9 #include "qemu-common.h"
10 #include "host-utils.h"
11 #if !defined(CONFIG_USER_ONLY)
12 #include "hw/loader.h"
15 static uint32_t cortexa9_cp15_c0_c1[8] =
16 { 0x1031, 0x11, 0x000, 0, 0x00100103, 0x20000000, 0x01230000, 0x00002111 };
18 static uint32_t cortexa9_cp15_c0_c2[8] =
19 { 0x00101111, 0x13112111, 0x21232041, 0x11112131, 0x00111142, 0, 0, 0 };
21 static uint32_t cortexa8_cp15_c0_c1[8] =
22 { 0x1031, 0x11, 0x400, 0, 0x31100003, 0x20000000, 0x01202000, 0x11 };
24 static uint32_t cortexa8_cp15_c0_c2[8] =
25 { 0x00101111, 0x12112111, 0x21232031, 0x11112131, 0x00111142, 0, 0, 0 };
27 static uint32_t mpcore_cp15_c0_c1[8] =
28 { 0x111, 0x1, 0, 0x2, 0x01100103, 0x10020302, 0x01222000, 0 };
30 static uint32_t mpcore_cp15_c0_c2[8] =
31 { 0x00100011, 0x12002111, 0x11221011, 0x01102131, 0x141, 0, 0, 0 };
33 static uint32_t arm1136_cp15_c0_c1[8] =
34 { 0x111, 0x1, 0x2, 0x3, 0x01130003, 0x10030302, 0x01222110, 0 };
36 static uint32_t arm1136_cp15_c0_c2[8] =
37 { 0x00140011, 0x12002111, 0x11231111, 0x01102131, 0x141, 0, 0, 0 };
39 static uint32_t cpu_arm_find_by_name(const char *name);
41 static inline void set_feature(CPUARMState *env, int feature)
43 env->features |= 1u << feature;
46 static void cpu_reset_model_id(CPUARMState *env, uint32_t id)
48 env->cp15.c0_cpuid = id;
50 case ARM_CPUID_ARM926:
51 set_feature(env, ARM_FEATURE_V4T);
52 set_feature(env, ARM_FEATURE_V5);
53 set_feature(env, ARM_FEATURE_VFP);
54 env->vfp.xregs[ARM_VFP_FPSID] = 0x41011090;
55 env->cp15.c0_cachetype = 0x1dd20d2;
56 env->cp15.c1_sys = 0x00090078;
58 case ARM_CPUID_ARM946:
59 set_feature(env, ARM_FEATURE_V4T);
60 set_feature(env, ARM_FEATURE_V5);
61 set_feature(env, ARM_FEATURE_MPU);
62 env->cp15.c0_cachetype = 0x0f004006;
63 env->cp15.c1_sys = 0x00000078;
65 case ARM_CPUID_ARM1026:
66 set_feature(env, ARM_FEATURE_V4T);
67 set_feature(env, ARM_FEATURE_V5);
68 set_feature(env, ARM_FEATURE_VFP);
69 set_feature(env, ARM_FEATURE_AUXCR);
70 env->vfp.xregs[ARM_VFP_FPSID] = 0x410110a0;
71 env->cp15.c0_cachetype = 0x1dd20d2;
72 env->cp15.c1_sys = 0x00090078;
74 case ARM_CPUID_ARM1136_R2:
75 case ARM_CPUID_ARM1136:
76 set_feature(env, ARM_FEATURE_V4T);
77 set_feature(env, ARM_FEATURE_V5);
78 set_feature(env, ARM_FEATURE_V6);
79 set_feature(env, ARM_FEATURE_VFP);
80 set_feature(env, ARM_FEATURE_AUXCR);
81 env->vfp.xregs[ARM_VFP_FPSID] = 0x410120b4;
82 env->vfp.xregs[ARM_VFP_MVFR0] = 0x11111111;
83 env->vfp.xregs[ARM_VFP_MVFR1] = 0x00000000;
84 memcpy(env->cp15.c0_c1, arm1136_cp15_c0_c1, 8 * sizeof(uint32_t));
85 memcpy(env->cp15.c0_c2, arm1136_cp15_c0_c2, 8 * sizeof(uint32_t));
86 env->cp15.c0_cachetype = 0x1dd20d2;
87 env->cp15.c1_sys = 0x00050078;
89 case ARM_CPUID_ARM11MPCORE:
90 set_feature(env, ARM_FEATURE_V4T);
91 set_feature(env, ARM_FEATURE_V5);
92 set_feature(env, ARM_FEATURE_V6);
93 set_feature(env, ARM_FEATURE_V6K);
94 set_feature(env, ARM_FEATURE_VFP);
95 set_feature(env, ARM_FEATURE_AUXCR);
96 env->vfp.xregs[ARM_VFP_FPSID] = 0x410120b4;
97 env->vfp.xregs[ARM_VFP_MVFR0] = 0x11111111;
98 env->vfp.xregs[ARM_VFP_MVFR1] = 0x00000000;
99 memcpy(env->cp15.c0_c1, mpcore_cp15_c0_c1, 8 * sizeof(uint32_t));
100 memcpy(env->cp15.c0_c2, mpcore_cp15_c0_c2, 8 * sizeof(uint32_t));
101 env->cp15.c0_cachetype = 0x1dd20d2;
103 case ARM_CPUID_CORTEXA8:
104 set_feature(env, ARM_FEATURE_V4T);
105 set_feature(env, ARM_FEATURE_V5);
106 set_feature(env, ARM_FEATURE_V6);
107 set_feature(env, ARM_FEATURE_V6K);
108 set_feature(env, ARM_FEATURE_V7);
109 set_feature(env, ARM_FEATURE_AUXCR);
110 set_feature(env, ARM_FEATURE_THUMB2);
111 set_feature(env, ARM_FEATURE_VFP);
112 set_feature(env, ARM_FEATURE_VFP3);
113 set_feature(env, ARM_FEATURE_NEON);
114 set_feature(env, ARM_FEATURE_THUMB2EE);
115 env->vfp.xregs[ARM_VFP_FPSID] = 0x410330c0;
116 env->vfp.xregs[ARM_VFP_MVFR0] = 0x11110222;
117 env->vfp.xregs[ARM_VFP_MVFR1] = 0x00011100;
118 memcpy(env->cp15.c0_c1, cortexa8_cp15_c0_c1, 8 * sizeof(uint32_t));
119 memcpy(env->cp15.c0_c2, cortexa8_cp15_c0_c2, 8 * sizeof(uint32_t));
120 env->cp15.c0_cachetype = 0x82048004;
121 env->cp15.c0_clid = (1 << 27) | (2 << 24) | 3;
122 env->cp15.c0_ccsid[0] = 0xe007e01a; /* 16k L1 dcache. */
123 env->cp15.c0_ccsid[1] = 0x2007e01a; /* 16k L1 icache. */
124 env->cp15.c0_ccsid[2] = 0xf0000000; /* No L2 icache. */
125 env->cp15.c1_sys = 0x00c50078;
127 case ARM_CPUID_CORTEXA9:
128 set_feature(env, ARM_FEATURE_V4T);
129 set_feature(env, ARM_FEATURE_V5);
130 set_feature(env, ARM_FEATURE_V6);
131 set_feature(env, ARM_FEATURE_V6K);
132 set_feature(env, ARM_FEATURE_V7);
133 set_feature(env, ARM_FEATURE_AUXCR);
134 set_feature(env, ARM_FEATURE_THUMB2);
135 set_feature(env, ARM_FEATURE_VFP);
136 set_feature(env, ARM_FEATURE_VFP3);
137 set_feature(env, ARM_FEATURE_VFP_FP16);
138 set_feature(env, ARM_FEATURE_NEON);
139 set_feature(env, ARM_FEATURE_THUMB2EE);
140 /* Note that A9 supports the MP extensions even for
141 * A9UP and single-core A9MP (which are both different
142 * and valid configurations; we don't model A9UP).
