUSPARCState *env)
1281 {
1282 #ifndef TARGET_SPARC64
1283     unsigned int new_wim;
1284 #endif
1285     unsigned int i, cwp1;
1286     abi_ulong sp_ptr;
1287 
1288 #ifndef TARGET_SPARC64
1289     new_wim = ((env->wim << 1) | (env->wim >> (env->nwindows - 1))) &
1290         ((1LL << env->nwindows) - 1);
1291 #endif
1292 
1293     /* restore the invalid window */
1294     cwp1 = cpu_cwp_inc(env, env->cwp + 1);
1295     sp_ptr = env->regbase[get_reg_index(env, cwp1, 6)];
1296 #ifdef TARGET_SPARC64
1297     if (sp_ptr & 3)
1298         sp_ptr += SPARC64_STACK_BIAS;
1299 #endif
1300 #if defined(DEBUG_WIN)
1301     printf("win_underflow: sp_ptr=0x" TARGET_ABI_FMT_lx " load_cwp=%d\n",
1302            sp_ptr, cwp1);
1303 #endif
1304     for(i = 0; i < 16; i++) {
1305         /* FIXME - what to do if get_user() fails? */
1306         get_user_ual(env->regbase[get_reg_index(env, cwp1, 8 + i)], sp_ptr);
1307         sp_ptr += sizeof(abi_ulong);
1308     }
1309 #ifdef TARGET_SPARC64
1310     env->canrestore++;
1311     if (env->cleanwin < env->nwindows - 1)
1312         env->cleanwin++;
1313     env->cansave--;
1314 #else
1315     env->wim = new_wim;
1316 #endif
1317 }
1318 
1319 static void flush_windows(CPUSPARCState *env)
1320 {
1321     int offset, cwp1;
1322 
1323     offset = 1;
1324     for(;;) {
1325         /* if restore would invoke restore_window(), then we can stop */
1326         cwp1 = cpu_cwp_inc(env, env->cwp + offset);
1327 #ifndef TARGET_SPARC64
1328         if (env->wim & (1 << cwp1))
1329             break;
1330 #else
1331         if (env->canrestore == 0)
1332             break;
1333         env->cansave++;
1334         env->canrestore--;
1335 #endif
1336         save_window_offset(env, cwp1);
1337         offset++;
1338     }
1339     cwp1 = cpu_cwp_inc(env, env->cwp + 1);
1340 #ifndef TARGET_SPARC64
1341     /* set wim so that restore will reload the registers */
1342     env->wim = 1 << cwp1;
1343 #endif
1344 #if defined(DEBUG_WIN)
1345     printf("flush_windows: nb=%d\n", offset - 1);
1346 #endif
1347 }
1348 
1349 void cpu_loop (CPUSPARCState *env)
1350 {
1351     CPUState *cs = CPU(sparc_env_get_cpu(env));
1352     int trapnr;
1353     abi_long ret;
1354     target_siginfo_t info;
1355 
1356     while (1) {
1357         cpu_exec_start(cs);
1358         trapnr = cpu_sparc_exec(cs);
1359         cpu_exec_end(cs);
1360 
1361         /* Compute PSR before exposing state.  */
1362         if (env->cc_op != CC_OP_FLAGS) {
1363             cpu_get_psr(env);
1364         }
1365 
1366         switch (trapnr) {
1367 #ifndef TARGET_SPARC64
1368         case 0x88:
1369         case 0x90:
1370 #else
1371         case 0x110:
1372         case 0x16d:
1373 #endif
1374             ret = do_syscall (env, env->gregs[1],
1375                               env->regwptr[0], env->regwptr[1],
1376                               env->regwptr[2], env->regwptr[3],
1377                               env->regwptr[4], env->regwptr[5],
1378                               0, 0);
1379             if (ret == -TARGET_ERESTARTSYS || ret == -TARGET_QEMU_ESIGRETURN) {
1380                 break;
1381             }
1382             if ((abi_ulong)ret >= (abi_ulong)(-515)) {
1383 #if defined(TARGET_SPARC64) && !defined(TARGET_ABI32)
1384                 env->xcc |= PSR_CARRY;
1385 #else
1386                 env->psr |= PSR_CARRY;
1387 #endif
1388                 ret = -ret;
1389             } else {
1390 #if defined(TARGET_SPARC64) && !defined(TARGET_ABI32)
1391                 env->xcc &= ~PSR_CARRY;
1392 #else
1393                 env->psr &= ~PSR_CARRY;
1394 #endif
1395             }
1396             env->regwptr[0] = ret;
1397             /* next instruction */
1398             env->pc = env->npc;
1399             env->npc = env->npc + 4;
1400             break;
1401         case 0x83: /* flush windows */
1402 #ifdef TARGET_ABI32
1403         case 0x103:
1404 #endif
1405             flush_windows(env);
1406             /* next instruction */
1407             env->pc = env->npc;
1408             env->npc = env->npc + 4;
1409             break;
1410 #ifndef TARGET_SPARC64
1411         case TT_WIN_OVF: /* window overflow */
1412             save_window(env);
1413             break;
1414         case TT_WIN_UNF: /* window underflow */
1415             restore_window(env);
1416             break;
1417         case TT_TFAULT:
1418         case TT_DFAULT:
1419             {
1420                 info.si_signo = TARGET_SIGSEGV;
1421                 info.si_errno = 0;
1422                 /* XXX: check env->error_code */
1423                 info.si_code = TARGET_SEGV_MAPERR;
1424                 info._sifields._sigfault._addr = env->mmuregs[4];
1425                 queue_signal(env, info.si_signo, &info);
1426             }
1427             break;
1428 #else
1429         case TT_SPILL: /* window overflow */
1430             save_window(env);
1431             break;
1432         case TT_FILL: /* window underflow */
1433             restore_window(env);
1434             break;
1435         case TT_TFAULT:
1436         case TT_DFAULT:
1437             {
1438                 info.si_signo = TARGET_SIGSEGV;
1439                 info.si_errno = 0;
1440                 /* XXX: check env->error_code */
1441                 info.si_code = TARGET_SEGV_MAPERR;
1442                 if (trapnr == TT_DFAULT)
1443                     info._sifields._sigfault._addr = env->dmmuregs[4];
1444                 else
1445                     info._sifields._sigfault._addr = cpu_tsptr(env)->tpc;
1446                 queue_signal(env, info.si_signo, &info);
1447             }
1448             break;
1449 #ifndef TARGET_ABI32
1450         case 0x16e:
1451             flush_windows(env);
1452             sparc64_get_context(env);
1453             break;
1454         case 0x16f:
1455             flush_windows(env);
1456             sparc64_set_context(env);
1457             break;
1458 #endif
1459 #endif
1460         case EXCP_INTERRUPT:
1461             /* just indicate that signals should be handled asap */
1462             break;
1463         case TT_ILL_INSN:
1464             {
1465                 info.si_signo = TARGET_SIGILL;
1466                 info.si_errno = 0;
1467                 info.si_code = TARGET_ILL_ILLOPC;
1468                 info._sifields._sigfault._addr = env->pc;
1469                 queue_signal(env, info.si_signo, &info);
1470             }
1471             break;
1472         case EXCP_DEBUG:
1473             {
1474                 int sig;
1475 
1476                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
1477                 if (sig)
1478                   {
1479                     info.si_signo = sig;
1480                     info.si_errno = 0;
1481                     info.si_code = TARGET_TRAP_BRKPT;
1482                     queue_signal(env, info.si_signo, &info);
1483                   }
1484             }
1485             break;
1486         default:
1487             printf ("Unhandled trap: 0x%x\n", trapnr);
1488             cpu_dump_state(cs, stderr, fprintf, 0);
1489             exit(EXIT_FAILURE);
1490         }
1491         process_pending_signals (env);
1492     }
1493 }
1494 
1495 #endif
1496 
1497 #ifdef TARGET_PPC
1498 static inline uint64_t cpu_ppc_get_tb(CPUPPCState *env)
1499 {
1500     return cpu_get_host_ticks();
1501 }
1502 
1503 uint64_t cpu_ppc_load_tbl(CPUPPCState *env)
1504 {
1505     return cpu_ppc_get_tb(env);
1506 }
1507 
1508 uint32_t cpu_ppc_load_tbu(CPUPPCState *env)
1509 {
1510     return cpu_ppc_get_tb(env) >> 32;
1511 }
1512 
1513 uint64_t cpu_ppc_load_atbl(CPUPPCState *env)
1514 {
1515     return cpu_ppc_get_tb(env);
1516 }
1517 
1518 uint32_t cpu_ppc_load_atbu(CPUPPCState *env)
1519 {
1520     return cpu_ppc_get_tb(env) >> 32;
1521 }
1522 
1523 uint32_t cpu_ppc601_load_rtcu(CPUPPCState *env)
1524 __attribute__ (( alias ("cpu_ppc_load_tbu") ));
1525 
1526 uint32_t cpu_ppc601_load_rtcl(CPUPPCState *env)
1527 {
1528     return cpu_ppc_load_tbl(env) & 0x3FFFFF80;
1529 }
1530 
1531 /* XXX: to be fixed */
1532 int ppc_dcr_read (ppc_dcr_t *dcr_env, int dcrn, uint32_t *valp)
1533 {
1534     return -1;
1535 }
1536 
1537 int ppc_dcr_write (ppc_dcr_t *dcr_env, int dcrn, uint32_t val)
1538 {
1539     return -1;
1540 }
1541 
1542 static int do_store_exclusive(CPUPPCState *env)
1543 {
1544     target_ulong addr;
1545     target_ulong page_addr;
1546     target_ulong val, val2 __attribute__((unused)) = 0;
1547     int flags;
1548     int segv = 0;
1549 
1550     addr = env->reserve_ea;
1551     page_addr = addr & TARGET_PAGE_MASK;
1552     start_exclusive();
1553     mmap_lock();
1554     flags = page_get_flags(page_addr);
1555     if ((flags & PAGE_READ) == 0) {
1556         segv = 1;
1557     } else {
1558         int reg = env->reserve_info & 0x1f;
1559         int size = env->reserve_info >> 5;
1560         int stored = 0;
1561 
1562         if (addr == env->reserve_addr) {
1563             switch (size) {
1564             case 1: segv = get_user_u8(val, addr); break;
1565             case 2: segv = get_user_u16(val, addr); break;
1566             case 4: segv = get_user_u32(val, addr); break;
1567 #if defined(TARGET_PPC64)
1568             case 8: segv = get_user_u64(val, addr); break;
1569             case 16: {
1570                 segv = get_user_u64(val, addr);
1571                 if (!segv) {
1572                     segv = get_user_u64(val2, addr + 8);
1573                 }
1574                 break;
1575             }
1576 #endif
1577             default: abort();
1578             }
1579             if (!segv && val == env->reserve_val) {
1580                 val = env->gpr[reg];
1581                 switch (size) {
1582                 case 1: segv = put_user_u8(val, addr); break;
1583                 case 2: segv = put_user_u16(val, addr); break;
1584                 case 4: segv = put_user_u32(val, addr); break;
1585 #if defined(TARGET_PPC64)
1586                 case 8: segv = put_user_u64(val, addr); break;
1587                 case 16: {
1588                     if (val2 == env->reserve_val2) {
1589                         if (msr_le) {
1590                             val2 = val;
1591                             val = env->gpr[reg+1];
1592                         } else {
1593                             val2 = env->gpr[reg+1];
1594                         }
1595                         segv = put_user_u64(val, addr);
1596                         if (!segv) {
1597                             segv = put_user_u64(val2, addr + 8);
1598                         }
1599                     }
1600                     break;
1601                 }
1602 #endif
1603                 default: abort();
1604                 }
1605                 if (!segv) {
1606                     stored = 1;
1607                 }
1608             }
1609         }
1610         env->crf[0] = (stored << 1) | xer_so;
1611         env->reserve_addr = (target_ulong)-1;
1612     }
1613     if (!segv) {
1614         env->nip += 4;
1615     }
1616     mmap_unlock();
1617     end_exclusive();
1618     return segv;
1619 }
1620 
1621 void cpu_loop(CPUPPCState *env)
1622 {
1623     CPUState *cs = CPU(ppc_env_get_cpu(env));
1624     target_siginfo_t info;
1625     int trapnr;
1626     target_ulong ret;
1627 
1628     for(;;) {
1629         cpu_exec_start(cs);
1630         trapnr = cpu_ppc_exec(cs);
1631         cpu_exec_end(cs);
1632         switch(trapnr) {
1633         case POWERPC_EXCP_NONE:
1634             /* Just go on */
1635             break;
1636         case POWERPC_EXCP_CRITICAL: /* Critical input                        */
1637             cpu_abort(cs, "Critical interrupt while in user mode. "
1638                       "Aborting\n");
1639             break;
1640         case POWERPC_EXCP_MCHECK:   /* Machine check exception               */
1641             cpu_abort(cs, "Machine check exception while in user mode. "
1642                       "Aborting\n");
1643             break;
1644         case POWERPC_EXCP_DSI:      /* Data storage exception                */
1645             EXCP_DUMP(env, "Invalid data memory access: 0x" TARGET_FMT_lx "\n",
1646                       env->spr[SPR_DAR]);
1647             /* XXX: check this. Seems bugged */
1648             switch (env->error_code & 0xFF000000) {
1649             case 0x40000000:
1650                 info.si_signo = TARGET_SIGSEGV;
1651                 info.si_errno = 0;
1652                 info.si_code = TARGET_SEGV_MAPERR;
1653                 break;
1654             case 0x04000000:
1655                 info.si_signo = TARGET_SIGILL;
1656                 info.si_errno = 0;
1657                 info.si_code = TARGET_ILL_ILLADR;
1658                 break;
1659             case 0x08000000:
1660                 info.si_signo = TARGET_SIGSEGV;
1661                 info.si_errno = 0;
1662                 info.si_code = TARGET_SEGV_ACCERR;
1663                 break;
1664             default:
1665                 /* Let's send a regular segfault... */
1666                 EXCP_DUMP(env, "Invalid segfault errno (%02x)\n",
1667                           env->error_code);
1668                 info.si_signo = TARGET_SIGSEGV;
1669                 info.si_errno = 0;
1670                 info.si_code = TARGET_SEGV_MAPERR;
1671                 break;
1672             }
1673             info._sifields._sigfault._addr = env->nip;
1674             queue_signal(env, info.si_signo, &info);
1675             break;
1676         case POWERPC_EXCP_ISI:      /* Instruction storage exception         */
1677             EXCP_DUMP(env, "Invalid instruction fetch: 0x\n" TARGET_FMT_lx
1678                       "\n", env->spr[SPR_SRR0]);
1679             /* XXX: check this */
1680             switch (env->error_code & 0xFF000000) {
1681             case 0x40000000:
1682                 info.si_signo = TARGET_SIGSEGV;
1683             info.si_errno = 0;
1684                 info.si_code = TARGET_SEGV_MAPERR;
1685                 break;
1686             case 0x10000000:
1687             case 0x08000000:
1688                 info.si_signo = TARGET_SIGSEGV;
1689                 info.si_errno = 0;
1690                 info.si_code = TARGET_SEGV_ACCERR;
1691                 break;
1692             default:
1693                 /* Let's send a regular segfault... */
1694                 EXCP_DUMP(env, "Invalid segfault errno (%02x)\n",
1695                           env->error_code);
1696                 info.si_signo = TARGET_SIGSEGV;
1697                 info.si_errno = 0;
1698                 info.si_code = TARGET_SEGV_MAPERR;
1699                 break;
1700             }
1701             info._sifields._sigfault._addr = env->nip - 4;
1702             queue_signal(env, info.si_signo, &info);
1703             break;
1704         case POWERPC_EXCP_EXTERNAL: /* External input                        */
1705             cpu_abort(cs, "External interrupt while in user mode. "
1706                       "Aborting\n");
1707             break;
1708         case POWERPC_EXCP_ALIGN:    /* Alignment exception                   */
1709             EXCP_DUMP(env, "Unaligned memory access\n");
1710             /* XXX: check this */
1711             info.si_signo = TARGET_SIGBUS;
1712             info.si_errno = 0;
1713             info.si_code = TARGET_BUS_ADRALN;
1714             info._sifields._sigfault._addr = env->nip;
1715             queue_signal(env, info.si_signo, &info);
1716             break;
1717         case POWERPC_EXCP_PROGRAM:  /* Program exception                     */
1718             /* XXX: check this */
