npx.c revision 2631
1/*- 2 * Copyright (c) 1990 William Jolitz. 3 * Copyright (c) 1991 The Regents of the University of California. 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 3. All advertising materials mentioning features or use of this software 15 * must display the following acknowledgement: 16 * This product includes software developed by the University of 17 * California, Berkeley and its contributors. 18 * 4. Neither the name of the University nor the names of its contributors 19 * may be used to endorse or promote products derived from this software 20 * without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32 * SUCH DAMAGE. 33 * 34 * from: @(#)npx.c 7.2 (Berkeley) 5/12/91 35 * $Id: npx.c,v 1.10 1994/08/13 03:50:11 wollman Exp $ 36 */ 37 38#include "npx.h" 39#if NNPX > 0 40 41#include <sys/param.h> 42#include <sys/systm.h> 43#include <sys/conf.h> 44#include <sys/file.h> 45#include <sys/proc.h> 46#include <machine/cpu.h> 47#include <machine/pcb.h> 48#include <machine/trap.h> 49#include <sys/ioctl.h> 50#include <machine/specialreg.h> 51#include <i386/isa/icu.h> 52#include <i386/isa/isa_device.h> 53#include <i386/isa/isa.h> 54 55/* 56 * 387 and 287 Numeric Coprocessor Extension (NPX) Driver. 57 */ 58 59#ifdef __GNUC__ 60 61#define disable_intr() __asm("cli") 62#define enable_intr() __asm("sti") 63#define fldcw(addr) __asm("fldcw %0" : : "m" (*addr)) 64#define fnclex() __asm("fnclex") 65#define fninit() __asm("fninit") 66#define fnsave(addr) __asm("fnsave %0" : "=m" (*addr) : "0" (*addr)) 67#define fnstcw(addr) __asm("fnstcw %0" : "=m" (*addr) : "0" (*addr)) 68#define fnstsw(addr) __asm("fnstsw %0" : "=m" (*addr) : "0" (*addr)) 69#define fp_divide_by_0() __asm("fldz; fld1; fdiv %st,%st(1); fwait") 70#define frstor(addr) __asm("frstor %0" : : "m" (*addr)) 71#define fwait() __asm("fwait") 72#define read_eflags() ({u_long ef; \ 73 __asm("pushf; popl %0" : "=a" (ef)); \ 74 ef; }) 75#define start_emulating() __asm("smsw %%ax; orb %0,%%al; lmsw %%ax" \ 76 : : "n" (CR0_TS) : "ax") 77#define stop_emulating() __asm("clts") 78#define write_eflags(ef) __asm("pushl %0; popf" : : "a" ((u_long) ef)) 79 80#else /* not __GNUC__ */ 81 82void disable_intr __P((void)); 83void enable_intr __P((void)); 84void fldcw __P((caddr_t addr)); 85void fnclex __P((void)); 86void fninit __P((void)); 87void fnsave __P((caddr_t addr)); 88void fnstcw __P((caddr_t addr)); 89void fnstsw __P((caddr_t addr)); 90void fp_divide_by_0 __P((void)); 91void frstor __P((caddr_t addr)); 92void fwait __P((void)); 93u_long read_eflags __P((void)); 94void start_emulating __P((void)); 95void stop_emulating __P((void)); 96void write_eflags __P((u_long ef)); 97 98#endif /* __GNUC__ */ 99 100typedef u_char bool_t; 101 102extern struct gate_descriptor idt[]; 103 104int npxdna __P((void)); 105void npxexit __P((struct proc *p)); 106void npxinit __P((u_int control)); 107void npxintr __P((struct intrframe frame)); 108void npxsave __P((struct save87 *addr)); 109static int npxattach __P((struct isa_device *dvp)); 110static int npxprobe __P((struct isa_device *dvp)); 111static int npxprobe1 __P((struct isa_device *dvp)); 112 113struct isa_driver npxdriver = { 114 npxprobe, npxattach, "npx", 115}; 116 117u_int npx0_imask; 118struct proc *npxproc; 119 120static bool_t npx_ex16; 121static bool_t npx_exists; 122int hw_float; 123static struct gate_descriptor npx_idt_probeintr; 124static int npx_intrno; 125static volatile u_int npx_intrs_while_probing; 126static bool_t npx_irq13; 127static volatile u_int npx_traps_while_probing; 128 129/* 130 * Special interrupt handlers. Someday intr0-intr15 will be used to count 131 * interrupts. We'll still need a special exception 16 handler. The busy 132 * latch stuff in probintr() can be moved to npxprobe(). 