Search
lxdream.org :: lxdream/src/sh4/mmu.c
lxdream 0.9.1
released Jun 29
Download Now
filename src/sh4/mmu.c
changeset 933:880c37bb1909
prev931:430048ea8b71
next934:3acd3b3ee6d1
author nkeynes
date Wed Dec 24 06:06:23 2008 +0000 (13 years ago)
branchlxdream-mem
permissions -rw-r--r--
last change Start putting cache together
view annotate diff log raw
     1 /**
     2  * $Id$
     3  *
     4  * MMU implementation
     5  *
     6  * Copyright (c) 2005 Nathan Keynes.
     7  *
     8  * This program is free software; you can redistribute it and/or modify
     9  * it under the terms of the GNU General Public License as published by
    10  * the Free Software Foundation; either version 2 of the License, or
    11  * (at your option) any later version.
    12  *
    13  * This program is distributed in the hope that it will be useful,
    14  * but WITHOUT ANY WARRANTY; without even the implied warranty of
    15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    16  * GNU General Public License for more details.
    17  */
    18 #define MODULE sh4_module
    20 #include <stdio.h>
    21 #include <assert.h>
    22 #include "sh4/sh4mmio.h"
    23 #include "sh4/sh4core.h"
    24 #include "sh4/sh4trans.h"
    25 #include "mem.h"
    26 #include "mmu.h"
    28 #ifdef HAVE_FRAME_ADDRESS
    29 #define RETURN_VIA(exc) do{ *(((void **)__builtin_frame_address(0))+1) = exc; return; } while(0)
    30 #else
    31 #define RETURN_VIA(exc) return MMU_VMA_ERROR
    32 #endif
    34 /* The MMU (practically unique in the system) is allowed to raise exceptions
    35  * directly, with a return code indicating that one was raised and the caller
    36  * had better behave appropriately.
    37  */
    38 #define RAISE_TLB_ERROR(code, vpn) \
    39     MMIO_WRITE(MMU, TEA, vpn); \
    40     MMIO_WRITE(MMU, PTEH, ((MMIO_READ(MMU, PTEH) & 0x000003FF) | (vpn&0xFFFFFC00))); \
    41     sh4_raise_tlb_exception(code);
    43 #define RAISE_MEM_ERROR(code, vpn) \
    44     MMIO_WRITE(MMU, TEA, vpn); \
    45     MMIO_WRITE(MMU, PTEH, ((MMIO_READ(MMU, PTEH) & 0x000003FF) | (vpn&0xFFFFFC00))); \
    46     sh4_raise_exception(code);
    48 #define RAISE_OTHER_ERROR(code) \
    49     sh4_raise_exception(code);
    50 /**
    51  * Abort with a non-MMU address error. Caused by user-mode code attempting
    52  * to access privileged regions, or alignment faults.
    53  */
    54 #define MMU_READ_ADDR_ERROR() RAISE_OTHER_ERROR(EXC_DATA_ADDR_READ)
    55 #define MMU_WRITE_ADDR_ERROR() RAISE_OTHER_ERROR(EXC_DATA_ADDR_WRITE)
    57 #define MMU_TLB_READ_MISS_ERROR(vpn) RAISE_TLB_ERROR(EXC_TLB_MISS_READ, vpn)
    58 #define MMU_TLB_WRITE_MISS_ERROR(vpn) RAISE_TLB_ERROR(EXC_TLB_MISS_WRITE, vpn)
    59 #define MMU_TLB_INITIAL_WRITE_ERROR(vpn) RAISE_MEM_ERROR(EXC_INIT_PAGE_WRITE, vpn)
    60 #define MMU_TLB_READ_PROT_ERROR(vpn) RAISE_MEM_ERROR(EXC_TLB_PROT_READ, vpn)
    61 #define MMU_TLB_WRITE_PROT_ERROR(vpn) RAISE_MEM_ERROR(EXC_TLB_PROT_WRITE, vpn)
    62 #define MMU_TLB_MULTI_HIT_ERROR(vpn) sh4_raise_reset(EXC_TLB_MULTI_HIT); \
    63     MMIO_WRITE(MMU, TEA, vpn); \
    64     MMIO_WRITE(MMU, PTEH, ((MMIO_READ(MMU, PTEH) & 0x000003FF) | (vpn&0xFFFFFC00)));
    67 #define OCRAM_START (0x1C000000>>LXDREAM_PAGE_BITS)
    68 #define OCRAM_END   (0x20000000>>LXDREAM_PAGE_BITS)
    71 static struct itlb_entry mmu_itlb[ITLB_ENTRY_COUNT];
    72 static struct utlb_entry mmu_utlb[UTLB_ENTRY_COUNT];
    73 static uint32_t mmu_urc;
    74 static uint32_t mmu_urb;
    75 static uint32_t mmu_lrui;
    76 static uint32_t mmu_asid; // current asid
    78 static struct utlb_sort_entry mmu_utlb_sorted[UTLB_ENTRY_COUNT];
    79 static uint32_t mmu_utlb_entries; // Number of entries in mmu_utlb_sorted. 
