2 /* Simulator for the MIPS architecture.
4 This file is part of the MIPS sim
6 THIS SOFTWARE IS NOT COPYRIGHTED
8 Cygnus offers the following for use in the public domain. Cygnus
9 makes no warranty with regard to the software or it's performance
10 and the user accepts the software "AS IS" with all faults.
12 CYGNUS DISCLAIMS ANY WARRANTIES, EXPRESS OR IMPLIED, WITH REGARD TO
13 THIS SOFTWARE INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
14 MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
21 The IDT monitor (found on the VR4300 board), seems to lie about
22 register contents. It seems to treat the registers as sign-extended
23 32-bit values. This cause *REAL* problems when single-stepping 64-bit
28 /* The TRACE manifests enable the provision of extra features. If they
29 are not defined then a simpler (quicker) simulator is constructed
30 without the required run-time checks, etc. */
31 #if 1 /* 0 to allow user build selection, 1 to force inclusion */
37 #include "sim-utils.h"
38 #include "sim-options.h"
39 #include "sim-assert.h"
41 /* start-sanitize-sky */
45 #include "sky-libvpe.h"
51 /* end-sanitize-sky */
73 #include "libiberty.h"
75 #include "callback.h" /* GDB simulator callback interface */
76 #include "remote-sim.h" /* GDB simulator interface */
84 char* pr_addr
PARAMS ((SIM_ADDR addr
));
85 char* pr_uword64
PARAMS ((uword64 addr
));
88 /* Get the simulator engine description, without including the code: */
95 /* Within interp.c we refer to the sim_state and sim_cpu directly. */
100 /* The following reserved instruction value is used when a simulator
101 trap is required. NOTE: Care must be taken, since this value may be
102 used in later revisions of the MIPS ISA. */
104 #define RSVD_INSTRUCTION (0x00000005)
105 #define RSVD_INSTRUCTION_MASK (0xFC00003F)
107 #define RSVD_INSTRUCTION_ARG_SHIFT 6
108 #define RSVD_INSTRUCTION_ARG_MASK 0xFFFFF
111 /* The following reserved instruction value is used when a simulator
112 halt is required. NOTE: Care must be taken, since this value may
113 be used in later revisions of the MIPS ISA. */
114 #define HALT_INSTRUCTION (0x03ff000d)
115 #define HALT_INSTRUCTION_MASK (0x03FFFFC0)
118 /* Bits in the Debug register */
119 #define Debug_DBD 0x80000000 /* Debug Branch Delay */
120 #define Debug_DM 0x40000000 /* Debug Mode */
121 #define Debug_DBp 0x00000002 /* Debug Breakpoint indicator */
127 /*---------------------------------------------------------------------------*/
128 /*-- GDB simulator interface ------------------------------------------------*/
129 /*---------------------------------------------------------------------------*/
131 static void ColdReset
PARAMS((SIM_DESC sd
));
133 /*---------------------------------------------------------------------------*/
137 #define DELAYSLOT() {\
138 if (STATE & simDELAYSLOT)\
139 sim_io_eprintf(sd,"Delay slot already activated (branch in delay slot?)\n");\
140 STATE |= simDELAYSLOT;\
143 #define JALDELAYSLOT() {\
145 STATE |= simJALDELAYSLOT;\
149 STATE &= ~simDELAYSLOT;\
150 STATE |= simSKIPNEXT;\
153 #define CANCELDELAYSLOT() {\
155 STATE &= ~(simDELAYSLOT | simJALDELAYSLOT);\
158 #define INDELAYSLOT() ((STATE & simDELAYSLOT) != 0)
159 #define INJALDELAYSLOT() ((STATE & simJALDELAYSLOT) != 0)
161 #define K0BASE (0x80000000)
162 #define K0SIZE (0x20000000)
163 #define K1BASE (0xA0000000)
164 #define K1SIZE (0x20000000)
165 #define MONITOR_BASE (0xBFC00000)
166 #define MONITOR_SIZE (1 << 11)
167 #define MEM_SIZE (2 << 20)
169 /* start-sanitize-sky */
172 #define MEM_SIZE (16 << 20) /* 16 MB */
174 /* end-sanitize-sky */
177 static char *tracefile
= "trace.din"; /* default filename for trace log */
178 FILE *tracefh
= NULL
;
179 static void open_trace
PARAMS((SIM_DESC sd
));
182 static DECLARE_OPTION_HANDLER (mips_option_handler
);
185 OPTION_DINERO_TRACE
= OPTION_START
,
187 /* start-sanitize-sky */
193 /* end-sanitize-sky */
197 mips_option_handler (sd
, cpu
, opt
, arg
, is_command
)
207 case OPTION_DINERO_TRACE
: /* ??? */
209 /* Eventually the simTRACE flag could be treated as a toggle, to
210 allow external control of the program points being traced
211 (i.e. only from main onwards, excluding the run-time setup,
213 for (cpu_nr
= 0; cpu_nr
< MAX_NR_PROCESSORS
; cpu_nr
++)
215 sim_cpu
*cpu
= STATE_CPU (sd
, cpu_nr
);
218 else if (strcmp (arg
, "yes") == 0)
220 else if (strcmp (arg
, "no") == 0)
222 else if (strcmp (arg
, "on") == 0)
224 else if (strcmp (arg
, "off") == 0)
228 fprintf (stderr
, "Unrecognized dinero-trace option `%s'\n", arg
);
235 Simulator constructed without dinero tracing support (for performance).\n\
236 Re-compile simulator with \"-DTRACE\" to enable this option.\n");
240 case OPTION_DINERO_FILE
:
242 if (optarg
!= NULL
) {
244 tmp
= (char *)malloc(strlen(optarg
) + 1);
247 sim_io_printf(sd
,"Failed to allocate buffer for tracefile name \"%s\"\n",optarg
);
253 sim_io_printf(sd
,"Placing trace information into file \"%s\"\n",tracefile
);
259 /* start-sanitize-sky */
262 case OPTION_FLOAT_TYPE
:
263 /* Use host (fast) or target (accurate) floating point implementation. */
264 if (arg
&& strcmp (arg
, "host") == 0)
265 STATE_FP_TYPE_OPT (sd
) &= ~STATE_FP_TYPE_OPT_TARGET
;
266 else if (arg
&& strcmp (arg
, "target") == 0)
267 STATE_FP_TYPE_OPT (sd
) |= STATE_FP_TYPE_OPT_TARGET
;
270 fprintf (stderr
, "Unrecognized float-type option `%s'\n", arg
);
273 /*printf ("float-type=0x%08x\n", STATE_FP_TYPE_OPT (sd));*/
277 /* end-sanitize-sky */
283 static const OPTION mips_options
[] =
285 { {"dinero-trace", optional_argument
, NULL
, OPTION_DINERO_TRACE
},
286 '\0', "on|off", "Enable dinero tracing",
287 mips_option_handler
},
288 { {"dinero-file", required_argument
, NULL
, OPTION_DINERO_FILE
},
289 '\0', "FILE", "Write dinero trace to FILE",
290 mips_option_handler
},
291 /* start-sanitize-sky */
294 { {"float-type", required_argument
, NULL
, OPTION_FLOAT_TYPE
},
295 '\0', "host|target", "Use host (fast) or target (accurate) floating point",
296 mips_option_handler
},
299 /* end-sanitize-sky */
300 { {NULL
, no_argument
, NULL
, 0}, '\0', NULL
, NULL
, NULL
}
304 int interrupt_pending
;
307 interrupt_event (SIM_DESC sd
, void *data
)
309 sim_cpu
*cpu
= STATE_CPU (sd
, 0); /* FIXME */
312 interrupt_pending
= 0;
313 SignalExceptionInterrupt ();
315 else if (!interrupt_pending
)
316 sim_events_schedule (sd
, 1, interrupt_event
, data
);
320 /*---------------------------------------------------------------------------*/
321 /*-- Device registration hook -----------------------------------------------*/
322 /*---------------------------------------------------------------------------*/
323 static void device_init(SIM_DESC sd
) {
325 extern void register_devices(SIM_DESC
);
326 register_devices(sd
);
330 /*---------------------------------------------------------------------------*/
331 /*-- GDB simulator interface ------------------------------------------------*/
332 /*---------------------------------------------------------------------------*/
335 sim_open (kind
, cb
, abfd
, argv
)
341 SIM_DESC sd
= sim_state_alloc (kind
, cb
);
342 sim_cpu
*cpu
= STATE_CPU (sd
, 0); /* FIXME */
344 SIM_ASSERT (STATE_MAGIC (sd
) == SIM_MAGIC_NUMBER
);
345 /* start-sanitize-sky */
347 #if defined(TARGET_SKY) && defined(SKY_FUNIT)
348 /* Set "--float-type target" as the default. */
349 STATE_FP_TYPE_OPT (sd
) |= STATE_FP_TYPE_OPT_TARGET
;
351 /* end-sanitize-sky */
353 /* FIXME: watchpoints code shouldn't need this */
354 STATE_WATCHPOINTS (sd
)->pc
= &(PC
);
355 STATE_WATCHPOINTS (sd
)->sizeof_pc
= sizeof (PC
);
356 STATE_WATCHPOINTS (sd
)->interrupt_handler
= interrupt_event
;
360 if (sim_pre_argv_init (sd
, argv
[0]) != SIM_RC_OK
)
362 sim_add_option_table (sd
, NULL
, mips_options
);
364 /* Allocate core managed memory */
367 sim_do_commandf (sd
, "memory region 0x%lx,0x%lx", MONITOR_BASE
, MONITOR_SIZE
);
368 /* For compatibility with the old code - under this (at level one)
369 are the kernel spaces K0 & K1. Both of these map to a single
370 smaller sub region */
371 sim_do_command(sd
," memory region 0x7fff8000,0x8000") ; /* MTZ- 32 k stack */
372 /* start-sanitize-sky */
374 /* end-sanitize-sky */
375 sim_do_commandf (sd
, "memory alias 0x%lx@1,0x%lx%%0x%lx,0x%0x",
377 MEM_SIZE
, /* actual size */
379 /* start-sanitize-sky */
381 sim_do_commandf (sd
, "memory alias 0x%lx@1,0x%lx%%0x%lx,0x%0x,0x%0x",
383 MEM_SIZE
, /* actual size */
385 0); /* add alias at 0x0000 */
387 /* end-sanitize-sky */
391 /* getopt will print the error message so we just have to exit if this fails.
392 FIXME: Hmmm... in the case of gdb we need getopt to call
394 if (sim_parse_args (sd
, argv
) != SIM_RC_OK
)
396 /* Uninstall the modules to avoid memory leaks,
397 file descriptor leaks, etc. */
398 sim_module_uninstall (sd
);
402 /* check for/establish the a reference program image */
403 if (sim_analyze_program (sd
,
404 (STATE_PROG_ARGV (sd
) != NULL
405 ? *STATE_PROG_ARGV (sd
)
409 sim_module_uninstall (sd
);
413 /* Configure/verify the target byte order and other runtime
414 configuration options */
415 if (sim_config (sd
) != SIM_RC_OK
)
417 sim_module_uninstall (sd
);
421 if (sim_post_argv_init (sd
) != SIM_RC_OK
)
423 /* Uninstall the modules to avoid memory leaks,
424 file descriptor leaks, etc. */
425 sim_module_uninstall (sd
);
429 /* verify assumptions the simulator made about the host type system.