133 */ 134void probeintr(void); 135asm 136(" 137 .text 138_probeintr: 139 ss 140 incl _npx_intrs_while_probing 141 pushl %eax 142 movb $0x20,%al # EOI (asm in strings loses cpp features) 143 outb %al,$0xa0 # IO_ICU2 144 outb %al,$0x20 #IO_ICU1 145 movb $0,%al 146 outb %al,$0xf0 # clear BUSY# latch 147 popl %eax 148 iret 149"); 150 151void probetrap(void); 152asm 153(" 154 .text 155_probetrap: 156 ss 157 incl _npx_traps_while_probing 158 fnclex 159 iret 160"); 161 162/* 163 * Probe routine. Initialize cr0 to give correct behaviour for [f]wait 164 * whether the device exists or not (XXX should be elsewhere). Set flags 165 * to tell npxattach() what to do. Modify device struct if npx doesn't 166 * need to use interrupts. Return 1 if device exists. 167 */ 168static int 169npxprobe(dvp) 170 struct isa_device *dvp; 171{ 172 int result; 173 u_long save_eflags; 174 u_char save_icu1_mask; 175 u_char save_icu2_mask; 176 struct gate_descriptor save_idt_npxintr; 177 struct gate_descriptor save_idt_npxtrap; 178 /* 179 * This routine is now just a wrapper for npxprobe1(), to install 180 * special npx interrupt and trap handlers, to enable npx interrupts 181 * and to disable other interrupts. Someday isa_configure() will 182 * install suitable handlers and run with interrupts enabled so we 183 * won't need to do so much here. 184 */ 185 npx_intrno = NRSVIDT + ffs(dvp->id_irq) - 1; 186 save_eflags = read_eflags(); 187 disable_intr(); 188 save_icu1_mask = inb(IO_ICU1 + 1); 189 save_icu2_mask = inb(IO_ICU2 + 1); 190 save_idt_npxintr = idt[npx_intrno]; 191 save_idt_npxtrap = idt[16]; 192 outb(IO_ICU1 + 1, ~(IRQ_SLAVE | dvp->id_irq)); 193 outb(IO_ICU2 + 1, ~(dvp->id_irq >> 8)); 194 setidt(16, probetrap, SDT_SYS386TGT, SEL_KPL); 195 setidt(npx_intrno, probeintr, SDT_SYS386IGT, SEL_KPL); 196 npx_idt_probeintr = idt[npx_intrno]; 197 enable_intr(); 198 result = npxprobe1(dvp); 199 disable_intr(); 200 outb(IO_ICU1 + 1, save_icu1_mask); 201 outb(IO_ICU2 + 1, save_icu2_mask); 202 idt[npx_intrno] = save_idt_npxintr; 203 idt[16] = save_idt_npxtrap; 204 write_eflags(save_eflags); 205 return (result); 206} 207 208static int 209npxprobe1(dvp) 210 struct isa_device *dvp; 211{ 212 int control; 213 int status; 214#ifdef lint 215 npxintr(); 216#endif 217 /* 218 * Partially reset the coprocessor, if any. Some BIOS's don't reset 219 * it after a warm boot. 220 */ 221 outb(0xf1, 0); /* full reset on some systems, NOP on others */ 222 outb(0xf0, 0); /* clear BUSY# latch */ 223 /* 224 * Prepare to trap all ESC (i.e., NPX) instructions and all WAIT 225 * instructions. We must set the CR0_MP bit and use the CR0_TS 226 * bit to control the trap, because setting the CR0_EM bit does 227 * not cause WAIT instructions to trap. It's important to trap 228 * WAIT instructions - otherwise the "wait" variants of no-wait 229 * control instructions would degenerate to the "no-wait" variants 230 * after FP context switches but work correctly otherwise. It's 231 * particularly important to trap WAITs when there is no NPX - 232 * otherwise the "wait" variants would always degenerate. 