npx.c revision 16733 
1/*-
2 * Copyright (c) 1990 William Jolitz.
3 * Copyright (c) 1991 The Regents of the University of California.
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 * 1. Redistributions of source code must retain the above copyright
10 *    notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 *    notice, this list of conditions and the following disclaimer in the
13 *    documentation and/or other materials provided with the distribution.
14 * 3. All advertising materials mentioning features or use of this software
15 *    must display the following acknowledgement:
16 *	This product includes software developed by the University of
17 *	California, Berkeley and its contributors.
18 * 4. Neither the name of the University nor the names of its contributors
19 *    may be used to endorse or promote products derived from this software
20 *    without specific prior written permission.
21 *
22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25 * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 * SUCH DAMAGE.
33 *
34 *	from: @(#)npx.c	7.2 (Berkeley) 5/12/91
35 *	$Id: npx.c,v 1.29 1996/01/06 23:10:52 peter Exp $
36 */
37
38#include "npx.h"
39#if NNPX > 0
40
41#include "opt_math_emulate.h"
42
43#include <sys/param.h>
44#include <sys/systm.h>
45#include <sys/kernel.h>
46#include <sys/sysctl.h>
47#include <sys/conf.h>
48#include <sys/file.h>
49#include <sys/proc.h>
50#include <sys/devconf.h>
51#include <sys/ioctl.h>
52#include <sys/syslog.h>
53#include <sys/signalvar.h>
54
55#include <machine/cpu.h>
56#include <machine/pcb.h>
57#include <machine/md_var.h>
58#include <machine/trap.h>
59#include <machine/clock.h>
60#include <machine/specialreg.h>
61
62#include <i386/isa/icu.h>
63#include <i386/isa/isa_device.h>
64#include <i386/isa/isa.h>
65
66/*
67 * 387 and 287 Numeric Coprocessor Extension (NPX) Driver.
68 */
69
70#ifdef	__GNUC__
71
72#define	fldcw(addr)		__asm("fldcw %0" : : "m" (*(addr)))
73#define	fnclex()		__asm("fnclex")
74#define	fninit()		__asm("fninit")
75#define	fnop()			__asm("fnop")
76#define	fnsave(addr)		__asm("fnsave %0" : "=m" (*(addr)))
77#define	fnstcw(addr)		__asm("fnstcw %0" : "=m" (*(addr)))
78#define	fnstsw(addr)		__asm("fnstsw %0" : "=m" (*(addr)))
79#define	fp_divide_by_0()	__asm("fldz; fld1; fdiv %st,%st(1); fnop")
80#define	frstor(addr)		__asm("frstor %0" : : "m" (*(addr)))
81#define	start_emulating()	__asm("smsw %%ax; orb %0,%%al; lmsw %%ax" \
82				      : : "n" (CR0_TS) : "ax")
83#define	stop_emulating()	__asm("clts")
84
85#else	/* not __GNUC__ */
86
87void	fldcw		__P((caddr_t addr));
88void	fnclex		__P((void));
89void	fninit		__P((void));
90void	fnop		__P((void));
91void	fnsave		__P((caddr_t addr));
92void	fnstcw		__P((caddr_t addr));
93void	fnstsw		__P((caddr_t addr));
94void	fp_divide_by_0	__P((void));
95void	frstor		__P((caddr_t addr));
96void	start_emulating	__P((void));
97void	stop_emulating	__P((void));
98
99#endif	/* __GNUC__ */
100
101typedef u_char bool_t;
102
103static	int	npxattach	__P((struct isa_device *dvp));
104static	int	npxprobe	__P((struct isa_device *dvp));
105static	int	npxprobe1	__P((struct isa_device *dvp));
106
107struct	isa_driver npxdriver = {
108	npxprobe, npxattach, "npx",
109};
110
111int	hw_float;		/* XXX currently just alias for npx_exists */
112
113SYSCTL_INT(_hw,HW_FLOATINGPT, floatingpoint,
114	CTLFLAG_RD, &hw_float, 0,
115	"Floatingpoint instructions executed in hardware");
116
117static u_int	npx0_imask = SWI_CLOCK_MASK;
118struct proc	*npxproc;
119
120static	bool_t			npx_ex16;
121static	bool_t			npx_exists;
122static	struct gate_descriptor	npx_idt_probeintr;
123static	int			npx_intrno;
124static	volatile u_int		npx_intrs_while_probing;
125static	bool_t			npx_irq13;
126static	volatile u_int		npx_traps_while_probing;
127
128/*
129 * Special interrupt handlers.  Someday intr0-intr15 will be used to count
130 * interrupts.  We'll still need a special exception 16 handler.  The busy
131 * latch stuff in probeintr() can be moved to npxprobe().
