2 * linux/arch/parisc/traps.c
4 * Copyright (C) 1991, 1992 Linus Torvalds
5 * Copyright (C) 1999, 2000 Philipp Rumpf <prumpf@tux.org>
9 * 'Traps.c' handles hardware traps and faults after we have saved some
13 #include <linux/config.h>
14 #include <linux/sched.h>
15 #include <linux/kernel.h>
16 #include <linux/string.h>
17 #include <linux/errno.h>
18 #include <linux/ptrace.h>
19 #include <linux/timer.h>
21 #include <linux/module.h>
22 #include <linux/smp.h>
23 #include <linux/smp_lock.h>
24 #include <linux/spinlock.h>
25 #include <linux/init.h>
26 #include <linux/interrupt.h>
27 #include <linux/console.h>
28 #include <linux/kallsyms.h>
30 #include <asm/assembly.h>
31 #include <asm/system.h>
32 #include <asm/uaccess.h>
35 #include <asm/traps.h>
36 #include <asm/unaligned.h>
37 #include <asm/atomic.h>
40 #include <asm/pdc_chassis.h>
41 #include <asm/unwind.h>
43 #include "../math-emu/math-emu.h" /* for handle_fpe() */
45 #define PRINT_USER_FAULTS /* (turn this on if you want user faults to be */
46 /* dumped to the console via printk) */
48 #if defined(CONFIG_SMP) || defined(CONFIG_DEBUG_SPINLOCK)
49 DEFINE_SPINLOCK(pa_dbit_lock);
52 int printbinary(char *buf, unsigned long x, int nbits)
54 unsigned long mask = 1UL << (nbits - 1);
56 *buf++ = (mask & x ? '1' : '0');
69 #define FFMT "%016llx" /* fpregs are 64-bit always */
71 #define PRINTREGS(lvl,r,f,fmt,x) \
72 printk("%s%s%02d-%02d " fmt " " fmt " " fmt " " fmt "\n", \
73 lvl, f, (x), (x+3), (r)[(x)+0], (r)[(x)+1], \
74 (r)[(x)+2], (r)[(x)+3])
76 static void print_gr(char *level, struct pt_regs *regs)
81 printk("%s\n", level);
82 printk("%s YZrvWESTHLNXBCVMcbcbcbcbOGFRQPDI\n", level);
83 printbinary(buf, regs->gr[0], 32);
84 printk("%sPSW: %s %s\n", level, buf, print_tainted());
86 for (i = 0; i < 32; i += 4)
87 PRINTREGS(level, regs->gr, "r", RFMT, i);
90 static void print_fr(char *level, struct pt_regs *regs)
94 struct { u32 sw[2]; } s;
96 /* FR are 64bit everywhere. Need to use asm to get the content
97 * of fpsr/fper1, and we assume that we won't have a FP Identify
98 * in our way, otherwise we're screwed.
99 * The fldd is used to restore the T-bit if there was one, as the
100 * store clears it anyway.
