1 // SPDX-License-Identifier: GPL-2.0
3 * linux/arch/parisc/traps.c
5 * Copyright (C) 1991, 1992 Linus Torvalds
6 * Copyright (C) 1999, 2000 Philipp Rumpf <prumpf@tux.org>
10 * 'Traps.c' handles hardware traps and faults after we have saved some
14 #include <linux/sched.h>
15 #include <linux/sched/debug.h>
16 #include <linux/kernel.h>
17 #include <linux/string.h>
18 #include <linux/errno.h>
19 #include <linux/ptrace.h>
20 #include <linux/timer.h>
21 #include <linux/delay.h>
23 #include <linux/module.h>
24 #include <linux/smp.h>
25 #include <linux/spinlock.h>
26 #include <linux/init.h>
27 #include <linux/interrupt.h>
28 #include <linux/console.h>
29 #include <linux/bug.h>
30 #include <linux/ratelimit.h>
31 #include <linux/uaccess.h>
33 #include <asm/assembly.h>
36 #include <asm/traps.h>
37 #include <asm/unaligned.h>
38 #include <linux/atomic.h>
41 #include <asm/pdc_chassis.h>
42 #include <asm/unwind.h>
43 #include <asm/tlbflush.h>
44 #include <asm/cacheflush.h>
45 #include <linux/kgdb.h>
46 #include <linux/kprobes.h>
48 #include "../math-emu/math-emu.h" /* for handle_fpe() */
50 static void parisc_show_stack(struct task_struct *task,
51 struct pt_regs *regs);
53 static int printbinary(char *buf, unsigned long x, int nbits)
55 unsigned long mask = 1UL << (nbits - 1);
57 *buf++ = (mask & x ? '1' : '0');
70 #define FFMT "%016llx" /* fpregs are 64-bit always */
72 #define PRINTREGS(lvl,r,f,fmt,x) \
73 printk("%s%s%02d-%02d " fmt " " fmt " " fmt " " fmt "\n", \
74 lvl, f, (x), (x+3), (r)[(x)+0], (r)[(x)+1], \
75 (r)[(x)+2], (r)[(x)+3])
77 static void print_gr(char *level, struct pt_regs *regs)
82 printk("%s\n", level);
83 printk("%s YZrvWESTHLNXBCVMcbcbcbcbOGFRQPDI\n", level);
84 printbinary(buf, regs->gr[0], 32);
85 printk("%sPSW: %s %s\n", level, buf, print_tainted());
87 for (i = 0; i < 32; i += 4)
88 PRINTREGS(level, regs->gr, "r", RFMT, i);
91 static void print_fr(char *level, struct pt_regs *regs)
95 struct { u32 sw[2]; } s;
97 /* FR are 64bit everywhere. Need to use asm to get the content
98 * of fpsr/fper1, and we assume that we won't have a FP Identify
99 * in our way, otherwise we're screwed.
100 * The fldd is used to restore the T-bit if there was one, as the
101 * store clears it anyway.