144 set_feature(env, ARM_FEATURE_V7MP);
145 env->vfp.xregs[ARM_VFP_FPSID] = 0x41034000; /* Guess */
146 env->vfp.xregs[ARM_VFP_MVFR0] = 0x11110222;
147 env->vfp.xregs[ARM_VFP_MVFR1] = 0x01111111;
148 memcpy(env->cp15.c0_c1, cortexa9_cp15_c0_c1, 8 * sizeof(uint32_t));
149 memcpy(env->cp15.c0_c2, cortexa9_cp15_c0_c2, 8 * sizeof(uint32_t));
150 env->cp15.c0_cachetype = 0x80038003;
151 env->cp15.c0_clid = (1 << 27) | (1 << 24) | 3;
152 env->cp15.c0_ccsid[0] = 0xe00fe015; /* 16k L1 dcache. */
153 env->cp15.c0_ccsid[1] = 0x200fe015; /* 16k L1 icache. */
154 env->cp15.c1_sys = 0x00c50078;
156 case ARM_CPUID_CORTEXM3:
157 set_feature(env, ARM_FEATURE_V4T);
158 set_feature(env, ARM_FEATURE_V5);
159 set_feature(env, ARM_FEATURE_V6);
160 set_feature(env, ARM_FEATURE_THUMB2);
161 set_feature(env, ARM_FEATURE_V7);
162 set_feature(env, ARM_FEATURE_M);
163 set_feature(env, ARM_FEATURE_DIV);
165 case ARM_CPUID_ANY: /* For userspace emulation. */
166 set_feature(env, ARM_FEATURE_V4T);
167 set_feature(env, ARM_FEATURE_V5);
168 set_feature(env, ARM_FEATURE_V6);
169 set_feature(env, ARM_FEATURE_V6K);
170 set_feature(env, ARM_FEATURE_V7);
171 set_feature(env, ARM_FEATURE_THUMB2);
172 set_feature(env, ARM_FEATURE_VFP);
173 set_feature(env, ARM_FEATURE_VFP3);
174 set_feature(env, ARM_FEATURE_VFP_FP16);
175 set_feature(env, ARM_FEATURE_NEON);
176 set_feature(env, ARM_FEATURE_THUMB2EE);
177 set_feature(env, ARM_FEATURE_DIV);
178 set_feature(env, ARM_FEATURE_V7MP);
180 case ARM_CPUID_TI915T:
181 case ARM_CPUID_TI925T:
182 set_feature(env, ARM_FEATURE_V4T);
183 set_feature(env, ARM_FEATURE_OMAPCP);
184 env->cp15.c0_cpuid = ARM_CPUID_TI925T; /* Depends on wiring. */
185 env->cp15.c0_cachetype = 0x5109149;
186 env->cp15.c1_sys = 0x00000070;
187 env->cp15.c15_i_max = 0x000;
188 env->cp15.c15_i_min = 0xff0;
190 case ARM_CPUID_PXA250:
191 case ARM_CPUID_PXA255:
192 case ARM_CPUID_PXA260:
193 case ARM_CPUID_PXA261:
194 case ARM_CPUID_PXA262:
195 set_feature(env, ARM_FEATURE_V4T);
196 set_feature(env, ARM_FEATURE_V5);
197 set_feature(env, ARM_FEATURE_XSCALE);
198 /* JTAG_ID is ((id << 28) | 0x09265013) */
199 env->cp15.c0_cachetype = 0xd172172;
200 env->cp15.c1_sys = 0x00000078;
202 case ARM_CPUID_PXA270_A0:
203 case ARM_CPUID_PXA270_A1:
204 case ARM_CPUID_PXA270_B0:
205 case ARM_CPUID_PXA270_B1:
206 case ARM_CPUID_PXA270_C0:
207 case ARM_CPUID_PXA270_C5:
208 set_feature(env, ARM_FEATURE_V4T);
209 set_feature(env, ARM_FEATURE_V5);
210 set_feature(env, ARM_FEATURE_XSCALE);
211 /* JTAG_ID is ((id << 28) | 0x09265013) */
212 set_feature(env, ARM_FEATURE_IWMMXT);
213 env->iwmmxt.cregs[ARM_IWMMXT_wCID] = 0x69051000 | 'Q';
214 env->cp15.c0_cachetype = 0xd172172;
215 env->cp15.c1_sys = 0x00000078;
218 cpu_abort(env, "Bad CPU ID: %x\n", id);
223 void cpu_reset(CPUARMState *env)
227 if (qemu_loglevel_mask(CPU_LOG_RESET)) {
228 qemu_log("CPU Reset (CPU %d)\n", env->cpu_index);
229 log_cpu_state(env, 0);
232 id = env->cp15.c0_cpuid;
233 memset(env, 0, offsetof(CPUARMState, breakpoints));
235 cpu_reset_model_id(env, id);
236 #if defined (CONFIG_USER_ONLY)
237 env->uncached_cpsr = ARM_CPU_MODE_USR;
238 /* For user mode we must enable access to coprocessors */
239 env->vfp.xregs[ARM_VFP_FPEXC] = 1 << 30;
240 if (arm_feature(env, ARM_FEATURE_IWMMXT)) {
241 env->cp15.c15_cpar = 3;
242 } else if (arm_feature(env, ARM_FEATURE_XSCALE)) {
243 env->cp15.c15_cpar = 1;
246 /* SVC mode with interrupts disabled. */
247 env->uncached_cpsr = ARM_CPU_MODE_SVC | CPSR_A | CPSR_F | CPSR_I;
248 /* On ARMv7-M the CPSR_I is the value of the PRIMASK register, and is
249 clear at reset. Initial SP and PC are loaded from ROM. */
253 env->uncached_cpsr &= ~CPSR_I;
256 /* We should really use ldl_phys here, in case the guest
257 modified flash and reset itself. However images
258 loaded via -kenrel have not been copied yet, so load the
259 values directly from there. */
260 env->regs[13] = ldl_p(rom);
263 env->regs[15] = pc & ~1;
266 env->vfp.xregs[ARM_VFP_FPEXC] = 0;
267 env->cp15.c2_base_mask = 0xffffc000u;
269 set_flush_to_zero(1, &env->vfp.standard_fp_status);
270 set_flush_inputs_to_zero(1, &env->vfp.standard_fp_status);
271 set_default_nan_mode(1, &env->vfp.standard_fp_status);
272 set_float_detect_tininess(float_tininess_before_rounding,
273 &env->vfp.fp_status);
274 set_float_detect_tininess(float_tininess_before_rounding,
275 &env->vfp.standard_fp_status);
279 static int vfp_gdb_get_reg(CPUState *env, uint8_t *buf, int reg)
283 /* VFP data registers are always little-endian. */
284 nregs = arm_feature(env, ARM_FEATURE_VFP3) ? 32 : 16;
286 stfq_le_p(buf, env->vfp.regs[reg]);
289 if (arm_feature(env, ARM_FEATURE_NEON)) {
290 /* Aliases for Q regs. */
293 stfq_le_p(buf, env->vfp.regs[(reg - 32) * 2]);
294 stfq_le_p(buf + 8, env->vfp.regs[(reg - 32) * 2 + 1]);
298 switch (reg - nregs) {
299 case 0: stl_p(buf, env->vfp.xregs[ARM_VFP_FPSID]); return 4;
300 case 1: stl_p(buf, env->vfp.xregs[ARM_VFP_FPSCR]); return 4;
301 case 2: stl_p(buf, env->vfp.xregs[ARM_VFP_FPEXC]); return 4;
306 static int vfp_gdb_set_reg(CPUState *env, uint8_t *buf, int reg)
310 nregs = arm_feature(env, ARM_FEATURE_VFP3) ? 32 : 16;
312 env->vfp.regs[reg] = ldfq_le_p(buf);
315 if (arm_feature(env, ARM_FEATURE_NEON)) {
318 env->vfp.regs[(reg - 32) * 2] = ldfq_le_p(buf);
319 env->vfp.regs[(reg - 32) * 2 + 1] = ldfq_le_p(buf + 8);
323 switch (reg - nregs) {
324 case 0: env->vfp.xregs[ARM_VFP_FPSID] = ldl_p(buf); return 4;
325 case 1: env->vfp.xregs[ARM_VFP_FPSCR] = ldl_p(buf); return 4;
326 case 2: env->vfp.xregs[ARM_VFP_FPEXC] = ldl_p(buf) & (1 << 30); return 4;
331 CPUARMState *cpu_arm_init(const char *cpu_model)
335 static int inited = 0;
337 id = cpu_arm_find_by_name(cpu_model);
340 env = qemu_mallocz(sizeof(CPUARMState));
344 arm_translate_init();
347 env->cpu_model_str = cpu_model;
348 env->cp15.c0_cpuid = id;
350 if (arm_feature(env, ARM_FEATURE_NEON)) {
351 gdb_register_coprocessor(env, vfp_gdb_get_reg, vfp_gdb_set_reg,
352 51, "arm-neon.xml", 0);
353 } else if (arm_feature(env, ARM_FEATURE_VFP3)) {
354 gdb_register_coprocessor(env, vfp_gdb_get_reg, vfp_gdb_set_reg,
355 35, "arm-vfp3.xml", 0);
356 } else if (arm_feature(env, ARM_FEATURE_VFP)) {
357 gdb_register_coprocessor(env, vfp_gdb_get_reg, vfp_gdb_set_reg,
358 19, "arm-vfp.xml", 0);
369 static const struct arm_cpu_t arm_cpu_names[] = {
370 { ARM_CPUID_ARM926, "arm926"},
371 { ARM_CPUID_ARM946, "arm946"},
372 { ARM_CPUID_ARM1026, "arm1026"},
373 { ARM_CPUID_ARM1136, "arm1136"},
374 { ARM_CPUID_ARM1136_R2, "arm1136-r2"},
375 { ARM_CPUID_ARM11MPCORE, "arm11mpcore"},
376 { ARM_CPUID_CORTEXM3, "cortex-m3"},
377 { ARM_CPUID_CORTEXA8, "cortex-a8"},
378 { ARM_CPUID_CORTEXA9, "cortex-a9"},
379 { ARM_CPUID_TI925T, "ti925t" },
380 { ARM_CPUID_PXA250, "pxa250" },
381 { ARM_CPUID_PXA255, "pxa255" },
382 { ARM_CPUID_PXA260, "pxa260" },
383 { ARM_CPUID_PXA261, "pxa261" },
384 { ARM_CPUID_PXA262, "pxa262" },
385 { ARM_CPUID_PXA270, "pxa270" },
386 { ARM_CPUID_PXA270_A0, "pxa270-a0" },
387 { ARM_CPUID_PXA270_A1, "pxa270-a1" },
388 { ARM_CPUID_PXA270_B0, "pxa270-b0" },
389 { ARM_CPUID_PXA270_B1, "pxa270-b1" },
390 { ARM_CPUID_PXA270_C0, "pxa270-c0" },
391 { ARM_CPUID_PXA270_C5, "pxa270-c5" },
392 { ARM_CPUID_ANY, "any"},
396 void arm_cpu_list(FILE *f, fprintf_function cpu_fprintf)
400 (*cpu_fprintf)(f, "Available CPUs:\n");
401 for (i = 0; arm_cpu_names[i].name; i++) {
402 (*cpu_fprintf)(f, " %s\n", arm_cpu_names[i].name);
406 /* return 0 if not found */
407 static uint32_t cpu_arm_find_by_name(const char *name)
413 for (i = 0; arm_cpu_names[i].name; i++) {
414 if (strcmp(name, arm_cpu_names[i].name) == 0) {
415 id = arm_cpu_names[i].id;
422 void cpu_arm_close(CPUARMState *env)
427 uint32_t cpsr_read(CPUARMState *env)
431 return env->uncached_cpsr | (env->NF & 0x80000000) | (ZF << 30) |
432 (env->CF << 29) | ((env->VF & 0x80000000) >> 3) | (env->QF << 27)
433 | (env->thumb << 5) | ((env->condexec_bits & 3) << 25)
434 | ((env->condexec_bits & 0xfc) << 8)
438 void cpsr_write(CPUARMState *env, uint32_t val, uint32_t mask)
440 if (mask & CPSR_NZCV) {
441 env->ZF = (~val) & CPSR_Z;
443 env->CF = (val >> 29) & 1;
444 env->VF = (val << 3) & 0x80000000;
447 env->QF = ((val & CPSR_Q) != 0);
449 env->thumb = ((val & CPSR_T) != 0);
450 if (mask & CPSR_IT_0_1) {
451 env->condexec_bits &= ~3;
452 env->condexec_bits |= (val >> 25) & 3;
454 if (mask & CPSR_IT_2_7) {
455 env->condexec_bits &= 3;
456 env->condexec_bits |= (val >> 8) & 0xfc;
458 if (mask & CPSR_GE) {
459 env->GE = (val >> 16) & 0xf;
462 if ((env->uncached_cpsr ^ val) & mask & CPSR_M) {
463 switch_mode(env, val & CPSR_M);
465 mask &= ~CACHED_CPSR_BITS;
466 env->uncached_cpsr = (env->uncached_cpsr & ~mask) | (val & mask);
469 /* Sign/zero extend */
