1 // SPDX-License-Identifier: GPL-2.0
3 * linux/arch/parisc/traps.c
5 * Copyright (C) 1991, 1992 Linus Torvalds
6 * Copyright (C) 1999, 2000 Philipp Rumpf <prumpf@tux.org>
10 * 'Traps.c' handles hardware traps and faults after we have saved some
14 #include <linux/sched.h>
15 #include <linux/sched/debug.h>
16 #include <linux/kernel.h>
17 #include <linux/string.h>
18 #include <linux/errno.h>
19 #include <linux/ptrace.h>
20 #include <linux/timer.h>
21 #include <linux/delay.h>
23 #include <linux/module.h>
24 #include <linux/smp.h>
25 #include <linux/spinlock.h>
26 #include <linux/init.h>
27 #include <linux/interrupt.h>
28 #include <linux/console.h>
29 #include <linux/bug.h>
30 #include <linux/ratelimit.h>
31 #include <linux/uaccess.h>
33 #include <asm/assembly.h>
36 #include <asm/traps.h>
37 #include <asm/unaligned.h>
38 #include <linux/atomic.h>
41 #include <asm/pdc_chassis.h>
42 #include <asm/unwind.h>
43 #include <asm/tlbflush.h>
44 #include <asm/cacheflush.h>
46 #include "../math-emu/math-emu.h" /* for handle_fpe() */
48 static void parisc_show_stack(struct task_struct *task, unsigned long *sp,
49 struct pt_regs *regs);
51 static int printbinary(char *buf, unsigned long x, int nbits)
53 unsigned long mask = 1UL << (nbits - 1);
55 *buf++ = (mask & x ? '1' : '0');
68 #define FFMT "%016llx" /* fpregs are 64-bit always */
70 #define PRINTREGS(lvl,r,f,fmt,x) \
71 printk("%s%s%02d-%02d " fmt " " fmt " " fmt " " fmt "\n", \
72 lvl, f, (x), (x+3), (r)[(x)+0], (r)[(x)+1], \
73 (r)[(x)+2], (r)[(x)+3])
75 static void print_gr(char *level, struct pt_regs *regs)
80 printk("%s\n", level);
81 printk("%s YZrvWESTHLNXBCVMcbcbcbcbOGFRQPDI\n", level);
82 printbinary(buf, regs->gr[0], 32);
83 printk("%sPSW: %s %s\n", level, buf, print_tainted());
85 for (i = 0; i < 32; i += 4)
86 PRINTREGS(level, regs->gr, "r", RFMT, i);
89 static void print_fr(char *level, struct pt_regs *regs)
93 struct { u32 sw[2]; } s;
95 /* FR are 64bit everywhere. Need to use asm to get the content
96 * of fpsr/fper1, and we assume that we won't have a FP Identify
97 * in our way, otherwise we're screwed.
98 * The fldd is used to restore the T-bit if there was one, as the
99 * store clears it anyway.
