4 * Copyright (c) 2003 Fabrice Bellard
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
24 const uint8_t parity_table[256] = {
25 CC_P, 0, 0, CC_P, 0, CC_P, CC_P, 0,
26 0, CC_P, CC_P, 0, CC_P, 0, 0, CC_P,
27 0, CC_P, CC_P, 0, CC_P, 0, 0, CC_P,
28 CC_P, 0, 0, CC_P, 0, CC_P, CC_P, 0,
29 0, CC_P, CC_P, 0, CC_P, 0, 0, CC_P,
30 CC_P, 0, 0, CC_P, 0, CC_P, CC_P, 0,
31 CC_P, 0, 0, CC_P, 0, CC_P, CC_P, 0,
32 0, CC_P, CC_P, 0, CC_P, 0, 0, CC_P,
33 0, CC_P, CC_P, 0, CC_P, 0, 0, CC_P,
34 CC_P, 0, 0, CC_P, 0, CC_P, CC_P, 0,
35 CC_P, 0, 0, CC_P, 0, CC_P, CC_P, 0,
36 0, CC_P, CC_P, 0, CC_P, 0, 0, CC_P,
37 CC_P, 0, 0, CC_P, 0, CC_P, CC_P, 0,
38 0, CC_P, CC_P, 0, CC_P, 0, 0, CC_P,
39 0, CC_P, CC_P, 0, CC_P, 0, 0, CC_P,
40 CC_P, 0, 0, CC_P, 0, CC_P, CC_P, 0,
41 0, CC_P, CC_P, 0, CC_P, 0, 0, CC_P,
42 CC_P, 0, 0, CC_P, 0, CC_P, CC_P, 0,
43 CC_P, 0, 0, CC_P, 0, CC_P, CC_P, 0,
44 0, CC_P, CC_P, 0, CC_P, 0, 0, CC_P,
45 CC_P, 0, 0, CC_P, 0, CC_P, CC_P, 0,
46 0, CC_P, CC_P, 0, CC_P, 0, 0, CC_P,
47 0, CC_P, CC_P, 0, CC_P, 0, 0, CC_P,
48 CC_P, 0, 0, CC_P, 0, CC_P, CC_P, 0,
49 CC_P, 0, 0, CC_P, 0, CC_P, CC_P, 0,
50 0, CC_P, CC_P, 0, CC_P, 0, 0, CC_P,
51 0, CC_P, CC_P, 0, CC_P, 0, 0, CC_P,
52 CC_P, 0, 0, CC_P, 0, CC_P, CC_P, 0,
53 0, CC_P, CC_P, 0, CC_P, 0, 0, CC_P,
54 CC_P, 0, 0, CC_P, 0, CC_P, CC_P, 0,
55 CC_P, 0, 0, CC_P, 0, CC_P, CC_P, 0,
56 0, CC_P, CC_P, 0, CC_P, 0, 0, CC_P,
60 const uint8_t rclw_table[32] = {
61 0, 1, 2, 3, 4, 5, 6, 7,
62 8, 9,10,11,12,13,14,15,
63 16, 0, 1, 2, 3, 4, 5, 6,
64 7, 8, 9,10,11,12,13,14,
68 const uint8_t rclb_table[32] = {
69 0, 1, 2, 3, 4, 5, 6, 7,
70 8, 0, 1, 2, 3, 4, 5, 6,
71 7, 8, 0, 1, 2, 3, 4, 5,
72 6, 7, 8, 0, 1, 2, 3, 4,
75 const CPU86_LDouble f15rk[7] =
77 0.00000000000000000000L,
78 1.00000000000000000000L,
79 3.14159265358979323851L, /*pi*/
80 0.30102999566398119523L, /*lg2*/
81 0.69314718055994530943L, /*ln2*/
82 1.44269504088896340739L, /*l2e*/
83 3.32192809488736234781L, /*l2t*/
88 spinlock_t global_cpu_lock = SPIN_LOCK_UNLOCKED;
92 spin_lock(&global_cpu_lock);
97 spin_unlock(&global_cpu_lock);
100 void cpu_loop_exit(void)
102 /* NOTE: the register at this point must be saved by hand because
103 longjmp restore them */
105 env->regs[R_EAX] = EAX;
108 env->regs[R_ECX] = ECX;
111 env->regs[R_EDX] = EDX;
114 env->regs[R_EBX] = EBX;
117 env->regs[R_ESP] = ESP;
120 env->regs[R_EBP] = EBP;
123 env->regs[R_ESI] = ESI;
126 env->regs[R_EDI] = EDI;
128 longjmp(env->jmp_env, 1);
131 /* return non zero if error */
132 static inline int load_segment(uint32_t *e1_ptr, uint32_t *e2_ptr,
143 index = selector & ~7;
144 if ((index + 7) > dt->limit)
146 ptr = dt->base + index;
147 *e1_ptr = ldl_kernel(ptr);
148 *e2_ptr = ldl_kernel(ptr + 4);
152 static inline unsigned int get_seg_limit(uint32_t e1, uint32_t e2)
155 limit = (e1 & 0xffff) | (e2 & 0x000f0000);
156 if (e2 & DESC_G_MASK)
157 limit = (limit << 12) | 0xfff;
161 static inline uint8_t *get_seg_base(uint32_t e1, uint32_t e2)
163 return (uint8_t *)((e1 >> 16) | ((e2 & 0xff) << 16) | (e2 & 0xff000000));
166 static inline void load_seg_cache_raw_dt(SegmentCache *sc, uint32_t e1, uint32_t e2)
168 sc->base = get_seg_base(e1, e2);
169 sc->limit = get_seg_limit(e1, e2);
173 /* init the segment cache in vm86 mode. */
174 static inline void load_seg_vm(int seg, int selector)
177 cpu_x86_load_seg_cache(env, seg, selector,
178 (uint8_t *)(selector << 4), 0xffff, 0);
181 static inline void get_ss_esp_from_tss(uint32_t *ss_ptr,
182 uint32_t *esp_ptr, int dpl)
184 int type, index, shift;
189 printf("TR: base=%p limit=%x\n", env->tr.base, env->tr.limit);
190 for(i=0;i<env->tr.limit;i++) {
191 printf("%02x ", env->tr.base[i]);
192 if ((i & 7) == 7) printf("\n");
198 if (!(env->tr.flags & DESC_P_MASK))
199 cpu_abort(env, "invalid tss");
200 type = (env->tr.flags >> DESC_TYPE_SHIFT) & 0xf;
202 cpu_abort(env, "invalid tss type");
204 index = (dpl * 4 + 2) << shift;
205 if (index + (4 << shift) - 1 > env->tr.limit)
206 raise_exception_err(EXCP0A_TSS, env->tr.selector & 0xfffc);
208 *esp_ptr = lduw_kernel(env->tr.base + index);
209 *ss_ptr = lduw_kernel(env->tr.base + index + 2);
211 *esp_ptr = ldl_kernel(env->tr.base + index);
212 *ss_ptr = lduw_kernel(env->tr.base + index + 4);
216 /* XXX: merge with load_seg() */
217 static void tss_load_seg(int seg_reg, int selector)
222 if ((selector & 0xfffc) != 0) {
223 if (load_segment(&e1, &e2, selector) != 0)
224 raise_exception_err(EXCP0A_TSS, selector & 0xfffc);
225 if (!(e2 & DESC_S_MASK))
226 raise_exception_err(EXCP0A_TSS, selector & 0xfffc);
228 dpl = (e2 >> DESC_DPL_SHIFT) & 3;
229 cpl = env->hflags & HF_CPL_MASK;
230 if (seg_reg == R_CS) {
231 if (!(e2 & DESC_CS_MASK))
232 raise_exception_err(EXCP0A_TSS, selector & 0xfffc);
234 raise_exception_err(EXCP0A_TSS, selector & 0xfffc);
235 if ((e2 & DESC_C_MASK) && dpl > rpl)
236 raise_exception_err(EXCP0A_TSS, selector & 0xfffc);
238 } else if (seg_reg == R_SS) {
239 /* SS must be writable data */
240 if ((e2 & DESC_CS_MASK) || !(e2 & DESC_W_MASK))
241 raise_exception_err(EXCP0A_TSS, selector & 0xfffc);
242 if (dpl != cpl || dpl != rpl)
243 raise_exception_err(EXCP0A_TSS, selector & 0xfffc);
245 /* not readable code */
246 if ((e2 & DESC_CS_MASK) && !(e2 & DESC_R_MASK))
247 raise_exception_err(EXCP0A_TSS, selector & 0xfffc);
248 /* if data or non conforming code, checks the rights */
249 if (((e2 >> DESC_TYPE_SHIFT) & 0xf) < 12) {
250 if (dpl < cpl || dpl < rpl)
251 raise_exception_err(EXCP0A_TSS, selector & 0xfffc);
254 if (!(e2 & DESC_P_MASK))
255 raise_exception_err(EXCP0B_NOSEG, selector & 0xfffc);
256 cpu_x86_load_seg_cache(env, seg_reg, selector,
257 get_seg_base(e1, e2),
258 get_seg_limit(e1, e2),
261 if (seg_reg == R_SS || seg_reg == R_CS)
262 raise_exception_err(EXCP0A_TSS, selector & 0xfffc);
266 #define SWITCH_TSS_JMP 0
267 #define SWITCH_TSS_IRET 1
268 #define SWITCH_TSS_CALL 2
270 /* XXX: restore CPU state in registers (PowerPC case) */
271 static void switch_tss(int tss_selector,
272 uint32_t e1, uint32_t e2, int source)
274 int tss_limit, tss_limit_max, type, old_tss_limit_max, old_type, v1, v2, i;
276 uint32_t new_regs[8], new_segs[6];
277 uint32_t new_eflags, new_eip, new_cr3, new_ldt, new_trap;
278 uint32_t old_eflags, eflags_mask;
283 type = (e2 >> DESC_TYPE_SHIFT) & 0xf;
286 fprintf(logfile, "switch_tss: sel=0x%04x type=%d src=%d\n", tss_selector, type, source);
289 /* if task gate, we read the TSS segment and we load it */
291 if (!(e2 & DESC_P_MASK))
292 raise_exception_err(EXCP0B_NOSEG, tss_selector & 0xfffc);
293 tss_selector = e1 >> 16;
294 if (tss_selector & 4)
295 raise_exception_err(EXCP0A_TSS, tss_selector & 0xfffc);
296 if (load_segment(&e1, &e2, tss_selector) != 0)
297 raise_exception_err(EXCP0D_GPF, tss_selector & 0xfffc);
298 if (e2 & DESC_S_MASK)
299 raise_exception_err(EXCP0D_GPF, tss_selector & 0xfffc);
