4
* Copyright (c) 2005 Samuel Tardieu
6
* This library is free software; you can redistribute it and/or
7
* modify it under the terms of the GNU Lesser General Public
8
* License as published by the Free Software Foundation; either
9
* version 2 of the License, or (at your option) any later version.
11
* This library is distributed in the hope that it will be useful,
12
* but WITHOUT ANY WARRANTY; without even the implied warranty of
13
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14
* Lesser General Public License for more details.
16
* You should have received a copy of the GNU Lesser General Public
17
* License along with this library; if not, see <http://www.gnu.org/licenses/>.
19
#include "qemu/osdep.h"
22
#include "exec/exec-all.h"
25
#if !defined(CONFIG_USER_ONLY)
26
#include "hw/sh4/sh_intc.h"
29
#if defined(CONFIG_USER_ONLY)
31
void superh_cpu_do_interrupt(CPUState *cs)
33
cs->exception_index = -1;
36
int superh_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int rw,
39
SuperHCPU *cpu = SUPERH_CPU(cs);
40
CPUSH4State *env = &cpu->env;
43
cs->exception_index = -1;
46
cs->exception_index = 0x0a0;
49
cs->exception_index = 0x0c0;
52
cs->exception_index = 0x0a0;
58
int cpu_sh4_is_cached(CPUSH4State * env, target_ulong addr)
60
/* For user mode, only U0 area is cacheable. */
61
return !(addr & 0x80000000);
64
#else /* !CONFIG_USER_ONLY */
67
#define MMU_ITLB_MISS (-1)
68
#define MMU_ITLB_MULTIPLE (-2)
69
#define MMU_ITLB_VIOLATION (-3)
70
#define MMU_DTLB_MISS_READ (-4)
71
#define MMU_DTLB_MISS_WRITE (-5)
72
#define MMU_DTLB_INITIAL_WRITE (-6)
73
#define MMU_DTLB_VIOLATION_READ (-7)
74
#define MMU_DTLB_VIOLATION_WRITE (-8)
75
#define MMU_DTLB_MULTIPLE (-9)
76
#define MMU_DTLB_MISS (-10)
77
#define MMU_IADDR_ERROR (-11)
78
#define MMU_DADDR_ERROR_READ (-12)
79
#define MMU_DADDR_ERROR_WRITE (-13)
81
void superh_cpu_do_interrupt(CPUState *cs)
83
SuperHCPU *cpu = SUPERH_CPU(cs);
84
CPUSH4State *env = &cpu->env;
85
int do_irq = cs->interrupt_request & CPU_INTERRUPT_HARD;
86
int do_exp, irq_vector = cs->exception_index;
88
/* prioritize exceptions over interrupts */
90
do_exp = cs->exception_index != -1;
91
do_irq = do_irq && (cs->exception_index == -1);
93
if (env->sr & (1u << SR_BL)) {
94
if (do_exp && cs->exception_index != 0x1e0) {
95
cs->exception_index = 0x000; /* masked exception -> reset */
97
if (do_irq && !env->in_sleep) {
104
irq_vector = sh_intc_get_pending_vector(env->intc_handle,
105
(env->sr >> 4) & 0xf);
106
if (irq_vector == -1) {
111
if (qemu_loglevel_mask(CPU_LOG_INT)) {
113
switch (cs->exception_index) {
115
expname = "addr_error";
118
expname = "tlb_miss";
121
expname = "tlb_violation";
124
expname = "illegal_instruction";
127
expname = "slot_illegal_instruction";
130
expname = "fpu_disable";
133
expname = "slot_fpu";
136
expname = "data_write";
139
expname = "dtlb_miss_write";
142
expname = "dtlb_violation_write";
145
expname = "fpu_exception";
148
expname = "initial_page_write";
154
expname = do_irq ? "interrupt" : "???";
157
qemu_log("exception 0x%03x [%s] raised\n",
158
irq_vector, expname);
159
log_cpu_state(cs, 0);
162
env->ssr = cpu_read_sr(env);
164
env->sgr = env->gregs[15];
165
env->sr |= (1u << SR_BL) | (1u << SR_MD) | (1u << SR_RB);
167
if (env->flags & (DELAY_SLOT | DELAY_SLOT_CONDITIONAL)) {
