4 #include "host-utils.h"
7 static int vfp_gdb_get_reg(CPUARMState *env, uint8_t *buf, int reg)
11 /* VFP data registers are always little-endian. */
12 nregs = arm_feature(env, ARM_FEATURE_VFP3) ? 32 : 16;
14 stfq_le_p(buf, env->vfp.regs[reg]);
17 if (arm_feature(env, ARM_FEATURE_NEON)) {
18 /* Aliases for Q regs. */
21 stfq_le_p(buf, env->vfp.regs[(reg - 32) * 2]);
22 stfq_le_p(buf + 8, env->vfp.regs[(reg - 32) * 2 + 1]);
26 switch (reg - nregs) {
27 case 0: stl_p(buf, env->vfp.xregs[ARM_VFP_FPSID]); return 4;
28 case 1: stl_p(buf, env->vfp.xregs[ARM_VFP_FPSCR]); return 4;
29 case 2: stl_p(buf, env->vfp.xregs[ARM_VFP_FPEXC]); return 4;
34 static int vfp_gdb_set_reg(CPUARMState *env, uint8_t *buf, int reg)
38 nregs = arm_feature(env, ARM_FEATURE_VFP3) ? 32 : 16;
40 env->vfp.regs[reg] = ldfq_le_p(buf);
43 if (arm_feature(env, ARM_FEATURE_NEON)) {
46 env->vfp.regs[(reg - 32) * 2] = ldfq_le_p(buf);
47 env->vfp.regs[(reg - 32) * 2 + 1] = ldfq_le_p(buf + 8);
51 switch (reg - nregs) {
52 case 0: env->vfp.xregs[ARM_VFP_FPSID] = ldl_p(buf); return 4;
53 case 1: env->vfp.xregs[ARM_VFP_FPSCR] = ldl_p(buf); return 4;
54 case 2: env->vfp.xregs[ARM_VFP_FPEXC] = ldl_p(buf) & (1 << 30); return 4;
59 ARMCPU *cpu_arm_init(const char *cpu_model)
63 static int inited = 0;
65 if (!object_class_by_name(cpu_model)) {
68 cpu = ARM_CPU(object_new(cpu_model));
70 env->cpu_model_str = cpu_model;
73 if (tcg_enabled() && !inited) {
79 if (arm_feature(env, ARM_FEATURE_NEON)) {
80 gdb_register_coprocessor(env, vfp_gdb_get_reg, vfp_gdb_set_reg,
81 51, "arm-neon.xml", 0);
82 } else if (arm_feature(env, ARM_FEATURE_VFP3)) {
83 gdb_register_coprocessor(env, vfp_gdb_get_reg, vfp_gdb_set_reg,
84 35, "arm-vfp3.xml", 0);
85 } else if (arm_feature(env, ARM_FEATURE_VFP)) {
86 gdb_register_coprocessor(env, vfp_gdb_get_reg, vfp_gdb_set_reg,
87 19, "arm-vfp.xml", 0);
93 typedef struct ARMCPUListState {
94 fprintf_function cpu_fprintf;
98 /* Sort alphabetically by type name, except for "any". */
99 static gint arm_cpu_list_compare(gconstpointer a, gconstpointer b)
101 ObjectClass *class_a = (ObjectClass *)a;
102 ObjectClass *class_b = (ObjectClass *)b;
103 const char *name_a, *name_b;
105 name_a = object_class_get_name(class_a);
106 name_b = object_class_get_name(class_b);
107 if (strcmp(name_a, "any") == 0) {
109 } else if (strcmp(name_b, "any") == 0) {
112 return strcmp(name_a, name_b);
116 static void arm_cpu_list_entry(gpointer data, gpointer user_data)
118 ObjectClass *oc = data;
119 ARMCPUListState *s = user_data;
121 (*s->cpu_fprintf)(s->file, " %s\n",
122 object_class_get_name(oc));
125 void arm_cpu_list(FILE *f, fprintf_function cpu_fprintf)
127 ARMCPUListState s = {
129 .cpu_fprintf = cpu_fprintf,
133 list = object_class_get_list(TYPE_ARM_CPU, false);
134 list = g_slist_sort(list, arm_cpu_list_compare);
135 (*cpu_fprintf)(f, "Available CPUs:\n");
136 g_slist_foreach(list, arm_cpu_list_entry, &s);
140 void define_one_arm_cp_reg_with_opaque(ARMCPU *cpu,
141 const ARMCPRegInfo *r, void *opaque)
143 /* Define implementations of coprocessor registers.
144 * We store these in a hashtable because typically
145 * there are less than 150 registers in a space which
146 * is 16*16*16*8*8 = 262144 in size.
147 * Wildcarding is supported for the crm, opc1 and opc2 fields.
148 * If a register is defined twice then the second definition is
149 * used, so this can be used to define some generic registers and
150 * then override them with implementation specific variations.
151 * At least one of the original and the second definition should
152 * include ARM_CP_OVERRIDE in its type bits -- this is just a guard
153 * against accidental use.
156 int crmmin = (r->crm == CP_ANY) ? 0 : r->crm;
157 int crmmax = (r->crm == CP_ANY) ? 15 : r->crm;
158 int opc1min = (r->opc1 == CP_ANY) ? 0 : r->opc1;
159 int opc1max = (r->opc1 == CP_ANY) ? 7 : r->opc1;
160 int opc2min = (r->opc2 == CP_ANY) ? 0 : r->opc2;
161 int opc2max = (r->opc2 == CP_ANY) ? 7 : r->opc2;
162 /* 64 bit registers have only CRm and Opc1 fields */
163 assert(!((r->type & ARM_CP_64BIT) && (r->opc2 || r->crn)));
164 /* Check that the register definition has enough info to handle
165 * reads and writes if they are permitted.
167 if (!(r->type & (ARM_CP_SPECIAL|ARM_CP_CONST))) {
168 if (r->access & PL3_R) {
169 assert(r->fieldoffset || r->readfn);
171 if (r->access & PL3_W) {
172 assert(r->fieldoffset || r->writefn);
175 /* Bad type field probably means missing sentinel at end of reg list */
176 assert(cptype_valid(r->type));
177 for (crm = crmmin; crm <= crmmax; crm++) {
178 for (opc1 = opc1min; opc1 <= opc1max; opc1++) {
179 for (opc2 = opc2min; opc2 <= opc2max; opc2++) {
180 uint32_t *key = g_new(uint32_t, 1);
181 ARMCPRegInfo *r2 = g_memdup(r, sizeof(ARMCPRegInfo));
182 int is64 = (r->type & ARM_CP_64BIT) ? 1 : 0;
183 *key = ENCODE_CP_REG(r->cp, is64, r->crn, crm, opc1, opc2);
185 /* Make sure reginfo passed to helpers for wildcarded regs
186 * has the correct crm/opc1/opc2 for this reg, not CP_ANY:
191 /* Overriding of an existing definition must be explicitly
194 if (!(r->type & ARM_CP_OVERRIDE)) {
195 ARMCPRegInfo *oldreg;
196 oldreg = g_hash_table_lookup(cpu->cp_regs, key);
197 if (oldreg && !(oldreg->type & ARM_CP_OVERRIDE)) {
198 fprintf(stderr, "Register redefined: cp=%d %d bit "
199 "crn=%d crm=%d opc1=%d opc2=%d, "
200 "was %s, now %s\n", r2->cp, 32 + 32 * is64,
201 r2->crn, r2->crm, r2->opc1, r2->opc2,
202 oldreg->name, r2->name);
206 g_hash_table_insert(cpu->cp_regs, key, r2);
212 void define_arm_cp_regs_with_opaque(ARMCPU *cpu,
213 const ARMCPRegInfo *regs, void *opaque)
215 /* Define a whole list of registers */
216 const ARMCPRegInfo *r;
217 for (r = regs; r->type != ARM_CP_SENTINEL; r++) {
218 define_one_arm_cp_reg_with_opaque(cpu, r, opaque);
222 const ARMCPRegInfo *get_arm_cp_reginfo(ARMCPU *cpu, uint32_t encoded_cp)
224 return g_hash_table_lookup(cpu->cp_regs, &encoded_cp);
227 int arm_cp_write_ignore(CPUARMState *env, const ARMCPRegInfo *ri,
230 /* Helper coprocessor write function for write-ignore registers */
234 int arm_cp_read_zero(CPUARMState *env, const ARMCPRegInfo *ri, uint64_t *value)
236 /* Helper coprocessor write function for read-as-zero registers */
241 static int bad_mode_switch(CPUARMState *env, int mode)
243 /* Return true if it is not valid for us to switch to
244 * this CPU mode (ie all the UNPREDICTABLE cases in
245 * the ARM ARM CPSRWriteByInstr pseudocode).
248 case ARM_CPU_MODE_USR:
249 case ARM_CPU_MODE_SYS:
250 case ARM_CPU_MODE_SVC:
251 case ARM_CPU_MODE_ABT:
252 case ARM_CPU_MODE_UND:
253 case ARM_CPU_MODE_IRQ:
254 case ARM_CPU_MODE_FIQ:
261 uint32_t cpsr_read(CPUARMState *env)
265 return env->uncached_cpsr | (env->NF & 0x80000000) | (ZF << 30) |
266 (env->CF << 29) | ((env->VF & 0x80000000) >> 3) | (env->QF << 27)
267 | (env->thumb << 5) | ((env->condexec_bits & 3) << 25)
268 | ((env->condexec_bits & 0xfc) << 8)
272 void cpsr_write(CPUARMState *env, uint32_t val, uint32_t mask)
274 if (mask & CPSR_NZCV) {
275 env->ZF = (~val) & CPSR_Z;
277 env->CF = (val >> 29) & 1;
278 env->VF = (val << 3) & 0x80000000;
281 env->QF = ((val & CPSR_Q) != 0);
283 env->thumb = ((val & CPSR_T) != 0);
284 if (mask & CPSR_IT_0_1) {
285 env->condexec_bits &= ~3;
286 env->condexec_bits |= (val >> 25) & 3;
288 if (mask & CPSR_IT_2_7) {
289 env->condexec_bits &= 3;
290 env->condexec_bits |= (val >> 8) & 0xfc;
292 if (mask & CPSR_GE) {
293 env->GE = (val >> 16) & 0xf;
296 if ((env->uncached_cpsr ^ val) & mask & CPSR_M) {
297 if (bad_mode_switch(env, val & CPSR_M)) {
298 /* Attempt to switch to an invalid mode: this is UNPREDICTABLE.