300 type = (e2 >> DESC_TYPE_SHIFT) & 0xf;
302 raise_exception_err(EXCP0D_GPF, tss_selector & 0xfffc);
305 if (!(e2 & DESC_P_MASK))
306 raise_exception_err(EXCP0B_NOSEG, tss_selector & 0xfffc);
312 tss_limit = get_seg_limit(e1, e2);
313 tss_base = get_seg_base(e1, e2);
314 if ((tss_selector & 4) != 0 ||
315 tss_limit < tss_limit_max)
316 raise_exception_err(EXCP0A_TSS, tss_selector & 0xfffc);
317 old_type = (env->tr.flags >> DESC_TYPE_SHIFT) & 0xf;
319 old_tss_limit_max = 103;
321 old_tss_limit_max = 43;
323 /* read all the registers from the new TSS */
326 new_cr3 = ldl_kernel(tss_base + 0x1c);
327 new_eip = ldl_kernel(tss_base + 0x20);
328 new_eflags = ldl_kernel(tss_base + 0x24);
329 for(i = 0; i < 8; i++)
330 new_regs[i] = ldl_kernel(tss_base + (0x28 + i * 4));
331 for(i = 0; i < 6; i++)
332 new_segs[i] = lduw_kernel(tss_base + (0x48 + i * 4));
333 new_ldt = lduw_kernel(tss_base + 0x60);
334 new_trap = ldl_kernel(tss_base + 0x64);
338 new_eip = lduw_kernel(tss_base + 0x0e);
339 new_eflags = lduw_kernel(tss_base + 0x10);
340 for(i = 0; i < 8; i++)
341 new_regs[i] = lduw_kernel(tss_base + (0x12 + i * 2)) | 0xffff0000;
342 for(i = 0; i < 4; i++)
343 new_segs[i] = lduw_kernel(tss_base + (0x22 + i * 4));
344 new_ldt = lduw_kernel(tss_base + 0x2a);
350 /* NOTE: we must avoid memory exceptions during the task switch,
351 so we make dummy accesses before */
352 /* XXX: it can still fail in some cases, so a bigger hack is
353 necessary to valid the TLB after having done the accesses */
355 v1 = ldub_kernel(env->tr.base);
356 v2 = ldub(env->tr.base + old_tss_limit_max);
357 stb_kernel(env->tr.base, v1);
358 stb_kernel(env->tr.base + old_tss_limit_max, v2);
360 /* clear busy bit (it is restartable) */
361 if (source == SWITCH_TSS_JMP || source == SWITCH_TSS_IRET) {
364 ptr = env->gdt.base + (env->tr.selector << 3);
365 e2 = ldl_kernel(ptr + 4);
366 e2 &= ~DESC_TSS_BUSY_MASK;
367 stl_kernel(ptr + 4, e2);
369 old_eflags = compute_eflags();
370 if (source == SWITCH_TSS_IRET)
371 old_eflags &= ~NT_MASK;
373 /* save the current state in the old TSS */
376 stl_kernel(env->tr.base + 0x20, env->eip);
377 stl_kernel(env->tr.base + 0x24, old_eflags);
378 for(i = 0; i < 8; i++)
379 stl_kernel(env->tr.base + (0x28 + i * 4), env->regs[i]);
380 for(i = 0; i < 6; i++)
381 stw_kernel(env->tr.base + (0x48 + i * 4), env->segs[i].selector);
384 stw_kernel(env->tr.base + 0x0e, new_eip);
385 stw_kernel(env->tr.base + 0x10, old_eflags);
386 for(i = 0; i < 8; i++)
387 stw_kernel(env->tr.base + (0x12 + i * 2), env->regs[i]);
388 for(i = 0; i < 4; i++)
389 stw_kernel(env->tr.base + (0x22 + i * 4), env->segs[i].selector);
392 /* now if an exception occurs, it will occurs in the next task
395 if (source == SWITCH_TSS_CALL) {
396 stw_kernel(tss_base, env->tr.selector);
397 new_eflags |= NT_MASK;
401 if (source == SWITCH_TSS_JMP || source == SWITCH_TSS_CALL) {
404 ptr = env->gdt.base + (tss_selector << 3);
405 e2 = ldl_kernel(ptr + 4);
406 e2 |= DESC_TSS_BUSY_MASK;
407 stl_kernel(ptr + 4, e2);
410 /* set the new CPU state */
411 /* from this point, any exception which occurs can give problems */
412 env->cr[0] |= CR0_TS_MASK;
413 env->tr.selector = tss_selector;
414 env->tr.base = tss_base;
415 env->tr.limit = tss_limit;
416 env->tr.flags = e2 & ~DESC_TSS_BUSY_MASK;
418 if ((type & 8) && (env->cr[0] & CR0_PG_MASK)) {
419 env->cr[3] = new_cr3;
420 cpu_x86_update_cr3(env);
423 /* load all registers without an exception, then reload them with
424 possible exception */
426 eflags_mask = TF_MASK | AC_MASK | ID_MASK |
427 IF_MASK | IOPL_MASK | VM_MASK | RF_MASK;
429 eflags_mask &= 0xffff;
430 load_eflags(new_eflags, eflags_mask);
431 for(i = 0; i < 8; i++)
432 env->regs[i] = new_regs[i];
433 if (new_eflags & VM_MASK) {
434 for(i = 0; i < 6; i++)
435 load_seg_vm(i, new_segs[i]);
436 /* in vm86, CPL is always 3 */
437 cpu_x86_set_cpl(env, 3);
439 /* CPL is set the RPL of CS */
440 cpu_x86_set_cpl(env, new_segs[R_CS] & 3);
441 /* first just selectors as the rest may trigger exceptions */
442 for(i = 0; i < 6; i++)
443 cpu_x86_load_seg_cache(env, i, new_segs[i], NULL, 0, 0);
446 env->ldt.selector = new_ldt & ~4;
447 env->ldt.base = NULL;
453 raise_exception_err(EXCP0A_TSS, new_ldt & 0xfffc);
456 index = new_ldt & ~7;
457 if ((index + 7) > dt->limit)
458 raise_exception_err(EXCP0A_TSS, new_ldt & 0xfffc);
459 ptr = dt->base + index;
460 e1 = ldl_kernel(ptr);
461 e2 = ldl_kernel(ptr + 4);
462 if ((e2 & DESC_S_MASK) || ((e2 >> DESC_TYPE_SHIFT) & 0xf) != 2)
463 raise_exception_err(EXCP0A_TSS, new_ldt & 0xfffc);
464 if (!(e2 & DESC_P_MASK))
465 raise_exception_err(EXCP0A_TSS, new_ldt & 0xfffc);
466 load_seg_cache_raw_dt(&env->ldt, e1, e2);
468 /* load the segments */
469 if (!(new_eflags & VM_MASK)) {
470 tss_load_seg(R_CS, new_segs[R_CS]);
471 tss_load_seg(R_SS, new_segs[R_SS]);
472 tss_load_seg(R_ES, new_segs[R_ES]);
473 tss_load_seg(R_DS, new_segs[R_DS]);
474 tss_load_seg(R_FS, new_segs[R_FS]);
475 tss_load_seg(R_GS, new_segs[R_GS]);
478 /* check that EIP is in the CS segment limits */
479 if (new_eip > env->segs[R_CS].limit) {
480 raise_exception_err(EXCP0D_GPF, 0);
484 /* check if Port I/O is allowed in TSS */
485 static inline void check_io(int addr, int size)
487 int io_offset, val, mask;
489 /* TSS must be a valid 32 bit one */
490 if (!(env->tr.flags & DESC_P_MASK) ||
491 ((env->tr.flags >> DESC_TYPE_SHIFT) & 0xf) != 9 ||
494 io_offset = lduw_kernel(env->tr.base + 0x66);
495 io_offset += (addr >> 3);
496 /* Note: the check needs two bytes */
497 if ((io_offset + 1) > env->tr.limit)
499 val = lduw_kernel(env->tr.base + io_offset);
501 mask = (1 << size) - 1;
502 /* all bits must be zero to allow the I/O */
503 if ((val & mask) != 0) {
505 raise_exception_err(EXCP0D_GPF, 0);
509 void check_iob_T0(void)
514 void check_iow_T0(void)
519 void check_iol_T0(void)
524 void check_iob_DX(void)
526 check_io(EDX & 0xffff, 1);
529 void check_iow_DX(void)
531 check_io(EDX & 0xffff, 2);
534 void check_iol_DX(void)
536 check_io(EDX & 0xffff, 4);
539 static inline unsigned int get_sp_mask(unsigned int e2)
541 if (e2 & DESC_B_MASK)
547 /* XXX: add a is_user flag to have proper security support */
548 #define PUSHW(ssp, sp, sp_mask, val)\
551 stw_kernel((ssp) + (sp & (sp_mask)), (val));\
554 #define PUSHL(ssp, sp, sp_mask, val)\
557 stl_kernel((ssp) + (sp & (sp_mask)), (val));\
560 #define POPW(ssp, sp, sp_mask, val)\
562 val = lduw_kernel((ssp) + (sp & (sp_mask)));\
566 #define POPL(ssp, sp, sp_mask, val)\
568 val = ldl_kernel((ssp) + (sp & (sp_mask)));\
572 /* protected mode interrupt */
573 static void do_interrupt_protected(int intno, int is_int, int error_code,
574 unsigned int next_eip, int is_hw)
578 int type, dpl, selector, ss_dpl, cpl, sp_mask;
579 int has_error_code, new_stack, shift;
580 uint32_t e1, e2, offset, ss, esp, ss_e1, ss_e2;