    81 static sh4ptr_t cache = NULL;
    83 static void mmu_invalidate_tlb();
    84 static void mmu_utlb_sorted_reset();
    85 static void mmu_utlb_sorted_reload();
    87 static uint32_t get_mask_for_flags( uint32_t flags )
    88 {
    89     switch( flags & TLB_SIZE_MASK ) {
    90     case TLB_SIZE_1K: return MASK_1K;
    91     case TLB_SIZE_4K: return MASK_4K;
    92     case TLB_SIZE_64K: return MASK_64K;
    93     case TLB_SIZE_1M: return MASK_1M;
    94     default: return 0; /* Unreachable */
    95     }
    96 }
    98 MMIO_REGION_READ_FN( MMU, reg )
    99 {
   100     reg &= 0xFFF;
   101     switch( reg ) {
   102     case MMUCR:
   103         return MMIO_READ( MMU, MMUCR) | (mmu_urc<<10) | (mmu_urb<<18) | (mmu_lrui<<26);
   104     default:
   105         return MMIO_READ( MMU, reg );
   106     }
   107 }
   109 MMIO_REGION_WRITE_FN( MMU, reg, val )
   110 {
   111     uint32_t tmp;
   112     reg &= 0xFFF;
   113     switch(reg) {
   114     case SH4VER:
   115         return;
   116     case PTEH:
   117         val &= 0xFFFFFCFF;
   118         if( (val & 0xFF) != mmu_asid ) {
   119             mmu_asid = val&0xFF;
   120             sh4_icache.page_vma = -1; // invalidate icache as asid has changed
   121         }
   122         break;
   123     case PTEL:
   124         val &= 0x1FFFFDFF;
   125         break;
   126     case PTEA:
   127         val &= 0x0000000F;
   128         break;
   129     case TRA:
   130     	val &= 0x000003FC;
   131     	break;
   132     case EXPEVT:
   133     case INTEVT:
   134     	val &= 0x00000FFF;
   135     	break;
   136     case MMUCR:
   137         if( val & MMUCR_TI ) {
   138             mmu_invalidate_tlb();
   139         }
   140         mmu_urc = (val >> 10) & 0x3F;
   141         mmu_urb = (val >> 18) & 0x3F;
   142         mmu_lrui = (val >> 26) & 0x3F;
   143         val &= 0x00000301;
   144         tmp = MMIO_READ( MMU, MMUCR );
   145         if( (val ^ tmp) & (MMUCR_AT|MMUCR_SV) ) {
   146             // AT flag has changed state - flush the xlt cache as all bets
   147             // are off now. We also need to force an immediate exit from the
   148             // current block
   149             MMIO_WRITE( MMU, MMUCR, val );
   150             sh4_flush_icache();
   151         }
   152         break;
   153     case CCR:
   154         CCN_set_cache_control( val );
   155         val &= 0x81A7;
   156         break;
   157     case MMUUNK1:
   158     	/* Note that if the high bit is set, this appears to reset the machine.
   159     	 * Not emulating this behaviour yet until we know why...
   160     	 */
   161     	val &= 0x00010007;
   162     	break;
   163     case QACR0:
   164     case QACR1:
   165     	val &= 0x0000001C;
   166     	break;
   167     case PMCR1:
   168         PMM_write_control(0, val);
   169         val &= 0x0000C13F;
   170         break;
   171     case PMCR2:
   172         PMM_write_control(1, val);
   173         val &= 0x0000C13F;
   174         break;
   175     default:
   176         break;
   177     }
   178     MMIO_WRITE( MMU, reg, val );
   179 }
   182 void MMU_init()
   183 {
   184 }
   186 void MMU_reset()
   187 {
   188     mmio_region_MMU_write( CCR, 0 );
   189     mmio_region_MMU_write( MMUCR, 0 );
   190     mmu_utlb_sorted_reload();
   191 }
   193 void MMU_save_state( FILE *f )
   194 {
   195     fwrite( &mmu_itlb, sizeof(mmu_itlb), 1, f );
   196     fwrite( &mmu_utlb, sizeof(mmu_utlb), 1, f );
   197     fwrite( &mmu_urc, sizeof(mmu_urc), 1, f );
   198     fwrite( &mmu_urb, sizeof(mmu_urb), 1, f );
   199     fwrite( &mmu_lrui, sizeof(mmu_lrui), 1, f );
   200     fwrite( &mmu_asid, sizeof(mmu_asid), 1, f );
   201 }
   203 int MMU_load_state( FILE *f )
   204 {
   205     if( fread( &mmu_itlb, sizeof(mmu_itlb), 1, f ) != 1 ) {
   206         return 1;
   207     }
   208     if( fread( &mmu_utlb, sizeof(mmu_utlb), 1, f ) != 1 ) {
   209         return 1;
   210     }
   211     if( fread( &mmu_urc, sizeof(mmu_urc), 1, f ) != 1 ) {
   212         return 1;
   213     }
   214     if( fread( &mmu_urc, sizeof(mmu_urb), 1, f ) != 1 ) {
   215         return 1;
   216     }
   217     if( fread( &mmu_lrui, sizeof(mmu_lrui), 1, f ) != 1 ) {
   218         return 1;
   219     }
   220     if( fread( &mmu_asid, sizeof(mmu_asid), 1, f ) != 1 ) {
   221         return 1;
   222     }
   223     mmu_utlb_sorted_reload();
   224     return 0;
   225 }
   228 /******************* Sorted TLB data structure ****************/
   229 /*
   230  * mmu_utlb_sorted maintains a list of all active (valid) entries,
   231  * sorted by masked VPN and then ASID. Multi-hit entries are resolved 
   232  * ahead of time, and have -1 recorded as the corresponding PPN.
   233  * 
   234  * FIXME: Multi-hit detection doesn't pick up cases where two pages 
   235  * overlap due to different sizes (and don't share the same base
   236  * address). 
   237  */ 
   238 static void mmu_utlb_sorted_reset() 
   239 {
   240     mmu_utlb_entries = 0;
   241 }
   243 /**
   244  * Find an entry in the sorted table (VPN+ASID check). 