168
/* Branch instruction should be executed again before delay slot. */
170
/* Clear flags for exception/interrupt routine. */
171
env->flags &= ~(DELAY_SLOT | DELAY_SLOT_CONDITIONAL | DELAY_SLOT_TRUE);
173
if (env->flags & DELAY_SLOT_CLEARME)
177
env->expevt = cs->exception_index;
178
switch (cs->exception_index) {
182
env->sr &= ~(1u << SR_FD);
183
env->sr |= 0xf << 4; /* IMASK */
184
env->pc = 0xa0000000;
188
env->pc = env->vbr + 0x400;
191
env->spc += 2; /* special case for TRAPA */
194
env->pc = env->vbr + 0x100;
201
env->intevt = irq_vector;
202
env->pc = env->vbr + 0x600;
207
static void update_itlb_use(CPUSH4State * env, int itlbnb)
209
uint8_t or_mask = 0, and_mask = (uint8_t) - 1;
228
env->mmucr &= (and_mask << 24) | 0x00ffffff;
229
env->mmucr |= (or_mask << 24);
232
static int itlb_replacement(CPUSH4State * env)
234
SuperHCPU *cpu = sh_env_get_cpu(env);
236
if ((env->mmucr & 0xe0000000) == 0xe0000000) {
239
if ((env->mmucr & 0x98000000) == 0x18000000) {
242
if ((env->mmucr & 0x54000000) == 0x04000000) {
245
if ((env->mmucr & 0x2c000000) == 0x00000000) {
248
cpu_abort(CPU(cpu), "Unhandled itlb_replacement");
251
/* Find the corresponding entry in the right TLB
252
Return entry, MMU_DTLB_MISS or MMU_DTLB_MULTIPLE
254
static int find_tlb_entry(CPUSH4State * env, target_ulong address,
255
tlb_t * entries, uint8_t nbtlb, int use_asid)
257
int match = MMU_DTLB_MISS;
262
asid = env->pteh & 0xff;
264
for (i = 0; i < nbtlb; i++) {
266
continue; /* Invalid entry */
267
if (!entries[i].sh && use_asid && entries[i].asid != asid)
268
continue; /* Bad ASID */
269
start = (entries[i].vpn << 10) & ~(entries[i].size - 1);
270
end = start + entries[i].size - 1;
271
if (address >= start && address <= end) { /* Match */
272
if (match != MMU_DTLB_MISS)
273
return MMU_DTLB_MULTIPLE; /* Multiple match */
280
static void increment_urc(CPUSH4State * env)
285
urb = ((env->mmucr) >> 18) & 0x3f;
286
urc = ((env->mmucr) >> 10) & 0x3f;
288
if ((urb > 0 && urc > urb) || urc > (UTLB_SIZE - 1))
290
env->mmucr = (env->mmucr & 0xffff03ff) | (urc << 10);
293
/* Copy and utlb entry into itlb
296
static int copy_utlb_entry_itlb(CPUSH4State *env, int utlb)
301
itlb = itlb_replacement(env);
302
ientry = &env->itlb[itlb];
304
tlb_flush_page(CPU(sh_env_get_cpu(env)), ientry->vpn << 10);
306
*ientry = env->utlb[utlb];
307
update_itlb_use(env, itlb);
312
Return entry, MMU_ITLB_MISS, MMU_ITLB_MULTIPLE or MMU_DTLB_MULTIPLE
314
static int find_itlb_entry(CPUSH4State * env, target_ulong address,
319
e = find_tlb_entry(env, address, env->itlb, ITLB_SIZE, use_asid);
320
if (e == MMU_DTLB_MULTIPLE) {
321
e = MMU_ITLB_MULTIPLE;
322
} else if (e == MMU_DTLB_MISS) {
325
update_itlb_use(env, e);
331
Return entry, MMU_DTLB_MISS, MMU_DTLB_MULTIPLE */
332
static int find_utlb_entry(CPUSH4State * env, target_ulong address, int use_asid)
334
/* per utlb access */
338
return find_tlb_entry(env, address, env->utlb, UTLB_SIZE, use_asid);
341
/* Match address against MMU
342
Return MMU_OK, MMU_DTLB_MISS_READ, MMU_DTLB_MISS_WRITE,
343
MMU_DTLB_INITIAL_WRITE, MMU_DTLB_VIOLATION_READ,
344
MMU_DTLB_VIOLATION_WRITE, MMU_ITLB_MISS,
345
MMU_ITLB_MULTIPLE, MMU_ITLB_VIOLATION,
346
MMU_IADDR_ERROR, MMU_DADDR_ERROR_READ, MMU_DADDR_ERROR_WRITE.