299 * We choose to ignore the attempt and leave the CPSR M field
304 switch_mode(env, val & CPSR_M);
307 mask &= ~CACHED_CPSR_BITS;
308 env->uncached_cpsr = (env->uncached_cpsr & ~mask) | (val & mask);
311 /* Sign/zero extend */
312 uint32_t HELPER(sxtb16)(uint32_t x)
315 res = (uint16_t)(int8_t)x;
316 res |= (uint32_t)(int8_t)(x >> 16) << 16;
320 uint32_t HELPER(uxtb16)(uint32_t x)
323 res = (uint16_t)(uint8_t)x;
324 res |= (uint32_t)(uint8_t)(x >> 16) << 16;
328 uint32_t HELPER(clz)(uint32_t x)
333 int32_t HELPER(sdiv)(int32_t num, int32_t den)
337 if (num == INT_MIN && den == -1)
342 uint32_t HELPER(udiv)(uint32_t num, uint32_t den)
349 uint32_t HELPER(rbit)(uint32_t x)
351 x = ((x & 0xff000000) >> 24)
352 | ((x & 0x00ff0000) >> 8)
353 | ((x & 0x0000ff00) << 8)
354 | ((x & 0x000000ff) << 24);
355 x = ((x & 0xf0f0f0f0) >> 4)
356 | ((x & 0x0f0f0f0f) << 4);
357 x = ((x & 0x88888888) >> 3)
358 | ((x & 0x44444444) >> 1)
359 | ((x & 0x22222222) << 1)
360 | ((x & 0x11111111) << 3);
364 uint32_t HELPER(abs)(uint32_t x)
366 return ((int32_t)x < 0) ? -x : x;
369 #if defined(CONFIG_USER_ONLY)
371 void do_interrupt (CPUARMState *env)
373 env->exception_index = -1;
376 int cpu_arm_handle_mmu_fault (CPUARMState *env, target_ulong address, int rw,
380 env->exception_index = EXCP_PREFETCH_ABORT;
381 env->cp15.c6_insn = address;
383 env->exception_index = EXCP_DATA_ABORT;
384 env->cp15.c6_data = address;
389 void HELPER(set_cp15)(CPUARMState *env, uint32_t insn, uint32_t val)
391 cpu_abort(env, "cp15 insn %08x\n", insn);
394 uint32_t HELPER(get_cp15)(CPUARMState *env, uint32_t insn)
396 cpu_abort(env, "cp15 insn %08x\n", insn);
399 /* These should probably raise undefined insn exceptions. */
400 void HELPER(v7m_msr)(CPUARMState *env, uint32_t reg, uint32_t val)
402 cpu_abort(env, "v7m_mrs %d\n", reg);
405 uint32_t HELPER(v7m_mrs)(CPUARMState *env, uint32_t reg)
407 cpu_abort(env, "v7m_mrs %d\n", reg);
411 void switch_mode(CPUARMState *env, int mode)
413 if (mode != ARM_CPU_MODE_USR)
414 cpu_abort(env, "Tried to switch out of user mode\n");
417 void HELPER(set_r13_banked)(CPUARMState *env, uint32_t mode, uint32_t val)
419 cpu_abort(env, "banked r13 write\n");
422 uint32_t HELPER(get_r13_banked)(CPUARMState *env, uint32_t mode)
424 cpu_abort(env, "banked r13 read\n");
430 /* Map CPU modes onto saved register banks. */
431 static inline int bank_number(CPUARMState *env, int mode)
434 case ARM_CPU_MODE_USR:
435 case ARM_CPU_MODE_SYS:
437 case ARM_CPU_MODE_SVC:
439 case ARM_CPU_MODE_ABT:
441 case ARM_CPU_MODE_UND:
443 case ARM_CPU_MODE_IRQ:
445 case ARM_CPU_MODE_FIQ:
448 cpu_abort(env, "Bad mode %x\n", mode);
452 void switch_mode(CPUARMState *env, int mode)
457 old_mode = env->uncached_cpsr & CPSR_M;
458 if (mode == old_mode)
461 if (old_mode == ARM_CPU_MODE_FIQ) {
462 memcpy (env->fiq_regs, env->regs + 8, 5 * sizeof(uint32_t));
463 memcpy (env->regs + 8, env->usr_regs, 5 * sizeof(uint32_t));
464 } else if (mode == ARM_CPU_MODE_FIQ) {
465 memcpy (env->usr_regs, env->regs + 8, 5 * sizeof(uint32_t));
466 memcpy (env->regs + 8, env->fiq_regs, 5 * sizeof(uint32_t));
469 i = bank_number(env, old_mode);
470 env->banked_r13[i] = env->regs[13];
471 env->banked_r14[i] = env->regs[14];
472 env->banked_spsr[i] = env->spsr;
474 i = bank_number(env, mode);
475 env->regs[13] = env->banked_r13[i];
476 env->regs[14] = env->banked_r14[i];
477 env->spsr = env->banked_spsr[i];
480 static void v7m_push(CPUARMState *env, uint32_t val)
483 stl_phys(env->regs[13], val);
486 static uint32_t v7m_pop(CPUARMState *env)
489 val = ldl_phys(env->regs[13]);
494 /* Switch to V7M main or process stack pointer. */
495 static void switch_v7m_sp(CPUARMState *env, int process)
498 if (env->v7m.current_sp != process) {
499 tmp = env->v7m.other_sp;
500 env->v7m.other_sp = env->regs[13];
502 env->v7m.current_sp = process;
506 static void do_v7m_exception_exit(CPUARMState *env)
511 type = env->regs[15];
512 if (env->v7m.exception != 0)
513 armv7m_nvic_complete_irq(env->nvic, env->v7m.exception);
515 /* Switch to the target stack. */
516 switch_v7m_sp(env, (type & 4) != 0);
518 env->regs[0] = v7m_pop(env);
519 env->regs[1] = v7m_pop(env);
520 env->regs[2] = v7m_pop(env);
521 env->regs[3] = v7m_pop(env);
522 env->regs[12] = v7m_pop(env);
523 env->regs[14] = v7m_pop(env);
524 env->regs[15] = v7m_pop(env);
526 xpsr_write(env, xpsr, 0xfffffdff);
527 /* Undo stack alignment. */
530 /* ??? The exception return type specifies Thread/Handler mode. However
531 this is also implied by the xPSR value. Not sure what to do
532 if there is a mismatch. */
533 /* ??? Likewise for mismatches between the CONTROL register and the stack
537 static void do_interrupt_v7m(CPUARMState *env)
539 uint32_t xpsr = xpsr_read(env);
544 if (env->v7m.current_sp)
546 if (env->v7m.exception == 0)
549 /* For exceptions we just mark as pending on the NVIC, and let that
551 /* TODO: Need to escalate if the current priority is higher than the
552 one we're raising. */
553 switch (env->exception_index) {
555 armv7m_nvic_set_pending(env->nvic, ARMV7M_EXCP_USAGE);
559 armv7m_nvic_set_pending(env->nvic, ARMV7M_EXCP_SVC);
561 case EXCP_PREFETCH_ABORT:
562 case EXCP_DATA_ABORT:
563 armv7m_nvic_set_pending(env->nvic, ARMV7M_EXCP_MEM);
566 if (semihosting_enabled) {
568 nr = arm_lduw_code(env->regs[15], env->bswap_code) & 0xff;
571 env->regs[0] = do_arm_semihosting(env);
575 armv7m_nvic_set_pending(env->nvic, ARMV7M_EXCP_DEBUG);
578 env->v7m.exception = armv7m_nvic_acknowledge_irq(env->nvic);
580 case EXCP_EXCEPTION_EXIT:
581 do_v7m_exception_exit(env);
584 cpu_abort(env, "Unhandled exception 0x%x\n", env->exception_index);
585 return; /* Never happens. Keep compiler happy. */
588 /* Align stack pointer. */
589 /* ??? Should only do this if Configuration Control Register
590 STACKALIGN bit is set. */
591 if (env->regs[13] & 4) {
595 /* Switch to the handler mode. */
597 v7m_push(env, env->regs[15]);
598 v7m_push(env, env->regs[14]);
599 v7m_push(env, env->regs[12]);
600 v7m_push(env, env->regs[3]);
601 v7m_push(env, env->regs[2]);
602 v7m_push(env, env->regs[1]);
603 v7m_push(env, env->regs[0]);
604 switch_v7m_sp(env, 0);
606 env->condexec_bits = 0;
608 addr = ldl_phys(env->v7m.vecbase + env->v7m.exception * 4);
609 env->regs[15] = addr & 0xfffffffe;
610 env->thumb = addr & 1;
613 /* Handle a CPU exception. */
614 void do_interrupt(CPUARMState *env)
622 do_interrupt_v7m(env);
625 /* TODO: Vectored interrupt controller. */
626 switch (env->exception_index) {
628 new_mode = ARM_CPU_MODE_UND;
637 if (semihosting_enabled) {
638 /* Check for semihosting interrupt. */
640 mask = arm_lduw_code(env->regs[15] - 2, env->bswap_code) & 0xff;
642 mask = arm_ldl_code(env->regs[15] - 4, env->bswap_code)
645 /* Only intercept calls from privileged modes, to provide some
646 semblance of security. */
647 if (((mask == 0x123456 && !env->thumb)
648 || (mask == 0xab && env->thumb))
649 && (env->uncached_cpsr & CPSR_M) != ARM_CPU_MODE_USR) {
650 env->regs[0] = do_arm_semihosting(env);
654 new_mode = ARM_CPU_MODE_SVC;
657 /* The PC already points to the next instruction. */
661 /* See if this is a semihosting syscall. */
662 if (env->thumb && semihosting_enabled) {
663 mask = arm_lduw_code(env->regs[15], env->bswap_code) & 0xff;
665 && (env->uncached_cpsr & CPSR_M) != ARM_CPU_MODE_USR) {
667 env->regs[0] = do_arm_semihosting(env);
671 env->cp15.c5_insn = 2;
672 /* Fall through to prefetch abort. */
673 case EXCP_PREFETCH_ABORT:
674 new_mode = ARM_CPU_MODE_ABT;
676 mask = CPSR_A | CPSR_I;
679 case EXCP_DATA_ABORT:
680 new_mode = ARM_CPU_MODE_ABT;
682 mask = CPSR_A | CPSR_I;
686 new_mode = ARM_CPU_MODE_IRQ;
688 /* Disable IRQ and imprecise data aborts. */
689 mask = CPSR_A | CPSR_I;
693 new_mode = ARM_CPU_MODE_FIQ;
695 /* Disable FIQ, IRQ and imprecise data aborts. */
696 mask = CPSR_A | CPSR_I | CPSR_F;
700 cpu_abort(env, "Unhandled exception 0x%x\n", env->exception_index);
701 return; /* Never happens. Keep compiler happy. */
704 if (env->cp15.c1_sys & (1 << 13)) {
707 switch_mode (env, new_mode);
708 env->spsr = cpsr_read(env);
710 env->condexec_bits = 0;
711 /* Switch to the new mode, and to the correct instruction set. */
712 env->uncached_cpsr = (env->uncached_cpsr & ~CPSR_M) | new_mode;
713 env->uncached_cpsr |= mask;
714 /* this is a lie, as the was no c1_sys on V4T/V5, but who cares
715 * and we should just guard the thumb mode on V4 */
716 if (arm_feature(env, ARM_FEATURE_V4T)) {
717 env->thumb = (env->cp15.c1_sys & (1 << 30)) != 0;
719 env->regs[14] = env->regs[15] + offset;
720 env->regs[15] = addr;
721 env->interrupt_request |= CPU_INTERRUPT_EXITTB;
724 /* Check section/page access permissions.