132 */
133inthand_t probeintr;
134asm
135("
136	.text
137_probeintr:
138	ss
139	incl	_npx_intrs_while_probing
140	pushl	%eax
141	movb	$0x20,%al	# EOI (asm in strings loses cpp features)
142	outb	%al,$0xa0	# IO_ICU2
143	outb	%al,$0x20	# IO_ICU1
144	movb	$0,%al
145	outb	%al,$0xf0	# clear BUSY# latch
146	popl	%eax
147	iret
148");
149
150inthand_t probetrap;
151asm
152("
153	.text
154_probetrap:
155	ss
156	incl	_npx_traps_while_probing
157	fnclex
158	iret
159");
160
161static struct kern_devconf kdc_npx[NNPX] = { {
162	0, 0, 0,		/* filled in by dev_attach */
163	"npx", 0, { MDDT_ISA, 0 },
164	isa_generic_externalize, 0, 0, ISA_EXTERNALLEN,
165	&kdc_isa0,		/* parent */
166	0,			/* parentdata */
167	DC_UNCONFIGURED,	/* state */
168	"Floating-point unit",
169	DC_CLS_MISC		/* class */
170} };
171
172static inline void
173npx_registerdev(struct isa_device *id)
174{
175	int	unit;
176
177	unit = id->id_unit;
178	if (unit != 0)
179		kdc_npx[unit] = kdc_npx[0];
180	kdc_npx[unit].kdc_unit = unit;
181	kdc_npx[unit].kdc_isa = id;
182	dev_attach(&kdc_npx[unit]);
183}
184
185/*
186 * Probe routine.  Initialize cr0 to give correct behaviour for [f]wait
187 * whether the device exists or not (XXX should be elsewhere).  Set flags
188 * to tell npxattach() what to do.  Modify device struct if npx doesn't
189 * need to use interrupts.  Return 1 if device exists.
190 */
191static int
192npxprobe(dvp)
193	struct isa_device *dvp;
194{
195	int	result;
196	u_long	save_eflags;
197	u_char	save_icu1_mask;
198	u_char	save_icu2_mask;
199	struct	gate_descriptor save_idt_npxintr;
200	struct	gate_descriptor save_idt_npxtrap;
201	/*
202	 * This routine is now just a wrapper for npxprobe1(), to install
203	 * special npx interrupt and trap handlers, to enable npx interrupts
204	 * and to disable other interrupts.  Someday isa_configure() will
205	 * install suitable handlers and run with interrupts enabled so we
206	 * won't need to do so much here.
207	 */
208	npx_registerdev(dvp);
209	npx_intrno = NRSVIDT + ffs(dvp->id_irq) - 1;
210	save_eflags = read_eflags();
211	disable_intr();
212	save_icu1_mask = inb(IO_ICU1 + 1);
213	save_icu2_mask = inb(IO_ICU2 + 1);
214	save_idt_npxintr = idt[npx_intrno];
215	save_idt_npxtrap = idt[16];
216	outb(IO_ICU1 + 1, ~(IRQ_SLAVE | dvp->id_irq));
217	outb(IO_ICU2 + 1, ~(dvp->id_irq >> 8));
218	setidt(16, probetrap, SDT_SYS386TGT, SEL_KPL, GSEL(GCODE_SEL, SEL_KPL));
219	setidt(npx_intrno, probeintr, SDT_SYS386IGT, SEL_KPL, GSEL(GCODE_SEL, SEL_KPL));
220	npx_idt_probeintr = idt[npx_intrno];
221	enable_intr();
222	result = npxprobe1(dvp);
223	disable_intr();
224	outb(IO_ICU1 + 1, save_icu1_mask);
225	outb(IO_ICU2 + 1, save_icu2_mask);
226	idt[npx_intrno] = save_idt_npxintr;
227	idt[16] = save_idt_npxtrap;
228	write_eflags(save_eflags);
229	return (result);
230}
231
232static int
233npxprobe1(dvp)
234	struct isa_device *dvp;
235{
236	u_short control;
237	u_short status;
238
239	/*
240	 * Partially reset the coprocessor, if any.  Some BIOS's don't reset
241	 * it after a warm boot.