102 * PA2.0 book says "thou shall not use fstw on FPSR/FPERs" - T-Bone */
103 asm volatile ("fstd %%fr0,0(%1) \n\t"
104 "fldd 0(%1),%%fr0 \n\t"
105 : "=m" (s) : "r" (&s) : "r0");
107 printk("%s\n", level);
108 printk("%s VZOUICununcqcqcqcqcqcrmunTDVZOUI\n", level);
109 printbinary(buf, s.sw[0], 32);
110 printk("%sFPSR: %s\n", level, buf);
111 printk("%sFPER1: %08x\n", level, s.sw[1]);
113 /* here we'll print fr0 again, tho it'll be meaningless */
114 for (i = 0; i < 32; i += 4)
115 PRINTREGS(level, regs->fr, "fr", FFMT, i);
118 void show_regs(struct pt_regs *regs)
122 unsigned long cr30, cr31;
124 user = user_mode(regs);
125 level = user ? KERN_DEBUG : KERN_CRIT;
127 show_regs_print_info(level);
129 print_gr(level, regs);
131 for (i = 0; i < 8; i += 4)
132 PRINTREGS(level, regs->sr, "sr", RFMT, i);
135 print_fr(level, regs);
139 printk("%s\n", level);
140 printk("%sIASQ: " RFMT " " RFMT " IAOQ: " RFMT " " RFMT "\n",
141 level, regs->iasq[0], regs->iasq[1], regs->iaoq[0], regs->iaoq[1]);
142 printk("%s IIR: %08lx ISR: " RFMT " IOR: " RFMT "\n",
143 level, regs->iir, regs->isr, regs->ior);
144 printk("%s CPU: %8d CR30: " RFMT " CR31: " RFMT "\n",
145 level, current_thread_info()->cpu, cr30, cr31);
146 printk("%s ORIG_R28: " RFMT "\n", level, regs->orig_r28);
149 printk("%s IAOQ[0]: " RFMT "\n", level, regs->iaoq[0]);
150 printk("%s IAOQ[1]: " RFMT "\n", level, regs->iaoq[1]);
151 printk("%s RP(r2): " RFMT "\n", level, regs->gr[2]);
153 printk("%s IAOQ[0]: %pS\n", level, (void *) regs->iaoq[0]);
154 printk("%s IAOQ[1]: %pS\n", level, (void *) regs->iaoq[1]);
155 printk("%s RP(r2): %pS\n", level, (void *) regs->gr[2]);
157 parisc_show_stack(current, regs);
161 static DEFINE_RATELIMIT_STATE(_hppa_rs,
162 DEFAULT_RATELIMIT_INTERVAL, DEFAULT_RATELIMIT_BURST);
164 #define parisc_printk_ratelimited(critical, regs, fmt, ...) { \
165 if ((critical || show_unhandled_signals) && __ratelimit(&_hppa_rs)) { \
166 printk(fmt, ##__VA_ARGS__); \
172 static void do_show_stack(struct unwind_frame_info *info)
176 printk(KERN_CRIT "Backtrace:\n");
177 while (i <= MAX_UNWIND_ENTRIES) {
178 if (unwind_once(info) < 0 || info->ip == 0)
181 if (__kernel_text_address(info->ip)) {
182 printk(KERN_CRIT " [<" RFMT ">] %pS\n",
183 info->ip, (void *) info->ip);
187 printk(KERN_CRIT "\n");
190 static void parisc_show_stack(struct task_struct *task,
191 struct pt_regs *regs)
193 struct unwind_frame_info info;
195 unwind_frame_init_task(&info, task, regs);
197 do_show_stack(&info);
200 void show_stack(struct task_struct *t, unsigned long *sp)
202 parisc_show_stack(t, NULL);
205 int is_valid_bugaddr(unsigned long iaoq)
210 void die_if_kernel(char *str, struct pt_regs *regs, long err)
212 if (user_mode(regs)) {
216 parisc_printk_ratelimited(1, regs,
217 KERN_CRIT "%s (pid %d): %s (code %ld) at " RFMT "\n",
218 current->comm, task_pid_nr(current), str, err, regs->iaoq[0]);
227 /* Amuse the user in a SPARC fashion */
228 if (err) printk(KERN_CRIT
229 " _______________________________ \n"
230 " < Your System ate a SPARC! Gah! >\n"
231 " ------------------------------- \n"
237 /* unlock the pdc lock if necessary */
238 pdc_emergency_unlock();
240 /* maybe the kernel hasn't booted very far yet and hasn't been able
241 * to initialize the serial or STI console. In that case we should
242 * re-enable the pdc console, so that the user will be able to
243 * identify the problem. */
244 if (!console_drivers)
245 pdc_console_restart();
248 printk(KERN_CRIT "%s (pid %d): %s (code %ld)\n",