100 * PA2.0 book says "thou shall not use fstw on FPSR/FPERs" - T-Bone */
101 asm volatile ("fstd %%fr0,0(%1) \n\t"
102 "fldd 0(%1),%%fr0 \n\t"
103 : "=m" (s) : "r" (&s) : "r0");
105 printk("%s\n", level);
106 printk("%s VZOUICununcqcqcqcqcqcrmunTDVZOUI\n", level);
107 printbinary(buf, s.sw[0], 32);
108 printk("%sFPSR: %s\n", level, buf);
109 printk("%sFPER1: %08x\n", level, s.sw[1]);
111 /* here we'll print fr0 again, tho it'll be meaningless */
112 for (i = 0; i < 32; i += 4)
113 PRINTREGS(level, regs->fr, "fr", FFMT, i);
116 void show_regs(struct pt_regs *regs)
120 unsigned long cr30, cr31;
122 user = user_mode(regs);
123 level = user ? KERN_DEBUG : KERN_CRIT;
125 show_regs_print_info(level);
127 print_gr(level, regs);
129 for (i = 0; i < 8; i += 4)
130 PRINTREGS(level, regs->sr, "sr", RFMT, i);
133 print_fr(level, regs);
137 printk("%s\n", level);
138 printk("%sIASQ: " RFMT " " RFMT " IAOQ: " RFMT " " RFMT "\n",
139 level, regs->iasq[0], regs->iasq[1], regs->iaoq[0], regs->iaoq[1]);
140 printk("%s IIR: %08lx ISR: " RFMT " IOR: " RFMT "\n",
141 level, regs->iir, regs->isr, regs->ior);
142 printk("%s CPU: %8d CR30: " RFMT " CR31: " RFMT "\n",
143 level, current_thread_info()->cpu, cr30, cr31);
144 printk("%s ORIG_R28: " RFMT "\n", level, regs->orig_r28);
147 printk("%s IAOQ[0]: " RFMT "\n", level, regs->iaoq[0]);
148 printk("%s IAOQ[1]: " RFMT "\n", level, regs->iaoq[1]);
149 printk("%s RP(r2): " RFMT "\n", level, regs->gr[2]);
151 printk("%s IAOQ[0]: %pS\n", level, (void *) regs->iaoq[0]);
152 printk("%s IAOQ[1]: %pS\n", level, (void *) regs->iaoq[1]);
153 printk("%s RP(r2): %pS\n", level, (void *) regs->gr[2]);
155 parisc_show_stack(current, NULL, regs);
159 static DEFINE_RATELIMIT_STATE(_hppa_rs,
160 DEFAULT_RATELIMIT_INTERVAL, DEFAULT_RATELIMIT_BURST);
162 #define parisc_printk_ratelimited(critical, regs, fmt, ...) { \
163 if ((critical || show_unhandled_signals) && __ratelimit(&_hppa_rs)) { \
164 printk(fmt, ##__VA_ARGS__); \
170 static void do_show_stack(struct unwind_frame_info *info)
174 printk(KERN_CRIT "Backtrace:\n");
176 if (unwind_once(info) < 0 || info->ip == 0)
179 if (__kernel_text_address(info->ip)) {
180 printk(KERN_CRIT " [<" RFMT ">] %pS\n",
181 info->ip, (void *) info->ip);
185 printk(KERN_CRIT "\n");
188 static void parisc_show_stack(struct task_struct *task, unsigned long *sp,
189 struct pt_regs *regs)
191 struct unwind_frame_info info;
192 struct task_struct *t;
194 t = task ? task : current;
196 unwind_frame_init(&info, t, regs);
204 asm volatile ("copy %%r30, %0" : "=r"(sp));
208 memset(&r, 0, sizeof(struct pt_regs));
209 r.iaoq[0] = (unsigned long)&&HERE;
210 r.gr[2] = (unsigned long)__builtin_return_address(0);
213 unwind_frame_init(&info, current, &r);
216 unwind_frame_init_from_blocked_task(&info, t);
220 do_show_stack(&info);
223 void show_stack(struct task_struct *t, unsigned long *sp)
225 return parisc_show_stack(t, sp, NULL);
228 int is_valid_bugaddr(unsigned long iaoq)
233 void die_if_kernel(char *str, struct pt_regs *regs, long err)
235 if (user_mode(regs)) {
239 parisc_printk_ratelimited(1, regs,
240 KERN_CRIT "%s (pid %d): %s (code %ld) at " RFMT "\n",
241 current->comm, task_pid_nr(current), str, err, regs->iaoq[0]);
246 oops_in_progress = 1;
250 /* Amuse the user in a SPARC fashion */
251 if (err) printk(KERN_CRIT
252 " _______________________________ \n"
253 " < Your System ate a SPARC! Gah! >\n"
254 " ------------------------------- \n"
260 /* unlock the pdc lock if necessary */
261 pdc_emergency_unlock();
263 /* maybe the kernel hasn't booted very far yet and hasn't been able
