1 /*- 2 * Copyright (c) 1990 William Jolitz. 3 * Copyright (c) 1991 The Regents of the University of California. 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 3. All advertising materials mentioning features or use of this software 15 * must display the following acknowledgement: 16 * This product includes software developed by the University of 17 * California, Berkeley and its contributors. 18 * 4. Neither the name of the University nor the names of its contributors 19 * may be used to endorse or promote products derived from this software 20 * without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32 * SUCH DAMAGE. 33 * 34 * from: @(#)npx.c 7.2 (Berkeley) 5/12/91 35 * $Id: npx.c,v 1.24 1995/09/19 18:55:14 bde Exp $ 36 */ 37 38 #include "npx.h" 39 #if NNPX > 0 40 41 #include <sys/param.h> 42 #include <sys/systm.h> 43 #include <sys/kernel.h> 44 #include <sys/sysctl.h> 45 #include <sys/conf.h> 46 #include <sys/file.h> 47 #include <sys/proc.h> 48 #include <sys/devconf.h> 49 #include <sys/ioctl.h> 50 #include <sys/syslog.h> 51 #include <sys/signalvar.h> 52 53 #include <machine/cpu.h> 54 #include <machine/pcb.h> 55 #include <machine/trap.h> 56 #include <machine/clock.h> 57 #include <machine/specialreg.h> 58 59 #include <i386/isa/icu.h> 60 #include <i386/isa/isa_device.h> 61 #include <i386/isa/isa.h> 62 63 /* 64 * 387 and 287 Numeric Coprocessor Extension (NPX) Driver. 65 */ 66 67 #ifdef __GNUC__ 68 69 #define fldcw(addr) __asm("fldcw %0" : : "m" (*(addr))) 70 #define fnclex() __asm("fnclex") 71 #define fninit() __asm("fninit") 72 #define fnop() __asm("fnop") 73 #define fnsave(addr) __asm("fnsave %0" : "=m" (*(addr))) 74 #define fnstcw(addr) __asm("fnstcw %0" : "=m" (*(addr))) 75 #define fnstsw(addr) __asm("fnstsw %0" : "=m" (*(addr))) 76 #define fp_divide_by_0() __asm("fldz; fld1; fdiv %st,%st(1); fnop") 77 #define frstor(addr) __asm("frstor %0" : : "m" (*(addr))) 78 #define start_emulating() __asm("smsw %%ax; orb %0,%%al; lmsw %%ax" \ 79 : : "n" (CR0_TS) : "ax") 80 #define stop_emulating() __asm("clts") 81 82 #else /* not __GNUC__ */ 83 84 void fldcw __P((caddr_t addr)); 85 void fnclex __P((void)); 86 void fninit __P((void)); 87 void fnop __P((void)); 88 void fnsave __P((caddr_t addr)); 89 void fnstcw __P((caddr_t addr)); 90 void fnstsw __P((caddr_t addr)); 91 void fp_divide_by_0 __P((void)); 92 void frstor __P((caddr_t addr)); 93 void start_emulating __P((void)); 94 void stop_emulating __P((void)); 95 96 #endif /* __GNUC__ */ 97 98 typedef u_char bool_t; 99 100 static int npxattach __P((struct isa_device *dvp)); 101 static int npxprobe __P((struct isa_device *dvp)); 102 static int npxprobe1 __P((struct isa_device *dvp)); 103 104 struct isa_driver npxdriver = { 105 npxprobe, npxattach, "npx", 106 }; 107 108 int hw_float; /* XXX currently just alias for npx_exists */ 109 110 SYSCTL_INT(_hw,HW_FLOATINGPT, floatingpoint, 111 CTLFLAG_RD, &hw_float, 0, 112 "Floatingpoint instructions executed in hardware"); 113 114 u_int npx0_imask = SWI_CLOCK_MASK; 115 struct proc *npxproc; 116 117 static bool_t npx_ex16; 118 static bool_t npx_exists; 119 static struct gate_descriptor npx_idt_probeintr; 120 static int npx_intrno; 121 static volatile u_int npx_intrs_while_probing; 122 static bool_t npx_irq13; 123 static volatile u_int npx_traps_while_probing; 124 125 /* 126 * Special interrupt handlers. Someday intr0-intr15 will be used to count 127 * interrupts. We'll still need a special exception 16 handler. The busy 128 * latch stuff in probeintr() can be moved to npxprobe(). 