430 This macro does not return if there is a problem */
431 SIM_ASSERT (sizeof(int) == (4 * sizeof(char)));
432 SIM_ASSERT (sizeof(word64
) == (8 * sizeof(char)));
434 /* This is NASTY, in that we are assuming the size of specific
438 for (rn
= 0; (rn
< (LAST_EMBED_REGNUM
+ 1)); rn
++)
441 cpu
->register_widths
[rn
] = WITH_TARGET_WORD_BITSIZE
;
442 else if ((rn
>= FGRIDX
) && (rn
< (FGRIDX
+ NR_FGR
)))
443 cpu
->register_widths
[rn
] = WITH_TARGET_FLOATING_POINT_BITSIZE
;
444 else if ((rn
>= 33) && (rn
<= 37))
445 cpu
->register_widths
[rn
] = WITH_TARGET_WORD_BITSIZE
;
446 else if ((rn
== SRIDX
)
449 || ((rn
>= 72) && (rn
<= 89)))
450 cpu
->register_widths
[rn
] = 32;
452 cpu
->register_widths
[rn
] = 0;
454 /* start-sanitize-r5900 */
456 /* set the 5900 "upper" registers to 64 bits */
457 for( rn
= LAST_EMBED_REGNUM
+1; rn
< NUM_REGS
; rn
++)
458 cpu
->register_widths
[rn
] = 64;
459 /* end-sanitize-r5900 */
461 /* start-sanitize-sky */
463 /* Now the VU registers */
464 for( rn
= 0; rn
< NUM_VU_INTEGER_REGS
; rn
++ ) {
465 cpu
->register_widths
[rn
+ NUM_R5900_REGS
] = 16;
466 cpu
->register_widths
[rn
+ NUM_R5900_REGS
+ NUM_VU_REGS
] = 16;
469 for( rn
= NUM_VU_INTEGER_REGS
; rn
< NUM_VU_REGS
; rn
++ ) {
470 cpu
->register_widths
[rn
+ NUM_R5900_REGS
] = 32;
471 cpu
->register_widths
[rn
+ NUM_R5900_REGS
+ NUM_VU_REGS
] = 32;
474 /* Finally the VIF registers */
475 for( rn
= 2*NUM_VU_REGS
; rn
< 2*NUM_VU_REGS
+ 2*NUM_VIF_REGS
; rn
++ )
476 cpu
->register_widths
[rn
+ NUM_R5900_REGS
] = 32;
478 /* end-sanitize-sky */
482 if (STATE
& simTRACE
)
486 /* Write an abort sequence into the TRAP (common) exception vector
487 addresses. This is to catch code executing a TRAP (et.al.)
488 instruction without installing a trap handler. */
490 unsigned32 halt
[2] = { 0x2404002f /* addiu r4, r0, 47 */,
491 HALT_INSTRUCTION
/* BREAK */ };
494 sim_write (sd
, 0x80000180, (char *) halt
, sizeof (halt
));
495 sim_write (sd
, 0xBFC00380, (char *) halt
, sizeof (halt
));
499 /* Write the monitor trap address handlers into the monitor (eeprom)
500 address space. This can only be done once the target endianness
501 has been determined. */
504 /* Entry into the IDT monitor is via fixed address vectors, and
505 not using machine instructions. To avoid clashing with use of
506 the MIPS TRAP system, we place our own (simulator specific)
507 "undefined" instructions into the relevant vector slots. */
508 for (loop
= 0; (loop
< MONITOR_SIZE
); loop
+= 4)
510 address_word vaddr
= (MONITOR_BASE
+ loop
);
511 unsigned32 insn
= (RSVD_INSTRUCTION
| (((loop
>> 2) & RSVD_INSTRUCTION_ARG_MASK
) << RSVD_INSTRUCTION_ARG_SHIFT
));
513 sim_write (sd
, vaddr
, (char *)&insn
, sizeof (insn
));
515 /* The PMON monitor uses the same address space, but rather than
516 branching into it the address of a routine is loaded. We can
517 cheat for the moment, and direct the PMON routine to IDT style
518 instructions within the monitor space. This relies on the IDT
519 monitor not using the locations from 0xBFC00500 onwards as its
521 for (loop
= 0; (loop
< 24); loop
++)
523 address_word vaddr
= (MONITOR_BASE
+ 0x500 + (loop
* 4));
524 unsigned32 value
= ((0x500 - 8) / 8); /* default UNDEFINED reason code */
540 value
= ((0x500 - 16) / 8); /* not an IDT reason code */
542 case 8: /* cliexit */
545 case 11: /* flush_cache */
549 /* FIXME - should monitor_base be SIM_ADDR?? */
550 value
= ((unsigned int)MONITOR_BASE
+ (value
* 8));
552 sim_write (sd
, vaddr
, (char *)&value
, sizeof (value
));
554 /* The LSI MiniRISC PMON has its vectors at 0x200, not 0x500. */
556 sim_write (sd
, vaddr
, (char *)&value
, sizeof (value
));
568 tracefh
= fopen(tracefile
,"wb+");
571 sim_io_eprintf(sd
,"Failed to create file \"%s\", writing trace information to stderr.\n",tracefile
);
578 sim_close (sd
, quitting
)
583 printf("DBG: sim_close: entered (quitting = %d)\n",quitting
);
586 /* "quitting" is non-zero if we cannot hang on errors */
588 /* Ensure that any resources allocated through the callback
589 mechanism are released: */
590 sim_io_shutdown (sd
);
593 if (tracefh
!= NULL
&& tracefh
!= stderr
)
598 /* FIXME - free SD */
605 sim_write (sd
,addr
,buffer
,size
)
608 unsigned char *buffer
;
612 sim_cpu
*cpu
= STATE_CPU (sd
, 0); /* FIXME */
614 /* Return the number of bytes written, or zero if error. */
616 sim_io_printf(sd
,"sim_write(0x%s,buffer,%d);\n",pr_addr(addr
),size
);
619 /* We use raw read and write routines, since we do not want to count
620 the GDB memory accesses in our statistics gathering. */
622 for (index
= 0; index
< size
; index
++)
624 address_word vaddr
= (address_word
)addr
+ index
;
627 if (!address_translation (SD
, CPU
, NULL_CIA
, vaddr
, isDATA
, isSTORE
, &paddr
, &cca
, isRAW
))
629 if (sim_core_write_buffer (SD
, CPU
, read_map
, buffer
+ index
, paddr
, 1) != 1)
637 sim_read (sd
,addr
,buffer
,size
)
640 unsigned char *buffer
;
644 sim_cpu
*cpu
= STATE_CPU (sd
, 0); /* FIXME */
646 /* Return the number of bytes read, or zero if error. */
648 sim_io_printf(sd
,"sim_read(0x%s,buffer,%d);\n",pr_addr(addr
),size
);
651 for (index
= 0; (index
< size
); index
++)
653 address_word vaddr
= (address_word
)addr
+ index
;
656 if (!address_translation (SD
, CPU
, NULL_CIA
, vaddr
, isDATA
, isLOAD
, &paddr
, &cca
, isRAW
))
658 if (sim_core_read_buffer (SD
, CPU
, read_map
, buffer
+ index
, paddr
, 1) != 1)
666 sim_store_register (sd
,rn
,memory
,length
)
669 unsigned char *memory
;
672 sim_cpu
*cpu
= STATE_CPU (sd
, 0); /* FIXME */
673 /* NOTE: gdb (the client) stores registers in target byte order
674 while the simulator uses host byte order */
676 sim_io_printf(sd
,"sim_store_register(%d,*memory=0x%s);\n",rn
,pr_addr(*((SIM_ADDR
*)memory
)));
679 /* Unfortunately this suffers from the same problem as the register
680 numbering one. We need to know what the width of each logical
681 register number is for the architecture being simulated. */
683 if (cpu
->register_widths
[rn
] == 0)
685 sim_io_eprintf(sd
,"Invalid register width for %d (register store ignored)\n",rn
);
689 /* start-sanitize-r5900 */
690 if (rn
>= 90 && rn
< 90 + 32)
692 GPR1
[rn
- 90] = T2H_8 (*(unsigned64
*)memory
);
698 SA
= T2H_8(*(unsigned64
*)memory
);
700 case 122: /* FIXME */
701 LO1
= T2H_8(*(unsigned64
*)memory
);
703 case 123: /* FIXME */
704 HI1
= T2H_8(*(unsigned64
*)memory
);
707 /* end-sanitize-r5900 */
709 /* start-sanitize-sky */
711 if (rn
>= NUM_R5900_REGS
)
713 rn
= rn
- NUM_R5900_REGS
;
715 if( rn
< NUM_VU_REGS
)
717 if (rn
< NUM_VU_INTEGER_REGS
)
718 return write_vu_int_reg (&(vu0_device
.regs
), rn
, memory
);
719 else if (rn
>= FIRST_VEC_REG
)
722 return write_vu_vec_reg (&(vu0_device
.regs
), rn
>>2, rn
&3,
725 else switch (rn
- NUM_VU_INTEGER_REGS
)
728 return write_vu_special_reg (&vu0_device
, VU_REG_CIA
,
731 return write_vu_misc_reg (&(vu0_device
.regs
), VU_REG_MR
,
733 case 2: /* VU0 has no P register */
736 return write_vu_misc_reg (&(vu0_device
.regs
), VU_REG_MI
,
739 return write_vu_misc_reg (&(vu0_device
.regs
), VU_REG_MQ
,
742 return write_vu_acc_reg (&(vu0_device
.regs
),
743 rn
- (NUM_VU_INTEGER_REGS
+ 5),
748 rn
= rn
- NUM_VU_REGS
;
750 if (rn
< NUM_VU_REGS
)
752 if (rn
< NUM_VU_INTEGER_REGS
)
753 return write_vu_int_reg (&(vu1_device
.regs
), rn
, memory
);
754 else if (rn
>= FIRST_VEC_REG
)
757 return write_vu_vec_reg (&(vu1_device
.regs
),
758 rn
>> 2, rn
& 3, memory
);
760 else switch (rn
- NUM_VU_INTEGER_REGS
)
763 return write_vu_special_reg (&vu1_device
, VU_REG_CIA
,
766 return write_vu_misc_reg (&(vu1_device
.regs
), VU_REG_MR
,
769 return write_vu_misc_reg (&(vu1_device
.regs
), VU_REG_MP
,
772 return write_vu_misc_reg (&(vu1_device
.regs
), VU_REG_MI
,
775 return write_vu_misc_reg (&(vu1_device
.regs
), VU_REG_MQ
,
778 return write_vu_acc_reg (&(vu1_device
.regs
),
779 rn
- (NUM_VU_INTEGER_REGS
+ 5),
784 rn
-= NUM_VU_REGS
; /* VIF0 registers are next */
786 if (rn
< NUM_VIF_REGS
)
788 if (rn
< NUM_VIF_REGS
-1)
789 return write_pke_reg (&pke0_device
, rn
, memory
);
792 sim_io_eprintf( sd
, "Can't write vif0_pc (store ignored)\n" );
797 rn
-= NUM_VIF_REGS
; /* VIF1 registers are last */
799 if (rn
< NUM_VIF_REGS
)
801 if (rn
< NUM_VIF_REGS
-1)
802 return write_pke_reg (&pke1_device
, rn
, memory
);
805 sim_io_eprintf( sd
, "Can't write vif1_pc (store ignored)\n" );
810 sim_io_eprintf( sd
, "Invalid VU register (register store ignored)\n" );
814 /* end-sanitize-sky */
816 if (rn
>= FGRIDX
&& rn
< FGRIDX
+ NR_FGR
)
818 if (cpu
->register_widths
[rn
] == 32)
820 cpu
->fgr
[rn
- FGRIDX
] = T2H_4 (*(unsigned32
*)memory
);
825 cpu
->fgr
[rn
- FGRIDX
] = T2H_8 (*(unsigned64
*)memory
);
830 if (cpu
->register_widths
[rn
] == 32)
832 cpu
->registers
[rn
] = T2H_4 (*(unsigned32
*)memory
);
837 cpu
->registers
[rn
] = T2H_8 (*(unsigned64
*)memory
);
845 sim_fetch_register (sd
,rn
,memory
,length
)
848 unsigned char *memory
;
851 sim_cpu
*cpu
= STATE_CPU (sd
, 0); /* FIXME */
852 /* NOTE: gdb (the client) stores registers in target byte order
853 while the simulator uses host byte order */
855 sim_io_printf(sd
,"sim_fetch_register(%d=0x%s,mem) : place simulator registers into memory\n",rn
,pr_addr(registers
[rn
]));
858 if (cpu
->register_widths
[rn
] == 0)
860 sim_io_eprintf (sd
, "Invalid register width for %d (register fetch ignored)\n",rn
);
864 /* start-sanitize-r5900 */
865 if (rn
>= 90 && rn
< 90 + 32)
867 *(unsigned64
*)memory
= GPR1
[rn
- 90];
873 *((unsigned64
*)memory
) = H2T_8(SA
);
875 case 122: /* FIXME */
876 *((unsigned64
*)memory
) = H2T_8(LO1
);
878 case 123: /* FIXME */
879 *((unsigned64
*)memory
) = H2T_8(HI1
);
882 /* end-sanitize-r5900 */
884 /* start-sanitize-sky */
886 if (rn
>= NUM_R5900_REGS
)
888 rn
= rn
- NUM_R5900_REGS
;
890 if (rn
< NUM_VU_REGS
)
892 if (rn
< NUM_VU_INTEGER_REGS
)
893 return read_vu_int_reg (&(vu0_device
.regs
), rn
, memory
);
894 else if (rn
>= FIRST_VEC_REG
)
897 return read_vu_vec_reg (&(vu0_device
.regs
), rn
>>2, rn
& 3,
900 else switch (rn
- NUM_VU_INTEGER_REGS
)
903 return read_vu_special_reg(&vu0_device
, VU_REG_CIA
, memory
);
905 return read_vu_misc_reg (&(vu0_device
.regs
), VU_REG_MR
,
907 case 2: /* VU0 has no P register */
908 *((int *) memory
) = 0;
911 return read_vu_misc_reg (&(vu0_device
.regs
), VU_REG_MI
,
914 return read_vu_misc_reg (&(vu0_device
.regs
), VU_REG_MQ
,
917 return read_vu_acc_reg (&(vu0_device
.regs
),
918 rn
- (NUM_VU_INTEGER_REGS
+ 5),
923 rn
-= NUM_VU_REGS
; /* VU1 registers are next */
925 if (rn
< NUM_VU_REGS
)
927 if (rn
< NUM_VU_INTEGER_REGS
)
928 return read_vu_int_reg (&(vu1_device
.regs
), rn
, memory
);
929 else if (rn
>= FIRST_VEC_REG
)
932 return read_vu_vec_reg (&(vu1_device
.regs
),
933 rn
>> 2, rn
& 3, memory
);
935 else switch (rn
- NUM_VU_INTEGER_REGS
)
