fpu.c revision 3816 
1/*-
2 * Copyright (c) 1990 William Jolitz.
3 * Copyright (c) 1991 The Regents of the University of California.
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 * 1. Redistributions of source code must retain the above copyright
10 *    notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 *    notice, this list of conditions and the following disclaimer in the
13 *    documentation and/or other materials provided with the distribution.
14 * 3. All advertising materials mentioning features or use of this software
15 *    must display the following acknowledgement:
16 *	This product includes software developed by the University of
17 *	California, Berkeley and its contributors.
18 * 4. Neither the name of the University nor the names of its contributors
19 *    may be used to endorse or promote products derived from this software
20 *    without specific prior written permission.
21 *
22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25 * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 * SUCH DAMAGE.
33 *
34 *	from: @(#)npx.c	7.2 (Berkeley) 5/12/91
35 *	$Id: npx.c,v 1.14 1994/10/08 22:27:58 phk Exp $
36 */
37
38#include "npx.h"
39#if NNPX > 0
40
41#include <sys/param.h>
42#include <sys/systm.h>
43#include <sys/conf.h>
44#include <sys/file.h>
45#include <sys/proc.h>
46#include <sys/devconf.h>
47#include <sys/ioctl.h>
48
49#include <machine/cpu.h>
50#include <machine/pcb.h>
51#include <machine/trap.h>
52#include <machine/specialreg.h>
53
54#include <i386/isa/icu.h>
55#include <i386/isa/isa_device.h>
56#include <i386/isa/isa.h>
57
58/*
59 * 387 and 287 Numeric Coprocessor Extension (NPX) Driver.
60 */
61
62#ifdef	__GNUC__
63
64#define	fldcw(addr)		__asm("fldcw %0" : : "m" (*addr))
65#define	fnclex()		__asm("fnclex")
66#define	fninit()		__asm("fninit")
67#define	fnsave(addr)		__asm("fnsave %0" : "=m" (*addr) : "0" (*addr))
68#define	fnstcw(addr)		__asm("fnstcw %0" : "=m" (*addr) : "0" (*addr))
69#define	fnstsw(addr)		__asm("fnstsw %0" : "=m" (*addr) : "0" (*addr))
70#define	fp_divide_by_0()	__asm("fldz; fld1; fdiv %st,%st(1); fwait")
71#define	frstor(addr)		__asm("frstor %0" : : "m" (*addr))
72#define	fwait()			__asm("fwait")
73#define	start_emulating()	__asm("smsw %%ax; orb %0,%%al; lmsw %%ax" \
74				      : : "n" (CR0_TS) : "ax")
75#define	stop_emulating()	__asm("clts")
76
77#else	/* not __GNUC__ */
78
79void	fldcw		__P((caddr_t addr));
80void	fnclex		__P((void));
81void	fninit		__P((void));
82void	fnsave		__P((caddr_t addr));
83void	fnstcw		__P((caddr_t addr));
84void	fnstsw		__P((caddr_t addr));
85void	fp_divide_by_0	__P((void));
86void	frstor		__P((caddr_t addr));
87void	fwait		__P((void));
88void	start_emulating	__P((void));
89void	stop_emulating	__P((void));
90
91#endif	/* __GNUC__ */
92
93typedef u_char bool_t;
94
95extern	struct gate_descriptor idt[];
96
97void	npxinit		__P((u_int control));
98void	npxintr		__P((struct intrframe frame));
99void	npxsave		__P((struct save87 *addr));
100static	int	npxattach	__P((struct isa_device *dvp));
101static	int	npxprobe	__P((struct isa_device *dvp));
102static	int	npxprobe1	__P((struct isa_device *dvp));
103
104struct	isa_driver npxdriver = {
105	npxprobe, npxattach, "npx",
106};
107
108u_int	npx0_imask = SWI_CLOCK_MASK;
109struct proc	*npxproc;
110
111static	bool_t			npx_ex16;
112static	bool_t			npx_exists;
113int hw_float;
114static	struct gate_descriptor	npx_idt_probeintr;
115static	int			npx_intrno;
116static	volatile u_int		npx_intrs_while_probing;
117static	bool_t			npx_irq13;
118static	volatile u_int		npx_traps_while_probing;
119
120/*
121 * Special interrupt handlers.  Someday intr0-intr15 will be used to count
122 * interrupts.  We'll still need a special exception 16 handler.  The busy
123 * latch stuff in probintr() can be moved to npxprobe().