   245  */
   246 static inline int mmu_utlb_sorted_find( sh4addr_t vma )
   247 {
   248     int low = 0;
   249     int high = mmu_utlb_entries;
   250     uint32_t lookup = (vma & 0xFFFFFC00) + mmu_asid;
   252     mmu_urc++;
   253     if( mmu_urc == mmu_urb || mmu_urc == 0x40 ) {
   254         mmu_urc = 0;
   255     }
   257     while( low != high ) {
   258         int posn = (high+low)>>1;
   259         int masked = lookup & mmu_utlb_sorted[posn].mask;
   260         if( mmu_utlb_sorted[posn].key < masked ) {
   261             low = posn+1;
   262         } else if( mmu_utlb_sorted[posn].key > masked ) {
   263             high = posn;
   264         } else {
   265             return mmu_utlb_sorted[posn].entryNo;
   266         }
   267     }
   268     return -1;
   270 }
   272 static void mmu_utlb_insert_entry( int entry )
   273 {
   274     int low = 0;
   275     int high = mmu_utlb_entries;
   276     uint32_t key = (mmu_utlb[entry].vpn & mmu_utlb[entry].mask) + mmu_utlb[entry].asid;
   278     assert( mmu_utlb_entries < UTLB_ENTRY_COUNT );
   279     /* Find the insertion point */
   280     while( low != high ) {
   281         int posn = (high+low)>>1;
   282         if( mmu_utlb_sorted[posn].key < key ) {
   283             low = posn+1;
   284         } else if( mmu_utlb_sorted[posn].key > key ) {
   285             high = posn;
   286         } else {
   287             /* Exact match - multi-hit */
   288             mmu_utlb_sorted[posn].entryNo = -2;
   289             return;
   290         }
   291     } /* 0 2 4 6 */
   292     memmove( &mmu_utlb_sorted[low+1], &mmu_utlb_sorted[low], 
   293              (mmu_utlb_entries - low) * sizeof(struct utlb_sort_entry) );
   294     mmu_utlb_sorted[low].key = key;
   295     mmu_utlb_sorted[low].mask = mmu_utlb[entry].mask | 0x000000FF;
   296     mmu_utlb_sorted[low].entryNo = entry;
   297     mmu_utlb_entries++;
   298 }
   300 static void mmu_utlb_remove_entry( int entry )
   301 {
   302     int low = 0;
   303     int high = mmu_utlb_entries;
   304     uint32_t key = (mmu_utlb[entry].vpn & mmu_utlb[entry].mask) + mmu_utlb[entry].asid;
   305     while( low != high ) {
   306         int posn = (high+low)>>1;
   307         if( mmu_utlb_sorted[posn].key < key ) {
   308             low = posn+1;
   309         } else if( mmu_utlb_sorted[posn].key > key ) {
   310             high = posn;
   311         } else {
   312             if( mmu_utlb_sorted[posn].entryNo == -2 ) {
   313                 /* Multiple-entry recorded - rebuild the whole table minus entry */
   314                 int i;
   315                 mmu_utlb_entries = 0;
   316                 for( i=0; i< UTLB_ENTRY_COUNT; i++ ) {
   317                     if( i != entry && (mmu_utlb[i].flags & TLB_VALID)  ) {
   318                         mmu_utlb_insert_entry(i);
   319                     }
   320                 }
   321             } else {
   322                 mmu_utlb_entries--;
   323                 memmove( &mmu_utlb_sorted[posn], &mmu_utlb_sorted[posn+1],
   324                          (mmu_utlb_entries - posn)*sizeof(struct utlb_sort_entry) );
   325             }
   326             return;
   327         }
   328     }
   329     assert( 0 && "UTLB key not found!" );
   330 }
   332 static void mmu_utlb_sorted_reload()
   333 {
   334     int i;
   335     mmu_utlb_entries = 0;
   336     for( i=0; i<UTLB_ENTRY_COUNT; i++ ) {
   337         if( mmu_utlb[i].flags & TLB_VALID ) 
   338             mmu_utlb_insert_entry( i );
   339     }
   340 }
   342 /* TLB maintanence */
   344 /**
   345  * LDTLB instruction implementation. Copies PTEH, PTEL and PTEA into the UTLB
   346  * entry identified by MMUCR.URC. Does not modify MMUCR or the ITLB.
   347  */
   348 void MMU_ldtlb()
   349 {
   350     if( mmu_utlb[mmu_urc].flags & TLB_VALID )
   351         mmu_utlb_remove_entry( mmu_urc );
   352     mmu_utlb[mmu_urc].vpn = MMIO_READ(MMU, PTEH) & 0xFFFFFC00;
   353     mmu_utlb[mmu_urc].asid = MMIO_READ(MMU, PTEH) & 0x000000FF;
   354     mmu_utlb[mmu_urc].ppn = MMIO_READ(MMU, PTEL) & 0x1FFFFC00;
   355     mmu_utlb[mmu_urc].flags = MMIO_READ(MMU, PTEL) & 0x00001FF;
   356     mmu_utlb[mmu_urc].pcmcia = MMIO_READ(MMU, PTEA);
   357     mmu_utlb[mmu_urc].mask = get_mask_for_flags(mmu_utlb[mmu_urc].flags);
   358     if( mmu_utlb[mmu_urc].ppn >= 0x1C000000 )
   359         mmu_utlb[mmu_urc].ppn |= 0xE0000000;
   360     if( mmu_utlb[mmu_urc].flags & TLB_VALID )
   361         mmu_utlb_insert_entry( mmu_urc );
   362 }
   364 static void mmu_invalidate_tlb()
   365 {
   366     int i;
   367     for( i=0; i<ITLB_ENTRY_COUNT; i++ ) {
   368         mmu_itlb[i].flags &= (~TLB_VALID);
   369     }
   370     for( i=0; i<UTLB_ENTRY_COUNT; i++ ) {
   371         mmu_utlb[i].flags &= (~TLB_VALID);
   372     }
   373     mmu_utlb_entries = 0;
   374 }
   376 #define ITLB_ENTRY(addr) ((addr>>7)&0x03)
   378 int32_t FASTCALL mmu_itlb_addr_read( sh4addr_t addr )