725 Returns the page protection flags, or zero if the access is not
727 static inline int check_ap(CPUARMState *env, int ap, int domain_prot,
728 int access_type, int is_user)
732 if (domain_prot == 3) {
733 return PAGE_READ | PAGE_WRITE;
736 if (access_type == 1)
743 if (access_type == 1)
745 switch ((env->cp15.c1_sys >> 8) & 3) {
747 return is_user ? 0 : PAGE_READ;
754 return is_user ? 0 : PAGE_READ | PAGE_WRITE;
759 return PAGE_READ | PAGE_WRITE;
761 return PAGE_READ | PAGE_WRITE;
762 case 4: /* Reserved. */
765 return is_user ? 0 : prot_ro;
769 if (!arm_feature (env, ARM_FEATURE_V6K))
777 static uint32_t get_level1_table_address(CPUARMState *env, uint32_t address)
781 if (address & env->cp15.c2_mask)
782 table = env->cp15.c2_base1 & 0xffffc000;
784 table = env->cp15.c2_base0 & env->cp15.c2_base_mask;
786 table |= (address >> 18) & 0x3ffc;
790 static int get_phys_addr_v5(CPUARMState *env, uint32_t address, int access_type,
791 int is_user, uint32_t *phys_ptr, int *prot,
792 target_ulong *page_size)
803 /* Pagetable walk. */
804 /* Lookup l1 descriptor. */
805 table = get_level1_table_address(env, address);
806 desc = ldl_phys(table);
808 domain = (desc >> 5) & 0x0f;
809 domain_prot = (env->cp15.c3 >> (domain * 2)) & 3;
811 /* Section translation fault. */
815 if (domain_prot == 0 || domain_prot == 2) {
817 code = 9; /* Section domain fault. */
819 code = 11; /* Page domain fault. */
824 phys_addr = (desc & 0xfff00000) | (address & 0x000fffff);
825 ap = (desc >> 10) & 3;
827 *page_size = 1024 * 1024;
829 /* Lookup l2 entry. */
831 /* Coarse pagetable. */
832 table = (desc & 0xfffffc00) | ((address >> 10) & 0x3fc);
834 /* Fine pagetable. */
835 table = (desc & 0xfffff000) | ((address >> 8) & 0xffc);
837 desc = ldl_phys(table);
839 case 0: /* Page translation fault. */
842 case 1: /* 64k page. */
843 phys_addr = (desc & 0xffff0000) | (address & 0xffff);
844 ap = (desc >> (4 + ((address >> 13) & 6))) & 3;
845 *page_size = 0x10000;
847 case 2: /* 4k page. */
848 phys_addr = (desc & 0xfffff000) | (address & 0xfff);
849 ap = (desc >> (4 + ((address >> 13) & 6))) & 3;
852 case 3: /* 1k page. */
854 if (arm_feature(env, ARM_FEATURE_XSCALE)) {
855 phys_addr = (desc & 0xfffff000) | (address & 0xfff);
857 /* Page translation fault. */
862 phys_addr = (desc & 0xfffffc00) | (address & 0x3ff);
864 ap = (desc >> 4) & 3;
868 /* Never happens, but compiler isn't smart enough to tell. */
873 *prot = check_ap(env, ap, domain_prot, access_type, is_user);
875 /* Access permission fault. */
879 *phys_ptr = phys_addr;
882 return code | (domain << 4);
885 static int get_phys_addr_v6(CPUARMState *env, uint32_t address, int access_type,
886 int is_user, uint32_t *phys_ptr, int *prot,
887 target_ulong *page_size)
899 /* Pagetable walk. */
900 /* Lookup l1 descriptor. */
901 table = get_level1_table_address(env, address);
902 desc = ldl_phys(table);
905 /* Section translation fault. */
909 } else if (type == 2 && (desc & (1 << 18))) {
913 /* Section or page. */
914 domain = (desc >> 5) & 0x0f;
916 domain_prot = (env->cp15.c3 >> (domain * 2)) & 3;
917 if (domain_prot == 0 || domain_prot == 2) {
919 code = 9; /* Section domain fault. */
921 code = 11; /* Page domain fault. */
925 if (desc & (1 << 18)) {
927 phys_addr = (desc & 0xff000000) | (address & 0x00ffffff);
928 *page_size = 0x1000000;
931 phys_addr = (desc & 0xfff00000) | (address & 0x000fffff);
932 *page_size = 0x100000;
934 ap = ((desc >> 10) & 3) | ((desc >> 13) & 4);
935 xn = desc & (1 << 4);
938 /* Lookup l2 entry. */
939 table = (desc & 0xfffffc00) | ((address >> 10) & 0x3fc);
940 desc = ldl_phys(table);
941 ap = ((desc >> 4) & 3) | ((desc >> 7) & 4);
943 case 0: /* Page translation fault. */
946 case 1: /* 64k page. */
947 phys_addr = (desc & 0xffff0000) | (address & 0xffff);
948 xn = desc & (1 << 15);
949 *page_size = 0x10000;
951 case 2: case 3: /* 4k page. */
952 phys_addr = (desc & 0xfffff000) | (address & 0xfff);
957 /* Never happens, but compiler isn't smart enough to tell. */
962 if (domain_prot == 3) {
963 *prot = PAGE_READ | PAGE_WRITE | PAGE_EXEC;
965 if (xn && access_type == 2)
968 /* The simplified model uses AP[0] as an access control bit. */
969 if ((env->cp15.c1_sys & (1 << 29)) && (ap & 1) == 0) {
970 /* Access flag fault. */
971 code = (code == 15) ? 6 : 3;
974 *prot = check_ap(env, ap, domain_prot, access_type, is_user);
976 /* Access permission fault. */
983 *phys_ptr = phys_addr;
986 return code | (domain << 4);
989 static int get_phys_addr_mpu(CPUARMState *env, uint32_t address, int access_type,
990 int is_user, uint32_t *phys_ptr, int *prot)
997 for (n = 7; n >= 0; n--) {
998 base = env->cp15.c6_region[n];
1001 mask = 1 << ((base >> 1) & 0x1f);
1002 /* Keep this shift separate from the above to avoid an
1003 (undefined) << 32. */
1004 mask = (mask << 1) - 1;
1005 if (((base ^ address) & ~mask) == 0)
1011 if (access_type == 2) {
1012 mask = env->cp15.c5_insn;
1014 mask = env->cp15.c5_data;
1016 mask = (mask >> (n * 4)) & 0xf;
1023 *prot = PAGE_READ | PAGE_WRITE;
1028 *prot |= PAGE_WRITE;
1031 *prot = PAGE_READ | PAGE_WRITE;
1042 /* Bad permission. */
1049 static inline int get_phys_addr(CPUARMState *env, uint32_t address,
1050 int access_type, int is_user,
1051 uint32_t *phys_ptr, int *prot,
1052 target_ulong *page_size)
1054 /* Fast Context Switch Extension. */
1055 if (address < 0x02000000)
1056 address += env->cp15.c13_fcse;
1058 if ((env->cp15.c1_sys & 1) == 0) {
1059 /* MMU/MPU disabled. */
1060 *phys_ptr = address;
1061 *prot = PAGE_READ | PAGE_WRITE | PAGE_EXEC;
1062 *page_size = TARGET_PAGE_SIZE;
1064 } else if (arm_feature(env, ARM_FEATURE_MPU)) {
1065 *page_size = TARGET_PAGE_SIZE;
1066 return get_phys_addr_mpu(env, address, access_type, is_user, phys_ptr,
1068 } else if (env->cp15.c1_sys & (1 << 23)) {
1069 return get_phys_addr_v6(env, address, access_type, is_user, phys_ptr,
1072 return get_phys_addr_v5(env, address, access_type, is_user, phys_ptr,
1077 int cpu_arm_handle_mmu_fault (CPUARMState *env, target_ulong address,
1078 int access_type, int mmu_idx)
1081 target_ulong page_size;
1085 is_user = mmu_idx == MMU_USER_IDX;
1086 ret = get_phys_addr(env, address, access_type, is_user, &phys_addr, &prot,
1089 /* Map a single [sub]page. */
1090 phys_addr &= ~(uint32_t)0x3ff;
1091 address &= ~(uint32_t)0x3ff;
1092 tlb_set_page (env, address, phys_addr, prot, mmu_idx, page_size);
1096 if (access_type == 2) {
1097 env->cp15.c5_insn = ret;
1098 env->cp15.c6_insn = address;
1099 env->exception_index = EXCP_PREFETCH_ABORT;
1101 env->cp15.c5_data = ret;
1102 if (access_type == 1 && arm_feature(env, ARM_FEATURE_V6))
1103 env->cp15.c5_data |= (1 << 11);
1104 env->cp15.c6_data = address;
1105 env->exception_index = EXCP_DATA_ABORT;
1110 target_phys_addr_t cpu_get_phys_page_debug(CPUARMState *env, target_ulong addr)
1113 target_ulong page_size;
1117 ret = get_phys_addr(env, addr, 0, 0, &phys_addr, &prot, &page_size);
1125 /* Return basic MPU access permission bits. */
1126 static uint32_t simple_mpu_ap_bits(uint32_t val)
1133 for (i = 0; i < 16; i += 2) {
1134 ret |= (val >> i) & mask;
1140 /* Pad basic MPU access permission bits to extended format. */
1141 static uint32_t extended_mpu_ap_bits(uint32_t val)
1148 for (i = 0; i < 16; i += 2) {
1149 ret |= (val & mask) << i;
1155 void HELPER(set_cp15)(CPUARMState *env, uint32_t insn, uint32_t val)
1161 op1 = (insn >> 21) & 7;
1162 op2 = (insn >> 5) & 7;
1164 switch ((insn >> 16) & 0xf) {
1167 if (arm_feature(env, ARM_FEATURE_XSCALE))
1169 if (arm_feature(env, ARM_FEATURE_OMAPCP))
1171 if (arm_feature(env, ARM_FEATURE_V7)
1172 && op1 == 2 && crm == 0 && op2 == 0) {
1173 env->cp15.c0_cssel = val & 0xf;
1177 case 1: /* System configuration. */
1178 if (arm_feature(env, ARM_FEATURE_V7)
1179 && op1 == 0 && crm == 1 && op2 == 0) {
1180 env->cp15.c1_scr = val;
1183 if (arm_feature(env, ARM_FEATURE_OMAPCP))