348
static int get_mmu_address(CPUSH4State * env, target_ulong * physical,
349
int *prot, target_ulong address,
350
int rw, int access_type)
353
tlb_t *matching = NULL;
355
use_asid = !(env->mmucr & MMUCR_SV) || !(env->sr & (1u << SR_MD));
358
n = find_itlb_entry(env, address, use_asid);
360
matching = &env->itlb[n];
361
if (!(env->sr & (1u << SR_MD)) && !(matching->pr & 2)) {
362
n = MMU_ITLB_VIOLATION;
367
n = find_utlb_entry(env, address, use_asid);
369
n = copy_utlb_entry_itlb(env, n);
370
matching = &env->itlb[n];
371
if (!(env->sr & (1u << SR_MD)) && !(matching->pr & 2)) {
372
n = MMU_ITLB_VIOLATION;
374
*prot = PAGE_READ | PAGE_EXEC;
375
if ((matching->pr & 1) && matching->d) {
379
} else if (n == MMU_DTLB_MULTIPLE) {
380
n = MMU_ITLB_MULTIPLE;
381
} else if (n == MMU_DTLB_MISS) {
386
n = find_utlb_entry(env, address, use_asid);
388
matching = &env->utlb[n];
389
if (!(env->sr & (1u << SR_MD)) && !(matching->pr & 2)) {
390
n = (rw == 1) ? MMU_DTLB_VIOLATION_WRITE :
391
MMU_DTLB_VIOLATION_READ;
392
} else if ((rw == 1) && !(matching->pr & 1)) {
393
n = MMU_DTLB_VIOLATION_WRITE;
394
} else if ((rw == 1) && !matching->d) {
395
n = MMU_DTLB_INITIAL_WRITE;
398
if ((matching->pr & 1) && matching->d) {
402
} else if (n == MMU_DTLB_MISS) {
403
n = (rw == 1) ? MMU_DTLB_MISS_WRITE :
409
*physical = ((matching->ppn << 10) & ~(matching->size - 1)) |
410
(address & (matching->size - 1));
415
static int get_physical_address(CPUSH4State * env, target_ulong * physical,
416
int *prot, target_ulong address,
417
int rw, int access_type)
419
/* P1, P2 and P4 areas do not use translation */
420
if ((address >= 0x80000000 && address < 0xc0000000) ||
421
address >= 0xe0000000) {
422
if (!(env->sr & (1u << SR_MD))
423
&& (address < 0xe0000000 || address >= 0xe4000000)) {
424
/* Unauthorized access in user mode (only store queues are available) */
425
fprintf(stderr, "Unauthorized access\n");
427
return MMU_DADDR_ERROR_READ;
429
return MMU_DADDR_ERROR_WRITE;
431
return MMU_IADDR_ERROR;
433
if (address >= 0x80000000 && address < 0xc0000000) {
434
/* Mask upper 3 bits for P1 and P2 areas */
435
*physical = address & 0x1fffffff;
439
*prot = PAGE_READ | PAGE_WRITE | PAGE_EXEC;
443
/* If MMU is disabled, return the corresponding physical page */
444
if (!(env->mmucr & MMUCR_AT)) {
445
*physical = address & 0x1FFFFFFF;
446
*prot = PAGE_READ | PAGE_WRITE | PAGE_EXEC;
450
/* We need to resort to the MMU */
451
return get_mmu_address(env, physical, prot, address, rw, access_type);
454
int superh_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int rw,
457
SuperHCPU *cpu = SUPERH_CPU(cs);
458
CPUSH4State *env = &cpu->env;
459
target_ulong physical;
460
int prot, ret, access_type;
462
access_type = ACCESS_INT;
464