   379 {
   380     struct itlb_entry *ent = &mmu_itlb[ITLB_ENTRY(addr)];
   381     return ent->vpn | ent->asid | (ent->flags & TLB_VALID);
   382 }
   383 int32_t FASTCALL mmu_itlb_data_read( sh4addr_t addr )
   384 {
   385     struct itlb_entry *ent = &mmu_itlb[ITLB_ENTRY(addr)];
   386     return (ent->ppn & 0x1FFFFC00) | ent->flags;
   387 }
   389 void FASTCALL mmu_itlb_addr_write( sh4addr_t addr, uint32_t val )
   390 {
   391     struct itlb_entry *ent = &mmu_itlb[ITLB_ENTRY(addr)];
   392     ent->vpn = val & 0xFFFFFC00;
   393     ent->asid = val & 0x000000FF;
   394     ent->flags = (ent->flags & ~(TLB_VALID)) | (val&TLB_VALID);
   395 }
   397 void FASTCALL mmu_itlb_data_write( sh4addr_t addr, uint32_t val )
   398 {
   399     struct itlb_entry *ent = &mmu_itlb[ITLB_ENTRY(addr)];
   400     ent->ppn = val & 0x1FFFFC00;
   401     ent->flags = val & 0x00001DA;
   402     ent->mask = get_mask_for_flags(val);
   403     if( ent->ppn >= 0x1C000000 )
   404         ent->ppn |= 0xE0000000;
   405 }
   407 #define UTLB_ENTRY(addr) ((addr>>8)&0x3F)
   408 #define UTLB_ASSOC(addr) (addr&0x80)
   409 #define UTLB_DATA2(addr) (addr&0x00800000)
   411 int32_t FASTCALL mmu_utlb_addr_read( sh4addr_t addr )
   412 {
   413     struct utlb_entry *ent = &mmu_utlb[UTLB_ENTRY(addr)];
   414     return ent->vpn | ent->asid | (ent->flags & TLB_VALID) |
   415     ((ent->flags & TLB_DIRTY)<<7);
   416 }
   417 int32_t FASTCALL mmu_utlb_data_read( sh4addr_t addr )
   418 {
   419     struct utlb_entry *ent = &mmu_utlb[UTLB_ENTRY(addr)];
   420     if( UTLB_DATA2(addr) ) {
   421         return ent->pcmcia;
   422     } else {
   423         return (ent->ppn&0x1FFFFC00) | ent->flags;
   424     }
   425 }
   427 /**
   428  * Find a UTLB entry for the associative TLB write - same as the normal
   429  * lookup but ignores the valid bit.
   430  */
   431 static inline int mmu_utlb_lookup_assoc( uint32_t vpn, uint32_t asid )
   432 {
   433     int result = -1;
   434     unsigned int i;
   435     for( i = 0; i < UTLB_ENTRY_COUNT; i++ ) {
   436         if( (mmu_utlb[i].flags & TLB_VALID) &&
   437                 ((mmu_utlb[i].flags & TLB_SHARE) || asid == mmu_utlb[i].asid) &&
   438                 ((mmu_utlb[i].vpn ^ vpn) & mmu_utlb[i].mask) == 0 ) {
   439             if( result != -1 ) {
   440                 fprintf( stderr, "TLB Multi hit: %d %d\n", result, i );
   441                 return -2;
   442             }
   443             result = i;
   444         }
   445     }
   446     return result;
   447 }
   449 /**
   450  * Find a ITLB entry for the associative TLB write - same as the normal
   451  * lookup but ignores the valid bit.
   452  */
   453 static inline int mmu_itlb_lookup_assoc( uint32_t vpn, uint32_t asid )
   454 {
   455     int result = -1;
   456     unsigned int i;
   457     for( i = 0; i < ITLB_ENTRY_COUNT; i++ ) {
   458         if( (mmu_itlb[i].flags & TLB_VALID) &&
   459                 ((mmu_itlb[i].flags & TLB_SHARE) || asid == mmu_itlb[i].asid) &&
   460                 ((mmu_itlb[i].vpn ^ vpn) & mmu_itlb[i].mask) == 0 ) {
   461             if( result != -1 ) {
   462                 return -2;
   463             }
   464             result = i;
   465         }
   466     }
   467     return result;
   468 }
   470 void FASTCALL mmu_utlb_addr_write( sh4addr_t addr, uint32_t val )
   471 {
   472     if( UTLB_ASSOC(addr) ) {
   473         int utlb = mmu_utlb_lookup_assoc( val, mmu_asid );
   474         if( utlb >= 0 ) {
   475             struct utlb_entry *ent = &mmu_utlb[utlb];
   476             uint32_t old_flags = ent->flags;
   477             ent->flags = ent->flags & ~(TLB_DIRTY|TLB_VALID);
   478             ent->flags |= (val & TLB_VALID);
   479             ent->flags |= ((val & 0x200)>>7);
   480             if( (old_flags & TLB_VALID) && !(ent->flags&TLB_VALID) ) {
   481                 mmu_utlb_remove_entry( utlb );
   482             } else if( !(old_flags & TLB_VALID) && (ent->flags&TLB_VALID) ) {
   483                 mmu_utlb_insert_entry( utlb );
   484             }
   485         }
   487         int itlb = mmu_itlb_lookup_assoc( val, mmu_asid );
   488         if( itlb >= 0 ) {
   489             struct itlb_entry *ent = &mmu_itlb[itlb];
   490             ent->flags = (ent->flags & (~TLB_VALID)) | (val & TLB_VALID);
   491         }
   493         if( itlb == -2 || utlb == -2 ) {
   494             MMU_TLB_MULTI_HIT_ERROR(addr);
   495             return;
   496         }
   497     } else {
   498         struct utlb_entry *ent = &mmu_utlb[UTLB_ENTRY(addr)];
   499         if( ent->flags & TLB_VALID ) 
   500             mmu_utlb_remove_entry( UTLB_ENTRY(addr) );
   501         ent->vpn = (val & 0xFFFFFC00);
   502         ent->asid = (val & 0xFF);
   503         ent->flags = (ent->flags & ~(TLB_DIRTY|TLB_VALID));
   504         ent->flags |= (val & TLB_VALID);
   505         ent->flags |= ((val & 0x200)>>7);
   506         if( ent->flags & TLB_VALID ) 