101 * PA2.0 book says "thou shall not use fstw on FPSR/FPERs" - T-Bone */
102 asm volatile ("fstd %%fr0,0(%1) \n\t"
103 "fldd 0(%1),%%fr0 \n\t"
104 : "=m" (s) : "r" (&s) : "r0");
106 printk("%s\n", level);
107 printk("%s VZOUICununcqcqcqcqcqcrmunTDVZOUI\n", level);
108 printbinary(buf, s.sw[0], 32);
109 printk("%sFPSR: %s\n", level, buf);
110 printk("%sFPER1: %08x\n", level, s.sw[1]);
112 /* here we'll print fr0 again, tho it'll be meaningless */
113 for (i = 0; i < 32; i += 4)
114 PRINTREGS(level, regs->fr, "fr", FFMT, i);
117 void show_regs(struct pt_regs *regs)
121 unsigned long cr30, cr31;
123 level = user_mode(regs) ? KERN_DEBUG : KERN_CRIT;
125 print_gr(level, regs);
127 for (i = 0; i < 8; i += 4)
128 PRINTREGS(level, regs->sr, "sr", RFMT, i);
131 print_fr(level, regs);
135 printk("%s\n", level);
136 printk("%sIASQ: " RFMT " " RFMT " IAOQ: " RFMT " " RFMT "\n",
137 level, regs->iasq[0], regs->iasq[1], regs->iaoq[0], regs->iaoq[1]);
138 printk("%s IIR: %08lx ISR: " RFMT " IOR: " RFMT "\n",
139 level, regs->iir, regs->isr, regs->ior);
140 printk("%s CPU: %8d CR30: " RFMT " CR31: " RFMT "\n",
141 level, current_thread_info()->cpu, cr30, cr31);
142 printk("%s ORIG_R28: " RFMT "\n", level, regs->orig_r28);
144 print_symbol(" IAOQ[0]: %s\n", regs->iaoq[0]);
146 print_symbol(" IAOQ[1]: %s\n", regs->iaoq[1]);
148 print_symbol(" RP(r2): %s\n", regs->gr[2]);
152 void dump_stack(void)
154 show_stack(NULL, NULL);
157 EXPORT_SYMBOL(dump_stack);
159 static void do_show_stack(struct unwind_frame_info *info)
163 printk("Backtrace:\n");
165 if (unwind_once(info) < 0 || info->ip == 0)
168 if (__kernel_text_address(info->ip)) {
169 printk(" [<" RFMT ">] ", info->ip);
170 #ifdef CONFIG_KALLSYMS
171 print_symbol("%s\n", info->ip);
182 void show_stack(struct task_struct *task, unsigned long *s)
184 struct unwind_frame_info info;
191 asm volatile ("copy %%r30, %0" : "=r"(sp));
192 r = kzalloc(sizeof(struct pt_regs), GFP_KERNEL);
195 r->iaoq[0] = (unsigned long)&&HERE;
196 r->gr[2] = (unsigned long)__builtin_return_address(0);
198 unwind_frame_init(&info, current, r);
201 unwind_frame_init_from_blocked_task(&info, task);
204 do_show_stack(&info);
207 void die_if_kernel(char *str, struct pt_regs *regs, long err)
209 if (user_mode(regs)) {
213 printk(KERN_CRIT "%s (pid %d): %s (code %ld) at " RFMT "\n",
214 current->comm, current->pid, str, err, regs->iaoq[0]);
215 #ifdef PRINT_USER_FAULTS
216 /* XXX for debugging only */
222 oops_in_progress = 1;
224 /* Amuse the user in a SPARC fashion */
226 " _______________________________ \n"
227 " < Your System ate a SPARC! Gah! >\n"
228 " ------------------------------- \n"
230 " \\ (xx)\\_______\n"
235 /* unlock the pdc lock if necessary */
236 pdc_emergency_unlock();
238 /* maybe the kernel hasn't booted very far yet and hasn't been able
239 * to initialize the serial or STI console. In that case we should
240 * re-enable the pdc console, so that the user will be able to
241 * identify the problem. */
242 if (!console_drivers)
243 pdc_console_restart();
245 printk(KERN_CRIT "%s (pid %d): %s (code %ld)\n",
246 current->comm, current->pid, str, err);
249 /* Wot's wrong wif bein' racy? */