938 return read_vu_special_reg(&vu1_device
, VU_REG_CIA
, memory
);
940 return read_vu_misc_reg (&(vu1_device
.regs
),
943 return read_vu_misc_reg (&(vu1_device
.regs
),
946 return read_vu_misc_reg (&(vu1_device
.regs
),
949 return read_vu_misc_reg (&(vu1_device
.regs
),
952 return read_vu_acc_reg (&(vu1_device
.regs
),
953 rn
- (NUM_VU_INTEGER_REGS
+ 5),
958 rn
-= NUM_VU_REGS
; /* VIF0 registers are next */
960 if (rn
< NUM_VIF_REGS
)
962 if (rn
< NUM_VIF_REGS
-1)
963 return read_pke_reg (&pke0_device
, rn
, memory
);
965 return read_pke_pc (&pke0_device
, memory
);
968 rn
-= NUM_VIF_REGS
; /* VIF1 registers are last */
970 if (rn
< NUM_VIF_REGS
)
972 if (rn
< NUM_VIF_REGS
-1)
973 return read_pke_reg (&pke1_device
, rn
, memory
);
975 return read_pke_pc (&pke1_device
, memory
);
978 sim_io_eprintf( sd
, "Invalid VU register (register fetch ignored)\n" );
981 /* end-sanitize-sky */
983 /* Any floating point register */
984 if (rn
>= FGRIDX
&& rn
< FGRIDX
+ NR_FGR
)
986 if (cpu
->register_widths
[rn
] == 32)
988 *(unsigned32
*)memory
= H2T_4 (cpu
->fgr
[rn
- FGRIDX
]);
993 *(unsigned64
*)memory
= H2T_8 (cpu
->fgr
[rn
- FGRIDX
]);
998 if (cpu
->register_widths
[rn
] == 32)
1000 *(unsigned32
*)memory
= H2T_4 ((unsigned32
)(cpu
->registers
[rn
]));
1005 *(unsigned64
*)memory
= H2T_8 ((unsigned64
)(cpu
->registers
[rn
]));
1014 sim_create_inferior (sd
, abfd
, argv
,env
)
1022 printf("DBG: sim_create_inferior entered: start_address = 0x%s\n",
1030 /* override PC value set by ColdReset () */
1032 for (cpu_nr
= 0; cpu_nr
< sim_engine_nr_cpus (sd
); cpu_nr
++)
1034 sim_cpu
*cpu
= STATE_CPU (sd
, cpu_nr
);
1035 CIA_SET (cpu
, (unsigned64
) bfd_get_start_address (abfd
));
1039 #if 0 /* def DEBUG */
1042 /* We should really place the argv slot values into the argument
1043 registers, and onto the stack as required. However, this
1044 assumes that we have a stack defined, which is not
1045 necessarily true at the moment. */
1047 sim_io_printf(sd
,"sim_create_inferior() : passed arguments ignored\n");
1048 for (cptr
= argv
; (cptr
&& *cptr
); cptr
++)
1049 printf("DBG: arg \"%s\"\n",*cptr
);
1057 sim_do_command (sd
,cmd
)
1061 if (sim_args_command (sd
, cmd
) != SIM_RC_OK
)
1062 sim_io_printf (sd
, "Error: \"%s\" is not a valid MIPS simulator command.\n",
1066 /*---------------------------------------------------------------------------*/
1067 /*-- Private simulator support interface ------------------------------------*/
1068 /*---------------------------------------------------------------------------*/
1070 /* Read a null terminated string from memory, return in a buffer */
1072 fetch_str (sd
, addr
)
1079 while (sim_read (sd
, addr
+ nr
, &null
, 1) == 1 && null
!= 0)
1081 buf
= NZALLOC (char, nr
+ 1);
1082 sim_read (sd
, addr
, buf
, nr
);
1086 /* Simple monitor interface (currently setup for the IDT and PMON monitors) */
1088 sim_monitor (SIM_DESC sd
,
1091 unsigned int reason
)
1094 printf("DBG: sim_monitor: entered (reason = %d)\n",reason
);
1097 /* The IDT monitor actually allows two instructions per vector
1098 slot. However, the simulator currently causes a trap on each
1099 individual instruction. We cheat, and lose the bottom bit. */
1102 /* The following callback functions are available, however the
1103 monitor we are simulating does not make use of them: get_errno,
1104 isatty, lseek, rename, system, time and unlink */
1108 case 6: /* int open(char *path,int flags) */
1110 char *path
= fetch_str (sd
, A0
);
1111 V0
= sim_io_open (sd
, path
, (int)A1
);
1116 case 7: /* int read(int file,char *ptr,int len) */
1120 char *buf
= zalloc (nr
);
1121 V0
= sim_io_read (sd
, fd
, buf
, nr
);
1122 sim_write (sd
, A1
, buf
, nr
);
1127 case 8: /* int write(int file,char *ptr,int len) */
1131 char *buf
= zalloc (nr
);
1132 sim_read (sd
, A1
, buf
, nr
);
1133 V0
= sim_io_write (sd
, fd
, buf
, nr
);
1138 case 10: /* int close(int file) */
1140 V0
= sim_io_close (sd
, (int)A0
);
1144 case 2: /* Densan monitor: char inbyte(int waitflag) */
1146 if (A0
== 0) /* waitflag == NOWAIT */
1147 V0
= (unsigned_word
)-1;
1149 /* Drop through to case 11 */
1151 case 11: /* char inbyte(void) */
1154 if (sim_io_read_stdin (sd
, &tmp
, sizeof(char)) != sizeof(char))
1156 sim_io_error(sd
,"Invalid return from character read");
1157 V0
= (unsigned_word
)-1;
1160 V0
= (unsigned_word
)tmp
;
1164 case 3: /* Densan monitor: void co(char chr) */
1165 case 12: /* void outbyte(char chr) : write a byte to "stdout" */
1167 char tmp
= (char)(A0
& 0xFF);
1168 sim_io_write_stdout (sd
, &tmp
, sizeof(char));
1172 case 17: /* void _exit() */
1174 sim_io_eprintf (sd
, "sim_monitor(17): _exit(int reason) to be coded\n");
1175 sim_engine_halt (SD
, CPU
, NULL
, NULL_CIA
, sim_exited
,
1176 (unsigned int)(A0
& 0xFFFFFFFF));
1180 case 28 : /* PMON flush_cache */
1183 case 55: /* void get_mem_info(unsigned int *ptr) */
1184 /* in: A0 = pointer to three word memory location */
1185 /* out: [A0 + 0] = size */
1186 /* [A0 + 4] = instruction cache size */
1187 /* [A0 + 8] = data cache size */
1189 unsigned_4 value
= MEM_SIZE
/* FIXME STATE_MEM_SIZE (sd) */;
1190 unsigned_4 zero
= 0;
1192 sim_write (sd
, A0
+ 0, (char *)&value
, 4);
1193 sim_write (sd
, A0
+ 4, (char *)&zero
, 4);
1194 sim_write (sd
, A0
+ 8, (char *)&zero
, 4);
1195 /* sim_io_eprintf (sd, "sim: get_mem_info() depreciated\n"); */
1199 case 158 : /* PMON printf */
1200 /* in: A0 = pointer to format string */
1201 /* A1 = optional argument 1 */
1202 /* A2 = optional argument 2 */
1203 /* A3 = optional argument 3 */
1205 /* The following is based on the PMON printf source */
1207 address_word s
= A0
;
1209 signed_word
*ap
= &A1
; /* 1st argument */
1210 /* This isn't the quickest way, since we call the host print
1211 routine for every character almost. But it does avoid
1212 having to allocate and manage a temporary string buffer. */
1213 /* TODO: Include check that we only use three arguments (A1,
1215 while (sim_read (sd
, s
++, &c
, 1) && c
!= '\0')
1220 enum {FMT_RJUST
, FMT_LJUST
, FMT_RJUST0
, FMT_CENTER
} fmt
= FMT_RJUST
;
1221 int width
= 0, trunc
= 0, haddot
= 0, longlong
= 0;
1222 while (sim_read (sd
, s
++, &c
, 1) && c
!= '\0')
1224 if (strchr ("dobxXulscefg%", s
))
1239 else if (c
>= '1' && c
<= '9')
1243 while (sim_read (sd
, s
++, &c
, 1) == 1 && isdigit (c
))
1246 n
= (unsigned int)strtol(tmp
,NULL
,10);
1259 sim_io_printf (sd
, "%%");
1264 address_word p
= *ap
++;
1266 while (sim_read (sd
, p
++, &ch
, 1) == 1 && ch
!= '\0')
1267 sim_io_printf(sd
, "%c", ch
);
1270 sim_io_printf(sd
,"(null)");
1273 sim_io_printf (sd
, "%c", (int)*ap
++);
1278 sim_read (sd
, s
++, &c
, 1);
1282 sim_read (sd
, s
++, &c
, 1);
1285 if (strchr ("dobxXu", c
))
1287 word64 lv
= (word64
) *ap
++;
1289 sim_io_printf(sd
,"<binary not supported>");
1292 sprintf (tmp
, "%%%s%c", longlong
? "ll" : "", c
);
1294 sim_io_printf(sd
, tmp
, lv
);
1296 sim_io_printf(sd
, tmp
, (int)lv
);
1299 else if (strchr ("eEfgG", c
))
1301 double dbl
= *(double*)(ap
++);
1302 sprintf (tmp
, "%%%d.%d%c", width
, trunc
, c
);
1303 sim_io_printf (sd
, tmp
, dbl
);
1309 sim_io_printf(sd
, "%c", c
);
1315 sim_io_error (sd
, "TODO: sim_monitor(%d) : PC = 0x%s\n",
1316 reason
, pr_addr(cia
));
1322 /* Store a word into memory. */
1325 store_word (SIM_DESC sd
,
1334 if ((vaddr
& 3) != 0)
1335 SignalExceptionAddressStore ();
1338 if (AddressTranslation (vaddr
, isDATA
, isSTORE
, &paddr
, &uncached
,
1341 const uword64 mask
= 7;
1345 paddr
= (paddr
& ~mask
) | ((paddr
& mask
) ^ (ReverseEndian
<< 2));
1346 byte
= (vaddr
& mask
) ^ (BigEndianCPU
<< 2);
1347 memval
= ((uword64
) val
) << (8 * byte
);
1348 StoreMemory (uncached
, AccessLength_WORD
, memval
, 0, paddr
, vaddr
,
1354 /* Load a word from memory. */
1357 load_word (SIM_DESC sd
,
1362 if ((vaddr
& 3) != 0)
1363 SignalExceptionAddressLoad ();
1369 if (AddressTranslation (vaddr
, isDATA
, isLOAD
, &paddr
, &uncached
,
1372 const uword64 mask
= 0x7;
1373 const unsigned int reverse
= ReverseEndian
? 1 : 0;
1374 const unsigned int bigend
= BigEndianCPU
? 1 : 0;
1378 paddr
= (paddr
& ~mask
) | ((paddr
& mask
) ^ (reverse
<< 2));
1379 LoadMemory (&memval
,NULL
,uncached
, AccessLength_WORD
, paddr
, vaddr
,
1381 byte
= (vaddr
& mask
) ^ (bigend
<< 2);
1382 return SIGNEXTEND (((memval
>> (8 * byte
)) & 0xffffffff), 32);
1389 /* Simulate the mips16 entry and exit pseudo-instructions. These
1390 would normally be handled by the reserved instruction exception
1391 code, but for ease of simulation we just handle them directly. */
1394 mips16_entry (SIM_DESC sd
,
1399 int aregs
, sregs
, rreg
;
1402 printf("DBG: mips16_entry: entered (insn = 0x%08X)\n",insn
);
1405 aregs
= (insn
& 0x700) >> 8;
1406 sregs
= (insn
& 0x0c0) >> 6;
1407 rreg
= (insn
& 0x020) >> 5;
1409 /* This should be checked by the caller. */
1418 /* This is the entry pseudo-instruction. */
1420 for (i
= 0; i
< aregs
; i
++)
1421 store_word (SD
, CPU
, cia
, (uword64
) (SP
+ 4 * i
), GPR
[i
+ 4]);
1429 store_word (SD
, CPU
, cia
, (uword64
) tsp
, RA
);
1432 for (i
= 0; i
< sregs
; i
++)
1435 store_word (SD
, CPU
, cia
, (uword64
) tsp
, GPR
[16 + i
]);
1443 /* This is the exit pseudo-instruction. */
1450 RA
= load_word (SD
, CPU
, cia
, (uword64
) tsp
);
1453 for (i
= 0; i
< sregs
; i
++)
1456 GPR
[i
+ 16] = load_word (SD
, CPU
, cia
, (uword64
) tsp
);
1461 if (CURRENT_FLOATING_POINT
== HARD_FLOATING_POINT
)
1465 FGR
[0] = WORD64LO (GPR
[4]);
1466 FPR_STATE
[0] = fmt_uninterpreted
;
1468 else if (aregs
== 6)
1470 FGR
[0] = WORD64LO (GPR
[5]);
1471 FGR
[1] = WORD64LO (GPR
[4]);
1472 FPR_STATE
[0] = fmt_uninterpreted
;
1473 FPR_STATE
[1] = fmt_uninterpreted
;
1482 /*-- trace support ----------------------------------------------------------*/
1484 /* The TRACE support is provided (if required) in the memory accessing
1485 routines. Since we are also providing the architecture specific
1486 features, the architecture simulation code can also deal with
1487 notifying the TRACE world of cache flushes, etc. Similarly we do
1488 not need to provide profiling support in the simulator engine,
1489 since we can sample in the instruction fetch control loop. By
1490 defining the TRACE manifest, we add tracing as a run-time
1494 /* Tracing by default produces "din" format (as required by
1495 dineroIII). Each line of such a trace file *MUST* have a din label
1496 and address field. The rest of the line is ignored, so comments can
1497 be included if desired. The first field is the label which must be
1498 one of the following values:
1503 3 escape record (treated as unknown access type)
1504 4 escape record (causes cache flush)
1506 The address field is a 32bit (lower-case) hexadecimal address
1507 value. The address should *NOT* be preceded by "0x".