   507             mmu_utlb_insert_entry( UTLB_ENTRY(addr) );
   508     }
   509 }
   511 void FASTCALL mmu_utlb_data_write( sh4addr_t addr, uint32_t val )
   512 {
   513     struct utlb_entry *ent = &mmu_utlb[UTLB_ENTRY(addr)];
   514     if( UTLB_DATA2(addr) ) {
   515         ent->pcmcia = val & 0x0000000F;
   516     } else {
   517         if( ent->flags & TLB_VALID ) 
   518             mmu_utlb_remove_entry( UTLB_ENTRY(addr) );
   519         ent->ppn = (val & 0x1FFFFC00);
   520         ent->flags = (val & 0x000001FF);
   521         ent->mask = get_mask_for_flags(val);
   522         if( mmu_utlb[mmu_urc].ppn >= 0x1C000000 )
   523             mmu_utlb[mmu_urc].ppn |= 0xE0000000;
   524         if( ent->flags & TLB_VALID ) 
   525             mmu_utlb_insert_entry( UTLB_ENTRY(addr) );
   526     }
   527 }
   529 /******************************************************************************/
   530 /*                        MMU TLB address translation                         */
   531 /******************************************************************************/
   533 /**
   534  * The translations are excessively complicated, but unfortunately it's a
   535  * complicated system. TODO: make this not be painfully slow.
   536  */
   538 /**
   539  * Perform the actual utlb lookup w/ asid matching.
   540  * Possible utcomes are:
   541  *   0..63 Single match - good, return entry found
   542  *   -1 No match - raise a tlb data miss exception
   543  *   -2 Multiple matches - raise a multi-hit exception (reset)
   544  * @param vpn virtual address to resolve
   545  * @return the resultant UTLB entry, or an error.
   546  */
   547 static inline int mmu_utlb_lookup_vpn_asid( uint32_t vpn )
   548 {
   549     int result = -1;
   550     unsigned int i;
   552     mmu_urc++;
   553     if( mmu_urc == mmu_urb || mmu_urc == 0x40 ) {
   554         mmu_urc = 0;
   555     }
   557     for( i = 0; i < UTLB_ENTRY_COUNT; i++ ) {
   558         if( (mmu_utlb[i].flags & TLB_VALID) &&
   559                 ((mmu_utlb[i].flags & TLB_SHARE) || mmu_asid == mmu_utlb[i].asid) &&
   560                 ((mmu_utlb[i].vpn ^ vpn) & mmu_utlb[i].mask) == 0 ) {
   561             if( result != -1 ) {
   562                 return -2;
   563             }
   564             result = i;
   565         }
   566     }
   567     return result;
   568 }
   570 /**
   571  * Perform the actual utlb lookup matching on vpn only
   572  * Possible utcomes are:
   573  *   0..63 Single match - good, return entry found
   574  *   -1 No match - raise a tlb data miss exception
   575  *   -2 Multiple matches - raise a multi-hit exception (reset)
   576  * @param vpn virtual address to resolve
   577  * @return the resultant UTLB entry, or an error.
   578  */
   579 static inline int mmu_utlb_lookup_vpn( uint32_t vpn )
   580 {
   581     int result = -1;
   582     unsigned int i;
   584     mmu_urc++;
   585     if( mmu_urc == mmu_urb || mmu_urc == 0x40 ) {
   586         mmu_urc = 0;
   587     }
   589     for( i = 0; i < UTLB_ENTRY_COUNT; i++ ) {
   590         if( (mmu_utlb[i].flags & TLB_VALID) &&
   591                 ((mmu_utlb[i].vpn ^ vpn) & mmu_utlb[i].mask) == 0 ) {
   592             if( result != -1 ) {
   593                 return -2;
   594             }
   595             result = i;
   596         }
   597     }
   599     return result;
   600 }
   602 /**
   603  * Update the ITLB by replacing the LRU entry with the specified UTLB entry.
   604  * @return the number (0-3) of the replaced entry.
   605  */
   606 static int inline mmu_itlb_update_from_utlb( int entryNo )
   607 {
   608     int replace;
   609     /* Determine entry to replace based on lrui */
   610     if( (mmu_lrui & 0x38) == 0x38 ) {
   611         replace = 0;
   612         mmu_lrui = mmu_lrui & 0x07;
   613     } else if( (mmu_lrui & 0x26) == 0x06 ) {
   614         replace = 1;
   615         mmu_lrui = (mmu_lrui & 0x19) | 0x20;
   616     } else if( (mmu_lrui & 0x15) == 0x01 ) {
   617         replace = 2;
   618         mmu_lrui = (mmu_lrui & 0x3E) | 0x14;
   619     } else { // Note - gets invalid entries too
   620         replace = 3;
   621         mmu_lrui = (mmu_lrui | 0x0B);
   622     }
   624     mmu_itlb[replace].vpn = mmu_utlb[entryNo].vpn;
   625     mmu_itlb[replace].mask = mmu_utlb[entryNo].mask;
   626     mmu_itlb[replace].ppn = mmu_utlb[entryNo].ppn;
   627     mmu_itlb[replace].asid = mmu_utlb[entryNo].asid;
   628     mmu_itlb[replace].flags = mmu_utlb[entryNo].flags & 0x01DA;
   629     return replace;
   630 }
   632 /**
   633  * Perform the actual itlb lookup w/ asid protection
   634  * Possible utcomes are:
   635  *   0..63 Single match - good, return entry found
   636  *   -1 No match - raise a tlb data miss exception
   637  *   -2 Multiple matches - raise a multi-hit exception (reset)
   638  * @param vpn virtual address to resolve
   639  * @return the resultant ITLB entry, or an error.