129 */ 130 inthand_t probeintr; 131 asm 132 (" 133 .text 134 _probeintr: 135 ss 136 incl _npx_intrs_while_probing 137 pushl %eax 138 movb $0x20,%al # EOI (asm in strings loses cpp features) 139 outb %al,$0xa0 # IO_ICU2 140 outb %al,$0x20 # IO_ICU1 141 movb $0,%al 142 outb %al,$0xf0 # clear BUSY# latch 143 popl %eax 144 iret 145 "); 146 147 inthand_t probetrap; 148 asm 149 (" 150 .text 151 _probetrap: 152 ss 153 incl _npx_traps_while_probing 154 fnclex 155 iret 156 "); 157 158 static struct kern_devconf kdc_npx[NNPX] = { { 159 0, 0, 0, /* filled in by dev_attach */ 160 "npx", 0, { MDDT_ISA, 0 }, 161 isa_generic_externalize, 0, 0, ISA_EXTERNALLEN, 162 &kdc_isa0, /* parent */ 163 0, /* parentdata */ 164 DC_UNCONFIGURED, /* state */ 165 "Floating-point unit", 166 DC_CLS_MISC /* class */ 167 } }; 168 169 static inline void 170 npx_registerdev(struct isa_device *id) 171 { 172 int unit; 173 174 unit = id->id_unit; 175 if (unit != 0) 176 kdc_npx[unit] = kdc_npx[0]; 177 kdc_npx[unit].kdc_unit = unit; 178 kdc_npx[unit].kdc_isa = id; 179 dev_attach(&kdc_npx[unit]); 180 } 181 182 /* 183 * Probe routine. Initialize cr0 to give correct behaviour for [f]wait 184 * whether the device exists or not (XXX should be elsewhere). Set flags 185 * to tell npxattach() what to do. Modify device struct if npx doesn't 186 * need to use interrupts. Return 1 if device exists. 187 */ 188 static int 189 npxprobe(dvp) 190 struct isa_device *dvp; 191 { 192 int result; 193 u_long save_eflags; 194 u_char save_icu1_mask; 195 u_char save_icu2_mask; 196 struct gate_descriptor save_idt_npxintr; 197 struct gate_descriptor save_idt_npxtrap; 198 /* 199 * This routine is now just a wrapper for npxprobe1(), to install 200 * special npx interrupt and trap handlers, to enable npx interrupts 201 * and to disable other interrupts. Someday isa_configure() will 202 * install suitable handlers and run with interrupts enabled so we 203 * won't need to do so much here. 204 */ 205 npx_registerdev(dvp); 206 npx_intrno = NRSVIDT + ffs(dvp->id_irq) - 1; 207 save_eflags = read_eflags(); 208 disable_intr(); 209 save_icu1_mask = inb(IO_ICU1 + 1); 210 save_icu2_mask = inb(IO_ICU2 + 1); 211 save_idt_npxintr = idt[npx_intrno]; 212 save_idt_npxtrap = idt[16]; 213 outb(IO_ICU1 + 1, ~(IRQ_SLAVE | dvp->id_irq)); 214 outb(IO_ICU2 + 1, ~(dvp->id_irq >> 8)); 215 setidt(16, probetrap, SDT_SYS386TGT, SEL_KPL); 216 setidt(npx_intrno, probeintr, SDT_SYS386IGT, SEL_KPL); 217 npx_idt_probeintr = idt[npx_intrno]; 218 enable_intr(); 219 result = npxprobe1(dvp); 220 disable_intr(); 221 outb(IO_ICU1 + 1, save_icu1_mask); 222 outb(IO_ICU2 + 1, save_icu2_mask); 223 idt[npx_intrno] = save_idt_npxintr; 224 idt[16] = save_idt_npxtrap; 225 write_eflags(save_eflags); 226 return (result); 227 } 228 229 static int 230 npxprobe1(dvp) 231 struct isa_device *dvp; 232 { 233 u_short control; 234 u_short status; 235 236 /* 237 * Partially reset the coprocessor, if any. Some BIOS's don't reset 238 * it after a warm boot. 239 */ 240 outb(0xf1, 0); /* full reset on some systems, NOP on others */ 241 outb(0xf0, 0); /* clear BUSY# latch */ 242 /* 243 * Prepare to trap all ESC (i.e., NPX) instructions and all WAIT 244 * instructions. We must set the CR0_MP bit and use the CR0_TS 245 * bit to control the trap, because setting the CR0_EM bit does 246 * not cause WAIT instructions to trap. It's important to trap 247 * WAIT instructions - otherwise the "wait" variants of no-wait 248 * control instructions would degenerate to the "no-wait" variants 249 * after FP context switches but work correctly otherwise. It's 250 * particularly important to trap WAITs when there is no NPX - 251 * otherwise the "wait" variants would always degenerate. 