124 */
125void probeintr(void);
126asm
127("
128	.text
129_probeintr:
130	ss
131	incl	_npx_intrs_while_probing
132	pushl	%eax
133	movb	$0x20,%al	# EOI (asm in strings loses cpp features)
134	outb	%al,$0xa0	# IO_ICU2
135	outb	%al,$0x20	#IO_ICU1
136	movb	$0,%al
137	outb	%al,$0xf0	# clear BUSY# latch
138	popl	%eax
139	iret
140");
141
142void probetrap(void);
143asm
144("
145	.text
146_probetrap:
147	ss
148	incl	_npx_traps_while_probing
149	fnclex
150	iret
151");
152
153/*
154 * Probe routine.  Initialize cr0 to give correct behaviour for [f]wait
155 * whether the device exists or not (XXX should be elsewhere).  Set flags
156 * to tell npxattach() what to do.  Modify device struct if npx doesn't
157 * need to use interrupts.  Return 1 if device exists.
158 */
159static int
160npxprobe(dvp)
161	struct isa_device *dvp;
162{
163	int	result;
164	u_long	save_eflags;
165	u_char	save_icu1_mask;
166	u_char	save_icu2_mask;
167	struct	gate_descriptor save_idt_npxintr;
168	struct	gate_descriptor save_idt_npxtrap;
169	/*
170	 * This routine is now just a wrapper for npxprobe1(), to install
171	 * special npx interrupt and trap handlers, to enable npx interrupts
172	 * and to disable other interrupts.  Someday isa_configure() will
173	 * install suitable handlers and run with interrupts enabled so we
174	 * won't need to do so much here.
175	 */
176	npx_intrno = NRSVIDT + ffs(dvp->id_irq) - 1;
177	save_eflags = read_eflags();
178	disable_intr();
179	save_icu1_mask = inb(IO_ICU1 + 1);
180	save_icu2_mask = inb(IO_ICU2 + 1);
181	save_idt_npxintr = idt[npx_intrno];
182	save_idt_npxtrap = idt[16];
183	outb(IO_ICU1 + 1, ~(IRQ_SLAVE | dvp->id_irq));
184	outb(IO_ICU2 + 1, ~(dvp->id_irq >> 8));
185	setidt(16, probetrap, SDT_SYS386TGT, SEL_KPL);
186	setidt(npx_intrno, probeintr, SDT_SYS386IGT, SEL_KPL);
187	npx_idt_probeintr = idt[npx_intrno];
188	enable_intr();
189	result = npxprobe1(dvp);
190	disable_intr();
191	outb(IO_ICU1 + 1, save_icu1_mask);
192	outb(IO_ICU2 + 1, save_icu2_mask);
193	idt[npx_intrno] = save_idt_npxintr;
194	idt[16] = save_idt_npxtrap;
195	write_eflags(save_eflags);
196	return (result);
197}
198
199static int
200npxprobe1(dvp)
201	struct isa_device *dvp;
202{
203	int control;
204	int status;
205#ifdef lint
206	npxintr();
207#endif
208	/*
209	 * Partially reset the coprocessor, if any.  Some BIOS's don't reset
210	 * it after a warm boot.
211	 */
212	outb(0xf1, 0);		/* full reset on some systems, NOP on others */
213	outb(0xf0, 0);		/* clear BUSY# latch */
214	/*
215	 * Prepare to trap all ESC (i.e., NPX) instructions and all WAIT
216	 * instructions.  We must set the CR0_MP bit and use the CR0_TS
217	 * bit to control the trap, because setting the CR0_EM bit does
218	 * not cause WAIT instructions to trap.  It's important to trap
219	 * WAIT instructions - otherwise the "wait" variants of no-wait
220	 * control instructions would degenerate to the "no-wait" variants
221	 * after FP context switches but work correctly otherwise.  It's
222	 * particularly important to trap WAITs when there is no NPX -
223	 * otherwise the "wait" variants would always degenerate.
224	 *
225	 * Try setting CR0_NE to get correct error reporting on 486DX's.