249 current->comm, task_pid_nr(current), str, err);
251 /* Wot's wrong wif bein' racy? */
252 if (current->thread.flags & PARISC_KERNEL_DEATH) {
253 printk(KERN_CRIT "%s() recursion detected.\n", __func__);
257 current->thread.flags |= PARISC_KERNEL_DEATH;
261 add_taint(TAINT_DIE, LOCKDEP_NOW_UNRELIABLE);
264 panic("Fatal exception in interrupt");
267 panic("Fatal exception");
273 /* gdb uses break 4,8 */
274 #define GDB_BREAK_INSN 0x10004
275 static void handle_gdb_break(struct pt_regs *regs, int wot)
277 force_sig_fault(SIGTRAP, wot,
278 (void __user *) (regs->iaoq[0] & ~3), current);
281 static void handle_break(struct pt_regs *regs)
283 unsigned iir = regs->iir;
285 if (unlikely(iir == PARISC_BUG_BREAK_INSN && !user_mode(regs))) {
286 /* check if a BUG() or WARN() trapped here. */
287 enum bug_trap_type tt;
288 tt = report_bug(regs->iaoq[0] & ~3, regs);
289 if (tt == BUG_TRAP_TYPE_WARN) {
292 return; /* return to next instruction when WARN_ON(). */
294 die_if_kernel("Unknown kernel breakpoint", regs,
295 (tt == BUG_TRAP_TYPE_NONE) ? 9 : 0);
298 #ifdef CONFIG_KPROBES
299 if (unlikely(iir == PARISC_KPROBES_BREAK_INSN)) {
300 parisc_kprobe_break_handler(regs);
307 if (unlikely(iir == PARISC_KGDB_COMPILED_BREAK_INSN ||
308 iir == PARISC_KGDB_BREAK_INSN)) {
309 kgdb_handle_exception(9, SIGTRAP, 0, regs);
314 if (unlikely(iir != GDB_BREAK_INSN))
315 parisc_printk_ratelimited(0, regs,
316 KERN_DEBUG "break %d,%d: pid=%d command='%s'\n",
317 iir & 31, (iir>>13) & ((1<<13)-1),
318 task_pid_nr(current), current->comm);
320 /* send standard GDB signal */
321 handle_gdb_break(regs, TRAP_BRKPT);
324 static void default_trap(int code, struct pt_regs *regs)
326 printk(KERN_ERR "Trap %d on CPU %d\n", code, smp_processor_id());
330 void (*cpu_lpmc) (int code, struct pt_regs *regs) __read_mostly = default_trap;
333 void transfer_pim_to_trap_frame(struct pt_regs *regs)
336 extern unsigned int hpmc_pim_data[];
337 struct pdc_hpmc_pim_11 *pim_narrow;
338 struct pdc_hpmc_pim_20 *pim_wide;
340 if (boot_cpu_data.cpu_type >= pcxu) {
342 pim_wide = (struct pdc_hpmc_pim_20 *)hpmc_pim_data;
345 * Note: The following code will probably generate a
346 * bunch of truncation error warnings from the compiler.
347 * Could be handled with an ifdef, but perhaps there
351 regs->gr[0] = pim_wide->cr[22];
353 for (i = 1; i < 32; i++)
354 regs->gr[i] = pim_wide->gr[i];
356 for (i = 0; i < 32; i++)
357 regs->fr[i] = pim_wide->fr[i];
359 for (i = 0; i < 8; i++)
360 regs->sr[i] = pim_wide->sr[i];
362 regs->iasq[0] = pim_wide->cr[17];
363 regs->iasq[1] = pim_wide->iasq_back;
364 regs->iaoq[0] = pim_wide->cr[18];
365 regs->iaoq[1] = pim_wide->iaoq_back;
367 regs->sar = pim_wide->cr[11];
368 regs->iir = pim_wide->cr[19];
369 regs->isr = pim_wide->cr[20];
370 regs->ior = pim_wide->cr[21];
373 pim_narrow = (struct pdc_hpmc_pim_11 *)hpmc_pim_data;
375 regs->gr[0] = pim_narrow->cr[22];
377 for (i = 1; i < 32; i++)
378 regs->gr[i] = pim_narrow->gr[i];
380 for (i = 0; i < 32; i++)
381 regs->fr[i] = pim_narrow->fr[i];
383 for (i = 0; i < 8; i++)
384 regs->sr[i] = pim_narrow->sr[i];
386 regs->iasq[0] = pim_narrow->cr[17];
387 regs->iasq[1] = pim_narrow->iasq_back;
388 regs->iaoq[0] = pim_narrow->cr[18];
389 regs->iaoq[1] = pim_narrow->iaoq_back;
391 regs->sar = pim_narrow->cr[11];
392 regs->iir = pim_narrow->cr[19];
393 regs->isr = pim_narrow->cr[20];
394 regs->ior = pim_narrow->cr[21];
398 * The following fields only have meaning if we came through
399 * another path. So just zero them here.