584 if (!is_int && !is_hw) {
599 if (intno * 8 + 7 > dt->limit)
600 raise_exception_err(EXCP0D_GPF, intno * 8 + 2);
601 ptr = dt->base + intno * 8;
602 e1 = ldl_kernel(ptr);
603 e2 = ldl_kernel(ptr + 4);
604 /* check gate type */
605 type = (e2 >> DESC_TYPE_SHIFT) & 0x1f;
607 case 5: /* task gate */
608 /* must do that check here to return the correct error code */
609 if (!(e2 & DESC_P_MASK))
610 raise_exception_err(EXCP0B_NOSEG, intno * 8 + 2);
611 switch_tss(intno * 8, e1, e2, SWITCH_TSS_CALL);
612 if (has_error_code) {
614 /* push the error code */
615 shift = (env->segs[R_CS].flags >> DESC_B_SHIFT) & 1;
616 if (env->segs[R_SS].flags & DESC_B_MASK)
620 esp = (env->regs[R_ESP] - (2 << shift)) & mask;
621 ssp = env->segs[R_SS].base + esp;
623 stl_kernel(ssp, error_code);
625 stw_kernel(ssp, error_code);
626 env->regs[R_ESP] = (esp & mask) | (env->regs[R_ESP] & ~mask);
629 case 6: /* 286 interrupt gate */
630 case 7: /* 286 trap gate */
631 case 14: /* 386 interrupt gate */
632 case 15: /* 386 trap gate */
635 raise_exception_err(EXCP0D_GPF, intno * 8 + 2);
638 dpl = (e2 >> DESC_DPL_SHIFT) & 3;
639 cpl = env->hflags & HF_CPL_MASK;
640 /* check privledge if software int */
641 if (is_int && dpl < cpl)
642 raise_exception_err(EXCP0D_GPF, intno * 8 + 2);
643 /* check valid bit */
644 if (!(e2 & DESC_P_MASK))
645 raise_exception_err(EXCP0B_NOSEG, intno * 8 + 2);
647 offset = (e2 & 0xffff0000) | (e1 & 0x0000ffff);
648 if ((selector & 0xfffc) == 0)
649 raise_exception_err(EXCP0D_GPF, 0);
651 if (load_segment(&e1, &e2, selector) != 0)
652 raise_exception_err(EXCP0D_GPF, selector & 0xfffc);
653 if (!(e2 & DESC_S_MASK) || !(e2 & (DESC_CS_MASK)))
654 raise_exception_err(EXCP0D_GPF, selector & 0xfffc);
655 dpl = (e2 >> DESC_DPL_SHIFT) & 3;
657 raise_exception_err(EXCP0D_GPF, selector & 0xfffc);
658 if (!(e2 & DESC_P_MASK))
659 raise_exception_err(EXCP0B_NOSEG, selector & 0xfffc);
660 if (!(e2 & DESC_C_MASK) && dpl < cpl) {
661 /* to inner priviledge */
662 get_ss_esp_from_tss(&ss, &esp, dpl);
663 if ((ss & 0xfffc) == 0)
664 raise_exception_err(EXCP0A_TSS, ss & 0xfffc);
666 raise_exception_err(EXCP0A_TSS, ss & 0xfffc);
667 if (load_segment(&ss_e1, &ss_e2, ss) != 0)
668 raise_exception_err(EXCP0A_TSS, ss & 0xfffc);
669 ss_dpl = (ss_e2 >> DESC_DPL_SHIFT) & 3;
671 raise_exception_err(EXCP0A_TSS, ss & 0xfffc);
672 if (!(ss_e2 & DESC_S_MASK) ||
673 (ss_e2 & DESC_CS_MASK) ||
674 !(ss_e2 & DESC_W_MASK))
675 raise_exception_err(EXCP0A_TSS, ss & 0xfffc);
676 if (!(ss_e2 & DESC_P_MASK))
677 raise_exception_err(EXCP0A_TSS, ss & 0xfffc);
679 sp_mask = get_sp_mask(ss_e2);
680 ssp = get_seg_base(ss_e1, ss_e2);
681 } else if ((e2 & DESC_C_MASK) || dpl == cpl) {
682 /* to same priviledge */
683 if (env->eflags & VM_MASK)
684 raise_exception_err(EXCP0D_GPF, selector & 0xfffc);
686 sp_mask = get_sp_mask(env->segs[R_SS].flags);
687 ssp = env->segs[R_SS].base;
691 raise_exception_err(EXCP0D_GPF, selector & 0xfffc);
692 new_stack = 0; /* avoid warning */
693 sp_mask = 0; /* avoid warning */
694 ssp = NULL; /* avoid warning */
695 esp = 0; /* avoid warning */
701 /* XXX: check that enough room is available */
702 push_size = 6 + (new_stack << 2) + (has_error_code << 1);
703 if (env->eflags & VM_MASK)
713 if (env->eflags & VM_MASK) {
714 PUSHL(ssp, esp, sp_mask, env->segs[R_GS].selector);
715 PUSHL(ssp, esp, sp_mask, env->segs[R_FS].selector);
716 PUSHL(ssp, esp, sp_mask, env->segs[R_DS].selector);
717 PUSHL(ssp, esp, sp_mask, env->segs[R_ES].selector);
719 PUSHL(ssp, esp, sp_mask, env->segs[R_SS].selector);
720 PUSHL(ssp, esp, sp_mask, ESP);
722 PUSHL(ssp, esp, sp_mask, compute_eflags());
723 PUSHL(ssp, esp, sp_mask, env->segs[R_CS].selector);
724 PUSHL(ssp, esp, sp_mask, old_eip);
725 if (has_error_code) {
726 PUSHL(ssp, esp, sp_mask, error_code);
730 if (env->eflags & VM_MASK) {
731 PUSHW(ssp, esp, sp_mask, env->segs[R_GS].selector);
732 PUSHW(ssp, esp, sp_mask, env->segs[R_FS].selector);
733 PUSHW(ssp, esp, sp_mask, env->segs[R_DS].selector);
734 PUSHW(ssp, esp, sp_mask, env->segs[R_ES].selector);
736 PUSHW(ssp, esp, sp_mask, env->segs[R_SS].selector);
737 PUSHW(ssp, esp, sp_mask, ESP);
739 PUSHW(ssp, esp, sp_mask, compute_eflags());
740 PUSHW(ssp, esp, sp_mask, env->segs[R_CS].selector);
741 PUSHW(ssp, esp, sp_mask, old_eip);
742 if (has_error_code) {
743 PUSHW(ssp, esp, sp_mask, error_code);
748 if (env->eflags & VM_MASK) {
749 /* XXX: explain me why W2K hangs if the whole segment cache is
751 env->segs[R_ES].selector = 0;
752 env->segs[R_ES].flags = 0;
753 env->segs[R_DS].selector = 0;
754 env->segs[R_DS].flags = 0;
755 env->segs[R_FS].selector = 0;
756 env->segs[R_FS].flags = 0;
757 env->segs[R_GS].selector = 0;
758 env->segs[R_GS].flags = 0;
760 ss = (ss & ~3) | dpl;
761 cpu_x86_load_seg_cache(env, R_SS, ss,
762 ssp, get_seg_limit(ss_e1, ss_e2), ss_e2);
764 ESP = (ESP & ~sp_mask) | (esp & sp_mask);
766 selector = (selector & ~3) | dpl;
767 cpu_x86_load_seg_cache(env, R_CS, selector,
768 get_seg_base(e1, e2),
769 get_seg_limit(e1, e2),
771 cpu_x86_set_cpl(env, dpl);
774 /* interrupt gate clear IF mask */
775 if ((type & 1) == 0) {
776 env->eflags &= ~IF_MASK;
778 env->eflags &= ~(TF_MASK | VM_MASK | RF_MASK | NT_MASK);
781 /* real mode interrupt */
782 static void do_interrupt_real(int intno, int is_int, int error_code,
783 unsigned int next_eip)
788 uint32_t offset, esp;
789 uint32_t old_cs, old_eip;
791 /* real mode (simpler !) */
793 if (intno * 4 + 3 > dt->limit)
794 raise_exception_err(EXCP0D_GPF, intno * 8 + 2);
795 ptr = dt->base + intno * 4;
796 offset = lduw_kernel(ptr);
797 selector = lduw_kernel(ptr + 2);
799 ssp = env->segs[R_SS].base;
804 old_cs = env->segs[R_CS].selector;
805 /* XXX: use SS segment size ? */
806 PUSHW(ssp, esp, 0xffff, compute_eflags());
807 PUSHW(ssp, esp, 0xffff, old_cs);
808 PUSHW(ssp, esp, 0xffff, old_eip);
810 /* update processor state */
811 ESP = (ESP & ~0xffff) | (esp & 0xffff);
813 env->segs[R_CS].selector = selector;
814 env->segs[R_CS].base = (uint8_t *)(selector << 4);
815 env->eflags &= ~(IF_MASK | TF_MASK | AC_MASK | RF_MASK);
818 /* fake user mode interrupt */
819 void do_interrupt_user(int intno, int is_int, int error_code,
820 unsigned int next_eip)
828 ptr = dt->base + (intno * 8);
829 e2 = ldl_kernel(ptr + 4);
831 dpl = (e2 >> DESC_DPL_SHIFT) & 3;
832 cpl = env->hflags & HF_CPL_MASK;
833 /* check privledge if software int */
834 if (is_int && dpl < cpl)
835 raise_exception_err(EXCP0D_GPF, intno * 8 + 2);
837 /* Since we emulate only user space, we cannot do more than
838 exiting the emulation with the suitable exception and error
845 * Begin excution of an interruption. is_int is TRUE if coming from
846 * the int instruction. next_eip is the EIP value AFTER the interrupt
847 * instruction. It is only relevant if is_int is TRUE.