   640  */
   641 static inline int mmu_itlb_lookup_vpn_asid( uint32_t vpn )
   642 {
   643     int result = -1;
   644     unsigned int i;
   646     for( i = 0; i < ITLB_ENTRY_COUNT; i++ ) {
   647         if( (mmu_itlb[i].flags & TLB_VALID) &&
   648                 ((mmu_itlb[i].flags & TLB_SHARE) || mmu_asid == mmu_itlb[i].asid) &&
   649                 ((mmu_itlb[i].vpn ^ vpn) & mmu_itlb[i].mask) == 0 ) {
   650             if( result != -1 ) {
   651                 return -2;
   652             }
   653             result = i;
   654         }
   655     }
   657     if( result == -1 ) {
   658         int utlbEntry = mmu_utlb_sorted_find( vpn );
   659         if( utlbEntry < 0 ) {
   660             return utlbEntry;
   661         } else {
   662             return mmu_itlb_update_from_utlb( utlbEntry );
   663         }
   664     }
   666     switch( result ) {
   667     case 0: mmu_lrui = (mmu_lrui & 0x07); break;
   668     case 1: mmu_lrui = (mmu_lrui & 0x19) | 0x20; break;
   669     case 2: mmu_lrui = (mmu_lrui & 0x3E) | 0x14; break;
   670     case 3: mmu_lrui = (mmu_lrui | 0x0B); break;
   671     }
   673     return result;
   674 }
   676 /**
   677  * Perform the actual itlb lookup on vpn only
   678  * Possible utcomes are:
   679  *   0..63 Single match - good, return entry found
   680  *   -1 No match - raise a tlb data miss exception
   681  *   -2 Multiple matches - raise a multi-hit exception (reset)
   682  * @param vpn virtual address to resolve
   683  * @return the resultant ITLB entry, or an error.
   684  */
   685 static inline int mmu_itlb_lookup_vpn( uint32_t vpn )
   686 {
   687     int result = -1;
   688     unsigned int i;
   690     for( i = 0; i < ITLB_ENTRY_COUNT; i++ ) {
   691         if( (mmu_itlb[i].flags & TLB_VALID) &&
   692                 ((mmu_itlb[i].vpn ^ vpn) & mmu_itlb[i].mask) == 0 ) {
   693             if( result != -1 ) {
   694                 return -2;
   695             }
   696             result = i;
   697         }
   698     }
   700     if( result == -1 ) {
   701         int utlbEntry = mmu_utlb_lookup_vpn( vpn );
   702         if( utlbEntry < 0 ) {
   703             return utlbEntry;
   704         } else {
   705             return mmu_itlb_update_from_utlb( utlbEntry );
   706         }
   707     }
   709     switch( result ) {
   710     case 0: mmu_lrui = (mmu_lrui & 0x07); break;
   711     case 1: mmu_lrui = (mmu_lrui & 0x19) | 0x20; break;
   712     case 2: mmu_lrui = (mmu_lrui & 0x3E) | 0x14; break;
   713     case 3: mmu_lrui = (mmu_lrui | 0x0B); break;
   714     }
   716     return result;
   717 }
   719 #ifdef HAVE_FRAME_ADDRESS
   720 sh4addr_t FASTCALL mmu_vma_to_phys_read( sh4vma_t addr, void *exc )
   721 #else
   722 sh4addr_t FASTCALL mmu_vma_to_phys_read( sh4vma_t addr )
   723 #endif
   724 {
   725     uint32_t mmucr = MMIO_READ(MMU,MMUCR);
   726     if( addr & 0x80000000 ) {
   727         if( IS_SH4_PRIVMODE() ) {
   728             if( addr >= 0xE0000000 ) {
   729                 return addr; /* P4 - passthrough */
   730             } else if( addr < 0xC0000000 ) {
   731                 /* P1, P2 regions are pass-through (no translation) */
   732                 return VMA_TO_EXT_ADDR(addr);
   733             }
   734         } else {
   735             if( addr >= 0xE0000000 && addr < 0xE4000000 &&
   736                     ((mmucr&MMUCR_SQMD) == 0) ) {
   737                 /* Conditional user-mode access to the store-queue (no translation) */
   738                 return addr;
   739             }
   740             MMU_READ_ADDR_ERROR();
   741             RETURN_VIA(exc);
   742         }
   743     }
   745     if( (mmucr & MMUCR_AT) == 0 ) {
   746         return VMA_TO_EXT_ADDR(addr);
   747     }
   749     /* If we get this far, translation is required */
   750     int entryNo;
   751     if( ((mmucr & MMUCR_SV) == 0) || !IS_SH4_PRIVMODE() ) {
   752         entryNo = mmu_utlb_sorted_find( addr );
   753     } else {
   754         entryNo = mmu_utlb_lookup_vpn( addr );
   755     }
   757     switch(entryNo) {
   758     case -1:
   759     MMU_TLB_READ_MISS_ERROR(addr);
   760     RETURN_VIA(exc);
   761     case -2:
   762     MMU_TLB_MULTI_HIT_ERROR(addr);
   763     RETURN_VIA(exc);
   764     default:
   765         if( (mmu_utlb[entryNo].flags & TLB_USERMODE) == 0 &&
