fpu.c revision 4478 
1/*-
2 * Copyright (c) 1990 William Jolitz.
3 * Copyright (c) 1991 The Regents of the University of California.
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 * 1. Redistributions of source code must retain the above copyright
10 *    notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 *    notice, this list of conditions and the following disclaimer in the
13 *    documentation and/or other materials provided with the distribution.
14 * 3. All advertising materials mentioning features or use of this software
15 *    must display the following acknowledgement:
16 *	This product includes software developed by the University of
17 *	California, Berkeley and its contributors.
18 * 4. Neither the name of the University nor the names of its contributors
19 *    may be used to endorse or promote products derived from this software
20 *    without specific prior written permission.
21 *
22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25 * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 * SUCH DAMAGE.
33 *
34 *	from: @(#)npx.c	7.2 (Berkeley) 5/12/91
35 *	$Id: npx.c,v 1.16 1994/11/06 00:58:06 bde Exp $
36 */
37
38#include "npx.h"
39#if NNPX > 0
40
41#include <sys/param.h>
42#include <sys/systm.h>
43#include <sys/conf.h>
44#include <sys/file.h>
45#include <sys/proc.h>
46#include <sys/devconf.h>
47#include <sys/ioctl.h>
48#include <sys/syslog.h>
49#include <sys/signalvar.h>
50
51#include <machine/cpu.h>
52#include <machine/pcb.h>
53#include <machine/trap.h>
54#include <machine/clock.h>
55#include <machine/specialreg.h>
56
57#include <i386/isa/icu.h>
58#include <i386/isa/isa_device.h>
59#include <i386/isa/isa.h>
60
61/*
62 * 387 and 287 Numeric Coprocessor Extension (NPX) Driver.
63 */
64
65#ifdef	__GNUC__
66
67#define	fldcw(addr)		__asm("fldcw %0" : : "m" (*addr))
68#define	fnclex()		__asm("fnclex")
69#define	fninit()		__asm("fninit")
70#define	fnsave(addr)		__asm("fnsave %0" : "=m" (*addr) : "0" (*addr))
71#define	fnstcw(addr)		__asm("fnstcw %0" : "=m" (*addr) : "0" (*addr))
72#define	fnstsw(addr)		__asm("fnstsw %0" : "=m" (*addr) : "0" (*addr))
73#define	fp_divide_by_0()	__asm("fldz; fld1; fdiv %st,%st(1); fwait")
74#define	frstor(addr)		__asm("frstor %0" : : "m" (*addr))
75#define	fwait()			__asm("fwait")
76#define	start_emulating()	__asm("smsw %%ax; orb %0,%%al; lmsw %%ax" \
77				      : : "n" (CR0_TS) : "ax")
78#define	stop_emulating()	__asm("clts")
79
80#else	/* not __GNUC__ */
81
82void	fldcw		__P((caddr_t addr));
83void	fnclex		__P((void));
84void	fninit		__P((void));
85void	fnsave		__P((caddr_t addr));
86void	fnstcw		__P((caddr_t addr));
87void	fnstsw		__P((caddr_t addr));
88void	fp_divide_by_0	__P((void));
89void	frstor		__P((caddr_t addr));
90void	fwait		__P((void));
91void	start_emulating	__P((void));
92void	stop_emulating	__P((void));
93
94#endif	/* __GNUC__ */
95
96typedef u_char bool_t;
97
98static	int	npxattach	__P((struct isa_device *dvp));
99static	int	npxprobe	__P((struct isa_device *dvp));
100static	int	npxprobe1	__P((struct isa_device *dvp));
101
102struct	isa_driver npxdriver = {
103	npxprobe, npxattach, "npx",
104};
105
106u_int	npx0_imask = SWI_CLOCK_MASK;
107struct proc	*npxproc;
108
109static	bool_t			npx_ex16;
110static	bool_t			npx_exists;
111int hw_float;
112static	struct gate_descriptor	npx_idt_probeintr;
113static	int			npx_intrno;
114static	volatile u_int		npx_intrs_while_probing;
115static	bool_t			npx_irq13;
116static	volatile u_int		npx_traps_while_probing;
117
118/*
119 * Special interrupt handlers.  Someday intr0-intr15 will be used to count
120 * interrupts.  We'll still need a special exception 16 handler.  The busy
121 * latch stuff in probintr() can be moved to npxprobe().