1719             switch (env->error_code & ~0xF) {
1720             case POWERPC_EXCP_FP:
1721                 EXCP_DUMP(env, "Floating point program exception\n");
1722                 info.si_signo = TARGET_SIGFPE;
1723                 info.si_errno = 0;
1724                 switch (env->error_code & 0xF) {
1725                 case POWERPC_EXCP_FP_OX:
1726                     info.si_code = TARGET_FPE_FLTOVF;
1727                     break;
1728                 case POWERPC_EXCP_FP_UX:
1729                     info.si_code = TARGET_FPE_FLTUND;
1730                     break;
1731                 case POWERPC_EXCP_FP_ZX:
1732                 case POWERPC_EXCP_FP_VXZDZ:
1733                     info.si_code = TARGET_FPE_FLTDIV;
1734                     break;
1735                 case POWERPC_EXCP_FP_XX:
1736                     info.si_code = TARGET_FPE_FLTRES;
1737                     break;
1738                 case POWERPC_EXCP_FP_VXSOFT:
1739                     info.si_code = TARGET_FPE_FLTINV;
1740                     break;
1741                 case POWERPC_EXCP_FP_VXSNAN:
1742                 case POWERPC_EXCP_FP_VXISI:
1743                 case POWERPC_EXCP_FP_VXIDI:
1744                 case POWERPC_EXCP_FP_VXIMZ:
1745                 case POWERPC_EXCP_FP_VXVC:
1746                 case POWERPC_EXCP_FP_VXSQRT:
1747                 case POWERPC_EXCP_FP_VXCVI:
1748                     info.si_code = TARGET_FPE_FLTSUB;
1749                     break;
1750                 default:
1751                     EXCP_DUMP(env, "Unknown floating point exception (%02x)\n",
1752                               env->error_code);
1753                     break;
1754                 }
1755                 break;
1756             case POWERPC_EXCP_INVAL:
1757                 EXCP_DUMP(env, "Invalid instruction\n");
1758                 info.si_signo = TARGET_SIGILL;
1759                 info.si_errno = 0;
1760                 switch (env->error_code & 0xF) {
1761                 case POWERPC_EXCP_INVAL_INVAL:
1762                     info.si_code = TARGET_ILL_ILLOPC;
1763                     break;
1764                 case POWERPC_EXCP_INVAL_LSWX:
1765                     info.si_code = TARGET_ILL_ILLOPN;
1766                     break;
1767                 case POWERPC_EXCP_INVAL_SPR:
1768                     info.si_code = TARGET_ILL_PRVREG;
1769                     break;
1770                 case POWERPC_EXCP_INVAL_FP:
1771                     info.si_code = TARGET_ILL_COPROC;
1772                     break;
1773                 default:
1774                     EXCP_DUMP(env, "Unknown invalid operation (%02x)\n",
1775                               env->error_code & 0xF);
1776                     info.si_code = TARGET_ILL_ILLADR;
1777                     break;
1778                 }
1779                 break;
1780             case POWERPC_EXCP_PRIV:
1781                 EXCP_DUMP(env, "Privilege violation\n");
1782                 info.si_signo = TARGET_SIGILL;
1783                 info.si_errno = 0;
1784                 switch (env->error_code & 0xF) {
1785                 case POWERPC_EXCP_PRIV_OPC:
1786                     info.si_code = TARGET_ILL_PRVOPC;
1787                     break;
1788                 case POWERPC_EXCP_PRIV_REG:
1789                     info.si_code = TARGET_ILL_PRVREG;
1790                     break;
1791                 default:
1792                     EXCP_DUMP(env, "Unknown privilege violation (%02x)\n",
1793                               env->error_code & 0xF);
1794                     info.si_code = TARGET_ILL_PRVOPC;
1795                     break;
1796                 }
1797                 break;
1798             case POWERPC_EXCP_TRAP:
1799                 cpu_abort(cs, "Tried to call a TRAP\n");
1800                 break;
1801             default:
1802                 /* Should not happen ! */
1803                 cpu_abort(cs, "Unknown program exception (%02x)\n",
1804                           env->error_code);
1805                 break;
1806             }
1807             info._sifields._sigfault._addr = env->nip - 4;
1808             queue_signal(env, info.si_signo, &info);
1809             break;
1810         case POWERPC_EXCP_FPU:      /* Floating-point unavailable exception  */
1811             EXCP_DUMP(env, "No floating point allowed\n");
1812             info.si_signo = TARGET_SIGILL;
1813             info.si_errno = 0;
1814             info.si_code = TARGET_ILL_COPROC;
1815             info._sifields._sigfault._addr = env->nip - 4;
1816             queue_signal(env, info.si_signo, &info);
1817             break;
1818         case POWERPC_EXCP_SYSCALL:  /* System call exception                 */
1819             cpu_abort(cs, "Syscall exception while in user mode. "
1820                       "Aborting\n");
1821             break;
1822         case POWERPC_EXCP_APU:      /* Auxiliary processor unavailable       */
1823             EXCP_DUMP(env, "No APU instruction allowed\n");
1824             info.si_signo = TARGET_SIGILL;
1825             info.si_errno = 0;
1826             info.si_code = TARGET_ILL_COPROC;
1827             info._sifields._sigfault._addr = env->nip - 4;
1828             queue_signal(env, info.si_signo, &info);
1829             break;
1830         case POWERPC_EXCP_DECR:     /* Decrementer exception                 */
1831             cpu_abort(cs, "Decrementer interrupt while in user mode. "
1832                       "Aborting\n");
1833             break;
1834         case POWERPC_EXCP_FIT:      /* Fixed-interval timer interrupt        */
1835             cpu_abort(cs, "Fix interval timer interrupt while in user mode. "
1836                       "Aborting\n");
1837             break;
1838         case POWERPC_EXCP_WDT:      /* Watchdog timer interrupt              */
1839             cpu_abort(cs, "Watchdog timer interrupt while in user mode. "
1840                       "Aborting\n");
1841             break;
1842         case POWERPC_EXCP_DTLB:     /* Data TLB error                        */
1843             cpu_abort(cs, "Data TLB exception while in user mode. "
1844                       "Aborting\n");
1845             break;
1846         case POWERPC_EXCP_ITLB:     /* Instruction TLB error                 */
1847             cpu_abort(cs, "Instruction TLB exception while in user mode. "
1848                       "Aborting\n");
1849             break;
1850         case POWERPC_EXCP_SPEU:     /* SPE/embedded floating-point unavail.  */
1851             EXCP_DUMP(env, "No SPE/floating-point instruction allowed\n");
1852             info.si_signo = TARGET_SIGILL;
1853             info.si_errno = 0;
1854             info.si_code = TARGET_ILL_COPROC;
1855             info._sifields._sigfault._addr = env->nip - 4;
1856             queue_signal(env, info.si_signo, &info);
1857             break;
1858         case POWERPC_EXCP_EFPDI:    /* Embedded floating-point data IRQ      */
1859             cpu_abort(cs, "Embedded floating-point data IRQ not handled\n");
1860             break;
1861         case POWERPC_EXCP_EFPRI:    /* Embedded floating-point round IRQ     */
1862             cpu_abort(cs, "Embedded floating-point round IRQ not handled\n");
1863             break;
1864         case POWERPC_EXCP_EPERFM:   /* Embedded performance monitor IRQ      */
1865             cpu_abort(cs, "Performance monitor exception not handled\n");
1866             break;
1867         case POWERPC_EXCP_DOORI:    /* Embedded doorbell interrupt           */
1868             cpu_abort(cs, "Doorbell interrupt while in user mode. "
1869                        "Aborting\n");
1870             break;
1871         case POWERPC_EXCP_DOORCI:   /* Embedded doorbell critical interrupt  */
1872             cpu_abort(cs, "Doorbell critical interrupt while in user mode. "
1873                       "Aborting\n");
1874             break;
1875         case POWERPC_EXCP_RESET:    /* System reset exception                */
1876             cpu_abort(cs, "Reset interrupt while in user mode. "
1877                       "Aborting\n");
1878             break;
1879         case POWERPC_EXCP_DSEG:     /* Data segment exception                */
1880             cpu_abort(cs, "Data segment exception while in user mode. "
1881                       "Aborting\n");
1882             break;
1883         case POWERPC_EXCP_ISEG:     /* Instruction segment exception         */
1884             cpu_abort(cs, "Instruction segment exception "
1885                       "while in user mode. Aborting\n");
1886             break;
1887         /* PowerPC 64 with hypervisor mode support */
1888         case POWERPC_EXCP_HDECR:    /* Hypervisor decrementer exception      */
1889             cpu_abort(cs, "Hypervisor decrementer interrupt "
1890                       "while in user mode. Aborting\n");
1891             break;
1892         case POWERPC_EXCP_TRACE:    /* Trace exception                       */
1893             /* Nothing to do:
1894              * we use this exception to emulate step-by-step execution mode.
1895              */
1896             break;
1897         /* PowerPC 64 with hypervisor mode support */
1898         case POWERPC_EXCP_HDSI:     /* Hypervisor data storage exception     */
1899             cpu_abort(cs, "Hypervisor data storage exception "
1900                       "while in user mode. Aborting\n");
1901             break;
1902         case POWERPC_EXCP_HISI:     /* Hypervisor instruction storage excp   */
1903             cpu_abort(cs, "Hypervisor instruction storage exception "
1904                       "while in user mode. Aborting\n");
1905             break;
1906         case POWERPC_EXCP_HDSEG:    /* Hypervisor data segment exception     */
1907             cpu_abort(cs, "Hypervisor data segment exception "
1908                       "while in user mode. Aborting\n");
1909             break;
1910         case POWERPC_EXCP_HISEG:    /* Hypervisor instruction segment excp   */
1911             cpu_abort(cs, "Hypervisor instruction segment exception "
1912                       "while in user mode. Aborting\n");
1913             break;
1914         case POWERPC_EXCP_VPU:      /* Vector unavailable exception          */
1915             EXCP_DUMP(env, "No Altivec instructions allowed\n");
1916             info.si_signo = TARGET_SIGILL;
1917             info.si_errno = 0;
1918             info.si_code = TARGET_ILL_COPROC;
1919             info._sifields._sigfault._addr = env->nip - 4;
1920             queue_signal(env, info.si_signo, &info);
1921             break;
1922         case POWERPC_EXCP_PIT:      /* Programmable interval timer IRQ       */
1923             cpu_abort(cs, "Programmable interval timer interrupt "
1924                       "while in user mode. Aborting\n");
1925             break;
1926         case POWERPC_EXCP_IO:       /* IO error exception                    */
1927             cpu_abort(cs, "IO error exception while in user mode. "
1928                       "Aborting\n");
1929             break;
1930         case POWERPC_EXCP_RUNM:     /* Run mode exception                    */
1931             cpu_abort(cs, "Run mode exception while in user mode. "
1932                       "Aborting\n");
1933             break;
1934         case POWERPC_EXCP_EMUL:     /* Emulation trap exception              */
1935             cpu_abort(cs, "Emulation trap exception not handled\n");
1936             break;
1937         case POWERPC_EXCP_IFTLB:    /* Instruction fetch TLB error           */
1938             cpu_abort(cs, "Instruction fetch TLB exception "
1939                       "while in user-mode. Aborting");
1940             break;
1941         case POWERPC_EXCP_DLTLB:    /* Data load TLB miss                    */
1942             cpu_abort(cs, "Data load TLB exception while in user-mode. "
1943                       "Aborting");
1944             break;
1945         case POWERPC_EXCP_DSTLB:    /* Data store TLB miss                   */
1946             cpu_abort(cs, "Data store TLB exception while in user-mode. "
1947                       "Aborting");
1948             break;
1949         case POWERPC_EXCP_FPA:      /* Floating-point assist exception       */
1950             cpu_abort(cs, "Floating-point assist exception not handled\n");
1951             break;
1952         case POWERPC_EXCP_IABR:     /* Instruction address breakpoint        */
1953             cpu_abort(cs, "Instruction address breakpoint exception "
1954                       "not handled\n");
1955             break;
1956         case POWERPC_EXCP_SMI:      /* System management interrupt           */
1957             cpu_abort(cs, "System management interrupt while in user mode. "
1958                       "Aborting\n");
1959             break;
1960         case POWERPC_EXCP_THERM:    /* Thermal interrupt                     */
1961             cpu_abort(cs, "Thermal interrupt interrupt while in user mode. "
1962                       "Aborting\n");
1963             break;
1964         case POWERPC_EXCP_PERFM:   /* Embedded performance monitor IRQ      */
1965             cpu_abort(cs, "Performance monitor exception not handled\n");
1966             break;
1967         case POWERPC_EXCP_VPUA:     /* Vector assist exception               */
1968             cpu_abort(cs, "Vector assist exception not handled\n");
1969             break;
1970         case POWERPC_EXCP_SOFTP:    /* Soft patch exception                  */
1971             cpu_abort(cs, "Soft patch exception not handled\n");
1972             break;
1973         case POWERPC_EXCP_MAINT:    /* Maintenance exception                 */
1974             cpu_abort(cs, "Maintenance exception while in user mode. "
1975                       "Aborting\n");
1976             break;
1977         case POWERPC_EXCP_STOP:     /* stop translation                      */
1978             /* We did invalidate the instruction cache. Go on */
1979             break;
1980         case POWERPC_EXCP_BRANCH:   /* branch instruction:                   */
1981             /* We just stopped because of a branch. Go on */
1982             break;
1983         case POWERPC_EXCP_SYSCALL_USER:
1984             /* system call in user-mode emulation */
1985             /* WARNING:
1986              * PPC ABI uses overflow flag in cr0 to signal an error
1987              * in syscalls.
1988              */
1989             env->crf[0] &= ~0x1;
1990             ret = do_syscall(env, env->gpr[0], env->gpr[3], env->gpr[4],
1991                              env->gpr[5], env->gpr[6], env->gpr[7],
1992                              env->gpr[8], 0, 0);
1993             if (ret == -TARGET_ERESTARTSYS) {
1994                 env->nip -= 4;
1995                 break;
1996             }
1997             if (ret == (target_ulong)(-TARGET_QEMU_ESIGRETURN)) {
1998                 /* Returning from a successful sigreturn syscall.
1999                    Avoid corrupting register state.  */
2000                 break;
2001             }
2002             if (ret > (target_ulong)(-515)) {
2003                 env->crf[0] |= 0x1;
2004                 ret = -ret;
2005             }
2006             env->gpr[3] = ret;
2007             break;
2008         case POWERPC_EXCP_STCX:
2009             if (do_store_exclusive(env)) {
2010                 info.si_signo = TARGET_SIGSEGV;
2011                 info.si_errno = 0;
2012                 info.si_code = TARGET_SEGV_MAPERR;
2013                 info._sifields._sigfault._addr = env->nip;
2014                 queue_signal(env, info.si_signo, &info);