252 * 253 * Try setting CR0_NE to get correct error reporting on 486DX's. 254 * Setting it should fail or do nothing on lesser processors. 255 */ 256 load_cr0(rcr0() | CR0_MP | CR0_NE); 257 /* 258 * But don't trap while we're probing. 259 */ 260 stop_emulating(); 261 /* 262 * Finish resetting the coprocessor, if any. If there is an error 263 * pending, then we may get a bogus IRQ13, but probeintr() will handle 264 * it OK. Bogus halts have never been observed, but we enabled 265 * IRQ13 and cleared the BUSY# latch early to handle them anyway. 266 */ 267 fninit(); 268 /* 269 * Don't use fwait here because it might hang. 270 * Don't use fnop here because it usually hangs if there is no FPU. 271 */ 272 DELAY(1000); /* wait for any IRQ13 */ 273 #ifdef DIAGNOSTIC 274 if (npx_intrs_while_probing != 0) 275 printf("fninit caused %u bogus npx interrupt(s)\n", 276 npx_intrs_while_probing); 277 if (npx_traps_while_probing != 0) 278 printf("fninit caused %u bogus npx trap(s)\n", 279 npx_traps_while_probing); 280 #endif 281 /* 282 * Check for a status of mostly zero. 283 */ 284 status = 0x5a5a; 285 fnstsw(&status); 286 if ((status & 0xb8ff) == 0) { 287 /* 288 * Good, now check for a proper control word. 289 */ 290 control = 0x5a5a; 291 fnstcw(&control); 292 if ((control & 0x1f3f) == 0x033f) { 293 hw_float = npx_exists = 1; 294 /* 295 * We have an npx, now divide by 0 to see if exception 296 * 16 works. 297 */ 298 control &= ~(1 << 2); /* enable divide by 0 trap */ 299 fldcw(&control); 300 npx_traps_while_probing = npx_intrs_while_probing = 0; 301 fp_divide_by_0(); 302 if (npx_traps_while_probing != 0) { 303 /* 304 * Good, exception 16 works. 305 */ 306 npx_ex16 = 1; 307 dvp->id_irq = 0; /* zap the interrupt */ 308 /* 309 * special return value to flag that we do not 310 * actually use any I/O registers 311 */ 312 return (-1); 313 } 314 if (npx_intrs_while_probing != 0) { 315 /* 316 * Bad, we are stuck with IRQ13. 317 */ 318 npx_irq13 = 1; 319 /* 320 * npxattach would be too late to set npx0_imask. 321 */ 322 npx0_imask |= dvp->id_irq; 323 return (IO_NPXSIZE); 324 } 325 /* 326 * Worse, even IRQ13 is broken. Use emulator. 327 */ 328 } 329 } 330 /* 331 * Probe failed, but we want to get to npxattach to initialize the 332 * emulator and say that it has been installed. XXX handle devices 333 * that aren't really devices better. 334 */ 335 dvp->id_irq = 0; 336 /* 337 * special return value to flag that we do not 338 * actually use any I/O registers 339 */ 340 return (-1); 341 } 342 343 /* 344 * Attach routine - announce which it is, and wire into system 345 */ 346 int 347 npxattach(dvp) 348 struct isa_device *dvp; 349 { 350 if (npx_ex16) 351 printf("npx%d: INT 16 interface\n", dvp->id_unit); 352 else if (npx_irq13) 353 ; /* higher level has printed "irq 13" */ 354 #if defined(MATH_EMULATE) || defined(GPL_MATH_EMULATE) 355 else if (npx_exists) { 356 printf("npx%d: error reporting broken; using 387 emulator\n", 357 dvp->id_unit); 358 npx_exists = 0; 359 } else 360 printf("npx%d: 387 emulator\n",dvp->id_unit); 361 #else 362 else 363 printf("npx%d: no 387 emulator in kernel!