264 * to initialize the serial or STI console. In that case we should
265 * re-enable the pdc console, so that the user will be able to
266 * identify the problem. */
267 if (!console_drivers)
268 pdc_console_restart();
271 printk(KERN_CRIT "%s (pid %d): %s (code %ld)\n",
272 current->comm, task_pid_nr(current), str, err);
274 /* Wot's wrong wif bein' racy? */
275 if (current->thread.flags & PARISC_KERNEL_DEATH) {
276 printk(KERN_CRIT "%s() recursion detected.\n", __func__);
280 current->thread.flags |= PARISC_KERNEL_DEATH;
284 add_taint(TAINT_DIE, LOCKDEP_NOW_UNRELIABLE);
287 panic("Fatal exception in interrupt");
290 panic("Fatal exception");
296 /* gdb uses break 4,8 */
297 #define GDB_BREAK_INSN 0x10004
298 static void handle_gdb_break(struct pt_regs *regs, int wot)
302 si.si_signo = SIGTRAP;
305 si.si_addr = (void __user *) (regs->iaoq[0] & ~3);
306 force_sig_info(SIGTRAP, &si, current);
309 static void handle_break(struct pt_regs *regs)
311 unsigned iir = regs->iir;
313 if (unlikely(iir == PARISC_BUG_BREAK_INSN && !user_mode(regs))) {
314 /* check if a BUG() or WARN() trapped here. */
315 enum bug_trap_type tt;
316 tt = report_bug(regs->iaoq[0] & ~3, regs);
317 if (tt == BUG_TRAP_TYPE_WARN) {
320 return; /* return to next instruction when WARN_ON(). */
322 die_if_kernel("Unknown kernel breakpoint", regs,
323 (tt == BUG_TRAP_TYPE_NONE) ? 9 : 0);
326 if (unlikely(iir != GDB_BREAK_INSN))
327 parisc_printk_ratelimited(0, regs,
328 KERN_DEBUG "break %d,%d: pid=%d command='%s'\n",
329 iir & 31, (iir>>13) & ((1<<13)-1),
330 task_pid_nr(current), current->comm);
332 /* send standard GDB signal */
333 handle_gdb_break(regs, TRAP_BRKPT);
336 static void default_trap(int code, struct pt_regs *regs)
338 printk(KERN_ERR "Trap %d on CPU %d\n", code, smp_processor_id());
342 void (*cpu_lpmc) (int code, struct pt_regs *regs) __read_mostly = default_trap;
345 void transfer_pim_to_trap_frame(struct pt_regs *regs)
348 extern unsigned int hpmc_pim_data[];
349 struct pdc_hpmc_pim_11 *pim_narrow;
350 struct pdc_hpmc_pim_20 *pim_wide;
352 if (boot_cpu_data.cpu_type >= pcxu) {
354 pim_wide = (struct pdc_hpmc_pim_20 *)hpmc_pim_data;
357 * Note: The following code will probably generate a
358 * bunch of truncation error warnings from the compiler.
359 * Could be handled with an ifdef, but perhaps there
363 regs->gr[0] = pim_wide->cr[22];
365 for (i = 1; i < 32; i++)
366 regs->gr[i] = pim_wide->gr[i];
368 for (i = 0; i < 32; i++)
369 regs->fr[i] = pim_wide->fr[i];
371 for (i = 0; i < 8; i++)
372 regs->sr[i] = pim_wide->sr[i];
374 regs->iasq[0] = pim_wide->cr[17];
375 regs->iasq[1] = pim_wide->iasq_back;
376 regs->iaoq[0] = pim_wide->cr[18];
377 regs->iaoq[1] = pim_wide->iaoq_back;
379 regs->sar = pim_wide->cr[11];
380 regs->iir = pim_wide->cr[19];
381 regs->isr = pim_wide->cr[20];
382 regs->ior = pim_wide->cr[21];
385 pim_narrow = (struct pdc_hpmc_pim_11 *)hpmc_pim_data;
387 regs->gr[0] = pim_narrow->cr[22];
389 for (i = 1; i < 32; i++)
390 regs->gr[i] = pim_narrow->gr[i];
392 for (i = 0; i < 32; i++)
393 regs->fr[i] = pim_narrow->fr[i];
395 for (i = 0; i < 8; i++)
396 regs->sr[i] = pim_narrow->sr[i];
398 regs->iasq[0] = pim_narrow->cr[17];
399 regs->iasq[1] = pim_narrow->iasq_back;
400 regs->iaoq[0] = pim_narrow->cr[18];
401 regs->iaoq[1] = pim_narrow->iaoq_back;
403 regs->sar = pim_narrow->cr[11];
404 regs->iir = pim_narrow->cr[19];
405 regs->isr = pim_narrow->cr[20];
406 regs->ior = pim_narrow->cr[21];
410 * The following fields only have meaning if we came through
411 * another path. So just zero them here.