2015             }
2016             break;
2017         case EXCP_DEBUG:
2018             {
2019                 int sig;
2020 
2021                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
2022                 if (sig) {
2023                     info.si_signo = sig;
2024                     info.si_errno = 0;
2025                     info.si_code = TARGET_TRAP_BRKPT;
2026                     queue_signal(env, info.si_signo, &info);
2027                   }
2028             }
2029             break;
2030         case EXCP_INTERRUPT:
2031             /* just indicate that signals should be handled asap */
2032             break;
2033         default:
2034             cpu_abort(cs, "Unknown exception 0x%d. Aborting\n", trapnr);
2035             break;
2036         }
2037         process_pending_signals(env);
2038     }
2039 }
2040 #endif
2041 
2042 #ifdef TARGET_MIPS
2043 
2044 # ifdef TARGET_ABI_MIPSO32
2045 #  define MIPS_SYS(name, args) args,
2046 static const uint8_t mips_syscall_args[] = {
2047 	MIPS_SYS(sys_syscall	, 8)	/* 4000 */
2048 	MIPS_SYS(sys_exit	, 1)
2049 	MIPS_SYS(sys_fork	, 0)
2050 	MIPS_SYS(sys_read	, 3)
2051 	MIPS_SYS(sys_write	, 3)
2052 	MIPS_SYS(sys_open	, 3)	/* 4005 */
2053 	MIPS_SYS(sys_close	, 1)
2054 	MIPS_SYS(sys_waitpid	, 3)
2055 	MIPS_SYS(sys_creat	, 2)
2056 	MIPS_SYS(sys_link	, 2)
2057 	MIPS_SYS(sys_unlink	, 1)	/* 4010 */
2058 	MIPS_SYS(sys_execve	, 0)
2059 	MIPS_SYS(sys_chdir	, 1)
2060 	MIPS_SYS(sys_time	, 1)
2061 	MIPS_SYS(sys_mknod	, 3)
2062 	MIPS_SYS(sys_chmod	, 2)	/* 4015 */
2063 	MIPS_SYS(sys_lchown	, 3)
2064 	MIPS_SYS(sys_ni_syscall	, 0)
2065 	MIPS_SYS(sys_ni_syscall	, 0)	/* was sys_stat */
2066 	MIPS_SYS(sys_lseek	, 3)
2067 	MIPS_SYS(sys_getpid	, 0)	/* 4020 */
2068 	MIPS_SYS(sys_mount	, 5)
2069 	MIPS_SYS(sys_umount	, 1)
2070 	MIPS_SYS(sys_setuid	, 1)
2071 	MIPS_SYS(sys_getuid	, 0)
2072 	MIPS_SYS(sys_stime	, 1)	/* 4025 */
2073 	MIPS_SYS(sys_ptrace	, 4)
2074 	MIPS_SYS(sys_alarm	, 1)
2075 	MIPS_SYS(sys_ni_syscall	, 0)	/* was sys_fstat */
2076 	MIPS_SYS(sys_pause	, 0)
2077 	MIPS_SYS(sys_utime	, 2)	/* 4030 */
2078 	MIPS_SYS(sys_ni_syscall	, 0)
2079 	MIPS_SYS(sys_ni_syscall	, 0)
2080 	MIPS_SYS(sys_access	, 2)
2081 	MIPS_SYS(sys_nice	, 1)
2082 	MIPS_SYS(sys_ni_syscall	, 0)	/* 4035 */
2083 	MIPS_SYS(sys_sync	, 0)
2084 	MIPS_SYS(sys_kill	, 2)
2085 	MIPS_SYS(sys_rename	, 2)
2086 	MIPS_SYS(sys_mkdir	, 2)
2087 	MIPS_SYS(sys_rmdir	, 1)	/* 4040 */
2088 	MIPS_SYS(sys_dup		, 1)
2089 	MIPS_SYS(sys_pipe	, 0)
2090 	MIPS_SYS(sys_times	, 1)
2091 	MIPS_SYS(sys_ni_syscall	, 0)
2092 	MIPS_SYS(sys_brk		, 1)	/* 4045 */
2093 	MIPS_SYS(sys_setgid	, 1)
2094 	MIPS_SYS(sys_getgid	, 0)
2095 	MIPS_SYS(sys_ni_syscall	, 0)	/* was signal(2) */
2096 	MIPS_SYS(sys_geteuid	, 0)
2097 	MIPS_SYS(sys_getegid	, 0)	/* 4050 */
2098 	MIPS_SYS(sys_acct	, 0)
2099 	MIPS_SYS(sys_umount2	, 2)
2100 	MIPS_SYS(sys_ni_syscall	, 0)
2101 	MIPS_SYS(sys_ioctl	, 3)
2102 	MIPS_SYS(sys_fcntl	, 3)	/* 4055 */
2103 	MIPS_SYS(sys_ni_syscall	, 2)
2104 	MIPS_SYS(sys_setpgid	, 2)
2105 	MIPS_SYS(sys_ni_syscall	, 0)
2106 	MIPS_SYS(sys_olduname	, 1)
2107 	MIPS_SYS(sys_umask	, 1)	/* 4060 */
2108 	MIPS_SYS(sys_chroot	, 1)
2109 	MIPS_SYS(sys_ustat	, 2)
2110 	MIPS_SYS(sys_dup2	, 2)
2111 	MIPS_SYS(sys_getppid	, 0)
2112 	MIPS_SYS(sys_getpgrp	, 0)	/* 4065 */
2113 	MIPS_SYS(sys_setsid	, 0)
2114 	MIPS_SYS(sys_sigaction	, 3)
2115 	MIPS_SYS(sys_sgetmask	, 0)
2116 	MIPS_SYS(sys_ssetmask	, 1)
2117 	MIPS_SYS(sys_setreuid	, 2)	/* 4070 */
2118 	MIPS_SYS(sys_setregid	, 2)
2119 	MIPS_SYS(sys_sigsuspend	, 0)
2120 	MIPS_SYS(sys_sigpending	, 1)
2121 	MIPS_SYS(sys_sethostname	, 2)
2122 	MIPS_SYS(sys_setrlimit	, 2)	/* 4075 */
2123 	MIPS_SYS(sys_getrlimit	, 2)
2124 	MIPS_SYS(sys_getrusage	, 2)
2125 	MIPS_SYS(sys_gettimeofday, 2)
2126 	MIPS_SYS(sys_settimeofday, 2)
2127 	MIPS_SYS(sys_getgroups	, 2)	/* 4080 */
2128 	MIPS_SYS(sys_setgroups	, 2)
2129 	MIPS_SYS(sys_ni_syscall	, 0)	/* old_select */
2130 	MIPS_SYS(sys_symlink	, 2)
2131 	MIPS_SYS(sys_ni_syscall	, 0)	/* was sys_lstat */
2132 	MIPS_SYS(sys_readlink	, 3)	/* 4085 */
2133 	MIPS_SYS(sys_uselib	, 1)
2134 	MIPS_SYS(sys_swapon	, 2)
2135 	MIPS_SYS(sys_reboot	, 3)
2136 	MIPS_SYS(old_readdir	, 3)
2137 	MIPS_SYS(old_mmap	, 6)	/* 4090 */
2138 	MIPS_SYS(sys_munmap	, 2)
2139 	MIPS_SYS(sys_truncate	, 2)
2140 	MIPS_SYS(sys_ftruncate	, 2)
2141 	MIPS_SYS(sys_fchmod	, 2)
2142 	MIPS_SYS(sys_fchown	, 3)	/* 4095 */
2143 	MIPS_SYS(sys_getpriority	, 2)
2144 	MIPS_SYS(sys_setpriority	, 3)
2145 	MIPS_SYS(sys_ni_syscall	, 0)
2146 	MIPS_SYS(sys_statfs	, 2)
2147 	MIPS_SYS(sys_fstatfs	, 2)	/* 4100 */
2148 	MIPS_SYS(sys_ni_syscall	, 0)	/* was ioperm(2) */
2149 	MIPS_SYS(sys_socketcall	, 2)
2150 	MIPS_SYS(sys_syslog	, 3)
2151 	MIPS_SYS(sys_setitimer	, 3)
2152 	MIPS_SYS(sys_getitimer	, 2)	/* 4105 */
2153 	MIPS_SYS(sys_newstat	, 2)
2154 	MIPS_SYS(sys_newlstat	, 2)
2155 	MIPS_SYS(sys_newfstat	, 2)
2156 	MIPS_SYS(sys_uname	, 1)
2157 	MIPS_SYS(sys_ni_syscall	, 0)	/* 4110 was iopl(2) */
2158 	MIPS_SYS(sys_vhangup	, 0)
2159 	MIPS_SYS(sys_ni_syscall	, 0)	/* was sys_idle() */
2160 	MIPS_SYS(sys_ni_syscall	, 0)	/* was sys_vm86 */
2161 	MIPS_SYS(sys_wait4	, 4)
2162 	MIPS_SYS(sys_swapoff	, 1)	/* 4115 */
2163 	MIPS_SYS(sys_sysinfo	, 1)
2164 	MIPS_SYS(sys_ipc		, 6)
2165 	MIPS_SYS(sys_fsync	, 1)
2166 	MIPS_SYS(sys_sigreturn	, 0)
2167 	MIPS_SYS(sys_clone	, 6)	/* 4120 */
2168 	MIPS_SYS(sys_setdomainname, 2)
2169 	MIPS_SYS(sys_newuname	, 1)
2170 	MIPS_SYS(sys_ni_syscall	, 0)	/* sys_modify_ldt */
2171 	MIPS_SYS(sys_adjtimex	, 1)
2172 	MIPS_SYS(sys_mprotect	, 3)	/* 4125 */
2173 	MIPS_SYS(sys_sigprocmask	, 3)
2174 	MIPS_SYS(sys_ni_syscall	, 0)	/* was create_module */
2175 	MIPS_SYS(sys_init_module	, 5)
2176 	MIPS_SYS(sys_delete_module, 1)
2177 	MIPS_SYS(sys_ni_syscall	, 0)	/* 4130	was get_kernel_syms */
2178 	MIPS_SYS(sys_quotactl	, 0)
2179 	MIPS_SYS(sys_getpgid	, 1)
2180 	MIPS_SYS(sys_fchdir	, 1)
2181 	MIPS_SYS(sys_bdflush	, 2)
2182 	MIPS_SYS(sys_sysfs	, 3)	/* 4135 */
2183 	MIPS_SYS(sys_personality	, 1)
2184 	MIPS_SYS(sys_ni_syscall	, 0)	/* for afs_syscall */
2185 	MIPS_SYS(sys_setfsuid	, 1)
2186 	MIPS_SYS(sys_setfsgid	, 1)
2187 	MIPS_SYS(sys_llseek	, 5)	/* 4140 */
2188 	MIPS_SYS(sys_getdents	, 3)
2189 	MIPS_SYS(sys_select	, 5)
2190 	MIPS_SYS(sys_flock	, 2)
2191 	MIPS_SYS(sys_msync	, 3)
2192 	MIPS_SYS(sys_readv	, 3)	/* 4145 */
2193 	MIPS_SYS(sys_writev	, 3)
2194 	MIPS_SYS(sys_cacheflush	, 3)
2195 	MIPS_SYS(sys_cachectl	, 3)
2196 	MIPS_SYS(sys_sysmips	, 4)
2197 	MIPS_SYS(sys_ni_syscall	, 0)	/* 4150 */
2198 	MIPS_SYS(sys_getsid	, 1)
2199 	MIPS_SYS(sys_fdatasync	, 0)
2200 	MIPS_SYS(sys_sysctl	, 1)
2201 	MIPS_SYS(sys_mlock	, 2)
2202 	MIPS_SYS(sys_munlock	, 2)	/* 4155 */
2203 	MIPS_SYS(sys_mlockall	, 1)
2204 	MIPS_SYS(sys_munlockall	, 0)
2205 	MIPS_SYS(sys_sched_setparam, 2)
2206 	MIPS_SYS(sys_sched_getparam, 2)
2207 	MIPS_SYS(sys_sched_setscheduler, 3)	/* 4160 */
2208 	MIPS_SYS(sys_sched_getscheduler, 1)
2209 	MIPS_SYS(sys_sched_yield	, 0)
2210 	MIPS_SYS(sys_sched_get_priority_max, 1)
2211 	MIPS_SYS(sys_sched_get_priority_min, 1)
2212 	MIPS_SYS(sys_sched_rr_get_interval, 2)	/* 4165 */
2213 	MIPS_SYS(sys_nanosleep,	2)
2214 	MIPS_SYS(sys_mremap	, 5)
2215 	MIPS_SYS(sys_accept	, 3)
2216 	MIPS_SYS(sys_bind	, 3)
2217 	MIPS_SYS(sys_connect	, 3)	/* 4170 */
2218 	MIPS_SYS(sys_getpeername	, 3)
2219 	MIPS_SYS(sys_getsockname	, 3)
2220 	MIPS_SYS(sys_getsockopt	, 5)
2221 	MIPS_SYS(sys_listen	, 2)
2222 	MIPS_SYS(sys_recv	, 4)	/* 4175 */
2223 	MIPS_SYS(sys_recvfrom	, 6)
2224 	MIPS_SYS(sys_recvmsg	, 3)
2225 	MIPS_SYS(sys_send	, 4)
2226 	MIPS_SYS(sys_sendmsg	, 3)
2227 	MIPS_SYS(sys_sendto	, 6)	/* 4180 */
2228 	MIPS_SYS(sys_setsockopt	, 5)
2229 	MIPS_SYS(sys_shutdown	, 2)
2230 	MIPS_SYS(sys_socket	, 3)
2231 	MIPS_SYS(sys_socketpair	, 4)
2232 	MIPS_SYS(sys_setresuid	, 3)	/* 4185 */
2233 	MIPS_SYS(sys_getresuid	, 3)
2234 	MIPS_SYS(sys_ni_syscall	, 0)	/* was sys_query_module */
2235 	MIPS_SYS(sys_poll	, 3)
2236 	MIPS_SYS(sys_nfsservctl	, 3)
2237 	MIPS_SYS(sys_setresgid	, 3)	/* 4190 */
2238 	MIPS_SYS(sys_getresgid	, 3)
2239 	MIPS_SYS(sys_prctl	, 5)
2240 	MIPS_SYS(sys_rt_sigreturn, 0)
2241 	MIPS_SYS(sys_rt_sigaction, 4)
2242 	MIPS_SYS(sys_rt_sigprocmask, 4)	/* 4195 */
2243 	MIPS_SYS(sys_rt_sigpending, 2)
2244 	MIPS_SYS(sys_rt_sigtimedwait, 4)
2245 	MIPS_SYS(sys_rt_sigqueueinfo, 3)
2246 	MIPS_SYS(sys_rt_sigsuspend, 0)
2247 	MIPS_SYS(sys_pread64	, 6)	/* 4200 */
2248 	MIPS_SYS(sys_pwrite64	, 6)
2249 	MIPS_SYS(sys_chown	, 3)
2250 	MIPS_SYS(sys_getcwd	, 2)
2251 	MIPS_SYS(sys_capget	, 2)
2252 	MIPS_SYS(sys_capset	, 2)	/* 4205 */
2253 	MIPS_SYS(sys_sigaltstack	, 2)
2254 	MIPS_SYS(sys_sendfile	, 4)
2255 	MIPS_SYS(sys_ni_syscall	, 0)
2256 	MIPS_SYS(sys_ni_syscall	, 0)
2257 	MIPS_SYS(sys_mmap2	, 6)	/* 4210 */
2258 	MIPS_SYS(sys_truncate64	, 4)
2259 	MIPS_SYS(sys_ftruncate64	, 4)
2260 	MIPS_SYS(sys_stat64	, 2)
2261 	MIPS_SYS(sys_lstat64	, 2)
2262 	MIPS_SYS(sys_fstat64	, 2)	/* 4215 */
2263 	MIPS_SYS(sys_pivot_root	, 2)
2264 	MIPS_SYS(sys_mincore	, 3)
2265 	MIPS_SYS(sys_madvise	, 3)
2266 	MIPS_SYS(sys_getdents64	, 3)
2267 	MIPS_SYS(sys_fcntl64	, 3)	/* 4220 */
2268 	MIPS_SYS(sys_ni_syscall	, 0)
2269 	MIPS_SYS(sys_gettid	, 0)
2270 	MIPS_SYS(sys_readahead	, 5)
2271 	MIPS_SYS(sys_setxattr	, 5)
2272 	MIPS_SYS(sys_lsetxattr	, 5)	/* 4225 */
2273 	MIPS_SYS(sys_fsetxattr	, 5)
2274 	MIPS_SYS(sys_getxattr	, 4)
2275 	MIPS_SYS(sys_lgetxattr	, 4)
2276 	MIPS_SYS(sys_fgetxattr	, 4)
2277 	MIPS_SYS(sys_listxattr	, 3)	/* 4230 */
2278 	MIPS_SYS(sys_llistxattr	, 3)
2279 	MIPS_SYS(sys_flistxattr	, 3)
2280 	MIPS_SYS(sys_removexattr	, 2)
2281 	MIPS_SYS(sys_lremovexattr, 2)
2282 	MIPS_SYS(sys_fremovexattr, 2)	/* 4235 */
2283 	MIPS_SYS(sys_tkill	, 2)
2284 	MIPS_SYS(sys_sendfile64	, 5)
2285 	MIPS_SYS(sys_futex	, 6)
2286 	MIPS_SYS(sys_sched_setaffinity, 3)
2287 	MIPS_SYS(sys_sched_getaffinity, 3)	/* 4240 */
2288 	MIPS_SYS(sys_io_setup	, 2)
2289 	MIPS_SYS(sys_io_destroy	, 1)
2290 	MIPS_SYS(sys_io_getevents, 5)
2291 	MIPS_SYS(sys_io_submit	, 3)
2292 	MIPS_SYS(sys_io_cancel	, 3)	/* 4245 */
2293 	MIPS_SYS(sys_exit_group	, 1)
2294 	MIPS_SYS(sys_lookup_dcookie, 3)
2295 	MIPS_SYS(sys_epoll_create, 1)
2296 	MIPS_SYS(sys_epoll_ctl	, 4)
2297 	MIPS_SYS(sys_epoll_wait	, 3)	/* 4250 */
2298 	MIPS_SYS(sys_remap_file_pages, 5)
2299 	MIPS_SYS(sys_set_tid_address, 1)
2300 	MIPS_SYS(sys_restart_syscall, 0)
2301 	MIPS_SYS(sys_fadvise64_64, 7)
2302 	MIPS_SYS(sys_statfs64	, 3)	/* 4255 */
2303 	MIPS_SYS(sys_fstatfs64	, 2)
2304 	MIPS_SYS(sys_timer_create, 3)
2305 	MIPS_SYS(sys_timer_settime, 4)
2306 	MIPS_SYS(sys_timer_gettime, 2)
2307 	MIPS_SYS(sys_timer_getoverrun, 1)	/* 4260 */
2308 	MIPS_SYS(sys_timer_delete, 1)
2309 	MIPS_SYS(sys_clock_settime, 2)
2310 	MIPS_SYS(sys_clock_gettime, 2)
2311 	MIPS_SYS(sys_clock_getres, 2)
2312 	MIPS_SYS(sys_clock_nanosleep, 4)	/* 4265 */
2313 	MIPS_SYS(sys_tgkill	, 3)
2314 	MIPS_SYS(sys_utimes	, 2)
2315 	MIPS_SYS(sys_mbind	, 4)
2316 	MIPS_SYS(sys_ni_syscall	, 0)	/* sys_get_mempolicy */
2317 	MIPS_SYS(sys_ni_syscall	, 0)	/* 4270 sys_set_mempolicy */
2318 	MIPS_SYS(sys_mq_open	, 4)
2319 	MIPS_SYS(sys_mq_unlink	, 1)
2320 	MIPS_SYS(sys_mq_timedsend, 5)
2321 	MIPS_SYS(sys_mq_timedreceive, 5)
2322 	MIPS_SYS(sys_mq_notify	, 2)	/* 4275 */
2323 	MIPS_SYS(sys_mq_getsetattr, 3)
2324 	MIPS_SYS(sys_ni_syscall	, 0)	/* sys_vserver */
2325 	MIPS_SYS(sys_waitid	, 4)
2326 	MIPS_SYS(sys_ni_syscall	, 0)	/* available, was setaltroot */
2327 	MIPS_SYS(sys_add_key	, 5)
2328 	MIPS_SYS(sys_request_key, 4)
2329 	MIPS_SYS(sys_keyctl	, 5)
2330 	MIPS_SYS(sys_set_thread_area, 1)
2331 	MIPS_SYS(sys_inotify_init, 0)
2332 	MIPS_SYS(sys_inotify_add_watch, 3) /* 4285 */
2333 	MIPS_SYS(sys_inotify_rm_watch, 2)
2334 	MIPS_SYS(sys_migrate_pages, 4)
2335 	MIPS_SYS(sys_openat, 4)
2336 	MIPS_SYS(sys_mkdirat, 3)
2337 	MIPS_SYS(sys_mknodat, 4)	/* 4290 */
2338 	MIPS_SYS(sys_fchownat, 5)
2339 	MIPS_SYS(sys_futimesat, 3)
2340 	MIPS_SYS(sys_fstatat64, 4)
2341 	MIPS_SYS(sys_unlinkat, 3)
2342 	MIPS_SYS(sys_renameat, 4)	/* 4295 */
2343 	MIPS_SYS(sys_linkat, 5)
2344 	MIPS_SYS(sys_symlinkat, 3)
2345 	MIPS_SYS(sys_readlinkat, 4)
2346 	MIPS_SYS(sys_fchmodat, 3)
2347 	MIPS_SYS(sys_faccessat, 3)	/* 4300 */
2348 	MIPS_SYS(sys_pselect6, 6)
2349 	MIPS_SYS(sys_ppoll, 5)
2350 	MIPS_SYS(sys_unshare, 1)
2351 	MIPS_SYS(sys_splice, 6)
2352 	MIPS_SYS(sys_sync_file_range, 7) /* 4305 */
2353 	MIPS_SYS(sys_tee, 4)
2354 	MIPS_SYS(sys_vmsplice, 4)
2355 	MIPS_SYS(sys_move_pages, 6)
2356 	MIPS_SYS(sys_set_robust_list, 2)
2357 	MIPS_SYS(sys_get_robust_list, 3) /* 4310 */
2358 	MIPS_SYS(sys_kexec_load, 4)
2359 	MIPS_SYS(sys_getcpu, 3)
2360 	MIPS_SYS(sys_epoll_pwait, 6)
2361 	MIPS_SYS(sys_ioprio_set, 3)
2362 	MIPS_SYS(sys_ioprio_get, 2)
2363         MIPS_SYS(sys_utimensat, 4)
2364         MIPS_SYS(sys_signalfd, 3)
2365         MIPS_SYS(sys_ni_syscall, 0)     /* was timerfd */
2366         MIPS_SYS(sys_eventfd, 1)
2367         MIPS_SYS(sys_fallocate, 6)      /* 4320 */
2368         MIPS_SYS(sys_timerfd_create, 2)
2369         MIPS_SYS(sys_timerfd_gettime, 2)
2370         MIPS_SYS(sys_timerfd_settime, 4)
2371         MIPS_SYS(sys_signalfd4, 4)
2372         MIPS_SYS(sys_eventfd2, 2)       /* 4325 */
2373         MIPS_SYS(sys_epoll_create1, 1)
2374         MIPS_SYS(sys_dup3, 3)
2375         MIPS_SYS(sys_pipe2, 2)
2376         MIPS_SYS(sys_inotify_init1, 1)
2377         MIPS_SYS(sys_preadv, 6)         /* 4330 */
2378         MIPS_SYS(sys_pwritev, 6)
2379         MIPS_SYS(sys_rt_tgsigqueueinfo, 4)
2380         MIPS_SYS(sys_perf_event_open, 5)
2381         MIPS_SYS(sys_accept4, 4)
2382         MIPS_SYS(sys_recvmmsg, 5)       /* 4335 */
2383         MIPS_SYS(sys_fanotify_init, 2)
2384         MIPS_SYS(sys_fanotify_mark, 6)
2385         MIPS_SYS(sys_prlimit64, 4)
2386         MIPS_SYS(sys_name_to_handle_at, 5)
2387         MIPS_SYS(sys_open_by_handle_at, 3) /* 4340 */
2388         MIPS_SYS(sys_clock_adjtime, 2)
2389         MIPS_SYS(sys_syncfs, 1)
2390 };
2391 #  undef MIPS_SYS
2392 # endif /* O32 */
2393 
2394 static int do_store_exclusive(CPUMIPSState *env)
2395 {
2396     target_ulong addr;
2397     target_ulong page_addr;
2398     target_ulong val;
2399     int flags;
2400     int segv = 0;
2401     int reg;
2402     int d;
2403 
2404     addr = env->lladdr;
2405     page_addr = addr & TARGET_PAGE_MASK;
2406     start_exclusive();
2407     mmap_lock();
2408     flags = page_get_flags(page_addr);
2409     if ((flags & PAGE_READ) == 0) {
2410         segv = 1;
2411     } else {
2412         reg = env->llreg & 0x1f;
2413         d = (env->llreg & 0x20) != 0;
2414         if (d) {
2415             segv = get_user_s64(val, addr);
2416         } else {
2417             segv = get_user_s32(val, addr);
2418         }
2419         if (!segv) {
2420             if (val != env->llval) {
2421                 env->active_tc.gpr[reg] = 0;
2422             } else {
2423                 if (d) {
2424                     segv = put_user_u64(env->llnewval, addr);
2425                 } else {
2426                     segv = put_user_u32(env->llnewval, addr);
2427                 }
2428                 if (!segv) {
2429                     env->active_tc.gpr[reg] = 1;
2430                 }
2431             }
2432         }
2433     }
2434     env->lladdr = -1;
2435     if (!segv) {
2436         env->active_tc.PC += 4;
2437     }
2438     mmap_unlock();
2439     end_exclusive();
2440     return segv;
2441 }
2442 
2443 /* Break codes */
2444 enum {
2445     BRK_OVERFLOW = 6,
2446     BRK_DIVZERO = 7
2447 };
2448 
2449 static int do_break(CPUMIPSState *env, target_siginfo_t *info,
2450                     unsigned int code)
2451 {
2452     int ret = -1;
2453 
2454     switch (code) {
2455     case BRK_OVERFLOW:
2456     case BRK_DIVZERO:
2457         info->si_signo = TARGET_SIGFPE;
2458         info->si_errno = 0;
2459         info->si_code = (code == BRK_OVERFLOW) ? FPE_INTOVF : FPE_INTDIV;
2460         queue_signal(env, info->si_signo, &*info);
2461         ret = 0;
2462         break;
2463     default:
2464         info->si_signo = TARGET_SIGTRAP;
2465         info->si_errno = 0;
2466         queue_signal(env, info->si_signo, &*info);
2467         ret = 0;
2468         break;
2469     }
2470 
2471     return ret;
2472 }
2473 
2474 void cpu_loop(CPUMIPSState *env)
2475 {
2476     CPUState *cs = CPU(mips_env_get_cpu(env));
2477     target_siginfo_t info;
2478     int trapnr;
2479     abi_long ret;
2480 # ifdef TARGET_ABI_MIPSO32
2481     unsigned int syscall_num;
2482 # endif
2483 
2484     for(;;) {
2485         cpu_exec_start(cs);
2486         trapnr = cpu_mips_exec(cs);
2487         cpu_exec_end(cs);
2488         switch(trapnr) {
2489         case EXCP_SYSCALL:
2490             env->active_tc.PC += 4;
2491 # ifdef TARGET_ABI_MIPSO32
2492             syscall_num = env->active_tc.gpr[2] - 4000;
2493             if (syscall_num >= sizeof(mips_syscall_args)) {
2494                 ret = -TARGET_ENOSYS;
2495             } else {
2496                 int nb_args;
2497                 abi_ulong sp_reg;
2498                 abi_ulong arg5 = 0, arg6 = 0, arg7 = 0, arg8 = 0;
2499 
2500                 nb_args = mips_syscall_args[syscall_num];
2501                 sp_reg = env->active_tc.gpr[29];
2502                 switch (nb_args) {
2503                 /* these arguments are taken from the stack */
2504                 case 8:
2505                     if ((ret = get_user_ual(arg8, sp_reg + 28)) != 0) {
2506                         goto done_syscall;
2507                     }
2508                 case 7:
2509                     if ((ret = get_user_ual(arg7, sp_reg + 24)) != 0) {
2510                         goto done_syscall;
2511                     }
2512                 case 6:
2513                     if ((ret = get_user_ual(arg6, sp_reg + 20)) != 0) {
2514                         goto done_syscall;
2515                     }
2516                 case 5:
2517                     if ((ret = get_user_ual(arg5, sp_reg + 16)) != 0) {
2518                         goto done_syscall;
2519                     }
2520                 default:
2521                     break;
2522                 }
2523                 ret = do_syscall(env, env->active_tc.gpr[2],
2524                                  env->active_tc.gpr[4],
2525                                  env->active_tc.gpr[5],
2526                                  env->active_tc.gpr[6],
2527                                  env->active_tc.gpr[7],
2528                                  arg5, arg6, arg7, arg8);
2529             }
2530 done_syscall:
2531 # else
2532             ret = do_syscall(env, env->active_tc.gpr[2],
2533                              env->active_tc.gpr[4], env->active_tc.gpr[5],
2534                              env->active_tc.gpr[6], env->active_tc.gpr[7],
2535                              env->active_tc.gpr[8], env->active_tc.gpr[9],
2536                              env->active_tc.gpr[10], env->active_tc.gpr[11]);
2537 # endif /* O32 */
2538             if (ret == -TARGET_ERESTARTSYS) {
2539                 env->active_tc.PC -= 4;
2540                 break;
2541             }
2542             if (ret == -TARGET_QEMU_ESIGRETURN) {
2543                 /* Returning from a successful sigreturn syscall.
2544                    Avoid clobbering register state.  */
2545                 break;
2546             }
2547             if ((abi_ulong)ret >= (abi_ulong)-1133) {
2548                 env->active_tc.gpr[7] = 1; /* error flag */
2549                 ret = -ret;
2550             } else {
2551                 env->active_tc.gpr[7] = 0; /* error flag */
2552             }
2553             env->active_tc.gpr[2] = ret;
2554             break;
2555         case EXCP_TLBL:
2556         case EXCP_TLBS:
2557         case EXCP_AdEL:
2558         case EXCP_AdES:
2559             info.si_signo = TARGET_SIGSEGV;
2560             info.si_errno = 0;
2561             /* XXX: check env->error_code */
2562             info.si_code = TARGET_SEGV_MAPERR;
2563             info._sifields._sigfault._addr = env->CP0_BadVAddr;
2564             queue_signal(env, info.si_signo, &info);
2565             break;
2566         case EXCP_CpU:
2567         case EXCP_RI:
2568             info.si_signo = TARGET_SIGILL;
2569             info.si_errno = 0;
2570             info.si_code = 0;
2571             queue_signal(env, info.si_signo, &info);
2572             break;
2573         case EXCP_INTERRUPT:
2574             /* just indicate that signals should be handled asap */
2575             break;
2576         case EXCP_DEBUG:
2577             {
2578                 int sig;
2579 
2580                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
2581                 if (sig)
2582                   {
2583                     info.si_signo = sig;
2584                     info.si_errno = 0;
2585                     info.si_code = TARGET_TRAP_BRKPT;
2586                     queue_signal(env, info.si_signo, &info);
2587                   }
2588             }
2589             break;
2590         case EXCP_SC:
2591             if (do_store_exclusive(env)) {
2592                 info.si_signo = TARGET_SIGSEGV;
2593                 info.si_errno = 0;
2594                 info.si_code = TARGET_SEGV_MAPERR;
2595                 info._sifields._sigfault._addr = env->active_tc.PC;
2596                 queue_signal(env, info.si_signo, &info);
2597             }
2598             break;
2599         case EXCP_DSPDIS:
2600             info.si_signo = TARGET_SIGILL;
2601             info.si_errno = 0;
2602             info.si_code = TARGET_ILL_ILLOPC;
2603             queue_signal(env, info.si_signo, &info);
2604             break;
2605         /* The code below was inspired by the MIPS Linux kernel trap
2606          * handling code in arch/mips/kernel/traps.c.
2607          */
2608         case EXCP_BREAK:
2609             {
2610                 abi_ulong trap_instr;
2611                 unsigned int code;
2612 
2613                 if (env->hflags & MIPS_HFLAG_M16) {
2614                     if (env->insn_flags & ASE_MICROMIPS) {
2615                         /* microMIPS mode */
2616                         ret = get_user_u16(trap_instr, env->active_tc.PC);
2617                         if (ret != 0) {
2618                             goto error;
2619                         }
2620 
2621                         if ((trap_instr >> 10) == 0x11) {
2622                             /* 16-bit instruction */
2623                             code = trap_instr & 0xf;
2624                         } else {
2625                             /* 32-bit instruction */
2626                             abi_ulong instr_lo;
2627 
2628                             ret = get_user_u16(instr_lo,
2629                                                env->active_tc.PC + 2);
2630                             if (ret != 0) {
2631                                 goto error;
2632                             }
2633                             trap_instr = (trap_instr << 16) | instr_lo;
2634                             code = ((trap_instr >> 6) & ((1 << 20) - 1));
2635                             /* Unfortunately, microMIPS also suffers from
2636                                the old assembler bug...  */
2637                             if (code >= (1 << 10)) {
2638                                 code >>= 10;
2639                             }
2640                         }
2641                     } else {
2642                         /* MIPS16e mode */
2643                         ret = get_user_u16(trap_instr, env->active_tc.PC);
2644                         if (ret != 0) {
2645                             goto error;
2646                         }
2647                         code = (trap_instr >> 6) & 0x3f;
2648                     }
2649                 } else {
2650                     ret = get_user_u32(trap_instr, env->active_tc.PC);
2651                     if (ret != 0) {
2652                         goto error;
2653                     }
2654 
2655                     /* As described in the original Linux kernel code, the
2656                      * below checks on 'code' are to work around an old
2657                      * assembly bug.
2658                      */
2659                     code = ((trap_instr >> 6) & ((1 << 20) - 1));
2660                     if (code >= (1 << 10)) {
2661                         code >>= 10;
2662                     }
2663                 }
2664 
2665                 if (do_break(env, &info, code) != 0) {
2666                     goto error;
2667                 }
2668             }
2669             break;
2670         case EXCP_TRAP:
2671             {
2672                 abi_ulong trap_instr;
2673                 unsigned int code = 0;
2674 
2675                 if (env->hflags & MIPS_HFLAG_M16) {
2676                     /* microMIPS mode */
2677                     abi_ulong instr[2];
2678 
2679                     ret = get_user_u16(instr[0], env->active_tc.PC) ||
2680                           get_user_u16(instr[1], env->active_tc.PC + 2);
2681 
2682                     trap_instr = (instr[0] << 16) | instr[1];
2683                 } else {
2684                     ret = get_user_u32(trap_instr, env->active_tc.PC);
2685                 }
2686 
2687                 if (ret != 0) {
2688                     goto error;
2689                 }
2690 
2691                 /* The immediate versions don't provide a code.  */
2692                 if (!(trap_instr & 0xFC000000)) {
2693                     if (env->hflags & MIPS_HFLAG_M16) {
2694                         /* microMIPS mode */
2695                         code = ((trap_instr >> 12) & ((1 << 4) - 1));
2696                     } else {
2697                         code = ((trap_instr >> 6) & ((1 << 10) - 1));
2698                     }
2699                 }
2700 
2701                 if (do_break(env, &info, code) != 0) {
2702                     goto error;
2703                 }
2704             }
2705             break;
2706         default:
2707 error:
2708             EXCP_DUMP(env, "qemu: unhandled CPU exception 0x%x - aborting\n", trapnr);
2709             abort();
2710         }
2711         process_pending_signals(env);
2712     }
2713 }
2714 #endif
2715 
2716 #ifdef TARGET_OPENRISC
2717 
2718 void cpu_loop(CPUOpenRISCState *env)
2719 {
2720     CPUState *cs = CPU(openrisc_env_get_cpu(env));
2721     int trapnr, gdbsig;
2722 
2723     for (;;) {
2724         cpu_exec_start(cs);
2725         trapnr = cpu_openrisc_exec(cs);
2726         cpu_exec_end(cs);
2727         gdbsig = 0;
2728 
2729         switch (trapnr) {
2730         case EXCP_RESET:
2731             qemu_log_mask(CPU_LOG_INT, "\nReset request, exit, pc is %#x\n", env->pc);
2732             exit(EXIT_FAILURE);
2733             break;
2734         case EXCP_BUSERR:
2735             qemu_log_mask(CPU_LOG_INT, "\nBus error, exit, pc is %#x\n", env->pc);
2736             gdbsig = TARGET_SIGBUS;
2737             break;
2738         case EXCP_DPF:
2739         case EXCP_IPF:
2740             cpu_dump_state(cs, stderr, fprintf, 0);
2741             gdbsig = TARGET_SIGSEGV;
2742             break;
2743         case EXCP_TICK:
2744             qemu_log_mask(CPU_LOG_INT, "\nTick time interrupt pc is %#x\n", env->pc);
2745             break;
2746         case EXCP_ALIGN:
2747             qemu_log_mask(CPU_LOG_INT, "\nAlignment pc is %#x\n", env->pc);
2748             gdbsig = TARGET_SIGBUS;
2749             break;
2750         case EXCP_ILLEGAL:
2751             qemu_log_mask(CPU_LOG_INT, "\nIllegal instructionpc is %#x\n", env->pc);
2752             gdbsig = TARGET_SIGILL;
2753             break;
2754         case EXCP_INT:
2755             qemu_log_mask(CPU_LOG_INT, "\nExternal interruptpc is %#x\n", env->pc);
2756             break;
2757         case EXCP_DTLBMISS:
2758         case EXCP_ITLBMISS:
2759             qemu_log_mask(CPU_LOG_INT, "\nTLB miss\n");
2760             break;
2761         case EXCP_RANGE:
2762             qemu_log_mask(CPU_LOG_INT, "\nRange\n");
2763             gdbsig = TARGET_SIGSEGV;
2764             break;
2765         case EXCP_SYSCALL:
2766             env->pc += 4;   /* 0xc00; */
2767             env->gpr[11] = do_syscall(env,
2768                                       env->gpr[11], /* return value       */
2769                                       env->gpr[3],  /* r3 - r7 are params */
2770                                       env->gpr[4],
2771                                       env->gpr[5],
2772                                       env->gpr[6],
2773                                       env->gpr[7],
2774                                       env->gpr[8], 0, 0);
2775             break;
2776         case EXCP_FPE:
2777             qemu_log_mask(CPU_LOG_INT, "\nFloating point error\n");
2778             break;
2779         case EXCP_TRAP:
2780             qemu_log_mask(CPU_LOG_INT, "\nTrap\n");
2781             gdbsig = TARGET_SIGTRAP;
2782             break;
2783         case EXCP_NR:
2784             qemu_log_mask(CPU_LOG_INT, "\nNR\n");
2785             break;
2786         default:
2787             EXCP_DUMP(env, "\nqemu: unhandled CPU exception %#x - aborting\n",
2788                      trapnr);
2789             gdbsig = TARGET_SIGILL;
2790             break;
2791         }
2792         if (gdbsig) {
2793             gdb_handlesig(cs, gdbsig);
2794             if (gdbsig != TARGET_SIGTRAP) {
2795                 exit(EXIT_FAILURE);
2796             }
2797         }
2798 
2799         process_pending_signals(env);
2800     }
2801 }
2802 
2803 #endif /* TARGET_OPENRISC */
2804 
2805 #ifdef TARGET_SH4
2806 void cpu_loop(CPUSH4State *env)
2807 {
2808     CPUState *cs = CPU(sh_env_get_cpu(env));
2809     int trapnr, ret;
2810     target_siginfo_t info;
2811 
2812     while (1) {
2813         cpu_exec_start(cs);
2814         trapnr = cpu_sh4_exec(cs);
2815         cpu_exec_end(cs);
2816 
2817         switch (trapnr) {
2818         case 0x160:
2819             env->pc += 2;
2820             ret = do_syscall(env,
2821                              env->gregs[3],
2822                              env->gregs[4],
2823                              env->gregs[5],
2824                              env->gregs[6],
2825                              env->gregs[7],
2826                              env->gregs[0],
2827                              env->gregs[1],
2828                              0, 0);
2829             env->gregs[0] = ret;
2830             break;
2831         case EXCP_INTERRUPT:
2832             /* just indicate that signals should be handled asap */
2833             break;
2834         case EXCP_DEBUG:
2835             {
2836                 int sig;
2837 
2838                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
2839                 if (sig)
2840                   {
2841                     info.si_signo = sig;
2842                     info.si_errno = 0;
2843                     info.si_code = TARGET_TRAP_BRKPT;
2844                     queue_signal(env, info.si_signo, &info);
2845                   }
2846             }
2847             break;
2848 	case 0xa0:
2849 	case 0xc0:
2850             info.si_signo = TARGET_SIGSEGV;
2851             info.si_errno = 0;
2852             info.si_code = TARGET_SEGV_MAPERR;