849 void do_interrupt(int intno, int is_int, int error_code,
850 unsigned int next_eip, int is_hw)
856 if ((env->cr[0] && CR0_PE_MASK)) {
857 fprintf(stdout, "%d: interrupt: vector=%02x error_code=%04x int=%d CPL=%d CS:EIP=%04x:%08x SS:ESP=%04x:%08x EAX=%08x\n",
858 count, intno, error_code, is_int,
859 env->hflags & HF_CPL_MASK,
860 env->segs[R_CS].selector, EIP,
861 env->segs[R_SS].selector, ESP,
864 cpu_x86_dump_state(env, stdout, X86_DUMP_CCOP);
869 fprintf(stdout, " code=");
870 ptr = env->segs[R_CS].base + env->eip;
871 for(i = 0; i < 16; i++) {
872 fprintf(stdout, " %02x", ldub(ptr + i));
874 fprintf(stdout, "\n");
886 fprintf(logfile, "%d: interrupt: vector=%02x error_code=%04x int=%d\n",
887 count, intno, error_code, is_int);
888 cpu_x86_dump_state(env, logfile, X86_DUMP_CCOP);
893 fprintf(logfile, " code=");
894 ptr = env->segs[R_CS].base + env->eip;
895 for(i = 0; i < 16; i++) {
896 fprintf(logfile, " %02x", ldub(ptr + i));
898 fprintf(logfile, "\n");
904 if (env->cr[0] & CR0_PE_MASK) {
905 do_interrupt_protected(intno, is_int, error_code, next_eip, is_hw);
907 do_interrupt_real(intno, is_int, error_code, next_eip);
912 * Signal an interruption. It is executed in the main CPU loop.
913 * is_int is TRUE if coming from the int instruction. next_eip is the
914 * EIP value AFTER the interrupt instruction. It is only relevant if
917 void raise_interrupt(int intno, int is_int, int error_code,
918 unsigned int next_eip)
920 env->exception_index = intno;
921 env->error_code = error_code;
922 env->exception_is_int = is_int;
923 env->exception_next_eip = next_eip;
927 /* shortcuts to generate exceptions */
928 void raise_exception_err(int exception_index, int error_code)
930 raise_interrupt(exception_index, 0, error_code, 0);
933 void raise_exception(int exception_index)
935 raise_interrupt(exception_index, 0, 0, 0);
938 #ifdef BUGGY_GCC_DIV64
939 /* gcc 2.95.4 on PowerPC does not seem to like using __udivdi3, so we
940 call it from another function */
941 uint32_t div64(uint32_t *q_ptr, uint64_t num, uint32_t den)
947 int32_t idiv64(int32_t *q_ptr, int64_t num, int32_t den)
954 void helper_divl_EAX_T0(uint32_t eip)
956 unsigned int den, q, r;
959 num = EAX | ((uint64_t)EDX << 32);
963 raise_exception(EXCP00_DIVZ);
965 #ifdef BUGGY_GCC_DIV64
966 r = div64(&q, num, den);
975 void helper_idivl_EAX_T0(uint32_t eip)
980 num = EAX | ((uint64_t)EDX << 32);
984 raise_exception(EXCP00_DIVZ);
986 #ifdef BUGGY_GCC_DIV64
987 r = idiv64(&q, num, den);
996 void helper_cmpxchg8b(void)
1001 eflags = cc_table[CC_OP].compute_all();
1002 d = ldq((uint8_t *)A0);
1003 if (d == (((uint64_t)EDX << 32) | EAX)) {
1004 stq((uint8_t *)A0, ((uint64_t)ECX << 32) | EBX);
1014 #define CPUID_FP87 (1 << 0)
1015 #define CPUID_VME (1 << 1)
1016 #define CPUID_DE (1 << 2)
1017 #define CPUID_PSE (1 << 3)
1018 #define CPUID_TSC (1 << 4)
1019 #define CPUID_MSR (1 << 5)
1020 #define CPUID_PAE (1 << 6)
1021 #define CPUID_MCE (1 << 7)
1022 #define CPUID_CX8 (1 << 8)
1023 #define CPUID_APIC (1 << 9)
1024 #define CPUID_SEP (1 << 11) /* sysenter/sysexit */
1025 #define CPUID_MTRR (1 << 12)
1026 #define CPUID_PGE (1 << 13)
1027 #define CPUID_MCA (1 << 14)
1028 #define CPUID_CMOV (1 << 15)
1030 #define CPUID_MMX (1 << 23)
1031 #define CPUID_FXSR (1 << 24)
1032 #define CPUID_SSE (1 << 25)
1033 #define CPUID_SSE2 (1 << 26)
1035 void helper_cpuid(void)
1039 EAX = 2; /* max EAX index supported */
1046 int family, model, stepping;
1049 /* pentium 75-200 */
1059 EAX = (family << 8) | (model << 4) | stepping;
1062 EDX = CPUID_FP87 | CPUID_DE | CPUID_PSE |
1063 CPUID_TSC | CPUID_MSR | CPUID_MCE |
1064 CPUID_CX8 | CPUID_PGE | CPUID_CMOV;
1068 /* cache info: needed for Pentium Pro compatibility */
1077 void helper_lldt_T0(void)
1085 selector = T0 & 0xffff;
1086 if ((selector & 0xfffc) == 0) {
1087 /* XXX: NULL selector case: invalid LDT */
1088 env->ldt.base = NULL;
1092 raise_exception_err(EXCP0D_GPF, selector & 0xfffc);
1094 index = selector & ~7;
1095 if ((index + 7) > dt->limit)
1096 raise_exception_err(EXCP0D_GPF, selector & 0xfffc);
1097 ptr = dt->base + index;
1098 e1 = ldl_kernel(ptr);
1099 e2 = ldl_kernel(ptr + 4);
1100 if ((e2 & DESC_S_MASK) || ((e2 >> DESC_TYPE_SHIFT) & 0xf) != 2)
1101 raise_exception_err(EXCP0D_GPF, selector & 0xfffc);
1102 if (!(e2 & DESC_P_MASK))
1103 raise_exception_err(EXCP0B_NOSEG, selector & 0xfffc);
1104 load_seg_cache_raw_dt(&env->ldt, e1, e2);
1106 env->ldt.selector = selector;
1109 void helper_ltr_T0(void)
1117 selector = T0 & 0xffff;
1118 if ((selector & 0xfffc) == 0) {
1119 /* NULL selector case: invalid LDT */
1120 env->tr.base = NULL;
1125 raise_exception_err(EXCP0D_GPF, selector & 0xfffc);
1127 index = selector & ~7;
1128 if ((index + 7) > dt->limit)
1129 raise_exception_err(EXCP0D_GPF, selector & 0xfffc);
1130 ptr = dt->base + index;
1131 e1 = ldl_kernel(ptr);
1132 e2 = ldl_kernel(ptr + 4);
1133 type = (e2 >> DESC_TYPE_SHIFT) & 0xf;
1134 if ((e2 & DESC_S_MASK) ||
1135 (type != 1 && type != 9))
1136 raise_exception_err(EXCP0D_GPF, selector & 0xfffc);
1137 if (!(e2 & DESC_P_MASK))
1138 raise_exception_err(EXCP0B_NOSEG, selector & 0xfffc);
1139 load_seg_cache_raw_dt(&env->tr, e1, e2);
1140 e2 |= DESC_TSS_BUSY_MASK;
1141 stl_kernel(ptr + 4, e2);
1143 env->tr.selector = selector;
1146 /* only works if protected mode and not VM86. seg_reg must be != R_CS */
1147 void load_seg(int seg_reg, int selector)
1156 if ((selector & 0xfffc) == 0) {
1157 /* null selector case */
1158 if (seg_reg == R_SS)
1159 raise_exception_err(EXCP0D_GPF, 0);
1160 cpu_x86_load_seg_cache(env, seg_reg, selector, NULL, 0, 0);
1167 index = selector & ~7;
1168 if ((index + 7) > dt->limit)
1169 raise_exception_err(EXCP0D_GPF, selector & 0xfffc);
1170 ptr = dt->base + index;
1171 e1 = ldl_kernel(ptr);
1172 e2 = ldl_kernel(ptr + 4);
1174 if (!(e2 & DESC_S_MASK))
1175 raise_exception_err(EXCP0D_GPF, selector & 0xfffc);
1177 dpl = (e2 >> DESC_DPL_SHIFT) & 3;
1178 cpl = env->hflags & HF_CPL_MASK;
1179 if (seg_reg == R_SS) {
1180 /* must be writable segment */
1181 if ((e2 & DESC_CS_MASK) || !(e2 & DESC_W_MASK))
1182 raise_exception_err(EXCP0D_GPF, selector & 0xfffc);
1183 if (rpl != cpl || dpl != cpl)
1184 raise_exception_err(EXCP0D_GPF, selector & 0xfffc);
1186 /* must be readable segment */
1187 if ((e2 & (DESC_CS_MASK | DESC_R_MASK)) == DESC_CS_MASK)
1188 raise_exception_err(EXCP0D_GPF, selector & 0xfffc);
1190 if (!(e2 & DESC_CS_MASK) || !(e2 & DESC_C_MASK)) {
1191 /* if not conforming code, test rights */
1192 if (dpl < cpl || dpl < rpl)
1193 raise_exception_err(EXCP0D_GPF, selector & 0xfffc);
