2 * S/390 memory access helper routines
4 * Copyright (c) 2009 Ulrich Hecht
5 * Copyright (c) 2009 Alexander Graf
7 * This library is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU Lesser General Public
9 * License as published by the Free Software Foundation; either
10 * version 2 of the License, or (at your option) any later version.
12 * This library is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * Lesser General Public License for more details.
17 * You should have received a copy of the GNU Lesser General Public
18 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
21 #include "qemu/osdep.h"
23 #include "exec/address-spaces.h"
24 #include "exec/helper-proto.h"
25 #include "exec/exec-all.h"
26 #include "exec/cpu_ldst.h"
27 #include "qemu/int128.h"
29 #if !defined(CONFIG_USER_ONLY)
30 #include "hw/s390x/storage-keys.h"
33 /*****************************************************************************/
35 #if !defined(CONFIG_USER_ONLY)
37 /* try to fill the TLB and return an exception if error. If retaddr is
38 NULL, it means that the function was called in C code (i.e. not
39 from generated code or from helper.c) */
40 /* XXX: fix it to restore all registers */
41 void tlb_fill(CPUState *cs, target_ulong addr, MMUAccessType access_type,
42 int mmu_idx, uintptr_t retaddr)
44 int ret = s390_cpu_handle_mmu_fault(cs, addr, access_type, mmu_idx);
45 if (unlikely(ret != 0)) {
46 cpu_loop_exit_restore(cs, retaddr);
52 /* #define DEBUG_HELPER */
54 #define HELPER_LOG(x...) qemu_log(x)
56 #define HELPER_LOG(x...)
59 /* Reduce the length so that addr + len doesn't cross a page boundary. */
60 static inline uint32_t adj_len_to_page(uint32_t len, uint64_t addr)
62 #ifndef CONFIG_USER_ONLY
63 if ((addr & ~TARGET_PAGE_MASK) + len - 1 >= TARGET_PAGE_SIZE) {
64 return -addr & ~TARGET_PAGE_MASK;
70 static void fast_memset(CPUS390XState *env, uint64_t dest, uint8_t byte,
71 uint32_t l, uintptr_t ra)
73 int mmu_idx = cpu_mmu_index(env, false);
76 void *p = tlb_vaddr_to_host(env, dest, MMU_DATA_STORE, mmu_idx);
78 /* Access to the whole page in write mode granted. */
79 uint32_t l_adj = adj_len_to_page(l, dest);
80 memset(p, byte, l_adj);
84 /* We failed to get access to the whole page. The next write
85 access will likely fill the QEMU TLB for the next iteration. */
86 cpu_stb_data_ra(env, dest, byte, ra);
93 static void fast_memmove(CPUS390XState *env, uint64_t dest, uint64_t src,
94 uint32_t l, uintptr_t ra)
96 int mmu_idx = cpu_mmu_index(env, false);
99 void *src_p = tlb_vaddr_to_host(env, src, MMU_DATA_LOAD, mmu_idx);
100 void *dest_p = tlb_vaddr_to_host(env, dest, MMU_DATA_STORE, mmu_idx);
101 if (src_p && dest_p) {
102 /* Access to both whole pages granted. */
103 uint32_t l_adj = adj_len_to_page(l, src);
104 l_adj = adj_len_to_page(l_adj, dest);
105 memmove(dest_p, src_p, l_adj);
110 /* We failed to get access to one or both whole pages. The next
111 read or write access will likely fill the QEMU TLB for the
113 cpu_stb_data_ra(env, dest, cpu_ldub_data_ra(env, src, ra), ra);
122 static uint32_t do_helper_nc(CPUS390XState *env, uint32_t l, uint64_t dest,
123 uint64_t src, uintptr_t ra)
128 HELPER_LOG("%s l %d dest %" PRIx64 " src %" PRIx64 "\n",
129 __func__, l, dest, src);
131 for (i = 0; i <= l; i++) {
132 uint8_t x = cpu_ldub_data_ra(env, src + i, ra);
133 x &= cpu_ldub_data_ra(env, dest + i, ra);
135 cpu_stb_data_ra(env, dest + i, x, ra);