421 * This routine is called as a last resort when everything else
422 * has gone clearly wrong. We get called for faults in kernel space,
425 void parisc_terminate(char *msg, struct pt_regs *regs, int code, unsigned long offset)
427 static DEFINE_SPINLOCK(terminate_lock);
429 oops_in_progress = 1;
433 spin_lock(&terminate_lock);
435 /* unlock the pdc lock if necessary */
436 pdc_emergency_unlock();
438 /* restart pdc console if necessary */
439 if (!console_drivers)
440 pdc_console_restart();
442 /* Not all paths will gutter the processor... */
446 transfer_pim_to_trap_frame(regs);
456 /* show_stack(NULL, (unsigned long *)regs->gr[30]); */
457 struct unwind_frame_info info;
458 unwind_frame_init(&info, current, regs);
459 do_show_stack(&info);
463 pr_crit("%s: Code=%d (%s) regs=%p (Addr=" RFMT ")\n",
464 msg, code, trap_name(code), regs, offset);
467 spin_unlock(&terminate_lock);
469 /* put soft power button back under hardware control;
470 * if the user had pressed it once at any time, the
471 * system will shut down immediately right here. */
472 pdc_soft_power_button(0);
474 /* Call kernel panic() so reboot timeouts work properly
475 * FIXME: This function should be on the list of
476 * panic notifiers, and we should call panic
477 * directly from the location that we wish.
478 * e.g. We should not call panic from
479 * parisc_terminate, but rather the oter way around.
480 * This hack works, prints the panic message twice,
481 * and it enables reboot timers!
486 void notrace handle_interruption(int code, struct pt_regs *regs)
488 unsigned long fault_address = 0;
489 unsigned long fault_space = 0;
493 pdc_console_restart(); /* switch back to pdc if HPMC */
498 * If the priority level is still user, and the
499 * faulting space is not equal to the active space
500 * then the user is attempting something in a space
501 * that does not belong to them. Kill the process.
503 * This is normally the situation when the user
504 * attempts to jump into the kernel space at the
505 * wrong offset, be it at the gateway page or a
508 * We cannot normally signal the process because it
509 * could *be* on the gateway page, and processes
510 * executing on the gateway page can't have signals
513 * We merely readjust the address into the users
514 * space, at a destination address of zero, and
515 * allow processing to continue.
517 if (((unsigned long)regs->iaoq[0] & 3) &&
518 ((unsigned long)regs->iasq[0] != (unsigned long)regs->sr[7])) {
519 /* Kill the user process later */
520 regs->iaoq[0] = 0 | 3;
521 regs->iaoq[1] = regs->iaoq[0] + 4;
522 regs->iasq[0] = regs->iasq[1] = regs->sr[7];
523 regs->gr[0] &= ~PSW_B;
528 printk(KERN_CRIT "Interruption # %d\n", code);
534 /* High-priority machine check (HPMC) */
536 /* set up a new led state on systems shipped with a LED State panel */
537 pdc_chassis_send_status(PDC_CHASSIS_DIRECT_HPMC);
539 parisc_terminate("High Priority Machine Check (HPMC)",
544 /* Power failure interrupt */
545 printk(KERN_CRIT "Power failure interrupt !\n");
549 /* Recovery counter trap */
550 regs->gr[0] &= ~PSW_R;
551 if (user_space(regs))
552 handle_gdb_break(regs, TRAP_TRACE);
553 /* else this must be the start of a syscall - just let it run */
557 /* Low-priority machine check */
558 pdc_chassis_send_status(PDC_CHASSIS_DIRECT_LPMC);
566 /* Instruction TLB miss fault/Instruction page fault */
567 fault_address = regs->iaoq[0];
568 fault_space = regs->iasq[0];
572 /* Illegal instruction trap */
573 die_if_kernel("Illegal instruction", regs, code);
574 si.si_code = ILL_ILLOPC;
578 /* Break instruction trap */
583 /* Privileged operation trap */
584 die_if_kernel("Privileged operation", regs, code);
585 si.si_code = ILL_PRVOPC;
589 /* Privileged register trap */
590 if ((regs->iir & 0xffdfffe0) == 0x034008a0) {
592 /* This is a MFCTL cr26/cr27 to gr instruction.