122 */
123inthand_t probeintr;
124asm
125("
126	.text
127_probeintr:
128	ss
129	incl	_npx_intrs_while_probing
130	pushl	%eax
131	movb	$0x20,%al	# EOI (asm in strings loses cpp features)
132	outb	%al,$0xa0	# IO_ICU2
133	outb	%al,$0x20	#IO_ICU1
134	movb	$0,%al
135	outb	%al,$0xf0	# clear BUSY# latch
136	popl	%eax
137	iret
138");
139
140inthand_t probetrap;
141asm
142("
143	.text
144_probetrap:
145	ss
146	incl	_npx_traps_while_probing
147	fnclex
148	iret
149");
150
151/*
152 * Probe routine.  Initialize cr0 to give correct behaviour for [f]wait
153 * whether the device exists or not (XXX should be elsewhere).  Set flags
154 * to tell npxattach() what to do.  Modify device struct if npx doesn't
155 * need to use interrupts.  Return 1 if device exists.
156 */
157static int
158npxprobe(dvp)
159	struct isa_device *dvp;
160{
161	int	result;
162	u_long	save_eflags;
163	u_char	save_icu1_mask;
164	u_char	save_icu2_mask;
165	struct	gate_descriptor save_idt_npxintr;
166	struct	gate_descriptor save_idt_npxtrap;
167	/*
168	 * This routine is now just a wrapper for npxprobe1(), to install
169	 * special npx interrupt and trap handlers, to enable npx interrupts
170	 * and to disable other interrupts.  Someday isa_configure() will
171	 * install suitable handlers and run with interrupts enabled so we
172	 * won't need to do so much here.
173	 */
174	npx_intrno = NRSVIDT + ffs(dvp->id_irq) - 1;
175	save_eflags = read_eflags();
176	disable_intr();
177	save_icu1_mask = inb(IO_ICU1 + 1);
178	save_icu2_mask = inb(IO_ICU2 + 1);
179	save_idt_npxintr = idt[npx_intrno];
180	save_idt_npxtrap = idt[16];
181	outb(IO_ICU1 + 1, ~(IRQ_SLAVE | dvp->id_irq));
182	outb(IO_ICU2 + 1, ~(dvp->id_irq >> 8));
183	setidt(16, probetrap, SDT_SYS386TGT, SEL_KPL);
184	setidt(npx_intrno, probeintr, SDT_SYS386IGT, SEL_KPL);
185	npx_idt_probeintr = idt[npx_intrno];
186	enable_intr();
187	result = npxprobe1(dvp);
188	disable_intr();
189	outb(IO_ICU1 + 1, save_icu1_mask);
190	outb(IO_ICU2 + 1, save_icu2_mask);
191	idt[npx_intrno] = save_idt_npxintr;
192	idt[16] = save_idt_npxtrap;
193	write_eflags(save_eflags);
194	return (result);
195}
196
197static int
198npxprobe1(dvp)
199	struct isa_device *dvp;
200{
201	int control;
202	int status;
203#ifdef lint
204	npxintr();
205#endif
206	/*
207	 * Partially reset the coprocessor, if any.  Some BIOS's don't reset
208	 * it after a warm boot.
209	 */
210	outb(0xf1, 0);		/* full reset on some systems, NOP on others */
211	outb(0xf0, 0);		/* clear BUSY# latch */
212	/*
213	 * Prepare to trap all ESC (i.e., NPX) instructions and all WAIT
214	 * instructions.  We must set the CR0_MP bit and use the CR0_TS
215	 * bit to control the trap, because setting the CR0_EM bit does
216	 * not cause WAIT instructions to trap.  It's important to trap
217	 * WAIT instructions - otherwise the "wait" variants of no-wait
218	 * control instructions would degenerate to the "no-wait" variants
219	 * after FP context switches but work correctly otherwise.  It's
220	 * particularly important to trap WAITs when there is no NPX -
221	 * otherwise the "wait" variants would always degenerate.
222	 *
223	 * Try setting CR0_NE to get correct error reporting on 486DX's.
224	 * Setting it should fail or do nothing on lesser processors.
225	 */
226	load_cr0(rcr0() | CR0_MP | CR0_NE);
227	/*
228	 * But don't trap while we're probing.
