fpu.c revision 8876 
1/*-
2 * Copyright (c) 1990 William Jolitz.
3 * Copyright (c) 1991 The Regents of the University of California.
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 * 1. Redistributions of source code must retain the above copyright
10 *    notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 *    notice, this list of conditions and the following disclaimer in the
13 *    documentation and/or other materials provided with the distribution.
14 * 3. All advertising materials mentioning features or use of this software
15 *    must display the following acknowledgement:
16 *	This product includes software developed by the University of
17 *	California, Berkeley and its contributors.
18 * 4. Neither the name of the University nor the names of its contributors
19 *    may be used to endorse or promote products derived from this software
20 *    without specific prior written permission.
21 *
22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25 * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 * SUCH DAMAGE.
33 *
34 *	from: @(#)npx.c	7.2 (Berkeley) 5/12/91
35 *	$Id: npx.c,v 1.22 1995/04/12 20:48:01 wollman Exp $
36 */
37
38#include "npx.h"
39#if NNPX > 0
40
41#include <sys/param.h>
42#include <sys/systm.h>
43#include <sys/conf.h>
44#include <sys/file.h>
45#include <sys/proc.h>
46#include <sys/devconf.h>
47#include <sys/ioctl.h>
48#include <sys/syslog.h>
49#include <sys/signalvar.h>
50
51#include <machine/cpu.h>
52#include <machine/pcb.h>
53#include <machine/trap.h>
54#include <machine/clock.h>
55#include <machine/specialreg.h>
56
57#include <i386/isa/icu.h>
58#include <i386/isa/isa_device.h>
59#include <i386/isa/isa.h>
60
61/*
62 * 387 and 287 Numeric Coprocessor Extension (NPX) Driver.
63 */
64
65#ifdef	__GNUC__
66
67#define	fldcw(addr)		__asm("fldcw %0" : : "m" (*(addr)))
68#define	fnclex()		__asm("fnclex")
69#define	fninit()		__asm("fninit")
70#define	fnop()			__asm("fnop")
71#define	fnsave(addr)		__asm("fnsave %0" : "=m" (*(addr)))
72#define	fnstcw(addr)		__asm("fnstcw %0" : "=m" (*(addr)))
73#define	fnstsw(addr)		__asm("fnstsw %0" : "=m" (*(addr)))
74#define	fp_divide_by_0()	__asm("fldz; fld1; fdiv %st,%st(1); fnop")
75#define	frstor(addr)		__asm("frstor %0" : : "m" (*(addr)))
76#define	start_emulating()	__asm("smsw %%ax; orb %0,%%al; lmsw %%ax" \
77				      : : "n" (CR0_TS) : "ax")
78#define	stop_emulating()	__asm("clts")
79
80#else	/* not __GNUC__ */
81
82void	fldcw		__P((caddr_t addr));
83void	fnclex		__P((void));
84void	fninit		__P((void));
85void	fnop		__P((void));
86void	fnsave		__P((caddr_t addr));
87void	fnstcw		__P((caddr_t addr));
88void	fnstsw		__P((caddr_t addr));
89void	fp_divide_by_0	__P((void));
90void	frstor		__P((caddr_t addr));
91void	start_emulating	__P((void));
92void	stop_emulating	__P((void));
93
94#endif	/* __GNUC__ */
95
96typedef u_char bool_t;
97
98static	int	npxattach	__P((struct isa_device *dvp));
99static	int	npxprobe	__P((struct isa_device *dvp));
100static	int	npxprobe1	__P((struct isa_device *dvp));
101
102struct	isa_driver npxdriver = {
103	npxprobe, npxattach, "npx",
104};
105
106int	hw_float;		/* XXX currently just alias for npx_exists */
107u_int	npx0_imask = SWI_CLOCK_MASK;
108struct proc	*npxproc;
109
110static	bool_t			npx_ex16;
111static	bool_t			npx_exists;
112static	struct gate_descriptor	npx_idt_probeintr;
113static	int			npx_intrno;
114static	volatile u_int		npx_intrs_while_probing;
115static	bool_t			npx_irq13;
116static	volatile u_int		npx_traps_while_probing;
117
118/*
119 * Special interrupt handlers.  Someday intr0-intr15 will be used to count
120 * interrupts.  We'll still need a special exception 16 handler.  The busy
121 * latch stuff in probeintr() can be moved to npxprobe().