470 uint32_t HELPER(sxtb16)(uint32_t x)
473 res = (uint16_t)(int8_t)x;
474 res |= (uint32_t)(int8_t)(x >> 16) << 16;
478 uint32_t HELPER(uxtb16)(uint32_t x)
481 res = (uint16_t)(uint8_t)x;
482 res |= (uint32_t)(uint8_t)(x >> 16) << 16;
486 uint32_t HELPER(clz)(uint32_t x)
491 int32_t HELPER(sdiv)(int32_t num, int32_t den)
495 if (num == INT_MIN && den == -1)
500 uint32_t HELPER(udiv)(uint32_t num, uint32_t den)
507 uint32_t HELPER(rbit)(uint32_t x)
509 x = ((x & 0xff000000) >> 24)
510 | ((x & 0x00ff0000) >> 8)
511 | ((x & 0x0000ff00) << 8)
512 | ((x & 0x000000ff) << 24);
513 x = ((x & 0xf0f0f0f0) >> 4)
514 | ((x & 0x0f0f0f0f) << 4);
515 x = ((x & 0x88888888) >> 3)
516 | ((x & 0x44444444) >> 1)
517 | ((x & 0x22222222) << 1)
518 | ((x & 0x11111111) << 3);
522 uint32_t HELPER(abs)(uint32_t x)
524 return ((int32_t)x < 0) ? -x : x;
527 #if defined(CONFIG_USER_ONLY)
529 void do_interrupt (CPUState *env)
531 env->exception_index = -1;
534 int cpu_arm_handle_mmu_fault (CPUState *env, target_ulong address, int rw,
535 int mmu_idx, int is_softmmu)
538 env->exception_index = EXCP_PREFETCH_ABORT;
539 env->cp15.c6_insn = address;
541 env->exception_index = EXCP_DATA_ABORT;
542 env->cp15.c6_data = address;
547 /* These should probably raise undefined insn exceptions. */
548 void HELPER(set_cp)(CPUState *env, uint32_t insn, uint32_t val)
550 int op1 = (insn >> 8) & 0xf;
551 cpu_abort(env, "cp%i insn %08x\n", op1, insn);
555 uint32_t HELPER(get_cp)(CPUState *env, uint32_t insn)
557 int op1 = (insn >> 8) & 0xf;
558 cpu_abort(env, "cp%i insn %08x\n", op1, insn);
562 void HELPER(set_cp15)(CPUState *env, uint32_t insn, uint32_t val)
564 cpu_abort(env, "cp15 insn %08x\n", insn);
567 uint32_t HELPER(get_cp15)(CPUState *env, uint32_t insn)
569 cpu_abort(env, "cp15 insn %08x\n", insn);
572 /* These should probably raise undefined insn exceptions. */
573 void HELPER(v7m_msr)(CPUState *env, uint32_t reg, uint32_t val)
575 cpu_abort(env, "v7m_mrs %d\n", reg);
578 uint32_t HELPER(v7m_mrs)(CPUState *env, uint32_t reg)
580 cpu_abort(env, "v7m_mrs %d\n", reg);
584 void switch_mode(CPUState *env, int mode)
586 if (mode != ARM_CPU_MODE_USR)
587 cpu_abort(env, "Tried to switch out of user mode\n");
590 void HELPER(set_r13_banked)(CPUState *env, uint32_t mode, uint32_t val)
592 cpu_abort(env, "banked r13 write\n");
595 uint32_t HELPER(get_r13_banked)(CPUState *env, uint32_t mode)
597 cpu_abort(env, "banked r13 read\n");
603 extern int semihosting_enabled;
605 /* Map CPU modes onto saved register banks. */
606 static inline int bank_number (int mode)
609 case ARM_CPU_MODE_USR:
610 case ARM_CPU_MODE_SYS:
612 case ARM_CPU_MODE_SVC:
614 case ARM_CPU_MODE_ABT:
616 case ARM_CPU_MODE_UND:
618 case ARM_CPU_MODE_IRQ:
620 case ARM_CPU_MODE_FIQ:
623 cpu_abort(cpu_single_env, "Bad mode %x\n", mode);
627 void switch_mode(CPUState *env, int mode)
632 old_mode = env->uncached_cpsr & CPSR_M;
633 if (mode == old_mode)
636 if (old_mode == ARM_CPU_MODE_FIQ) {
637 memcpy (env->fiq_regs, env->regs + 8, 5 * sizeof(uint32_t));
638 memcpy (env->regs + 8, env->usr_regs, 5 * sizeof(uint32_t));
639 } else if (mode == ARM_CPU_MODE_FIQ) {
640 memcpy (env->usr_regs, env->regs + 8, 5 * sizeof(uint32_t));
641 memcpy (env->regs + 8, env->fiq_regs, 5 * sizeof(uint32_t));
644 i = bank_number(old_mode);
645 env->banked_r13[i] = env->regs[13];
646 env->banked_r14[i] = env->regs[14];
647 env->banked_spsr[i] = env->spsr;
649 i = bank_number(mode);
650 env->regs[13] = env->banked_r13[i];
651 env->regs[14] = env->banked_r14[i];
652 env->spsr = env->banked_spsr[i];
655 static void v7m_push(CPUARMState *env, uint32_t val)
658 stl_phys(env->regs[13], val);
661 static uint32_t v7m_pop(CPUARMState *env)
664 val = ldl_phys(env->regs[13]);
669 /* Switch to V7M main or process stack pointer. */
670 static void switch_v7m_sp(CPUARMState *env, int process)
673 if (env->v7m.current_sp != process) {
674 tmp = env->v7m.other_sp;
675 env->v7m.other_sp = env->regs[13];
677 env->v7m.current_sp = process;
681 static void do_v7m_exception_exit(CPUARMState *env)
686 type = env->regs[15];
687 if (env->v7m.exception != 0)
688 armv7m_nvic_complete_irq(env->nvic, env->v7m.exception);
690 /* Switch to the target stack. */
691 switch_v7m_sp(env, (type & 4) != 0);
693 env->regs[0] = v7m_pop(env);
694 env->regs[1] = v7m_pop(env);
695 env->regs[2] = v7m_pop(env);
696 env->regs[3] = v7m_pop(env);
697 env->regs[12] = v7m_pop(env);
698 env->regs[14] = v7m_pop(env);
699 env->regs[15] = v7m_pop(env);
701 xpsr_write(env, xpsr, 0xfffffdff);
702 /* Undo stack alignment. */
705 /* ??? The exception return type specifies Thread/Handler mode. However
706 this is also implied by the xPSR value. Not sure what to do
707 if there is a mismatch. */
708 /* ??? Likewise for mismatches between the CONTROL register and the stack
712 static void do_interrupt_v7m(CPUARMState *env)
714 uint32_t xpsr = xpsr_read(env);
719 if (env->v7m.current_sp)
721 if (env->v7m.exception == 0)
724 /* For exceptions we just mark as pending on the NVIC, and let that
726 /* TODO: Need to escalate if the current priority is higher than the
727 one we're raising. */
728 switch (env->exception_index) {
730 armv7m_nvic_set_pending(env->nvic, ARMV7M_EXCP_USAGE);
734 armv7m_nvic_set_pending(env->nvic, ARMV7M_EXCP_SVC);
736 case EXCP_PREFETCH_ABORT:
737 case EXCP_DATA_ABORT:
738 armv7m_nvic_set_pending(env->nvic, ARMV7M_EXCP_MEM);
741 if (semihosting_enabled) {
743 nr = lduw_code(env->regs[15]) & 0xff;
746 env->regs[0] = do_arm_semihosting(env);
750 armv7m_nvic_set_pending(env->nvic, ARMV7M_EXCP_DEBUG);
753 env->v7m.exception = armv7m_nvic_acknowledge_irq(env->nvic);
755 case EXCP_EXCEPTION_EXIT:
756 do_v7m_exception_exit(env);
759 cpu_abort(env, "Unhandled exception 0x%x\n", env->exception_index);
760 return; /* Never happens. Keep compiler happy. */
763 /* Align stack pointer. */
764 /* ??? Should only do this if Configuration Control Register
765 STACKALIGN bit is set. */
766 if (env->regs[13] & 4) {
770 /* Switch to the handler mode. */
772 v7m_push(env, env->regs[15]);
773 v7m_push(env, env->regs[14]);
774 v7m_push(env, env->regs[12]);
775 v7m_push(env, env->regs[3]);
776 v7m_push(env, env->regs[2]);
777 v7m_push(env, env->regs[1]);
778 v7m_push(env, env->regs[0]);
779 switch_v7m_sp(env, 0);
780 env->uncached_cpsr &= ~CPSR_IT;
782 addr = ldl_phys(env->v7m.vecbase + env->v7m.exception * 4);
783 env->regs[15] = addr & 0xfffffffe;
784 env->thumb = addr & 1;
787 /* Handle a CPU exception. */
788 void do_interrupt(CPUARMState *env)
796 do_interrupt_v7m(env);
799 /* TODO: Vectored interrupt controller. */
800 switch (env->exception_index) {
802 new_mode = ARM_CPU_MODE_UND;
811 if (semihosting_enabled) {
812 /* Check for semihosting interrupt. */
814 mask = lduw_code(env->regs[15] - 2) & 0xff;
816 mask = ldl_code(env->regs[15] - 4) & 0xffffff;
818 /* Only intercept calls from privileged modes, to provide some
819 semblance of security. */
820 if (((mask == 0x123456 && !env->thumb)
821 || (mask == 0xab && env->thumb))
822 && (env->uncached_cpsr & CPSR_M) != ARM_CPU_MODE_USR) {
823 env->regs[0] = do_arm_semihosting(env);
827 new_mode = ARM_CPU_MODE_SVC;
830 /* The PC already points to the next instruction. */
834 /* See if this is a semihosting syscall. */
835 if (env->thumb && semihosting_enabled) {
836 mask = lduw_code(env->regs[15]) & 0xff;
838 && (env->uncached_cpsr & CPSR_M) != ARM_CPU_MODE_USR) {
840 env->regs[0] = do_arm_semihosting(env);
844 /* Fall through to prefetch abort. */
845 case EXCP_PREFETCH_ABORT:
846 new_mode = ARM_CPU_MODE_ABT;
848 mask = CPSR_A | CPSR_I;
851 case EXCP_DATA_ABORT:
852 new_mode = ARM_CPU_MODE_ABT;
854 mask = CPSR_A | CPSR_I;
858 new_mode = ARM_CPU_MODE_IRQ;
860 /* Disable IRQ and imprecise data aborts. */
861 mask = CPSR_A | CPSR_I;
865 new_mode = ARM_CPU_MODE_FIQ;
867 /* Disable FIQ, IRQ and imprecise data aborts. */
868 mask = CPSR_A | CPSR_I | CPSR_F;
872 cpu_abort(env, "Unhandled exception 0x%x\n", env->exception_index);
873 return; /* Never happens. Keep compiler happy. */
876 if (env->cp15.c1_sys & (1 << 13)) {
879 switch_mode (env, new_mode);
880 env->spsr = cpsr_read(env);
882 env->condexec_bits = 0;
883 /* Switch to the new mode, and to the correct instruction set. */
884 env->uncached_cpsr = (env->uncached_cpsr & ~CPSR_M) | new_mode;
885 env->uncached_cpsr |= mask;
886 /* this is a lie, as the was no c1_sys on V4T/V5, but who cares
887 * and we should just guard the thumb mode on V4 */
888 if (arm_feature(env, ARM_FEATURE_V4T)) {
889 env->thumb = (env->cp15.c1_sys & (1 << 30)) != 0;
891 env->regs[14] = env->regs[15] + offset;
892 env->regs[15] = addr;
893 env->interrupt_request |= CPU_INTERRUPT_EXITTB;
896 /* Check section/page access permissions.