140 uint32_t HELPER(nc)(CPUS390XState *env, uint32_t l, uint64_t dest,
143 return do_helper_nc(env, l, dest, src, GETPC());
147 static uint32_t do_helper_xc(CPUS390XState *env, uint32_t l, uint64_t dest,
148 uint64_t src, uintptr_t ra)
153 HELPER_LOG("%s l %d dest %" PRIx64 " src %" PRIx64 "\n",
154 __func__, l, dest, src);
156 /* xor with itself is the same as memset(0) */
158 fast_memset(env, dest, 0, l + 1, ra);
162 for (i = 0; i <= l; i++) {
163 uint8_t x = cpu_ldub_data_ra(env, src + i, ra);
164 x ^= cpu_ldub_data_ra(env, dest + i, ra);
166 cpu_stb_data_ra(env, dest + i, x, ra);
171 uint32_t HELPER(xc)(CPUS390XState *env, uint32_t l, uint64_t dest,
174 return do_helper_xc(env, l, dest, src, GETPC());
178 static uint32_t do_helper_oc(CPUS390XState *env, uint32_t l, uint64_t dest,
179 uint64_t src, uintptr_t ra)
184 HELPER_LOG("%s l %d dest %" PRIx64 " src %" PRIx64 "\n",
185 __func__, l, dest, src);
187 for (i = 0; i <= l; i++) {
188 uint8_t x = cpu_ldub_data_ra(env, src + i, ra);
189 x |= cpu_ldub_data_ra(env, dest + i, ra);
191 cpu_stb_data_ra(env, dest + i, x, ra);
196 uint32_t HELPER(oc)(CPUS390XState *env, uint32_t l, uint64_t dest,
199 return do_helper_oc(env, l, dest, src, GETPC());
203 static void do_helper_mvc(CPUS390XState *env, uint32_t l, uint64_t dest,
204 uint64_t src, uintptr_t ra)
208 HELPER_LOG("%s l %d dest %" PRIx64 " src %" PRIx64 "\n",
209 __func__, l, dest, src);
211 /* mvc with source pointing to the byte after the destination is the
212 same as memset with the first source byte */
213 if (dest == src + 1) {
214 fast_memset(env, dest, cpu_ldub_data_ra(env, src, ra), l + 1, ra);
218 /* mvc and memmove do not behave the same when areas overlap! */
219 if (dest < src || src + l < dest) {
220 fast_memmove(env, dest, src, l + 1, ra);
224 /* slow version with byte accesses which always work */
225 for (i = 0; i <= l; i++) {
226 cpu_stb_data_ra(env, dest + i, cpu_ldub_data_ra(env, src + i, ra), ra);
230 void HELPER(mvc)(CPUS390XState *env, uint32_t l, uint64_t dest, uint64_t src)
232 do_helper_mvc(env, l, dest, src, GETPC());
235 /* compare unsigned byte arrays */
236 static uint32_t do_helper_clc(CPUS390XState *env, uint32_t l, uint64_t s1,
237 uint64_t s2, uintptr_t ra)
242 HELPER_LOG("%s l %d s1 %" PRIx64 " s2 %" PRIx64 "\n",
243 __func__, l, s1, s2);
245 for (i = 0; i <= l; i++) {
246 uint8_t x = cpu_ldub_data_ra(env, s1 + i, ra);
247 uint8_t y = cpu_ldub_data_ra(env, s2 + i, ra);
248 HELPER_LOG("%02x (%c)/%02x (%c) ", x, x, y, y);
262 uint32_t HELPER(clc)(CPUS390XState *env, uint32_t l, uint64_t s1, uint64_t s2)
264 return do_helper_clc(env, l, s1, s2, GETPC());
267 /* compare logical under mask */
268 uint32_t HELPER(clm)(CPUS390XState *env, uint32_t r1, uint32_t mask,
271 uintptr_t ra = GETPC();
274 HELPER_LOG("%s: r1 0x%x mask 0x%x addr 0x%" PRIx64 "\n", __func__, r1,
279 uint8_t d = cpu_ldub_data_ra(env, addr, ra);
280 uint8_t r = extract32(r1, 24, 8);
281 HELPER_LOG("mask 0x%x %02x/%02x (0x%" PRIx64 ") ", mask, r, d,
292 mask = (mask << 1) & 0xf;
300 static inline uint64_t fix_address(CPUS390XState *env, uint64_t a)
303 if (!(env->psw.mask & PSW_MASK_64)) {
309 static inline uint64_t get_address(CPUS390XState *env, int x2, int b2, int d2)
318 return fix_address(env, r);
321 static inline uint64_t get_address_31fix(CPUS390XState *env, int reg)
323 return fix_address(env, env->regs[reg]);
326 /* search string (c is byte to search, r2 is string, r1 end of string) */