409 * This routine is called as a last resort when everything else
410 * has gone clearly wrong. We get called for faults in kernel space,
413 void parisc_terminate(char *msg, struct pt_regs *regs, int code, unsigned long offset)
415 static DEFINE_SPINLOCK(terminate_lock);
421 spin_lock(&terminate_lock);
423 /* unlock the pdc lock if necessary */
424 pdc_emergency_unlock();
426 /* restart pdc console if necessary */
427 if (!console_drivers)
428 pdc_console_restart();
430 /* Not all paths will gutter the processor... */
434 transfer_pim_to_trap_frame(regs);
444 /* show_stack(NULL, (unsigned long *)regs->gr[30]); */
445 struct unwind_frame_info info;
446 unwind_frame_init(&info, current, regs);
447 do_show_stack(&info);
451 pr_crit("%s: Code=%d (%s) at addr " RFMT "\n",
452 msg, code, trap_name(code), offset);
455 spin_unlock(&terminate_lock);
457 /* put soft power button back under hardware control;
458 * if the user had pressed it once at any time, the
459 * system will shut down immediately right here. */
460 pdc_soft_power_button(0);
462 /* Call kernel panic() so reboot timeouts work properly
463 * FIXME: This function should be on the list of
464 * panic notifiers, and we should call panic
465 * directly from the location that we wish.
466 * e.g. We should not call panic from
467 * parisc_terminate, but rather the oter way around.
468 * This hack works, prints the panic message twice,
469 * and it enables reboot timers!
474 void notrace handle_interruption(int code, struct pt_regs *regs)
476 unsigned long fault_address = 0;
477 unsigned long fault_space = 0;
481 pdc_console_restart(); /* switch back to pdc if HPMC */
486 * If the priority level is still user, and the
487 * faulting space is not equal to the active space
488 * then the user is attempting something in a space
489 * that does not belong to them. Kill the process.
491 * This is normally the situation when the user
492 * attempts to jump into the kernel space at the
493 * wrong offset, be it at the gateway page or a
496 * We cannot normally signal the process because it
497 * could *be* on the gateway page, and processes
498 * executing on the gateway page can't have signals
501 * We merely readjust the address into the users
502 * space, at a destination address of zero, and
503 * allow processing to continue.
505 if (((unsigned long)regs->iaoq[0] & 3) &&
506 ((unsigned long)regs->iasq[0] != (unsigned long)regs->sr[7])) {
507 /* Kill the user process later */
508 regs->iaoq[0] = 0 | 3;
509 regs->iaoq[1] = regs->iaoq[0] + 4;
510 regs->iasq[0] = regs->iasq[1] = regs->sr[7];
511 regs->gr[0] &= ~PSW_B;
516 printk(KERN_CRIT "Interruption # %d\n", code);
522 /* High-priority machine check (HPMC) */
524 /* set up a new led state on systems shipped with a LED State panel */
525 pdc_chassis_send_status(PDC_CHASSIS_DIRECT_HPMC);
527 parisc_terminate("High Priority Machine Check (HPMC)",
532 /* Power failure interrupt */
533 printk(KERN_CRIT "Power failure interrupt !\n");
537 /* Recovery counter trap */
538 regs->gr[0] &= ~PSW_R;
540 #ifdef CONFIG_KPROBES
541 if (parisc_kprobe_ss_handler(regs))
546 if (kgdb_single_step) {
547 kgdb_handle_exception(0, SIGTRAP, 0, regs);
552 if (user_space(regs))
553 handle_gdb_break(regs, TRAP_TRACE);
554 /* else this must be the start of a syscall - just let it run */
558 /* Low-priority machine check */
559 pdc_chassis_send_status(PDC_CHASSIS_DIRECT_LPMC);
566 case PARISC_ITLB_TRAP:
567 /* Instruction TLB miss fault/Instruction page fault */
568 fault_address = regs->iaoq[0];
569 fault_space = regs->iasq[0];
573 /* Illegal instruction trap */
574 die_if_kernel("Illegal instruction", regs, code);
575 si_code = ILL_ILLOPC;
579 /* Break instruction trap */
584 /* Privileged operation trap */
585 die_if_kernel("Privileged operation", regs, code);
586 si_code = ILL_PRVOPC;
590 /* Privileged register trap */
591 if ((regs->iir & 0xffdfffe0) == 0x034008a0) {
593 /* This is a MFCTL cr26/cr27 to gr instruction.