1509 The size of the memory transfer is not important when dealing with
1510 cache lines (as long as no more than a cache line can be
1511 transferred in a single operation :-), however more information
1512 could be given following the dineroIII requirement to allow more
1513 complete memory and cache simulators to provide better
1514 results. i.e. the University of Pisa has a cache simulator that can
1515 also take bus size and speed as (variable) inputs to calculate
1516 complete system performance (a much more useful ability when trying
1517 to construct an end product, rather than a processor). They
1518 currently have an ARM version of their tool called ChARM. */
1522 dotrace (SIM_DESC sd
,
1530 if (STATE
& simTRACE
) {
1532 fprintf(tracefh
,"%d %s ; width %d ; ",
1536 va_start(ap
,comment
);
1537 vfprintf(tracefh
,comment
,ap
);
1539 fprintf(tracefh
,"\n");
1541 /* NOTE: Since the "din" format will only accept 32bit addresses, and
1542 we may be generating 64bit ones, we should put the hi-32bits of the
1543 address into the comment field. */
1545 /* TODO: Provide a buffer for the trace lines. We can then avoid
1546 performing writes until the buffer is filled, or the file is
1549 /* NOTE: We could consider adding a comment field to the "din" file
1550 produced using type 3 markers (unknown access). This would then
1551 allow information about the program that the "din" is for, and
1552 the MIPs world that was being simulated, to be placed into the
1559 /*---------------------------------------------------------------------------*/
1560 /*-- simulator engine -------------------------------------------------------*/
1561 /*---------------------------------------------------------------------------*/
1564 ColdReset (SIM_DESC sd
)
1567 for (cpu_nr
= 0; cpu_nr
< sim_engine_nr_cpus (sd
); cpu_nr
++)
1569 sim_cpu
*cpu
= STATE_CPU (sd
, cpu_nr
);
1570 /* RESET: Fixed PC address: */
1571 PC
= UNSIGNED64 (0xFFFFFFFFBFC00000);
1572 /* The reset vector address is in the unmapped, uncached memory space. */
1574 SR
&= ~(status_SR
| status_TS
| status_RP
);
1575 SR
|= (status_ERL
| status_BEV
);
1577 /* Cheat and allow access to the complete register set immediately */
1578 if (CURRENT_FLOATING_POINT
== HARD_FLOATING_POINT
1579 && WITH_TARGET_WORD_BITSIZE
== 64)
1580 SR
|= status_FR
; /* 64bit registers */
1582 /* Ensure that any instructions with pending register updates are
1584 PENDING_INVALIDATE();
1586 /* Initialise the FPU registers to the unknown state */
1587 if (CURRENT_FLOATING_POINT
== HARD_FLOATING_POINT
)
1590 for (rn
= 0; (rn
< 32); rn
++)
1591 FPR_STATE
[rn
] = fmt_uninterpreted
;
1597 /* Description from page A-26 of the "MIPS IV Instruction Set" manual (revision 3.1) */
1598 /* Signal an exception condition. This will result in an exception
1599 that aborts the instruction. The instruction operation pseudocode
1600 will never see a return from this function call. */
1603 signal_exception (SIM_DESC sd
,
1611 sim_io_printf(sd
,"DBG: SignalException(%d) PC = 0x%s\n",exception
,pr_addr(cia
));
1614 /* Ensure that any active atomic read/modify/write operation will fail: */
1617 switch (exception
) {
1622 unsigned int instruction
;
1625 va_start(ap
,exception
);
1626 instruction
= va_arg(ap
,unsigned int);
1629 code
= (instruction
>> 6) & 0xFFFFF;
1631 sim_io_eprintf(sd
,"Ignoring instruction `syscall %d' (PC 0x%s)\n",
1632 code
, pr_addr(cia
));
1636 case DebugBreakPoint
:
1637 if (! (Debug
& Debug_DM
))
1643 Debug
|= Debug_DBD
; /* signaled from within in delay slot */
1644 DEPC
= cia
- 4; /* reference the branch instruction */
1648 Debug
&= ~Debug_DBD
; /* not signaled from within a delay slot */
1652 Debug
|= Debug_DM
; /* in debugging mode */
1653 Debug
|= Debug_DBp
; /* raising a DBp exception */
1655 sim_engine_restart (SD
, CPU
, NULL
, NULL_CIA
);
1659 case ReservedInstruction
:
1662 unsigned int instruction
;
1663 va_start(ap
,exception
);
1664 instruction
= va_arg(ap
,unsigned int);
1666 /* Provide simple monitor support using ReservedInstruction
1667 exceptions. The following code simulates the fixed vector
1668 entry points into the IDT monitor by causing a simulator
1669 trap, performing the monitor operation, and returning to
1670 the address held in the $ra register (standard PCS return
1671 address). This means we only need to pre-load the vector
1672 space with suitable instruction values. For systems were
1673 actual trap instructions are used, we would not need to
1674 perform this magic. */
1675 if ((instruction
& RSVD_INSTRUCTION_MASK
) == RSVD_INSTRUCTION
)
1677 sim_monitor (SD
, CPU
, cia
, ((instruction
>> RSVD_INSTRUCTION_ARG_SHIFT
) & RSVD_INSTRUCTION_ARG_MASK
) );
1678 /* NOTE: This assumes that a branch-and-link style
1679 instruction was used to enter the vector (which is the
1680 case with the current IDT monitor). */
1681 sim_engine_restart (SD
, CPU
, NULL
, RA
);
1683 /* Look for the mips16 entry and exit instructions, and
1684 simulate a handler for them. */
1685 else if ((cia
& 1) != 0
1686 && (instruction
& 0xf81f) == 0xe809
1687 && (instruction
& 0x0c0) != 0x0c0)
1689 mips16_entry (SD
, CPU
, cia
, instruction
);
1690 sim_engine_restart (sd
, NULL
, NULL
, NULL_CIA
);
1692 /* else fall through to normal exception processing */
1693 sim_io_eprintf(sd
,"ReservedInstruction at PC = 0x%s\n", pr_addr (cia
));
1698 sim_io_printf(sd
,"DBG: SignalException(%d) PC = 0x%s\n",exception
,pr_addr(cia
));
1700 /* Keep a copy of the current A0 in-case this is the program exit
1704 unsigned int instruction
;
1705 va_start(ap
, exception
);
1706 instruction
= va_arg(ap
,unsigned int);
1708 /* Check for our special terminating BREAK: */
1709 if ((instruction
& HALT_INSTRUCTION_MASK
)
1710 == (HALT_INSTRUCTION
& HALT_INSTRUCTION_MASK
))
1712 sim_engine_halt (SD
, CPU
, NULL
, cia
,
1713 sim_exited
, (unsigned int)(A0
& 0xFFFFFFFF));
1716 if (STATE
& simDELAYSLOT
)
1717 PC
= cia
- 4; /* reference the branch instruction */
1720 sim_engine_halt (SD
, CPU
, NULL
, cia
,
1721 sim_stopped
, SIM_SIGTRAP
);
1724 /* Store exception code into current exception id variable (used
1727 /* TODO: If not simulating exceptions then stop the simulator
1728 execution. At the moment we always stop the simulation. */
1730 /* See figure 5-17 for an outline of the code below */
1731 if (! (SR
& status_EXL
))
1733 CAUSE
= (exception
<< 2);
1734 if (STATE
& simDELAYSLOT
)
1736 STATE
&= ~simDELAYSLOT
;
1738 EPC
= (cia
- 4); /* reference the branch instruction */
1742 /* FIXME: TLB et.al. */
1747 CAUSE
= (exception
<< 2);
1751 /* Store exception code into current exception id variable (used
1753 if (SR
& status_BEV
)
1754 PC
= (signed)0xBFC00200 + 0x180;
1756 PC
= (signed)0x80000000 + 0x180;
1758 switch ((CAUSE
>> 2) & 0x1F)
1761 /* Interrupts arrive during event processing, no need to
1765 case TLBModification
:
1770 case InstructionFetch
:
1772 /* The following is so that the simulator will continue from the
1773 exception address on breakpoint operations. */
1775 sim_engine_halt (SD
, CPU
, NULL
, NULL_CIA
,
1776 sim_stopped
, SIM_SIGBUS
);
1778 case ReservedInstruction
:
1779 case CoProcessorUnusable
:
1781 sim_engine_halt (SD
, CPU
, NULL
, NULL_CIA
,
1782 sim_stopped
, SIM_SIGILL
);
1784 case IntegerOverflow
:
1786 sim_engine_halt (SD
, CPU
, NULL
, NULL_CIA
,
1787 sim_stopped
, SIM_SIGFPE
);
1790 sim_engine_restart (SD
, CPU
, NULL
, PC
);
1796 sim_engine_halt (SD
, CPU
, NULL
, NULL_CIA
,
1797 sim_stopped
, SIM_SIGTRAP
);
1801 sim_engine_abort (SD
, CPU
, NULL_CIA
,
1802 "FATAL: Should not encounter a breakpoint\n");
1804 default : /* Unknown internal exception */
1806 sim_engine_halt (SD
, CPU
, NULL
, NULL_CIA
,
1807 sim_stopped
, SIM_SIGABRT
);
1811 case SimulatorFault
:
1815 va_start(ap
,exception
);
1816 msg
= va_arg(ap
,char *);
1818 sim_engine_abort (SD
, CPU
, NULL_CIA
,
1819 "FATAL: Simulator error \"%s\"\n",msg
);
1826 #if defined(WARN_RESULT)
1827 /* Description from page A-26 of the "MIPS IV Instruction Set" manual (revision 3.1) */
1828 /* This function indicates that the result of the operation is
1829 undefined. However, this should not affect the instruction
1830 stream. All that is meant to happen is that the destination
1831 register is set to an undefined result. To keep the simulator
1832 simple, we just don't bother updating the destination register, so
1833 the overall result will be undefined. If desired we can stop the
1834 simulator by raising a pseudo-exception. */
1835 #define UndefinedResult() undefined_result (sd,cia)
1837 undefined_result(sd
,cia
)
1841 sim_io_eprintf(sd
,"UndefinedResult: PC = 0x%s\n",pr_addr(cia
));
1842 #if 0 /* Disabled for the moment, since it actually happens a lot at the moment. */
1847 #endif /* WARN_RESULT */
1849 /*-- FPU support routines ---------------------------------------------------*/
1851 /* Numbers are held in normalized form. The SINGLE and DOUBLE binary