\n", dvp->id_unit); 364 #endif 365 npxinit(__INITIAL_NPXCW__); 366 if (npx_exists) { 367 kdc_npx[dvp->id_unit].kdc_state = DC_BUSY; 368 } 369 return (1); /* XXX unused */ 370 } 371 372 /* 373 * Initialize floating point unit. 374 */ 375 void 376 npxinit(control) 377 u_short control; 378 { 379 struct save87 dummy; 380 381 if (!npx_exists) 382 return; 383 /* 384 * fninit has the same h/w bugs as fnsave. Use the detoxified 385 * fnsave to throw away any junk in the fpu. npxsave() initializes 386 * the fpu and sets npxproc = NULL as important side effects. 387 */ 388 npxsave(&dummy); 389 stop_emulating(); 390 fldcw(&control); 391 if (curpcb != NULL) 392 fnsave(&curpcb->pcb_savefpu); 393 start_emulating(); 394 } 395 396 /* 397 * Free coprocessor (if we have it). 398 */ 399 void 400 npxexit(p) 401 struct proc *p; 402 { 403 404 if (p == npxproc) 405 npxsave(&curpcb->pcb_savefpu); 406 if (npx_exists) { 407 u_int masked_exceptions; 408 409 masked_exceptions = curpcb->pcb_savefpu.sv_env.en_cw 410 & curpcb->pcb_savefpu.sv_env.en_sw & 0x7f; 411 /* 412 * Overflow, divde by 0, and invalid operand would have 413 * caused a trap in 1.1.5. 414 */ 415 if (masked_exceptions & 0x0d) 416 log(LOG_ERR, 417 "pid %d (%s) exited with masked floating point exceptions 0x%02x\n", 418 p->p_pid, p->p_comm, masked_exceptions); 419 } 420 } 421 422 /* 423 * Preserve the FP status word, clear FP exceptions, then generate a SIGFPE. 424 * 425 * Clearing exceptions is necessary mainly to avoid IRQ13 bugs. We now 426 * depend on longjmp() restoring a usable state. Restoring the state 427 * or examining it might fail if we didn't clear exceptions. 428 * 429 * XXX there is no standard way to tell SIGFPE handlers about the error 430 * state. The old interface: 431 * 432 * void handler(int sig, int code, struct sigcontext *scp); 433 * 434 * is broken because it is non-ANSI and because the FP state is not in 435 * struct sigcontext. 436 * 437 * XXX the FP state is not preserved across signal handlers. So signal 438 * handlers cannot afford to do FP unless they preserve the state or 439 * longjmp() out. Both preserving the state and longjmp()ing may be 440 * destroyed by IRQ13 bugs. Clearing FP exceptions is not an acceptable 441 * solution for signals other than SIGFPE. 442 */ 443 void 444 npxintr(unit) 445 int unit; 446 { 447 int code; 448 struct intrframe *frame; 449 450 if (npxproc == NULL || !npx_exists) { 451 printf("npxintr: npxproc = %p, curproc = %p, npx_exists = %d\n", 452 npxproc, curproc, npx_exists); 453 panic("npxintr from nowhere"); 454 } 455 if (npxproc != curproc) { 456 printf("npxintr: npxproc = %p, curproc = %p, npx_exists = %d\n", 457 npxproc, curproc, npx_exists); 458 panic("npxintr from non-current process"); 459 } 460 461 outb(0xf0, 0); 462 fnstsw(&curpcb->pcb_savefpu.sv_ex_sw); 463 fnclex(); 464 fnop(); 465 466 /* 467 * Pass exception to process. 468 */ 469 frame = (struct intrframe *)&unit; /* XXX */ 470 if (ISPL(frame->if_cs) == SEL_UPL) { 471 /* 472 * Interrupt is essentially a trap, so we can afford to call 473 * the SIGFPE handler (if any) as soon as the interrupt 474 * returns. 475 * 476 * XXX little or nothing is gained from this, and plenty is 477 * lost - the interrupt frame has to contain the trap frame 478 * (this is otherwise only necessary for the rescheduling trap 479 * in doreti, and the frame for that could easily be set up 480 * just before it is used). 481 */ 482 curproc->p_md.md_regs = &frame->if_es; 483 #ifdef notyet 484 /* 485 * Encode the appropriate code for detailed information on 486 * this exception. 