594 * PCXS traps on this, so we need to emulate it.
597 if (regs->iir & 0x00200000)
598 regs->gr[regs->iir & 0x1f] = mfctl(27);
600 regs->gr[regs->iir & 0x1f] = mfctl(26);
602 regs->iaoq[0] = regs->iaoq[1];
604 regs->iasq[0] = regs->iasq[1];
608 die_if_kernel("Privileged register usage", regs, code);
609 si_code = ILL_PRVREG;
611 force_sig_fault(SIGILL, si_code,
612 (void __user *) regs->iaoq[0], current);
616 /* Overflow Trap, let the userland signal handler do the cleanup */
617 force_sig_fault(SIGFPE, FPE_INTOVF,
618 (void __user *) regs->iaoq[0], current);
623 The condition succeeds in an instruction which traps
626 /* Let userspace app figure it out from the insn pointed
629 force_sig_fault(SIGFPE, FPE_CONDTRAP,
630 (void __user *) regs->iaoq[0], current);
633 /* The kernel doesn't want to handle condition codes */
637 /* Assist Exception Trap, i.e. floating point exception. */
638 die_if_kernel("Floating point exception", regs, 0); /* quiet */
639 __inc_irq_stat(irq_fpassist_count);
644 /* Data TLB miss fault/Data page fault */
647 /* Non-access instruction TLB miss fault */
648 /* The instruction TLB entry needed for the target address of the FIC
649 is absent, and hardware can't find it, so we get to cleanup */
652 /* Non-access data TLB miss fault/Non-access data page fault */
654 Still need to add slow path emulation code here!
655 If the insn used a non-shadow register, then the tlb
656 handlers could not have their side-effect (e.g. probe
657 writing to a target register) emulated since rfir would
658 erase the changes to said register. Instead we have to
659 setup everything, call this function we are in, and emulate
660 by hand. Technically we need to emulate:
661 fdc,fdce,pdc,"fic,4f",prober,probeir,probew, probeiw
663 fault_address = regs->ior;
664 fault_space = regs->isr;
668 /* PCXS only -- later cpu's split this into types 26,27 & 28 */
669 /* Check for unaligned access */
670 if (check_unaligned(regs)) {
671 handle_unaligned(regs);
676 /* PCXL: Data memory access rights trap */
677 fault_address = regs->ior;
678 fault_space = regs->isr;
682 /* Data memory break trap */
683 regs->gr[0] |= PSW_X; /* So we can single-step over the trap */
686 /* Page reference trap */
687 handle_gdb_break(regs, TRAP_HWBKPT);
691 /* Taken branch trap */
692 regs->gr[0] &= ~PSW_T;
693 if (user_space(regs))
694 handle_gdb_break(regs, TRAP_BRANCH);
695 /* else this must be the start of a syscall - just let it
701 /* Instruction access rights */
702 /* PCXL: Instruction memory protection trap */
705 * This could be caused by either: 1) a process attempting
706 * to execute within a vma that does not have execute
707 * permission, or 2) an access rights violation caused by a
708 * flush only translation set up by ptep_get_and_clear().
709 * So we check the vma permissions to differentiate the two.
710 * If the vma indicates we have execute permission, then
711 * the cause is the latter one. In this case, we need to
712 * call do_page_fault() to fix the problem.