   766                 !IS_SH4_PRIVMODE() ) {
   767             /* protection violation */
   768             MMU_TLB_READ_PROT_ERROR(addr);
   769             RETURN_VIA(exc);
   770         }
   772         /* finally generate the target address */
   773         return (mmu_utlb[entryNo].ppn & mmu_utlb[entryNo].mask) |
   774         	(addr & (~mmu_utlb[entryNo].mask));
   775     }
   776 }
   778 #ifdef HAVE_FRAME_ADDRESS
   779 sh4addr_t FASTCALL mmu_vma_to_phys_write( sh4vma_t addr, void *exc )
   780 #else
   781 sh4addr_t FASTCALL mmu_vma_to_phys_write( sh4vma_t addr )
   782 #endif
   783 {
   784     uint32_t mmucr = MMIO_READ(MMU,MMUCR);
   785     if( addr & 0x80000000 ) {
   786         if( IS_SH4_PRIVMODE() ) {
   787             if( addr >= 0xE0000000 ) {
   788                 return addr; /* P4 - passthrough */
   789             } else if( addr < 0xC0000000 ) {
   790                 /* P1, P2 regions are pass-through (no translation) */
   791                 return VMA_TO_EXT_ADDR(addr);
   792             }
   793         } else {
   794             if( addr >= 0xE0000000 && addr < 0xE4000000 &&
   795                     ((mmucr&MMUCR_SQMD) == 0) ) {
   796                 /* Conditional user-mode access to the store-queue (no translation) */
   797                 return addr;
   798             }
   799             MMU_WRITE_ADDR_ERROR();
   800             RETURN_VIA(exc);
   801         }
   802     }
   804     if( (mmucr & MMUCR_AT) == 0 ) {
   805         return VMA_TO_EXT_ADDR(addr);
   806     }
   808     /* If we get this far, translation is required */
   809     int entryNo;
   810     if( ((mmucr & MMUCR_SV) == 0) || !IS_SH4_PRIVMODE() ) {
   811         entryNo = mmu_utlb_sorted_find( addr );
   812     } else {
   813         entryNo = mmu_utlb_lookup_vpn( addr );
   814     }
   816     switch(entryNo) {
   817     case -1:
   818     MMU_TLB_WRITE_MISS_ERROR(addr);
   819     RETURN_VIA(exc);
   820     case -2:
   821     MMU_TLB_MULTI_HIT_ERROR(addr);
   822     RETURN_VIA(exc);
   823     default:
   824         if( IS_SH4_PRIVMODE() ? ((mmu_utlb[entryNo].flags & TLB_WRITABLE) == 0)
   825                 : ((mmu_utlb[entryNo].flags & TLB_USERWRITABLE) != TLB_USERWRITABLE) ) {
   826             /* protection violation */
   827             MMU_TLB_WRITE_PROT_ERROR(addr);
   828             RETURN_VIA(exc);
   829         }
   831         if( (mmu_utlb[entryNo].flags & TLB_DIRTY) == 0 ) {
   832             MMU_TLB_INITIAL_WRITE_ERROR(addr);
   833             RETURN_VIA(exc);
   834         }
   836         /* finally generate the target address */
   837         sh4addr_t pma = (mmu_utlb[entryNo].ppn & mmu_utlb[entryNo].mask) |
   838         	(addr & (~mmu_utlb[entryNo].mask));
   839         return pma;
   840     }
   841 }
   843 /**
   844  * Update the icache for an untranslated address
   845  */
   846 static inline void mmu_update_icache_phys( sh4addr_t addr )
   847 {
   848     if( (addr & 0x1C000000) == 0x0C000000 ) {
   849         /* Main ram */
   850         sh4_icache.page_vma = addr & 0xFF000000;
   851         sh4_icache.page_ppa = 0x0C000000;
   852         sh4_icache.mask = 0xFF000000;
   853         sh4_icache.page = sh4_main_ram;
   854     } else if( (addr & 0x1FE00000) == 0 ) {
   855         /* BIOS ROM */
   856         sh4_icache.page_vma = addr & 0xFFE00000;
   857         sh4_icache.page_ppa = 0;
   858         sh4_icache.mask = 0xFFE00000;
   859         sh4_icache.page = mem_get_region(0);
   860     } else {
   861         /* not supported */
   862         sh4_icache.page_vma = -1;
   863     }
   864 }
   866 /**
   867  * Update the sh4_icache structure to describe the page(s) containing the
   868  * given vma. If the address does not reference a RAM/ROM region, the icache
   869  * will be invalidated instead.
   870  * If AT is on, this method will raise TLB exceptions normally
   871  * (hence this method should only be used immediately prior to execution of
   872  * code), and otherwise will set the icache according to the matching TLB entry.
   873  * If AT is off, this method will set the entire referenced RAM/ROM region in
   874  * the icache.
   875  * @return TRUE if the update completed (successfully or otherwise), FALSE
   876  * if an exception was raised.