1197 if (!(e2 & DESC_P_MASK)) {
1198 if (seg_reg == R_SS)
1199 raise_exception_err(EXCP0C_STACK, selector & 0xfffc);
1201 raise_exception_err(EXCP0B_NOSEG, selector & 0xfffc);
1204 /* set the access bit if not already set */
1205 if (!(e2 & DESC_A_MASK)) {
1207 stl_kernel(ptr + 4, e2);
1210 cpu_x86_load_seg_cache(env, seg_reg, selector,
1211 get_seg_base(e1, e2),
1212 get_seg_limit(e1, e2),
1215 fprintf(logfile, "load_seg: sel=0x%04x base=0x%08lx limit=0x%08lx flags=%08x\n",
1216 selector, (unsigned long)sc->base, sc->limit, sc->flags);
1221 /* protected mode jump */
1222 void helper_ljmp_protected_T0_T1(void)
1224 int new_cs, new_eip, gate_cs, type;
1225 uint32_t e1, e2, cpl, dpl, rpl, limit;
1229 if ((new_cs & 0xfffc) == 0)
1230 raise_exception_err(EXCP0D_GPF, 0);
1231 if (load_segment(&e1, &e2, new_cs) != 0)
1232 raise_exception_err(EXCP0D_GPF, new_cs & 0xfffc);
1233 cpl = env->hflags & HF_CPL_MASK;
1234 if (e2 & DESC_S_MASK) {
1235 if (!(e2 & DESC_CS_MASK))
1236 raise_exception_err(EXCP0D_GPF, new_cs & 0xfffc);
1237 dpl = (e2 >> DESC_DPL_SHIFT) & 3;
1238 if (e2 & DESC_C_MASK) {
1239 /* conforming code segment */
1241 raise_exception_err(EXCP0D_GPF, new_cs & 0xfffc);
1243 /* non conforming code segment */
1246 raise_exception_err(EXCP0D_GPF, new_cs & 0xfffc);
1248 raise_exception_err(EXCP0D_GPF, new_cs & 0xfffc);
1250 if (!(e2 & DESC_P_MASK))
1251 raise_exception_err(EXCP0B_NOSEG, new_cs & 0xfffc);
1252 limit = get_seg_limit(e1, e2);
1253 if (new_eip > limit)
1254 raise_exception_err(EXCP0D_GPF, new_cs & 0xfffc);
1255 cpu_x86_load_seg_cache(env, R_CS, (new_cs & 0xfffc) | cpl,
1256 get_seg_base(e1, e2), limit, e2);
1259 /* jump to call or task gate */
1260 dpl = (e2 >> DESC_DPL_SHIFT) & 3;
1262 cpl = env->hflags & HF_CPL_MASK;
1263 type = (e2 >> DESC_TYPE_SHIFT) & 0xf;
1265 case 1: /* 286 TSS */
1266 case 9: /* 386 TSS */
1267 case 5: /* task gate */
1268 if (dpl < cpl || dpl < rpl)
1269 raise_exception_err(EXCP0D_GPF, new_cs & 0xfffc);
1270 switch_tss(new_cs, e1, e2, SWITCH_TSS_JMP);
1272 case 4: /* 286 call gate */
1273 case 12: /* 386 call gate */
1274 if ((dpl < cpl) || (dpl < rpl))
1275 raise_exception_err(EXCP0D_GPF, new_cs & 0xfffc);
1276 if (!(e2 & DESC_P_MASK))
1277 raise_exception_err(EXCP0B_NOSEG, new_cs & 0xfffc);
1279 if (load_segment(&e1, &e2, gate_cs) != 0)
1280 raise_exception_err(EXCP0D_GPF, gate_cs & 0xfffc);
1281 dpl = (e2 >> DESC_DPL_SHIFT) & 3;
1282 /* must be code segment */
1283 if (((e2 & (DESC_S_MASK | DESC_CS_MASK)) !=
1284 (DESC_S_MASK | DESC_CS_MASK)))
1285 raise_exception_err(EXCP0D_GPF, gate_cs & 0xfffc);
1286 if (((e2 & DESC_C_MASK) && (dpl > cpl)) ||
1287 (!(e2 & DESC_C_MASK) && (dpl != cpl)))
1288 raise_exception_err(EXCP0D_GPF, gate_cs & 0xfffc);
1289 if (!(e2 & DESC_P_MASK))
1290 raise_exception_err(EXCP0D_GPF, gate_cs & 0xfffc);
1291 new_eip = (e1 & 0xffff);
1293 new_eip |= (e2 & 0xffff0000);
1294 limit = get_seg_limit(e1, e2);
1295 if (new_eip > limit)
1296 raise_exception_err(EXCP0D_GPF, 0);
1297 cpu_x86_load_seg_cache(env, R_CS, (gate_cs & 0xfffc) | cpl,
1298 get_seg_base(e1, e2), limit, e2);
1302 raise_exception_err(EXCP0D_GPF, new_cs & 0xfffc);
1308 /* real mode call */
1309 void helper_lcall_real_T0_T1(int shift, int next_eip)
1311 int new_cs, new_eip;
1312 uint32_t esp, esp_mask;
1318 esp_mask = get_sp_mask(env->segs[R_SS].flags);
1319 ssp = env->segs[R_SS].base;
1321 PUSHL(ssp, esp, esp_mask, env->segs[R_CS].selector);
1322 PUSHL(ssp, esp, esp_mask, next_eip);
1324 PUSHW(ssp, esp, esp_mask, env->segs[R_CS].selector);
1325 PUSHW(ssp, esp, esp_mask, next_eip);
1328 ESP = (ESP & ~esp_mask) | (esp & esp_mask);
1330 env->segs[R_CS].selector = new_cs;
1331 env->segs[R_CS].base = (uint8_t *)(new_cs << 4);
1334 /* protected mode call */
1335 void helper_lcall_protected_T0_T1(int shift, int next_eip)
1337 int new_cs, new_eip, new_stack, i;
1338 uint32_t e1, e2, cpl, dpl, rpl, selector, offset, param_count;
1339 uint32_t ss, ss_e1, ss_e2, sp, type, ss_dpl, sp_mask;
1340 uint32_t val, limit, old_sp_mask;
1341 uint8_t *ssp, *old_ssp;
1347 fprintf(logfile, "lcall %04x:%08x\n",
1349 cpu_x86_dump_state(env, logfile, X86_DUMP_CCOP);
1352 if ((new_cs & 0xfffc) == 0)
1353 raise_exception_err(EXCP0D_GPF, 0);
1354 if (load_segment(&e1, &e2, new_cs) != 0)
1355 raise_exception_err(EXCP0D_GPF, new_cs & 0xfffc);
1356 cpl = env->hflags & HF_CPL_MASK;
1359 fprintf(logfile, "desc=%08x:%08x\n", e1, e2);
1362 if (e2 & DESC_S_MASK) {
1363 if (!(e2 & DESC_CS_MASK))
1364 raise_exception_err(EXCP0D_GPF, new_cs & 0xfffc);
1365 dpl = (e2 >> DESC_DPL_SHIFT) & 3;
1366 if (e2 & DESC_C_MASK) {
1367 /* conforming code segment */
1369 raise_exception_err(EXCP0D_GPF, new_cs & 0xfffc);
1371 /* non conforming code segment */
1374 raise_exception_err(EXCP0D_GPF, new_cs & 0xfffc);
1376 raise_exception_err(EXCP0D_GPF, new_cs & 0xfffc);
1378 if (!(e2 & DESC_P_MASK))
1379 raise_exception_err(EXCP0B_NOSEG, new_cs & 0xfffc);
1382 sp_mask = get_sp_mask(env->segs[R_SS].flags);
1383 ssp = env->segs[R_SS].base;
1385 PUSHL(ssp, sp, sp_mask, env->segs[R_CS].selector);
1386 PUSHL(ssp, sp, sp_mask, next_eip);
1388 PUSHW(ssp, sp, sp_mask, env->segs[R_CS].selector);
1389 PUSHW(ssp, sp, sp_mask, next_eip);
1392 limit = get_seg_limit(e1, e2);
1393 if (new_eip > limit)
1394 raise_exception_err(EXCP0D_GPF, new_cs & 0xfffc);
1395 /* from this point, not restartable */
1396 ESP = (ESP & ~sp_mask) | (sp & sp_mask);
1397 cpu_x86_load_seg_cache(env, R_CS, (new_cs & 0xfffc) | cpl,
1398 get_seg_base(e1, e2), limit, e2);
1401 /* check gate type */
1402 type = (e2 >> DESC_TYPE_SHIFT) & 0x1f;
1403 dpl = (e2 >> DESC_DPL_SHIFT) & 3;
1406 case 1: /* available 286 TSS */
1407 case 9: /* available 386 TSS */
1408 case 5: /* task gate */
1409 if (dpl < cpl || dpl < rpl)
1410 raise_exception_err(EXCP0D_GPF, new_cs & 0xfffc);
1411 switch_tss(new_cs, e1, e2, SWITCH_TSS_CALL);
1413 case 4: /* 286 call gate */
1414 case 12: /* 386 call gate */
1417 raise_exception_err(EXCP0D_GPF, new_cs & 0xfffc);
1422 if (dpl < cpl || dpl < rpl)
1423 raise_exception_err(EXCP0D_GPF, new_cs & 0xfffc);
1424 /* check valid bit */
1425 if (!(e2 & DESC_P_MASK))
1426 raise_exception_err(EXCP0B_NOSEG, new_cs & 0xfffc);
1427 selector = e1 >> 16;
1428 offset = (e2 & 0xffff0000) | (e1 & 0x0000ffff);
1429 param_count = e2 & 0x1f;
1430 if ((selector & 0xfffc) == 0)
1431 raise_exception_err(EXCP0D_GPF, 0);
1433 if (load_segment(&e1, &e2, selector) != 0)
1434 raise_exception_err(EXCP0D_GPF, selector & 0xfffc);
1435 if (!(e2 & DESC_S_MASK) || !(e2 & (DESC_CS_MASK)))
