1/*
2 * SH4 emulation
3 *
4 * Copyright (c) 2005 Samuel Tardieu
5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
18 */
19
20#ifndef SH4_CPU_H
21#define SH4_CPU_H
22
23#include "cpu-qom.h"
24#include "exec/cpu-defs.h"
25
26/* CPU Subtypes */
27#define SH_CPU_SH7750 (1 << 0)
28#define SH_CPU_SH7750S (1 << 1)
29#define SH_CPU_SH7750R (1 << 2)
30#define SH_CPU_SH7751 (1 << 3)
31#define SH_CPU_SH7751R (1 << 4)
32#define SH_CPU_SH7785 (1 << 5)
33#define SH_CPU_SH7750_ALL (SH_CPU_SH7750 | SH_CPU_SH7750S | SH_CPU_SH7750R)
34#define SH_CPU_SH7751_ALL (SH_CPU_SH7751 | SH_CPU_SH7751R)
35
36#define SR_MD 30
37#define SR_RB 29
38#define SR_BL 28
39#define SR_FD 15
40#define SR_M 9
41#define SR_Q 8
42#define SR_I3 7
43#define SR_I2 6
44#define SR_I1 5
45#define SR_I0 4
46#define SR_S 1
47#define SR_T 0
48
49#define FPSCR_MASK (0x003fffff)
50#define FPSCR_FR (1 << 21)
51#define FPSCR_SZ (1 << 20)
52#define FPSCR_PR (1 << 19)
53#define FPSCR_DN (1 << 18)
54#define FPSCR_CAUSE_MASK (0x3f << 12)
55#define FPSCR_CAUSE_SHIFT (12)
56#define FPSCR_CAUSE_E (1 << 17)
57#define FPSCR_CAUSE_V (1 << 16)
58#define FPSCR_CAUSE_Z (1 << 15)
59#define FPSCR_CAUSE_O (1 << 14)
60#define FPSCR_CAUSE_U (1 << 13)
61#define FPSCR_CAUSE_I (1 << 12)
62#define FPSCR_ENABLE_MASK (0x1f << 7)
63#define FPSCR_ENABLE_SHIFT (7)
64#define FPSCR_ENABLE_V (1 << 11)
65#define FPSCR_ENABLE_Z (1 << 10)
66#define FPSCR_ENABLE_O (1 << 9)
67#define FPSCR_ENABLE_U (1 << 8)
68#define FPSCR_ENABLE_I (1 << 7)
69#define FPSCR_FLAG_MASK (0x1f << 2)
70#define FPSCR_FLAG_SHIFT (2)
71#define FPSCR_FLAG_V (1 << 6)
72#define FPSCR_FLAG_Z (1 << 5)
73#define FPSCR_FLAG_O (1 << 4)
74#define FPSCR_FLAG_U (1 << 3)
75#define FPSCR_FLAG_I (1 << 2)
76#define FPSCR_RM_MASK (0x03 << 0)
77#define FPSCR_RM_NEAREST (0 << 0)
78#define FPSCR_RM_ZERO (1 << 0)
79
80#define DELAY_SLOT_MASK 0x7
81#define DELAY_SLOT (1 << 0)
82#define DELAY_SLOT_CONDITIONAL (1 << 1)
83#define DELAY_SLOT_RTE (1 << 2)
84
85#define TB_FLAG_PENDING_MOVCA (1 << 3)
86
87#define GUSA_SHIFT 4
88#ifdef CONFIG_USER_ONLY
89#define GUSA_EXCLUSIVE (1 << 12)
90#define GUSA_MASK ((0xff << GUSA_SHIFT) | GUSA_EXCLUSIVE)
91#else
92/* Provide dummy versions of the above to allow tests against tbflags
93 to be elided while avoiding ifdefs. */
94#define GUSA_EXCLUSIVE 0
95#define GUSA_MASK 0
96#endif
97
98#define TB_FLAG_ENVFLAGS_MASK (DELAY_SLOT_MASK | GUSA_MASK)
99
100typedef struct tlb_t {
101 uint32_t vpn; /* virtual page number */
102 uint32_t ppn; /* physical page number */
103 uint32_t size; /* mapped page size in bytes */
104 uint8_t asid; /* address space identifier */
105 uint8_t v:1; /* validity */
106 uint8_t sz:2; /* page size */
107 uint8_t sh:1; /* share status */
108 uint8_t c:1; /* cacheability */
109 uint8_t pr:2; /* protection key */
110 uint8_t d:1; /* dirty */
111 uint8_t wt:1; /* write through */
112 uint8_t sa:3; /* space attribute (PCMCIA) */