327 uint64_t HELPER(srst)(CPUS390XState *env, uint64_t r0, uint64_t end,
330 uintptr_t ra = GETPC();
334 str = fix_address(env, str);
335 end = fix_address(env, end);
337 /* Assume for now that R2 is unmodified. */
340 /* Lest we fail to service interrupts in a timely manner, limit the
341 amount of work we're willing to do. For now, let's cap at 8k. */
342 for (len = 0; len < 0x2000; ++len) {
343 if (str + len == end) {
344 /* Character not found. R1 & R2 are unmodified. */
348 v = cpu_ldub_data_ra(env, str + len, ra);
350 /* Character found. Set R1 to the location; R2 is unmodified. */
356 /* CPU-determined bytes processed. Advance R2 to next byte to process. */
357 env->retxl = str + len;
362 /* unsigned string compare (c is string terminator) */
363 uint64_t HELPER(clst)(CPUS390XState *env, uint64_t c, uint64_t s1, uint64_t s2)
365 uintptr_t ra = GETPC();
369 s1 = fix_address(env, s1);
370 s2 = fix_address(env, s2);
372 /* Lest we fail to service interrupts in a timely manner, limit the
373 amount of work we're willing to do. For now, let's cap at 8k. */
374 for (len = 0; len < 0x2000; ++len) {
375 uint8_t v1 = cpu_ldub_data_ra(env, s1 + len, ra);
376 uint8_t v2 = cpu_ldub_data_ra(env, s2 + len, ra);
379 /* Equal. CC=0, and don't advance the registers. */
385 /* Unequal. CC={1,2}, and advance the registers. Note that
386 the terminator need not be zero, but the string that contains
387 the terminator is by definition "low". */
388 env->cc_op = (v1 == c ? 1 : v2 == c ? 2 : v1 < v2 ? 1 : 2);
389 env->retxl = s2 + len;
394 /* CPU-determined bytes equal; advance the registers. */
396 env->retxl = s2 + len;
401 uint32_t HELPER(mvpg)(CPUS390XState *env, uint64_t r0, uint64_t r1, uint64_t r2)
403 /* ??? missing r0 handling, which includes access keys, but more
404 importantly optional suppression of the exception! */
405 fast_memmove(env, r1, r2, TARGET_PAGE_SIZE, GETPC());
406 return 0; /* data moved */
409 /* string copy (c is string terminator) */
410 uint64_t HELPER(mvst)(CPUS390XState *env, uint64_t c, uint64_t d, uint64_t s)
412 uintptr_t ra = GETPC();
416 d = fix_address(env, d);
417 s = fix_address(env, s);
419 /* Lest we fail to service interrupts in a timely manner, limit the
420 amount of work we're willing to do. For now, let's cap at 8k. */
421 for (len = 0; len < 0x2000; ++len) {
422 uint8_t v = cpu_ldub_data_ra(env, s + len, ra);
423 cpu_stb_data_ra(env, d + len, v, ra);
425 /* Complete. Set CC=1 and advance R1. */
432 /* Incomplete. Set CC=3 and signal to advance R1 and R2. */
434 env->retxl = s + len;
438 static uint32_t helper_icm(CPUS390XState *env, uint32_t r1, uint64_t address,
441 int pos = 24; /* top of the lower half of r1 */
442 uint64_t rmask = 0xff000000ULL;
449 env->regs[r1] &= ~rmask;
450 val = cpu_ldub_data(env, address);
451 if ((val & 0x80) && !ccd) {
455 if (val && cc == 0) {
458 env->regs[r1] |= (uint64_t)val << pos;
461 mask = (mask << 1) & 0xf;
469 /* load access registers r1 to r3 from memory at a2 */
470 void HELPER(lam)(CPUS390XState *env, uint32_t r1, uint64_t a2, uint32_t r3)
472 uintptr_t ra = GETPC();
475 for (i = r1;; i = (i + 1) % 16) {
476 env->aregs[i] = cpu_ldl_data_ra(env, a2, ra);
485 /* store access registers r1 to r3 in memory at a2 */
486 void HELPER(stam)(CPUS390XState *env, uint32_t r1, uint64_t a2, uint32_t r3)
488 uintptr_t ra = GETPC();
491 for (i = r1;; i = (i + 1) % 16) {
492 cpu_stl_data_ra(env, a2, env->aregs[i], ra);