2853             info._sifields._sigfault._addr = env->tea;
2854             queue_signal(env, info.si_signo, &info);
2855 	    break;
2856 
2857         default:
2858             printf ("Unhandled trap: 0x%x\n", trapnr);
2859             cpu_dump_state(cs, stderr, fprintf, 0);
2860             exit(EXIT_FAILURE);
2861         }
2862         process_pending_signals (env);
2863     }
2864 }
2865 #endif
2866 
2867 #ifdef TARGET_CRIS
2868 void cpu_loop(CPUCRISState *env)
2869 {
2870     CPUState *cs = CPU(cris_env_get_cpu(env));
2871     int trapnr, ret;
2872     target_siginfo_t info;
2873 
2874     while (1) {
2875         cpu_exec_start(cs);
2876         trapnr = cpu_cris_exec(cs);
2877         cpu_exec_end(cs);
2878         switch (trapnr) {
2879         case 0xaa:
2880             {
2881                 info.si_signo = TARGET_SIGSEGV;
2882                 info.si_errno = 0;
2883                 /* XXX: check env->error_code */
2884                 info.si_code = TARGET_SEGV_MAPERR;
2885                 info._sifields._sigfault._addr = env->pregs[PR_EDA];
2886                 queue_signal(env, info.si_signo, &info);
2887             }
2888             break;
2889 	case EXCP_INTERRUPT:
2890 	  /* just indicate that signals should be handled asap */
2891 	  break;
2892         case EXCP_BREAK:
2893             ret = do_syscall(env,
2894                              env->regs[9],
2895                              env->regs[10],
2896                              env->regs[11],
2897                              env->regs[12],
2898                              env->regs[13],
2899                              env->pregs[7],
2900                              env->pregs[11],
2901                              0, 0);
2902             env->regs[10] = ret;
2903             break;
2904         case EXCP_DEBUG:
2905             {
2906                 int sig;
2907 
2908                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
2909                 if (sig)
2910                   {
2911                     info.si_signo = sig;
2912                     info.si_errno = 0;
2913                     info.si_code = TARGET_TRAP_BRKPT;
2914                     queue_signal(env, info.si_signo, &info);
2915                   }
2916             }
2917             break;
2918         default:
2919             printf ("Unhandled trap: 0x%x\n", trapnr);
2920             cpu_dump_state(cs, stderr, fprintf, 0);
2921             exit(EXIT_FAILURE);
2922         }
2923         process_pending_signals (env);
2924     }
2925 }
2926 #endif
2927 
2928 #ifdef TARGET_MICROBLAZE
2929 void cpu_loop(CPUMBState *env)
2930 {
2931     CPUState *cs = CPU(mb_env_get_cpu(env));
2932     int trapnr, ret;
2933     target_siginfo_t info;
2934 
2935     while (1) {
2936         cpu_exec_start(cs);
2937         trapnr = cpu_mb_exec(cs);
2938         cpu_exec_end(cs);
2939         switch (trapnr) {
2940         case 0xaa:
2941             {
2942                 info.si_signo = TARGET_SIGSEGV;
2943                 info.si_errno = 0;
2944                 /* XXX: check env->error_code */
2945                 info.si_code = TARGET_SEGV_MAPERR;
2946                 info._sifields._sigfault._addr = 0;
2947                 queue_signal(env, info.si_signo, &info);
2948             }
2949             break;
2950 	case EXCP_INTERRUPT:
2951 	  /* just indicate that signals should be handled asap */
2952 	  break;
2953         case EXCP_BREAK:
2954             /* Return address is 4 bytes after the call.  */
2955             env->regs[14] += 4;
2956             env->sregs[SR_PC] = env->regs[14];
2957             ret = do_syscall(env,
2958                              env->regs[12],
2959                              env->regs[5],
2960                              env->regs[6],
2961                              env->regs[7],
2962                              env->regs[8],
2963                              env->regs[9],
2964                              env->regs[10],
2965                              0, 0);
2966             env->regs[3] = ret;
2967             break;
2968         case EXCP_HW_EXCP:
2969             env->regs[17] = env->sregs[SR_PC] + 4;
2970             if (env->iflags & D_FLAG) {
2971                 env->sregs[SR_ESR] |= 1 << 12;
2972                 env->sregs[SR_PC] -= 4;
2973                 /* FIXME: if branch was immed, replay the imm as well.  */
2974             }
2975 
2976             env->iflags &= ~(IMM_FLAG | D_FLAG);
2977 
2978             switch (env->sregs[SR_ESR] & 31) {
2979                 case ESR_EC_DIVZERO:
2980                     info.si_signo = TARGET_SIGFPE;
2981                     info.si_errno = 0;
2982                     info.si_code = TARGET_FPE_FLTDIV;
2983                     info._sifields._sigfault._addr = 0;
2984                     queue_signal(env, info.si_signo, &info);
2985                     break;
2986                 case ESR_EC_FPU:
2987                     info.si_signo = TARGET_SIGFPE;
2988                     info.si_errno = 0;
2989                     if (env->sregs[SR_FSR] & FSR_IO) {
2990                         info.si_code = TARGET_FPE_FLTINV;
2991                     }
2992                     if (env->sregs[SR_FSR] & FSR_DZ) {
2993                         info.si_code = TARGET_FPE_FLTDIV;
2994                     }
2995                     info._sifields._sigfault._addr = 0;
2996                     queue_signal(env, info.si_signo, &info);
2997                     break;
2998                 default:
2999                     printf ("Unhandled hw-exception: 0x%x\n",
3000                             env->sregs[SR_ESR] & ESR_EC_MASK);
3001                     cpu_dump_state(cs, stderr, fprintf, 0);
3002                     exit(EXIT_FAILURE);
3003                     break;
3004             }
3005             break;
3006         case EXCP_DEBUG:
3007             {
3008                 int sig;
3009 
3010                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
3011                 if (sig)
3012                   {
3013                     info.si_signo = sig;
3014                     info.si_errno = 0;
3015                     info.si_code = TARGET_TRAP_BRKPT;
3016                     queue_signal(env, info.si_signo, &info);
3017                   }
3018             }
3019             break;
3020         default:
3021             printf ("Unhandled trap: 0x%x\n", trapnr);
3022             cpu_dump_state(cs, stderr, fprintf, 0);
3023             exit(EXIT_FAILURE);
3024         }
3025         process_pending_signals (env);
3026     }
3027 }
3028 #endif
3029 
3030 #ifdef TARGET_M68K
3031 
3032 void cpu_loop(CPUM68KState *env)
3033 {
3034     CPUState *cs = CPU(m68k_env_get_cpu(env));
3035     int trapnr;
3036     unsigned int n;
3037     target_siginfo_t info;
3038     TaskState *ts = cs->opaque;
3039 
3040     for(;;) {
3041         cpu_exec_start(cs);
3042         trapnr = cpu_m68k_exec(cs);
3043         cpu_exec_end(cs);
3044         switch(trapnr) {
3045         case EXCP_ILLEGAL:
3046             {
3047                 if (ts->sim_syscalls) {
3048                     uint16_t nr;
3049                     get_user_u16(nr, env->pc + 2);
3050                     env->pc += 4;
3051                     do_m68k_simcall(env, nr);
3052                 } else {
3053                     goto do_sigill;
3054                 }
3055             }
3056             break;
3057         case EXCP_HALT_INSN:
3058             /* Semihosing syscall.  */
3059             env->pc += 4;
3060             do_m68k_semihosting(env, env->dregs[0]);
3061             break;
3062         case EXCP_LINEA:
3063         case EXCP_LINEF:
3064         case EXCP_UNSUPPORTED:
3065         do_sigill:
3066             info.si_signo = TARGET_SIGILL;
3067             info.si_errno = 0;
3068             info.si_code = TARGET_ILL_ILLOPN;
3069             info._sifields._sigfault._addr = env->pc;
3070             queue_signal(env, info.si_signo, &info);
3071             break;
3072         case EXCP_TRAP0:
3073             {
3074                 ts->sim_syscalls = 0;
3075                 n = env->dregs[0];
3076                 env->pc += 2;
3077                 env->dregs[0] = do_syscall(env,
3078                                           n,
3079                                           env->dregs[1],
3080                                           env->dregs[2],
3081                                           env->dregs[3],
3082                                           env->dregs[4],
3083                                           env->dregs[5],
3084                                           env->aregs[0],
3085                                           0, 0);
3086             }
3087             break;
3088         case EXCP_INTERRUPT:
3089             /* just indicate that signals should be handled asap */
3090             break;
3091         case EXCP_ACCESS:
3092             {
3093                 info.si_signo = TARGET_SIGSEGV;
3094                 info.si_errno = 0;
3095                 /* XXX: check env->error_code */
3096                 info.si_code = TARGET_SEGV_MAPERR;
3097                 info._sifields._sigfault._addr = env->mmu.ar;
3098                 queue_signal(env, info.si_signo, &info);
3099             }
3100             break;
3101         case EXCP_DEBUG:
3102             {
3103                 int sig;
3104 
3105                 sig = gdb_handlesig(cs, TARGET_SIGTRAP);
3106                 if (sig)
3107                   {
3108                     info.si_signo = sig;
3109                     info.si_errno = 0;
3110                     info.si_code = TARGET_TRAP_BRKPT;
3111                     queue_signal(env, info.si_signo, &info);
3112                   }
3113             }
3114             break;
3115         default:
3116             EXCP_DUMP(env, "qemu: unhandled CPU exception 0x%x - aborting\n", trapnr);
3117             abort();
3118         }
3119         process_pending_signals(env);
3120     }
3121 }
3122 #endif /* TARGET_M68K */
3123 
3124 #ifdef TARGET_ALPHA
3125 static void do_store_exclusive(CPUAlphaState *env, int reg, int quad)
3126 {
3127     target_ulong addr, val, tmp;
3128     target_siginfo_t info;
3129     int ret = 0;
3130 
3131     addr = env->lock_addr;
3132     tmp = env->lock_st_addr;
3133     env->lock_addr = -1;
3134     env->lock_st_addr = 0;
3135 
3136     start_exclusive();
3137     mmap_lock();
3138 
3139     if (addr == tmp) {
3140         if (quad ? get_user_s64(val, addr) : get_user_s32(val, addr)) {
3141             goto do_sigsegv;
3142         }
3143 
3144         if (val == env->lock_value) {
3145             tmp = env->ir[reg];
3146             if (quad ? put_user_u64(tmp, addr) : put_user_u32(tmp, addr)) {
3147                 goto do_sigsegv;
3148             }
3149             ret = 1;
3150         }
3151     }
3152     env->ir[reg] = ret;
3153     env->pc += 4;
3154 
3155     mmap_unlock();
3156     end_exclusive();
3157     return;
3158 
3159  do_sigsegv:
3160     mmap_unlock();
3161     end_exclusive();
3162 
3163     info.si_signo = TARGET_SIGSEGV;
3164     info.si_errno = 0;
3165     info.si_code = TARGET_SEGV_MAPERR;
3166     info._sifields._sigfault._addr = addr;
3167     queue_signal(env, TARGET_SIGSEGV, &info);
3168 }
3169 
3170 void cpu_loop(CPUAlphaState *env)
3171 {
3172     CPUState *cs = CPU(alpha_env_get_cpu(env));
3173     int trapnr;
3174     target_siginfo_t info;
3175     abi_long sysret;
3176 
3177     while (1) {
3178         cpu_exec_start(cs);
3179         trapnr = cpu_alpha_exec(cs);
3180         cpu_exec_end(cs);
3181 
3182         /* All of the traps imply a transition through PALcode, which
3183            implies an REI instruction has been executed.  Which means
3184            that the intr_flag should be cleared.  */
3185         env->intr_flag = 0;
3186 
3187         switch (trapnr) {
3188         case EXCP_RESET:
3189             fprintf(stderr, "Reset requested. Exit\n");
3190             exit(EXIT_FAILURE);
3191             break;
3192         case EXCP_MCHK:
3193             fprintf(stderr, "Machine check exception. Exit\n");
3194             exit(EXIT_FAILURE);
3195             break;
3196         case EXCP_SMP_INTERRUPT:
3197         case EXCP_CLK_INTERRUPT:
3198         case EXCP_DEV_INTERRUPT:
3199             fprintf(stderr, "External interrupt. Exit\n");
3200             exit(EXIT_FAILURE);
3201             break;
3202         case EXCP_MMFAULT:
3203             env->lock_addr = -1;
3204             info.si_signo = TARGET_SIGSEGV;
3205             info.si_errno = 0;
3206             info.si_code = (page_get_flags(env->trap_arg0) & PAGE_VALID
3207                             ? TARGET_SEGV_ACCERR : TARGET_SEGV_MAPERR);
3208             info._sifields._sigfault._addr = env->trap_arg0;
3209             queue_signal(env, info.si_signo, &info);
3210             break;
3211         case EXCP_UNALIGN:
3212             env->lock_addr = -1;
3213             info.si_signo = TARGET_SIGBUS;
3214             info.si_errno = 0;
3215             info.si_code = TARGET_BUS_ADRALN;
3216             info._sifields._sigfault._addr = env->trap_arg0;
3217             queue_signal(env, info.si_signo, &info);
3218             break;
3219         case EXCP_OPCDEC:
3220         do_sigill:
3221             env->lock_addr = -1;
3222             info.si_signo = TARGET_SIGILL;
3223             info.si_errno = 0;
3224             info.si_code = TARGET_ILL_ILLOPC;
3225             info._sifields._sigfault._addr = env->pc;
3226             queue_signal(env, info.si_signo, &info);
3227             break;
3228         case EXCP_ARITH:
3229             env->lock_addr = -1;
3230             info.si_signo = TARGET_SIGFPE;
3231             info.si_errno = 0;
3232             info.si_code = TARGET_FPE_FLTINV;
3233             info._sifields._sigfault._addr = env->pc;
3234             queue_signal(env, info.si_signo, &info);
3235             break;
3236         case EXCP_FEN:
3237             /* No-op.  Linux simply re-enables the FPU.  */
3238             break;
3239         case EXCP_CALL_PAL:
3240             env->lock_addr = -1;
3241             switch (env->error_code) {
3242             case 0x80:
3243                 /* BPT */
3244                 info.si_signo = TARGET_SIGTRAP;
3245                 info.si_errno = 0;
3246                 info.si_code = TARGET_TRAP_BRKPT;
3247                 info._sifields._sigfault._addr = env->pc;
3248                 queue_signal(env, info.si_signo, &info);
3249                 break;
3250             case 0x81:
3251                 /* BUGCHK */
3252                 info.si_signo = TARGET_SIGTRAP;
3253                 info.si_errno = 0;
3254                 info.si_code = 0;
3255                 info._sifields._sigfault._addr = env->pc;
3256                 queue_signal(env, info.si_signo, &info);
3257                 break;
3258             case 0x83:
3259                 /* CALLSYS */
3260                 trapnr = env->ir[IR_V0];
3261                 sysret = do_syscall(env, trapnr,
3262                                     env->ir[IR_A0], env->ir[IR_A1],
3263                                     env->ir[IR_A2], env->ir[IR_A3],
3264                                     env->ir[IR_A4], env->ir[IR_A5],
3265                                     0, 0);
3266                 if (trapnr == TARGET_NR_sigreturn
3267                     || trapnr == TARGET_NR_rt_sigreturn) {
3268                     break;
3269                 }
3270                 /* Syscall writes 0 to V0 to bypass error check, similar
3271                    to how this is handled internal to Linux kernel.