897 Returns the page protection flags, or zero if the access is not
899 static inline int check_ap(CPUState *env, int ap, int domain, int access_type,
905 return PAGE_READ | PAGE_WRITE;
907 if (access_type == 1)
914 if (access_type == 1)
916 switch ((env->cp15.c1_sys >> 8) & 3) {
918 return is_user ? 0 : PAGE_READ;
925 return is_user ? 0 : PAGE_READ | PAGE_WRITE;
930 return PAGE_READ | PAGE_WRITE;
932 return PAGE_READ | PAGE_WRITE;
933 case 4: /* Reserved. */
936 return is_user ? 0 : prot_ro;
940 if (!arm_feature (env, ARM_FEATURE_V7))
948 static uint32_t get_level1_table_address(CPUState *env, uint32_t address)
952 if (address & env->cp15.c2_mask)
953 table = env->cp15.c2_base1 & 0xffffc000;
955 table = env->cp15.c2_base0 & env->cp15.c2_base_mask;
957 table |= (address >> 18) & 0x3ffc;
961 static int get_phys_addr_v5(CPUState *env, uint32_t address, int access_type,
962 int is_user, uint32_t *phys_ptr, int *prot,
963 target_ulong *page_size)
973 /* Pagetable walk. */
974 /* Lookup l1 descriptor. */
975 table = get_level1_table_address(env, address);
976 desc = ldl_phys(table);
978 domain = (env->cp15.c3 >> ((desc >> 4) & 0x1e)) & 3;
980 /* Section translation fault. */
984 if (domain == 0 || domain == 2) {
986 code = 9; /* Section domain fault. */
988 code = 11; /* Page domain fault. */
993 phys_addr = (desc & 0xfff00000) | (address & 0x000fffff);
994 ap = (desc >> 10) & 3;
996 *page_size = 1024 * 1024;
998 /* Lookup l2 entry. */
1000 /* Coarse pagetable. */
1001 table = (desc & 0xfffffc00) | ((address >> 10) & 0x3fc);
1003 /* Fine pagetable. */
1004 table = (desc & 0xfffff000) | ((address >> 8) & 0xffc);
1006 desc = ldl_phys(table);
1008 case 0: /* Page translation fault. */
1011 case 1: /* 64k page. */
1012 phys_addr = (desc & 0xffff0000) | (address & 0xffff);
1013 ap = (desc >> (4 + ((address >> 13) & 6))) & 3;
1014 *page_size = 0x10000;
1016 case 2: /* 4k page. */
1017 phys_addr = (desc & 0xfffff000) | (address & 0xfff);
1018 ap = (desc >> (4 + ((address >> 13) & 6))) & 3;
1019 *page_size = 0x1000;
1021 case 3: /* 1k page. */
1023 if (arm_feature(env, ARM_FEATURE_XSCALE)) {
1024 phys_addr = (desc & 0xfffff000) | (address & 0xfff);
1026 /* Page translation fault. */
1031 phys_addr = (desc & 0xfffffc00) | (address & 0x3ff);
1033 ap = (desc >> 4) & 3;
1037 /* Never happens, but compiler isn't smart enough to tell. */
1042 *prot = check_ap(env, ap, domain, access_type, is_user);
1044 /* Access permission fault. */
1048 *phys_ptr = phys_addr;
1051 return code | (domain << 4);
1054 static int get_phys_addr_v6(CPUState *env, uint32_t address, int access_type,
1055 int is_user, uint32_t *phys_ptr, int *prot,
1056 target_ulong *page_size)
1067 /* Pagetable walk. */
1068 /* Lookup l1 descriptor. */
1069 table = get_level1_table_address(env, address);
1070 desc = ldl_phys(table);
1073 /* Section translation fault. */
1077 } else if (type == 2 && (desc & (1 << 18))) {
1081 /* Section or page. */
1082 domain = (desc >> 4) & 0x1e;
1084 domain = (env->cp15.c3 >> domain) & 3;
1085 if (domain == 0 || domain == 2) {
1087 code = 9; /* Section domain fault. */
1089 code = 11; /* Page domain fault. */
1093 if (desc & (1 << 18)) {
1095 phys_addr = (desc & 0xff000000) | (address & 0x00ffffff);
1096 *page_size = 0x1000000;
1099 phys_addr = (desc & 0xfff00000) | (address & 0x000fffff);
1100 *page_size = 0x100000;
1102 ap = ((desc >> 10) & 3) | ((desc >> 13) & 4);
1103 xn = desc & (1 << 4);
1106 /* Lookup l2 entry. */
1107 table = (desc & 0xfffffc00) | ((address >> 10) & 0x3fc);
1108 desc = ldl_phys(table);
1109 ap = ((desc >> 4) & 3) | ((desc >> 7) & 4);
1111 case 0: /* Page translation fault. */
1114 case 1: /* 64k page. */
1115 phys_addr = (desc & 0xffff0000) | (address & 0xffff);
1116 xn = desc & (1 << 15);
1117 *page_size = 0x10000;
1119 case 2: case 3: /* 4k page. */
1120 phys_addr = (desc & 0xfffff000) | (address & 0xfff);
1122 *page_size = 0x1000;
1125 /* Never happens, but compiler isn't smart enough to tell. */
1131 *prot = PAGE_READ | PAGE_WRITE | PAGE_EXEC;
1133 if (xn && access_type == 2)
1136 /* The simplified model uses AP[0] as an access control bit. */
1137 if ((env->cp15.c1_sys & (1 << 29)) && (ap & 1) == 0) {
1138 /* Access flag fault. */
1139 code = (code == 15) ? 6 : 3;
1142 *prot = check_ap(env, ap, domain, access_type, is_user);
1144 /* Access permission fault. */
1151 *phys_ptr = phys_addr;
1154 return code | (domain << 4);
1157 static int get_phys_addr_mpu(CPUState *env, uint32_t address, int access_type,
1158 int is_user, uint32_t *phys_ptr, int *prot)
1164 *phys_ptr = address;
1165 for (n = 7; n >= 0; n--) {
1166 base = env->cp15.c6_region[n];
1167 if ((base & 1) == 0)
1169 mask = 1 << ((base >> 1) & 0x1f);
1170 /* Keep this shift separate from the above to avoid an
1171 (undefined) << 32. */
1172 mask = (mask << 1) - 1;
1173 if (((base ^ address) & ~mask) == 0)
1179 if (access_type == 2) {
1180 mask = env->cp15.c5_insn;
1182 mask = env->cp15.c5_data;
1184 mask = (mask >> (n * 4)) & 0xf;
1191 *prot = PAGE_READ | PAGE_WRITE;
1196 *prot |= PAGE_WRITE;
1199 *prot = PAGE_READ | PAGE_WRITE;
1210 /* Bad permission. */
1217 static inline int get_phys_addr(CPUState *env, uint32_t address,
1218 int access_type, int is_user,
1219 uint32_t *phys_ptr, int *prot,
1220 target_ulong *page_size)
1222 /* Fast Context Switch Extension. */
1223 if (address < 0x02000000)
1224 address += env->cp15.c13_fcse;
1226 if ((env->cp15.c1_sys & 1) == 0) {
1227 /* MMU/MPU disabled. */
1228 *phys_ptr = address;
1229 *prot = PAGE_READ | PAGE_WRITE | PAGE_EXEC;
1230 *page_size = TARGET_PAGE_SIZE;
1232 } else if (arm_feature(env, ARM_FEATURE_MPU)) {
1233 *page_size = TARGET_PAGE_SIZE;
1234 return get_phys_addr_mpu(env, address, access_type, is_user, phys_ptr,
1236 } else if (env->cp15.c1_sys & (1 << 23)) {
1237 return get_phys_addr_v6(env, address, access_type, is_user, phys_ptr,
1240 return get_phys_addr_v5(env, address, access_type, is_user, phys_ptr,
1245 int cpu_arm_handle_mmu_fault (CPUState *env, target_ulong address,
1246 int access_type, int mmu_idx, int is_softmmu)
1249 target_ulong page_size;
1253 is_user = mmu_idx == MMU_USER_IDX;
1254 ret = get_phys_addr(env, address, access_type, is_user, &phys_addr, &prot,
1257 /* Map a single [sub]page. */
1258 phys_addr &= ~(uint32_t)0x3ff;
1259 address &= ~(uint32_t)0x3ff;
1260 tlb_set_page (env, address, phys_addr, prot, mmu_idx, page_size);
1264 if (access_type == 2) {
1265 env->cp15.c5_insn = ret;
1266 env->cp15.c6_insn = address;
1267 env->exception_index = EXCP_PREFETCH_ABORT;
1269 env->cp15.c5_data = ret;
1270 if (access_type == 1 && arm_feature(env, ARM_FEATURE_V6))
1271 env->cp15.c5_data |= (1 << 11);
1272 env->cp15.c6_data = address;
1273 env->exception_index = EXCP_DATA_ABORT;
1278 target_phys_addr_t cpu_get_phys_page_debug(CPUState *env, target_ulong addr)
1281 target_ulong page_size;
1285 ret = get_phys_addr(env, addr, 0, 0, &phys_addr, &prot, &page_size);
1293 void HELPER(set_cp)(CPUState *env, uint32_t insn, uint32_t val)
1295 int cp_num = (insn >> 8) & 0xf;
1296 int cp_info = (insn >> 5) & 7;
1297 int src = (insn >> 16) & 0xf;
1298 int operand = insn & 0xf;
1300 if (env->cp[cp_num].cp_write)
1301 env->cp[cp_num].cp_write(env->cp[cp_num].opaque,
1302 cp_info, src, operand, val);
1305 uint32_t HELPER(get_cp)(CPUState *env, uint32_t insn)
1307 int cp_num = (insn >> 8) & 0xf;
1308 int cp_info = (insn >> 5) & 7;
1309 int dest = (insn >> 16) & 0xf;
1310 int operand = insn & 0xf;
1312 if (env->cp[cp_num].cp_read)
1313 return env->cp[cp_num].cp_read(env->cp[cp_num].opaque,
1314 cp_info, dest, operand);
1318 /* Return basic MPU access permission bits. */
1319 static uint32_t simple_mpu_ap_bits(uint32_t val)
1326 for (i = 0; i < 16; i += 2) {
1327 ret |= (val >> i) & mask;
1333 /* Pad basic MPU access permission bits to extended format. */
1334 static uint32_t extended_mpu_ap_bits(uint32_t val)
1341 for (i = 0; i < 16; i += 2) {
1342 ret |= (val & mask) << i;
1348 void HELPER(set_cp15)(CPUState *env, uint32_t insn, uint32_t val)
1354 op1 = (insn >> 21) & 7;
1355 op2 = (insn >> 5) & 7;
1357 switch ((insn >> 16) & 0xf) {
1360 if (arm_feature(env, ARM_FEATURE_XSCALE))
1362 if (arm_feature(env, ARM_FEATURE_OMAPCP))