502 uint32_t HELPER(mvcl)(CPUS390XState *env, uint32_t r1, uint32_t r2)
504 uintptr_t ra = GETPC();
505 uint64_t destlen = env->regs[r1 + 1] & 0xffffff;
506 uint64_t dest = get_address_31fix(env, r1);
507 uint64_t srclen = env->regs[r2 + 1] & 0xffffff;
508 uint64_t src = get_address_31fix(env, r2);
509 uint8_t pad = env->regs[r2 + 1] >> 24;
513 if (destlen == srclen) {
515 } else if (destlen < srclen) {
521 if (srclen > destlen) {
525 for (; destlen && srclen; src++, dest++, destlen--, srclen--) {
526 v = cpu_ldub_data_ra(env, src, ra);
527 cpu_stb_data_ra(env, dest, v, ra);
530 for (; destlen; dest++, destlen--) {
531 cpu_stb_data_ra(env, dest, pad, ra);
534 env->regs[r1 + 1] = destlen;
535 /* can't use srclen here, we trunc'ed it */
536 env->regs[r2 + 1] -= src - env->regs[r2];
537 env->regs[r1] = dest;
543 /* move long extended another memcopy insn with more bells and whistles */
544 uint32_t HELPER(mvcle)(CPUS390XState *env, uint32_t r1, uint64_t a2,
547 uintptr_t ra = GETPC();
548 uint64_t destlen = env->regs[r1 + 1];
549 uint64_t dest = env->regs[r1];
550 uint64_t srclen = env->regs[r3 + 1];
551 uint64_t src = env->regs[r3];
552 uint8_t pad = a2 & 0xff;
556 if (!(env->psw.mask & PSW_MASK_64)) {
557 destlen = (uint32_t)destlen;
558 srclen = (uint32_t)srclen;
563 if (destlen == srclen) {
565 } else if (destlen < srclen) {
571 if (srclen > destlen) {
575 for (; destlen && srclen; src++, dest++, destlen--, srclen--) {
576 v = cpu_ldub_data_ra(env, src, ra);
577 cpu_stb_data_ra(env, dest, v, ra);
580 for (; destlen; dest++, destlen--) {
581 cpu_stb_data_ra(env, dest, pad, ra);
584 env->regs[r1 + 1] = destlen;
585 /* can't use srclen here, we trunc'ed it */
586 /* FIXME: 31-bit mode! */
587 env->regs[r3 + 1] -= src - env->regs[r3];
588 env->regs[r1] = dest;
594 /* compare logical long extended memcompare insn with padding */
595 uint32_t HELPER(clcle)(CPUS390XState *env, uint32_t r1, uint64_t a2,
598 uintptr_t ra = GETPC();
599 uint64_t destlen = env->regs[r1 + 1];
600 uint64_t dest = get_address_31fix(env, r1);
601 uint64_t srclen = env->regs[r3 + 1];
602 uint64_t src = get_address_31fix(env, r3);
603 uint8_t pad = a2 & 0xff;
606 if (!(destlen || srclen)) {
610 if (srclen > destlen) {
614 for (; destlen || srclen; src++, dest++, destlen--, srclen--) {
615 uint8_t v1 = srclen ? cpu_ldub_data_ra(env, src, ra) : pad;
616 uint8_t v2 = destlen ? cpu_ldub_data_ra(env, dest, ra) : pad;
618 cc = (v1 < v2) ? 1 : 2;
623 env->regs[r1 + 1] = destlen;
624 /* can't use srclen here, we trunc'ed it */
625 env->regs[r3 + 1] -= src - env->regs[r3];
626 env->regs[r1] = dest;
633 uint64_t HELPER(cksm)(CPUS390XState *env, uint64_t r1,
634 uint64_t src, uint64_t src_len)
636 uintptr_t ra = GETPC();
637 uint64_t max_len, len;
638 uint64_t cksm = (uint32_t)r1;
640 /* Lest we fail to service interrupts in a timely manner, limit the
641 amount of work we're willing to do. For now, let's cap at 8k. */
642 max_len = (src_len > 0x2000 ? 0x2000 : src_len);
644 /* Process full words as available. */
645 for (len = 0; len + 4 <= max_len; len += 4, src += 4) {
646 cksm += (uint32_t)cpu_ldl_data_ra(env, src, ra);
649 switch (max_len - len) {
651 cksm += cpu_ldub_data_ra(env, src, ra) << 24;
655 cksm += cpu_lduw_data_ra(env, src, ra) << 16;
659 cksm += cpu_lduw_data_ra(env, src, ra) << 16;
660 cksm += cpu_ldub_data_ra(env, src + 2, ra) << 8;
665 /* Fold the carry from the checksum. Note that we can see carry-out