1187 if (!arm_feature(env, ARM_FEATURE_XSCALE) || crm == 0)
1188 env->cp15.c1_sys = val;
1189 /* ??? Lots of these bits are not implemented. */
1190 /* This may enable/disable the MMU, so do a TLB flush. */
1193 case 1: /* Auxiliary control register. */
1194 if (arm_feature(env, ARM_FEATURE_XSCALE)) {
1195 env->cp15.c1_xscaleauxcr = val;
1198 /* Not implemented. */
1201 if (arm_feature(env, ARM_FEATURE_XSCALE))
1203 if (env->cp15.c1_coproc != val) {
1204 env->cp15.c1_coproc = val;
1205 /* ??? Is this safe when called from within a TB? */
1213 case 2: /* MMU Page table control / MPU cache control. */
1214 if (arm_feature(env, ARM_FEATURE_MPU)) {
1217 env->cp15.c2_data = val;
1220 env->cp15.c2_insn = val;
1228 env->cp15.c2_base0 = val;
1231 env->cp15.c2_base1 = val;
1235 env->cp15.c2_control = val;
1236 env->cp15.c2_mask = ~(((uint32_t)0xffffffffu) >> val);
1237 env->cp15.c2_base_mask = ~((uint32_t)0x3fffu >> val);
1244 case 3: /* MMU Domain access control / MPU write buffer control. */
1246 tlb_flush(env, 1); /* Flush TLB as domain not tracked in TLB */
1248 case 4: /* Reserved. */
1250 case 5: /* MMU Fault status / MPU access permission. */
1251 if (arm_feature(env, ARM_FEATURE_OMAPCP))
1255 if (arm_feature(env, ARM_FEATURE_MPU))
1256 val = extended_mpu_ap_bits(val);
1257 env->cp15.c5_data = val;
1260 if (arm_feature(env, ARM_FEATURE_MPU))
1261 val = extended_mpu_ap_bits(val);
1262 env->cp15.c5_insn = val;
1265 if (!arm_feature(env, ARM_FEATURE_MPU))
1267 env->cp15.c5_data = val;
1270 if (!arm_feature(env, ARM_FEATURE_MPU))
1272 env->cp15.c5_insn = val;
1278 case 6: /* MMU Fault address / MPU base/size. */
1279 if (arm_feature(env, ARM_FEATURE_MPU)) {
1282 env->cp15.c6_region[crm] = val;
1284 if (arm_feature(env, ARM_FEATURE_OMAPCP))
1288 env->cp15.c6_data = val;
1290 case 1: /* ??? This is WFAR on armv6 */
1292 env->cp15.c6_insn = val;
1299 case 7: /* Cache control. */
1300 env->cp15.c15_i_max = 0x000;
1301 env->cp15.c15_i_min = 0xff0;
1305 /* No cache, so nothing to do except VA->PA translations. */
1306 if (arm_feature(env, ARM_FEATURE_VAPA)) {
1309 if (arm_feature(env, ARM_FEATURE_V7)) {
1310 env->cp15.c7_par = val & 0xfffff6ff;
1312 env->cp15.c7_par = val & 0xfffff1ff;
1317 target_ulong page_size;
1319 int ret, is_user = op2 & 2;
1320 int access_type = op2 & 1;
1323 /* Other states are only available with TrustZone */
1326 ret = get_phys_addr(env, val, access_type, is_user,
1327 &phys_addr, &prot, &page_size);
1329 /* We do not set any attribute bits in the PAR */
1330 if (page_size == (1 << 24)
1331 && arm_feature(env, ARM_FEATURE_V7)) {
1332 env->cp15.c7_par = (phys_addr & 0xff000000) | 1 << 1;
1334 env->cp15.c7_par = phys_addr & 0xfffff000;
1337 env->cp15.c7_par = ((ret & (10 << 1)) >> 5) |
1338 ((ret & (12 << 1)) >> 6) |
1339 ((ret & 0xf) << 1) | 1;
1346 case 8: /* MMU TLB control. */
1348 case 0: /* Invalidate all (TLBIALL) */
1351 case 1: /* Invalidate single TLB entry by MVA and ASID (TLBIMVA) */
1352 tlb_flush_page(env, val & TARGET_PAGE_MASK);
1354 case 2: /* Invalidate by ASID (TLBIASID) */
1355 tlb_flush(env, val == 0);
1357 case 3: /* Invalidate single entry by MVA, all ASIDs (TLBIMVAA) */
1358 tlb_flush_page(env, val & TARGET_PAGE_MASK);
1365 if (arm_feature(env, ARM_FEATURE_OMAPCP))
1367 if (arm_feature(env, ARM_FEATURE_STRONGARM))
1368 break; /* Ignore ReadBuffer access */
1370 case 0: /* Cache lockdown. */
1372 case 0: /* L1 cache. */
1375 env->cp15.c9_data = val;
1378 env->cp15.c9_insn = val;
1384 case 1: /* L2 cache. */
1385 /* Ignore writes to L2 lockdown/auxiliary registers. */
1391 case 1: /* TCM memory region registers. */
1392 /* Not implemented. */
1394 case 12: /* Performance monitor control */
1395 /* Performance monitors are implementation defined in v7,
1396 * but with an ARM recommended set of registers, which we
1397 * follow (although we don't actually implement any counters)
1399 if (!arm_feature(env, ARM_FEATURE_V7)) {
1403 case 0: /* performance monitor control register */
1404 /* only the DP, X, D and E bits are writable */
1405 env->cp15.c9_pmcr &= ~0x39;
1406 env->cp15.c9_pmcr |= (val & 0x39);
1408 case 1: /* Count enable set register */
1410 env->cp15.c9_pmcnten |= val;
1412 case 2: /* Count enable clear */
1414 env->cp15.c9_pmcnten &= ~val;
1416 case 3: /* Overflow flag status */
1417 env->cp15.c9_pmovsr &= ~val;
1419 case 4: /* Software increment */
1420 /* RAZ/WI since we don't implement the software-count event */
1422 case 5: /* Event counter selection register */
1423 /* Since we don't implement any events, writing to this register
1424 * is actually UNPREDICTABLE. So we choose to RAZ/WI.
1431 case 13: /* Performance counters */
1432 if (!arm_feature(env, ARM_FEATURE_V7)) {
1436 case 0: /* Cycle count register: not implemented, so RAZ/WI */
1438 case 1: /* Event type select */
1439 env->cp15.c9_pmxevtyper = val & 0xff;
1441 case 2: /* Event count register */
1442 /* Unimplemented (we have no events), RAZ/WI */
1448 case 14: /* Performance monitor control */
1449 if (!arm_feature(env, ARM_FEATURE_V7)) {
1453 case 0: /* user enable */
1454 env->cp15.c9_pmuserenr = val & 1;
1455 /* changes access rights for cp registers, so flush tbs */
1458 case 1: /* interrupt enable set */
1459 /* We have no event counters so only the C bit can be changed */
1461 env->cp15.c9_pminten |= val;
1463 case 2: /* interrupt enable clear */
1465 env->cp15.c9_pminten &= ~val;
1473 case 10: /* MMU TLB lockdown. */
1474 /* ??? TLB lockdown not implemented. */
1476 case 12: /* Reserved. */
1478 case 13: /* Process ID. */
1481 /* Unlike real hardware the qemu TLB uses virtual addresses,
1482 not modified virtual addresses, so this causes a TLB flush.
1484 if (env->cp15.c13_fcse != val)
1486 env->cp15.c13_fcse = val;
1489 /* This changes the ASID, so do a TLB flush. */
1490 if (env->cp15.c13_context != val
1491 && !arm_feature(env, ARM_FEATURE_MPU))
1493 env->cp15.c13_context = val;
1499 case 14: /* Generic timer */
1500 if (arm_feature(env, ARM_FEATURE_GENERIC_TIMER)) {
1501 /* Dummy implementation: RAZ/WI for all */
1505 case 15: /* Implementation specific. */
1506 if (arm_feature(env, ARM_FEATURE_XSCALE)) {
1507 if (op2 == 0 && crm == 1) {
1508 if (env->cp15.c15_cpar != (val & 0x3fff)) {
1509 /* Changes cp0 to cp13 behavior, so needs a TB flush. */
1511 env->cp15.c15_cpar = val & 0x3fff;
1517 if (arm_feature(env, ARM_FEATURE_OMAPCP)) {
1521 case 1: /* Set TI925T configuration. */
1522 env->cp15.c15_ticonfig = val & 0xe7;
1523 env->cp15.c0_cpuid = (val & (1 << 5)) ? /* OS_TYPE bit */
1524 ARM_CPUID_TI915T : ARM_CPUID_TI925T;
1526 case 2: /* Set I_max. */
1527 env->cp15.c15_i_max = val;
1529 case 3: /* Set I_min. */
1530 env->cp15.c15_i_min = val;
1532 case 4: /* Set thread-ID. */
1533 env->cp15.c15_threadid = val & 0xffff;
1535 case 8: /* Wait-for-interrupt (deprecated). */
1536 cpu_interrupt(env, CPU_INTERRUPT_HALT);
1542 if (ARM_CPUID(env) == ARM_CPUID_CORTEXA9) {
1545 if ((op1 == 0) && (op2 == 0)) {
1546 env->cp15.c15_power_control = val;
1547 } else if ((op1 == 0) && (op2 == 1)) {
1548 env->cp15.c15_diagnostic = val;
1549 } else if ((op1 == 0) && (op2 == 2)) {
1550 env->cp15.c15_power_diagnostic = val;
1560 /* ??? For debugging only. Should raise illegal instruction exception. */
1561 cpu_abort(env, "Unimplemented cp15 register write (c%d, c%d, {%d, %d})\n",
1562 (insn >> 16) & 0xf, crm, op1, op2);
1565 uint32_t HELPER(get_cp15)(CPUARMState *env, uint32_t insn)
1571 op1 = (insn >> 21) & 7;
1572 op2 = (insn >> 5) & 7;
1574 switch ((insn >> 16) & 0xf) {
1575 case 0: /* ID codes. */
1581 case 0: /* Device ID. */
1582 return env->cp15.c0_cpuid;
1583 case 1: /* Cache Type. */
1584 return env->cp15.c0_cachetype;
1585 case 2: /* TCM status. */
1587 case 3: /* TLB type register. */
1588 return 0; /* No lockable TLB entries. */
1590 /* The MPIDR was standardised in v7; prior to
1591 * this it was implemented only in the 11MPCore.