122 */
123inthand_t probeintr;
124asm
125("
126	.text
127_probeintr:
128	ss
129	incl	_npx_intrs_while_probing
130	pushl	%eax
131	movb	$0x20,%al	# EOI (asm in strings loses cpp features)
132	outb	%al,$0xa0	# IO_ICU2
133	outb	%al,$0x20	# IO_ICU1
134	movb	$0,%al
135	outb	%al,$0xf0	# clear BUSY# latch
136	popl	%eax
137	iret
138");
139
140inthand_t probetrap;
141asm
142("
143	.text
144_probetrap:
145	ss
146	incl	_npx_traps_while_probing
147	fnclex
148	iret
149");
150
151static struct kern_devconf kdc_npx[NNPX] = { {
152	0, 0, 0,		/* filled in by dev_attach */
153	"npx", 0, { MDDT_ISA, 0 },
154	isa_generic_externalize, 0, 0, ISA_EXTERNALLEN,
155	&kdc_isa0,		/* parent */
156	0,			/* parentdata */
157	DC_UNCONFIGURED,	/* state */
158	"Floating-point unit",
159	DC_CLS_MISC		/* class */
160} };
161
162static inline void
163npx_registerdev(struct isa_device *id)
164{
165	int	unit;
166
167	unit = id->id_unit;
168	if (unit != 0)
169		kdc_npx[unit] = kdc_npx[0];
170	kdc_npx[unit].kdc_unit = unit;
171	kdc_npx[unit].kdc_isa = id;
172	dev_attach(&kdc_npx[unit]);
173}
174
175/*
176 * Probe routine.  Initialize cr0 to give correct behaviour for [f]wait
177 * whether the device exists or not (XXX should be elsewhere).  Set flags
178 * to tell npxattach() what to do.  Modify device struct if npx doesn't
179 * need to use interrupts.  Return 1 if device exists.
180 */
181static int
182npxprobe(dvp)
183	struct isa_device *dvp;
184{
185	int	result;
186	u_long	save_eflags;
187	u_char	save_icu1_mask;
188	u_char	save_icu2_mask;
189	struct	gate_descriptor save_idt_npxintr;
190	struct	gate_descriptor save_idt_npxtrap;
191	/*
192	 * This routine is now just a wrapper for npxprobe1(), to install
193	 * special npx interrupt and trap handlers, to enable npx interrupts
194	 * and to disable other interrupts.  Someday isa_configure() will
195	 * install suitable handlers and run with interrupts enabled so we
196	 * won't need to do so much here.
197	 */
198	npx_registerdev(dvp);
199	npx_intrno = NRSVIDT + ffs(dvp->id_irq) - 1;
200	save_eflags = read_eflags();
201	disable_intr();
202	save_icu1_mask = inb(IO_ICU1 + 1);
203	save_icu2_mask = inb(IO_ICU2 + 1);
204	save_idt_npxintr = idt[npx_intrno];
205	save_idt_npxtrap = idt[16];
206	outb(IO_ICU1 + 1, ~(IRQ_SLAVE | dvp->id_irq));
207	outb(IO_ICU2 + 1, ~(dvp->id_irq >> 8));
208	setidt(16, probetrap, SDT_SYS386TGT, SEL_KPL);
209	setidt(npx_intrno, probeintr, SDT_SYS386IGT, SEL_KPL);
210	npx_idt_probeintr = idt[npx_intrno];
211	enable_intr();
212	result = npxprobe1(dvp);
213	disable_intr();
214	outb(IO_ICU1 + 1, save_icu1_mask);
215	outb(IO_ICU2 + 1, save_icu2_mask);
216	idt[npx_intrno] = save_idt_npxintr;
217	idt[16] = save_idt_npxtrap;
218	write_eflags(save_eflags);
219	return (result);
220}
221
222static int
223npxprobe1(dvp)
224	struct isa_device *dvp;
225{
226	u_short control;
227	u_short status;
228
229	/*
230	 * Partially reset the coprocessor, if any.  Some BIOS's don't reset
231	 * it after a warm boot.