1852 formats conform to ANSI/IEEE Std 754-1985. */
1853 /* SINGLE precision floating:
1854 * seeeeeeeefffffffffffffffffffffff
1856 * e = 8bits = exponent
1857 * f = 23bits = fraction
1859 /* SINGLE precision fixed:
1860 * siiiiiiiiiiiiiiiiiiiiiiiiiiiiiii
1862 * i = 31bits = integer
1864 /* DOUBLE precision floating:
1865 * seeeeeeeeeeeffffffffffffffffffffffffffffffffffffffffffffffffffff
1867 * e = 11bits = exponent
1868 * f = 52bits = fraction
1870 /* DOUBLE precision fixed:
1871 * siiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiii
1873 * i = 63bits = integer
1876 /* Extract sign-bit: */
1877 #define FP_S_s(v) (((v) & ((unsigned)1 << 31)) ? 1 : 0)
1878 #define FP_D_s(v) (((v) & ((uword64)1 << 63)) ? 1 : 0)
1879 /* Extract biased exponent: */
1880 #define FP_S_be(v) (((v) >> 23) & 0xFF)
1881 #define FP_D_be(v) (((v) >> 52) & 0x7FF)
1882 /* Extract unbiased Exponent: */
1883 #define FP_S_e(v) (FP_S_be(v) - 0x7F)
1884 #define FP_D_e(v) (FP_D_be(v) - 0x3FF)
1885 /* Extract complete fraction field: */
1886 #define FP_S_f(v) ((v) & ~((unsigned)0x1FF << 23))
1887 #define FP_D_f(v) ((v) & ~((uword64)0xFFF << 52))
1888 /* Extract numbered fraction bit: */
1889 #define FP_S_fb(b,v) (((v) & (1 << (23 - (b)))) ? 1 : 0)
1890 #define FP_D_fb(b,v) (((v) & (1 << (52 - (b)))) ? 1 : 0)
1892 /* Explicit QNaN values used when value required: */
1893 #define FPQNaN_SINGLE (0x7FBFFFFF)
1894 #define FPQNaN_WORD (0x7FFFFFFF)
1895 #define FPQNaN_DOUBLE (((uword64)0x7FF7FFFF << 32) | 0xFFFFFFFF)
1896 #define FPQNaN_LONG (((uword64)0x7FFFFFFF << 32) | 0xFFFFFFFF)
1898 /* Explicit Infinity values used when required: */
1899 #define FPINF_SINGLE (0x7F800000)
1900 #define FPINF_DOUBLE (((uword64)0x7FF00000 << 32) | 0x00000000)
1902 #if 1 /* def DEBUG */
1903 #define RMMODE(v) (((v) == FP_RM_NEAREST) ? "Round" : (((v) == FP_RM_TOZERO) ? "Trunc" : (((v) == FP_RM_TOPINF) ? "Ceil" : "Floor")))
1904 #define DOFMT(v) (((v) == fmt_single) ? "single" : (((v) == fmt_double) ? "double" : (((v) == fmt_word) ? "word" : (((v) == fmt_long) ? "long" : (((v) == fmt_unknown) ? "<unknown>" : (((v) == fmt_uninterpreted) ? "<uninterpreted>" : "<format error>"))))))
1908 value_fpr (SIM_DESC sd
,
1917 /* Treat unused register values, as fixed-point 64bit values: */
1918 if ((fmt
== fmt_uninterpreted
) || (fmt
== fmt_unknown
))
1920 /* If request to read data as "uninterpreted", then use the current
1922 fmt
= FPR_STATE
[fpr
];
1927 /* For values not yet accessed, set to the desired format: */
1928 if (FPR_STATE
[fpr
] == fmt_uninterpreted
) {
1929 FPR_STATE
[fpr
] = fmt
;
1931 printf("DBG: Register %d was fmt_uninterpreted. Now %s\n",fpr
,DOFMT(fmt
));
1934 if (fmt
!= FPR_STATE
[fpr
]) {
1935 sim_io_eprintf(sd
,"FPR %d (format %s) being accessed with format %s - setting to unknown (PC = 0x%s)\n",fpr
,DOFMT(FPR_STATE
[fpr
]),DOFMT(fmt
),pr_addr(cia
));
1936 FPR_STATE
[fpr
] = fmt_unknown
;
1939 if (FPR_STATE
[fpr
] == fmt_unknown
) {
1940 /* Set QNaN value: */
1943 value
= FPQNaN_SINGLE
;
1947 value
= FPQNaN_DOUBLE
;
1951 value
= FPQNaN_WORD
;
1955 value
= FPQNaN_LONG
;
1962 } else if (SizeFGR() == 64) {
1966 value
= (FGR
[fpr
] & 0xFFFFFFFF);
1969 case fmt_uninterpreted
:
1983 value
= (FGR
[fpr
] & 0xFFFFFFFF);
1986 case fmt_uninterpreted
:
1989 if ((fpr
& 1) == 0) { /* even registers only */
1990 value
= ((((uword64
)FGR
[fpr
+1]) << 32) | (FGR
[fpr
] & 0xFFFFFFFF));
1992 SignalException(ReservedInstruction
,0);
2003 SignalExceptionSimulatorFault ("Unrecognised FP format in ValueFPR()");
2006 printf("DBG: ValueFPR: fpr = %d, fmt = %s, value = 0x%s : PC = 0x%s : SizeFGR() = %d\n",fpr
,DOFMT(fmt
),pr_addr(value
),pr_addr(cia
),SizeFGR());
2013 store_fpr (SIM_DESC sd
,
2023 printf("DBG: StoreFPR: fpr = %d, fmt = %s, value = 0x%s : PC = 0x%s : SizeFGR() = %d\n",fpr
,DOFMT(fmt
),pr_addr(value
),pr_addr(cia
),SizeFGR());
2026 if (SizeFGR() == 64) {
2028 case fmt_uninterpreted_32
:
2029 fmt
= fmt_uninterpreted
;
2032 FGR
[fpr
] = (((uword64
)0xDEADC0DE << 32) | (value
& 0xFFFFFFFF));
2033 FPR_STATE
[fpr
] = fmt
;
2036 case fmt_uninterpreted_64
:
2037 fmt
= fmt_uninterpreted
;
2038 case fmt_uninterpreted
:
2042 FPR_STATE
[fpr
] = fmt
;
2046 FPR_STATE
[fpr
] = fmt_unknown
;
2052 case fmt_uninterpreted_32
:
2053 fmt
= fmt_uninterpreted
;
2056 FGR
[fpr
] = (value
& 0xFFFFFFFF);
2057 FPR_STATE
[fpr
] = fmt
;
2060 case fmt_uninterpreted_64
:
2061 fmt
= fmt_uninterpreted
;
2062 case fmt_uninterpreted
:
2065 if ((fpr
& 1) == 0) { /* even register number only */
2066 FGR
[fpr
+1] = (value
>> 32);
2067 FGR
[fpr
] = (value
& 0xFFFFFFFF);
2068 FPR_STATE
[fpr
+ 1] = fmt
;
2069 FPR_STATE
[fpr
] = fmt
;
2071 FPR_STATE
[fpr
] = fmt_unknown
;
2072 FPR_STATE
[fpr
+ 1] = fmt_unknown
;
2073 SignalException(ReservedInstruction
,0);
2078 FPR_STATE
[fpr
] = fmt_unknown
;
2083 #if defined(WARN_RESULT)
2086 #endif /* WARN_RESULT */
2089 SignalExceptionSimulatorFault ("Unrecognised FP format in StoreFPR()");
2092 printf("DBG: StoreFPR: fpr[%d] = 0x%s (format %s)\n",fpr
,pr_addr(FGR
[fpr
]),DOFMT(fmt
));
2109 sim_fpu_32to (&wop
, op
);
2110 boolean
= sim_fpu_is_nan (&wop
);
2117 sim_fpu_64to (&wop
, op
);
2118 boolean
= sim_fpu_is_nan (&wop
);
2122 fprintf (stderr
, "Bad switch\n");
2127 printf("DBG: NaN: returning %d for 0x%s (format = %s)\n",boolean
,pr_addr(op
),DOFMT(fmt
));
2141 printf("DBG: Infinity: format %s 0x%s\n",DOFMT(fmt
),pr_addr(op
));
2148 sim_fpu_32to (&wop
, op
);
2149 boolean
= sim_fpu_is_infinity (&wop
);
2155 sim_fpu_64to (&wop
, op
);
2156 boolean
= sim_fpu_is_infinity (&wop
);
2160 printf("DBG: TODO: unrecognised format (%s) for Infinity check\n",DOFMT(fmt
));
2165 printf("DBG: Infinity: returning %d for 0x%s (format = %s)\n",boolean
,pr_addr(op
),DOFMT(fmt
));
2179 /* Argument checking already performed by the FPCOMPARE code */
2182 printf("DBG: Less: %s: op1 = 0x%s : op2 = 0x%s\n",DOFMT(fmt
),pr_addr(op1
),pr_addr(op2
));
2185 /* The format type should already have been checked: */
2191 sim_fpu_32to (&wop1
, op1
);
2192 sim_fpu_32to (&wop2
, op2
);
2193 boolean
= sim_fpu_is_lt (&wop1
, &wop2
);
2200 sim_fpu_64to (&wop1
, op1
);
2201 sim_fpu_64to (&wop2
, op2
);
2202 boolean
= sim_fpu_is_lt (&wop1
, &wop2
);
2206 fprintf (stderr
, "Bad switch\n");
2211 printf("DBG: Less: returning %d (format = %s)\n",boolean
,DOFMT(fmt
));
2225 /* Argument checking already performed by the FPCOMPARE code */
2228 printf("DBG: Equal: %s: op1 = 0x%s : op2 = 0x%s\n",DOFMT(fmt
),pr_addr(op1
),pr_addr(op2
));
2231 /* The format type should already have been checked: */
2237 sim_fpu_32to (&wop1
, op1
);
2238 sim_fpu_32to (&wop2
, op2
);
2239 boolean
= sim_fpu_is_eq (&wop1
, &wop2
);
2246 sim_fpu_64to (&wop1
, op1
);
2247 sim_fpu_64to (&wop2
, op2
);
2248 boolean
= sim_fpu_is_eq (&wop1
, &wop2
);
2252 fprintf (stderr
, "Bad switch\n");
2257 printf("DBG: Equal: returning %d (format = %s)\n",boolean
,DOFMT(fmt
));
2264 AbsoluteValue(op
,fmt
)
2271 printf("DBG: AbsoluteValue: %s: op = 0x%s\n",DOFMT(fmt
),pr_addr(op
));
2274 /* The format type should already have been checked: */
2280 sim_fpu_32to (&wop
, op
);
2281 sim_fpu_abs (&wop
, &wop
);
2282 sim_fpu_to32 (&ans
, &wop
);
2290 sim_fpu_64to (&wop
, op
);
2291 sim_fpu_abs (&wop
, &wop
);
2292 sim_fpu_to64 (&ans
, &wop
);
2297 fprintf (stderr
, "Bad switch\n");
2312 printf("DBG: Negate: %s: op = 0x%s\n",DOFMT(fmt
),pr_addr(op
));
2315 /* The format type should already have been checked: */
2321 sim_fpu_32to (&wop
, op
);
2322 sim_fpu_neg (&wop
, &wop
);
2323 sim_fpu_to32 (&ans
, &wop
);
2331 sim_fpu_64to (&wop
, op
);
2332 sim_fpu_neg (&wop
, &wop
);
2333 sim_fpu_to64 (&ans
, &wop
);
2338 fprintf (stderr
, "Bad switch\n");
2354 printf("DBG: Add: %s: op1 = 0x%s : op2 = 0x%s\n",DOFMT(fmt
),pr_addr(op1
),pr_addr(op2
));
2357 /* The registers must specify FPRs valid for operands of type
2358 "fmt". If they are not valid, the result is undefined. */
2360 /* The format type should already have been checked: */
2368 sim_fpu_32to (&wop1
, op1
);
2369 sim_fpu_32to (&wop2
, op2
);
2370 sim_fpu_add (&ans
, &wop1
, &wop2
);
2371 sim_fpu_to32 (&res
, &ans
);
2381 sim_fpu_64to (&wop1
, op1
);
2382 sim_fpu_64to (&wop2
, op2
);
2383 sim_fpu_add (&ans
, &wop1
, &wop2
);
2384 sim_fpu_to64 (&res
, &ans
);
2389 fprintf (stderr
, "Bad switch\n");
2394 printf("DBG: Add: returning 0x%s (format = %s)\n",pr_addr(result
),DOFMT(fmt
));
2409 printf("DBG: Sub: %s: op1 = 0x%s : op2 = 0x%s\n",DOFMT(fmt
),pr_addr(op1
),pr_addr(op2
));
2412 /* The registers must specify FPRs valid for operands of type
2413 "fmt". If they are not valid, the result is undefined. */
2415 /* The format type should already have been checked: */
2423 sim_fpu_32to (&wop1
, op1
);
2424 sim_fpu_32to (&wop2
, op2
);
2425 sim_fpu_sub (&ans
, &wop1
, &wop2
);
2426 sim_fpu_to32 (&res
, &ans
);
2436 sim_fpu_64to (&wop1
, op1
);
2437 sim_fpu_64to (&wop2
, op2
);
2438 sim_fpu_sub (&ans
, &wop1
, &wop2
);
2439 sim_fpu_to64 (&res
, &ans
);
2444 fprintf (stderr