242	 */
243	outb(0xf1, 0);		/* full reset on some systems, NOP on others */
244	outb(0xf0, 0);		/* clear BUSY# latch */
245	/*
246	 * Prepare to trap all ESC (i.e., NPX) instructions and all WAIT
247	 * instructions.  We must set the CR0_MP bit and use the CR0_TS
248	 * bit to control the trap, because setting the CR0_EM bit does
249	 * not cause WAIT instructions to trap.  It's important to trap
250	 * WAIT instructions - otherwise the "wait" variants of no-wait
251	 * control instructions would degenerate to the "no-wait" variants
252	 * after FP context switches but work correctly otherwise.  It's
253	 * particularly important to trap WAITs when there is no NPX -
254	 * otherwise the "wait" variants would always degenerate.
255	 *
256	 * Try setting CR0_NE to get correct error reporting on 486DX's.
257	 * Setting it should fail or do nothing on lesser processors.
258	 */
259	load_cr0(rcr0() | CR0_MP | CR0_NE);
260	/*
261	 * But don't trap while we're probing.
262	 */
263	stop_emulating();
264	/*
265	 * Finish resetting the coprocessor, if any.  If there is an error
266	 * pending, then we may get a bogus IRQ13, but probeintr() will handle
267	 * it OK.  Bogus halts have never been observed, but we enabled
268	 * IRQ13 and cleared the BUSY# latch early to handle them anyway.
269	 */
270	fninit();
271	/*
272	 * Don't use fwait here because it might hang.
273	 * Don't use fnop here because it usually hangs if there is no FPU.
274	 */
275	DELAY(1000);		/* wait for any IRQ13 */
276#ifdef DIAGNOSTIC
277	if (npx_intrs_while_probing != 0)
278		printf("fninit caused %u bogus npx interrupt(s)\n",
279		       npx_intrs_while_probing);
280	if (npx_traps_while_probing != 0)
281		printf("fninit caused %u bogus npx trap(s)\n",
282		       npx_traps_while_probing);
283#endif
284	/*
285	 * Check for a status of mostly zero.
286	 */
287	status = 0x5a5a;
288	fnstsw(&status);
289	if ((status & 0xb8ff) == 0) {
290		/*
291		 * Good, now check for a proper control word.
292		 */
293		control = 0x5a5a;
294		fnstcw(&control);
295		if ((control & 0x1f3f) == 0x033f) {
296			hw_float = npx_exists = 1;
297			/*
298			 * We have an npx, now divide by 0 to see if exception
299			 * 16 works.
300			 */
301			control &= ~(1 << 2);	/* enable divide by 0 trap */
302			fldcw(&control);
303			npx_traps_while_probing = npx_intrs_while_probing = 0;
304			fp_divide_by_0();
305			if (npx_traps_while_probing != 0) {
306				/*
307				 * Good, exception 16 works.
308				 */
309				npx_ex16 = 1;
310				dvp->id_irq = 0;	/* zap the interrupt */
311				/*
312				 * special return value to flag that we do not
313				 * actually use any I/O registers
314				 */
315				return (-1);
316			}
317			if (npx_intrs_while_probing != 0) {
318				/*
319				 * Bad, we are stuck with IRQ13.
320				 */
321				npx_irq13 = 1;
322				/*
323				 * npxattach would be too late to set npx0_imask.
324				 */
325				npx0_imask |= dvp->id_irq;
326				return (IO_NPXSIZE);
327			}
328			/*
329			 * Worse, even IRQ13 is broken.  Use emulator.
330			 */
331		}
332	}
333	/*
334	 * Probe failed, but we want to get to npxattach to initialize the
335	 * emulator and say that it has been installed.  XXX handle devices
336	 * that aren't really devices better.
337	 */
338	dvp->id_irq = 0;
339	/*
340	 * special return value to flag that we do not
341	 * actually use any I/O registers
342	 */
343	return (-1);
344}
345
346/*
347 * Attach routine - announce which it is, and wire into system
348 */
349int
350npxattach(dvp)
351	struct isa_device *dvp;
352{
353	if (npx_ex16)
354		printf("npx%d: INT 16 interface\n", dvp->id_unit);
355	else if (npx_irq13)
356		;		/* higher level has printed "irq 13" */
357#if defined(MATH_EMULATE) || defined(GPL_MATH_EMULATE)
358	else if (npx_exists) {
359		printf("npx%d: error reporting broken; using 387 emulator\n",
360			dvp->id_unit);
361		npx_exists = 0;
362	} else
363		printf("npx%d: 387 emulator\n",dvp->id_unit);
364#else
365	else
366		printf("npx%d: no 387 emulator in kernel!\n", dvp->id_unit);
367#endif
368	npxinit(__INITIAL_NPXCW__);
369	if (npx_exists) {
370		kdc_npx[dvp->id_unit].kdc_state = DC_BUSY;
371	}
372	return (1);		/* XXX unused */
373}
374
375/*
376 * Initialize floating point unit.