get_physical_address(env, &physical, &prot, address, rw,
469
if (ret != MMU_DTLB_MULTIPLE && ret != MMU_ITLB_MULTIPLE) {
470
env->pteh = (env->pteh & PTEH_ASID_MASK) |
471
(address & PTEH_VPN_MASK);
475
case MMU_DTLB_MISS_READ:
476
cs->exception_index = 0x040;
478
case MMU_DTLB_MULTIPLE:
479
case MMU_ITLB_MULTIPLE:
480
cs->exception_index = 0x140;
482
case MMU_ITLB_VIOLATION:
483
cs->exception_index = 0x0a0;
485
case MMU_DTLB_MISS_WRITE:
486
cs->exception_index = 0x060;
488
case MMU_DTLB_INITIAL_WRITE:
489
cs->exception_index = 0x080;
491
case MMU_DTLB_VIOLATION_READ:
492
cs->exception_index = 0x0a0;
494
case MMU_DTLB_VIOLATION_WRITE:
495
cs->exception_index = 0x0c0;
497
case MMU_IADDR_ERROR:
498
case MMU_DADDR_ERROR_READ:
499
cs->exception_index = 0x0e0;
501
case MMU_DADDR_ERROR_WRITE:
502
cs->exception_index = 0x100;
505
cpu_abort(cs, "Unhandled MMU fault");
510
address &= TARGET_PAGE_MASK;
511
physical &= TARGET_PAGE_MASK;
513
tlb_set_page(cs, address, physical, prot, mmu_idx, TARGET_PAGE_SIZE);
517
hwaddr superh_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
519
SuperHCPU *cpu = SUPERH_CPU(cs);
520
target_ulong physical;
523
get_physical_address(&cpu->env, &physical, &prot, addr, 0, 0);
527
void cpu_load_tlb(CPUSH4State * env)
529
SuperHCPU *cpu = sh_env_get_cpu(env);
530
int n = cpu_mmucr_urc(env->mmucr);
531
tlb_t * entry = &env->utlb[n];
534
/* Overwriting valid entry in utlb. */
535
target_ulong address = entry->vpn << 10;
536
tlb_flush_page(CPU(cpu), address);
539
/* Take values into cpu status from registers. */
540
entry->asid = (uint8_t)cpu_pteh_asid(env->pteh);
541
entry->vpn = cpu_pteh_vpn(env->pteh);
542
entry->v = (uint8_t)cpu_ptel_v(env->ptel);
543
entry->ppn = cpu_ptel_ppn(env->ptel);
544
entry->sz = (uint8_t)cpu_ptel_sz(env->ptel);
547
entry->size = 1024; /* 1K */
550
entry->size = 1024 * 4; /* 4K */
553
entry->size = 1024 * 64; /* 64K */
556
entry->size = 1024 * 1024; /* 1M */
559
cpu_abort(CPU(cpu), "Unhandled load_tlb");
562
entry->sh = (uint8_t)cpu_ptel_sh(env->ptel);
563
entry->c = (uint8_t)cpu_ptel_c(env->ptel);
564
entry->pr = (uint8_t)cpu_ptel_pr(env->ptel);
565
entry->d = (uint8_t)cpu_ptel_d(env->ptel);
566
entry->wt = (uint8_t)cpu_ptel_wt(env->ptel);
567
entry->sa = (uint8_t)cpu_ptea_sa(env->ptea);
568
entry->tc = (uint8_t)cpu_ptea_tc(env->ptea);
571
void cpu_sh4_invalidate_tlb(CPUSH4State *s)
576
for (i = 0; i < UTLB_SIZE; i++) {
577
tlb_t * entry = &s->utlb[i];
581
for (i = 0; i < ITLB_SIZE; i++) {
582
tlb_t * entry = &s->itlb[i];
586
tlb_flush(CPU(sh_env_get_cpu(s)));
589
uint32_t cpu_sh4_read_mmaped_itlb_addr(CPUSH4State *s,
592
int index = (addr & 0x00000300) >> 8;
593
tlb_t * entry = &s->itlb[index];
595
return (entry->vpn << 10) |
600
void cpu_sh4_write_mmaped_itlb_addr(CPUSH4State *s, hwaddr addr,