233 * 234 * Try setting CR0_NE to get correct error reporting on 486DX's. 235 * Setting it should fail or do nothing on lesser processors. 236 */ 237 load_cr0(rcr0() | CR0_MP | CR0_NE); 238 /* 239 * But don't trap while we're probing. 240 */ 241 stop_emulating(); 242 /* 243 * Finish resetting the coprocessor, if any. If there is an error 244 * pending, then we may get a bogus IRQ13, but probeintr() will handle 245 * it OK. Bogus halts have never been observed, but we enabled 246 * IRQ13 and cleared the BUSY# latch early to handle them anyway. 247 */ 248 fninit(); 249 DELAY(1000); /* wait for any IRQ13 (fwait might hang) */ 250#ifdef DIAGNOSTIC 251 if (npx_intrs_while_probing != 0) 252 printf("fninit caused %u bogus npx interrupt(s)\n", 253 npx_intrs_while_probing); 254 if (npx_traps_while_probing != 0) 255 printf("fninit caused %u bogus npx trap(s)\n", 256 npx_traps_while_probing); 257#endif 258 /* 259 * Check for a status of mostly zero. 260 */ 261 status = 0x5a5a; 262 fnstsw(&status); 263 if ((status & 0xb8ff) == 0) { 264 /* 265 * Good, now check for a proper control word. 266 */ 267 control = 0x5a5a; 268 fnstcw(&control); 269 if ((control & 0x1f3f) == 0x033f) { 270 hw_float = npx_exists = 1; 271 /* 272 * We have an npx, now divide by 0 to see if exception 273 * 16 works. 274 */ 275 control &= ~(1 << 2); /* enable divide by 0 trap */ 276 fldcw(&control); 277 npx_traps_while_probing = npx_intrs_while_probing = 0; 278 fp_divide_by_0(); 279 if (npx_traps_while_probing != 0) { 280 /* 281 * Good, exception 16 works. 282 */ 283 npx_ex16 = 1; 284 dvp->id_irq = 0; /* zap the interrupt */ 285 /* 286 * special return value to flag that we do not 287 * actually use any I/O registers 288 */ 289 return (-1); 290 } 291 if (npx_intrs_while_probing != 0) { 292 /* 293 * Bad, we are stuck with IRQ13. 294 */ 295 npx_irq13 = 1; 296 npx0_imask = dvp->id_irq; /* npxattach too late */ 297 return (IO_NPXSIZE); 298 } 299 /* 300 * Worse, even IRQ13 is broken. Use emulator. 301 */ 302 } 303 } 304 /* 305 * Probe failed, but we want to get to npxattach to initialize the 306 * emulator and say that it has been installed. XXX handle devices 307 * that aren't really devices better. 308 */ 309 dvp->id_irq = 0; 310 /* 311 * special return value to flag that we do not 312 * actually use any I/O registers 313 */ 314 return (-1); 315} 316 317/* 318 * Attach routine - announce which it is, and wire into system 319 */ 320int 321npxattach(dvp) 322 struct isa_device *dvp; 323{ 324 if (!npx_ex16 && !npx_irq13) { 325 if (npx_exists) { 326 printf("npx%d: Error reporting broken, using 387 emulator\n",dvp->id_unit); 327 hw_float = npx_exists = 0; 328 } else { 329 printf("npx%d: 387 Emulator\n",dvp->id_unit); 330 } 331 } 332 npxinit(__INITIAL_NPXCW__); 333 return (1); /* XXX unused */ 334} 335 336/* 337 * Initialize floating point unit. 338 */ 339void 340npxinit(control) 341 u_int control; 342{ 343 struct save87 dummy; 344 345 if (!npx_exists) 346 return; 347 /* 348 * fninit has the same h/w bugs as fnsave. Use the detoxified 349 * fnsave to throw away any junk in the fpu. fnsave initializes 350 * the fpu and sets npxproc = NULL as important side effects. 