226	 * Setting it should fail or do nothing on lesser processors.
227	 */
228	load_cr0(rcr0() | CR0_MP | CR0_NE);
229	/*
230	 * But don't trap while we're probing.
231	 */
232	stop_emulating();
233	/*
234	 * Finish resetting the coprocessor, if any.  If there is an error
235	 * pending, then we may get a bogus IRQ13, but probeintr() will handle
236	 * it OK.  Bogus halts have never been observed, but we enabled
237	 * IRQ13 and cleared the BUSY# latch early to handle them anyway.
238	 */
239	fninit();
240	DELAY(1000);		/* wait for any IRQ13 (fwait might hang) */
241#ifdef DIAGNOSTIC
242	if (npx_intrs_while_probing != 0)
243		printf("fninit caused %u bogus npx interrupt(s)\n",
244		       npx_intrs_while_probing);
245	if (npx_traps_while_probing != 0)
246		printf("fninit caused %u bogus npx trap(s)\n",
247		       npx_traps_while_probing);
248#endif
249	/*
250	 * Check for a status of mostly zero.
251	 */
252	status = 0x5a5a;
253	fnstsw(&status);
254	if ((status & 0xb8ff) == 0) {
255		/*
256		 * Good, now check for a proper control word.
257		 */
258		control = 0x5a5a;
259		fnstcw(&control);
260		if ((control & 0x1f3f) == 0x033f) {
261			hw_float = npx_exists = 1;
262			/*
263			 * We have an npx, now divide by 0 to see if exception
264			 * 16 works.
265			 */
266			control &= ~(1 << 2);	/* enable divide by 0 trap */
267			fldcw(&control);
268			npx_traps_while_probing = npx_intrs_while_probing = 0;
269			fp_divide_by_0();
270			if (npx_traps_while_probing != 0) {
271				/*
272				 * Good, exception 16 works.
273				 */
274				npx_ex16 = 1;
275				dvp->id_irq = 0;	/* zap the interrupt */
276				/*
277				 * special return value to flag that we do not
278				 * actually use any I/O registers
279				 */
280				return (-1);
281			}
282			if (npx_intrs_while_probing != 0) {
283				/*
284				 * Bad, we are stuck with IRQ13.
285				 */
286				npx_irq13 = 1;
287				npx0_imask = dvp->id_irq;	/* npxattach too late */
288				return (IO_NPXSIZE);
289			}
290			/*
291			 * Worse, even IRQ13 is broken.  Use emulator.
292			 */
293		}
294	}
295	/*
296	 * Probe failed, but we want to get to npxattach to initialize the
297	 * emulator and say that it has been installed.  XXX handle devices
298	 * that aren't really devices better.
299	 */
300	dvp->id_irq = 0;
301	/*
302	 * special return value to flag that we do not
303	 * actually use any I/O registers
304	 */
305	return (-1);
306}
307
308static struct kern_devconf kdc_npx[NNPX] = { {
309	0, 0, 0,		/* filled in by dev_attach */
310	"npx", 0, { MDDT_ISA, 0 },
311	isa_generic_externalize, 0, 0, ISA_EXTERNALLEN,
312	&kdc_isa0,		/* parent */
313	0,			/* parentdata */
314	DC_UNKNOWN,		/* not supported */
315	"Floating-point unit"
316} };
317
318static inline void
319npx_registerdev(struct isa_device *id)
320{
321	if(id->id_unit)
322		kdc_npx[id->id_unit] = kdc_npx[0];
323	kdc_npx[id->id_unit].kdc_unit = id->id_unit;
324	kdc_npx[id->id_unit].kdc_isa = id;
325	dev_attach(&kdc_npx[id->id_unit]);
326}
327
328/*
329 * Attach routine - announce which it is, and wire into system
330 */
331int
332npxattach(dvp)
333	struct isa_device *dvp;
334{
335	if (!npx_ex16 && !npx_irq13) {
336		if (npx_exists) {
337			printf("npx%d: Error reporting broken, using 387 emulator\n",dvp->id_unit);
338			hw_float = npx_exists = 0;
339		} else {
340			printf("npx%d: 387 Emulator\n",dvp->id_unit);
341		}
342	}
343	npxinit(__INITIAL_NPXCW__);
344	npx_registerdev(dvp);
345	return (1);		/* XXX unused */
346}
347
348/*
349 * Initialize floating point unit.