250 if (current->thread.flags & PARISC_KERNEL_DEATH) {
251 printk(KERN_CRIT "%s() recursion detected.\n", __FUNCTION__);
256 current->thread.flags |= PARISC_KERNEL_DEATH;
260 int syscall_ipi(int (*syscall) (struct pt_regs *), struct pt_regs *regs)
262 return syscall(regs);
265 /* gdb uses break 4,8 */
266 #define GDB_BREAK_INSN 0x10004
267 void handle_gdb_break(struct pt_regs *regs, int wot)
272 si.si_addr = (void __user *) (regs->iaoq[0] & ~3);
273 si.si_signo = SIGTRAP;
275 force_sig_info(SIGTRAP, &si, current);
278 void handle_break(unsigned iir, struct pt_regs *regs)
284 #ifdef PRINT_USER_FAULTS
285 printk(KERN_DEBUG "break 0,0: pid=%d command='%s'\n",
286 current->pid, current->comm);
288 die_if_kernel("Breakpoint", regs, 0);
289 #ifdef PRINT_USER_FAULTS
292 si.si_code = TRAP_BRKPT;
293 si.si_addr = (void __user *) (regs->iaoq[0] & ~3);
294 si.si_signo = SIGTRAP;
295 force_sig_info(SIGTRAP, &si, current);
299 die_if_kernel("Breakpoint", regs, 0);
300 handle_gdb_break(regs, TRAP_BRKPT);
304 #ifdef PRINT_USER_FAULTS
305 printk(KERN_DEBUG "break %#08x: pid=%d command='%s'\n",
306 iir, current->pid, current->comm);
309 si.si_signo = SIGTRAP;
310 si.si_code = TRAP_BRKPT;
311 si.si_addr = (void __user *) (regs->iaoq[0] & ~3);
312 force_sig_info(SIGTRAP, &si, current);
320 printk(KERN_CRIT "TOC call.\n");
324 static void default_trap(int code, struct pt_regs *regs)
326 printk(KERN_ERR "Trap %d on CPU %d\n", code, smp_processor_id());
330 void (*cpu_lpmc) (int code, struct pt_regs *regs) = default_trap;
333 void transfer_pim_to_trap_frame(struct pt_regs *regs)
336 extern unsigned int hpmc_pim_data[];
337 struct pdc_hpmc_pim_11 *pim_narrow;
338 struct pdc_hpmc_pim_20 *pim_wide;
340 if (boot_cpu_data.cpu_type >= pcxu) {
342 pim_wide = (struct pdc_hpmc_pim_20 *)hpmc_pim_data;
345 * Note: The following code will probably generate a
346 * bunch of truncation error warnings from the compiler.
347 * Could be handled with an ifdef, but perhaps there
351 regs->gr[0] = pim_wide->cr[22];
353 for (i = 1; i < 32; i++)
354 regs->gr[i] = pim_wide->gr[i];
356 for (i = 0; i < 32; i++)
357 regs->fr[i] = pim_wide->fr[i];
359 for (i = 0; i < 8; i++)
360 regs->sr[i] = pim_wide->sr[i];
362 regs->iasq[0] = pim_wide->cr[17];
363 regs->iasq[1] = pim_wide->iasq_back;
364 regs->iaoq[0] = pim_wide->cr[18];
365 regs->iaoq[1] = pim_wide->iaoq_back;
367 regs->sar = pim_wide->cr[11];
368 regs->iir = pim_wide->cr[19];
369 regs->isr = pim_wide->cr[20];
370 regs->ior = pim_wide->cr[21];
373 pim_narrow = (struct pdc_hpmc_pim_11 *)hpmc_pim_data;
375 regs->gr[0] = pim_narrow->cr[22];
377 for (i = 1; i < 32; i++)
378 regs->gr[i] = pim_narrow->gr[i];
380 for (i = 0; i < 32; i++)
381 regs->fr[i] = pim_narrow->fr[i];
383 for (i = 0; i < 8; i++)
384 regs->sr[i] = pim_narrow->sr[i];
386 regs->iasq[0] = pim_narrow->cr[17];
387 regs->iasq[1] = pim_narrow->iasq_back;
388 regs->iaoq[0] = pim_narrow->cr[18];
389 regs->iaoq[1] = pim_narrow->iaoq_back;
391 regs->sar = pim_narrow->cr[11];
392 regs->iir = pim_narrow->cr[19];
393 regs->isr = pim_narrow->cr[20];
394 regs->ior = pim_narrow->cr[21];
398 * The following fields only have meaning if we came through
399 * another path. So just zero them here.