593 * PCXS traps on this, so we need to emulate it.
596 if (regs->iir & 0x00200000)
597 regs->gr[regs->iir & 0x1f] = mfctl(27);
599 regs->gr[regs->iir & 0x1f] = mfctl(26);
601 regs->iaoq[0] = regs->iaoq[1];
603 regs->iasq[0] = regs->iasq[1];
607 die_if_kernel("Privileged register usage", regs, code);
608 si.si_code = ILL_PRVREG;
610 si.si_signo = SIGILL;
612 si.si_addr = (void __user *) regs->iaoq[0];
613 force_sig_info(SIGILL, &si, current);
617 /* Overflow Trap, let the userland signal handler do the cleanup */
618 si.si_signo = SIGFPE;
619 si.si_code = FPE_INTOVF;
620 si.si_addr = (void __user *) regs->iaoq[0];
621 force_sig_info(SIGFPE, &si, current);
626 The condition succeeds in an instruction which traps
629 si.si_signo = SIGFPE;
630 /* Set to zero, and let the userspace app figure it out from
631 the insn pointed to by si_addr */
632 si.si_code = FPE_FIXME;
633 si.si_addr = (void __user *) regs->iaoq[0];
634 force_sig_info(SIGFPE, &si, current);
637 /* The kernel doesn't want to handle condition codes */
641 /* Assist Exception Trap, i.e. floating point exception. */
642 die_if_kernel("Floating point exception", regs, 0); /* quiet */
643 __inc_irq_stat(irq_fpassist_count);
648 /* Data TLB miss fault/Data page fault */
651 /* Non-access instruction TLB miss fault */
652 /* The instruction TLB entry needed for the target address of the FIC
653 is absent, and hardware can't find it, so we get to cleanup */
656 /* Non-access data TLB miss fault/Non-access data page fault */
658 Still need to add slow path emulation code here!
659 If the insn used a non-shadow register, then the tlb
660 handlers could not have their side-effect (e.g. probe
661 writing to a target register) emulated since rfir would
662 erase the changes to said register. Instead we have to
663 setup everything, call this function we are in, and emulate
664 by hand. Technically we need to emulate:
665 fdc,fdce,pdc,"fic,4f",prober,probeir,probew, probeiw
667 fault_address = regs->ior;
668 fault_space = regs->isr;
672 /* PCXS only -- later cpu's split this into types 26,27 & 28 */
673 /* Check for unaligned access */
674 if (check_unaligned(regs)) {
675 handle_unaligned(regs);
680 /* PCXL: Data memory access rights trap */
681 fault_address = regs->ior;
682 fault_space = regs->isr;
686 /* Data memory break trap */
687 regs->gr[0] |= PSW_X; /* So we can single-step over the trap */
690 /* Page reference trap */
691 handle_gdb_break(regs, TRAP_HWBKPT);
695 /* Taken branch trap */
696 regs->gr[0] &= ~PSW_T;
697 if (user_space(regs))
698 handle_gdb_break(regs, TRAP_BRANCH);
699 /* else this must be the start of a syscall - just let it
705 /* Instruction access rights */
706 /* PCXL: Instruction memory protection trap */
709 * This could be caused by either: 1) a process attempting
710 * to execute within a vma that does not have execute
711 * permission, or 2) an access rights violation caused by a
712 * flush only translation set up by ptep_get_and_clear().