351 */ 352 npxsave(&dummy); 353 stop_emulating(); 354 fldcw(&control); 355 if (curpcb != NULL) 356 fnsave(&curpcb->pcb_savefpu); 357 start_emulating(); 358} 359 360/* 361 * Free coprocessor (if we have it). 362 */ 363void 364npxexit(p) 365 struct proc *p; 366{ 367 368 if (p == npxproc) { 369 start_emulating(); 370 npxproc = NULL; 371 } 372} 373 374/* 375 * Record the FPU state and reinitialize it all except for the control word. 376 * Then generate a SIGFPE. 377 * 378 * Reinitializing the state allows naive SIGFPE handlers to longjmp without 379 * doing any fixups. 380 * 381 * XXX there is currently no way to pass the full error state to signal 382 * handlers, and if this is a nested interrupt there is no way to pass even 383 * a status code! So there is no way to have a non-naive SIGFPE handler. At 384 * best a handler could do an fninit followed by an fldcw of a static value. 385 * fnclex would be of little use because it would leave junk on the FPU stack. 386 * Returning from the handler would be even less safe than usual because 387 * IRQ13 exception handling makes exceptions even less precise than usual. 388 */ 389void 390npxintr(frame) 391 struct intrframe frame; 392{ 393 int code; 394 395 if (npxproc == NULL || !npx_exists) { 396 /* XXX no %p in stand/printf.c. Cast to quiet gcc -Wall. */ 397 printf("npxintr: npxproc = %lx, curproc = %lx, npx_exists = %d\n", 398 (u_long) npxproc, (u_long) curproc, npx_exists); 399 panic("npxintr from nowhere"); 400 } 401 if (npxproc != curproc) { 402 printf("npxintr: npxproc = %lx, curproc = %lx, npx_exists = %d\n", 403 (u_long) npxproc, (u_long) curproc, npx_exists); 404 panic("npxintr from non-current process"); 405 } 406 /* 407 * Save state. This does an implied fninit. It had better not halt 408 * the cpu or we'll hang. 409 */ 410 outb(0xf0, 0); 411 fnsave(&curpcb->pcb_savefpu); 412 fwait(); 413 /* 414 * Restore control word (was clobbered by fnsave). 415 */ 416 fldcw(&curpcb->pcb_savefpu.sv_env.en_cw); 417 fwait(); 418 /* 419 * Remember the exception status word and tag word. The current 420 * (almost fninit'ed) fpu state is in the fpu and the exception 421 * state just saved will soon be junk. However, the implied fninit 422 * doesn't change the error pointers or register contents, and we 423 * preserved the control word and will copy the status and tag 424 * words, so the complete exception state can be recovered. 425 */ 426 curpcb->pcb_savefpu.sv_ex_sw = curpcb->pcb_savefpu.sv_env.en_sw; 427 curpcb->pcb_savefpu.sv_ex_tw = curpcb->pcb_savefpu.sv_env.en_tw; 428 429 /* 430 * Pass exception to process. 431 */ 432 if (ISPL(frame.if_cs) == SEL_UPL) { 433 /* 434 * Interrupt is essentially a trap, so we can afford to call 435 * the SIGFPE handler (if any) as soon as the interrupt 436 * returns. 437 * 438 * XXX little or nothing is gained from this, and plenty is 439 * lost - the interrupt frame has to contain the trap frame 440 * (this is otherwise only necessary for the rescheduling trap 441 * in doreti, and the frame for that could easily be set up 442 * just before it is used). 443 */ 444 curproc->p_md.md_regs = (int *)&frame.if_es; 445#ifdef notyet 446 /* 447 * Encode the appropriate code for detailed information on 448 * this exception. 