229	 */
230	stop_emulating();
231	/*
232	 * Finish resetting the coprocessor, if any.  If there is an error
233	 * pending, then we may get a bogus IRQ13, but probeintr() will handle
234	 * it OK.  Bogus halts have never been observed, but we enabled
235	 * IRQ13 and cleared the BUSY# latch early to handle them anyway.
236	 */
237	fninit();
238	DELAY(1000);		/* wait for any IRQ13 (fwait might hang) */
239#ifdef DIAGNOSTIC
240	if (npx_intrs_while_probing != 0)
241		printf("fninit caused %u bogus npx interrupt(s)\n",
242		       npx_intrs_while_probing);
243	if (npx_traps_while_probing != 0)
244		printf("fninit caused %u bogus npx trap(s)\n",
245		       npx_traps_while_probing);
246#endif
247	/*
248	 * Check for a status of mostly zero.
249	 */
250	status = 0x5a5a;
251	fnstsw(&status);
252	if ((status & 0xb8ff) == 0) {
253		/*
254		 * Good, now check for a proper control word.
255		 */
256		control = 0x5a5a;
257		fnstcw(&control);
258		if ((control & 0x1f3f) == 0x033f) {
259			hw_float = npx_exists = 1;
260			/*
261			 * We have an npx, now divide by 0 to see if exception
262			 * 16 works.
263			 */
264			control &= ~(1 << 2);	/* enable divide by 0 trap */
265			fldcw(&control);
266			npx_traps_while_probing = npx_intrs_while_probing = 0;
267			fp_divide_by_0();
268			if (npx_traps_while_probing != 0) {
269				/*
270				 * Good, exception 16 works.
271				 */
272				npx_ex16 = 1;
273				dvp->id_irq = 0;	/* zap the interrupt */
274				/*
275				 * special return value to flag that we do not
276				 * actually use any I/O registers
277				 */
278				return (-1);
279			}
280			if (npx_intrs_while_probing != 0) {
281				/*
282				 * Bad, we are stuck with IRQ13.
283				 */
284				npx_irq13 = 1;
285				npx0_imask = dvp->id_irq;	/* npxattach too late */
286				return (IO_NPXSIZE);
287			}
288			/*
289			 * Worse, even IRQ13 is broken.  Use emulator.
290			 */
291		}
292	}
293	/*
294	 * Probe failed, but we want to get to npxattach to initialize the
295	 * emulator and say that it has been installed.  XXX handle devices
296	 * that aren't really devices better.
297	 */
298	dvp->id_irq = 0;
299	/*
300	 * special return value to flag that we do not
301	 * actually use any I/O registers
302	 */
303	return (-1);
304}
305
306static struct kern_devconf kdc_npx[NNPX] = { {
307	0, 0, 0,		/* filled in by dev_attach */
308	"npx", 0, { MDDT_ISA, 0 },
309	isa_generic_externalize, 0, 0, ISA_EXTERNALLEN,
310	&kdc_isa0,		/* parent */
311	0,			/* parentdata */
312	DC_UNKNOWN,		/* not supported */
313	"Floating-point unit"
314} };
315
316static inline void
317npx_registerdev(struct isa_device *id)
318{
319	if(id->id_unit)
320		kdc_npx[id->id_unit] = kdc_npx[0];
321	kdc_npx[id->id_unit].kdc_unit = id->id_unit;
322	kdc_npx[id->id_unit].kdc_isa = id;
323	dev_attach(&kdc_npx[id->id_unit]);
324}
325
326/*
327 * Attach routine - announce which it is, and wire into system
328 */
329int
330npxattach(dvp)
331	struct isa_device *dvp;
332{
333	if (!npx_ex16 && !npx_irq13) {
334		if (npx_exists) {
335			printf("npx%d: Error reporting broken, using 387 emulator\n",dvp->id_unit);
336			hw_float = npx_exists = 0;
337		} else {
338			printf("npx%d: 387 Emulator\n",dvp->id_unit);
339		}
340	}
341	npxinit(__INITIAL_NPXCW__);
342	npx_registerdev(dvp);
343	return (1);		/* XXX unused */
344}
345
346/*
347 * Initialize floating point unit.
348 */
349void
350npxinit(control)
351	u_int control;
352{
353	struct save87 dummy;
354
355	if (!npx_exists)
356		return;
357	/*
358	 * fninit has the same h/w bugs as fnsave.  Use the detoxified
359	 * fnsave to throw away any junk in the fpu.  fnsave initializes
360	 * the fpu and sets npxproc = NULL as important side effects.