603
uint32_t vpn = (mem_value & 0xfffffc00) >> 10;
604
uint8_t v = (uint8_t)((mem_value & 0x00000100) >> 8);
605
uint8_t asid = (uint8_t)(mem_value & 0x000000ff);
607
int index = (addr & 0x00000300) >> 8;
608
tlb_t * entry = &s->itlb[index];
610
/* Overwriting valid entry in itlb. */
611
target_ulong address = entry->vpn << 10;
612
tlb_flush_page(CPU(sh_env_get_cpu(s)), address);
619
uint32_t cpu_sh4_read_mmaped_itlb_data(CPUSH4State *s,
622
int array = (addr & 0x00800000) >> 23;
623
int index = (addr & 0x00000300) >> 8;
624
tlb_t * entry = &s->itlb[index];
627
/* ITLB Data Array 1 */
628
return (entry->ppn << 10) |
631
((entry->sz & 1) << 6) |
632
((entry->sz & 2) << 4) |
636
/* ITLB Data Array 2 */
637
return (entry->tc << 1) |
642
void cpu_sh4_write_mmaped_itlb_data(CPUSH4State *s, hwaddr addr,
645
int array = (addr & 0x00800000) >> 23;
646
int index = (addr & 0x00000300) >> 8;
647
tlb_t * entry = &s->itlb[index];
650
/* ITLB Data Array 1 */
652
/* Overwriting valid entry in utlb. */
653
target_ulong address = entry->vpn << 10;
654
tlb_flush_page(CPU(sh_env_get_cpu(s)), address);
656
entry->ppn = (mem_value & 0x1ffffc00) >> 10;
657
entry->v = (mem_value & 0x00000100) >> 8;
658
entry->sz = (mem_value & 0x00000080) >> 6 |
659
(mem_value & 0x00000010) >> 4;
660
entry->pr = (mem_value & 0x00000040) >> 5;
661
entry->c = (mem_value & 0x00000008) >> 3;
662
entry->sh = (mem_value & 0x00000002) >> 1;
664
/* ITLB Data Array 2 */
665
entry->tc = (mem_value & 0x00000008) >> 3;
666
entry->sa = (mem_value & 0x00000007);
670
uint32_t cpu_sh4_read_mmaped_utlb_addr(CPUSH4State *s,
673
int index = (addr & 0x00003f00) >> 8;
674
tlb_t * entry = &s->utlb[index];
676
increment_urc(s); /* per utlb access */
678
return (entry->vpn << 10) |
683
void cpu_sh4_write_mmaped_utlb_addr(CPUSH4State *s, hwaddr addr,
686
int associate = addr & 0x0000080;
687
uint32_t vpn = (mem_value & 0xfffffc00) >> 10;
688
uint8_t d = (uint8_t)((mem_value & 0x00000200) >> 9);
689
uint8_t v = (uint8_t)((mem_value & 0x00000100) >> 8);
690
uint8_t asid = (uint8_t)(mem_value & 0x000000ff);
691
int use_asid = !(s->mmucr & MMUCR_SV) || !(s->sr & (1u << SR_MD));
695
tlb_t * utlb_match_entry = NULL;
696
int needs_tlb_flush = 0;
699
for (i = 0; i < UTLB_SIZE; i++) {
700
tlb_t * entry = &s->utlb[i];
704
if (entry->vpn == vpn
705
&& (!use_asid || entry->asid == asid || entry->sh)) {
706
if (utlb_match_entry) {
707
CPUState *cs = CPU(sh_env_get_cpu(s));
709
/* Multiple TLB Exception */
710
cs->exception_index = 0x140;
718
utlb_match_entry = entry;
720
increment_urc(s); /* per utlb access */
724
for (i = 0; i < ITLB_SIZE; i++) {
725
tlb_t * entry = &s->itlb[i];
726
if (entry->vpn == vpn
727
&& (!use_asid || entry->asid == asid || entry->sh)) {