377 */
378void
379npxinit(control)
380	u_short control;
381{
382	struct save87 dummy;
383
384	if (!npx_exists)
385		return;
386	/*
387	 * fninit has the same h/w bugs as fnsave.  Use the detoxified
388	 * fnsave to throw away any junk in the fpu.  npxsave() initializes
389	 * the fpu and sets npxproc = NULL as important side effects.
390	 */
391	npxsave(&dummy);
392	stop_emulating();
393	fldcw(&control);
394	if (curpcb != NULL)
395		fnsave(&curpcb->pcb_savefpu);
396	start_emulating();
397}
398
399/*
400 * Free coprocessor (if we have it).
401 */
402void
403npxexit(p)
404	struct proc *p;
405{
406
407	if (p == npxproc)
408		npxsave(&curpcb->pcb_savefpu);
409	if (npx_exists) {
410		u_int	masked_exceptions;
411
412		masked_exceptions = curpcb->pcb_savefpu.sv_env.en_cw
413				    & curpcb->pcb_savefpu.sv_env.en_sw & 0x7f;
414		/*
415		 * Overflow, divde by 0, and invalid operand would have
416		 * caused a trap in 1.1.5.
417		 */
418		if (masked_exceptions & 0x0d)
419			log(LOG_ERR,
420	"pid %d (%s) exited with masked floating point exceptions 0x%02x\n",
421			    p->p_pid, p->p_comm, masked_exceptions);
422	}
423}
424
425/*
426 * Preserve the FP status word, clear FP exceptions, then generate a SIGFPE.
427 *
428 * Clearing exceptions is necessary mainly to avoid IRQ13 bugs.  We now
429 * depend on longjmp() restoring a usable state.  Restoring the state
430 * or examining it might fail if we didn't clear exceptions.
431 *
432 * XXX there is no standard way to tell SIGFPE handlers about the error
433 * state.  The old interface:
434 *
435 *	void handler(int sig, int code, struct sigcontext *scp);
436 *
437 * is broken because it is non-ANSI and because the FP state is not in
438 * struct sigcontext.
439 *
440 * XXX the FP state is not preserved across signal handlers.  So signal
441 * handlers cannot afford to do FP unless they preserve the state or
442 * longjmp() out.  Both preserving the state and longjmp()ing may be
443 * destroyed by IRQ13 bugs.  Clearing FP exceptions is not an acceptable
444 * solution for signals other than SIGFPE.
445 */
446void
447npxintr(unit)
448	int unit;
449{
450	int code;
451	struct intrframe *frame;
452
453	if (npxproc == NULL || !npx_exists) {
454		printf("npxintr: npxproc = %p, curproc = %p, npx_exists = %d\n",
455		       npxproc, curproc, npx_exists);
456		panic("npxintr from nowhere");
457	}
458	if (npxproc != curproc) {
459		printf("npxintr: npxproc = %p, curproc = %p, npx_exists = %d\n",
460		       npxproc, curproc, npx_exists);
461		panic("npxintr from non-current process");
462	}
463
464	outb(0xf0, 0);
465	fnstsw(&curpcb->pcb_savefpu.sv_ex_sw);
466	fnclex();
467	fnop();
468
469	/*
470	 * Pass exception to process.
471	 */
472	frame = (struct intrframe *)&unit;	/* XXX */
473	if (ISPL(frame->if_cs) == SEL_UPL) {
474		/*
475		 * Interrupt is essentially a trap, so we can afford to call
476		 * the SIGFPE handler (if any) as soon as the interrupt
477		 * returns.
478		 *
479		 * XXX little or nothing is gained from this, and plenty is
480		 * lost - the interrupt frame has to contain the trap frame
481		 * (this is otherwise only necessary for the rescheduling trap
482		 * in doreti, and the frame for that could easily be set up
483		 * just before it is used).
484		 */
485		curproc->p_md.md_regs = &frame->if_es;
486#ifdef notyet
487		/*
488		 * Encode the appropriate code for detailed information on
489		 * this exception.