666 during folding more than once (but probably not more than twice). */
667 while (cksm > 0xffffffffull) {
668 cksm = (uint32_t)cksm + (cksm >> 32);
671 /* Indicate whether or not we've processed everything. */
672 env->cc_op = (len == src_len ? 0 : 3);
674 /* Return both cksm and processed length. */
679 void HELPER(unpk)(CPUS390XState *env, uint32_t len, uint64_t dest,
682 uintptr_t ra = GETPC();
683 int len_dest = len >> 4;
684 int len_src = len & 0xf;
686 int second_nibble = 0;
691 /* last byte is special, it only flips the nibbles */
692 b = cpu_ldub_data_ra(env, src, ra);
693 cpu_stb_data_ra(env, dest, (b << 4) | (b >> 4), ra);
697 /* now pad every nibble with 0xf0 */
699 while (len_dest > 0) {
700 uint8_t cur_byte = 0;
703 cur_byte = cpu_ldub_data_ra(env, src, ra);
709 /* only advance one nibble at a time */
715 second_nibble = !second_nibble;
718 cur_byte = (cur_byte & 0xf);
722 cpu_stb_data_ra(env, dest, cur_byte, ra);
726 static void do_helper_tr(CPUS390XState *env, uint32_t len, uint64_t array,
727 uint64_t trans, uintptr_t ra)
731 for (i = 0; i <= len; i++) {
732 uint8_t byte = cpu_ldub_data_ra(env, array + i, ra);
733 uint8_t new_byte = cpu_ldub_data_ra(env, trans + byte, ra);
734 cpu_stb_data_ra(env, array + i, new_byte, ra);
738 void HELPER(tr)(CPUS390XState *env, uint32_t len, uint64_t array,
741 return do_helper_tr(env, len, array, trans, GETPC());
744 uint64_t HELPER(tre)(CPUS390XState *env, uint64_t array,
745 uint64_t len, uint64_t trans)
747 uintptr_t ra = GETPC();
748 uint8_t end = env->regs[0] & 0xff;
753 if (!(env->psw.mask & PSW_MASK_64)) {
758 /* Lest we fail to service interrupts in a timely manner, limit the
759 amount of work we're willing to do. For now, let's cap at 8k. */
765 for (i = 0; i < l; i++) {
766 uint8_t byte, new_byte;
768 byte = cpu_ldub_data_ra(env, array + i, ra);
775 new_byte = cpu_ldub_data_ra(env, trans + byte, ra);
776 cpu_stb_data_ra(env, array + i, new_byte, ra);
780 env->retxl = len - i;
784 static uint32_t do_helper_trt(CPUS390XState *env, uint32_t len, uint64_t array,
785 uint64_t trans, uintptr_t ra)
789 for (i = 0; i <= len; i++) {
790 uint8_t byte = cpu_ldub_data_ra(env, array + i, ra);
791 uint8_t sbyte = cpu_ldub_data_ra(env, trans + byte, ra);
794 env->regs[1] = array + i;
795 env->regs[2] = deposit64(env->regs[2], 0, 8, sbyte);
796 return (i == len) ? 2 : 1;
803 uint32_t HELPER(trt)(CPUS390XState *env, uint32_t len, uint64_t array,
806 return do_helper_trt(env, len, array, trans, GETPC());
809 void HELPER(cdsg)(CPUS390XState *env, uint64_t addr,
810 uint32_t r1, uint32_t r3)
812 uintptr_t ra = GETPC();
813 Int128 cmpv = int128_make128(env->regs[r1 + 1], env->regs[r1]);
814 Int128 newv = int128_make128(env->regs[r3 + 1], env->regs[r3]);
819 #ifndef CONFIG_ATOMIC128
820 cpu_loop_exit_atomic(ENV_GET_CPU(env), ra);
822 int mem_idx = cpu_mmu_index(env, false);
823 TCGMemOpIdx oi = make_memop_idx(MO_TEQ | MO_ALIGN_16, mem_idx);
824 oldv = helper_atomic_cmpxchgo_be_mmu(env, addr, cmpv, newv, oi, ra);
825 fail = !int128_eq(oldv, cmpv);
830 oldh = cpu_ldq_data_ra(env, addr + 0, ra);
831 oldl = cpu_ldq_data_ra(env, addr + 8, ra);
833 oldv = int128_make128(oldl, oldh);
834 fail = !int128_eq(oldv, cmpv);
839 cpu_stq_data_ra(env, addr + 0, int128_gethi(newv), ra);
840 cpu_stq_data_ra(env, addr + 8, int128_getlo(newv), ra);
844 env->regs[r1] = int128_gethi(oldv);
845 env->regs[r1 + 1] = int128_getlo(oldv);
848 #if !defined(CONFIG_USER_ONLY)