730
if (utlb_match_entry)
731
*entry = *utlb_match_entry;
738
if (needs_tlb_flush) {
739
tlb_flush_page(CPU(sh_env_get_cpu(s)), vpn << 10);
743
int index = (addr & 0x00003f00) >> 8;
744
tlb_t * entry = &s->utlb[index];
746
CPUState *cs = CPU(sh_env_get_cpu(s));
748
/* Overwriting valid entry in utlb. */
749
target_ulong address = entry->vpn << 10;
750
tlb_flush_page(cs, address);
760
uint32_t cpu_sh4_read_mmaped_utlb_data(CPUSH4State *s,
763
int array = (addr & 0x00800000) >> 23;
764
int index = (addr & 0x00003f00) >> 8;
765
tlb_t * entry = &s->utlb[index];
767
increment_urc(s); /* per utlb access */
770
/* ITLB Data Array 1 */
771
return (entry->ppn << 10) |
774
((entry->sz & 1) << 6) |
775
((entry->sz & 2) << 4) |
781
/* ITLB Data Array 2 */
782
return (entry->tc << 1) |
787
void cpu_sh4_write_mmaped_utlb_data(CPUSH4State *s, hwaddr addr,
790
int array = (addr & 0x00800000) >> 23;
791
int index = (addr & 0x00003f00) >> 8;
792
tlb_t * entry = &s->utlb[index];
794
increment_urc(s); /* per utlb access */
797
/* UTLB Data Array 1 */
799
/* Overwriting valid entry in utlb. */
800
target_ulong address = entry->vpn << 10;
801
tlb_flush_page(CPU(sh_env_get_cpu(s)), address);
803
entry->ppn = (mem_value & 0x1ffffc00) >> 10;
804
entry->v = (mem_value & 0x00000100) >> 8;
805
entry->sz = (mem_value & 0x00000080) >> 6 |
806
(mem_value & 0x00000010) >> 4;
807
entry->pr = (mem_value & 0x00000060) >> 5;
808
entry->c = (mem_value & 0x00000008) >> 3;
809
entry->d = (mem_value & 0x00000004) >> 2;
810
entry->sh = (mem_value & 0x00000002) >> 1;
811
entry->wt = (mem_value & 0x00000001);
813
/* UTLB Data Array 2 */
814
entry->tc = (mem_value & 0x00000008) >> 3;
815
entry->sa = (mem_value & 0x00000007);
819
int cpu_sh4_is_cached(CPUSH4State * env, target_ulong addr)
822
int use_asid = !(env->mmucr & MMUCR_SV) || !(env->sr & (1u << SR_MD));
825
if (env->sr & (1u << SR_MD)) {
826
/* For privileged mode, P2 and P4 area is not cacheable. */
827
if ((0xA0000000 <= addr && addr < 0xC0000000) || 0xE0000000 <= addr)
830
/* For user mode, only U0 area is cacheable. */
831
if (0x80000000 <= addr)
836
* TODO : Evaluate CCR and check if the cache is on or off.
837
* Now CCR is not in CPUSH4State, but in SH7750State.
838
* When you move the ccr into CPUSH4State, the code will be
842
/* check if operand cache is enabled or not. */
847
/* if MMU is off, no check for TLB. */
848
if (env->mmucr & MMUCR_AT)
852
n = find_tlb_entry(env, addr, env->itlb, ITLB_SIZE, use_asid);
854
return env->itlb[n].c;
856
n = find_tlb_entry(env, addr, env->utlb, UTLB_SIZE, use_asid);
858
return env->utlb[n].c;
865
bool superh_cpu_exec_interrupt(CPUState *cs, int interrupt_request)
867
if (interrupt_request & CPU_INTERRUPT_HARD) {
868
superh_cpu_do_interrupt(cs);