409 * This routine is called as a last resort when everything else
410 * has gone clearly wrong. We get called for faults in kernel space,
413 void parisc_terminate(char *msg, struct pt_regs *regs, int code, unsigned long offset)
415 static DEFINE_SPINLOCK(terminate_lock);
417 oops_in_progress = 1;
421 spin_lock(&terminate_lock);
423 /* unlock the pdc lock if necessary */
424 pdc_emergency_unlock();
426 /* restart pdc console if necessary */
427 if (!console_drivers)
428 pdc_console_restart();
430 /* Not all paths will gutter the processor... */
434 transfer_pim_to_trap_frame(regs);
444 /* show_stack(NULL, (unsigned long *)regs->gr[30]); */
445 struct unwind_frame_info info;
446 unwind_frame_init(&info, current, regs);
447 do_show_stack(&info);
451 printk(KERN_CRIT "%s: Code=%d regs=%p (Addr=" RFMT ")\n",
452 msg, code, regs, offset);
455 spin_unlock(&terminate_lock);
457 /* put soft power button back under hardware control;
458 * if the user had pressed it once at any time, the
459 * system will shut down immediately right here. */
460 pdc_soft_power_button(0);
462 /* Call kernel panic() so reboot timeouts work properly
463 * FIXME: This function should be on the list of
464 * panic notifiers, and we should call panic
465 * directly from the location that we wish.
466 * e.g. We should not call panic from
467 * parisc_terminate, but rather the oter way around.
468 * This hack works, prints the panic message twice,
469 * and it enables reboot timers!
474 void handle_interruption(int code, struct pt_regs *regs)
476 unsigned long fault_address = 0;
477 unsigned long fault_space = 0;
481 pdc_console_restart(); /* switch back to pdc if HPMC */
486 * If the priority level is still user, and the
487 * faulting space is not equal to the active space
488 * then the user is attempting something in a space
489 * that does not belong to them. Kill the process.
491 * This is normally the situation when the user
492 * attempts to jump into the kernel space at the
493 * wrong offset, be it at the gateway page or a
496 * We cannot normally signal the process because it
497 * could *be* on the gateway page, and processes
498 * executing on the gateway page can't have signals
501 * We merely readjust the address into the users
502 * space, at a destination address of zero, and
503 * allow processing to continue.
505 if (((unsigned long)regs->iaoq[0] & 3) &&
506 ((unsigned long)regs->iasq[0] != (unsigned long)regs->sr[7])) {
507 /* Kill the user process later */
508 regs->iaoq[0] = 0 | 3;
509 regs->iaoq[1] = regs->iaoq[0] + 4;
510 regs->iasq[0] = regs->iasq[0] = regs->sr[7];
511 regs->gr[0] &= ~PSW_B;
516 printk(KERN_CRIT "Interruption # %d\n", code);
522 /* High-priority machine check (HPMC) */
524 /* set up a new led state on systems shipped with a LED State panel */
525 pdc_chassis_send_status(PDC_CHASSIS_DIRECT_HPMC);
527 parisc_terminate("High Priority Machine Check (HPMC)",
532 /* Power failure interrupt */
533 printk(KERN_CRIT "Power failure interrupt !\n");
537 /* Recovery counter trap */
538 regs->gr[0] &= ~PSW_R;
539 if (user_space(regs))
540 handle_gdb_break(regs, TRAP_TRACE);
541 /* else this must be the start of a syscall - just let it run */
545 /* Low-priority machine check */
546 pdc_chassis_send_status(PDC_CHASSIS_DIRECT_LPMC);
553 /* Instruction TLB miss fault/Instruction page fault */
554 fault_address = regs->iaoq[0];
555 fault_space = regs->iasq[0];
559 /* Illegal instruction trap */
560 die_if_kernel("Illegal instruction", regs, code);
561 si.si_code = ILL_ILLOPC;
565 /* Break instruction trap */
566 handle_break(regs->iir,regs);
570 /* Privileged operation trap */
571 die_if_kernel("Privileged operation", regs, code);
572 si.si_code = ILL_PRVOPC;
576 /* Privileged register trap */
577 if ((regs->iir & 0xffdfffe0) == 0x034008a0) {
579 /* This is a MFCTL cr26/cr27 to gr instruction.
580 * PCXS traps on this, so we need to emulate it.