849 void HELPER(lctlg)(CPUS390XState *env, uint32_t r1, uint64_t a2, uint32_t r3)
851 uintptr_t ra = GETPC();
852 S390CPU *cpu = s390_env_get_cpu(env);
853 bool PERchanged = false;
857 for (i = r1;; i = (i + 1) % 16) {
858 uint64_t val = cpu_ldq_data_ra(env, src, ra);
859 if (env->cregs[i] != val && i >= 9 && i <= 11) {
863 HELPER_LOG("load ctl %d from 0x%" PRIx64 " == 0x%" PRIx64 "\n",
865 src += sizeof(uint64_t);
872 if (PERchanged && env->psw.mask & PSW_MASK_PER) {
873 s390_cpu_recompute_watchpoints(CPU(cpu));
879 void HELPER(lctl)(CPUS390XState *env, uint32_t r1, uint64_t a2, uint32_t r3)
881 uintptr_t ra = GETPC();
882 S390CPU *cpu = s390_env_get_cpu(env);
883 bool PERchanged = false;
887 for (i = r1;; i = (i + 1) % 16) {
888 uint32_t val = cpu_ldl_data_ra(env, src, ra);
889 if ((uint32_t)env->cregs[i] != val && i >= 9 && i <= 11) {
892 env->cregs[i] = deposit64(env->cregs[i], 0, 32, val);
893 HELPER_LOG("load ctl %d from 0x%" PRIx64 " == 0x%x\n", i, src, val);
894 src += sizeof(uint32_t);
901 if (PERchanged && env->psw.mask & PSW_MASK_PER) {
902 s390_cpu_recompute_watchpoints(CPU(cpu));
908 void HELPER(stctg)(CPUS390XState *env, uint32_t r1, uint64_t a2, uint32_t r3)
910 uintptr_t ra = GETPC();
914 for (i = r1;; i = (i + 1) % 16) {
915 cpu_stq_data_ra(env, dest, env->cregs[i], ra);
916 dest += sizeof(uint64_t);
924 void HELPER(stctl)(CPUS390XState *env, uint32_t r1, uint64_t a2, uint32_t r3)
926 uintptr_t ra = GETPC();
930 for (i = r1;; i = (i + 1) % 16) {
931 cpu_stl_data_ra(env, dest, env->cregs[i], ra);
932 dest += sizeof(uint32_t);
940 uint32_t HELPER(testblock)(CPUS390XState *env, uint64_t real_addr)
942 uintptr_t ra = GETPC();
943 CPUState *cs = CPU(s390_env_get_cpu(env));
947 real_addr = fix_address(env, real_addr);
948 abs_addr = mmu_real2abs(env, real_addr) & TARGET_PAGE_MASK;
949 if (!address_space_access_valid(&address_space_memory, abs_addr,
950 TARGET_PAGE_SIZE, true)) {
951 cpu_restore_state(cs, ra);
952 program_interrupt(env, PGM_ADDRESSING, 4);
956 /* Check low-address protection */
957 if ((env->cregs[0] & CR0_LOWPROT) && real_addr < 0x2000) {
958 cpu_restore_state(cs, ra);
959 program_interrupt(env, PGM_PROTECTION, 4);
963 for (i = 0; i < TARGET_PAGE_SIZE; i += 8) {
964 stq_phys(cs->as, abs_addr + i, 0);
970 uint32_t HELPER(tprot)(uint64_t a1, uint64_t a2)
976 /* insert storage key extended */
977 uint64_t HELPER(iske)(CPUS390XState *env, uint64_t r2)
979 static S390SKeysState *ss;
980 static S390SKeysClass *skeyclass;
981 uint64_t addr = get_address(env, 0, 0, r2);
984 if (addr > ram_size) {
989 ss = s390_get_skeys_device();
990 skeyclass = S390_SKEYS_GET_CLASS(ss);
993 if (skeyclass->get_skeys(ss, addr / TARGET_PAGE_SIZE, 1, &key)) {
999 /* set storage key extended */
1000 void HELPER(sske)(CPUS390XState *env, uint64_t r1, uint64_t r2)
1002 static S390SKeysState *ss;
1003 static S390SKeysClass *skeyclass;
1004 uint64_t addr = get_address(env, 0, 0, r2);
1007 if (addr > ram_size) {
1011 if (unlikely(!ss)) {
1012 ss = s390_get_skeys_device();
1013 skeyclass = S390_SKEYS_GET_CLASS(ss);
1017 skeyclass->set_skeys(ss, addr / TARGET_PAGE_SIZE, 1, &key);
1020 /* reset reference bit extended */
1021 uint32_t HELPER(rrbe)(CPUS390XState *env, uint64_t r2)
1023 static S390SKeysState *ss;
1024 static S390SKeysClass *skeyclass;
1027 if (r2 > ram_size) {
1031 if (unlikely(!ss)) {
1032 ss = s390_get_skeys_device();
1033 skeyclass = S390_SKEYS_GET_CLASS(ss);
1036 if (skeyclass->get_skeys(ss, r2 / TARGET_PAGE_SIZE, 1, &key)) {