1436 raise_exception_err(EXCP0D_GPF, selector & 0xfffc);
1437 dpl = (e2 >> DESC_DPL_SHIFT) & 3;
1439 raise_exception_err(EXCP0D_GPF, selector & 0xfffc);
1440 if (!(e2 & DESC_P_MASK))
1441 raise_exception_err(EXCP0B_NOSEG, selector & 0xfffc);
1443 if (!(e2 & DESC_C_MASK) && dpl < cpl) {
1444 /* to inner priviledge */
1445 get_ss_esp_from_tss(&ss, &sp, dpl);
1448 fprintf(logfile, "ss=%04x sp=%04x param_count=%d ESP=%x\n",
1449 ss, sp, param_count, ESP);
1451 if ((ss & 0xfffc) == 0)
1452 raise_exception_err(EXCP0A_TSS, ss & 0xfffc);
1453 if ((ss & 3) != dpl)
1454 raise_exception_err(EXCP0A_TSS, ss & 0xfffc);
1455 if (load_segment(&ss_e1, &ss_e2, ss) != 0)
1456 raise_exception_err(EXCP0A_TSS, ss & 0xfffc);
1457 ss_dpl = (ss_e2 >> DESC_DPL_SHIFT) & 3;
1459 raise_exception_err(EXCP0A_TSS, ss & 0xfffc);
1460 if (!(ss_e2 & DESC_S_MASK) ||
1461 (ss_e2 & DESC_CS_MASK) ||
1462 !(ss_e2 & DESC_W_MASK))
1463 raise_exception_err(EXCP0A_TSS, ss & 0xfffc);
1464 if (!(ss_e2 & DESC_P_MASK))
1465 raise_exception_err(EXCP0A_TSS, ss & 0xfffc);
1467 // push_size = ((param_count * 2) + 8) << shift;
1469 old_sp_mask = get_sp_mask(env->segs[R_SS].flags);
1470 old_ssp = env->segs[R_SS].base;
1472 sp_mask = get_sp_mask(ss_e2);
1473 ssp = get_seg_base(ss_e1, ss_e2);
1475 PUSHL(ssp, sp, sp_mask, env->segs[R_SS].selector);
1476 PUSHL(ssp, sp, sp_mask, ESP);
1477 for(i = param_count - 1; i >= 0; i--) {
1478 val = ldl_kernel(old_ssp + ((ESP + i * 4) & old_sp_mask));
1479 PUSHL(ssp, sp, sp_mask, val);
1482 PUSHW(ssp, sp, sp_mask, env->segs[R_SS].selector);
1483 PUSHW(ssp, sp, sp_mask, ESP);
1484 for(i = param_count - 1; i >= 0; i--) {
1485 val = lduw_kernel(old_ssp + ((ESP + i * 2) & old_sp_mask));
1486 PUSHW(ssp, sp, sp_mask, val);
1491 /* to same priviledge */
1493 sp_mask = get_sp_mask(env->segs[R_SS].flags);
1494 ssp = env->segs[R_SS].base;
1495 // push_size = (4 << shift);
1500 PUSHL(ssp, sp, sp_mask, env->segs[R_CS].selector);
1501 PUSHL(ssp, sp, sp_mask, next_eip);
1503 PUSHW(ssp, sp, sp_mask, env->segs[R_CS].selector);
1504 PUSHW(ssp, sp, sp_mask, next_eip);
1507 /* from this point, not restartable */
1510 ss = (ss & ~3) | dpl;
1511 cpu_x86_load_seg_cache(env, R_SS, ss,
1513 get_seg_limit(ss_e1, ss_e2),
1517 selector = (selector & ~3) | dpl;
1518 cpu_x86_load_seg_cache(env, R_CS, selector,
1519 get_seg_base(e1, e2),
1520 get_seg_limit(e1, e2),
1522 cpu_x86_set_cpl(env, dpl);
1523 ESP = (ESP & ~sp_mask) | (sp & sp_mask);
1528 /* real and vm86 mode iret */
1529 void helper_iret_real(int shift)
1531 uint32_t sp, new_cs, new_eip, new_eflags, sp_mask;
1535 sp_mask = 0xffff; /* XXXX: use SS segment size ? */
1537 ssp = env->segs[R_SS].base;
1540 POPL(ssp, sp, sp_mask, new_eip);
1541 POPL(ssp, sp, sp_mask, new_cs);
1543 POPL(ssp, sp, sp_mask, new_eflags);
1546 POPW(ssp, sp, sp_mask, new_eip);
1547 POPW(ssp, sp, sp_mask, new_cs);
1548 POPW(ssp, sp, sp_mask, new_eflags);
1550 ESP = (ESP & ~sp_mask) | (sp & sp_mask);
1551 load_seg_vm(R_CS, new_cs);
1553 if (env->eflags & VM_MASK)
1554 eflags_mask = TF_MASK | AC_MASK | ID_MASK | IF_MASK | RF_MASK;
1556 eflags_mask = TF_MASK | AC_MASK | ID_MASK | IF_MASK | IOPL_MASK | RF_MASK;
1558 eflags_mask &= 0xffff;
1559 load_eflags(new_eflags, eflags_mask);
1562 static inline void validate_seg(int seg_reg, int cpl)
1567 e2 = env->segs[seg_reg].flags;
1568 dpl = (e2 >> DESC_DPL_SHIFT) & 3;
1569 if (!(e2 & DESC_CS_MASK) || !(e2 & DESC_C_MASK)) {
1570 /* data or non conforming code segment */
1572 cpu_x86_load_seg_cache(env, seg_reg, 0, NULL, 0, 0);
1577 /* protected mode iret */
1578 static inline void helper_ret_protected(int shift, int is_iret, int addend)
1580 uint32_t sp, new_cs, new_eip, new_eflags, new_esp, new_ss, sp_mask;
1581 uint32_t new_es, new_ds, new_fs, new_gs;
1582 uint32_t e1, e2, ss_e1, ss_e2;
1583 int cpl, dpl, rpl, eflags_mask, iopl;
1586 sp_mask = get_sp_mask(env->segs[R_SS].flags);
1588 ssp = env->segs[R_SS].base;
1591 POPL(ssp, sp, sp_mask, new_eip);
1592 POPL(ssp, sp, sp_mask, new_cs);
1595 POPL(ssp, sp, sp_mask, new_eflags);
1596 if (new_eflags & VM_MASK)
1597 goto return_to_vm86;
1601 POPW(ssp, sp, sp_mask, new_eip);
1602 POPW(ssp, sp, sp_mask, new_cs);
1604 POPW(ssp, sp, sp_mask, new_eflags);
1608 fprintf(logfile, "lret new %04x:%08x addend=0x%x\n",
1609 new_cs, new_eip, addend);
1610 cpu_x86_dump_state(env, logfile, X86_DUMP_CCOP);
1613 if ((new_cs & 0xfffc) == 0)
1614 raise_exception_err(EXCP0D_GPF, new_cs & 0xfffc);
1615 if (load_segment(&e1, &e2, new_cs) != 0)
1616 raise_exception_err(EXCP0D_GPF, new_cs & 0xfffc);
1617 if (!(e2 & DESC_S_MASK) ||
1618 !(e2 & DESC_CS_MASK))
1619 raise_exception_err(EXCP0D_GPF, new_cs & 0xfffc);
1620 cpl = env->hflags & HF_CPL_MASK;
1623 raise_exception_err(EXCP0D_GPF, new_cs & 0xfffc);
1624 dpl = (e2 >> DESC_DPL_SHIFT) & 3;
1625 if (e2 & DESC_C_MASK) {
1627 raise_exception_err(EXCP0D_GPF, new_cs & 0xfffc);
1630 raise_exception_err(EXCP0D_GPF, new_cs & 0xfffc);
1632 if (!(e2 & DESC_P_MASK))
1633 raise_exception_err(EXCP0B_NOSEG, new_cs & 0xfffc);
1637 /* return to same priledge level */
1638 cpu_x86_load_seg_cache(env, R_CS, new_cs,
1639 get_seg_base(e1, e2),
1640 get_seg_limit(e1, e2),
1643 /* return to different priviledge level */
1646 POPL(ssp, sp, sp_mask, new_esp);
1647 POPL(ssp, sp, sp_mask, new_ss);
1651 POPW(ssp, sp, sp_mask, new_esp);
1652 POPW(ssp, sp, sp_mask, new_ss);
1655 if ((new_ss & 3) != rpl)
1656 raise_exception_err(EXCP0D_GPF, new_ss & 0xfffc);
1657 if (load_segment(&ss_e1, &ss_e2, new_ss) != 0)
1658 raise_exception_err(EXCP0D_GPF, new_ss & 0xfffc);
1659 if (!(ss_e2 & DESC_S_MASK) ||
1660 (ss_e2 & DESC_CS_MASK) ||
1661 !(ss_e2 & DESC_W_MASK))
1662 raise_exception_err(EXCP0D_GPF, new_ss & 0xfffc);
1663 dpl = (ss_e2 >> DESC_DPL_SHIFT) & 3;
1665 raise_exception_err(EXCP0D_GPF, new_ss & 0xfffc);
1666 if (!(ss_e2 & DESC_P_MASK))
1667 raise_exception_err(EXCP0B_NOSEG, new_ss & 0xfffc);
1669 cpu_x86_load_seg_cache(env, R_CS, new_cs,
1670 get_seg_base(e1, e2),
1671 get_seg_limit(e1, e2),
1673 cpu_x86_load_seg_cache(env, R_SS, new_ss,
1674 get_seg_base(ss_e1, ss_e2),
1675 get_seg_limit(ss_e1, ss_e2),
1677 cpu_x86_set_cpl(env, rpl);
1679 /* XXX: change sp_mask according to old segment ? */
1681 /* validate data segments */
1682 validate_seg(R_ES, cpl);
1683 validate_seg(R_DS, cpl);
1684 validate_seg(R_FS, cpl);
1685 validate_seg(R_GS, cpl);
1687 ESP = (ESP & ~sp_mask) | (sp & sp_mask);
1690 /* NOTE: 'cpl' is the _old_ CPL */
1691 eflags_mask = TF_MASK | AC_MASK | ID_MASK | RF_MASK;
1693 eflags_mask |= IOPL_MASK;
1694 iopl = (env->eflags >> IOPL_SHIFT) & 3;