232	 */
233	outb(0xf1, 0);		/* full reset on some systems, NOP on others */
234	outb(0xf0, 0);		/* clear BUSY# latch */
235	/*
236	 * Prepare to trap all ESC (i.e., NPX) instructions and all WAIT
237	 * instructions.  We must set the CR0_MP bit and use the CR0_TS
238	 * bit to control the trap, because setting the CR0_EM bit does
239	 * not cause WAIT instructions to trap.  It's important to trap
240	 * WAIT instructions - otherwise the "wait" variants of no-wait
241	 * control instructions would degenerate to the "no-wait" variants
242	 * after FP context switches but work correctly otherwise.  It's
243	 * particularly important to trap WAITs when there is no NPX -
244	 * otherwise the "wait" variants would always degenerate.
245	 *
246	 * Try setting CR0_NE to get correct error reporting on 486DX's.
247	 * Setting it should fail or do nothing on lesser processors.
248	 */
249	load_cr0(rcr0() | CR0_MP | CR0_NE);
250	/*
251	 * But don't trap while we're probing.
252	 */
253	stop_emulating();
254	/*
255	 * Finish resetting the coprocessor, if any.  If there is an error
256	 * pending, then we may get a bogus IRQ13, but probeintr() will handle
257	 * it OK.  Bogus halts have never been observed, but we enabled
258	 * IRQ13 and cleared the BUSY# latch early to handle them anyway.
259	 */
260	fninit();
261	/*
262	 * Don't use fwait here because it might hang.
263	 * Don't use fnop here because it usually hangs if there is no FPU.
264	 */
265	DELAY(1000);		/* wait for any IRQ13 */
266#ifdef DIAGNOSTIC
267	if (npx_intrs_while_probing != 0)
268		printf("fninit caused %u bogus npx interrupt(s)\n",
269		       npx_intrs_while_probing);
270	if (npx_traps_while_probing != 0)
271		printf("fninit caused %u bogus npx trap(s)\n",
272		       npx_traps_while_probing);
273#endif
274	/*
275	 * Check for a status of mostly zero.
276	 */
277	status = 0x5a5a;
278	fnstsw(&status);
279	if ((status & 0xb8ff) == 0) {
280		/*
281		 * Good, now check for a proper control word.
282		 */
283		control = 0x5a5a;
284		fnstcw(&control);
285		if ((control & 0x1f3f) == 0x033f) {
286			hw_float = npx_exists = 1;
287			/*
288			 * We have an npx, now divide by 0 to see if exception
289			 * 16 works.
290			 */
291			control &= ~(1 << 2);	/* enable divide by 0 trap */
292			fldcw(&control);
293			npx_traps_while_probing = npx_intrs_while_probing = 0;
294			fp_divide_by_0();
295			if (npx_traps_while_probing != 0) {
296				/*
297				 * Good, exception 16 works.
298				 */
299				npx_ex16 = 1;
300				dvp->id_irq = 0;	/* zap the interrupt */
301				/*
302				 * special return value to flag that we do not
303				 * actually use any I/O registers
304				 */
305				return (-1);
306			}
307			if (npx_intrs_while_probing != 0) {
308				/*
309				 * Bad, we are stuck with IRQ13.
310				 */
311				npx_irq13 = 1;
312				/*
313				 * npxattach would be too late to set npx0_imask.
314				 */
315				npx0_imask |= dvp->id_irq;
316				return (IO_NPXSIZE);
317			}
318			/*
319			 * Worse, even IRQ13 is broken.  Use emulator.
320			 */
321		}
322	}
323	/*
324	 * Probe failed, but we want to get to npxattach to initialize the
325	 * emulator and say that it has been installed.  XXX handle devices
326	 * that aren't really devices better.
327	 */
328	dvp->id_irq = 0;
329	/*
330	 * special return value to flag that we do not
331	 * actually use any I/O registers
332	 */
333	return (-1);
334}
335
336/*
337 * Attach routine - announce which it is, and wire into system
338 */
339int
340npxattach(dvp)
341	struct isa_device *dvp;
342{
343	if (npx_ex16)
344		printf("npx%d: INT 16 interface\n", dvp->id_unit);
345	else if (npx_irq13)
346		;		/* higher level has printed "irq 13" */
347#if defined(MATH_EMULATE) || defined(GPL_MATH_EMULATE)
348	else if (npx_exists) {
349		printf("npx%d: error reporting broken; using 387 emulator\n",
350			dvp->id_unit);
351		npx_exists = 0;
352	} else
353		printf("npx%d: 387 emulator\n",dvp->id_unit);
354#else
355	else
356		printf("npx%d: no 387 emulator in kernel!\n", dvp->id_unit);
357#endif
358	npxinit(__INITIAL_NPXCW__);
359	if (npx_exists) {
360		kdc_npx[dvp->id_unit].kdc_state = DC_BUSY;
361	}
362	return (1);		/* XXX unused */
363}
364
365/*
366 * Initialize floating point unit.