3272                    (Ab)use trapnr temporarily as boolean indicating error.  */
3273                 trapnr = (env->ir[IR_V0] != 0 && sysret < 0);
3274                 env->ir[IR_V0] = (trapnr ? -sysret : sysret);
3275                 env->ir[IR_A3] = trapnr;
3276                 break;
3277             case 0x86:
3278                 /* IMB */
3279                 /* ??? We can probably elide the code using page_unprotect
3280                    that is checking for self-modifying code.  Instead we
3281                    could simply call tb_flush here.  Until we work out the
3282                    changes required to turn off the extra write protection,
3283                    this can be a no-op.  */
3284                 break;
3285             case 0x9E:
3286                 /* RDUNIQUE */
3287                 /* Handled in the translator for usermode.  */
3288                 abort();
3289             case 0x9F:
3290                 /* WRUNIQUE */
3291                 /* Handled in the translator for usermode.  */
3292                 abort();
3293             case 0xAA:
3294                 /* GENTRAP */
3295                 info.si_signo = TARGET_SIGFPE;
3296                 switch (env->ir[IR_A0]) {
3297                 case TARGET_GEN_INTOVF:
3298                     info.si_code = TARGET_FPE_INTOVF;
3299                     break;
3300                 case TARGET_GEN_INTDIV:
3301                     info.si_code = TARGET_FPE_INTDIV;
3302                     break;
3303                 case TARGET_GEN_FLTOVF:
3304                     info.si_code = TARGET_FPE_FLTOVF;
3305                     break;
3306                 case TARGET_GEN_FLTUND:
3307                     info.si_code = TARGET_FPE_FLTUND;
3308                     break;
3309                 case TARGET_GEN_FLTINV:
3310                     info.si_code = TARGET_FPE_FLTINV;
3311                     break;
3312                 case TARGET_GEN_FLTINE:
3313                     info.si_code = TARGET_FPE_FLTRES;
3314                     break;
3315                 case TARGET_GEN_ROPRAND:
3316                     info.si_code = 0;
3317                     break;
3318                 default:
3319                     info.si_signo = TARGET_SIGTRAP;
3320                     info.si_code = 0;
3321                     break;
3322                 }
3323                 info.si_errno = 0;
3324                 info._sifields._sigfault._addr = env->pc;
3325                 queue_signal(env, info.si_signo, &info);
3326                 break;
3327             default:
3328                 goto do_sigill;
3329             }
3330             break;
3331         case EXCP_DEBUG:
3332             info.si_signo = gdb_handlesig(cs, TARGET_SIGTRAP);
3333             if (info.si_signo) {
3334                 env->lock_addr = -1;
3335                 info.si_errno = 0;
3336                 info.si_code = TARGET_TRAP_BRKPT;
3337                 queue_signal(env, info.si_signo, &info);
3338             }
3339             break;
3340         case EXCP_STL_C:
3341         case EXCP_STQ_C:
3342             do_store_exclusive(env, env->error_code, trapnr - EXCP_STL_C);
3343             break;
3344         case EXCP_INTERRUPT:
3345             /* Just indicate that signals should be handled asap.  */
3346             break;
3347         default:
3348             printf ("Unhandled trap: 0x%x\n", trapnr);
3349             cpu_dump_state(cs, stderr, fprintf, 0);
3350             exit(EXIT_FAILURE);
3351         }
3352         process_pending_signals (env);
3353     }
3354 }
3355 #endif /* TARGET_ALPHA */
3356 
3357 #ifdef TARGET_S390X
3358 void cpu_loop(CPUS390XState *env)
3359 {
3360     CPUState *cs = CPU(s390_env_get_cpu(env));
3361     int trapnr, n, sig;
3362     target_siginfo_t info;
3363     target_ulong addr;
3364 
3365     while (1) {
3366         cpu_exec_start(cs);
3367         trapnr = cpu_s390x_exec(cs);
3368         cpu_exec_end(cs);
3369         switch (trapnr) {
3370         case EXCP_INTERRUPT:
3371             /* Just indicate that signals should be handled asap.  */
3372             break;
3373 
3374         case EXCP_SVC:
3375             n = env->int_svc_code;
3376             if (!n) {
3377                 /* syscalls > 255 */
3378                 n = env->regs[1];
3379             }
3380             env->psw.addr += env->int_svc_ilen;
3381             env->regs[2] = do_syscall(env, n, env->regs[2], env->regs[3],
3382                                       env->regs[4], env->regs[5],
3383                                       env->regs[6], env->regs[7], 0, 0);
3384             break;
3385 
3386         case EXCP_DEBUG:
3387             sig = gdb_handlesig(cs, TARGET_SIGTRAP);
3388             if (sig) {
3389                 n = TARGET_TRAP_BRKPT;
3390                 goto do_signal_pc;
3391             }
3392             break;
3393         case EXCP_PGM:
3394             n = env->int_pgm_code;
3395             switch (n) {
3396             case PGM_OPERATION:
3397             case PGM_PRIVILEGED:
3398                 sig = TARGET_SIGILL;
3399                 n = TARGET_ILL_ILLOPC;
3400                 goto do_signal_pc;
3401             case PGM_PROTECTION:
3402             case PGM_ADDRESSING:
3403                 sig = TARGET_SIGSEGV;
3404                 /* XXX: check env->error_code */
3405                 n = TARGET_SEGV_MAPERR;
3406                 addr = env->__excp_addr;
3407                 goto do_signal;
3408             case PGM_EXECUTE:
3409             case PGM_SPECIFICATION:
3410             case PGM_SPECIAL_OP:
3411             case PGM_OPERAND:
3412             do_sigill_opn:
3413                 sig = TARGET_SIGILL;
3414                 n = TARGET_ILL_ILLOPN;
3415                 goto do_signal_pc;
3416 
3417             case PGM_FIXPT_OVERFLOW:
3418                 sig = TARGET_SIGFPE;
3419                 n = TARGET_FPE_INTOVF;
3420                 goto do_signal_pc;
3421             case PGM_FIXPT_DIVIDE:
3422                 sig = TARGET_SIGFPE;
3423                 n = TARGET_FPE_INTDIV;
3424                 goto do_signal_pc;
3425 
3426             case PGM_DATA:
3427                 n = (env->fpc >> 8) & 0xff;
3428                 if (n == 0xff) {
3429                     /* compare-and-trap */
3430                     goto do_sigill_opn;
3431                 } else {
3432                     /* An IEEE exception, simulated or otherwise.  */
3433                     if (n & 0x80) {
3434                         n = TARGET_FPE_FLTINV;
3435                     } else if (n & 0x40) {
3436                         n = TARGET_FPE_FLTDIV;
3437                     } else if (n & 0x20) {
3438                         n = TARGET_FPE_FLTOVF;
3439                     } else if (n & 0x10) {
3440                         n = TARGET_FPE_FLTUND;
3441                     } else if (n & 0x08) {
3442                         n = TARGET_FPE_FLTRES;
3443                     } else {
3444                         /* ??? Quantum exception; BFP, DFP error.  */
3445                         goto do_sigill_opn;
3446                     }
3447                     sig = TARGET_SIGFPE;
3448                     goto do_signal_pc;
3449                 }
3450 
3451             default:
3452                 fprintf(stderr, "Unhandled program exception: %#x\n", n);
3453                 cpu_dump_state(cs, stderr, fprintf, 0);
3454                 exit(EXIT_FAILURE);
3455             }
3456             break;
3457 
3458         do_signal_pc:
3459             addr = env->psw.addr;
3460         do_signal:
3461             info.si_signo = sig;
3462             info.si_errno = 0;
3463             info.si_code = n;
3464             info._sifields._sigfault._addr = addr;
3465             queue_signal(env, info.si_signo, &info);
3466             break;
3467 
3468         default:
3469             fprintf(stderr, "Unhandled trap: 0x%x\n", trapnr);
3470             cpu_dump_state(cs, stderr, fprintf, 0);
3471             exit(EXIT_FAILURE);
3472         }
3473         process_pending_signals (env);
3474     }
3475 }
3476 
3477 #endif /* TARGET_S390X */
3478 
3479 #ifdef TARGET_TILEGX
3480 
3481 static void gen_sigill_reg(CPUTLGState *env)
3482 {
3483     target_siginfo_t info;
3484 
3485     info.si_signo = TARGET_SIGILL;
3486     info.si_errno = 0;
3487     info.si_code = TARGET_ILL_PRVREG;
3488     info._sifields._sigfault._addr = env->pc;
3489     queue_signal(env, info.si_signo, &info);
3490 }
3491 
3492 static void do_signal(CPUTLGState *env, int signo, int sigcode)
3493 {
3494     target_siginfo_t info;
3495 
3496     info.si_signo = signo;
3497     info.si_errno = 0;
3498     info._sifields._sigfault._addr = env->pc;
3499 
3500     if (signo == TARGET_SIGSEGV) {
3501         /* The passed in sigcode is a dummy; check for a page mapping
3502            and pass either MAPERR or ACCERR.  */
3503         target_ulong addr = env->excaddr;
3504         info._sifields._sigfault._addr = addr;
3505         if (page_check_range(addr, 1, PAGE_VALID) < 0) {
3506             sigcode = TARGET_SEGV_MAPERR;
3507         } else {
3508             sigcode = TARGET_SEGV_ACCERR;
3509         }
3510     }
3511     info.si_code = sigcode;
3512 
3513     queue_signal(env, info.si_signo, &info);
3514 }
3515 
3516 static void gen_sigsegv_maperr(CPUTLGState *env, target_ulong addr)
3517 {
3518     env->excaddr = addr;
3519     do_signal(env, TARGET_SIGSEGV, 0);
3520 }
3521 
3522 static void set_regval(CPUTLGState *env, uint8_t reg, uint64_t val)
3523 {
3524     if (unlikely(reg >= TILEGX_R_COUNT)) {
3525         switch (reg) {
3526         case TILEGX_R_SN:
3527         case TILEGX_R_ZERO:
3528             return;
3529         case TILEGX_R_IDN0:
3530         case TILEGX_R_IDN1:
3531         case TILEGX_R_UDN0:
3532         case TILEGX_R_UDN1:
3533         case TILEGX_R_UDN2:
3534         case TILEGX_R_UDN3:
3535             gen_sigill_reg(env);
3536             return;
3537         default:
3538             g_assert_not_reached();
3539         }
3540     }
3541     env->regs[reg] = val;
3542 }
3543 
3544 /*
3545  * Compare the 8-byte contents of the CmpValue SPR with the 8-byte value in
3546  * memory at the address held in the first source register. If the values are
3547  * not equal, then no memory operation is performed. If the values are equal,
3548  * the 8-byte quantity from the second source register is written into memory
3549  * at the address held in the first source register. In either case, the result
3550  * of the instruction is the value read from memory. The compare and write to
3551  * memory are atomic and thus can be used for synchronization purposes. This
3552  * instruction only operates for addresses aligned to a 8-byte boundary.
3553  * Unaligned memory access causes an Unaligned Data Reference interrupt.
3554  *
3555  * Functional Description (64-bit)
3556  *       uint64_t memVal = memoryReadDoubleWord (rf[SrcA]);
3557  *       rf[Dest] = memVal;
3558  *       if (memVal == SPR[CmpValueSPR])
3559  *           memoryWriteDoubleWord (rf[SrcA], rf[SrcB]);
3560  *
3561  * Functional Description (32-bit)
3562  *       uint64_t memVal = signExtend32 (memoryReadWord (rf[SrcA]));
3563  *       rf[Dest] = memVal;
3564  *       if (memVal == signExtend32 (SPR[CmpValueSPR]))
3565  *           memoryWriteWord (rf[SrcA], rf[SrcB]);
3566  *
3567  *
3568  * This function also processes exch and exch4 which need not process SPR.
3569  */
3570 static void do_exch(CPUTLGState *env, bool quad, bool cmp)
3571 {
3572     target_ulong addr;
3573     target_long val, sprval;
3574 
3575     start_exclusive();
3576 
3577     addr = env->atomic_srca;
3578     if (quad ? get_user_s64(val, addr) : get_user_s32(val, addr)) {
3579         goto sigsegv_maperr;
3580     }
3581 
3582     if (cmp) {
3583         if (quad) {
3584             sprval = env->spregs[TILEGX_SPR_CMPEXCH];
3585         } else {
3586             sprval = sextract64(env->spregs[TILEGX_SPR_CMPEXCH], 0, 32);
3587         }
3588     }
3589 
3590     if (!cmp || val == sprval) {
3591         target_long valb = env->atomic_srcb;
3592         if (quad ? put_user_u64(valb, addr) : put_user_u32(valb, addr)) {
3593             goto sigsegv_maperr;
3594         }
3595     }
3596 
3597     set_regval(env, env->atomic_dstr, val);
3598     end_exclusive();
3599     return;
3600 
3601  sigsegv_maperr:
3602     end_exclusive();
3603     gen_sigsegv_maperr(env, addr);
3604 }
3605 
3606 static void do_fetch(CPUTLGState *env, int trapnr, bool quad)
3607 {
3608     int8_t write = 1;
3609     target_ulong addr;
3610     target_long val, valb;
3611 
3612     start_exclusive();
3613 
3614     addr = env->atomic_srca;
3615     valb = env->atomic_srcb;
3616     if (quad ? get_user_s64(val, addr) : get_user_s32(val, addr)) {
3617         goto sigsegv_maperr;
3618     }
3619 
3620     switch (trapnr) {
3621     case TILEGX_EXCP_OPCODE_FETCHADD:
3622     case TILEGX_EXCP_OPCODE_FETCHADD4:
3623         valb += val;
3624         break;
3625     case TILEGX_EXCP_OPCODE_FETCHADDGEZ:
3626         valb += val;
3627         if (valb < 0) {
3628             write = 0;
3629         }
3630         break;
3631     case TILEGX_EXCP_OPCODE_FETCHADDGEZ4:
3632         valb += val;
3633         if ((int32_t)valb < 0) {
3634             write = 0;
3635         }
3636         break;
3637     case TILEGX_EXCP_OPCODE_FETCHAND:
3638     case TILEGX_EXCP_OPCODE_FETCHAND4:
3639         valb &= val;
3640         break;
3641     case TILEGX_EXCP_OPCODE_FETCHOR:
3642     case TILEGX_EXCP_OPCODE_FETCHOR4:
3643         valb |= val;
3644         break;
3645     default:
3646         g_assert_not_reached();
3647     }
3648 
3649     if (write) {
3650         if (quad ? put_user_u64(valb, addr) : put_user_u32(valb, addr)) {
3651             goto sigsegv_maperr;
3652         }
3653     }
3654 
3655     set_regval(env, env->atomic_dstr, val);
3656     end_exclusive();
3657     return;
3658 
3659  sigsegv_maperr:
3660     end_exclusive();
3661     gen_sigsegv_maperr(env, addr);
3662 }
3663 
3664 void cpu_loop(CPUTLGState *env)
3665 {
3666     CPUState *cs = CPU(tilegx_env_get_cpu(env));
3667     int trapnr;
3668 
3669     while (1) {
3670         cpu_exec_start(cs);
3671         trapnr = cpu_tilegx_exec(cs);
3672         cpu_exec_end(cs);
3673         switch (trapnr) {
3674         case TILEGX_EXCP_SYSCALL:
3675             env->regs[TILEGX_R_RE] = do_syscall(env, env->regs[TILEGX_R_NR],
3676                                                 env->regs[0], env->regs[1],
3677                                                 env->regs[2], env->regs[3],
3678                                                 env->regs[4], env->regs[5],
3679                                                 env->regs[6], env->regs[7]);
3680             env->regs[TILEGX_R_ERR] = TILEGX_IS_ERRNO(env->regs[TILEGX_R_RE])
3681                                                       ? - env->regs[TILEGX_R_RE]
3682                                                       : 0;
3683             break;
3684         case TILEGX_EXCP_OPCODE_EXCH:
3685             do_exch(env, true, false);
3686             break;
3687         case TILEGX_EXCP_OPCODE_EXCH4:
3688             do_exch(env, false, false);
3689             break;
3690         case TILEGX_EXCP_OPCODE_CMPEXCH:
3691             do_exch(env, true, true);
3692             break;
3693         case TILEGX_EXCP_OPCODE_CMPEXCH4:
3694             do_exch(env, false, true);
3695             break;
3696         case TILEGX_EXCP_OPCODE_FETCHADD:
3697         case TILEGX_EXCP_OPCODE_FETCHADDGEZ:
3698         case TILEGX_EXCP_OPCODE_FETCHAND:
3699         case TILEGX_EXCP_OPCODE_FETCHOR:
3700             do_fetch(env, trapnr, true);
3701             break;
3702         case TILEGX_EXCP_OPCODE_FETCHADD4:
3703         case TILEGX_EXCP_OPCODE_FETCHADDGEZ4:
3704         case TILEGX_EXCP_OPCODE_FETCHAND4:
3705         case TILEGX_EXCP_OPCODE_FETCHOR4:
3706             do_fetch(env, trapnr, false);
3707             break;
3708         case TILEGX_EXCP_SIGNAL:
3709             do_signal(env, env->signo, env->sigcode);
3710             break;
3711         case TILEGX_EXCP_REG_IDN_ACCESS:
3712         case TILEGX_EXCP_REG_UDN_ACCESS:
3713             gen_sigill_reg(env);
3714             break;
3715         default:
3716             fprintf(stderr, "trapnr is %d[0x%x].\n", trapnr, trapnr);
3717             g_assert_not_reached();
3718         }
3719         process_pending_signals(env);
3720     }
3721 }
3722 
3723 #endif
3724 
3725 THREAD CPUState *thread_cpu;
3726 
3727 void task_settid(TaskState *ts)
3728 {
3729     if (ts->ts_tid == 0) {
3730         ts->ts_tid = (pid_t)syscall(SYS_gettid);
3731     }
3732 }
3733 
3734 void stop_all_tasks(void)
3735 {
3736     /*
3737      * We trust that when using NPTL, start_exclusive()
3738      * handles thread stopping correctly.
3739      */
3740     start_exclusive();
3741 }
3742 
3743 /* Assumes contents are already zeroed.  */
3744 void init_task_state(TaskState *ts)
3745 {
3746     int i;
3747 
3748     ts->used = 1;
3749     ts->first_free = ts->sigqueue_table;
3750     for (i = 0; i < MAX_SIGQUEUE_SIZE - 1; i++) {
3751         ts->sigqueue_table[i].next = &ts->sigqueue_table[i + 1];
3752     }
3753     ts->sigqueue_table[i].next = NULL;
3754 }
3755 
3756 CPUArchState *cpu_copy(CPUArchState *env)
3757 {
3758     CPUState *cpu = ENV_GET_CPU(env);
3759     CPUState *new_cpu = cpu_init(cpu_model);
3760     CPUArchState *new_env = new_cpu->env_ptr;
3761     CPUBreakpoint *bp;
3762     CPUWatchpoint *wp;
3763 
3764     /* Reset non arch specific state */
3765     cpu_reset(new_cpu);
3766 
3767     memcpy(new_env, env, sizeof(CPUArchState));
3768 
3769     /* Clone all break/watchpoints.