1040 re = key & (SK_R | SK_C);
1043 if (skeyclass->set_skeys(ss, r2 / TARGET_PAGE_SIZE, 1, &key)) {
1050 * 0 Reference bit zero; change bit zero
1051 * 1 Reference bit zero; change bit one
1052 * 2 Reference bit one; change bit zero
1053 * 3 Reference bit one; change bit one
1059 /* compare and swap and purge */
1060 uint32_t HELPER(csp)(CPUS390XState *env, uint32_t r1, uint64_t r2)
1062 S390CPU *cpu = s390_env_get_cpu(env);
1064 uint32_t o1 = env->regs[r1];
1065 uint64_t a2 = r2 & ~3ULL;
1066 uint32_t o2 = cpu_ldl_data(env, a2);
1069 cpu_stl_data(env, a2, env->regs[(r1 + 1) & 15]);
1071 /* flush TLB / ALB */
1072 tlb_flush(CPU(cpu));
1076 env->regs[r1] = (env->regs[r1] & 0xffffffff00000000ULL) | o2;
1083 uint32_t HELPER(mvcs)(CPUS390XState *env, uint64_t l, uint64_t a1, uint64_t a2)
1085 uintptr_t ra = GETPC();
1088 HELPER_LOG("%s: %16" PRIx64 " %16" PRIx64 " %16" PRIx64 "\n",
1089 __func__, l, a1, a2);
1097 /* XXX replace w/ memcpy */
1098 for (i = 0; i < l; i++) {
1099 uint8_t x = cpu_ldub_primary_ra(env, a2 + i, ra);
1100 cpu_stb_secondary_ra(env, a1 + i, x, ra);
1106 uint32_t HELPER(mvcp)(CPUS390XState *env, uint64_t l, uint64_t a1, uint64_t a2)
1108 uintptr_t ra = GETPC();
1111 HELPER_LOG("%s: %16" PRIx64 " %16" PRIx64 " %16" PRIx64 "\n",
1112 __func__, l, a1, a2);
1120 /* XXX replace w/ memcpy */
1121 for (i = 0; i < l; i++) {
1122 uint8_t x = cpu_ldub_secondary_ra(env, a2 + i, ra);
1123 cpu_stb_primary_ra(env, a1 + i, x, ra);
1129 /* invalidate pte */
1130 void HELPER(ipte)(CPUS390XState *env, uint64_t pte_addr, uint64_t vaddr)
1132 CPUState *cs = CPU(s390_env_get_cpu(env));
1133 uint64_t page = vaddr & TARGET_PAGE_MASK;
1136 /* XXX broadcast to other CPUs */
1138 /* XXX Linux is nice enough to give us the exact pte address.
1139 According to spec we'd have to find it out ourselves */
1140 /* XXX Linux is fine with overwriting the pte, the spec requires
1141 us to only set the invalid bit */
1142 stq_phys(cs->as, pte_addr, pte | _PAGE_INVALID);
1144 /* XXX we exploit the fact that Linux passes the exact virtual
1145 address here - it's not obliged to! */
1146 tlb_flush_page(cs, page);
1148 /* XXX 31-bit hack */
1149 if (page & 0x80000000) {
1150 tlb_flush_page(cs, page & ~0x80000000);
1152 tlb_flush_page(cs, page | 0x80000000);
1156 /* flush local tlb */
1157 void HELPER(ptlb)(CPUS390XState *env)
1159 S390CPU *cpu = s390_env_get_cpu(env);
1161 tlb_flush(CPU(cpu));
1164 /* load using real address */
1165 uint64_t HELPER(lura)(CPUS390XState *env, uint64_t addr)
1167 CPUState *cs = CPU(s390_env_get_cpu(env));
1169 return (uint32_t)ldl_phys(cs->as, get_address(env, 0, 0, addr));
1172 uint64_t HELPER(lurag)(CPUS390XState *env, uint64_t addr)
1174 CPUState *cs = CPU(s390_env_get_cpu(env));
1176 return ldq_phys(cs->as, get_address(env, 0, 0, addr));
1179 /* store using real address */
1180 void HELPER(stura)(CPUS390XState *env, uint64_t addr, uint64_t v1)
1182 CPUState *cs = CPU(s390_env_get_cpu(env));
1184 stl_phys(cs->as, get_address(env, 0, 0, addr), (uint32_t)v1);
1186 if ((env->psw.mask & PSW_MASK_PER) &&
1187 (env->cregs[9] & PER_CR9_EVENT_STORE) &&
1188 (env->cregs[9] & PER_CR9_EVENT_STORE_REAL)) {
1189 /* PSW is saved just before calling the helper. */
1190 env->per_address = env->psw.addr;
1191 env->per_perc_atmid = PER_CODE_EVENT_STORE_REAL | get_per_atmid(env);
1195 void HELPER(sturg)(CPUS390XState *env, uint64_t addr, uint64_t v1)