367 */
368void
369npxinit(control)
370	u_short control;
371{
372	struct save87 dummy;
373
374	if (!npx_exists)
375		return;
376	/*
377	 * fninit has the same h/w bugs as fnsave.  Use the detoxified
378	 * fnsave to throw away any junk in the fpu.  npxsave() initializes
379	 * the fpu and sets npxproc = NULL as important side effects.
380	 */
381	npxsave(&dummy);
382	stop_emulating();
383	fldcw(&control);
384	if (curpcb != NULL)
385		fnsave(&curpcb->pcb_savefpu);
386	start_emulating();
387}
388
389/*
390 * Free coprocessor (if we have it).
391 */
392void
393npxexit(p)
394	struct proc *p;
395{
396
397	if (p == npxproc)
398		npxsave(&curpcb->pcb_savefpu);
399	if (npx_exists) {
400		u_int	masked_exceptions;
401
402		masked_exceptions = curpcb->pcb_savefpu.sv_env.en_cw
403				    & curpcb->pcb_savefpu.sv_env.en_sw & 0x7f;
404		/*
405		 * Overflow, divde by 0, and invalid operand would have
406		 * caused a trap in 1.1.5.
407		 */
408		if (masked_exceptions & 0x0d)
409			log(LOG_ERR,
410	"pid %d (%s) exited with masked floating point exceptions 0x%02x\n",
411			    p->p_pid, p->p_comm, masked_exceptions);
412	}
413}
414
415/*
416 * Preserve the FP status word, clear FP exceptions, then generate a SIGFPE.
417 *
418 * Clearing exceptions is necessary mainly to avoid IRQ13 bugs.  We now
419 * depend on longjmp() restoring a usable state.  Restoring the state
420 * or examining it might fail if we didn't clear exceptions.
421 *
422 * XXX there is no standard way to tell SIGFPE handlers about the error
423 * state.  The old interface:
424 *
425 *	void handler(int sig, int code, struct sigcontext *scp);
426 *
427 * is broken because it is non-ANSI and because the FP state is not in
428 * struct sigcontext.
429 *
430 * XXX the FP state is not preserved across signal handlers.  So signal
431 * handlers cannot afford to do FP unless they preserve the state or
432 * longjmp() out.  Both preserving the state and longjmp()ing may be
433 * destroyed by IRQ13 bugs.  Clearing FP exceptions is not an acceptable
434 * solution for signals other than SIGFPE.
435 */
436void
437npxintr(frame)
438	struct intrframe frame;
439{
440	int code;
441
442	if (npxproc == NULL || !npx_exists) {
443		printf("npxintr: npxproc = %p, curproc = %p, npx_exists = %d\n",
444		       npxproc, curproc, npx_exists);
445		panic("npxintr from nowhere");
446	}
447	if (npxproc != curproc) {
448		printf("npxintr: npxproc = %p, curproc = %p, npx_exists = %d\n",
449		       npxproc, curproc, npx_exists);
450		panic("npxintr from non-current process");
451	}
452
453	outb(0xf0, 0);
454	fnstsw(&curpcb->pcb_savefpu.sv_ex_sw);
455	fnclex();
456	fnop();
457
458	/*
459	 * Pass exception to process.
460	 */
461	if (ISPL(frame.if_cs) == SEL_UPL) {
462		/*
463		 * Interrupt is essentially a trap, so we can afford to call
464		 * the SIGFPE handler (if any) as soon as the interrupt
465		 * returns.
466		 *
467		 * XXX little or nothing is gained from this, and plenty is
468		 * lost - the interrupt frame has to contain the trap frame
469		 * (this is otherwise only necessary for the rescheduling trap
470		 * in doreti, and the frame for that could easily be set up
471		 * just before it is used).
472		 */
473		curproc->p_md.md_regs = (int *)&frame.if_es;
474#ifdef notyet
475		/*
476		 * Encode the appropriate code for detailed information on
477		 * this exception.