1592 * For all other pre-v7 cores it does not exist.
1594 if (arm_feature(env, ARM_FEATURE_V7) ||
1595 ARM_CPUID(env) == ARM_CPUID_ARM11MPCORE) {
1596 int mpidr = env->cpu_index;
1597 /* We don't support setting cluster ID ([8..11])
1598 * so these bits always RAZ.
1600 if (arm_feature(env, ARM_FEATURE_V7MP)) {
1602 /* Cores which are uniprocessor (non-coherent)
1603 * but still implement the MP extensions set
1604 * bit 30. (For instance, A9UP.) However we do
1605 * not currently model any of those cores.
1610 /* otherwise fall through to the unimplemented-reg case */
1615 if (!arm_feature(env, ARM_FEATURE_V6))
1617 return env->cp15.c0_c1[op2];
1619 if (!arm_feature(env, ARM_FEATURE_V6))
1621 return env->cp15.c0_c2[op2];
1622 case 3: case 4: case 5: case 6: case 7:
1628 /* These registers aren't documented on arm11 cores. However
1629 Linux looks at them anyway. */
1630 if (!arm_feature(env, ARM_FEATURE_V6))
1634 if (!arm_feature(env, ARM_FEATURE_V7))
1639 return env->cp15.c0_ccsid[env->cp15.c0_cssel];
1641 return env->cp15.c0_clid;
1647 if (op2 != 0 || crm != 0)
1649 return env->cp15.c0_cssel;
1653 case 1: /* System configuration. */
1654 if (arm_feature(env, ARM_FEATURE_V7)
1655 && op1 == 0 && crm == 1 && op2 == 0) {
1656 return env->cp15.c1_scr;
1658 if (arm_feature(env, ARM_FEATURE_OMAPCP))
1661 case 0: /* Control register. */
1662 return env->cp15.c1_sys;
1663 case 1: /* Auxiliary control register. */
1664 if (arm_feature(env, ARM_FEATURE_XSCALE))
1665 return env->cp15.c1_xscaleauxcr;
1666 if (!arm_feature(env, ARM_FEATURE_AUXCR))
1668 switch (ARM_CPUID(env)) {
1669 case ARM_CPUID_ARM1026:
1671 case ARM_CPUID_ARM1136:
1672 case ARM_CPUID_ARM1136_R2:
1673 case ARM_CPUID_ARM1176:
1675 case ARM_CPUID_ARM11MPCORE:
1677 case ARM_CPUID_CORTEXA8:
1679 case ARM_CPUID_CORTEXA9:
1680 case ARM_CPUID_CORTEXA15:
1685 case 2: /* Coprocessor access register. */
1686 if (arm_feature(env, ARM_FEATURE_XSCALE))
1688 return env->cp15.c1_coproc;
1692 case 2: /* MMU Page table control / MPU cache control. */
1693 if (arm_feature(env, ARM_FEATURE_MPU)) {
1696 return env->cp15.c2_data;
1699 return env->cp15.c2_insn;
1707 return env->cp15.c2_base0;
1709 return env->cp15.c2_base1;
1711 return env->cp15.c2_control;
1716 case 3: /* MMU Domain access control / MPU write buffer control. */
1717 return env->cp15.c3;
1718 case 4: /* Reserved. */
1720 case 5: /* MMU Fault status / MPU access permission. */
1721 if (arm_feature(env, ARM_FEATURE_OMAPCP))
1725 if (arm_feature(env, ARM_FEATURE_MPU))
1726 return simple_mpu_ap_bits(env->cp15.c5_data);
1727 return env->cp15.c5_data;
1729 if (arm_feature(env, ARM_FEATURE_MPU))
1730 return simple_mpu_ap_bits(env->cp15.c5_insn);
1731 return env->cp15.c5_insn;
1733 if (!arm_feature(env, ARM_FEATURE_MPU))
1735 return env->cp15.c5_data;
1737 if (!arm_feature(env, ARM_FEATURE_MPU))
1739 return env->cp15.c5_insn;
1743 case 6: /* MMU Fault address. */
1744 if (arm_feature(env, ARM_FEATURE_MPU)) {
1747 return env->cp15.c6_region[crm];
1749 if (arm_feature(env, ARM_FEATURE_OMAPCP))
1753 return env->cp15.c6_data;
1755 if (arm_feature(env, ARM_FEATURE_V6)) {
1756 /* Watchpoint Fault Adrress. */
1757 return 0; /* Not implemented. */
1759 /* Instruction Fault Adrress. */
1760 /* Arm9 doesn't have an IFAR, but implementing it anyway
1761 shouldn't do any harm. */
1762 return env->cp15.c6_insn;
1765 if (arm_feature(env, ARM_FEATURE_V6)) {
1766 /* Instruction Fault Adrress. */
1767 return env->cp15.c6_insn;
1775 case 7: /* Cache control. */
1776 if (crm == 4 && op1 == 0 && op2 == 0) {
1777 return env->cp15.c7_par;
1779 /* FIXME: Should only clear Z flag if destination is r15. */
1782 case 8: /* MMU TLB control. */
1786 case 0: /* Cache lockdown */
1788 case 0: /* L1 cache. */
1789 if (arm_feature(env, ARM_FEATURE_OMAPCP)) {
1794 return env->cp15.c9_data;
1796 return env->cp15.c9_insn;
1800 case 1: /* L2 cache */
1801 /* L2 Lockdown and Auxiliary control. */
1804 /* L2 cache lockdown (A8 only) */
1807 /* L2 cache auxiliary control (A8) or control (A15) */
1808 if (ARM_CPUID(env) == ARM_CPUID_CORTEXA15) {
1809 /* Linux wants the number of processors from here.
1810 * Might as well set the interrupt-controller bit too.
1812 return ((smp_cpus - 1) << 24) | (1 << 23);
1816 /* L2 cache extended control (A15) */
1825 case 12: /* Performance monitor control */
1826 if (!arm_feature(env, ARM_FEATURE_V7)) {
1830 case 0: /* performance monitor control register */
1831 return env->cp15.c9_pmcr;
1832 case 1: /* count enable set */
1833 case 2: /* count enable clear */
1834 return env->cp15.c9_pmcnten;
1835 case 3: /* overflow flag status */
1836 return env->cp15.c9_pmovsr;
1837 case 4: /* software increment */
1838 case 5: /* event counter selection register */
1839 return 0; /* Unimplemented, RAZ/WI */
1843 case 13: /* Performance counters */
1844 if (!arm_feature(env, ARM_FEATURE_V7)) {
1848 case 1: /* Event type select */
1849 return env->cp15.c9_pmxevtyper;
1850 case 0: /* Cycle count register */
1851 case 2: /* Event count register */
1852 /* Unimplemented, so RAZ/WI */
1857 case 14: /* Performance monitor control */
1858 if (!arm_feature(env, ARM_FEATURE_V7)) {
1862 case 0: /* user enable */
1863 return env->cp15.c9_pmuserenr;
1864 case 1: /* interrupt enable set */
1865 case 2: /* interrupt enable clear */
1866 return env->cp15.c9_pminten;
1874 case 10: /* MMU TLB lockdown. */
1875 /* ??? TLB lockdown not implemented. */
1877 case 11: /* TCM DMA control. */
1878 case 12: /* Reserved. */
1880 case 13: /* Process ID. */
1883 return env->cp15.c13_fcse;
1885 return env->cp15.c13_context;
1889 case 14: /* Generic timer */
1890 if (arm_feature(env, ARM_FEATURE_GENERIC_TIMER)) {
1891 /* Dummy implementation: RAZ/WI for all */
1895 case 15: /* Implementation specific. */
1896 if (arm_feature(env, ARM_FEATURE_XSCALE)) {
1897 if (op2 == 0 && crm == 1)
1898 return env->cp15.c15_cpar;
1902 if (arm_feature(env, ARM_FEATURE_OMAPCP)) {
1906 case 1: /* Read TI925T configuration. */
1907 return env->cp15.c15_ticonfig;
1908 case 2: /* Read I_max. */
1909 return env->cp15.c15_i_max;
1910 case 3: /* Read I_min. */
1911 return env->cp15.c15_i_min;
1912 case 4: /* Read thread-ID. */
1913 return env->cp15.c15_threadid;
1914 case 8: /* TI925T_status */
1917 /* TODO: Peripheral port remap register:
1918 * On OMAP2 mcr p15, 0, rn, c15, c2, 4 sets up the interrupt
1919 * controller base address at $rn & ~0xfff and map size of
1920 * 0x200 << ($rn & 0xfff), when MMU is off. */
1923 if (ARM_CPUID(env) == ARM_CPUID_CORTEXA9) {
1926 if ((op1 == 4) && (op2 == 0)) {
1927 /* The config_base_address should hold the value of
1928 * the peripheral base. ARM should get this from a CPU
1929 * object property, but that support isn't available in
1930 * December 2011. Default to 0 for now and board models
1931 * that care can set it by a private hook */
1932 return env->cp15.c15_config_base_address;
1933 } else if ((op1 == 0) && (op2 == 0)) {
1934 /* power_control should be set to maximum latency. Again,
1935 default to 0 and set by private hook */
1936 return env->cp15.c15_power_control;
1937 } else if ((op1 == 0) && (op2 == 1)) {
1938 return env->cp15.c15_diagnostic;
1939 } else if ((op1 == 0) && (op2 == 2)) {
1940 return env->cp15.c15_power_diagnostic;
1943 case 1: /* NEON Busy */
1945 case 5: /* tlb lockdown */
1948 if ((op1 == 5) && (op2 == 2)) {
1960 /* ??? For debugging only. Should raise illegal instruction exception. */
1961 cpu_abort(env, "Unimplemented cp15 register read (c%d, c%d, {%d, %d})\n",
1962 (insn >> 16) & 0xf, crm, op1, op2);
1966 void HELPER(set_r13_banked)(CPUARMState *env, uint32_t mode, uint32_t val)
1968 if ((env->uncached_cpsr & CPSR_M) == mode) {
1969 env->regs[13] = val;
1971 env->banked_r13[bank_number(env, mode)] = val;
1975 uint32_t HELPER(get_r13_banked)(CPUARMState *env, uint32_t mode)
1977 if ((env->uncached_cpsr & CPSR_M) == mode) {
1978 return env->regs[13];
1980 return env->banked_r13[bank_number(env, mode)];