715 if (user_mode(regs)) {
716 struct vm_area_struct *vma;
718 down_read(¤t->mm->mmap_sem);
719 vma = find_vma(current->mm,regs->iaoq[0]);
720 if (vma && (regs->iaoq[0] >= vma->vm_start)
721 && (vma->vm_flags & VM_EXEC)) {
723 fault_address = regs->iaoq[0];
724 fault_space = regs->iasq[0];
726 up_read(¤t->mm->mmap_sem);
727 break; /* call do_page_fault() */
729 up_read(¤t->mm->mmap_sem);
733 /* Data memory protection ID trap */
734 if (code == 27 && !user_mode(regs) &&
735 fixup_exception(regs))
738 die_if_kernel("Protection id trap", regs, code);
739 force_sig_fault(SIGSEGV, SEGV_MAPERR,
741 ((void __user *) regs->iaoq[0]) :
742 ((void __user *) regs->ior), current);
746 /* Unaligned data reference trap */
747 handle_unaligned(regs);
751 if (user_mode(regs)) {
752 parisc_printk_ratelimited(0, regs, KERN_DEBUG
753 "handle_interruption() pid=%d command='%s'\n",
754 task_pid_nr(current), current->comm);
755 /* SIGBUS, for lack of a better one. */
756 force_sig_fault(SIGBUS, BUS_OBJERR,
757 (void __user *)regs->ior, current);
760 pdc_chassis_send_status(PDC_CHASSIS_DIRECT_PANIC);
762 parisc_terminate("Unexpected interruption", regs, code, 0);
766 if (user_mode(regs)) {
767 if ((fault_space >> SPACEID_SHIFT) != (regs->sr[7] >> SPACEID_SHIFT)) {
768 parisc_printk_ratelimited(0, regs, KERN_DEBUG
769 "User fault %d on space 0x%08lx, pid=%d command='%s'\n",
771 task_pid_nr(current), current->comm);
772 force_sig_fault(SIGSEGV, SEGV_MAPERR,
773 (void __user *)regs->ior, current);
780 * The kernel should never fault on its own address space,
781 * unless pagefault_disable() was called before.
784 if (fault_space == 0 && !faulthandler_disabled())
786 /* Clean up and return if in exception table. */
787 if (fixup_exception(regs))
789 pdc_chassis_send_status(PDC_CHASSIS_DIRECT_PANIC);
790 parisc_terminate("Kernel Fault", regs, code, fault_address);
794 do_page_fault(regs, code, fault_address);
798 void __init initialize_ivt(const void *iva)
800 extern u32 os_hpmc_size;
801 extern const u32 os_hpmc[];
809 if (strcmp((const char *)iva, "cows can fly"))
810 panic("IVT invalid");
814 for (i = 0; i < 8; i++)
818 * Use PDC_INSTR firmware function to get instruction that invokes
819 * PDCE_CHECK in HPMC handler. See programming note at page 1-31 of
820 * the PA 1.1 Firmware Architecture document.
822 if (pdc_instr(&instr) == PDC_OK)
826 * Rules for the checksum of the HPMC handler:
827 * 1. The IVA does not point to PDC/PDH space (ie: the OS has installed
829 * 2. The word at IVA + 32 is nonzero.
830 * 3. If Length (IVA + 60) is not zero, then Length (IVA + 60) and
831 * Address (IVA + 56) are word-aligned.
832 * 4. The checksum of the 8 words starting at IVA + 32 plus the sum of
833 * the Length/4 words starting at Address is zero.
836 /* Setup IVA and compute checksum for HPMC handler */
837 ivap[6] = (u32)__pa(os_hpmc);
838 length = os_hpmc_size;
841 hpmcp = (u32 *)os_hpmc;
843 for (i=0; i<length/4; i++)
853 /* early_trap_init() is called before we set up kernel mappings and
854 * write-protect the kernel */
855 void __init early_trap_init(void)
857 extern const void fault_vector_20;
860 extern const void fault_vector_11;
861 initialize_ivt(&fault_vector_11);
864 initialize_ivt(&fault_vector_20);
867 void __init trap_init(void)
git.samba.org / sfrench / cifs-2.6.git / blob