350 */
351void
352npxinit(control)
353	u_int control;
354{
355	struct save87 dummy;
356
357	if (!npx_exists)
358		return;
359	/*
360	 * fninit has the same h/w bugs as fnsave.  Use the detoxified
361	 * fnsave to throw away any junk in the fpu.  fnsave initializes
362	 * the fpu and sets npxproc = NULL as important side effects.
363	 */
364	npxsave(&dummy);
365	stop_emulating();
366	fldcw(&control);
367	if (curpcb != NULL)
368		fnsave(&curpcb->pcb_savefpu);
369	start_emulating();
370}
371
372/*
373 * Free coprocessor (if we have it).
374 */
375void
376npxexit(p)
377	struct proc *p;
378{
379
380	if (p == npxproc) {
381		start_emulating();
382		npxproc = NULL;
383	}
384}
385
386/*
387 * Record the FPU state and reinitialize it all except for the control word.
388 * Then generate a SIGFPE.
389 *
390 * Reinitializing the state allows naive SIGFPE handlers to longjmp without
391 * doing any fixups.
392 *
393 * XXX there is currently no way to pass the full error state to signal
394 * handlers, and if this is a nested interrupt there is no way to pass even
395 * a status code!  So there is no way to have a non-naive SIGFPE handler.  At
396 * best a handler could do an fninit followed by an fldcw of a static value.
397 * fnclex would be of little use because it would leave junk on the FPU stack.
398 * Returning from the handler would be even less safe than usual because
399 * IRQ13 exception handling makes exceptions even less precise than usual.
400 */
401void
402npxintr(frame)
403	struct intrframe frame;
404{
405	int code;
406
407	if (npxproc == NULL || !npx_exists) {
408		/* XXX no %p in stand/printf.c.  Cast to quiet gcc -Wall. */
409		printf("npxintr: npxproc = %lx, curproc = %lx, npx_exists = %d\n",
410		       (u_long) npxproc, (u_long) curproc, npx_exists);
411		panic("npxintr from nowhere");
412	}
413	if (npxproc != curproc) {
414		printf("npxintr: npxproc = %lx, curproc = %lx, npx_exists = %d\n",
415		       (u_long) npxproc, (u_long) curproc, npx_exists);
416		panic("npxintr from non-current process");
417	}
418	/*
419	 * Save state.  This does an implied fninit.  It had better not halt
420	 * the cpu or we'll hang.
421	 */
422	outb(0xf0, 0);
423	fnsave(&curpcb->pcb_savefpu);
424	fwait();
425	/*
426	 * Restore control word (was clobbered by fnsave).
427	 */
428	fldcw(&curpcb->pcb_savefpu.sv_env.en_cw);
429	fwait();
430	/*
431	 * Remember the exception status word and tag word.  The current
432	 * (almost fninit'ed) fpu state is in the fpu and the exception
433	 * state just saved will soon be junk.  However, the implied fninit
434	 * doesn't change the error pointers or register contents, and we
435	 * preserved the control word and will copy the status and tag
436	 * words, so the complete exception state can be recovered.
437	 */
438	curpcb->pcb_savefpu.sv_ex_sw = curpcb->pcb_savefpu.sv_env.en_sw;
439	curpcb->pcb_savefpu.sv_ex_tw = curpcb->pcb_savefpu.sv_env.en_tw;
440
441	/*
442	 * Pass exception to process.
443	 */
444	if (ISPL(frame.if_cs) == SEL_UPL) {
445		/*
446		 * Interrupt is essentially a trap, so we can afford to call
447		 * the SIGFPE handler (if any) as soon as the interrupt
448		 * returns.
449		 *
450		 * XXX little or nothing is gained from this, and plenty is
451		 * lost - the interrupt frame has to contain the trap frame
452		 * (this is otherwise only necessary for the rescheduling trap
453		 * in doreti, and the frame for that could easily be set up
454		 * just before it is used).
455		 */
456		curproc->p_md.md_regs = (int *)&frame.if_es;
457#ifdef notyet
458		/*
459		 * Encode the appropriate code for detailed information on
460		 * this exception.