487 */ 488 code = XXX_ENCODE(curpcb->pcb_savefpu.sv_ex_sw); 489 #else 490 code = 0; /* XXX */ 491 #endif 492 trapsignal(curproc, SIGFPE, code); 493 } else { 494 /* 495 * Nested interrupt. These losers occur when: 496 * o an IRQ13 is bogusly generated at a bogus time, e.g.: 497 * o immediately after an fnsave or frstor of an 498 * error state. 499 * o a couple of 386 instructions after 500 * "fstpl _memvar" causes a stack overflow. 501 * These are especially nasty when combined with a 502 * trace trap. 503 * o an IRQ13 occurs at the same time as another higher- 504 * priority interrupt. 505 * 506 * Treat them like a true async interrupt. 507 */ 508 psignal(curproc, SIGFPE); 509 } 510 } 511 512 /* 513 * Implement device not available (DNA) exception 514 * 515 * It would be better to switch FP context here (if curproc != npxproc) 516 * and not necessarily for every context switch, but it is too hard to 517 * access foreign pcb's. 518 */ 519 int 520 npxdna() 521 { 522 if (!npx_exists) 523 return (0); 524 if (npxproc != NULL) { 525 printf("npxdna: npxproc = %p, curproc = %p\n", 526 npxproc, curproc); 527 panic("npxdna"); 528 } 529 stop_emulating(); 530 /* 531 * Record new context early in case frstor causes an IRQ13. 532 */ 533 npxproc = curproc; 534 curpcb->pcb_savefpu.sv_ex_sw = 0; 535 /* 536 * The following frstor may cause an IRQ13 when the state being 537 * restored has a pending error. The error will appear to have been 538 * triggered by the current (npx) user instruction even when that 539 * instruction is a no-wait instruction that should not trigger an 540 * error (e.g., fnclex). On at least one 486 system all of the 541 * no-wait instructions are broken the same as frstor, so our 542 * treatment does not amplify the breakage. On at least one 543 * 386/Cyrix 387 system, fnclex works correctly while frstor and 544 * fnsave are broken, so our treatment breaks fnclex if it is the 545 * first FPU instruction after a context switch. 546 */ 547 frstor(&curpcb->pcb_savefpu); 548 549 return (1); 550 } 551 552 /* 553 * Wrapper for fnsave instruction to handle h/w bugs. If there is an error 554 * pending, then fnsave generates a bogus IRQ13 on some systems. Force 555 * any IRQ13 to be handled immediately, and then ignore it. This routine is 556 * often called at splhigh so it must not use many system services. In 557 * particular, it's much easier to install a special handler than to 558 * guarantee that it's safe to use npxintr() and its supporting code. 559 */ 560 void 561 npxsave(addr) 562 struct save87 *addr; 563 { 564 u_char icu1_mask; 565 u_char icu2_mask; 566 u_char old_icu1_mask; 567 u_char old_icu2_mask; 568 struct gate_descriptor save_idt_npxintr; 569 570 disable_intr(); 571 old_icu1_mask = inb(IO_ICU1 + 1); 572 old_icu2_mask = inb(IO_ICU2 + 1); 573 save_idt_npxintr = idt[npx_intrno]; 574 outb(IO_ICU1 + 1, old_icu1_mask & ~(IRQ_SLAVE | npx0_imask)); 575 outb(IO_ICU2 + 1, old_icu2_mask & ~(npx0_imask >> 8)); 576 idt[npx_intrno] = npx_idt_probeintr; 577 enable_intr(); 578 stop_emulating(); 579 fnsave(addr); 580 fnop(); 581 start_emulating(); 582 npxproc = NULL; 583 disable_intr(); 584 icu1_mask = inb(IO_ICU1 + 1); /* masks may have changed */ 585 icu2_mask = inb(IO_ICU2 + 1); 586 outb(IO_ICU1 + 1, 587 (icu1_mask & ~npx0_imask) | (old_icu1_mask & npx0_imask)); 588 outb(IO_ICU2 + 1, 589 (icu2_mask & ~(npx0_imask >> 8)) 590 | (old_icu2_mask & (npx0_imask >> 8))); 591 idt[npx_intrno] = save_idt_npxintr; 592 enable_intr(); /* back to usual state */ 593 } 594 595 #endif /* NNPX > 0 */ 596