490		 */
491		code = XXX_ENCODE(curpcb->pcb_savefpu.sv_ex_sw);
492#else
493		code = 0;	/* XXX */
494#endif
495		trapsignal(curproc, SIGFPE, code);
496	} else {
497		/*
498		 * Nested interrupt.  These losers occur when:
499		 *	o an IRQ13 is bogusly generated at a bogus time, e.g.:
500		 *		o immediately after an fnsave or frstor of an
501		 *		  error state.
502		 *		o a couple of 386 instructions after
503		 *		  "fstpl _memvar" causes a stack overflow.
504		 *	  These are especially nasty when combined with a
505		 *	  trace trap.
506		 *	o an IRQ13 occurs at the same time as another higher-
507		 *	  priority interrupt.
508		 *
509		 * Treat them like a true async interrupt.
510		 */
511		psignal(curproc, SIGFPE);
512	}
513}
514
515/*
516 * Implement device not available (DNA) exception
517 *
518 * It would be better to switch FP context here (if curproc != npxproc)
519 * and not necessarily for every context switch, but it is too hard to
520 * access foreign pcb's.
521 */
522int
523npxdna()
524{
525	if (!npx_exists)
526		return (0);
527	if (npxproc != NULL) {
528		printf("npxdna: npxproc = %p, curproc = %p\n",
529		       npxproc, curproc);
530		panic("npxdna");
531	}
532	stop_emulating();
533	/*
534	 * Record new context early in case frstor causes an IRQ13.
535	 */
536	npxproc = curproc;
537	curpcb->pcb_savefpu.sv_ex_sw = 0;
538	/*
539	 * The following frstor may cause an IRQ13 when the state being
540	 * restored has a pending error.  The error will appear to have been
541	 * triggered by the current (npx) user instruction even when that
542	 * instruction is a no-wait instruction that should not trigger an
543	 * error (e.g., fnclex).  On at least one 486 system all of the
544	 * no-wait instructions are broken the same as frstor, so our
545	 * treatment does not amplify the breakage.  On at least one
546	 * 386/Cyrix 387 system, fnclex works correctly while frstor and
547	 * fnsave are broken, so our treatment breaks fnclex if it is the
548	 * first FPU instruction after a context switch.
549	 */
550	frstor(&curpcb->pcb_savefpu);
551
552	return (1);
553}
554
555/*
556 * Wrapper for fnsave instruction to handle h/w bugs.  If there is an error
557 * pending, then fnsave generates a bogus IRQ13 on some systems.  Force
558 * any IRQ13 to be handled immediately, and then ignore it.  This routine is
559 * often called at splhigh so it must not use many system services.  In
560 * particular, it's much easier to install a special handler than to
561 * guarantee that it's safe to use npxintr() and its supporting code.
562 */
563void
564npxsave(addr)
565	struct save87 *addr;
566{
567	u_char	icu1_mask;
568	u_char	icu2_mask;
569	u_char	old_icu1_mask;
570	u_char	old_icu2_mask;
571	struct gate_descriptor	save_idt_npxintr;
572
573	disable_intr();
574	old_icu1_mask = inb(IO_ICU1 + 1);
575	old_icu2_mask = inb(IO_ICU2 + 1);
576	save_idt_npxintr = idt[npx_intrno];
577	outb(IO_ICU1 + 1, old_icu1_mask & ~(IRQ_SLAVE | npx0_imask));
578	outb(IO_ICU2 + 1, old_icu2_mask & ~(npx0_imask >> 8));
579	idt[npx_intrno] = npx_idt_probeintr;
580	enable_intr();
581	stop_emulating();
582	fnsave(addr);
583	fnop();
584	start_emulating();
585	npxproc = NULL;
586	disable_intr();
587	icu1_mask = inb(IO_ICU1 + 1);	/* masks may have changed */
588	icu2_mask = inb(IO_ICU2 + 1);
589	outb(IO_ICU1 + 1,
590	     (icu1_mask & ~npx0_imask) | (old_icu1_mask & npx0_imask));
591	outb(IO_ICU2 + 1,
592	     (icu2_mask & ~(npx0_imask >> 8))
593	     | (old_icu2_mask & (npx0_imask >> 8)));
594	idt[npx_intrno] = save_idt_npxintr;
595	enable_intr();		/* back to usual state */
596}
597
598#endif /* NNPX > 0 */
599