1364 if (arm_feature(env, ARM_FEATURE_V7)
1365 && op1 == 2 && crm == 0 && op2 == 0) {
1366 env->cp15.c0_cssel = val & 0xf;
1370 case 1: /* System configuration. */
1371 if (arm_feature(env, ARM_FEATURE_OMAPCP))
1375 if (!arm_feature(env, ARM_FEATURE_XSCALE) || crm == 0)
1376 env->cp15.c1_sys = val;
1377 /* ??? Lots of these bits are not implemented. */
1378 /* This may enable/disable the MMU, so do a TLB flush. */
1381 case 1: /* Auxiliary cotrol register. */
1382 if (arm_feature(env, ARM_FEATURE_XSCALE)) {
1383 env->cp15.c1_xscaleauxcr = val;
1386 /* Not implemented. */
1389 if (arm_feature(env, ARM_FEATURE_XSCALE))
1391 if (env->cp15.c1_coproc != val) {
1392 env->cp15.c1_coproc = val;
1393 /* ??? Is this safe when called from within a TB? */
1401 case 2: /* MMU Page table control / MPU cache control. */
1402 if (arm_feature(env, ARM_FEATURE_MPU)) {
1405 env->cp15.c2_data = val;
1408 env->cp15.c2_insn = val;
1416 env->cp15.c2_base0 = val;
1419 env->cp15.c2_base1 = val;
1423 env->cp15.c2_control = val;
1424 env->cp15.c2_mask = ~(((uint32_t)0xffffffffu) >> val);
1425 env->cp15.c2_base_mask = ~((uint32_t)0x3fffu >> val);
1432 case 3: /* MMU Domain access control / MPU write buffer control. */
1434 tlb_flush(env, 1); /* Flush TLB as domain not tracked in TLB */
1436 case 4: /* Reserved. */
1438 case 5: /* MMU Fault status / MPU access permission. */
1439 if (arm_feature(env, ARM_FEATURE_OMAPCP))
1443 if (arm_feature(env, ARM_FEATURE_MPU))
1444 val = extended_mpu_ap_bits(val);
1445 env->cp15.c5_data = val;
1448 if (arm_feature(env, ARM_FEATURE_MPU))
1449 val = extended_mpu_ap_bits(val);
1450 env->cp15.c5_insn = val;
1453 if (!arm_feature(env, ARM_FEATURE_MPU))
1455 env->cp15.c5_data = val;
1458 if (!arm_feature(env, ARM_FEATURE_MPU))
1460 env->cp15.c5_insn = val;
1466 case 6: /* MMU Fault address / MPU base/size. */
1467 if (arm_feature(env, ARM_FEATURE_MPU)) {
1470 env->cp15.c6_region[crm] = val;
1472 if (arm_feature(env, ARM_FEATURE_OMAPCP))
1476 env->cp15.c6_data = val;
1478 case 1: /* ??? This is WFAR on armv6 */
1480 env->cp15.c6_insn = val;
1487 case 7: /* Cache control. */
1488 env->cp15.c15_i_max = 0x000;
1489 env->cp15.c15_i_min = 0xff0;
1493 /* No cache, so nothing to do except VA->PA translations. */
1494 if (arm_feature(env, ARM_FEATURE_V6K)) {
1497 if (arm_feature(env, ARM_FEATURE_V7)) {
1498 env->cp15.c7_par = val & 0xfffff6ff;
1500 env->cp15.c7_par = val & 0xfffff1ff;
1505 target_ulong page_size;
1507 int ret, is_user = op2 & 2;
1508 int access_type = op2 & 1;
1511 /* Other states are only available with TrustZone */
1514 ret = get_phys_addr(env, val, access_type, is_user,
1515 &phys_addr, &prot, &page_size);
1517 /* We do not set any attribute bits in the PAR */
1518 if (page_size == (1 << 24)
1519 && arm_feature(env, ARM_FEATURE_V7)) {
1520 env->cp15.c7_par = (phys_addr & 0xff000000) | 1 << 1;
1522 env->cp15.c7_par = phys_addr & 0xfffff000;
1525 env->cp15.c7_par = ((ret & (10 << 1)) >> 5) |
1526 ((ret & (12 << 1)) >> 6) |
1527 ((ret & 0xf) << 1) | 1;
1534 case 8: /* MMU TLB control. */
1536 case 0: /* Invalidate all. */
1539 case 1: /* Invalidate single TLB entry. */
1540 tlb_flush_page(env, val & TARGET_PAGE_MASK);
1542 case 2: /* Invalidate on ASID. */
1543 tlb_flush(env, val == 0);
1545 case 3: /* Invalidate single entry on MVA. */
1546 /* ??? This is like case 1, but ignores ASID. */
1554 if (arm_feature(env, ARM_FEATURE_OMAPCP))
1557 case 0: /* Cache lockdown. */
1559 case 0: /* L1 cache. */
1562 env->cp15.c9_data = val;
1565 env->cp15.c9_insn = val;
1571 case 1: /* L2 cache. */
1572 /* Ignore writes to L2 lockdown/auxiliary registers. */
1578 case 1: /* TCM memory region registers. */
1579 /* Not implemented. */
1585 case 10: /* MMU TLB lockdown. */
1586 /* ??? TLB lockdown not implemented. */
1588 case 12: /* Reserved. */
1590 case 13: /* Process ID. */
1593 /* Unlike real hardware the qemu TLB uses virtual addresses,
1594 not modified virtual addresses, so this causes a TLB flush.
1596 if (env->cp15.c13_fcse != val)
1598 env->cp15.c13_fcse = val;
1601 /* This changes the ASID, so do a TLB flush. */
1602 if (env->cp15.c13_context != val
1603 && !arm_feature(env, ARM_FEATURE_MPU))
1605 env->cp15.c13_context = val;
1611 case 14: /* Reserved. */
1613 case 15: /* Implementation specific. */
1614 if (arm_feature(env, ARM_FEATURE_XSCALE)) {
1615 if (op2 == 0 && crm == 1) {
1616 if (env->cp15.c15_cpar != (val & 0x3fff)) {
1617 /* Changes cp0 to cp13 behavior, so needs a TB flush. */
1619 env->cp15.c15_cpar = val & 0x3fff;
1625 if (arm_feature(env, ARM_FEATURE_OMAPCP)) {
1629 case 1: /* Set TI925T configuration. */
1630 env->cp15.c15_ticonfig = val & 0xe7;
1631 env->cp15.c0_cpuid = (val & (1 << 5)) ? /* OS_TYPE bit */
1632 ARM_CPUID_TI915T : ARM_CPUID_TI925T;
1634 case 2: /* Set I_max. */
1635 env->cp15.c15_i_max = val;
1637 case 3: /* Set I_min. */
1638 env->cp15.c15_i_min = val;
1640 case 4: /* Set thread-ID. */
1641 env->cp15.c15_threadid = val & 0xffff;
1643 case 8: /* Wait-for-interrupt (deprecated). */
1644 cpu_interrupt(env, CPU_INTERRUPT_HALT);
1654 /* ??? For debugging only. Should raise illegal instruction exception. */
1655 cpu_abort(env, "Unimplemented cp15 register write (c%d, c%d, {%d, %d})\n",
1656 (insn >> 16) & 0xf, crm, op1, op2);
1659 uint32_t HELPER(get_cp15)(CPUState *env, uint32_t insn)
1665 op1 = (insn >> 21) & 7;
1666 op2 = (insn >> 5) & 7;
1668 switch ((insn >> 16) & 0xf) {
1669 case 0: /* ID codes. */
1675 case 0: /* Device ID. */
1676 return env->cp15.c0_cpuid;
1677 case 1: /* Cache Type. */
1678 return env->cp15.c0_cachetype;
1679 case 2: /* TCM status. */
1681 case 3: /* TLB type register. */
1682 return 0; /* No lockable TLB entries. */
1684 /* The MPIDR was standardised in v7; prior to
1685 * this it was implemented only in the 11MPCore.
1686 * For all other pre-v7 cores it does not exist.
1688 if (arm_feature(env, ARM_FEATURE_V7) ||
1689 ARM_CPUID(env) == ARM_CPUID_ARM11MPCORE) {
1690 int mpidr = env->cpu_index;
1691 /* We don't support setting cluster ID ([8..11])
1692 * so these bits always RAZ.
1694 if (arm_feature(env, ARM_FEATURE_V7MP)) {
1696 /* Cores which are uniprocessor (non-coherent)
1697 * but still implement the MP extensions set
1698 * bit 30. (For instance, A9UP.) However we do
1699 * not currently model any of those cores.
1704 /* otherwise fall through to the unimplemented-reg case */
1709 if (!arm_feature(env, ARM_FEATURE_V6))
1711 return env->cp15.c0_c1[op2];
1713 if (!arm_feature(env, ARM_FEATURE_V6))
1715 return env->cp15.c0_c2[op2];
1716 case 3: case 4: case 5: case 6: case 7:
1722 /* These registers aren't documented on arm11 cores. However
1723 Linux looks at them anyway. */
1724 if (!arm_feature(env, ARM_FEATURE_V6))
1728 if (!arm_feature(env, ARM_FEATURE_V7))
1733 return env->cp15.c0_ccsid[env->cp15.c0_cssel];
1735 return env->cp15.c0_clid;
1741 if (op2 != 0 || crm != 0)
1743 return env->cp15.c0_cssel;
1747 case 1: /* System configuration. */
1748 if (arm_feature(env, ARM_FEATURE_OMAPCP))
1751 case 0: /* Control register. */
1752 return env->cp15.c1_sys;
1753 case 1: /* Auxiliary control register. */
1754 if (arm_feature(env, ARM_FEATURE_XSCALE))
1755 return env->cp15.c1_xscaleauxcr;
1756 if (!arm_feature(env, ARM_FEATURE_AUXCR))
1758 switch (ARM_CPUID(env)) {
1759 case ARM_CPUID_ARM1026:
1761 case ARM_CPUID_ARM1136:
1762 case ARM_CPUID_ARM1136_R2:
1764 case ARM_CPUID_ARM11MPCORE:
1766 case ARM_CPUID_CORTEXA8:
1768 case ARM_CPUID_CORTEXA9:
1773 case 2: /* Coprocessor access register. */
1774 if (arm_feature(env, ARM_FEATURE_XSCALE))
1776 return env->cp15.c1_coproc;
1780 case 2: /* MMU Page table control / MPU cache control. */
1781 if (arm_feature(env, ARM_FEATURE_MPU)) {
1784 return env->cp15.c2_data;
1787 return env->cp15.c2_insn;
1795 return env->cp15.c2_base0;
1797 return env->cp15.c2_base1;
1799 return env->cp15.c2_control;
1804 case 3: /* MMU Domain access control / MPU write buffer control. */
1805 return env->cp15.c3;
1806 case 4: /* Reserved. */
1808 case 5: /* MMU Fault status / MPU access permission. */
1809 if (arm_feature(env, ARM_FEATURE_OMAPCP))
1813 if (arm_feature(env, ARM_FEATURE_MPU))
1814 return simple_mpu_ap_bits(env->cp15.c5_data);
1815 return env->cp15.c5_data;
1817 if (arm_feature(env, ARM_FEATURE_MPU))
