diff options
Diffstat (limited to 'target/s390x/excp_helper.c')
| -rw-r--r-- | target/s390x/excp_helper.c | 67 |
1 files changed, 44 insertions, 23 deletions
diff --git a/target/s390x/excp_helper.c b/target/s390x/excp_helper.c index f84bfb1284..3a467b72c5 100644 --- a/target/s390x/excp_helper.c +++ b/target/s390x/excp_helper.c @@ -74,8 +74,9 @@ void s390_cpu_do_interrupt(CPUState *cs) cs->exception_index = -1; } -int s390_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int size, - int rw, int mmu_idx) +bool s390_cpu_tlb_fill(CPUState *cs, vaddr address, int size, + MMUAccessType access_type, int mmu_idx, + bool probe, uintptr_t retaddr) { S390CPU *cpu = S390_CPU(cs); @@ -83,7 +84,7 @@ int s390_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int size, /* On real machines this value is dropped into LowMem. Since this is userland, simply put this someplace that cpu_loop can find it. */ cpu->env.__excp_addr = address; - return 1; + cpu_loop_exit_restore(cs, retaddr); } #else /* !CONFIG_USER_ONLY */ @@ -102,19 +103,20 @@ static inline uint64_t cpu_mmu_idx_to_asc(int mmu_idx) } } -int s390_cpu_handle_mmu_fault(CPUState *cs, vaddr orig_vaddr, int size, - int rw, int mmu_idx) +bool s390_cpu_tlb_fill(CPUState *cs, vaddr address, int size, + MMUAccessType access_type, int mmu_idx, + bool probe, uintptr_t retaddr) { S390CPU *cpu = S390_CPU(cs); CPUS390XState *env = &cpu->env; target_ulong vaddr, raddr; uint64_t asc; - int prot; + int prot, fail; qemu_log_mask(CPU_LOG_MMU, "%s: addr 0x%" VADDR_PRIx " rw %d mmu_idx %d\n", - __func__, orig_vaddr, rw, mmu_idx); + __func__, address, access_type, mmu_idx); - vaddr = orig_vaddr; + vaddr = address; if (mmu_idx < MMU_REAL_IDX) { asc = cpu_mmu_idx_to_asc(mmu_idx); @@ -122,39 +124,58 @@ int s390_cpu_handle_mmu_fault(CPUState *cs, vaddr orig_vaddr, int size, if (!(env->psw.mask & PSW_MASK_64)) { vaddr &= 0x7fffffff; } - if (mmu_translate(env, vaddr, rw, asc, &raddr, &prot, true)) { - return 1; - } + fail = mmu_translate(env, vaddr, access_type, asc, &raddr, &prot, true); } else if (mmu_idx == MMU_REAL_IDX) { /* 31-Bit mode */ if (!(env->psw.mask & PSW_MASK_64)) { vaddr &= 0x7fffffff; } - if (mmu_translate_real(env, vaddr, rw, &raddr, &prot)) { - return 1; - } + fail = mmu_translate_real(env, vaddr, access_type, &raddr, &prot); } else { - abort(); + g_assert_not_reached(); } /* check out of RAM access */ - if (!address_space_access_valid(&address_space_memory, raddr, - TARGET_PAGE_SIZE, rw, + if (!fail && + !address_space_access_valid(&address_space_memory, raddr, + TARGET_PAGE_SIZE, access_type, MEMTXATTRS_UNSPECIFIED)) { qemu_log_mask(CPU_LOG_MMU, "%s: raddr %" PRIx64 " > ram_size %" PRIx64 "\n", __func__, (uint64_t)raddr, (uint64_t)ram_size); trigger_pgm_exception(env, PGM_ADDRESSING, ILEN_AUTO); - return 1; + fail = 1; } - qemu_log_mask(CPU_LOG_MMU, "%s: set tlb %" PRIx64 " -> %" PRIx64 " (%x)\n", - __func__, (uint64_t)vaddr, (uint64_t)raddr, prot); + if (!fail) { + qemu_log_mask(CPU_LOG_MMU, + "%s: set tlb %" PRIx64 " -> %" PRIx64 " (%x)\n", + __func__, (uint64_t)vaddr, (uint64_t)raddr, prot); + tlb_set_page(cs, address & TARGET_PAGE_MASK, raddr, prot, + mmu_idx, TARGET_PAGE_SIZE); + return true; + } + if (probe) { + return false; + } - tlb_set_page(cs, orig_vaddr & TARGET_PAGE_MASK, raddr, prot, - mmu_idx, TARGET_PAGE_SIZE); + cpu_restore_state(cs, retaddr, true); + + /* + * The ILC value for code accesses is undefined. The important + * thing here is to *not* leave env->int_pgm_ilen set to ILEN_AUTO, + * which would cause do_program_interrupt to attempt to read from + * env->psw.addr again. C.f. the condition in trigger_page_fault, + * but is not universally applied. + * + * ??? If we remove ILEN_AUTO, by moving the computation of ILEN + * into cpu_restore_state, then we may remove this entirely. + */ + if (access_type == MMU_INST_FETCH) { + env->int_pgm_ilen = 2; + } - return 0; + cpu_loop_exit(cs); } static void do_program_interrupt(CPUS390XState *env) |