1696 eflags_mask |= IF_MASK;
1698 eflags_mask &= 0xffff;
1699 load_eflags(new_eflags, eflags_mask);
1704 POPL(ssp, sp, sp_mask, new_esp);
1705 POPL(ssp, sp, sp_mask, new_ss);
1706 POPL(ssp, sp, sp_mask, new_es);
1707 POPL(ssp, sp, sp_mask, new_ds);
1708 POPL(ssp, sp, sp_mask, new_fs);
1709 POPL(ssp, sp, sp_mask, new_gs);
1711 /* modify processor state */
1712 load_eflags(new_eflags, TF_MASK | AC_MASK | ID_MASK |
1713 IF_MASK | IOPL_MASK | VM_MASK | VIF_MASK | VIP_MASK);
1714 load_seg_vm(R_CS, new_cs & 0xffff);
1715 cpu_x86_set_cpl(env, 3);
1716 load_seg_vm(R_SS, new_ss & 0xffff);
1717 load_seg_vm(R_ES, new_es & 0xffff);
1718 load_seg_vm(R_DS, new_ds & 0xffff);
1719 load_seg_vm(R_FS, new_fs & 0xffff);
1720 load_seg_vm(R_GS, new_gs & 0xffff);
1726 void helper_iret_protected(int shift)
1728 int tss_selector, type;
1731 /* specific case for TSS */
1732 if (env->eflags & NT_MASK) {
1733 tss_selector = lduw_kernel(env->tr.base + 0);
1734 if (tss_selector & 4)
1735 raise_exception_err(EXCP0A_TSS, tss_selector & 0xfffc);
1736 if (load_segment(&e1, &e2, tss_selector) != 0)
1737 raise_exception_err(EXCP0A_TSS, tss_selector & 0xfffc);
1738 type = (e2 >> DESC_TYPE_SHIFT) & 0x17;
1739 /* NOTE: we check both segment and busy TSS */
1741 raise_exception_err(EXCP0A_TSS, tss_selector & 0xfffc);
1742 switch_tss(tss_selector, e1, e2, SWITCH_TSS_IRET);
1744 helper_ret_protected(shift, 1, 0);
1748 void helper_lret_protected(int shift, int addend)
1750 helper_ret_protected(shift, 0, addend);
1753 void helper_movl_crN_T0(int reg)
1758 cpu_x86_update_cr0(env);
1761 cpu_x86_update_cr3(env);
1767 void helper_movl_drN_T0(int reg)
1772 void helper_invlpg(unsigned int addr)
1774 cpu_x86_flush_tlb(env, addr);
1782 void helper_rdtsc(void)
1786 asm("rdtsc" : "=A" (val));
1788 /* better than nothing: the time increases */
1795 void helper_wrmsr(void)
1798 case MSR_IA32_SYSENTER_CS:
1799 env->sysenter_cs = EAX & 0xffff;
1801 case MSR_IA32_SYSENTER_ESP:
1802 env->sysenter_esp = EAX;
1804 case MSR_IA32_SYSENTER_EIP:
1805 env->sysenter_eip = EAX;
1808 /* XXX: exception ? */
1813 void helper_rdmsr(void)
1816 case MSR_IA32_SYSENTER_CS:
1817 EAX = env->sysenter_cs;
1820 case MSR_IA32_SYSENTER_ESP:
1821 EAX = env->sysenter_esp;
1824 case MSR_IA32_SYSENTER_EIP:
1825 EAX = env->sysenter_eip;
1829 /* XXX: exception ? */
1834 void helper_lsl(void)
1836 unsigned int selector, limit;
1838 int rpl, dpl, cpl, type;
1840 CC_SRC = cc_table[CC_OP].compute_all() & ~CC_Z;
1841 selector = T0 & 0xffff;
1842 if (load_segment(&e1, &e2, selector) != 0)
1845 dpl = (e2 >> DESC_DPL_SHIFT) & 3;
1846 cpl = env->hflags & HF_CPL_MASK;
1847 if (e2 & DESC_S_MASK) {
1848 if ((e2 & DESC_CS_MASK) && (e2 & DESC_C_MASK)) {
1851 if (dpl < cpl || dpl < rpl)
1855 type = (e2 >> DESC_TYPE_SHIFT) & 0xf;
1866 if (dpl < cpl || dpl < rpl)
1869 limit = get_seg_limit(e1, e2);
1874 void helper_lar(void)
1876 unsigned int selector;
1878 int rpl, dpl, cpl, type;
1880 CC_SRC = cc_table[CC_OP].compute_all() & ~CC_Z;
1881 selector = T0 & 0xffff;
1882 if ((selector & 0xfffc) == 0)
1884 if (load_segment(&e1, &e2, selector) != 0)
1887 dpl = (e2 >> DESC_DPL_SHIFT) & 3;
1888 cpl = env->hflags & HF_CPL_MASK;
1889 if (e2 & DESC_S_MASK) {
1890 if ((e2 & DESC_CS_MASK) && (e2 & DESC_C_MASK)) {
1893 if (dpl < cpl || dpl < rpl)
1897 type = (e2 >> DESC_TYPE_SHIFT) & 0xf;
1911 if (dpl < cpl || dpl < rpl)
1914 T1 = e2 & 0x00f0ff00;
1918 void helper_verr(void)
1920 unsigned int selector;
1924 CC_SRC = cc_table[CC_OP].compute_all() & ~CC_Z;
1925 selector = T0 & 0xffff;
1926 if ((selector & 0xfffc) == 0)
1928 if (load_segment(&e1, &e2, selector) != 0)
1930 if (!(e2 & DESC_S_MASK))
1933 dpl = (e2 >> DESC_DPL_SHIFT) & 3;
1934 cpl = env->hflags & HF_CPL_MASK;
1935 if (e2 & DESC_CS_MASK) {
1936 if (!(e2 & DESC_R_MASK))
1938 if (!(e2 & DESC_C_MASK)) {
1939 if (dpl < cpl || dpl < rpl)
1943 if (dpl < cpl || dpl < rpl)
1949 void helper_verw(void)
1951 unsigned int selector;
1955 CC_SRC = cc_table[CC_OP].compute_all() & ~CC_Z;
1956 selector = T0 & 0xffff;
1957 if ((selector & 0xfffc) == 0)
1959 if (load_segment(&e1, &e2, selector) != 0)
1961 if (!(e2 & DESC_S_MASK))
1964 dpl = (e2 >> DESC_DPL_SHIFT) & 3;
1965 cpl = env->hflags & HF_CPL_MASK;
1966 if (e2 & DESC_CS_MASK) {
1969 if (dpl < cpl || dpl < rpl)
1971 if (!(e2 & DESC_W_MASK))
1979 void helper_fldt_ST0_A0(void)
1982 new_fpstt = (env->fpstt - 1) & 7;
1983 env->fpregs[new_fpstt] = helper_fldt((uint8_t *)A0);
1984 env->fpstt = new_fpstt;
1985 env->fptags[new_fpstt] = 0; /* validate stack entry */
1988 void helper_fstt_ST0_A0(void)
1990 helper_fstt(ST0, (uint8_t *)A0);
1995 #define MUL10(iv) ( iv + iv + (iv << 3) )
1997 void helper_fbld_ST0_A0(void)
2005 for(i = 8; i >= 0; i--) {
2006 v = ldub((uint8_t *)A0 + i);
2007 val = (val * 100) + ((v >> 4) * 10) + (v & 0xf);
2010 if (ldub((uint8_t *)A0 + 9) & 0x80)
2016 void helper_fbst_ST0_A0(void)
2020 uint8_t *mem_ref, *mem_end;
2025 mem_ref = (uint8_t *)A0;
2026 mem_end = mem_ref + 9;
2033 while (mem_ref < mem_end) {
2038 v = ((v / 10) << 4) | (v % 10);
2041 while (mem_ref < mem_end) {
2046 void helper_f2xm1(void)
2048 ST0 = pow(2.0,ST0) - 1.0;
2051 void helper_fyl2x(void)
2053 CPU86_LDouble fptemp;
2057 fptemp = log(fptemp)/log(2.0); /* log2(ST) */
2061 env->fpus &= (~0x4700);
2066 void helper_fptan(void)
2068 CPU86_LDouble fptemp;
2071 if((fptemp > MAXTAN)||(fptemp < -MAXTAN)) {
2077 env->fpus &= (~0x400); /* C2 <-- 0 */
2078 /* the above code is for |arg| < 2**52 only */
2082 void helper_fpatan(void)
2084 CPU86_LDouble fptemp, fpsrcop;
2088 ST1 = atan2(fpsrcop,fptemp);
2092 void helper_fxtract(void)
2094 CPU86_LDoubleU temp;
2095 unsigned int expdif;
2098 expdif = EXPD(temp) - EXPBIAS;
2099 /*DP exponent bias*/
2106 void helper_fprem1(void)
2108 CPU86_LDouble dblq, fpsrcop, fptemp;
2109 CPU86_LDoubleU fpsrcop1, fptemp1;
2115 fpsrcop1.d = fpsrcop;
2117 expdif = EXPD(fpsrcop1) - EXPD(fptemp1);
2119 dblq = fpsrcop / fptemp;
2120 dblq = (dblq < 0.0)? ceil(dblq): floor(dblq);
2121 ST0 = fpsrcop - fptemp*dblq;
2122 q = (int)dblq; /* cutting off top bits is assumed here */
2123 env->fpus &= (~0x4700); /* (C3,C2,C1,C0) <-- 0000 */
2124 /* (C0,C1,C3) <-- (q2,q1,q0) */
2125 env->fpus |= (q&0x4) << 6; /* (C0) <-- q2 */
2126 env->fpus |= (q&0x2) << 8; /* (C1) <-- q1 */
2127 env->fpus |= (q&0x1) << 14; /* (C3) <-- q0 */
2129 env->fpus |= 0x400; /* C2 <-- 1 */
2130 fptemp = pow(2.0, expdif-50);
2131 fpsrcop = (ST0 / ST1) / fptemp;
2132 /* fpsrcop = integer obtained by rounding to the nearest */
2133 fpsrcop = (fpsrcop-floor(fpsrcop) < ceil(fpsrcop)-fpsrcop)?