   877  */
   878 gboolean FASTCALL mmu_update_icache( sh4vma_t addr )
   879 {
   880     int entryNo;
   881     if( IS_SH4_PRIVMODE()  ) {
   882         if( addr & 0x80000000 ) {
   883             if( addr < 0xC0000000 ) {
   884                 /* P1, P2 and P4 regions are pass-through (no translation) */
   885                 mmu_update_icache_phys(addr);
   886                 return TRUE;
   887             } else if( addr >= 0xE0000000 && addr < 0xFFFFFF00 ) {
   888                 MMU_READ_ADDR_ERROR();
   889                 return FALSE;
   890             }
   891         }
   893         uint32_t mmucr = MMIO_READ(MMU,MMUCR);
   894         if( (mmucr & MMUCR_AT) == 0 ) {
   895             mmu_update_icache_phys(addr);
   896             return TRUE;
   897         }
   899         if( (mmucr & MMUCR_SV) == 0 )
   900         	entryNo = mmu_itlb_lookup_vpn_asid( addr );
   901         else
   902         	entryNo = mmu_itlb_lookup_vpn( addr );
   903     } else {
   904         if( addr & 0x80000000 ) {
   905             MMU_READ_ADDR_ERROR();
   906             return FALSE;
   907         }
   909         uint32_t mmucr = MMIO_READ(MMU,MMUCR);
   910         if( (mmucr & MMUCR_AT) == 0 ) {
   911             mmu_update_icache_phys(addr);
   912             return TRUE;
   913         }
   915         entryNo = mmu_itlb_lookup_vpn_asid( addr );
   917         if( entryNo != -1 && (mmu_itlb[entryNo].flags & TLB_USERMODE) == 0 ) {
   918             MMU_TLB_READ_PROT_ERROR(addr);
   919             return FALSE;
   920         }
   921     }
   923     switch(entryNo) {
   924     case -1:
   925     MMU_TLB_READ_MISS_ERROR(addr);
   926     return FALSE;
   927     case -2:
   928     MMU_TLB_MULTI_HIT_ERROR(addr);
   929     return FALSE;
   930     default:
   931         sh4_icache.page_ppa = mmu_itlb[entryNo].ppn & mmu_itlb[entryNo].mask;
   932         sh4_icache.page = mem_get_region( sh4_icache.page_ppa );
   933         if( sh4_icache.page == NULL ) {
   934             sh4_icache.page_vma = -1;
   935         } else {
   936             sh4_icache.page_vma = mmu_itlb[entryNo].vpn & mmu_itlb[entryNo].mask;
   937             sh4_icache.mask = mmu_itlb[entryNo].mask;
   938         }
   939         return TRUE;
   940     }
   941 }
   943 /**
   944  * Translate address for disassembly purposes (ie performs an instruction
   945  * lookup) - does not raise exceptions or modify any state, and ignores
   946  * protection bits. Returns the translated address, or MMU_VMA_ERROR
   947  * on translation failure.
   948  */
   949 sh4addr_t FASTCALL mmu_vma_to_phys_disasm( sh4vma_t vma )
   950 {
   951     if( vma & 0x80000000 ) {
   952         if( vma < 0xC0000000 ) {
   953             /* P1, P2 and P4 regions are pass-through (no translation) */
   954             return VMA_TO_EXT_ADDR(vma);
   955         } else if( vma >= 0xE0000000 && vma < 0xFFFFFF00 ) {
   956             /* Not translatable */
   957             return MMU_VMA_ERROR;
   958         }
   959     }
   961     uint32_t mmucr = MMIO_READ(MMU,MMUCR);
   962     if( (mmucr & MMUCR_AT) == 0 ) {
   963         return VMA_TO_EXT_ADDR(vma);
   964     }
   966     int entryNo = mmu_itlb_lookup_vpn( vma );
   967     if( entryNo == -2 ) {
   968         entryNo = mmu_itlb_lookup_vpn_asid( vma );
   969     }
   970     if( entryNo < 0 ) {
   971         return MMU_VMA_ERROR;
   972     } else {
   973         return (mmu_itlb[entryNo].ppn & mmu_itlb[entryNo].mask) |
   974         (vma & (~mmu_itlb[entryNo].mask));
   975     }
   976 }
   978 void FASTCALL sh4_flush_store_queue( sh4addr_t addr )
   979 {
   980     int queue = (addr&0x20)>>2;
   981     uint32_t hi = MMIO_READ( MMU, QACR0 + (queue>>1)) << 24;
   982     sh4ptr_t src = (sh4ptr_t)&sh4r.store_queue[queue];
   983     sh4addr_t target = (addr&0x03FFFFE0) | hi;
   984     ext_address_space[target>>12]->write_burst( target, src );
   985 } 
   987 gboolean FASTCALL sh4_flush_store_queue_mmu( sh4addr_t addr )
   988 {
   989     uint32_t mmucr = MMIO_READ(MMU,MMUCR);
   990     int queue = (addr&0x20)>>2;
   991     sh4ptr_t src = (sh4ptr_t)&sh4r.store_queue[queue];
   992     sh4addr_t target;
   993     /* Store queue operation */
   995     int entryNo;
   996     if( ((mmucr & MMUCR_SV) == 0) || !IS_SH4_PRIVMODE() ) {
   997     	entryNo = mmu_utlb_lookup_vpn_asid( addr );
   998     } else {
   999     	entryNo = mmu_utlb_lookup_vpn( addr );
  1001     switch(entryNo) {
  1002     case -1:
  1003     MMU_TLB_WRITE_MISS_ERROR(addr);
  1004     return FALSE;
  1005     case -2:
  1006     MMU_TLB_MULTI_HIT_ERROR(addr);
  1007     return FALSE;
  1008     default:
  1009     	if( IS_SH4_PRIVMODE() ? ((mmu_utlb[entryNo].flags & TLB_WRITABLE) == 0)
  1010     			: ((mmu_utlb[entryNo].flags & TLB_USERWRITABLE) != TLB_USERWRITABLE) ) {
  1011     		/* protection violation */
  1012     		MMU_TLB_WRITE_PROT_ERROR(addr);
  1013     		return FALSE;
  1016     	if( (mmu_utlb[entryNo].flags & TLB_DIRTY) == 0 ) {
  1017     		MMU_TLB_INITIAL_WRITE_ERROR(addr);
  1018     		return FALSE;
  1021     	/* finally generate the target address */
  1022     	target = ((mmu_utlb[entryNo].ppn & mmu_utlb[entryNo].mask) |
  1023     			(addr & (~mmu_utlb[entryNo].mask))) & 0xFFFFFFE0;
  1026     ext_address_space[target>>12]->write_burst( target, src );
  1027     return TRUE;
.