1818 return simple_mpu_ap_bits(env->cp15.c5_data);
1819 return env->cp15.c5_insn;
1821 if (!arm_feature(env, ARM_FEATURE_MPU))
1823 return env->cp15.c5_data;
1825 if (!arm_feature(env, ARM_FEATURE_MPU))
1827 return env->cp15.c5_insn;
1831 case 6: /* MMU Fault address. */
1832 if (arm_feature(env, ARM_FEATURE_MPU)) {
1835 return env->cp15.c6_region[crm];
1837 if (arm_feature(env, ARM_FEATURE_OMAPCP))
1841 return env->cp15.c6_data;
1843 if (arm_feature(env, ARM_FEATURE_V6)) {
1844 /* Watchpoint Fault Adrress. */
1845 return 0; /* Not implemented. */
1847 /* Instruction Fault Adrress. */
1848 /* Arm9 doesn't have an IFAR, but implementing it anyway
1849 shouldn't do any harm. */
1850 return env->cp15.c6_insn;
1853 if (arm_feature(env, ARM_FEATURE_V6)) {
1854 /* Instruction Fault Adrress. */
1855 return env->cp15.c6_insn;
1863 case 7: /* Cache control. */
1864 if (crm == 4 && op1 == 0 && op2 == 0) {
1865 return env->cp15.c7_par;
1867 /* FIXME: Should only clear Z flag if destination is r15. */
1870 case 8: /* MMU TLB control. */
1872 case 9: /* Cache lockdown. */
1874 case 0: /* L1 cache. */
1875 if (arm_feature(env, ARM_FEATURE_OMAPCP))
1879 return env->cp15.c9_data;
1881 return env->cp15.c9_insn;
1885 case 1: /* L2 cache */
1888 /* L2 Lockdown and Auxiliary control. */
1893 case 10: /* MMU TLB lockdown. */
1894 /* ??? TLB lockdown not implemented. */
1896 case 11: /* TCM DMA control. */
1897 case 12: /* Reserved. */
1899 case 13: /* Process ID. */
1902 return env->cp15.c13_fcse;
1904 return env->cp15.c13_context;
1908 case 14: /* Reserved. */
1910 case 15: /* Implementation specific. */
1911 if (arm_feature(env, ARM_FEATURE_XSCALE)) {
1912 if (op2 == 0 && crm == 1)
1913 return env->cp15.c15_cpar;
1917 if (arm_feature(env, ARM_FEATURE_OMAPCP)) {
1921 case 1: /* Read TI925T configuration. */
1922 return env->cp15.c15_ticonfig;
1923 case 2: /* Read I_max. */
1924 return env->cp15.c15_i_max;
1925 case 3: /* Read I_min. */
1926 return env->cp15.c15_i_min;
1927 case 4: /* Read thread-ID. */
1928 return env->cp15.c15_threadid;
1929 case 8: /* TI925T_status */
1932 /* TODO: Peripheral port remap register:
1933 * On OMAP2 mcr p15, 0, rn, c15, c2, 4 sets up the interrupt
1934 * controller base address at $rn & ~0xfff and map size of
1935 * 0x200 << ($rn & 0xfff), when MMU is off. */
1941 /* ??? For debugging only. Should raise illegal instruction exception. */
1942 cpu_abort(env, "Unimplemented cp15 register read (c%d, c%d, {%d, %d})\n",
1943 (insn >> 16) & 0xf, crm, op1, op2);
1947 void HELPER(set_r13_banked)(CPUState *env, uint32_t mode, uint32_t val)
1949 if ((env->uncached_cpsr & CPSR_M) == mode) {
1950 env->regs[13] = val;
1952 env->banked_r13[bank_number(mode)] = val;
1956 uint32_t HELPER(get_r13_banked)(CPUState *env, uint32_t mode)
1958 if ((env->uncached_cpsr & CPSR_M) == mode) {
1959 return env->regs[13];
1961 return env->banked_r13[bank_number(mode)];
1965 uint32_t HELPER(v7m_mrs)(CPUState *env, uint32_t reg)
1969 return xpsr_read(env) & 0xf8000000;
1971 return xpsr_read(env) & 0xf80001ff;
1973 return xpsr_read(env) & 0xff00fc00;
1975 return xpsr_read(env) & 0xff00fdff;
1977 return xpsr_read(env) & 0x000001ff;
1979 return xpsr_read(env) & 0x0700fc00;
1981 return xpsr_read(env) & 0x0700edff;
1983 return env->v7m.current_sp ? env->v7m.other_sp : env->regs[13];
1985 return env->v7m.current_sp ? env->regs[13] : env->v7m.other_sp;
1986 case 16: /* PRIMASK */
1987 return (env->uncached_cpsr & CPSR_I) != 0;
1988 case 17: /* FAULTMASK */
1989 return (env->uncached_cpsr & CPSR_F) != 0;
1990 case 18: /* BASEPRI */
1991 case 19: /* BASEPRI_MAX */
1992 return env->v7m.basepri;
1993 case 20: /* CONTROL */
1994 return env->v7m.control;
1996 /* ??? For debugging only. */
1997 cpu_abort(env, "Unimplemented system register read (%d)\n", reg);
2002 void HELPER(v7m_msr)(CPUState *env, uint32_t reg, uint32_t val)
2006 xpsr_write(env, val, 0xf8000000);
2009 xpsr_write(env, val, 0xf8000000);
2012 xpsr_write(env, val, 0xfe00fc00);
2015 xpsr_write(env, val, 0xfe00fc00);
2018 /* IPSR bits are readonly. */
2021 xpsr_write(env, val, 0x0600fc00);
2024 xpsr_write(env, val, 0x0600fc00);
2027 if (env->v7m.current_sp)
2028 env->v7m.other_sp = val;
2030 env->regs[13] = val;
2033 if (env->v7m.current_sp)
2034 env->regs[13] = val;
2036 env->v7m.other_sp = val;
2038 case 16: /* PRIMASK */
2040 env->uncached_cpsr |= CPSR_I;
2042 env->uncached_cpsr &= ~CPSR_I;
2044 case 17: /* FAULTMASK */
2046 env->uncached_cpsr |= CPSR_F;
2048 env->uncached_cpsr &= ~CPSR_F;
2050 case 18: /* BASEPRI */
2051 env->v7m.basepri = val & 0xff;
2053 case 19: /* BASEPRI_MAX */
2055 if (val != 0 && (val < env->v7m.basepri || env->v7m.basepri == 0))
2056 env->v7m.basepri = val;
2058 case 20: /* CONTROL */
2059 env->v7m.control = val & 3;
2060 switch_v7m_sp(env, (val & 2) != 0);
2063 /* ??? For debugging only. */
2064 cpu_abort(env, "Unimplemented system register write (%d)\n", reg);
2069 void cpu_arm_set_cp_io(CPUARMState *env, int cpnum,
2070 ARMReadCPFunc *cp_read, ARMWriteCPFunc *cp_write,
2073 if (cpnum < 0 || cpnum > 14) {
2074 cpu_abort(env, "Bad coprocessor number: %i\n", cpnum);
2078 env->cp[cpnum].cp_read = cp_read;
2079 env->cp[cpnum].cp_write = cp_write;
2080 env->cp[cpnum].opaque = opaque;
2085 /* Note that signed overflow is undefined in C. The following routines are
2086 careful to use unsigned types where modulo arithmetic is required.
2087 Failure to do so _will_ break on newer gcc. */
2089 /* Signed saturating arithmetic. */
2091 /* Perform 16-bit signed saturating addition. */
2092 static inline uint16_t add16_sat(uint16_t a, uint16_t b)
2097 if (((res ^ a) & 0x8000) && !((a ^ b) & 0x8000)) {
2106 /* Perform 8-bit signed saturating addition. */
2107 static inline uint8_t add8_sat(uint8_t a, uint8_t b)
2112 if (((res ^ a) & 0x80) && !((a ^ b) & 0x80)) {
2121 /* Perform 16-bit signed saturating subtraction. */
2122 static inline uint16_t sub16_sat(uint16_t a, uint16_t b)
2127 if (((res ^ a) & 0x8000) && ((a ^ b) & 0x8000)) {
2136 /* Perform 8-bit signed saturating subtraction. */
2137 static inline uint8_t sub8_sat(uint8_t a, uint8_t b)
2142 if (((res ^ a) & 0x80) && ((a ^ b) & 0x80)) {
2151 #define ADD16(a, b, n) RESULT(add16_sat(a, b), n, 16);
2152 #define SUB16(a, b, n) RESULT(sub16_sat(a, b), n, 16);
2153 #define ADD8(a, b, n) RESULT(add8_sat(a, b), n, 8);
2154 #define SUB8(a, b, n) RESULT(sub8_sat(a, b), n, 8);
2157 #include "op_addsub.h"
2159 /* Unsigned saturating arithmetic. */
2160 static inline uint16_t add16_usat(uint16_t a, uint16_t b)
2169 static inline uint16_t sub16_usat(uint16_t a, uint16_t b)
2177 static inline uint8_t add8_usat(uint8_t a, uint8_t b)
2186 static inline uint8_t sub8_usat(uint8_t a, uint8_t b)
2194 #define ADD16(a, b, n) RESULT(add16_usat(a, b), n, 16);
2195 #define SUB16(a, b, n) RESULT(sub16_usat(a, b), n, 16);
2196 #define ADD8(a, b, n) RESULT(add8_usat(a, b), n, 8);
2197 #define SUB8(a, b, n) RESULT(sub8_usat(a, b), n, 8);
2200 #include "op_addsub.h"
2202 /* Signed modulo arithmetic. */
2203 #define SARITH16(a, b, n, op) do { \
2205 sum = (int32_t)(int16_t)(a) op (int32_t)(int16_t)(b); \
2206 RESULT(sum, n, 16); \
2208 ge |= 3 << (n * 2); \
2211 #define SARITH8(a, b, n, op) do { \
2213 sum = (int32_t)(int8_t)(a) op (int32_t)(int8_t)(b); \
2214 RESULT(sum, n, 8); \
2220 #define ADD16(a, b, n) SARITH16(a, b, n, +)
2221 #define SUB16(a, b, n) SARITH16(a, b, n, -)
2222 #define ADD8(a, b, n) SARITH8(a, b, n, +)
2223 #define SUB8(a, b, n) SARITH8(a, b, n, -)
2227 #include "op_addsub.h"
2229 /* Unsigned modulo arithmetic. */
2230 #define ADD16(a, b, n) do { \
2232 sum = (uint32_t)(uint16_t)(a) + (uint32_t)(uint16_t)(b); \
2233 RESULT(sum, n, 16); \
2234 if ((sum >> 16) == 1) \
2235 ge |= 3 << (n * 2); \
2238 #define ADD8(a, b, n) do { \
2240 sum = (uint32_t)(uint8_t)(a) + (uint32_t)(uint8_t)(b); \
2241 RESULT(sum, n, 8); \
2242 if ((sum >> 8) == 1) \
2246 #define SUB16(a, b, n) do { \
2248 sum = (uint32_t)(uint16_t)(a) - (uint32_t)(uint16_t)(b); \
2249 RESULT(sum, n, 16); \
2250 if ((sum >> 16) == 0) \
2251 ge |= 3 << (n * 2); \
2254 #define SUB8(a, b, n) do { \
2256 sum = (uint32_t)(uint8_t)(a) - (uint32_t)(uint8_t)(b); \
2257 RESULT(sum, n, 8); \