, "Bad switch\n");
2449 printf("DBG: Sub: returning 0x%s (format = %s)\n",pr_addr(result
),DOFMT(fmt
));
2456 Multiply(op1
,op2
,fmt
)
2464 printf("DBG: Multiply: %s: op1 = 0x%s : op2 = 0x%s\n",DOFMT(fmt
),pr_addr(op1
),pr_addr(op2
));
2467 /* The registers must specify FPRs valid for operands of type
2468 "fmt". If they are not valid, the result is undefined. */
2470 /* The format type should already have been checked: */
2478 sim_fpu_32to (&wop1
, op1
);
2479 sim_fpu_32to (&wop2
, op2
);
2480 sim_fpu_mul (&ans
, &wop1
, &wop2
);
2481 sim_fpu_to32 (&res
, &ans
);
2491 sim_fpu_64to (&wop1
, op1
);
2492 sim_fpu_64to (&wop2
, op2
);
2493 sim_fpu_mul (&ans
, &wop1
, &wop2
);
2494 sim_fpu_to64 (&res
, &ans
);
2499 fprintf (stderr
, "Bad switch\n");
2504 printf("DBG: Multiply: returning 0x%s (format = %s)\n",pr_addr(result
),DOFMT(fmt
));
2519 printf("DBG: Divide: %s: op1 = 0x%s : op2 = 0x%s\n",DOFMT(fmt
),pr_addr(op1
),pr_addr(op2
));
2522 /* The registers must specify FPRs valid for operands of type
2523 "fmt". If they are not valid, the result is undefined. */
2525 /* The format type should already have been checked: */
2533 sim_fpu_32to (&wop1
, op1
);
2534 sim_fpu_32to (&wop2
, op2
);
2535 sim_fpu_div (&ans
, &wop1
, &wop2
);
2536 sim_fpu_to32 (&res
, &ans
);
2546 sim_fpu_64to (&wop1
, op1
);
2547 sim_fpu_64to (&wop2
, op2
);
2548 sim_fpu_div (&ans
, &wop1
, &wop2
);
2549 sim_fpu_to64 (&res
, &ans
);
2554 fprintf (stderr
, "Bad switch\n");
2559 printf("DBG: Divide: returning 0x%s (format = %s)\n",pr_addr(result
),DOFMT(fmt
));
2573 printf("DBG: Recip: %s: op = 0x%s\n",DOFMT(fmt
),pr_addr(op
));
2576 /* The registers must specify FPRs valid for operands of type
2577 "fmt". If they are not valid, the result is undefined. */
2579 /* The format type should already have been checked: */
2586 sim_fpu_32to (&wop
, op
);
2587 sim_fpu_inv (&ans
, &wop
);
2588 sim_fpu_to32 (&res
, &ans
);
2597 sim_fpu_64to (&wop
, op
);
2598 sim_fpu_inv (&ans
, &wop
);
2599 sim_fpu_to64 (&res
, &ans
);
2604 fprintf (stderr
, "Bad switch\n");
2609 printf("DBG: Recip: returning 0x%s (format = %s)\n",pr_addr(result
),DOFMT(fmt
));
2623 printf("DBG: SquareRoot: %s: op = 0x%s\n",DOFMT(fmt
),pr_addr(op
));
2626 /* The registers must specify FPRs valid for operands of type
2627 "fmt". If they are not valid, the result is undefined. */
2629 /* The format type should already have been checked: */
2636 sim_fpu_32to (&wop
, op
);
2637 sim_fpu_sqrt (&ans
, &wop
);
2638 sim_fpu_to32 (&res
, &ans
);
2647 sim_fpu_64to (&wop
, op
);
2648 sim_fpu_sqrt (&ans
, &wop
);
2649 sim_fpu_to64 (&res
, &ans
);
2654 fprintf (stderr
, "Bad switch\n");
2659 printf("DBG: SquareRoot: returning 0x%s (format = %s)\n",pr_addr(result
),DOFMT(fmt
));
2675 printf("DBG: Max: %s: op1 = 0x%s : op2 = 0x%s\n",DOFMT(fmt
),pr_addr(op1
),pr_addr(op2
));
2678 /* The registers must specify FPRs valid for operands of type
2679 "fmt". If they are not valid, the result is undefined. */
2681 /* The format type should already have been checked: */
2688 sim_fpu_32to (&wop1
, op1
);
2689 sim_fpu_32to (&wop2
, op2
);
2690 cmp
= sim_fpu_cmp (&wop1
, &wop2
);
2697 sim_fpu_64to (&wop1
, op1
);
2698 sim_fpu_64to (&wop2
, op2
);
2699 cmp
= sim_fpu_cmp (&wop1
, &wop2
);
2703 fprintf (stderr
, "Bad switch\n");
2709 case SIM_FPU_IS_SNAN
:
2710 case SIM_FPU_IS_QNAN
:
2712 case SIM_FPU_IS_NINF
:
2713 case SIM_FPU_IS_NNUMBER
:
2714 case SIM_FPU_IS_NDENORM
:
2715 case SIM_FPU_IS_NZERO
:
2716 result
= op2
; /* op1 - op2 < 0 */
2717 case SIM_FPU_IS_PINF
:
2718 case SIM_FPU_IS_PNUMBER
:
2719 case SIM_FPU_IS_PDENORM
:
2720 case SIM_FPU_IS_PZERO
:
2721 result
= op1
; /* op1 - op2 > 0 */
2723 fprintf (stderr
, "Bad switch\n");
2728 printf("DBG: Max: returning 0x%s (format = %s)\n",pr_addr(result
),DOFMT(fmt
));
2745 printf("DBG: Min: %s: op1 = 0x%s : op2 = 0x%s\n",DOFMT(fmt
),pr_addr(op1
),pr_addr(op2
));
2748 /* The registers must specify FPRs valid for operands of type
2749 "fmt". If they are not valid, the result is undefined. */
2751 /* The format type should already have been checked: */
2758 sim_fpu_32to (&wop1
, op1
);
2759 sim_fpu_32to (&wop2
, op2
);
2760 cmp
= sim_fpu_cmp (&wop1
, &wop2
);
2767 sim_fpu_64to (&wop1
, op1
);
2768 sim_fpu_64to (&wop2
, op2
);
2769 cmp
= sim_fpu_cmp (&wop1
, &wop2
);
2773 fprintf (stderr
, "Bad switch\n");
2779 case SIM_FPU_IS_SNAN
:
2780 case SIM_FPU_IS_QNAN
:
2782 case SIM_FPU_IS_NINF
:
2783 case SIM_FPU_IS_NNUMBER
:
2784 case SIM_FPU_IS_NDENORM
:
2785 case SIM_FPU_IS_NZERO
:
2786 result
= op1
; /* op1 - op2 < 0 */
2787 case SIM_FPU_IS_PINF
:
2788 case SIM_FPU_IS_PNUMBER
:
2789 case SIM_FPU_IS_PDENORM
:
2790 case SIM_FPU_IS_PZERO
:
2791 result
= op2
; /* op1 - op2 > 0 */
2793 fprintf (stderr
, "Bad switch\n");
2798 printf("DBG: Min: returning 0x%s (format = %s)\n",pr_addr(result
),DOFMT(fmt
));
2806 convert (SIM_DESC sd
,
2815 sim_fpu_round round
;
2816 unsigned32 result32
;
2817 unsigned64 result64
;
2820 printf("DBG: Convert: mode %s : op 0x%s : from %s : to %s : (PC = 0x%s)\n",RMMODE(rm
),pr_addr(op
),DOFMT(from
),DOFMT(to
),pr_addr(IPC
));
2826 /* Round result to nearest representable value. When two
2827 representable values are equally near, round to the value
2828 that has a least significant bit of zero (i.e. is even). */
2829 round
= sim_fpu_round_near
;
2832 /* Round result to the value closest to, and not greater in
2833 magnitude than, the result. */
2834 round
= sim_fpu_round_zero
;
2837 /* Round result to the value closest to, and not less than,
2839 round
= sim_fpu_round_up
;
2843 /* Round result to the value closest to, and not greater than,
2845 round
= sim_fpu_round_down
;
2849 fprintf (stderr
, "Bad switch\n");
2853 /* Convert the input to sim_fpu internal format */
2857 sim_fpu_64to (&wop
, op
);
2860 sim_fpu_32to (&wop
, op
);
2863 sim_fpu_i32to (&wop
, op
, round
);
2866 sim_fpu_i64to (&wop
, op
, round
);
2869 fprintf (stderr
, "Bad switch\n");
2873 /* Convert sim_fpu format into the output */
2874 /* The value WOP is converted to the destination format, rounding
2875 using mode RM. When the destination is a fixed-point format, then
2876 a source value of Infinity, NaN or one which would round to an
2877 integer outside the fixed point range then an IEEE Invalid
2878 Operation condition is raised. */
2882 sim_fpu_round_32 (&wop
, round
, 0);
2883 sim_fpu_to32 (&result32
, &wop
);
2884 result64
= result32
;
2887 sim_fpu_round_64 (&wop
, round
, 0);
2888 sim_fpu_to64 (&result64
, &wop
);
2891 sim_fpu_to32i (&result32
, &wop
, round
);
2892 result64
= result32
;
2895 sim_fpu_to64i (&result64
, &wop
, round
);
2899 fprintf (stderr
, "Bad switch\n");
2904 printf("DBG: Convert: returning 0x%s (to format = %s)\n",pr_addr(result64
),DOFMT(to
));
2911 /*-- co-processor support routines ------------------------------------------*/
2914 CoProcPresent(coproc_number
)
2915 unsigned int coproc_number
;
2917 /* Return TRUE if simulator provides a model for the given co-processor number */
2922 cop_lw (SIM_DESC sd
,
2927 unsigned int memword
)
2932 if (CURRENT_FLOATING_POINT
== HARD_FLOATING_POINT
)
2935 printf("DBG: COP_LW: memword = 0x%08X (uword64)memword = 0x%s\n",memword
,pr_addr(memword
));
2937 StoreFPR(coproc_reg
,fmt_word
,(uword64
)memword
);
2938 FPR_STATE
[coproc_reg
] = fmt_uninterpreted
;
2943 #if 0 /* this should be controlled by a configuration option */
2944 sim_io_printf(sd
,"COP_LW(%d,%d,0x%08X) at PC = 0x%s : TODO (architecture specific)\n",coproc_num
,coproc_reg
,memword
,pr_addr(cia
));
2953 cop_ld (SIM_DESC sd
,
2960 switch (coproc_num
) {
2962 if (CURRENT_FLOATING_POINT
== HARD_FLOATING_POINT
)
2964 StoreFPR(coproc_reg
,fmt_uninterpreted
,memword
);
2969 #if 0 /* this message should be controlled by a configuration option */
2970 sim_io_printf(sd
,"COP_LD(%d,%d,0x%s) at PC = 0x%s : TODO (architecture specific)\n",coproc_num
,coproc_reg
,pr_addr(memword
),pr_addr(cia
));
2979 /* start-sanitize-sky */
2982 cop_lq (SIM_DESC sd
,
2987 unsigned128 memword
)
2998 /* one word at a time, argh! */
3002 value
= H2T_4(*A4_16(& memword
, 3-i
));
3003 write_vu_vec_reg(&(vu0_device
.regs
), coproc_reg
, i
, & value
);
3009 sim_io_printf(sd
,"COP_LQ(%d,%d,??) at PC = 0x%s : TODO (architecture specific)\n",
3010 coproc_num
,coproc_reg
,pr_addr(cia
));
3016 #endif /* TARGET_SKY */
3017 /* end-sanitize-sky */
3021 cop_sw (SIM_DESC sd
,
3027 unsigned int value
= 0;
3032 if (CURRENT_FLOATING_POINT
== HARD_FLOATING_POINT
)
3035 hold
= FPR_STATE
[coproc_reg
];
3036 FPR_STATE
[coproc_reg
] = fmt_word
;
3037 value
= (unsigned int)ValueFPR(coproc_reg
,fmt_uninterpreted
);
3038 FPR_STATE
[coproc_reg
] = hold
;
3043 #if 0 /* should be controlled by configuration option */
3044 sim_io_printf(sd
,"COP_SW(%d,%d) at PC = 0x%s : TODO (architecture specific)\n",coproc_num
,coproc_reg
,pr_addr(cia
));
3053 cop_sd (SIM_DESC sd
,
3063 if (CURRENT_FLOATING_POINT
== HARD_FLOATING_POINT
)
3065 value
= ValueFPR(coproc_reg