113 uint8_t tc:1; /* timing control */
114} tlb_t;
115
116#define UTLB_SIZE 64
117#define ITLB_SIZE 4
118
119#define TARGET_INSN_START_EXTRA_WORDS 1
120
121enum sh_features {
122 SH_FEATURE_SH4A = 1,
123 SH_FEATURE_BCR3_AND_BCR4 = 2,
124};
125
126typedef struct memory_content {
127 uint32_t address;
128 uint32_t value;
129 struct memory_content *next;
130} memory_content;
131
132typedef struct CPUSH4State {
133 uint32_t flags; /* general execution flags */
134 uint32_t gregs[24]; /* general registers */
135 float32 fregs[32]; /* floating point registers */
136 uint32_t sr; /* status register (with T split out) */
137 uint32_t sr_m; /* M bit of status register */
138 uint32_t sr_q; /* Q bit of status register */
139 uint32_t sr_t; /* T bit of status register */
140 uint32_t ssr; /* saved status register */
141 uint32_t spc; /* saved program counter */
142 uint32_t gbr; /* global base register */
143 uint32_t vbr; /* vector base register */
144 uint32_t sgr; /* saved global register 15 */
145 uint32_t dbr; /* debug base register */
146 uint32_t pc; /* program counter */
147 uint32_t delayed_pc; /* target of delayed branch */
148 uint32_t delayed_cond; /* condition of delayed branch */
149 uint32_t mach; /* multiply and accumulate high */
150 uint32_t macl; /* multiply and accumulate low */
151 uint32_t pr; /* procedure register */
152 uint32_t fpscr; /* floating point status/control register */
153 uint32_t fpul; /* floating point communication register */
154
155 /* float point status register */
156 float_status fp_status;
157
158 /* Those belong to the specific unit (SH7750) but are handled here */
159 uint32_t mmucr; /* MMU control register */
160 uint32_t pteh; /* page table entry high register */
161 uint32_t ptel; /* page table entry low register */
162 uint32_t ptea; /* page table entry assistance register */
163 uint32_t ttb; /* tranlation table base register */
164 uint32_t tea; /* TLB exception address register */
165 uint32_t tra; /* TRAPA exception register */
166 uint32_t expevt; /* exception event register */
167 uint32_t intevt; /* interrupt event register */
168
169 tlb_t itlb[ITLB_SIZE]; /* instruction translation table */
170 tlb_t utlb[UTLB_SIZE]; /* unified translation table */
171
172 /* LDST = LOCK_ADDR != -1. */
173 uint32_t lock_addr;
174 uint32_t lock_value;
175
176 /* Fields up to this point are cleared by a CPU reset */
177 struct {} end_reset_fields;
178
179 /* Fields from here on are preserved over CPU reset. */
180 int id; /* CPU model */
181
182 /* The features that we should emulate. See sh_features above. */
183 uint32_t features;
184
185 void *intc_handle;
186 int in_sleep; /* SR_BL ignored during sleep */
187 memory_content *movcal_backup;
188 memory_content **movcal_backup_tail;
189} CPUSH4State;
190
191/**
192 * SuperHCPU:
193 * @env: #CPUSH4State
194 *
195 * A SuperH CPU.