2134 floor(fpsrcop): ceil(fpsrcop);
2135 ST0 -= (ST1 * fpsrcop * fptemp);
2139 void helper_fprem(void)
2141 CPU86_LDouble dblq, fpsrcop, fptemp;
2142 CPU86_LDoubleU fpsrcop1, fptemp1;
2148 fpsrcop1.d = fpsrcop;
2150 expdif = EXPD(fpsrcop1) - EXPD(fptemp1);
2151 if ( expdif < 53 ) {
2152 dblq = fpsrcop / fptemp;
2153 dblq = (dblq < 0.0)? ceil(dblq): floor(dblq);
2154 ST0 = fpsrcop - fptemp*dblq;
2155 q = (int)dblq; /* cutting off top bits is assumed here */
2156 env->fpus &= (~0x4700); /* (C3,C2,C1,C0) <-- 0000 */
2157 /* (C0,C1,C3) <-- (q2,q1,q0) */
2158 env->fpus |= (q&0x4) << 6; /* (C0) <-- q2 */
2159 env->fpus |= (q&0x2) << 8; /* (C1) <-- q1 */
2160 env->fpus |= (q&0x1) << 14; /* (C3) <-- q0 */
2162 env->fpus |= 0x400; /* C2 <-- 1 */
2163 fptemp = pow(2.0, expdif-50);
2164 fpsrcop = (ST0 / ST1) / fptemp;
2165 /* fpsrcop = integer obtained by chopping */
2166 fpsrcop = (fpsrcop < 0.0)?
2167 -(floor(fabs(fpsrcop))): floor(fpsrcop);
2168 ST0 -= (ST1 * fpsrcop * fptemp);
2172 void helper_fyl2xp1(void)
2174 CPU86_LDouble fptemp;
2177 if ((fptemp+1.0)>0.0) {
2178 fptemp = log(fptemp+1.0) / log(2.0); /* log2(ST+1.0) */
2182 env->fpus &= (~0x4700);
2187 void helper_fsqrt(void)
2189 CPU86_LDouble fptemp;
2193 env->fpus &= (~0x4700); /* (C3,C2,C1,C0) <-- 0000 */
2199 void helper_fsincos(void)
2201 CPU86_LDouble fptemp;
2204 if ((fptemp > MAXTAN)||(fptemp < -MAXTAN)) {
2210 env->fpus &= (~0x400); /* C2 <-- 0 */
2211 /* the above code is for |arg| < 2**63 only */
2215 void helper_frndint(void)
2221 switch(env->fpuc & RC_MASK) {
2224 asm("rndd %0, %1" : "=f" (a) : "f"(a));
2227 asm("rnddm %0, %1" : "=f" (a) : "f"(a));
2230 asm("rnddp %0, %1" : "=f" (a) : "f"(a));
2233 asm("rnddz %0, %1" : "=f" (a) : "f"(a));
2242 void helper_fscale(void)
2244 CPU86_LDouble fpsrcop, fptemp;
2247 fptemp = pow(fpsrcop,ST1);
2251 void helper_fsin(void)
2253 CPU86_LDouble fptemp;
2256 if ((fptemp > MAXTAN)||(fptemp < -MAXTAN)) {
2260 env->fpus &= (~0x400); /* C2 <-- 0 */
2261 /* the above code is for |arg| < 2**53 only */
2265 void helper_fcos(void)
2267 CPU86_LDouble fptemp;
2270 if((fptemp > MAXTAN)||(fptemp < -MAXTAN)) {
2274 env->fpus &= (~0x400); /* C2 <-- 0 */
2275 /* the above code is for |arg5 < 2**63 only */
2279 void helper_fxam_ST0(void)
2281 CPU86_LDoubleU temp;
2286 env->fpus &= (~0x4700); /* (C3,C2,C1,C0) <-- 0000 */
2288 env->fpus |= 0x200; /* C1 <-- 1 */
2290 expdif = EXPD(temp);
2291 if (expdif == MAXEXPD) {
2292 if (MANTD(temp) == 0)
2293 env->fpus |= 0x500 /*Infinity*/;
2295 env->fpus |= 0x100 /*NaN*/;
2296 } else if (expdif == 0) {
2297 if (MANTD(temp) == 0)
2298 env->fpus |= 0x4000 /*Zero*/;
2300 env->fpus |= 0x4400 /*Denormal*/;
2306 void helper_fstenv(uint8_t *ptr, int data32)
2308 int fpus, fptag, exp, i;
2312 fpus = (env->fpus & ~0x3800) | (env->fpstt & 0x7) << 11;
2314 for (i=7; i>=0; i--) {
2316 if (env->fptags[i]) {
2319 tmp.d = env->fpregs[i];
2322 if (exp == 0 && mant == 0) {
2325 } else if (exp == 0 || exp == MAXEXPD
2326 #ifdef USE_X86LDOUBLE
2327 || (mant & (1LL << 63)) == 0
2330 /* NaNs, infinity, denormal */
2337 stl(ptr, env->fpuc);
2339 stl(ptr + 8, fptag);
2346 stw(ptr, env->fpuc);
2348 stw(ptr + 4, fptag);
2356 void helper_fldenv(uint8_t *ptr, int data32)
2361 env->fpuc = lduw(ptr);
2362 fpus = lduw(ptr + 4);
2363 fptag = lduw(ptr + 8);
2366 env->fpuc = lduw(ptr);
2367 fpus = lduw(ptr + 2);
2368 fptag = lduw(ptr + 4);
2370 env->fpstt = (fpus >> 11) & 7;
2371 env->fpus = fpus & ~0x3800;
2372 for(i = 0;i < 7; i++) {
2373 env->fptags[i] = ((fptag & 3) == 3);
2378 void helper_fsave(uint8_t *ptr, int data32)
2383 helper_fstenv(ptr, data32);
2385 ptr += (14 << data32);
2386 for(i = 0;i < 8; i++) {
2388 helper_fstt(tmp, ptr);
2406 void helper_frstor(uint8_t *ptr, int data32)
2411 helper_fldenv(ptr, data32);
2412 ptr += (14 << data32);
2414 for(i = 0;i < 8; i++) {
2415 tmp = helper_fldt(ptr);
2421 #if !defined(CONFIG_USER_ONLY)
2423 #define MMUSUFFIX _mmu
2424 #define GETPC() (__builtin_return_address(0))
2427 #include "softmmu_template.h"
2430 #include "softmmu_template.h"
2433 #include "softmmu_template.h"
2436 #include "softmmu_template.h"
2440 /* try to fill the TLB and return an exception if error. If retaddr is
2441 NULL, it means that the function was called in C code (i.e. not
2442 from generated code or from helper.c) */
2443 /* XXX: fix it to restore all registers */
2444 void tlb_fill(unsigned long addr, int is_write, int is_user, void *retaddr)
2446 TranslationBlock *tb;
2449 CPUX86State *saved_env;
2451 /* XXX: hack to restore env in all cases, even if not called from
2454 env = cpu_single_env;
2456 ret = cpu_x86_handle_mmu_fault(env, addr, is_write, is_user, 1);
2459 /* now we have a real cpu fault */
2460 pc = (unsigned long)retaddr;
2461 tb = tb_find_pc(pc);
2463 /* the PC is inside the translated code. It means that we have
2464 a virtual CPU fault */
2465 cpu_restore_state(tb, env, pc);
2468 raise_exception_err(EXCP0E_PAGE, env->error_code);
projects / qemu.git / blob