,fmt_uninterpreted
);
3070 #if 0 /* should be controlled by configuration option */
3071 sim_io_printf(sd
,"COP_SD(%d,%d) at PC = 0x%s : TODO (architecture specific)\n",coproc_num
,coproc_reg
,pr_addr(cia
));
3080 /* start-sanitize-sky */
3083 cop_sq (SIM_DESC sd
,
3089 unsigned128 value
= U16_8(0, 0);
3100 /* one word at a time, argh! */
3104 read_vu_vec_reg(&(vu0_device
.regs
), coproc_reg
, i
, & value
);
3105 *A4_16(& xyzw
, 3-i
) = T2H_4(value
);
3112 sim_io_printf(sd
,"COP_SQ(%d,%d) at PC = 0x%s : TODO (architecture specific)\n",
3113 coproc_num
,coproc_reg
,pr_addr(cia
));
3119 #endif /* TARGET_SKY */
3120 /* end-sanitize-sky */
3124 decode_coproc (SIM_DESC sd
,
3127 unsigned int instruction
)
3129 int coprocnum
= ((instruction
>> 26) & 3);
3133 case 0: /* standard CPU control and cache registers */
3135 int code
= ((instruction
>> 21) & 0x1F);
3136 /* R4000 Users Manual (second edition) lists the following CP0
3138 DMFC0 Doubleword Move From CP0 (VR4100 = 01000000001tttttddddd00000000000)
3139 DMTC0 Doubleword Move To CP0 (VR4100 = 01000000101tttttddddd00000000000)
3140 MFC0 word Move From CP0 (VR4100 = 01000000000tttttddddd00000000000)
3141 MTC0 word Move To CP0 (VR4100 = 01000000100tttttddddd00000000000)
3142 TLBR Read Indexed TLB Entry (VR4100 = 01000010000000000000000000000001)
3143 TLBWI Write Indexed TLB Entry (VR4100 = 01000010000000000000000000000010)
3144 TLBWR Write Random TLB Entry (VR4100 = 01000010000000000000000000000110)
3145 TLBP Probe TLB for Matching Entry (VR4100 = 01000010000000000000000000001000)
3146 CACHE Cache operation (VR4100 = 101111bbbbbpppppiiiiiiiiiiiiiiii)
3147 ERET Exception return (VR4100 = 01000010000000000000000000011000)
3149 if (((code
== 0x00) || (code
== 0x04)) && ((instruction
& 0x7FF) == 0))
3151 int rt
= ((instruction
>> 16) & 0x1F);
3152 int rd
= ((instruction
>> 11) & 0x1F);
3154 switch (rd
) /* NOTEs: Standard CP0 registers */
3156 /* 0 = Index R4000 VR4100 VR4300 */
3157 /* 1 = Random R4000 VR4100 VR4300 */
3158 /* 2 = EntryLo0 R4000 VR4100 VR4300 */
3159 /* 3 = EntryLo1 R4000 VR4100 VR4300 */
3160 /* 4 = Context R4000 VR4100 VR4300 */
3161 /* 5 = PageMask R4000 VR4100 VR4300 */
3162 /* 6 = Wired R4000 VR4100 VR4300 */
3163 /* 8 = BadVAddr R4000 VR4100 VR4300 */
3164 /* 9 = Count R4000 VR4100 VR4300 */
3165 /* 10 = EntryHi R4000 VR4100 VR4300 */
3166 /* 11 = Compare R4000 VR4100 VR4300 */
3167 /* 12 = SR R4000 VR4100 VR4300 */
3174 /* 13 = Cause R4000 VR4100 VR4300 */
3181 /* 14 = EPC R4000 VR4100 VR4300 */
3184 GPR
[rt
] = (signed_word
) (signed_address
) EPC
;
3188 /* 15 = PRId R4000 VR4100 VR4300 */
3189 #ifdef SUBTARGET_R3900
3198 /* 16 = Config R4000 VR4100 VR4300 */
3201 GPR
[rt
] = C0_CONFIG
;
3203 C0_CONFIG
= GPR
[rt
];
3206 #ifdef SUBTARGET_R3900
3215 /* 17 = LLAddr R4000 VR4100 VR4300 */
3217 /* 18 = WatchLo R4000 VR4100 VR4300 */
3218 /* 19 = WatchHi R4000 VR4100 VR4300 */
3219 /* 20 = XContext R4000 VR4100 VR4300 */
3220 /* 26 = PErr or ECC R4000 VR4100 VR4300 */
3221 /* 27 = CacheErr R4000 VR4100 */
3222 /* 28 = TagLo R4000 VR4100 VR4300 */
3223 /* 29 = TagHi R4000 VR4100 VR4300 */
3224 /* 30 = ErrorEPC R4000 VR4100 VR4300 */
3225 GPR
[rt
] = 0xDEADC0DE; /* CPR[0,rd] */
3226 /* CPR[0,rd] = GPR[rt]; */
3229 sim_io_printf(sd
,"Warning: MFC0 %d,%d ignored (architecture specific)\n",rt
,rd
);
3231 sim_io_printf(sd
,"Warning: MTC0 %d,%d ignored (architecture specific)\n",rt
,rd
);
3234 else if (code
== 0x10 && (instruction
& 0x3f) == 0x18)
3237 if (SR
& status_ERL
)
3239 /* Oops, not yet available */
3240 sim_io_printf(sd
,"Warning: ERET when SR[ERL] set not handled yet");
3250 else if (code
== 0x10 && (instruction
& 0x3f) == 0x10)
3254 else if (code
== 0x10 && (instruction
& 0x3f) == 0x1F)
3262 sim_io_eprintf(sd
,"Unrecognised COP0 instruction 0x%08X at PC = 0x%s : No handler present\n",instruction
,pr_addr(cia
));
3263 /* TODO: When executing an ERET or RFE instruction we should
3264 clear LLBIT, to ensure that any out-standing atomic
3265 read/modify/write sequence fails. */
3269 case 2: /* co-processor 2 */
3273 /* start-sanitize-sky */
3275 /* On the R5900, this refers to a "VU" vector co-processor. */
3277 int i_25_21
= (instruction
>> 21) & 0x1f;
3278 int i_20_16
= (instruction
>> 16) & 0x1f;
3279 int i_20_6
= (instruction
>> 6) & 0x7fff;
3280 int i_15_11
= (instruction
>> 11) & 0x1f;
3281 int i_15_0
= instruction
& 0xffff;
3282 int i_10_1
= (instruction
>> 1) & 0x3ff;
3283 int i_10_0
= instruction
& 0x7ff;
3284 int i_10_6
= (instruction
>> 6) & 0x1f;
3285 int i_5_0
= instruction
& 0x03f;
3286 int interlock
= instruction
& 0x01;
3287 /* setup for semantic.c-like actions below */
3288 typedef unsigned_4 instruction_word
;
3294 /* test COP2 usability */
3295 if(! (SR
& status_CU2
))
3297 SignalException(CoProcessorUnusable
,instruction
);
3301 #define MY_INDEX itable_COPz_NORMAL
3302 #define MY_PREFIX COPz_NORMAL
3303 #define MY_NAME "COPz_NORMAL"
3305 /* classify & execute basic COP2 instructions */
3306 if(i_25_21
== 0x08 && i_20_16
== 0x00) /* BC2F */
3308 address_word offset
= EXTEND16(i_15_0
) << 2;
3309 if(! vu0_busy()) DELAY_SLOT(cia
+ 4 + offset
);
3311 else if(i_25_21
== 0x08 && i_20_16
==0x02) /* BC2FL */
3313 address_word offset
= EXTEND16(i_15_0
) << 2;
3314 if(! vu0_busy()) DELAY_SLOT(cia
+ 4 + offset
);
3315 else NULLIFY_NEXT_INSTRUCTION();
3317 else if(i_25_21
== 0x08 && i_20_16
== 0x01) /* BC2T */
3319 address_word offset
= EXTEND16(i_15_0
) << 2;
3320 if(vu0_busy()) DELAY_SLOT(cia
+ 4 + offset
);
3322 else if(i_25_21
== 0x08 && i_20_16
== 0x03) /* BC2TL */
3324 address_word offset
= EXTEND16(i_15_0
) << 2;
3325 if(vu0_busy()) DELAY_SLOT(cia
+ 4 + offset
);
3326 else NULLIFY_NEXT_INSTRUCTION();
3328 else if((i_25_21
== 0x02 && i_10_1
== 0x000) || /* CFC2 */
3329 (i_25_21
== 0x01)) /* QMFC2 */
3334 /* interlock checking */
3335 /* POLICY: never busy in macro mode */
3336 while(vu0_busy() && interlock
)
3339 /* perform VU register address */
3340 if(i_25_21
== 0x01) /* QMFC2 */
3343 /* one word at a time, argh! */
3344 read_vu_vec_reg(&(vu0_device
.regs
), id
, 0, A4_16(& xyzw
, 3));
3345 read_vu_vec_reg(&(vu0_device
.regs
), id
, 1, A4_16(& xyzw
, 2));
3346 read_vu_vec_reg(&(vu0_device
.regs
), id
, 2, A4_16(& xyzw
, 1));
3347 read_vu_vec_reg(&(vu0_device
.regs
), id
, 3, A4_16(& xyzw
, 0));
3348 GPR
[rt
] = T2H_8(* A8_16(& xyzw
, 1));
3349 GPR1
[rt
] = T2H_8(* A8_16(& xyzw
, 0));
3354 /* enum + int calculation, argh! */
3355 id
= VU_REG_MST
+ 16 * id
;
3356 read_vu_misc_reg(&(vu0_device
.regs
), id
, & data
);
3357 GPR
[rt
] = EXTEND32(T2H_4(data
));
3360 else if((i_25_21
== 0x06 && i_10_1
== 0x000) || /* CTC2 */
3361 (i_25_21
== 0x05)) /* QMTC2 */
3366 /* interlock checking: wait until M or E bits set */
3367 /* POLICY: never busy in macro mode */
3368 while(vu0_busy() && interlock
)
3370 if(vu0_micro_interlock_released())
3372 vu0_micro_interlock_clear();
3379 /* perform VU register address */
3380 if(i_25_21
== 0x05) /* QMTC2 */
3382 unsigned_16 xyzw
= U16_8(GPR1
[rt
], GPR
[rt
]);
3384 xyzw
= H2T_16(xyzw
);
3385 /* one word at a time, argh! */
3386 write_vu_vec_reg(&(vu0_device
.regs
), id
, 0, A4_16(& xyzw
, 3));
3387 write_vu_vec_reg(&(vu0_device
.regs
), id
, 1, A4_16(& xyzw
, 2));
3388 write_vu_vec_reg(&(vu0_device
.regs
), id
, 2, A4_16(& xyzw
, 1));
3389 write_vu_vec_reg(&(vu0_device
.regs
), id
, 3, A4_16(& xyzw
, 0));
3393 unsigned_4 data
= H2T_4(GPR
[rt
]);
3394 /* enum + int calculation, argh! */
3395 id
= VU_REG_MST
+ 16 * id
;
3396 write_vu_misc_reg(&(vu0_device
.regs
), id
, & data
);
3399 else if(i_10_0
== 0x3bf) /* VWAITQ */
3404 else if(i_5_0
== 0x38) /* VCALLMS */
3406 unsigned_4 data
= H2T_2(i_20_6
);
3411 /* write to reserved CIA register to get VU0 moving */
3412 write_vu_special_reg(& vu0_device
, VU_REG_CIA
, & data
);
3416 else if(i_5_0
== 0x39) /* VCALLMSR */
3423 read_vu_special_reg(& vu0_device
, VU_REG_CMSAR0
, & data
);
3424 /* write to reserved CIA register to get VU0 moving */
3425 write_vu_special_reg(& vu0_device
, VU_REG_CIA
, & data
);
3429 /* handle all remaining UPPER VU instructions in one block */
3430 else if((i_5_0
< 0x30) || /* VADDx .. VMINI */
3431 (i_5_0
>= 0x3c && i_10_6
< 0x0c)) /* VADDAx .. VNOP */
3433 unsigned_4 vu_upper
, vu_lower
;
3435 0x00000000 | /* bits 31 .. 25 */
3436 (instruction
& 0x01ffffff); /* bits 24 .. 0 */
3437 vu_lower
= 0x8000033c; /* NOP */
3439 /* POLICY: never busy in macro mode */
3443 vu0_macro_issue(vu_upper
, vu_lower
);
3445 /* POLICY: wait for completion of macro-instruction */
3449 /* handle all remaining LOWER VU instructions in one block */
3450 else if((i_5_0
>= 0x30 && i_5_0
<= 0x35) || /* VIADD .. VIOR */
3451 (i_5_0
>= 0x3c && i_10_6
>= 0x0c)) /* VMOVE .. VRXOR */
3452 { /* N.B.: VWAITQ already covered by prior case */
3453 unsigned_4 vu_upper
, vu_lower
;
3454 vu_upper
= 0x000002ff; /* NOP/NOP */
3456 0x80000000 | /* bits 31 .. 25 */
3457 (instruction
& 0x01ffffff); /* bits 24 .. 0 */