196 */
197struct SuperHCPU {
198 /*< private >*/
199 CPUState parent_obj;
200 /*< public >*/
201
202 CPUNegativeOffsetState neg;
203 CPUSH4State env;
204};
205
206
207void superh_cpu_do_interrupt(CPUState *cpu);
208bool superh_cpu_exec_interrupt(CPUState *cpu, int int_req);
209void superh_cpu_dump_state(CPUState *cpu, FILE *f, int flags);
210hwaddr superh_cpu_get_phys_page_debug(CPUState *cpu, vaddr addr);
211int superh_cpu_gdb_read_register(CPUState *cpu, uint8_t *buf, int reg);
212int superh_cpu_gdb_write_register(CPUState *cpu, uint8_t *buf, int reg);
213void superh_cpu_do_unaligned_access(CPUState *cpu, vaddr addr,
214 MMUAccessType access_type,
215 int mmu_idx, uintptr_t retaddr);
216
217void sh4_translate_init(void);
218int cpu_sh4_signal_handler(int host_signum, void *pinfo,
219 void *puc);
220bool superh_cpu_tlb_fill(CPUState *cs, vaddr address, int size,
221 MMUAccessType access_type, int mmu_idx,
222 bool probe, uintptr_t retaddr);
223
224void sh4_cpu_list(void);
225#if !defined(CONFIG_USER_ONLY)
226void cpu_sh4_invalidate_tlb(CPUSH4State *s);
227uint32_t cpu_sh4_read_mmaped_itlb_addr(CPUSH4State *s,
228 hwaddr addr);
229void cpu_sh4_write_mmaped_itlb_addr(CPUSH4State *s, hwaddr addr,
230 uint32_t mem_value);
231uint32_t cpu_sh4_read_mmaped_itlb_data(CPUSH4State *s,
232 hwaddr addr);
233void cpu_sh4_write_mmaped_itlb_data(CPUSH4State *s, hwaddr addr,
234 uint32_t mem_value);
235uint32_t cpu_sh4_read_mmaped_utlb_addr(CPUSH4State *s,
236 hwaddr addr);
237void cpu_sh4_write_mmaped_utlb_addr(CPUSH4State *s, hwaddr addr,
238 uint32_t mem_value);
239uint32_t cpu_sh4_read_mmaped_utlb_data(CPUSH4State *s,
240 hwaddr addr);
241void cpu_sh4_write_mmaped_utlb_data(CPUSH4State *s, hwaddr addr,
242 uint32_t mem_value);
243#endif
244
245int cpu_sh4_is_cached(CPUSH4State * env, target_ulong addr);
246
247void cpu_load_tlb(CPUSH4State * env);
248
249#define SUPERH_CPU_TYPE_SUFFIX "-" TYPE_SUPERH_CPU
250#define SUPERH_CPU_TYPE_NAME(model) model SUPERH_CPU_TYPE_SUFFIX
251#define CPU_RESOLVING_TYPE TYPE_SUPERH_CPU
252
253#define cpu_signal_handler cpu_sh4_signal_handler
254#define cpu_list sh4_cpu_list
255
256/* MMU modes definitions */
257#define MMU_MODE0_SUFFIX _kernel
258#define MMU_MODE1_SUFFIX _user
259#define MMU_USER_IDX 1
260static inline int cpu_mmu_index (CPUSH4State *env, bool ifetch)
261{
262 /* The instruction in a RTE delay slot is fetched in privileged
263 mode, but executed in user mode. */
264 if (ifetch && (env->flags & DELAY_SLOT_RTE)) {
265 return 0;
266 } else {
267 return (env->sr & (1u << SR_MD)) == 0 ? 1 : 0;
268 }
269}
270
271typedef CPUSH4State CPUArchState;
272typedef SuperHCPU ArchCPU;
273
274#include "exec/cpu-all.h"
275
276/* Memory access type */
277enum {
278 /* Privilege */
279 ACCESS_PRIV = 0x01,
280 /* Direction */
281 ACCESS_WRITE = 0x02,
282 /* Type of instruction */
283 ACCESS_CODE = 0x10,
284 ACCESS_INT = 0x20
285};
286
287/* MMU control register */
288#define MMUCR 0x1F000010
289#define MMUCR_AT (1<<0)
290#define MMUCR_TI (1<<2)
291#define MMUCR_SV (1<<8)
292#define MMUCR_URC_BITS (6)
293#define MMUCR_URC_OFFSET (10)
294#define MMUCR_URC_SIZE (1 << MMUCR_URC_BITS)
295#define MMUCR_URC_MASK (((MMUCR_URC_SIZE) - 1) << MMUCR_URC_OFFSET)
296static inline int cpu_mmucr_urc (uint32_t mmucr)
297{
298 return ((mmucr & MMUCR_URC_MASK) >> MMUCR_URC_OFFSET);