361	 */
362	npxsave(&dummy);
363	stop_emulating();
364	fldcw(&control);
365	if (curpcb != NULL)
366		fnsave(&curpcb->pcb_savefpu);
367	start_emulating();
368}
369
370/*
371 * Free coprocessor (if we have it).
372 */
373void
374npxexit(p)
375	struct proc *p;
376{
377
378	if (p == npxproc)
379		npxsave(&curpcb->pcb_savefpu);
380	if (npx_exists) {
381		u_int	masked_exceptions;
382
383		masked_exceptions = curpcb->pcb_savefpu.sv_env.en_cw
384				    & curpcb->pcb_savefpu.sv_env.en_sw & 0x7f;
385		/*
386		 * Overflow, divde by 0, and invalid operand would have
387		 * caused a trap in 1.1.5.
388		 */
389		if (masked_exceptions & 0x0d)
390			log(LOG_ERR,
391	"pid %d (%s) exited with masked floating point exceptions 0x%02x\n",
392			    p->p_pid, p->p_comm, masked_exceptions);
393	}
394}
395
396/*
397 * Record the FPU state and reinitialize it all except for the control word.
398 * Then generate a SIGFPE.
399 *
400 * Reinitializing the state allows naive SIGFPE handlers to longjmp without
401 * doing any fixups.
402 *
403 * XXX there is currently no way to pass the full error state to signal
404 * handlers, and if this is a nested interrupt there is no way to pass even
405 * a status code!  So there is no way to have a non-naive SIGFPE handler.  At
406 * best a handler could do an fninit followed by an fldcw of a static value.
407 * fnclex would be of little use because it would leave junk on the FPU stack.
408 * Returning from the handler would be even less safe than usual because
409 * IRQ13 exception handling makes exceptions even less precise than usual.
410 */
411void
412npxintr(frame)
413	struct intrframe frame;
414{
415	int code;
416
417	if (npxproc == NULL || !npx_exists) {
418		/* XXX no %p in stand/printf.c.  Cast to quiet gcc -Wall. */
419		printf("npxintr: npxproc = %lx, curproc = %lx, npx_exists = %d\n",
420		       (u_long) npxproc, (u_long) curproc, npx_exists);
421		panic("npxintr from nowhere");
422	}
423	if (npxproc != curproc) {
424		printf("npxintr: npxproc = %lx, curproc = %lx, npx_exists = %d\n",
425		       (u_long) npxproc, (u_long) curproc, npx_exists);
426		panic("npxintr from non-current process");
427	}
428	/*
429	 * Save state.  This does an implied fninit.  It had better not halt
430	 * the cpu or we'll hang.
431	 */
432	outb(0xf0, 0);
433	fnsave(&curpcb->pcb_savefpu);
434	fwait();
435	/*
436	 * Restore control word (was clobbered by fnsave).
437	 */
438	fldcw(&curpcb->pcb_savefpu.sv_env.en_cw);
439	fwait();
440	/*
441	 * Remember the exception status word and tag word.  The current
442	 * (almost fninit'ed) fpu state is in the fpu and the exception
443	 * state just saved will soon be junk.  However, the implied fninit
444	 * doesn't change the error pointers or register contents, and we
445	 * preserved the control word and will copy the status and tag
446	 * words, so the complete exception state can be recovered.
447	 */
448	curpcb->pcb_savefpu.sv_ex_sw = curpcb->pcb_savefpu.sv_env.en_sw;
449	curpcb->pcb_savefpu.sv_ex_tw = curpcb->pcb_savefpu.sv_env.en_tw;
450
451	/*
452	 * Pass exception to process.
453	 */
454	if (ISPL(frame.if_cs) == SEL_UPL) {
455		/*
456		 * Interrupt is essentially a trap, so we can afford to call
457		 * the SIGFPE handler (if any) as soon as the interrupt
458		 * returns.
459		 *
460		 * XXX little or nothing is gained from this, and plenty is
461		 * lost - the interrupt frame has to contain the trap frame
462		 * (this is otherwise only necessary for the rescheduling trap
463		 * in doreti, and the frame for that could easily be set up
464		 * just before it is used).
465		 */
466		curproc->p_md.md_regs = (int *)&frame.if_es;
467#ifdef notyet
468		/*
469		 * Encode the appropriate code for detailed information on
470		 * this exception.