3459 /* POLICY: never busy in macro mode */
3463 vu0_macro_issue(vu_upper
, vu_lower
);
3465 /* POLICY: wait for completion of macro-instruction */
3469 /* ... no other COP2 instructions ... */
3472 SignalException(ReservedInstruction
, instruction
);
3476 /* cleanup for semantic.c-like actions above */
3483 #endif /* TARGET_SKY */
3484 /* end-sanitize-sky */
3488 sim_io_eprintf(sd
, "COP2 instruction 0x%08X at PC = 0x%s : No handler present\n",
3489 instruction
,pr_addr(cia
));
3494 case 1: /* should not occur (FPU co-processor) */
3495 case 3: /* should not occur (FPU co-processor) */
3496 SignalException(ReservedInstruction
,instruction
);
3504 /*-- instruction simulation -------------------------------------------------*/
3506 /* When the IGEN simulator is being built, the function below is be
3507 replaced by a generated version. However, WITH_IGEN == 2 indicates
3508 that the fubction below should be compiled but under a different
3509 name (to allow backward compatibility) */
3511 #if (WITH_IGEN != 1)
3513 void old_engine_run
PARAMS ((SIM_DESC sd
, int next_cpu_nr
, int siggnal
));
3515 old_engine_run (sd
, next_cpu_nr
, nr_cpus
, siggnal
)
3518 sim_engine_run (sd
, next_cpu_nr
, nr_cpus
, siggnal
)
3521 int next_cpu_nr
; /* ignore */
3522 int nr_cpus
; /* ignore */
3523 int siggnal
; /* ignore */
3525 sim_cpu
*cpu
= STATE_CPU (sd
, 0); /* hardwire to cpu 0 */
3526 #if !defined(FASTSIM)
3527 unsigned int pipeline_count
= 1;
3531 if (STATE_MEMORY (sd
) == NULL
) {
3532 printf("DBG: simulate() entered with no memory\n");
3537 #if 0 /* Disabled to check that everything works OK */
3538 /* The VR4300 seems to sign-extend the PC on its first
3539 access. However, this may just be because it is currently
3540 configured in 32bit mode. However... */
3541 PC
= SIGNEXTEND(PC
,32);
3544 /* main controlling loop */
3546 /* vaddr is slowly being replaced with cia - current instruction
3548 address_word cia
= (uword64
)PC
;
3549 address_word vaddr
= cia
;
3552 unsigned int instruction
; /* uword64? what's this used for? FIXME! */
3556 printf("DBG: state = 0x%08X :",state
);
3557 if (state
& simHALTEX
) printf(" simHALTEX");
3558 if (state
& simHALTIN
) printf(" simHALTIN");
3563 DSSTATE
= (STATE
& simDELAYSLOT
);
3566 sim_io_printf(sd
,"DBG: DSPC = 0x%s\n",pr_addr(DSPC
));
3569 /* Fetch the next instruction from the simulator memory: */
3570 if (AddressTranslation(cia
,isINSTRUCTION
,isLOAD
,&paddr
,&cca
,isTARGET
,isREAL
)) {
3571 if ((vaddr
& 1) == 0) {
3572 /* Copy the action of the LW instruction */
3573 unsigned int reverse
= (ReverseEndian
? (LOADDRMASK
>> 2) : 0);
3574 unsigned int bigend
= (BigEndianCPU
? (LOADDRMASK
>> 2) : 0);
3577 paddr
= ((paddr
& ~LOADDRMASK
) | ((paddr
& LOADDRMASK
) ^ (reverse
<< 2)));
3578 LoadMemory(&value
,NULL
,cca
,AccessLength_WORD
,paddr
,vaddr
,isINSTRUCTION
,isREAL
);
3579 byte
= ((vaddr
& LOADDRMASK
) ^ (bigend
<< 2));
3580 instruction
= ((value
>> (8 * byte
)) & 0xFFFFFFFF);
3582 /* Copy the action of the LH instruction */
3583 unsigned int reverse
= (ReverseEndian
? (LOADDRMASK
>> 1) : 0);
3584 unsigned int bigend
= (BigEndianCPU
? (LOADDRMASK
>> 1) : 0);
3587 paddr
= (((paddr
& ~ (uword64
) 1) & ~LOADDRMASK
)
3588 | (((paddr
& ~ (uword64
) 1) & LOADDRMASK
) ^ (reverse
<< 1)));
3589 LoadMemory(&value
,NULL
,cca
, AccessLength_HALFWORD
,
3590 paddr
& ~ (uword64
) 1,
3591 vaddr
, isINSTRUCTION
, isREAL
);
3592 byte
= (((vaddr
&~ (uword64
) 1) & LOADDRMASK
) ^ (bigend
<< 1));
3593 instruction
= ((value
>> (8 * byte
)) & 0xFFFF);
3596 fprintf(stderr
,"Cannot translate address for PC = 0x%s failed\n",pr_addr(PC
));
3601 sim_io_printf(sd
,"DBG: fetched 0x%08X from PC = 0x%s\n",instruction
,pr_addr(PC
));
3604 /* This is required by exception processing, to ensure that we can
3605 cope with exceptions in the delay slots of branches that may
3606 already have changed the PC. */
3607 if ((vaddr
& 1) == 0)
3608 PC
+= 4; /* increment ready for the next fetch */
3611 /* NOTE: If we perform a delay slot change to the PC, this
3612 increment is not requuired. However, it would make the
3613 simulator more complicated to try and avoid this small hit. */
3615 /* Currently this code provides a simple model. For more
3616 complicated models we could perform exception status checks at
3617 this point, and set the simSTOP state as required. This could
3618 also include processing any hardware interrupts raised by any
3619 I/O model attached to the simulator context.
3621 Support for "asynchronous" I/O events within the simulated world
3622 could be providing by managing a counter, and calling a I/O
3623 specific handler when a particular threshold is reached. On most
3624 architectures a decrement and check for zero operation is
3625 usually quicker than an increment and compare. However, the
3626 process of managing a known value decrement to zero, is higher
3627 than the cost of using an explicit value UINT_MAX into the
3628 future. Which system is used will depend on how complicated the
3629 I/O model is, and how much it is likely to affect the simulator
3632 If events need to be scheduled further in the future than
3633 UINT_MAX event ticks, then the I/O model should just provide its
3634 own counter, triggered from the event system. */
3636 /* MIPS pipeline ticks. To allow for future support where the
3637 pipeline hit of individual instructions is known, this control
3638 loop manages a "pipeline_count" variable. It is initialised to
3639 1 (one), and will only be changed by the simulator engine when
3640 executing an instruction. If the engine does not have access to
3641 pipeline cycle count information then all instructions will be
3642 treated as using a single cycle. NOTE: A standard system is not
3643 provided by the default simulator because different MIPS
3644 architectures have different cycle counts for the same
3647 [NOTE: pipeline_count has been replaced the event queue] */
3649 /* shuffle the floating point status pipeline state */
3650 ENGINE_ISSUE_PREFIX_HOOK();
3652 /* NOTE: For multi-context simulation environments the "instruction"
3653 variable should be local to this routine. */
3655 /* Shorthand accesses for engine. Note: If we wanted to use global
3656 variables (and a single-threaded simulator engine), then we can
3657 create the actual variables with these names. */
3659 if (!(STATE
& simSKIPNEXT
)) {
3660 /* Include the simulator engine */
3661 #include "oengine.c"
3662 #if ((GPRLEN == 64) && !PROCESSOR_64BIT) || ((GPRLEN == 32) && PROCESSOR_64BIT)
3663 #error "Mismatch between run-time simulator code and simulation engine"
3665 #if (WITH_TARGET_WORD_BITSIZE != GPRLEN)
3666 #error "Mismatch between configure WITH_TARGET_WORD_BITSIZE and gencode GPRLEN"
3668 #if ((WITH_FLOATING_POINT == HARD_FLOATING_POINT) != defined (HASFPU))
3669 #error "Mismatch between configure WITH_FLOATING_POINT and gencode HASFPU"
3672 /* For certain MIPS architectures, GPR[0] is hardwired to zero. We
3673 should check for it being changed. It is better doing it here,
3674 than within the simulator, since it will help keep the simulator
3677 #if defined(WARN_ZERO)
3678 sim_io_eprintf(sd
,"The ZERO register has been updated with 0x%s (PC = 0x%s) (reset back to zero)\n",pr_addr(ZERO
),pr_addr(cia
));
3679 #endif /* WARN_ZERO */
3680 ZERO
= 0; /* reset back to zero before next instruction */
3682 } else /* simSKIPNEXT check */
3683 STATE
&= ~simSKIPNEXT
;
3685 /* If the delay slot was active before the instruction is
3686 executed, then update the PC to its new value: */
3689 printf("DBG: dsstate set before instruction execution - updating PC to 0x%s\n",pr_addr(DSPC
));
3698 #if !defined(FASTSIM)
3699 if (sim_events_tickn (sd
, pipeline_count
))
3701 /* cpu->cia = cia; */
3702 sim_events_process (sd
);
3705 if (sim_events_tick (sd
))
3707 /* cpu->cia = cia; */
3708 sim_events_process (sd
);
3710 #endif /* FASTSIM */
3716 /* This code copied from gdb's utils.c. Would like to share this code,
3717 but don't know of a common place where both could get to it. */
3719 /* Temporary storage using circular buffer */
3725 static char buf
[NUMCELLS
][CELLSIZE
];
3727 if (++cell
>=NUMCELLS
) cell
=0;
3731 /* Print routines to handle variable size regs, etc */
3733 /* Eliminate warning from compiler on 32-bit systems */
3734 static int thirty_two
= 32;
3740 char *paddr_str
=get_cell();
3741 switch (sizeof(addr
))
3744 sprintf(paddr_str
,"%08lx%08lx",
3745 (unsigned long)(addr
>>thirty_two
),(unsigned long)(addr
&0xffffffff));
3748 sprintf(paddr_str
,"%08lx",(unsigned long)addr
);
3751 sprintf(paddr_str
,"%04x",(unsigned short)(addr
&0xffff));
3754 sprintf(paddr_str
,"%x",addr
);
3763 char *paddr_str
=get_cell();
3764 sprintf(paddr_str
,"%08lx%08lx",
3765 (unsigned long)(addr
>>thirty_two
),(unsigned long)(addr
&0xffffffff));
3771 /*---------------------------------------------------------------------------*/
3772 /*> EOF interp.c <*/