299}
300
301/* PTEH : Page Translation Entry High register */
302#define PTEH_ASID_BITS (8)
303#define PTEH_ASID_SIZE (1 << PTEH_ASID_BITS)
304#define PTEH_ASID_MASK (PTEH_ASID_SIZE - 1)
305#define cpu_pteh_asid(pteh) ((pteh) & PTEH_ASID_MASK)
306#define PTEH_VPN_BITS (22)
307#define PTEH_VPN_OFFSET (10)
308#define PTEH_VPN_SIZE (1 << PTEH_VPN_BITS)
309#define PTEH_VPN_MASK (((PTEH_VPN_SIZE) - 1) << PTEH_VPN_OFFSET)
310static inline int cpu_pteh_vpn (uint32_t pteh)
311{
312 return ((pteh & PTEH_VPN_MASK) >> PTEH_VPN_OFFSET);
313}
314
315/* PTEL : Page Translation Entry Low register */
316#define PTEL_V (1 << 8)
317#define cpu_ptel_v(ptel) (((ptel) & PTEL_V) >> 8)
318#define PTEL_C (1 << 3)
319#define cpu_ptel_c(ptel) (((ptel) & PTEL_C) >> 3)
320#define PTEL_D (1 << 2)
321#define cpu_ptel_d(ptel) (((ptel) & PTEL_D) >> 2)
322#define PTEL_SH (1 << 1)
323#define cpu_ptel_sh(ptel)(((ptel) & PTEL_SH) >> 1)
324#define PTEL_WT (1 << 0)
325#define cpu_ptel_wt(ptel) ((ptel) & PTEL_WT)
326
327#define PTEL_SZ_HIGH_OFFSET (7)
328#define PTEL_SZ_HIGH (1 << PTEL_SZ_HIGH_OFFSET)
329#define PTEL_SZ_LOW_OFFSET (4)
330#define PTEL_SZ_LOW (1 << PTEL_SZ_LOW_OFFSET)
331static inline int cpu_ptel_sz (uint32_t ptel)
332{
333 int sz;
334 sz = (ptel & PTEL_SZ_HIGH) >> PTEL_SZ_HIGH_OFFSET;
335 sz <<= 1;
336 sz |= (ptel & PTEL_SZ_LOW) >> PTEL_SZ_LOW_OFFSET;
337 return sz;
338}
339
340#define PTEL_PPN_BITS (19)
341#define PTEL_PPN_OFFSET (10)
342#define PTEL_PPN_SIZE (1 << PTEL_PPN_BITS)
343#define PTEL_PPN_MASK (((PTEL_PPN_SIZE) - 1) << PTEL_PPN_OFFSET)
344static inline int cpu_ptel_ppn (uint32_t ptel)
345{
346 return ((ptel & PTEL_PPN_MASK) >> PTEL_PPN_OFFSET);
347}
348
349#define PTEL_PR_BITS (2)
350#define PTEL_PR_OFFSET (5)
351#define PTEL_PR_SIZE (1 << PTEL_PR_BITS)
352#define PTEL_PR_MASK (((PTEL_PR_SIZE) - 1) << PTEL_PR_OFFSET)
353static inline int cpu_ptel_pr (uint32_t ptel)
354{
355 return ((ptel & PTEL_PR_MASK) >> PTEL_PR_OFFSET);
356}
357
358/* PTEA : Page Translation Entry Assistance register */
359#define PTEA_SA_BITS (3)
360#define PTEA_SA_SIZE (1 << PTEA_SA_BITS)
361#define PTEA_SA_MASK (PTEA_SA_SIZE - 1)
362#define cpu_ptea_sa(ptea) ((ptea) & PTEA_SA_MASK)
363#define PTEA_TC (1 << 3)
364#define cpu_ptea_tc(ptea) (((ptea) & PTEA_TC) >> 3)
365
366static inline target_ulong cpu_read_sr(CPUSH4State *env)
367{
368 return env->sr | (env->sr_m << SR_M) |
369 (env->sr_q << SR_Q) |
370 (env->sr_t << SR_T);
371}
372
373static inline void cpu_write_sr(CPUSH4State *env, target_ulong sr)
374{
375 env->sr_m = (sr >> SR_M) & 1;
376 env->sr_q = (sr >> SR_Q) & 1;
377 env->sr_t = (sr >> SR_T) & 1;
378 env->sr = sr & ~((1u << SR_M) | (1u << SR_Q) | (1u << SR_T));
379}
380
381static inline void cpu_get_tb_cpu_state(CPUSH4State *env, target_ulong *pc,
382 target_ulong *cs_base, uint32_t *flags)
383{
384 *pc = env->pc;
385 /* For a gUSA region, notice the end of the region. */
386 *cs_base = env->flags & GUSA_MASK ? env->gregs[0] : 0;
387 *flags = env->flags /* TB_FLAG_ENVFLAGS_MASK: bits 0-2, 4-12 */
388 | (env->fpscr & (FPSCR_FR | FPSCR_SZ | FPSCR_PR)) /* Bits 19-21 */
389 | (env->sr & ((1u << SR_MD) | (1u << SR_RB))) /* Bits 29-30 */
390 | (env->sr & (1u << SR_FD)) /* Bit 15 */
391 | (env->movcal_backup ? TB_FLAG_PENDING_MOVCA : 0); /* Bit 3 */
392}
393
394#endif /* SH4_CPU_H */
395