1984 uint32_t HELPER(v7m_mrs)(CPUARMState *env, uint32_t reg)
1988 return xpsr_read(env) & 0xf8000000;
1990 return xpsr_read(env) & 0xf80001ff;
1992 return xpsr_read(env) & 0xff00fc00;
1994 return xpsr_read(env) & 0xff00fdff;
1996 return xpsr_read(env) & 0x000001ff;
1998 return xpsr_read(env) & 0x0700fc00;
2000 return xpsr_read(env) & 0x0700edff;
2002 return env->v7m.current_sp ? env->v7m.other_sp : env->regs[13];
2004 return env->v7m.current_sp ? env->regs[13] : env->v7m.other_sp;
2005 case 16: /* PRIMASK */
2006 return (env->uncached_cpsr & CPSR_I) != 0;
2007 case 17: /* BASEPRI */
2008 case 18: /* BASEPRI_MAX */
2009 return env->v7m.basepri;
2010 case 19: /* FAULTMASK */
2011 return (env->uncached_cpsr & CPSR_F) != 0;
2012 case 20: /* CONTROL */
2013 return env->v7m.control;
2015 /* ??? For debugging only. */
2016 cpu_abort(env, "Unimplemented system register read (%d)\n", reg);
2021 void HELPER(v7m_msr)(CPUARMState *env, uint32_t reg, uint32_t val)
2025 xpsr_write(env, val, 0xf8000000);
2028 xpsr_write(env, val, 0xf8000000);
2031 xpsr_write(env, val, 0xfe00fc00);
2034 xpsr_write(env, val, 0xfe00fc00);
2037 /* IPSR bits are readonly. */
2040 xpsr_write(env, val, 0x0600fc00);
2043 xpsr_write(env, val, 0x0600fc00);
2046 if (env->v7m.current_sp)
2047 env->v7m.other_sp = val;
2049 env->regs[13] = val;
2052 if (env->v7m.current_sp)
2053 env->regs[13] = val;
2055 env->v7m.other_sp = val;
2057 case 16: /* PRIMASK */
2059 env->uncached_cpsr |= CPSR_I;
2061 env->uncached_cpsr &= ~CPSR_I;
2063 case 17: /* BASEPRI */
2064 env->v7m.basepri = val & 0xff;
2066 case 18: /* BASEPRI_MAX */
2068 if (val != 0 && (val < env->v7m.basepri || env->v7m.basepri == 0))
2069 env->v7m.basepri = val;
2071 case 19: /* FAULTMASK */
2073 env->uncached_cpsr |= CPSR_F;
2075 env->uncached_cpsr &= ~CPSR_F;
2077 case 20: /* CONTROL */
2078 env->v7m.control = val & 3;
2079 switch_v7m_sp(env, (val & 2) != 0);
2082 /* ??? For debugging only. */
2083 cpu_abort(env, "Unimplemented system register write (%d)\n", reg);
2090 /* Note that signed overflow is undefined in C. The following routines are
2091 careful to use unsigned types where modulo arithmetic is required.
2092 Failure to do so _will_ break on newer gcc. */
2094 /* Signed saturating arithmetic. */
2096 /* Perform 16-bit signed saturating addition. */
2097 static inline uint16_t add16_sat(uint16_t a, uint16_t b)
2102 if (((res ^ a) & 0x8000) && !((a ^ b) & 0x8000)) {
2111 /* Perform 8-bit signed saturating addition. */
2112 static inline uint8_t add8_sat(uint8_t a, uint8_t b)
2117 if (((res ^ a) & 0x80) && !((a ^ b) & 0x80)) {
2126 /* Perform 16-bit signed saturating subtraction. */
2127 static inline uint16_t sub16_sat(uint16_t a, uint16_t b)
2132 if (((res ^ a) & 0x8000) && ((a ^ b) & 0x8000)) {
2141 /* Perform 8-bit signed saturating subtraction. */
2142 static inline uint8_t sub8_sat(uint8_t a, uint8_t b)
2147 if (((res ^ a) & 0x80) && ((a ^ b) & 0x80)) {
2156 #define ADD16(a, b, n) RESULT(add16_sat(a, b), n, 16);
2157 #define SUB16(a, b, n) RESULT(sub16_sat(a, b), n, 16);
2158 #define ADD8(a, b, n) RESULT(add8_sat(a, b), n, 8);
2159 #define SUB8(a, b, n) RESULT(sub8_sat(a, b), n, 8);
2162 #include "op_addsub.h"
2164 /* Unsigned saturating arithmetic. */
2165 static inline uint16_t add16_usat(uint16_t a, uint16_t b)
2174 static inline uint16_t sub16_usat(uint16_t a, uint16_t b)
2182 static inline uint8_t add8_usat(uint8_t a, uint8_t b)
2191 static inline uint8_t sub8_usat(uint8_t a, uint8_t b)
2199 #define ADD16(a, b, n) RESULT(add16_usat(a, b), n, 16);
2200 #define SUB16(a, b, n) RESULT(sub16_usat(a, b), n, 16);
2201 #define ADD8(a, b, n) RESULT(add8_usat(a, b), n, 8);
2202 #define SUB8(a, b, n) RESULT(sub8_usat(a, b), n, 8);
2205 #include "op_addsub.h"
2207 /* Signed modulo arithmetic. */
2208 #define SARITH16(a, b, n, op) do { \
2210 sum = (int32_t)(int16_t)(a) op (int32_t)(int16_t)(b); \
2211 RESULT(sum, n, 16); \
2213 ge |= 3 << (n * 2); \
2216 #define SARITH8(a, b, n, op) do { \
2218 sum = (int32_t)(int8_t)(a) op (int32_t)(int8_t)(b); \
2219 RESULT(sum, n, 8); \
2225 #define ADD16(a, b, n) SARITH16(a, b, n, +)
2226 #define SUB16(a, b, n) SARITH16(a, b, n, -)
2227 #define ADD8(a, b, n) SARITH8(a, b, n, +)
2228 #define SUB8(a, b, n) SARITH8(a, b, n, -)
2232 #include "op_addsub.h"
2234 /* Unsigned modulo arithmetic. */
2235 #define ADD16(a, b, n) do { \
2237 sum = (uint32_t)(uint16_t)(a) + (uint32_t)(uint16_t)(b); \
2238 RESULT(sum, n, 16); \
2239 if ((sum >> 16) == 1) \
2240 ge |= 3 << (n * 2); \
2243 #define ADD8(a, b, n) do { \
2245 sum = (uint32_t)(uint8_t)(a) + (uint32_t)(uint8_t)(b); \
2246 RESULT(sum, n, 8); \
2247 if ((sum >> 8) == 1) \
2251 #define SUB16(a, b, n) do { \
2253 sum = (uint32_t)(uint16_t)(a) - (uint32_t)(uint16_t)(b); \
2254 RESULT(sum, n, 16); \
2255 if ((sum >> 16) == 0) \
2256 ge |= 3 << (n * 2); \
2259 #define SUB8(a, b, n) do { \
2261 sum = (uint32_t)(uint8_t)(a) - (uint32_t)(uint8_t)(b); \
2262 RESULT(sum, n, 8); \
2263 if ((sum >> 8) == 0) \
2270 #include "op_addsub.h"
2272 /* Halved signed arithmetic. */
2273 #define ADD16(a, b, n) \
2274 RESULT(((int32_t)(int16_t)(a) + (int32_t)(int16_t)(b)) >> 1, n, 16)
2275 #define SUB16(a, b, n) \
2276 RESULT(((int32_t)(int16_t)(a) - (int32_t)(int16_t)(b)) >> 1, n, 16)
2277 #define ADD8(a, b, n) \
2278 RESULT(((int32_t)(int8_t)(a) + (int32_t)(int8_t)(b)) >> 1, n, 8)
2279 #define SUB8(a, b, n) \
2280 RESULT(((int32_t)(int8_t)(a) - (int32_t)(int8_t)(b)) >> 1, n, 8)
2283 #include "op_addsub.h"
2285 /* Halved unsigned arithmetic. */
2286 #define ADD16(a, b, n) \
2287 RESULT(((uint32_t)(uint16_t)(a) + (uint32_t)(uint16_t)(b)) >> 1, n, 16)
2288 #define SUB16(a, b, n) \
2289 RESULT(((uint32_t)(uint16_t)(a) - (uint32_t)(uint16_t)(b)) >> 1, n, 16)
2290 #define ADD8(a, b, n) \
2291 RESULT(((uint32_t)(uint8_t)(a) + (uint32_t)(uint8_t)(b)) >> 1, n, 8)
2292 #define SUB8(a, b, n) \
2293 RESULT(((uint32_t)(uint8_t)(a) - (uint32_t)(uint8_t)(b)) >> 1, n, 8)
2296 #include "op_addsub.h"
2298 static inline uint8_t do_usad(uint8_t a, uint8_t b)
2306 /* Unsigned sum of absolute byte differences. */
2307 uint32_t HELPER(usad8)(uint32_t a, uint32_t b)
2310 sum = do_usad(a, b);
2311 sum += do_usad(a >> 8, b >> 8);
2312 sum += do_usad(a >> 16, b >>16);
2313 sum += do_usad(a >> 24, b >> 24);
2317 /* For ARMv6 SEL instruction. */
2318 uint32_t HELPER(sel_flags)(uint32_t flags, uint32_t a, uint32_t b)
2331 return (a & mask) | (b & ~mask);
2334 uint32_t HELPER(logicq_cc)(uint64_t val)
2336 return (val >> 32) | (val != 0);
2339 /* VFP support. We follow the convention used for VFP instrunctions:
2340 Single precition routines have a "s" suffix, double precision a
2343 /* Convert host exception flags to vfp form. */
2344 static inline int vfp_exceptbits_from_host(int host_bits)
2346 int target_bits = 0;
2348 if (host_bits & float_flag_invalid)
2350 if (host_bits & float_flag_divbyzero)
2352 if (host_bits & float_flag_overflow)
2354 if (host_bits & (float_flag_underflow | float_flag_output_denormal))
2356 if (host_bits & float_flag_inexact)
2357 target_bits |= 0x10;
2358 if (host_bits & float_flag_input_denormal)
2359 target_bits |= 0x80;
2363 uint32_t HELPER(vfp_get_fpscr)(CPUARMState *env)
2368 fpscr = (env->vfp.xregs[ARM_VFP_FPSCR] & 0xffc8ffff)
2369 | (env->vfp.vec_len << 16)
2370 | (env->vfp.vec_stride << 20);
2371 i = get_float_exception_flags(&env->vfp.fp_status);
2372 i |= get_float_exception_flags(&env->vfp.standard_fp_status);
2373 fpscr |= vfp_exceptbits_from_host(i);
2377 uint32_t vfp_get_fpscr(CPUARMState *env)
2379 return HELPER(vfp_get_fpscr)(env);
2382 /* Convert vfp exception flags to target form. */
2383 static inline int vfp_exceptbits_to_host(int target_bits)
2387 if (target_bits & 1)
2388 host_bits |= float_flag_invalid;
2389 if (target_bits & 2)
2390 host_bits |= float_flag_divbyzero;
2391 if (target_bits & 4)
2392 host_bits |= float_flag_overflow;
2393 if (target_bits & 8)
2394 host_bits |= float_flag_underflow;
2395 if (target_bits & 0x10)