2258 if ((sum >> 8) == 0) \
2265 #include "op_addsub.h"
2267 /* Halved signed arithmetic. */
2268 #define ADD16(a, b, n) \
2269 RESULT(((int32_t)(int16_t)(a) + (int32_t)(int16_t)(b)) >> 1, n, 16)
2270 #define SUB16(a, b, n) \
2271 RESULT(((int32_t)(int16_t)(a) - (int32_t)(int16_t)(b)) >> 1, n, 16)
2272 #define ADD8(a, b, n) \
2273 RESULT(((int32_t)(int8_t)(a) + (int32_t)(int8_t)(b)) >> 1, n, 8)
2274 #define SUB8(a, b, n) \
2275 RESULT(((int32_t)(int8_t)(a) - (int32_t)(int8_t)(b)) >> 1, n, 8)
2278 #include "op_addsub.h"
2280 /* Halved unsigned arithmetic. */
2281 #define ADD16(a, b, n) \
2282 RESULT(((uint32_t)(uint16_t)(a) + (uint32_t)(uint16_t)(b)) >> 1, n, 16)
2283 #define SUB16(a, b, n) \
2284 RESULT(((uint32_t)(uint16_t)(a) - (uint32_t)(uint16_t)(b)) >> 1, n, 16)
2285 #define ADD8(a, b, n) \
2286 RESULT(((uint32_t)(uint8_t)(a) + (uint32_t)(uint8_t)(b)) >> 1, n, 8)
2287 #define SUB8(a, b, n) \
2288 RESULT(((uint32_t)(uint8_t)(a) - (uint32_t)(uint8_t)(b)) >> 1, n, 8)
2291 #include "op_addsub.h"
2293 static inline uint8_t do_usad(uint8_t a, uint8_t b)
2301 /* Unsigned sum of absolute byte differences. */
2302 uint32_t HELPER(usad8)(uint32_t a, uint32_t b)
2305 sum = do_usad(a, b);
2306 sum += do_usad(a >> 8, b >> 8);
2307 sum += do_usad(a >> 16, b >>16);
2308 sum += do_usad(a >> 24, b >> 24);
2312 /* For ARMv6 SEL instruction. */
2313 uint32_t HELPER(sel_flags)(uint32_t flags, uint32_t a, uint32_t b)
2326 return (a & mask) | (b & ~mask);
2329 uint32_t HELPER(logicq_cc)(uint64_t val)
2331 return (val >> 32) | (val != 0);
2334 /* VFP support. We follow the convention used for VFP instrunctions:
2335 Single precition routines have a "s" suffix, double precision a
2338 /* Convert host exception flags to vfp form. */
2339 static inline int vfp_exceptbits_from_host(int host_bits)
2341 int target_bits = 0;
2343 if (host_bits & float_flag_invalid)
2345 if (host_bits & float_flag_divbyzero)
2347 if (host_bits & float_flag_overflow)
2349 if (host_bits & float_flag_underflow)
2351 if (host_bits & float_flag_inexact)
2352 target_bits |= 0x10;
2353 if (host_bits & float_flag_input_denormal)
2354 target_bits |= 0x80;
2358 uint32_t HELPER(vfp_get_fpscr)(CPUState *env)
2363 fpscr = (env->vfp.xregs[ARM_VFP_FPSCR] & 0xffc8ffff)
2364 | (env->vfp.vec_len << 16)
2365 | (env->vfp.vec_stride << 20);
2366 i = get_float_exception_flags(&env->vfp.fp_status);
2367 i |= get_float_exception_flags(&env->vfp.standard_fp_status);
2368 fpscr |= vfp_exceptbits_from_host(i);
2372 uint32_t vfp_get_fpscr(CPUState *env)
2374 return HELPER(vfp_get_fpscr)(env);
2377 /* Convert vfp exception flags to target form. */
2378 static inline int vfp_exceptbits_to_host(int target_bits)
2382 if (target_bits & 1)
2383 host_bits |= float_flag_invalid;
2384 if (target_bits & 2)
2385 host_bits |= float_flag_divbyzero;
2386 if (target_bits & 4)
2387 host_bits |= float_flag_overflow;
2388 if (target_bits & 8)
2389 host_bits |= float_flag_underflow;
2390 if (target_bits & 0x10)
2391 host_bits |= float_flag_inexact;
2392 if (target_bits & 0x80)
2393 host_bits |= float_flag_input_denormal;
2397 void HELPER(vfp_set_fpscr)(CPUState *env, uint32_t val)
2402 changed = env->vfp.xregs[ARM_VFP_FPSCR];
2403 env->vfp.xregs[ARM_VFP_FPSCR] = (val & 0xffc8ffff);
2404 env->vfp.vec_len = (val >> 16) & 7;
2405 env->vfp.vec_stride = (val >> 20) & 3;
2408 if (changed & (3 << 22)) {
2409 i = (val >> 22) & 3;
2412 i = float_round_nearest_even;
2418 i = float_round_down;
2421 i = float_round_to_zero;
2424 set_float_rounding_mode(i, &env->vfp.fp_status);
2426 if (changed & (1 << 24)) {
2427 set_flush_to_zero((val & (1 << 24)) != 0, &env->vfp.fp_status);
2428 set_flush_inputs_to_zero((val & (1 << 24)) != 0, &env->vfp.fp_status);
2430 if (changed & (1 << 25))
2431 set_default_nan_mode((val & (1 << 25)) != 0, &env->vfp.fp_status);
2433 i = vfp_exceptbits_to_host(val);
2434 set_float_exception_flags(i, &env->vfp.fp_status);
2435 set_float_exception_flags(0, &env->vfp.standard_fp_status);
2438 void vfp_set_fpscr(CPUState *env, uint32_t val)
2440 HELPER(vfp_set_fpscr)(env, val);
2443 #define VFP_HELPER(name, p) HELPER(glue(glue(vfp_,name),p))
2445 #define VFP_BINOP(name) \
2446 float32 VFP_HELPER(name, s)(float32 a, float32 b, CPUState *env) \
2448 return float32_ ## name (a, b, &env->vfp.fp_status); \
2450 float64 VFP_HELPER(name, d)(float64 a, float64 b, CPUState *env) \
2452 return float64_ ## name (a, b, &env->vfp.fp_status); \
2460 float32 VFP_HELPER(neg, s)(float32 a)
2462 return float32_chs(a);
2465 float64 VFP_HELPER(neg, d)(float64 a)
2467 return float64_chs(a);
2470 float32 VFP_HELPER(abs, s)(float32 a)
2472 return float32_abs(a);
2475 float64 VFP_HELPER(abs, d)(float64 a)
2477 return float64_abs(a);
2480 float32 VFP_HELPER(sqrt, s)(float32 a, CPUState *env)
2482 return float32_sqrt(a, &env->vfp.fp_status);
2485 float64 VFP_HELPER(sqrt, d)(float64 a, CPUState *env)
2487 return float64_sqrt(a, &env->vfp.fp_status);
2490 /* XXX: check quiet/signaling case */
2491 #define DO_VFP_cmp(p, type) \
2492 void VFP_HELPER(cmp, p)(type a, type b, CPUState *env) \
2495 switch(type ## _compare_quiet(a, b, &env->vfp.fp_status)) { \
2496 case 0: flags = 0x6; break; \
2497 case -1: flags = 0x8; break; \
2498 case 1: flags = 0x2; break; \
2499 default: case 2: flags = 0x3; break; \
2501 env->vfp.xregs[ARM_VFP_FPSCR] = (flags << 28) \
2502 | (env->vfp.xregs[ARM_VFP_FPSCR] & 0x0fffffff); \
2504 void VFP_HELPER(cmpe, p)(type a, type b, CPUState *env) \
2507 switch(type ## _compare(a, b, &env->vfp.fp_status)) { \
2508 case 0: flags = 0x6; break; \
2509 case -1: flags = 0x8; break; \
2510 case 1: flags = 0x2; break; \
2511 default: case 2: flags = 0x3; break; \
2513 env->vfp.xregs[ARM_VFP_FPSCR] = (flags << 28) \
2514 | (env->vfp.xregs[ARM_VFP_FPSCR] & 0x0fffffff); \
2516 DO_VFP_cmp(s, float32)
2517 DO_VFP_cmp(d, float64)
2520 /* Integer to float conversion. */
2521 float32 VFP_HELPER(uito, s)(uint32_t x, CPUState *env)
2523 return uint32_to_float32(x, &env->vfp.fp_status);
2526 float64 VFP_HELPER(uito, d)(uint32_t x, CPUState *env)
2528 return uint32_to_float64(x, &env->vfp.fp_status);
2531 float32 VFP_HELPER(sito, s)(uint32_t x, CPUState *env)
2533 return int32_to_float32(x, &env->vfp.fp_status);
2536 float64 VFP_HELPER(sito, d)(uint32_t x, CPUState *env)
2538 return int32_to_float64(x, &env->vfp.fp_status);
2541 /* Float to integer conversion. */
2542 uint32_t VFP_HELPER(toui, s)(float32 x, CPUState *env)
2544 if (float32_is_any_nan(x)) {
2547 return float32_to_uint32(x, &env->vfp.fp_status);
2550 uint32_t VFP_HELPER(toui, d)(float64 x, CPUState *env)
2552 if (float64_is_any_nan(x)) {
2555 return float64_to_uint32(x, &env->vfp.fp_status);
2558 uint32_t VFP_HELPER(tosi, s)(float32 x, CPUState *env)
2560 if (float32_is_any_nan(x)) {
2563 return float32_to_int32(x, &env->vfp.fp_status);
2566 uint32_t VFP_HELPER(tosi, d)(float64 x, CPUState *env)
2568 if (float64_is_any_nan(x)) {
2571 return float64_to_int32(x, &env->vfp.fp_status);
2574 uint32_t VFP_HELPER(touiz, s)(float32 x, CPUState *env)
2576 if (float32_is_any_nan(x)) {
2579 return float32_to_uint32_round_to_zero(x, &env->vfp.fp_status);
2582 uint32_t VFP_HELPER(touiz, d)(float64 x, CPUState *env)
2584 if (float64_is_any_nan(x)) {
2587 return float64_to_uint32_round_to_zero(x, &env->vfp.fp_status);
2590 uint32_t VFP_HELPER(tosiz, s)(float32 x, CPUState *env)
2592 if (float32_is_any_nan(x)) {
2595 return float32_to_int32_round_to_zero(x, &env->vfp.fp_status);
2598 uint32_t VFP_HELPER(tosiz, d)(float64 x, CPUState *env)
2600 if (float64_is_any_nan(x)) {
2603 return float64_to_int32_round_to_zero(x, &env->vfp.fp_status);
2606 /* floating point conversion */
2607 float64 VFP_HELPER(fcvtd, s)(float32 x, CPUState *env)
2609 float64 r = float32_to_float64(x, &env->vfp.fp_status);
2610 /* ARM requires that S<->D conversion of any kind of NaN generates
2611 * a quiet NaN by forcing the most significant frac bit to 1.
2613 return float64_maybe_silence_nan(r);
2616 float32 VFP_HELPER(fcvts, d)(float64 x, CPUState *env)
2618 float32 r = float64_to_float32(x, &env->vfp.fp_status);
2619 /* ARM requires that S<->D conversion of any kind of NaN generates
2620 * a quiet NaN by forcing the most significant frac bit to 1.