449 */ 450 code = XXX_ENCODE(curpcb->pcb_savefpu.sv_ex_sw); 451#else 452 code = 0; /* XXX */ 453#endif 454 trapsignal(curproc, SIGFPE, code); 455 } else { 456 /* 457 * Nested interrupt. These losers occur when: 458 * o an IRQ13 is bogusly generated at a bogus time, e.g.: 459 * o immediately after an fnsave or frstor of an 460 * error state. 461 * o a couple of 386 instructions after 462 * "fstpl _memvar" causes a stack overflow. 463 * These are especially nasty when combined with a 464 * trace trap. 465 * o an IRQ13 occurs at the same time as another higher- 466 * priority interrupt. 467 * 468 * Treat them like a true async interrupt. 469 */ 470 psignal(npxproc, SIGFPE); 471 } 472} 473 474/* 475 * Implement device not available (DNA) exception 476 * 477 * It would be better to switch FP context here (only). This would require 478 * saving the state in the proc table instead of in the pcb. 479 */ 480int 481npxdna() 482{ 483 if (!npx_exists) 484 return (0); 485 if (npxproc != NULL) { 486 printf("npxdna: npxproc = %lx, curproc = %lx\n", 487 (u_long) npxproc, (u_long) curproc); 488 panic("npxdna"); 489 } 490 stop_emulating(); 491 /* 492 * Record new context early in case frstor causes an IRQ13. 493 */ 494 npxproc = curproc; 495 /* 496 * The following frstor may cause an IRQ13 when the state being 497 * restored has a pending error. The error will appear to have been 498 * triggered by the current (npx) user instruction even when that 499 * instruction is a no-wait instruction that should not trigger an 500 * error (e.g., fnclex). On at least one 486 system all of the 501 * no-wait instructions are broken the same as frstor, so our 502 * treatment does not amplify the breakage. On at least one 503 * 386/Cyrix 387 system, fnclex works correctly while frstor and 504 * fnsave are broken, so our treatment breaks fnclex if it is the 505 * first FPU instruction after a context switch. 506 */ 507 frstor(&curpcb->pcb_savefpu); 508 509 return (1); 510} 511 512/* 513 * Wrapper for fnsave instruction to handle h/w bugs. If there is an error 514 * pending, then fnsave generates a bogus IRQ13 on some systems. Force 515 * any IRQ13 to be handled immediately, and then ignore it. This routine is 516 * often called at splhigh so it must not use many system services. In 517 * particular, it's much easier to install a special handler than to 518 * guarantee that it's safe to use npxintr() and its supporting code. 519 */ 520void 521npxsave(addr) 522 struct save87 *addr; 523{ 524 u_char icu1_mask; 525 u_char icu2_mask; 526 u_char old_icu1_mask; 527 u_char old_icu2_mask; 528 struct gate_descriptor save_idt_npxintr; 529 530 disable_intr(); 531 old_icu1_mask = inb(IO_ICU1 + 1); 532 old_icu2_mask = inb(IO_ICU2 + 1); 533 save_idt_npxintr = idt[npx_intrno]; 534 outb(IO_ICU1 + 1, old_icu1_mask & ~(IRQ_SLAVE | npx0_imask)); 535 outb(IO_ICU2 + 1, old_icu2_mask & ~(npx0_imask >> 8)); 536 idt[npx_intrno] = npx_idt_probeintr; 537 enable_intr(); 538 stop_emulating(); 539 fnsave(addr); 540 fwait(); 541 start_emulating(); 542 npxproc = NULL; 543 disable_intr(); 544 icu1_mask = inb(IO_ICU1 + 1); /* masks may have changed */ 545 icu2_mask = inb(IO_ICU2 + 1); 546 outb(IO_ICU1 + 1, 547 (icu1_mask & ~npx0_imask) | (old_icu1_mask & npx0_imask)); 548 outb(IO_ICU2 + 1, 549 (icu2_mask & ~(npx0_imask >> 8)) 550 | (old_icu2_mask & (npx0_imask >> 8))); 551 idt[npx_intrno] = save_idt_npxintr; 552 enable_intr(); /* back to usual state */ 553} 554 555#endif /* NNPX > 0 */ 556