1197 CPUState *cs = CPU(s390_env_get_cpu(env));
1199 stq_phys(cs->as, get_address(env, 0, 0, addr), v1);
1201 if ((env->psw.mask & PSW_MASK_PER) &&
1202 (env->cregs[9] & PER_CR9_EVENT_STORE) &&
1203 (env->cregs[9] & PER_CR9_EVENT_STORE_REAL)) {
1204 /* PSW is saved just before calling the helper. */
1205 env->per_address = env->psw.addr;
1206 env->per_perc_atmid = PER_CODE_EVENT_STORE_REAL | get_per_atmid(env);
1210 /* load real address */
1211 uint64_t HELPER(lra)(CPUS390XState *env, uint64_t addr)
1213 CPUState *cs = CPU(s390_env_get_cpu(env));
1215 uint64_t asc = env->psw.mask & PSW_MASK_ASC;
1219 /* XXX incomplete - has more corner cases */
1220 if (!(env->psw.mask & PSW_MASK_64) && (addr >> 32)) {
1221 cpu_restore_state(cs, GETPC());
1222 program_interrupt(env, PGM_SPECIAL_OP, 2);
1225 old_exc = cs->exception_index;
1226 if (mmu_translate(env, addr, 0, asc, &ret, &flags, true)) {
1229 if (cs->exception_index == EXCP_PGM) {
1230 ret = env->int_pgm_code | 0x80000000;
1232 ret |= addr & ~TARGET_PAGE_MASK;
1234 cs->exception_index = old_exc;
1241 /* execute instruction
1242 this instruction executes an insn modified with the contents of r1
1243 it does not change the executed instruction in memory
1244 it does not change the program counter
1245 in other words: tricky...
1246 currently implemented by interpreting the cases it is most commonly used.
1248 void HELPER(ex)(CPUS390XState *env, uint32_t ilen, uint64_t r1, uint64_t addr)
1250 S390CPU *cpu = s390_env_get_cpu(env);
1251 uint64_t insn = cpu_lduw_code(env, addr);
1252 uint8_t opc = insn >> 8;
1254 /* Or in the contents of R1[56:63]. */
1257 /* Load the rest of the instruction. */
1259 switch (get_ilen(opc)) {
1263 insn |= (uint64_t)cpu_lduw_code(env, addr + 2) << 32;
1266 insn |= (uint64_t)(uint32_t)cpu_ldl_code(env, addr + 2) << 16;
1269 g_assert_not_reached();
1272 HELPER_LOG("%s: addr 0x%lx insn 0x%" PRIx64 "\n", __func__, addr, insn);
1274 if ((opc & 0xf0) == 0xd0) {
1275 uint32_t l, b1, b2, d1, d2;
1277 l = extract64(insn, 48, 8);
1278 b1 = extract64(insn, 44, 4);
1279 b2 = extract64(insn, 28, 4);
1280 d1 = extract64(insn, 32, 12);
1281 d2 = extract64(insn, 16, 12);
1282 switch (opc & 0xf) {
1284 do_helper_mvc(env, l, get_address(env, 0, b1, d1),
1285 get_address(env, 0, b2, d2), 0);
1288 env->cc_op = do_helper_nc(env, l, get_address(env, 0, b1, d1),
1289 get_address(env, 0, b2, d2), 0);
1292 env->cc_op = do_helper_clc(env, l, get_address(env, 0, b1, d1),
1293 get_address(env, 0, b2, d2), 0);
1296 env->cc_op = do_helper_oc(env, l, get_address(env, 0, b1, d1),
1297 get_address(env, 0, b2, d2), 0);
1300 env->cc_op = do_helper_xc(env, l, get_address(env, 0, b1, d1),
1301 get_address(env, 0, b2, d2), 0);
1304 do_helper_tr(env, l, get_address(env, 0, b1, d1),
1305 get_address(env, 0, b2, d2), 0);
1308 env->cc_op = do_helper_trt(env, l, get_address(env, 0, b1, d1),
1309 get_address(env, 0, b2, d2), 0);
1312 } else if (opc == 0x0a) {
1313 /* supervisor call */
1314 env->int_svc_code = extract64(insn, 48, 8);
1315 env->int_svc_ilen = ilen;
1316 helper_exception(env, EXCP_SVC);
1318 } else if (opc == 0xbf) {
1319 uint32_t r1, r3, b2, d2;
1321 r1 = extract64(insn, 52, 4);
1322 r3 = extract64(insn, 48, 4);
1323 b2 = extract64(insn, 44, 4);
1324 d2 = extract64(insn, 32, 12);
1325 env->cc_op = helper_icm(env, r1, get_address(env, 0, b2, d2), r3);
1329 cpu_abort(CPU(cpu), "EXECUTE on instruction prefix 0x%x not implemented\n",
projects / qemu.git / blob