3770        Note: Once we support ptrace with hw-debug register access, make sure
3771        BP_CPU break/watchpoints are handled correctly on clone. */
3772     QTAILQ_INIT(&new_cpu->breakpoints);
3773     QTAILQ_INIT(&new_cpu->watchpoints);
3774     QTAILQ_FOREACH(bp, &cpu->breakpoints, entry) {
3775         cpu_breakpoint_insert(new_cpu, bp->pc, bp->flags, NULL);
3776     }
3777     QTAILQ_FOREACH(wp, &cpu->watchpoints, entry) {
3778         cpu_watchpoint_insert(new_cpu, wp->vaddr, wp->len, wp->flags, NULL);
3779     }
3780 
3781     return new_env;
3782 }
3783 
3784 static void handle_arg_help(const char *arg)
3785 {
3786     usage(EXIT_SUCCESS);
3787 }
3788 
3789 static void handle_arg_log(const char *arg)
3790 {
3791     int mask;
3792 
3793     mask = qemu_str_to_log_mask(arg);
3794     if (!mask) {
3795         qemu_print_log_usage(stdout);
3796         exit(EXIT_FAILURE);
3797     }
3798     qemu_log_needs_buffers();
3799     qemu_set_log(mask);
3800 }
3801 
3802 static void handle_arg_log_filename(const char *arg)
3803 {
3804     qemu_set_log_filename(arg);
3805 }
3806 
3807 static void handle_arg_set_env(const char *arg)
3808 {
3809     char *r, *p, *token;
3810     r = p = strdup(arg);
3811     while ((token = strsep(&p, ",")) != NULL) {
3812         if (envlist_setenv(envlist, token) != 0) {
3813             usage(EXIT_FAILURE);
3814         }
3815     }
3816     free(r);
3817 }
3818 
3819 static void handle_arg_unset_env(const char *arg)
3820 {
3821     char *r, *p, *token;
3822     r = p = strdup(arg);
3823     while ((token = strsep(&p, ",")) != NULL) {
3824         if (envlist_unsetenv(envlist, token) != 0) {
3825             usage(EXIT_FAILURE);
3826         }
3827     }
3828     free(r);
3829 }
3830 
3831 static void handle_arg_argv0(const char *arg)
3832 {
3833     argv0 = strdup(arg);
3834 }
3835 
3836 static void handle_arg_stack_size(const char *arg)
3837 {
3838     char *p;
3839     guest_stack_size = strtoul(arg, &p, 0);
3840     if (guest_stack_size == 0) {
3841         usage(EXIT_FAILURE);
3842     }
3843 
3844     if (*p == 'M') {
3845         guest_stack_size *= 1024 * 1024;
3846     } else if (*p == 'k' || *p == 'K') {
3847         guest_stack_size *= 1024;
3848     }
3849 }
3850 
3851 static void handle_arg_ld_prefix(const char *arg)
3852 {
3853     interp_prefix = strdup(arg);
3854 }
3855 
3856 static void handle_arg_pagesize(const char *arg)
3857 {
3858     qemu_host_page_size = atoi(arg);
3859     if (qemu_host_page_size == 0 ||
3860         (qemu_host_page_size & (qemu_host_page_size - 1)) != 0) {
3861         fprintf(stderr, "page size must be a power of two\n");
3862         exit(EXIT_FAILURE);
3863     }
3864 }
3865 
3866 static void handle_arg_randseed(const char *arg)
3867 {
3868     unsigned long long seed;
3869 
3870     if (parse_uint_full(arg, &seed, 0) != 0 || seed > UINT_MAX) {
3871         fprintf(stderr, "Invalid seed number: %s\n", arg);
3872         exit(EXIT_FAILURE);
3873     }
3874     srand(seed);
3875 }
3876 
3877 static void handle_arg_gdb(const char *arg)
3878 {
3879     gdbstub_port = atoi(arg);
3880 }
3881 
3882 static void handle_arg_uname(const char *arg)
3883 {
3884     qemu_uname_release = strdup(arg);
3885 }
3886 
3887 static void handle_arg_cpu(const char *arg)
3888 {
3889     cpu_model = strdup(arg);
3890     if (cpu_model == NULL || is_help_option(cpu_model)) {
3891         /* XXX: implement xxx_cpu_list for targets that still miss it */
3892 #if defined(cpu_list)
3893         cpu_list(stdout, &fprintf);
3894 #endif
3895         exit(EXIT_FAILURE);
3896     }
3897 }
3898 
3899 static void handle_arg_guest_base(const char *arg)
3900 {
3901     guest_base = strtol(arg, NULL, 0);
3902     have_guest_base = 1;
3903 }
3904 
3905 static void handle_arg_reserved_va(const char *arg)
3906 {
3907     char *p;
3908     int shift = 0;
3909     reserved_va = strtoul(arg, &p, 0);
3910     switch (*p) {
3911     case 'k':
3912     case 'K':
3913         shift = 10;
3914         break;
3915     case 'M':
3916         shift = 20;
3917         break;
3918     case 'G':
3919         shift = 30;
3920         break;
3921     }
3922     if (shift) {
3923         unsigned long unshifted = reserved_va;
3924         p++;
3925         reserved_va <<= shift;
3926         if (((reserved_va >> shift) != unshifted)
3927 #if HOST_LONG_BITS > TARGET_VIRT_ADDR_SPACE_BITS
3928             || (reserved_va > (1ul << TARGET_VIRT_ADDR_SPACE_BITS))
3929 #endif
3930             ) {
3931             fprintf(stderr, "Reserved virtual address too big\n");
3932             exit(EXIT_FAILURE);
3933         }
3934     }
3935     if (*p) {
3936         fprintf(stderr, "Unrecognised -R size suffix '%s'\n", p);
3937         exit(EXIT_FAILURE);
3938     }
3939 }
3940 
3941 static void handle_arg_singlestep(const char *arg)
3942 {
3943     singlestep = 1;
3944 }
3945 
3946 static void handle_arg_strace(const char *arg)
3947 {
3948     do_strace = 1;
3949 }
3950 
3951 static void handle_arg_version(const char *arg)
3952 {
3953     printf("qemu-" TARGET_NAME " version " QEMU_VERSION QEMU_PKGVERSION
3954            ", Copyright (c) 2003-2008 Fabrice Bellard\n");
3955     exit(EXIT_SUCCESS);
3956 }
3957 
3958 struct qemu_argument {
3959     const char *argv;
3960     const char *env;
3961     bool has_arg;
3962     void (*handle_opt)(const char *arg);
3963     const char *example;
3964     const char *help;
3965 };
3966 
3967 static const struct qemu_argument arg_table[] = {
3968     {"h",          "",                 false, handle_arg_help,
3969      "",           "print this help"},
3970     {"help",       "",                 false, handle_arg_help,
3971      "",           ""},
3972     {"g",          "QEMU_GDB",         true,  handle_arg_gdb,
3973      "port",       "wait gdb connection to 'port'"},
3974     {"L",          "QEMU_LD_PREFIX",   true,  handle_arg_ld_prefix,
3975      "path",       "set the elf interpreter prefix to 'path'"},
3976     {"s",          "QEMU_STACK_SIZE",  true,  handle_arg_stack_size,
3977      "size",       "set the stack size to 'size' bytes"},
3978     {"cpu",        "QEMU_CPU",         true,  handle_arg_cpu,
3979      "model",      "select CPU (-cpu help for list)"},
3980     {"E",          "QEMU_SET_ENV",     true,  handle_arg_set_env,
3981      "var=value",  "sets targets environment variable (see below)"},
3982     {"U",          "QEMU_UNSET_ENV",   true,  handle_arg_unset_env,
3983      "var",        "unsets targets environment variable (see below)"},
3984     {"0",          "QEMU_ARGV0",       true,  handle_arg_argv0,
3985      "argv0",      "forces target process argv[0] to be 'argv0'"},
3986     {"r",          "QEMU_UNAME",       true,  handle_arg_uname,
3987      "uname",      "set qemu uname release string to 'uname'"},
3988     {"B",          "QEMU_GUEST_BASE",  true,  handle_arg_guest_base,
3989      "address",    "set guest_base address to 'address'"},
3990     {"R",          "QEMU_RESERVED_VA", true,  handle_arg_reserved_va,
3991      "size",       "reserve 'size' bytes for guest virtual address space"},
3992     {"d",          "QEMU_LOG",         true,  handle_arg_log,
3993      "item[,...]", "enable logging of specified items "
3994      "(use '-d help' for a list of items)"},
3995     {"D",          "QEMU_LOG_FILENAME", true, handle_arg_log_filename,
3996      "logfile",     "write logs to 'logfile' (default stderr)"},
3997     {"p",          "QEMU_PAGESIZE",    true,  handle_arg_pagesize,
3998      "pagesize",   "set the host page size to 'pagesize'"},
3999     {"singlestep", "QEMU_SINGLESTEP",  false, handle_arg_singlestep,
4000      "",           "run in singlestep mode"},
4001     {"strace",     "QEMU_STRACE",      false, handle_arg_strace,
4002      "",           "log system calls"},
4003     {"seed",       "QEMU_RAND_SEED",   true,  handle_arg_randseed,
4004      "",           "Seed for pseudo-random number generator"},
4005     {"version",    "QEMU_VERSION",     false, handle_arg_version,
4006      "",           "display version information and exit"},
4007     {NULL, NULL, false, NULL, NULL, NULL}
4008 };
4009 
4010 static void usage(int exitcode)
4011 {
4012     const struct qemu_argument *arginfo;
4013     int maxarglen;
4014     int maxenvlen;
4015 
4016     printf("usage: qemu-" TARGET_NAME " [options] program [arguments...]\n"
4017            "Linux CPU emulator (compiled for " TARGET_NAME " emulation)\n"
4018            "\n"
4019            "Options and associated environment variables:\n"
4020            "\n");
4021 
4022     /* Calculate column widths. We must always have at least enough space
4023      * for the column header.
4024      */
4025     maxarglen = strlen("Argument");
4026     maxenvlen = strlen("Env-variable");
4027 
4028     for (arginfo = arg_table; arginfo->handle_opt != NULL; arginfo++) {
4029         int arglen = strlen(arginfo->argv);
4030         if (arginfo->has_arg) {
4031             arglen += strlen(arginfo->example) + 1;
4032         }
4033         if (strlen(arginfo->env) > maxenvlen) {
4034             maxenvlen = strlen(arginfo->env);
4035         }
4036         if (arglen > maxarglen) {
4037             maxarglen = arglen;
4038         }
4039     }
4040 
4041     printf("%-*s %-*s Description\n", maxarglen+1, "Argument",
4042             maxenvlen, "Env-variable");
4043 
4044     for (arginfo = arg_table; arginfo->handle_opt != NULL; arginfo++) {
4045         if (arginfo->has_arg) {
4046             printf("-%s %-*s %-*s %s\n", arginfo->argv,
4047                    (int)(maxarglen - strlen(arginfo->argv) - 1),
4048                    arginfo->example, maxenvlen, arginfo->env, arginfo->help);
4049         } else {
4050             printf("-%-*s %-*s %s\n", maxarglen, arginfo->argv,
4051                     maxenvlen, arginfo->env,
4052                     arginfo->help);
4053         }
4054     }
4055 
4056     printf("\n"
4057            "Defaults:\n"
4058            "QEMU_LD_PREFIX  = %s\n"
4059            "QEMU_STACK_SIZE = %ld byte\n",
4060            interp_prefix,
4061            guest_stack_size);
4062 
4063     printf("\n"
4064            "You can use -E and -U options or the QEMU_SET_ENV and\n"
4065            "QEMU_UNSET_ENV environment variables to set and unset\n"
4066            "environment variables for the target process.\n"
4067            "It is possible to provide several variables by separating them\n"
4068            "by commas in getsubopt(3) style. Additionally it is possible to\n"
4069            "provide the -E and -U options multiple times.\n"
4070            "The following lines are equivalent:\n"
4071            "    -E var1=val2 -E var2=val2 -U LD_PRELOAD -U LD_DEBUG\n"
4072            "    -E var1=val2,var2=val2 -U LD_PRELOAD,LD_DEBUG\n"
4073            "    QEMU_SET_ENV=var1=val2,var2=val2 QEMU_UNSET_ENV=LD_PRELOAD,LD_DEBUG\n"
4074            "Note that if you provide several changes to a single variable\n"
4075            "the last change will stay in effect.\n");
4076 
4077     exit(exitcode);
4078 }
4079 
4080 static int parse_args(int argc, char **argv)
4081 {
4082     const char *r;
4083     int optind;
4084     const struct qemu_argument *arginfo;
4085 
4086     for (arginfo = arg_table; arginfo->handle_opt != NULL; arginfo++) {
4087         if (arginfo->env == NULL) {
4088             continue;
4089         }
4090 
4091         r = getenv(arginfo->env);
4092         if (r != NULL) {
4093             arginfo->handle_opt(r);
4094         }
4095     }
4096 
4097     optind = 1;
4098     for (;;) {
4099         if (optind >= argc) {
4100             break;
4101         }
4102         r = argv[optind];
4103         if (r[0] != '-') {
4104             break;
4105         }
4106         optind++;
4107         r++;
4108         if (!strcmp(r, "-")) {
4109             break;
4110         }
4111         /* Treat --foo the same as -foo.  */
4112         if (r[0] == '-') {
4113             r++;
4114         }
4115 
4116         for (arginfo = arg_table; arginfo->handle_opt != NULL; arginfo++) {
4117             if (!strcmp(r, arginfo->argv)) {
4118                 if (arginfo->has_arg) {
4119                     if (optind >= argc) {
4120                         (void) fprintf(stderr,
4121                             "qemu: missing argument for option '%s'\n", r);
4122                         exit(EXIT_FAILURE);
4123                     }
4124                     arginfo->handle_opt(argv[optind]);
4125                     optind++;
4126                 } else {
4127                     arginfo->handle_opt(NULL);
4128                 }
4129                 break;
4130             }
4131         }
4132 
4133         /* no option matched the current argv */
4134         if (arginfo->handle_opt == NULL) {
4135             (void) fprintf(stderr, "qemu: unknown option '%s'\n", r);
4136             exit(EXIT_FAILURE);
4137         }
4138     }
4139 
4140     if (optind >= argc) {
4141         (void) fprintf(stderr, "qemu: no user program specified\n");
4142         exit(EXIT_FAILURE);
4143     }
4144 
4145     filename = argv[optind];
4146     exec_path = argv[optind];
4147 
4148     return optind;
4149 }
4150 
4151 int main(int argc, char **argv, char **envp)
4152 {
4153     struct target_pt_regs regs1, *regs = &regs1;
4154     struct image_info info1, *info = &info1;
4155     struct linux_binprm bprm;
4156     TaskState *ts;
4157     CPUArchState *env;
4158     CPUState *cpu;
4159     int optind;
4160     char **target_environ, **wrk;
4161     char **target_argv;
4162     int target_argc;
4163     int i;
4164     int ret;
4165     int execfd;
4166 
4167     module_call_init(MODULE_INIT_QOM);
4168 
4169     if ((envlist = envlist_create()) == NULL) {
4170         (void) fprintf(stderr, "Unable to allocate envlist\n");
4171         exit(EXIT_FAILURE);
4172     }
4173 
4174     /* add current environment into the list */
4175     for (wrk = environ; *wrk != NULL; wrk++) {
4176         (void) envlist_setenv(envlist, *wrk);
4177     }
4178 
4179     /* Read the stack limit from the kernel.  If it's "unlimited",
4180        then we can do little else besides use the default.  */
4181     {
4182         struct rlimit lim;
4183         if (getrlimit(RLIMIT_STACK, &lim) == 0
4184             && lim.rlim_cur != RLIM_INFINITY
4185             && lim.rlim_cur == (target_long)lim.rlim_cur) {
4186             guest_stack_size = lim.rlim_cur;
4187         }
4188     }
4189 
4190     cpu_model = NULL;
4191 
4192     srand(time(NULL));
4193 
4194     optind = parse_args(argc, argv);
4195 
4196     /* Zero out regs */
4197     memset(regs, 0, sizeof(struct target_pt_regs));
4198 
4199     /* Zero out image_info */
4200     memset(info, 0, sizeof(struct image_info));
4201 
4202     memset(&bprm, 0, sizeof (bprm));
4203 
4204     /* Scan interp_prefix dir for replacement files. */
4205     init_paths(interp_prefix);
4206 
4207     init_qemu_uname_release();
4208 
4209     if (cpu_model == NULL) {
4210 #if defined(TARGET_I386)
4211 #ifdef TARGET_X86_64
4212         cpu_model = "qemu64";
4213 #else
4214         cpu_model = "qemu32";
4215 #endif
4216 #elif defined(TARGET_ARM)
4217         cpu_model = "any";
4218 #elif defined(TARGET_UNICORE32)
4219         cpu_model = "any";
4220 #elif defined(TARGET_M68K)
4221         cpu_model = "any";
4222 #elif defined(TARGET_SPARC)
4223 #ifdef TARGET_SPARC64
4224         cpu_model = "TI UltraSparc II";
4225 #else
4226         cpu_model = "Fujitsu MB86904";
4227 #endif
4228 #elif defined(TARGET_MIPS)
4229 #if defined(TARGET_ABI_MIPSN32) || defined(TARGET_ABI_MIPSN64)
4230         cpu_model = "5KEf";
4231 #else
4232         cpu_model = "24Kf";
4233 #endif
4234 #elif defined TARGET_OPENRISC
4235         cpu_model = "or1200";
4236 #elif defined(TARGET_PPC)
4237 # ifdef TARGET_PPC64
4238         cpu_model = "POWER8";
4239 # else
4240         cpu_model = "750";
4241 # endif
4242 #elif defined TARGET_SH4
4243         cpu_model = TYPE_SH7785_CPU;
4244 #else
4245         cpu_model = "any";
4246 #endif
4247     }
4248     tcg_exec_init(0);
4249     /* NOTE: we need to init the CPU at this stage to get
4250        qemu_host_page_size */
4251     cpu = cpu_init(cpu_model);
4252     if (!cpu) {
4253         fprintf(stderr, "Unable to find CPU definition\n");
4254         exit(EXIT_FAILURE);
4255     }
4256     env = cpu->env_ptr;
4257     cpu_reset(cpu);
4258 
4259     thread_cpu = cpu;
4260 
4261     if (getenv("QEMU_STRACE")) {
4262         do_strace = 1;
4263     }
4264 
4265     if (getenv("QEMU_RAND_SEED")) {
4266         handle_arg_randseed(getenv("QEMU_RAND_SEED"));
4267     }
4268 
4269     target_environ = envlist_to_environ(envlist, NULL);
4270     envlist_free(envlist);
4271 
4272     /*
4273      * Now that page sizes are configured in cpu_init() we can do
4274      * proper page alignment for guest_base.
4275      */
4276     guest_base = HOST_PAGE_ALIGN(guest_base);
4277 
4278     if (reserved_va || have_guest_base) {
4279         guest_base = init_guest_space(guest_base, reserved_va, 0,
4280                                       have_guest_base);
4281         if (guest_base == (unsigned long)-1) {
4282             fprintf(stderr, "Unable to reserve 0x%lx bytes of virtual address "
4283                     "space for use as guest address space (check your virtual "
4284                     "memory ulimit setting or reserve less using -R option)\n",
4285                     reserved_va);
4286             exit(EXIT_FAILURE);
4287         }
4288 
4289         if (reserved_va) {
4290             mmap_next_start = reserved_va;
4291         }
4292     }
4293 
4294     /*
4295      * Read in mmap_min_addr kernel parameter.  This value is used
4296      * When loading the ELF image to determine whether guest_base
4297      * is needed.  It is also used in mmap_find_vma.
4298      */
4299     {
4300         FILE *fp;
4301 
4302         if ((fp = fopen("/proc/sys/vm/mmap_min_addr", "r")) != NULL) {
4303             unsigned long tmp;
4304             if (fscanf(fp, "%lu", &tmp) == 1) {
4305                 mmap_min_addr = tmp;
4306                 qemu_log_mask(CPU_LOG_PAGE, "host mmap_min_addr=0x%lx\n", mmap_min_addr);
4307             }
4308             fclose(fp);
4309         }
4310     }
4311 
4312     /*
4313      * Prepare copy of argv vector for target.