2622 return float32_maybe_silence_nan(r);
2625 /* VFP3 fixed point conversion. */
2626 #define VFP_CONV_FIX(name, p, fsz, itype, sign) \
2627 float##fsz VFP_HELPER(name##to, p)(uint##fsz##_t x, uint32_t shift, \
2631 tmp = sign##int32_to_##float##fsz ((itype##_t)x, &env->vfp.fp_status); \
2632 return float##fsz##_scalbn(tmp, -(int)shift, &env->vfp.fp_status); \
2634 uint##fsz##_t VFP_HELPER(to##name, p)(float##fsz x, uint32_t shift, \
2638 if (float##fsz##_is_any_nan(x)) { \
2641 tmp = float##fsz##_scalbn(x, shift, &env->vfp.fp_status); \
2642 return float##fsz##_to_##itype##_round_to_zero(tmp, &env->vfp.fp_status); \
2645 VFP_CONV_FIX(sh, d, 64, int16, )
2646 VFP_CONV_FIX(sl, d, 64, int32, )
2647 VFP_CONV_FIX(uh, d, 64, uint16, u)
2648 VFP_CONV_FIX(ul, d, 64, uint32, u)
2649 VFP_CONV_FIX(sh, s, 32, int16, )
2650 VFP_CONV_FIX(sl, s, 32, int32, )
2651 VFP_CONV_FIX(uh, s, 32, uint16, u)
2652 VFP_CONV_FIX(ul, s, 32, uint32, u)
2655 /* Half precision conversions. */
2656 static float32 do_fcvt_f16_to_f32(uint32_t a, CPUState *env, float_status *s)
2658 int ieee = (env->vfp.xregs[ARM_VFP_FPSCR] & (1 << 26)) == 0;
2659 float32 r = float16_to_float32(make_float16(a), ieee, s);
2661 return float32_maybe_silence_nan(r);
2666 static uint32_t do_fcvt_f32_to_f16(float32 a, CPUState *env, float_status *s)
2668 int ieee = (env->vfp.xregs[ARM_VFP_FPSCR] & (1 << 26)) == 0;
2669 float16 r = float32_to_float16(a, ieee, s);
2671 r = float16_maybe_silence_nan(r);
2673 return float16_val(r);
2676 float32 HELPER(neon_fcvt_f16_to_f32)(uint32_t a, CPUState *env)
2678 return do_fcvt_f16_to_f32(a, env, &env->vfp.standard_fp_status);
2681 uint32_t HELPER(neon_fcvt_f32_to_f16)(float32 a, CPUState *env)
2683 return do_fcvt_f32_to_f16(a, env, &env->vfp.standard_fp_status);
2686 float32 HELPER(vfp_fcvt_f16_to_f32)(uint32_t a, CPUState *env)
2688 return do_fcvt_f16_to_f32(a, env, &env->vfp.fp_status);
2691 uint32_t HELPER(vfp_fcvt_f32_to_f16)(float32 a, CPUState *env)
2693 return do_fcvt_f32_to_f16(a, env, &env->vfp.fp_status);
2696 #define float32_two make_float32(0x40000000)
2697 #define float32_three make_float32(0x40400000)
2698 #define float32_one_point_five make_float32(0x3fc00000)
2700 float32 HELPER(recps_f32)(float32 a, float32 b, CPUState *env)
2702 float_status *s = &env->vfp.standard_fp_status;
2703 if ((float32_is_infinity(a) && float32_is_zero_or_denormal(b)) ||
2704 (float32_is_infinity(b) && float32_is_zero_or_denormal(a))) {
2707 return float32_sub(float32_two, float32_mul(a, b, s), s);
2710 float32 HELPER(rsqrts_f32)(float32 a, float32 b, CPUState *env)
2712 float_status *s = &env->vfp.standard_fp_status;
2714 if ((float32_is_infinity(a) && float32_is_zero_or_denormal(b)) ||
2715 (float32_is_infinity(b) && float32_is_zero_or_denormal(a))) {
2716 return float32_one_point_five;
2718 product = float32_mul(a, b, s);
2719 return float32_div(float32_sub(float32_three, product, s), float32_two, s);
2724 /* Constants 256 and 512 are used in some helpers; we avoid relying on
2725 * int->float conversions at run-time. */
2726 #define float64_256 make_float64(0x4070000000000000LL)
2727 #define float64_512 make_float64(0x4080000000000000LL)
2729 /* The algorithm that must be used to calculate the estimate
2730 * is specified by the ARM ARM.
2732 static float64 recip_estimate(float64 a, CPUState *env)
2734 float_status *s = &env->vfp.standard_fp_status;
2735 /* q = (int)(a * 512.0) */
2736 float64 q = float64_mul(float64_512, a, s);
2737 int64_t q_int = float64_to_int64_round_to_zero(q, s);
2739 /* r = 1.0 / (((double)q + 0.5) / 512.0) */
2740 q = int64_to_float64(q_int, s);
2741 q = float64_add(q, float64_half, s);
2742 q = float64_div(q, float64_512, s);
2743 q = float64_div(float64_one, q, s);
2745 /* s = (int)(256.0 * r + 0.5) */
2746 q = float64_mul(q, float64_256, s);
2747 q = float64_add(q, float64_half, s);
2748 q_int = float64_to_int64_round_to_zero(q, s);
2750 /* return (double)s / 256.0 */
2751 return float64_div(int64_to_float64(q_int, s), float64_256, s);
2754 float32 HELPER(recpe_f32)(float32 a, CPUState *env)
2756 float_status *s = &env->vfp.standard_fp_status;
2758 uint32_t val32 = float32_val(a);
2761 int a_exp = (val32 & 0x7f800000) >> 23;
2762 int sign = val32 & 0x80000000;
2764 if (float32_is_any_nan(a)) {
2765 if (float32_is_signaling_nan(a)) {
2766 float_raise(float_flag_invalid, s);
2768 return float32_default_nan;
2769 } else if (float32_is_infinity(a)) {
2770 return float32_set_sign(float32_zero, float32_is_neg(a));
2771 } else if (float32_is_zero_or_denormal(a)) {
2772 float_raise(float_flag_divbyzero, s);
2773 return float32_set_sign(float32_infinity, float32_is_neg(a));
2774 } else if (a_exp >= 253) {
2775 float_raise(float_flag_underflow, s);
2776 return float32_set_sign(float32_zero, float32_is_neg(a));
2779 f64 = make_float64((0x3feULL << 52)
2780 | ((int64_t)(val32 & 0x7fffff) << 29));
2782 result_exp = 253 - a_exp;
2784 f64 = recip_estimate(f64, env);
2787 | ((result_exp & 0xff) << 23)
2788 | ((float64_val(f64) >> 29) & 0x7fffff);
2789 return make_float32(val32);
2792 /* The algorithm that must be used to calculate the estimate
2793 * is specified by the ARM ARM.
2795 static float64 recip_sqrt_estimate(float64 a, CPUState *env)
2797 float_status *s = &env->vfp.standard_fp_status;
2801 if (float64_lt(a, float64_half, s)) {
2802 /* range 0.25 <= a < 0.5 */
2804 /* a in units of 1/512 rounded down */
2805 /* q0 = (int)(a * 512.0); */
2806 q = float64_mul(float64_512, a, s);
2807 q_int = float64_to_int64_round_to_zero(q, s);
2809 /* reciprocal root r */
2810 /* r = 1.0 / sqrt(((double)q0 + 0.5) / 512.0); */
2811 q = int64_to_float64(q_int, s);
2812 q = float64_add(q, float64_half, s);
2813 q = float64_div(q, float64_512, s);
2814 q = float64_sqrt(q, s);
2815 q = float64_div(float64_one, q, s);
2817 /* range 0.5 <= a < 1.0 */
2819 /* a in units of 1/256 rounded down */
2820 /* q1 = (int)(a * 256.0); */
2821 q = float64_mul(float64_256, a, s);
2822 int64_t q_int = float64_to_int64_round_to_zero(q, s);
2824 /* reciprocal root r */
2825 /* r = 1.0 /sqrt(((double)q1 + 0.5) / 256); */
2826 q = int64_to_float64(q_int, s);
2827 q = float64_add(q, float64_half, s);
2828 q = float64_div(q, float64_256, s);
2829 q = float64_sqrt(q, s);
2830 q = float64_div(float64_one, q, s);
2832 /* r in units of 1/256 rounded to nearest */
2833 /* s = (int)(256.0 * r + 0.5); */
2835 q = float64_mul(q, float64_256,s );
2836 q = float64_add(q, float64_half, s);
2837 q_int = float64_to_int64_round_to_zero(q, s);
2839 /* return (double)s / 256.0;*/
2840 return float64_div(int64_to_float64(q_int, s), float64_256, s);
2843 float32 HELPER(rsqrte_f32)(float32 a, CPUState *env)
2845 float_status *s = &env->vfp.standard_fp_status;
2851 val = float32_val(a);
2853 if (float32_is_any_nan(a)) {
2854 if (float32_is_signaling_nan(a)) {
2855 float_raise(float_flag_invalid, s);
2857 return float32_default_nan;
2858 } else if (float32_is_zero_or_denormal(a)) {
2859 float_raise(float_flag_divbyzero, s);
2860 return float32_set_sign(float32_infinity, float32_is_neg(a));
2861 } else if (float32_is_neg(a)) {
2862 float_raise(float_flag_invalid, s);
2863 return float32_default_nan;
2864 } else if (float32_is_infinity(a)) {
2865 return float32_zero;
2868 /* Normalize to a double-precision value between 0.25 and 1.0,
2869 * preserving the parity of the exponent. */
2870 if ((val & 0x800000) == 0) {
2871 f64 = make_float64(((uint64_t)(val & 0x80000000) << 32)
2873 | ((uint64_t)(val & 0x7fffff) << 29));
2875 f64 = make_float64(((uint64_t)(val & 0x80000000) << 32)
2877 | ((uint64_t)(val & 0x7fffff) << 29));
2880 result_exp = (380 - ((val & 0x7f800000) >> 23)) / 2;
2882 f64 = recip_sqrt_estimate(f64, env);
2884 val64 = float64_val(f64);
2886 val = ((val64 >> 63) & 0x80000000)
2887 | ((result_exp & 0xff) << 23)
2888 | ((val64 >> 29) & 0x7fffff);
2889 return make_float32(val);
2892 uint32_t HELPER(recpe_u32)(uint32_t a, CPUState *env)
2896 if ((a & 0x80000000) == 0) {
2900 f64 = make_float64((0x3feULL << 52)
2901 | ((int64_t)(a & 0x7fffffff) << 21));
2903 f64 = recip_estimate (f64, env);
2905 return 0x80000000 | ((float64_val(f64) >> 21) & 0x7fffffff);
2908 uint32_t HELPER(rsqrte_u32)(uint32_t a, CPUState *env)
2912 if ((a & 0xc0000000) == 0) {
2916 if (a & 0x80000000) {
2917 f64 = make_float64((0x3feULL << 52)
2918 | ((uint64_t)(a & 0x7fffffff) << 21));
2919 } else { /* bits 31-30 == '01' */
2920 f64 = make_float64((0x3fdULL << 52)
2921 | ((uint64_t)(a & 0x3fffffff) << 22));
2924 f64 = recip_sqrt_estimate(f64, env);
2926 return 0x80000000 | ((float64_val(f64) >> 21) & 0x7fffffff);
2929 void HELPER(set_teecr)(CPUState *env, uint32_t val)
2932 if (env->teecr != val) {
projects / qemu.git / blob