2396 host_bits |= float_flag_inexact;
2397 if (target_bits & 0x80)
2398 host_bits |= float_flag_input_denormal;
2402 void HELPER(vfp_set_fpscr)(CPUARMState *env, uint32_t val)
2407 changed = env->vfp.xregs[ARM_VFP_FPSCR];
2408 env->vfp.xregs[ARM_VFP_FPSCR] = (val & 0xffc8ffff);
2409 env->vfp.vec_len = (val >> 16) & 7;
2410 env->vfp.vec_stride = (val >> 20) & 3;
2413 if (changed & (3 << 22)) {
2414 i = (val >> 22) & 3;
2417 i = float_round_nearest_even;
2423 i = float_round_down;
2426 i = float_round_to_zero;
2429 set_float_rounding_mode(i, &env->vfp.fp_status);
2431 if (changed & (1 << 24)) {
2432 set_flush_to_zero((val & (1 << 24)) != 0, &env->vfp.fp_status);
2433 set_flush_inputs_to_zero((val & (1 << 24)) != 0, &env->vfp.fp_status);
2435 if (changed & (1 << 25))
2436 set_default_nan_mode((val & (1 << 25)) != 0, &env->vfp.fp_status);
2438 i = vfp_exceptbits_to_host(val);
2439 set_float_exception_flags(i, &env->vfp.fp_status);
2440 set_float_exception_flags(0, &env->vfp.standard_fp_status);
2443 void vfp_set_fpscr(CPUARMState *env, uint32_t val)
2445 HELPER(vfp_set_fpscr)(env, val);
2448 #define VFP_HELPER(name, p) HELPER(glue(glue(vfp_,name),p))
2450 #define VFP_BINOP(name) \
2451 float32 VFP_HELPER(name, s)(float32 a, float32 b, void *fpstp) \
2453 float_status *fpst = fpstp; \
2454 return float32_ ## name(a, b, fpst); \
2456 float64 VFP_HELPER(name, d)(float64 a, float64 b, void *fpstp) \
2458 float_status *fpst = fpstp; \
2459 return float64_ ## name(a, b, fpst); \
2467 float32 VFP_HELPER(neg, s)(float32 a)
2469 return float32_chs(a);
2472 float64 VFP_HELPER(neg, d)(float64 a)
2474 return float64_chs(a);
2477 float32 VFP_HELPER(abs, s)(float32 a)
2479 return float32_abs(a);
2482 float64 VFP_HELPER(abs, d)(float64 a)
2484 return float64_abs(a);
2487 float32 VFP_HELPER(sqrt, s)(float32 a, CPUARMState *env)
2489 return float32_sqrt(a, &env->vfp.fp_status);
2492 float64 VFP_HELPER(sqrt, d)(float64 a, CPUARMState *env)
2494 return float64_sqrt(a, &env->vfp.fp_status);
2497 /* XXX: check quiet/signaling case */
2498 #define DO_VFP_cmp(p, type) \
2499 void VFP_HELPER(cmp, p)(type a, type b, CPUARMState *env) \
2502 switch(type ## _compare_quiet(a, b, &env->vfp.fp_status)) { \
2503 case 0: flags = 0x6; break; \
2504 case -1: flags = 0x8; break; \
2505 case 1: flags = 0x2; break; \
2506 default: case 2: flags = 0x3; break; \
2508 env->vfp.xregs[ARM_VFP_FPSCR] = (flags << 28) \
2509 | (env->vfp.xregs[ARM_VFP_FPSCR] & 0x0fffffff); \
2511 void VFP_HELPER(cmpe, p)(type a, type b, CPUARMState *env) \
2514 switch(type ## _compare(a, b, &env->vfp.fp_status)) { \
2515 case 0: flags = 0x6; break; \
2516 case -1: flags = 0x8; break; \
2517 case 1: flags = 0x2; break; \
2518 default: case 2: flags = 0x3; break; \
2520 env->vfp.xregs[ARM_VFP_FPSCR] = (flags << 28) \
2521 | (env->vfp.xregs[ARM_VFP_FPSCR] & 0x0fffffff); \
2523 DO_VFP_cmp(s, float32)
2524 DO_VFP_cmp(d, float64)
2527 /* Integer to float and float to integer conversions */
2529 #define CONV_ITOF(name, fsz, sign) \
2530 float##fsz HELPER(name)(uint32_t x, void *fpstp) \
2532 float_status *fpst = fpstp; \
2533 return sign##int32_to_##float##fsz((sign##int32_t)x, fpst); \
2536 #define CONV_FTOI(name, fsz, sign, round) \
2537 uint32_t HELPER(name)(float##fsz x, void *fpstp) \
2539 float_status *fpst = fpstp; \
2540 if (float##fsz##_is_any_nan(x)) { \
2541 float_raise(float_flag_invalid, fpst); \
2544 return float##fsz##_to_##sign##int32##round(x, fpst); \
2547 #define FLOAT_CONVS(name, p, fsz, sign) \
2548 CONV_ITOF(vfp_##name##to##p, fsz, sign) \
2549 CONV_FTOI(vfp_to##name##p, fsz, sign, ) \
2550 CONV_FTOI(vfp_to##name##z##p, fsz, sign, _round_to_zero)
2552 FLOAT_CONVS(si, s, 32, )
2553 FLOAT_CONVS(si, d, 64, )
2554 FLOAT_CONVS(ui, s, 32, u)
2555 FLOAT_CONVS(ui, d, 64, u)
2561 /* floating point conversion */
2562 float64 VFP_HELPER(fcvtd, s)(float32 x, CPUARMState *env)
2564 float64 r = float32_to_float64(x, &env->vfp.fp_status);
2565 /* ARM requires that S<->D conversion of any kind of NaN generates
2566 * a quiet NaN by forcing the most significant frac bit to 1.
2568 return float64_maybe_silence_nan(r);
2571 float32 VFP_HELPER(fcvts, d)(float64 x, CPUARMState *env)
2573 float32 r = float64_to_float32(x, &env->vfp.fp_status);
2574 /* ARM requires that S<->D conversion of any kind of NaN generates
2575 * a quiet NaN by forcing the most significant frac bit to 1.
2577 return float32_maybe_silence_nan(r);
2580 /* VFP3 fixed point conversion. */
2581 #define VFP_CONV_FIX(name, p, fsz, itype, sign) \
2582 float##fsz HELPER(vfp_##name##to##p)(uint##fsz##_t x, uint32_t shift, \
2585 float_status *fpst = fpstp; \
2587 tmp = sign##int32_to_##float##fsz((itype##_t)x, fpst); \
2588 return float##fsz##_scalbn(tmp, -(int)shift, fpst); \
2590 uint##fsz##_t HELPER(vfp_to##name##p)(float##fsz x, uint32_t shift, \
2593 float_status *fpst = fpstp; \
2595 if (float##fsz##_is_any_nan(x)) { \
2596 float_raise(float_flag_invalid, fpst); \
2599 tmp = float##fsz##_scalbn(x, shift, fpst); \
2600 return float##fsz##_to_##itype##_round_to_zero(tmp, fpst); \
2603 VFP_CONV_FIX(sh, d, 64, int16, )
2604 VFP_CONV_FIX(sl, d, 64, int32, )
2605 VFP_CONV_FIX(uh, d, 64, uint16, u)
2606 VFP_CONV_FIX(ul, d, 64, uint32, u)
2607 VFP_CONV_FIX(sh, s, 32, int16, )
2608 VFP_CONV_FIX(sl, s, 32, int32, )
2609 VFP_CONV_FIX(uh, s, 32, uint16, u)
2610 VFP_CONV_FIX(ul, s, 32, uint32, u)
2613 /* Half precision conversions. */
2614 static float32 do_fcvt_f16_to_f32(uint32_t a, CPUARMState *env, float_status *s)
2616 int ieee = (env->vfp.xregs[ARM_VFP_FPSCR] & (1 << 26)) == 0;
2617 float32 r = float16_to_float32(make_float16(a), ieee, s);
2619 return float32_maybe_silence_nan(r);
2624 static uint32_t do_fcvt_f32_to_f16(float32 a, CPUARMState *env, float_status *s)
2626 int ieee = (env->vfp.xregs[ARM_VFP_FPSCR] & (1 << 26)) == 0;
2627 float16 r = float32_to_float16(a, ieee, s);
2629 r = float16_maybe_silence_nan(r);
2631 return float16_val(r);
2634 float32 HELPER(neon_fcvt_f16_to_f32)(uint32_t a, CPUARMState *env)
2636 return do_fcvt_f16_to_f32(a, env, &env->vfp.standard_fp_status);
2639 uint32_t HELPER(neon_fcvt_f32_to_f16)(float32 a, CPUARMState *env)
2641 return do_fcvt_f32_to_f16(a, env, &env->vfp.standard_fp_status);
2644 float32 HELPER(vfp_fcvt_f16_to_f32)(uint32_t a, CPUARMState *env)
2646 return do_fcvt_f16_to_f32(a, env, &env->vfp.fp_status);
2649 uint32_t HELPER(vfp_fcvt_f32_to_f16)(float32 a, CPUARMState *env)
2651 return do_fcvt_f32_to_f16(a, env, &env->vfp.fp_status);
2654 #define float32_two make_float32(0x40000000)
2655 #define float32_three make_float32(0x40400000)
2656 #define float32_one_point_five make_float32(0x3fc00000)
2658 float32 HELPER(recps_f32)(float32 a, float32 b, CPUARMState *env)
2660 float_status *s = &env->vfp.standard_fp_status;
2661 if ((float32_is_infinity(a) && float32_is_zero_or_denormal(b)) ||
2662 (float32_is_infinity(b) && float32_is_zero_or_denormal(a))) {
2663 if (!(float32_is_zero(a) || float32_is_zero(b))) {
2664 float_raise(float_flag_input_denormal, s);
2668 return float32_sub(float32_two, float32_mul(a, b, s), s);
2671 float32 HELPER(rsqrts_f32)(float32 a, float32 b, CPUARMState *env)
2673 float_status *s = &env->vfp.standard_fp_status;
2675 if ((float32_is_infinity(a) && float32_is_zero_or_denormal(b)) ||
2676 (float32_is_infinity(b) && float32_is_zero_or_denormal(a))) {
2677 if (!(float32_is_zero(a) || float32_is_zero(b))) {
2678 float_raise(float_flag_input_denormal, s);
2680 return float32_one_point_five;
2682 product = float32_mul(a, b, s);
2683 return float32_div(float32_sub(float32_three, product, s), float32_two, s);
2688 /* Constants 256 and 512 are used in some helpers; we avoid relying on
2689 * int->float conversions at run-time. */
2690 #define float64_256 make_float64(0x4070000000000000LL)
2691 #define float64_512 make_float64(0x4080000000000000LL)
2693 /* The algorithm that must be used to calculate the estimate
2694 * is specified by the ARM ARM.