4314      */
4315     target_argc = argc - optind;
4316     target_argv = calloc(target_argc + 1, sizeof (char *));
4317     if (target_argv == NULL) {
4318 	(void) fprintf(stderr, "Unable to allocate memory for target_argv\n");
4319 	exit(EXIT_FAILURE);
4320     }
4321 
4322     /*
4323      * If argv0 is specified (using '-0' switch) we replace
4324      * argv[0] pointer with the given one.
4325      */
4326     i = 0;
4327     if (argv0 != NULL) {
4328         target_argv[i++] = strdup(argv0);
4329     }
4330     for (; i < target_argc; i++) {
4331         target_argv[i] = strdup(argv[optind + i]);
4332     }
4333     target_argv[target_argc] = NULL;
4334 
4335     ts = g_new0(TaskState, 1);
4336     init_task_state(ts);
4337     /* build Task State */
4338     ts->info = info;
4339     ts->bprm = &bprm;
4340     cpu->opaque = ts;
4341     task_settid(ts);
4342 
4343     execfd = qemu_getauxval(AT_EXECFD);
4344     if (execfd == 0) {
4345         execfd = open(filename, O_RDONLY);
4346         if (execfd < 0) {
4347             printf("Error while loading %s: %s\n", filename, strerror(errno));
4348             _exit(EXIT_FAILURE);
4349         }
4350     }
4351 
4352     ret = loader_exec(execfd, filename, target_argv, target_environ, regs,
4353         info, &bprm);
4354     if (ret != 0) {
4355         printf("Error while loading %s: %s\n", filename, strerror(-ret));
4356         _exit(EXIT_FAILURE);
4357     }
4358 
4359     for (wrk = target_environ; *wrk; wrk++) {
4360         free(*wrk);
4361     }
4362 
4363     free(target_environ);
4364 
4365     if (qemu_loglevel_mask(CPU_LOG_PAGE)) {
4366         qemu_log("guest_base  0x%lx\n", guest_base);
4367         log_page_dump();
4368 
4369         qemu_log("start_brk   0x" TARGET_ABI_FMT_lx "\n", info->start_brk);
4370         qemu_log("end_code    0x" TARGET_ABI_FMT_lx "\n", info->end_code);
4371         qemu_log("start_code  0x" TARGET_ABI_FMT_lx "\n",
4372                  info->start_code);
4373         qemu_log("start_data  0x" TARGET_ABI_FMT_lx "\n",
4374                  info->start_data);
4375         qemu_log("end_data    0x" TARGET_ABI_FMT_lx "\n", info->end_data);
4376         qemu_log("start_stack 0x" TARGET_ABI_FMT_lx "\n",
4377                  info->start_stack);
4378         qemu_log("brk         0x" TARGET_ABI_FMT_lx "\n", info->brk);
4379         qemu_log("entry       0x" TARGET_ABI_FMT_lx "\n", info->entry);
4380     }
4381 
4382     target_set_brk(info->brk);
4383     syscall_init();
4384     signal_init();
4385 
4386     /* Now that we've loaded the binary, GUEST_BASE is fixed.  Delay
4387        generating the prologue until now so that the prologue can take
4388        the real value of GUEST_BASE into account.  */
4389     tcg_prologue_init(&tcg_ctx);
4390 
4391 #if defined(TARGET_I386)
4392     env->cr[0] = CR0_PG_MASK | CR0_WP_MASK | CR0_PE_MASK;
4393     env->hflags |= HF_PE_MASK | HF_CPL_MASK;
4394     if (env->features[FEAT_1_EDX] & CPUID_SSE) {
4395         env->cr[4] |= CR4_OSFXSR_MASK;
4396         env->hflags |= HF_OSFXSR_MASK;
4397     }
4398 #ifndef TARGET_ABI32
4399     /* enable 64 bit mode if possible */
4400     if (!(env->features[FEAT_8000_0001_EDX] & CPUID_EXT2_LM)) {
4401         fprintf(stderr, "The selected x86 CPU does not support 64 bit mode\n");
4402         exit(EXIT_FAILURE);
4403     }
4404     env->cr[4] |= CR4_PAE_MASK;
4405     env->efer |= MSR_EFER_LMA | MSR_EFER_LME;
4406     env->hflags |= HF_LMA_MASK;
4407 #endif
4408 
4409     /* flags setup : we activate the IRQs by default as in user mode */
4410     env->eflags |= IF_MASK;
4411 
4412     /* linux register setup */
4413 #ifndef TARGET_ABI32
4414     env->regs[R_EAX] = regs->rax;
4415     env->regs[R_EBX] = regs->rbx;
4416     env->regs[R_ECX] = regs->rcx;
4417     env->regs[R_EDX] = regs->rdx;
4418     env->regs[R_ESI] = regs->rsi;
4419     env->regs[R_EDI] = regs->rdi;
4420     env->regs[R_EBP] = regs->rbp;
4421     env->regs[R_ESP] = regs->rsp;
4422     env->eip = regs->rip;
4423 #else
4424     env->regs[R_EAX] = regs->eax;
4425     env->regs[R_EBX] = regs->ebx;
4426     env->regs[R_ECX] = regs->ecx;
4427     env->regs[R_EDX] = regs->edx;
4428     env->regs[R_ESI] = regs->esi;
4429     env->regs[R_EDI] = regs->edi;
4430     env->regs[R_EBP] = regs->ebp;
4431     env->regs[R_ESP] = regs->esp;
4432     env->eip = regs->eip;
4433 #endif
4434 
4435     /* linux interrupt setup */
4436 #ifndef TARGET_ABI32
4437     env->idt.limit = 511;
4438 #else
4439     env->idt.limit = 255;
4440 #endif
4441     env->idt.base = target_mmap(0, sizeof(uint64_t) * (env->idt.limit + 1),
4442                                 PROT_READ|PROT_WRITE,
4443                                 MAP_ANONYMOUS|MAP_PRIVATE, -1, 0);
4444     idt_table = g2h(env->idt.base);
4445     set_idt(0, 0);
4446     set_idt(1, 0);
4447     set_idt(2, 0);
4448     set_idt(3, 3);
4449     set_idt(4, 3);
4450     set_idt(5, 0);
4451     set_idt(6, 0);
4452     set_idt(7, 0);
4453     set_idt(8, 0);
4454     set_idt(9, 0);
4455     set_idt(10, 0);
4456     set_idt(11, 0);
4457     set_idt(12, 0);
4458     set_idt(13, 0);
4459     set_idt(14, 0);
4460     set_idt(15, 0);
4461     set_idt(16, 0);
4462     set_idt(17, 0);
4463     set_idt(18, 0);
4464     set_idt(19, 0);
4465     set_idt(0x80, 3);
4466 
4467     /* linux segment setup */
4468     {
4469         uint64_t *gdt_table;
4470         env->gdt.base = target_mmap(0, sizeof(uint64_t) * TARGET_GDT_ENTRIES,
4471                                     PROT_READ|PROT_WRITE,
4472                                     MAP_ANONYMOUS|MAP_PRIVATE, -1, 0);
4473         env->gdt.limit = sizeof(uint64_t) * TARGET_GDT_ENTRIES - 1;
4474         gdt_table = g2h(env->gdt.base);
4475 #ifdef TARGET_ABI32
4476         write_dt(&gdt_table[__USER_CS >> 3], 0, 0xfffff,
4477                  DESC_G_MASK | DESC_B_MASK | DESC_P_MASK | DESC_S_MASK |
4478                  (3 << DESC_DPL_SHIFT) | (0xa << DESC_TYPE_SHIFT));
4479 #else
4480         /* 64 bit code segment */
4481         write_dt(&gdt_table[__USER_CS >> 3], 0, 0xfffff,
4482                  DESC_G_MASK | DESC_B_MASK | DESC_P_MASK | DESC_S_MASK |
4483                  DESC_L_MASK |
4484                  (3 << DESC_DPL_SHIFT) | (0xa << DESC_TYPE_SHIFT));
4485 #endif
4486         write_dt(&gdt_table[__USER_DS >> 3], 0, 0xfffff,
4487                  DESC_G_MASK | DESC_B_MASK | DESC_P_MASK | DESC_S_MASK |
4488                  (3 << DESC_DPL_SHIFT) | (0x2 << DESC_TYPE_SHIFT));
4489     }
4490     cpu_x86_load_seg(env, R_CS, __USER_CS);
4491     cpu_x86_load_seg(env, R_SS, __USER_DS);
4492 #ifdef TARGET_ABI32
4493     cpu_x86_load_seg(env, R_DS, __USER_DS);
4494     cpu_x86_load_seg(env, R_ES, __USER_DS);
4495     cpu_x86_load_seg(env, R_FS, __USER_DS);
4496     cpu_x86_load_seg(env, R_GS, __USER_DS);
4497     /* This hack makes Wine work... */
4498     env->segs[R_FS].selector = 0;
4499 #else
4500     cpu_x86_load_seg(env, R_DS, 0);
4501     cpu_x86_load_seg(env, R_ES, 0);
4502     cpu_x86_load_seg(env, R_FS, 0);
4503     cpu_x86_load_seg(env, R_GS, 0);
4504 #endif
4505 #elif defined(TARGET_AARCH64)
4506     {
4507         int i;
4508 
4509         if (!(arm_feature(env, ARM_FEATURE_AARCH64))) {
4510             fprintf(stderr,
4511                     "The selected ARM CPU does not support 64 bit mode\n");
4512             exit(EXIT_FAILURE);
4513         }
4514 
4515         for (i = 0; i < 31; i++) {
4516             env->xregs[i] = regs->regs[i];
4517         }
4518         env->pc = regs->pc;
4519         env->xregs[31] = regs->sp;
4520     }
4521 #elif defined(TARGET_ARM)
4522     {
4523         int i;
4524         cpsr_write(env, regs->uregs[16], CPSR_USER | CPSR_EXEC,
4525                    CPSRWriteByInstr);
4526         for(i = 0; i < 16; i++) {
4527             env->regs[i] = regs->uregs[i];
4528         }
4529 #ifdef TARGET_WORDS_BIGENDIAN
4530         /* Enable BE8.  */
4531         if (EF_ARM_EABI_VERSION(info->elf_flags) >= EF_ARM_EABI_VER4
4532             && (info->elf_flags & EF_ARM_BE8)) {
4533             env->uncached_cpsr |= CPSR_E;
4534             env->cp15.sctlr_el[1] |= SCTLR_E0E;
4535         } else {
4536             env->cp15.sctlr_el[1] |= SCTLR_B;
4537         }
4538 #endif
4539     }
4540 #elif defined(TARGET_UNICORE32)
4541     {
4542         int i;
4543         cpu_asr_write(env, regs->uregs[32], 0xffffffff);
4544         for (i = 0; i < 32; i++) {
4545             env->regs[i] = regs->uregs[i];
4546         }
4547     }
4548 #elif defined(TARGET_SPARC)
4549     {
4550         int i;
4551 	env->pc = regs->pc;
4552 	env->npc = regs->npc;
4553         env->y = regs->y;
4554         for(i = 0; i < 8; i++)
4555             env->gregs[i] = regs->u_regs[i];
4556         for(i = 0; i < 8; i++)
4557             env->regwptr[i] = regs->u_regs[i + 8];
4558     }
4559 #elif defined(TARGET_PPC)
4560     {
4561         int i;
4562 
4563 #if defined(TARGET_PPC64)
4564 #if defined(TARGET_ABI32)
4565         env->msr &= ~((target_ulong)1 << MSR_SF);
4566 #else
4567         env->msr |= (target_ulong)1 << MSR_SF;
4568 #endif
4569 #endif
4570         env->nip = regs->nip;
4571         for(i = 0; i < 32; i++) {
4572             env->gpr[i] = regs->gpr[i];
4573         }
4574     }
4575 #elif defined(TARGET_M68K)
4576     {
4577         env->pc = regs->pc;
4578         env->dregs[0] = regs->d0;
4579         env->dregs[1] = regs->d1;
4580         env->dregs[2] = regs->d2;
4581         env->dregs[3] = regs->d3;
4582         env->dregs[4] = regs->d4;
4583         env->dregs[5] = regs->d5;
4584         env->dregs[6] = regs->d6;
4585         env->dregs[7] = regs->d7;
4586         env->aregs[0] = regs->a0;
4587         env->aregs[1] = regs->a1;
4588         env->aregs[2] = regs->a2;
4589         env->aregs[3] = regs->a3;
4590         env->aregs[4] = regs->a4;
4591         env->aregs[5] = regs->a5;
4592         env->aregs[6] = regs->a6;
4593         env->aregs[7] = regs->usp;
4594         env->sr = regs->sr;
4595         ts->sim_syscalls = 1;
4596     }
4597 #elif defined(TARGET_MICROBLAZE)
4598     {
4599         env->regs[0] = regs->r0;
4600         env->regs[1] = regs->r1;
4601         env->regs[2] = regs->r2;
4602         env->regs[3] = regs->r3;
4603         env->regs[4] = regs->r4;
4604         env->regs[5] = regs->r5;
4605         env->regs[6] = regs->r6;
4606         env->regs[7] = regs->r7;
4607         env->regs[8] = regs->r8;
4608         env->regs[9] = regs->r9;
4609         env->regs[10] = regs->r10;
4610         env->regs[11] = regs->r11;
4611         env->regs[12] = regs->r12;
4612         env->regs[13] = regs->r13;
4613         env->regs[14] = regs->r14;
4614         env->regs[15] = regs->r15;
4615         env->regs[16] = regs->r16;
4616         env->regs[17] = regs->r17;
4617         env->regs[18] = regs->r18;
4618         env->regs[19] = regs->r19;
4619         env->regs[20] = regs->r20;
4620         env->regs[21] = regs->r21;
4621         env->regs[22] = regs->r22;
4622         env->regs[23] = regs->r23;
4623         env->regs[24] = regs->r24;
4624         env->regs[25] = regs->r25;
4625         env->regs[26] = regs->r26;
4626         env->regs[27] = regs->r27;
4627         env->regs[28] = regs->r28;
4628         env->regs[29] = regs->r29;
4629         env->regs[30] = regs->r30;
4630         env->regs[31] = regs->r31;
4631         env->sregs[SR_PC] = regs->pc;
4632     }
4633 #elif defined(TARGET_MIPS)
4634     {
4635         int i;
4636 
4637         for(i = 0; i < 32; i++) {
4638             env->active_tc.gpr[i] = regs->regs[i];
4639         }
4640         env->active_tc.PC = regs->cp0_epc & ~(target_ulong)1;
4641         if (regs->cp0_epc & 1) {
4642             env->hflags |= MIPS_HFLAG_M16;
4643         }
4644     }
4645 #elif defined(TARGET_OPENRISC)
4646     {
4647         int i;
4648 
4649         for (i = 0; i < 32; i++) {
4650             env->gpr[i] = regs->gpr[i];
4651         }
4652 
4653         env->sr = regs->sr;
4654         env->pc = regs->pc;
4655     }
4656 #elif defined(TARGET_SH4)
4657     {
4658         int i;
4659 
4660         for(i = 0; i < 16; i++) {
4661             env->gregs[i] = regs->regs[i];
4662         }
4663         env->pc = regs->pc;
4664     }
4665 #elif defined(TARGET_ALPHA)
4666     {
4667         int i;
4668 
4669         for(i = 0; i < 28; i++) {
4670             env->ir[i] = ((abi_ulong *)regs)[i];
4671         }
4672         env->ir[IR_SP] = regs->usp;
4673         env->pc = regs->pc;
4674     }
4675 #elif defined(TARGET_CRIS)
4676     {
4677 	    env->regs[0] = regs->r0;
4678 	    env->regs[1] = regs->r1;
4679 	    env->regs[2] = regs->r2;
4680 	    env->regs[3] = regs->r3;
4681 	    env->regs[4] = regs->r4;
4682 	    env->regs[5] = regs->r5;
4683 	    env->regs[6] = regs->r6;
4684 	    env->regs[7] = regs->r7;
4685 	    env->regs[8] = regs->r8;
4686 	    env->regs[9] = regs->r9;
4687 	    env->regs[10] = regs->r10;
4688 	    env->regs[11] = regs->r11;
4689 	    env->regs[12] = regs->r12;
4690 	    env->regs[13] = regs->r13;
4691 	    env->regs[14] = info->start_stack;
4692 	    env->regs[15] = regs->acr;
4693 	    env->pc = regs->erp;
4694     }
4695 #elif defined(TARGET_S390X)
4696     {
4697             int i;
4698             for (i = 0; i < 16; i++) {
4699                 env->regs[i] = regs->gprs[i];
4700             }
4701             env->psw.mask = regs->psw.mask;
4702             env->psw.addr = regs->psw.addr;
4703     }
4704 #elif defined(TARGET_TILEGX)
4705     {
4706         int i;
4707         for (i = 0; i < TILEGX_R_COUNT; i++) {
4708             env->regs[i] = regs->regs[i];
4709         }
4710         for (i = 0; i < TILEGX_SPR_COUNT; i++) {
4711             env->spregs[i] = 0;
4712         }
4713         env->pc = regs->pc;
4714     }
4715 #else
4716 #error unsupported target CPU
4717 #endif
4718 
4719 #if defined(TARGET_ARM) || defined(TARGET_M68K) || defined(TARGET_UNICORE32)
4720     ts->stack_base = info->start_stack;
4721     ts->heap_base = info->brk;
4722     /* This will be filled in on the first SYS_HEAPINFO call.  */
4723     ts->heap_limit = 0;
4724 #endif
4725 
4726     if (gdbstub_port) {
4727         if (gdbserver_start(gdbstub_port) < 0) {
4728             fprintf(stderr, "qemu: could not open gdbserver on port %d\n",
4729                     gdbstub_port);
4730             exit(EXIT_FAILURE);
4731         }
4732         gdb_handlesig(cpu, 0);
4733     }
4734     cpu_loop(env);
4735     /* never exits */
4736     return 0;
4737 }
4738