478		 */
479		code = XXX_ENCODE(curpcb->pcb_savefpu.sv_ex_sw);
480#else
481		code = 0;	/* XXX */
482#endif
483		trapsignal(curproc, SIGFPE, code);
484	} else {
485		/*
486		 * Nested interrupt.  These losers occur when:
487		 *	o an IRQ13 is bogusly generated at a bogus time, e.g.:
488		 *		o immediately after an fnsave or frstor of an
489		 *		  error state.
490		 *		o a couple of 386 instructions after
491		 *		  "fstpl _memvar" causes a stack overflow.
492		 *	  These are especially nasty when combined with a
493		 *	  trace trap.
494		 *	o an IRQ13 occurs at the same time as another higher-
495		 *	  priority interrupt.
496		 *
497		 * Treat them like a true async interrupt.
498		 */
499		psignal(curproc, SIGFPE);
500	}
501}
502
503/*
504 * Implement device not available (DNA) exception
505 *
506 * It would be better to switch FP context here (if curproc != npxproc)
507 * and not necessarily for every context switch, but it is too hard to
508 * access foreign pcb's.
509 */
510int
511npxdna()
512{
513	if (!npx_exists)
514		return (0);
515	if (npxproc != NULL) {
516		printf("npxdna: npxproc = %p, curproc = %p\n",
517		       npxproc, curproc);
518		panic("npxdna");
519	}
520	stop_emulating();
521	/*
522	 * Record new context early in case frstor causes an IRQ13.
523	 */
524	npxproc = curproc;
525	curpcb->pcb_savefpu.sv_ex_sw = 0;
526	/*
527	 * The following frstor may cause an IRQ13 when the state being
528	 * restored has a pending error.  The error will appear to have been
529	 * triggered by the current (npx) user instruction even when that
530	 * instruction is a no-wait instruction that should not trigger an
531	 * error (e.g., fnclex).  On at least one 486 system all of the
532	 * no-wait instructions are broken the same as frstor, so our
533	 * treatment does not amplify the breakage.  On at least one
534	 * 386/Cyrix 387 system, fnclex works correctly while frstor and
535	 * fnsave are broken, so our treatment breaks fnclex if it is the
536	 * first FPU instruction after a context switch.
537	 */
538	frstor(&curpcb->pcb_savefpu);
539
540	return (1);
541}
542
543/*
544 * Wrapper for fnsave instruction to handle h/w bugs.  If there is an error
545 * pending, then fnsave generates a bogus IRQ13 on some systems.  Force
546 * any IRQ13 to be handled immediately, and then ignore it.  This routine is
547 * often called at splhigh so it must not use many system services.  In
548 * particular, it's much easier to install a special handler than to
549 * guarantee that it's safe to use npxintr() and its supporting code.
550 */
551void
552npxsave(addr)
553	struct save87 *addr;
554{
555	u_char	icu1_mask;
556	u_char	icu2_mask;
557	u_char	old_icu1_mask;
558	u_char	old_icu2_mask;
559	struct gate_descriptor	save_idt_npxintr;
560
561	disable_intr();
562	old_icu1_mask = inb(IO_ICU1 + 1);
563	old_icu2_mask = inb(IO_ICU2 + 1);
564	save_idt_npxintr = idt[npx_intrno];
565	outb(IO_ICU1 + 1, old_icu1_mask & ~(IRQ_SLAVE | npx0_imask));
566	outb(IO_ICU2 + 1, old_icu2_mask & ~(npx0_imask >> 8));
567	idt[npx_intrno] = npx_idt_probeintr;
568	enable_intr();
569	stop_emulating();
570	fnsave(addr);
571	fnop();
572	start_emulating();
573	npxproc = NULL;
574	disable_intr();
575	icu1_mask = inb(IO_ICU1 + 1);	/* masks may have changed */
576	icu2_mask = inb(IO_ICU2 + 1);
577	outb(IO_ICU1 + 1,
578	     (icu1_mask & ~npx0_imask) | (old_icu1_mask & npx0_imask));
579	outb(IO_ICU2 + 1,
580	     (icu2_mask & ~(npx0_imask >> 8))
581	     | (old_icu2_mask & (npx0_imask >> 8)));
582	idt[npx_intrno] = save_idt_npxintr;
583	enable_intr();		/* back to usual state */
584}
585
586#endif /* NNPX > 0 */
587