2696 static float64 recip_estimate(float64 a, CPUARMState *env)
2698 /* These calculations mustn't set any fp exception flags,
2699 * so we use a local copy of the fp_status.
2701 float_status dummy_status = env->vfp.standard_fp_status;
2702 float_status *s = &dummy_status;
2703 /* q = (int)(a * 512.0) */
2704 float64 q = float64_mul(float64_512, a, s);
2705 int64_t q_int = float64_to_int64_round_to_zero(q, s);
2707 /* r = 1.0 / (((double)q + 0.5) / 512.0) */
2708 q = int64_to_float64(q_int, s);
2709 q = float64_add(q, float64_half, s);
2710 q = float64_div(q, float64_512, s);
2711 q = float64_div(float64_one, q, s);
2713 /* s = (int)(256.0 * r + 0.5) */
2714 q = float64_mul(q, float64_256, s);
2715 q = float64_add(q, float64_half, s);
2716 q_int = float64_to_int64_round_to_zero(q, s);
2718 /* return (double)s / 256.0 */
2719 return float64_div(int64_to_float64(q_int, s), float64_256, s);
2722 float32 HELPER(recpe_f32)(float32 a, CPUARMState *env)
2724 float_status *s = &env->vfp.standard_fp_status;
2726 uint32_t val32 = float32_val(a);
2729 int a_exp = (val32 & 0x7f800000) >> 23;
2730 int sign = val32 & 0x80000000;
2732 if (float32_is_any_nan(a)) {
2733 if (float32_is_signaling_nan(a)) {
2734 float_raise(float_flag_invalid, s);
2736 return float32_default_nan;
2737 } else if (float32_is_infinity(a)) {
2738 return float32_set_sign(float32_zero, float32_is_neg(a));
2739 } else if (float32_is_zero_or_denormal(a)) {
2740 if (!float32_is_zero(a)) {
2741 float_raise(float_flag_input_denormal, s);
2743 float_raise(float_flag_divbyzero, s);
2744 return float32_set_sign(float32_infinity, float32_is_neg(a));
2745 } else if (a_exp >= 253) {
2746 float_raise(float_flag_underflow, s);
2747 return float32_set_sign(float32_zero, float32_is_neg(a));
2750 f64 = make_float64((0x3feULL << 52)
2751 | ((int64_t)(val32 & 0x7fffff) << 29));
2753 result_exp = 253 - a_exp;
2755 f64 = recip_estimate(f64, env);
2758 | ((result_exp & 0xff) << 23)
2759 | ((float64_val(f64) >> 29) & 0x7fffff);
2760 return make_float32(val32);
2763 /* The algorithm that must be used to calculate the estimate
2764 * is specified by the ARM ARM.
2766 static float64 recip_sqrt_estimate(float64 a, CPUARMState *env)
2768 /* These calculations mustn't set any fp exception flags,
2769 * so we use a local copy of the fp_status.
2771 float_status dummy_status = env->vfp.standard_fp_status;
2772 float_status *s = &dummy_status;
2776 if (float64_lt(a, float64_half, s)) {
2777 /* range 0.25 <= a < 0.5 */
2779 /* a in units of 1/512 rounded down */
2780 /* q0 = (int)(a * 512.0); */
2781 q = float64_mul(float64_512, a, s);
2782 q_int = float64_to_int64_round_to_zero(q, s);
2784 /* reciprocal root r */
2785 /* r = 1.0 / sqrt(((double)q0 + 0.5) / 512.0); */
2786 q = int64_to_float64(q_int, s);
2787 q = float64_add(q, float64_half, s);
2788 q = float64_div(q, float64_512, s);
2789 q = float64_sqrt(q, s);
2790 q = float64_div(float64_one, q, s);
2792 /* range 0.5 <= a < 1.0 */
2794 /* a in units of 1/256 rounded down */
2795 /* q1 = (int)(a * 256.0); */
2796 q = float64_mul(float64_256, a, s);
2797 int64_t q_int = float64_to_int64_round_to_zero(q, s);
2799 /* reciprocal root r */
2800 /* r = 1.0 /sqrt(((double)q1 + 0.5) / 256); */
2801 q = int64_to_float64(q_int, s);
2802 q = float64_add(q, float64_half, s);
2803 q = float64_div(q, float64_256, s);
2804 q = float64_sqrt(q, s);
2805 q = float64_div(float64_one, q, s);
2807 /* r in units of 1/256 rounded to nearest */
2808 /* s = (int)(256.0 * r + 0.5); */
2810 q = float64_mul(q, float64_256,s );
2811 q = float64_add(q, float64_half, s);
2812 q_int = float64_to_int64_round_to_zero(q, s);
2814 /* return (double)s / 256.0;*/
2815 return float64_div(int64_to_float64(q_int, s), float64_256, s);
2818 float32 HELPER(rsqrte_f32)(float32 a, CPUARMState *env)
2820 float_status *s = &env->vfp.standard_fp_status;
2826 val = float32_val(a);
2828 if (float32_is_any_nan(a)) {
2829 if (float32_is_signaling_nan(a)) {
2830 float_raise(float_flag_invalid, s);
2832 return float32_default_nan;
2833 } else if (float32_is_zero_or_denormal(a)) {
2834 if (!float32_is_zero(a)) {
2835 float_raise(float_flag_input_denormal, s);
2837 float_raise(float_flag_divbyzero, s);
2838 return float32_set_sign(float32_infinity, float32_is_neg(a));
2839 } else if (float32_is_neg(a)) {
2840 float_raise(float_flag_invalid, s);
2841 return float32_default_nan;
2842 } else if (float32_is_infinity(a)) {
2843 return float32_zero;
2846 /* Normalize to a double-precision value between 0.25 and 1.0,
2847 * preserving the parity of the exponent. */
2848 if ((val & 0x800000) == 0) {
2849 f64 = make_float64(((uint64_t)(val & 0x80000000) << 32)
2851 | ((uint64_t)(val & 0x7fffff) << 29));
2853 f64 = make_float64(((uint64_t)(val & 0x80000000) << 32)
2855 | ((uint64_t)(val & 0x7fffff) << 29));
2858 result_exp = (380 - ((val & 0x7f800000) >> 23)) / 2;
2860 f64 = recip_sqrt_estimate(f64, env);
2862 val64 = float64_val(f64);
2864 val = ((result_exp & 0xff) << 23)
2865 | ((val64 >> 29) & 0x7fffff);
2866 return make_float32(val);
2869 uint32_t HELPER(recpe_u32)(uint32_t a, CPUARMState *env)
2873 if ((a & 0x80000000) == 0) {
2877 f64 = make_float64((0x3feULL << 52)
2878 | ((int64_t)(a & 0x7fffffff) << 21));
2880 f64 = recip_estimate (f64, env);
2882 return 0x80000000 | ((float64_val(f64) >> 21) & 0x7fffffff);
2885 uint32_t HELPER(rsqrte_u32)(uint32_t a, CPUARMState *env)
2889 if ((a & 0xc0000000) == 0) {
2893 if (a & 0x80000000) {
2894 f64 = make_float64((0x3feULL << 52)
2895 | ((uint64_t)(a & 0x7fffffff) << 21));
2896 } else { /* bits 31-30 == '01' */
2897 f64 = make_float64((0x3fdULL << 52)
2898 | ((uint64_t)(a & 0x3fffffff) << 22));
2901 f64 = recip_sqrt_estimate(f64, env);
2903 return 0x80000000 | ((float64_val(f64) >> 21) & 0x7fffffff);
2906 /* VFPv4 fused multiply-accumulate */
2907 float32 VFP_HELPER(muladd, s)(float32 a, float32 b, float32 c, void *fpstp)
2909 float_status *fpst = fpstp;
2910 return float32_muladd(a, b, c, 0, fpst);
2913 float64 VFP_HELPER(muladd, d)(float64 a, float64 b, float64 c, void *fpstp)
2915 float_status *fpst = fpstp;
2916 return float64_muladd(a, b, c, 0, fpst);
2919 void HELPER(set_teecr)(CPUARMState *env, uint32_t val)
2922 if (env->teecr != val) {
projects / qemu.git / blob