713 * So we check the vma permissions to differentiate the two.
714 * If the vma indicates we have execute permission, then
715 * the cause is the latter one. In this case, we need to
716 * call do_page_fault() to fix the problem.
719 if (user_mode(regs)) {
720 struct vm_area_struct *vma;
722 down_read(¤t->mm->mmap_sem);
723 vma = find_vma(current->mm,regs->iaoq[0]);
724 if (vma && (regs->iaoq[0] >= vma->vm_start)
725 && (vma->vm_flags & VM_EXEC)) {
727 fault_address = regs->iaoq[0];
728 fault_space = regs->iasq[0];
730 up_read(¤t->mm->mmap_sem);
731 break; /* call do_page_fault() */
733 up_read(¤t->mm->mmap_sem);
737 /* Data memory protection ID trap */
738 if (code == 27 && !user_mode(regs) &&
739 fixup_exception(regs))
742 die_if_kernel("Protection id trap", regs, code);
743 si.si_code = SEGV_MAPERR;
744 si.si_signo = SIGSEGV;
747 si.si_addr = (void __user *) regs->iaoq[0];
749 si.si_addr = (void __user *) regs->ior;
750 force_sig_info(SIGSEGV, &si, current);
754 /* Unaligned data reference trap */
755 handle_unaligned(regs);
759 if (user_mode(regs)) {
760 parisc_printk_ratelimited(0, regs, KERN_DEBUG
761 "handle_interruption() pid=%d command='%s'\n",
762 task_pid_nr(current), current->comm);
763 /* SIGBUS, for lack of a better one. */
764 si.si_signo = SIGBUS;
765 si.si_code = BUS_OBJERR;
767 si.si_addr = (void __user *) regs->ior;
768 force_sig_info(SIGBUS, &si, current);
771 pdc_chassis_send_status(PDC_CHASSIS_DIRECT_PANIC);
773 parisc_terminate("Unexpected interruption", regs, code, 0);
777 if (user_mode(regs)) {
778 if ((fault_space >> SPACEID_SHIFT) != (regs->sr[7] >> SPACEID_SHIFT)) {
779 parisc_printk_ratelimited(0, regs, KERN_DEBUG
780 "User fault %d on space 0x%08lx, pid=%d command='%s'\n",
782 task_pid_nr(current), current->comm);
783 si.si_signo = SIGSEGV;
785 si.si_code = SEGV_MAPERR;
786 si.si_addr = (void __user *) regs->ior;
787 force_sig_info(SIGSEGV, &si, current);
794 * The kernel should never fault on its own address space,
795 * unless pagefault_disable() was called before.
798 if (fault_space == 0 && !faulthandler_disabled())
800 /* Clean up and return if in exception table. */
801 if (fixup_exception(regs))
803 pdc_chassis_send_status(PDC_CHASSIS_DIRECT_PANIC);
804 parisc_terminate("Kernel Fault", regs, code, fault_address);
808 do_page_fault(regs, code, fault_address);
812 void __init initialize_ivt(const void *iva)
814 extern u32 os_hpmc_size;
815 extern const u32 os_hpmc[];
823 if (strcmp((const char *)iva, "cows can fly"))
824 panic("IVT invalid");
828 for (i = 0; i < 8; i++)
832 * Use PDC_INSTR firmware function to get instruction that invokes
833 * PDCE_CHECK in HPMC handler. See programming note at page 1-31 of
834 * the PA 1.1 Firmware Architecture document.
836 if (pdc_instr(&instr) == PDC_OK)
839 /* Compute Checksum for HPMC handler */
840 length = os_hpmc_size;
843 hpmcp = (u32 *)os_hpmc;
845 for (i=0; i<length/4; i++)
855 /* early_trap_init() is called before we set up kernel mappings and
856 * write-protect the kernel */
857 void __init early_trap_init(void)
859 extern const void fault_vector_20;
862 extern const void fault_vector_11;
863 initialize_ivt(&fault_vector_11);
866 initialize_ivt(&fault_vector_20);
869 void __init trap_init(void)
git.samba.org / sfrench / cifs-2.6.git / blob