461		 */
462		code = XXX_ENCODE(curpcb->pcb_savefpu.sv_ex_sw);
463#else
464		code = 0;	/* XXX */
465#endif
466		trapsignal(curproc, SIGFPE, code);
467	} else {
468		/*
469		 * Nested interrupt.  These losers occur when:
470		 *	o an IRQ13 is bogusly generated at a bogus time, e.g.:
471		 *		o immediately after an fnsave or frstor of an
472		 *		  error state.
473		 *		o a couple of 386 instructions after
474		 *		  "fstpl _memvar" causes a stack overflow.
475		 *	  These are especially nasty when combined with a
476		 *	  trace trap.
477		 *	o an IRQ13 occurs at the same time as another higher-
478		 *	  priority interrupt.
479		 *
480		 * Treat them like a true async interrupt.
481		 */
482		psignal(npxproc, SIGFPE);
483	}
484}
485
486/*
487 * Implement device not available (DNA) exception
488 *
489 * It would be better to switch FP context here (only).  This would require
490 * saving the state in the proc table instead of in the pcb.
491 */
492int
493npxdna()
494{
495	if (!npx_exists)
496		return (0);
497	if (npxproc != NULL) {
498		printf("npxdna: npxproc = %lx, curproc = %lx\n",
499		       (u_long) npxproc, (u_long) curproc);
500		panic("npxdna");
501	}
502	stop_emulating();
503	/*
504	 * Record new context early in case frstor causes an IRQ13.
505	 */
506	npxproc = curproc;
507	/*
508	 * The following frstor may cause an IRQ13 when the state being
509	 * restored has a pending error.  The error will appear to have been
510	 * triggered by the current (npx) user instruction even when that
511	 * instruction is a no-wait instruction that should not trigger an
512	 * error (e.g., fnclex).  On at least one 486 system all of the
513	 * no-wait instructions are broken the same as frstor, so our
514	 * treatment does not amplify the breakage.  On at least one
515	 * 386/Cyrix 387 system, fnclex works correctly while frstor and
516	 * fnsave are broken, so our treatment breaks fnclex if it is the
517	 * first FPU instruction after a context switch.
518	 */
519	frstor(&curpcb->pcb_savefpu);
520
521	return (1);
522}
523
524/*
525 * Wrapper for fnsave instruction to handle h/w bugs.  If there is an error
526 * pending, then fnsave generates a bogus IRQ13 on some systems.  Force
527 * any IRQ13 to be handled immediately, and then ignore it.  This routine is
528 * often called at splhigh so it must not use many system services.  In
529 * particular, it's much easier to install a special handler than to
530 * guarantee that it's safe to use npxintr() and its supporting code.
531 */
532void
533npxsave(addr)
534	struct save87 *addr;
535{
536	u_char	icu1_mask;
537	u_char	icu2_mask;
538	u_char	old_icu1_mask;
539	u_char	old_icu2_mask;
540	struct gate_descriptor	save_idt_npxintr;
541
542	disable_intr();
543	old_icu1_mask = inb(IO_ICU1 + 1);
544	old_icu2_mask = inb(IO_ICU2 + 1);
545	save_idt_npxintr = idt[npx_intrno];
546	outb(IO_ICU1 + 1, old_icu1_mask & ~(IRQ_SLAVE | npx0_imask));
547	outb(IO_ICU2 + 1, old_icu2_mask & ~(npx0_imask >> 8));
548	idt[npx_intrno] = npx_idt_probeintr;
549	enable_intr();
550	stop_emulating();
551	fnsave(addr);
552	fwait();
553	start_emulating();
554	npxproc = NULL;
555	disable_intr();
556	icu1_mask = inb(IO_ICU1 + 1);	/* masks may have changed */
557	icu2_mask = inb(IO_ICU2 + 1);
558	outb(IO_ICU1 + 1,
559	     (icu1_mask & ~npx0_imask) | (old_icu1_mask & npx0_imask));
560	outb(IO_ICU2 + 1,
561	     (icu2_mask & ~(npx0_imask >> 8))
562	     | (old_icu2_mask & (npx0_imask >> 8)));
563	idt[npx_intrno] = save_idt_npxintr;
564	enable_intr();		/* back to usual state */
565}
566
567#endif /* NNPX > 0 */
568