471		 */
472		code = XXX_ENCODE(curpcb->pcb_savefpu.sv_ex_sw);
473#else
474		code = 0;	/* XXX */
475#endif
476		trapsignal(curproc, SIGFPE, code);
477	} else {
478		/*
479		 * Nested interrupt.  These losers occur when:
480		 *	o an IRQ13 is bogusly generated at a bogus time, e.g.:
481		 *		o immediately after an fnsave or frstor of an
482		 *		  error state.
483		 *		o a couple of 386 instructions after
484		 *		  "fstpl _memvar" causes a stack overflow.
485		 *	  These are especially nasty when combined with a
486		 *	  trace trap.
487		 *	o an IRQ13 occurs at the same time as another higher-
488		 *	  priority interrupt.
489		 *
490		 * Treat them like a true async interrupt.
491		 */
492		psignal(npxproc, SIGFPE);
493	}
494}
495
496/*
497 * Implement device not available (DNA) exception
498 *
499 * It would be better to switch FP context here (only).  This would require
500 * saving the state in the proc table instead of in the pcb.
501 */
502int
503npxdna()
504{
505	if (!npx_exists)
506		return (0);
507	if (npxproc != NULL) {
508		printf("npxdna: npxproc = %lx, curproc = %lx\n",
509		       (u_long) npxproc, (u_long) curproc);
510		panic("npxdna");
511	}
512	stop_emulating();
513	/*
514	 * Record new context early in case frstor causes an IRQ13.
515	 */
516	npxproc = curproc;
517	/*
518	 * The following frstor may cause an IRQ13 when the state being
519	 * restored has a pending error.  The error will appear to have been
520	 * triggered by the current (npx) user instruction even when that
521	 * instruction is a no-wait instruction that should not trigger an
522	 * error (e.g., fnclex).  On at least one 486 system all of the
523	 * no-wait instructions are broken the same as frstor, so our
524	 * treatment does not amplify the breakage.  On at least one
525	 * 386/Cyrix 387 system, fnclex works correctly while frstor and
526	 * fnsave are broken, so our treatment breaks fnclex if it is the
527	 * first FPU instruction after a context switch.
528	 */
529	frstor(&curpcb->pcb_savefpu);
530
531	return (1);
532}
533
534/*
535 * Wrapper for fnsave instruction to handle h/w bugs.  If there is an error
536 * pending, then fnsave generates a bogus IRQ13 on some systems.  Force
537 * any IRQ13 to be handled immediately, and then ignore it.  This routine is
538 * often called at splhigh so it must not use many system services.  In
539 * particular, it's much easier to install a special handler than to
540 * guarantee that it's safe to use npxintr() and its supporting code.
541 */
542void
543npxsave(addr)
544	struct save87 *addr;
545{
546	u_char	icu1_mask;
547	u_char	icu2_mask;
548	u_char	old_icu1_mask;
549	u_char	old_icu2_mask;
550	struct gate_descriptor	save_idt_npxintr;
551
552	disable_intr();
553	old_icu1_mask = inb(IO_ICU1 + 1);
554	old_icu2_mask = inb(IO_ICU2 + 1);
555	save_idt_npxintr = idt[npx_intrno];
556	outb(IO_ICU1 + 1, old_icu1_mask & ~(IRQ_SLAVE | npx0_imask));
557	outb(IO_ICU2 + 1, old_icu2_mask & ~(npx0_imask >> 8));
558	idt[npx_intrno] = npx_idt_probeintr;
559	enable_intr();
560	stop_emulating();
561	fnsave(addr);
562	fwait();
563	start_emulating();
564	npxproc = NULL;
565	disable_intr();
566	icu1_mask = inb(IO_ICU1 + 1);	/* masks may have changed */
567	icu2_mask = inb(IO_ICU2 + 1);
568	outb(IO_ICU1 + 1,
569	     (icu1_mask & ~npx0_imask) | (old_icu1_mask & npx0_imask));
570	outb(IO_ICU2 + 1,
571	     (icu2_mask & ~(npx0_imask >> 8))
572	     | (old_icu2_mask & (npx0_imask >> 8)));
573	idt[npx_intrno] = save_idt_npxintr;
574	enable_intr();		/* back to usual state */
575}
576
577#endif /* NNPX > 0 */
578