583 if (regs->iir & 0x00200000)
584 regs->gr[regs->iir & 0x1f] = mfctl(27);
586 regs->gr[regs->iir & 0x1f] = mfctl(26);
588 regs->iaoq[0] = regs->iaoq[1];
590 regs->iasq[0] = regs->iasq[1];
594 die_if_kernel("Privileged register usage", regs, code);
595 si.si_code = ILL_PRVREG;
597 si.si_signo = SIGILL;
599 si.si_addr = (void __user *) regs->iaoq[0];
600 force_sig_info(SIGILL, &si, current);
604 /* Overflow Trap, let the userland signal handler do the cleanup */
605 si.si_signo = SIGFPE;
606 si.si_code = FPE_INTOVF;
607 si.si_addr = (void __user *) regs->iaoq[0];
608 force_sig_info(SIGFPE, &si, current);
613 The condition succees in an instruction which traps
616 si.si_signo = SIGFPE;
617 /* Set to zero, and let the userspace app figure it out from
618 the insn pointed to by si_addr */
620 si.si_addr = (void __user *) regs->iaoq[0];
621 force_sig_info(SIGFPE, &si, current);
624 /* The kernel doesn't want to handle condition codes */
628 /* Assist Exception Trap, i.e. floating point exception. */
629 die_if_kernel("Floating point exception", regs, 0); /* quiet */
634 /* Data TLB miss fault/Data page fault */
637 /* Non-access instruction TLB miss fault */
638 /* The instruction TLB entry needed for the target address of the FIC
639 is absent, and hardware can't find it, so we get to cleanup */
642 /* Non-access data TLB miss fault/Non-access data page fault */
644 Still need to add slow path emulation code here!
645 If the insn used a non-shadow register, then the tlb
646 handlers could not have their side-effect (e.g. probe
647 writing to a target register) emulated since rfir would
648 erase the changes to said register. Instead we have to
649 setup everything, call this function we are in, and emulate
650 by hand. Technically we need to emulate:
651 fdc,fdce,pdc,"fic,4f",prober,probeir,probew, probeiw
653 fault_address = regs->ior;
654 fault_space = regs->isr;
658 /* PCXS only -- later cpu's split this into types 26,27 & 28 */
659 /* Check for unaligned access */
660 if (check_unaligned(regs)) {
661 handle_unaligned(regs);
666 /* PCXL: Data memory access rights trap */
667 fault_address = regs->ior;
668 fault_space = regs->isr;
672 /* Data memory break trap */
673 regs->gr[0] |= PSW_X; /* So we can single-step over the trap */
676 /* Page reference trap */
677 handle_gdb_break(regs, TRAP_HWBKPT);
681 /* Taken branch trap */
682 regs->gr[0] &= ~PSW_T;
683 if (user_space(regs))
684 handle_gdb_break(regs, TRAP_BRANCH);
685 /* else this must be the start of a syscall - just let it
691 /* Instruction access rights */
692 /* PCXL: Instruction memory protection trap */
695 * This could be caused by either: 1) a process attempting
696 * to execute within a vma that does not have execute
697 * permission, or 2) an access rights violation caused by a
698 * flush only translation set up by ptep_get_and_clear().
699 * So we check the vma permissions to differentiate the two.
700 * If the vma indicates we have execute permission, then
701 * the cause is the latter one. In this case, we need to
702 * call do_page_fault() to fix the problem.
705 if (user_mode(regs)) {
706 struct vm_area_struct *vma;
708 down_read(¤t->mm->mmap_sem);
709 vma = find_vma(current->mm,regs->iaoq[0]);
710 if (vma && (regs->iaoq[0] >= vma->vm_start)
711 && (vma->vm_flags & VM_EXEC)) {
713 fault_address = regs->iaoq[0];
714 fault_space = regs->iasq[0];
716 up_read(¤t->mm->mmap_sem);
717 break; /* call do_page_fault() */
719 up_read(¤t->mm->mmap_sem);
723 /* Data memory protection ID trap */
724 die_if_kernel("Protection id trap", regs, code);
725 si.si_code = SEGV_MAPERR;
726 si.si_signo = SIGSEGV;
729 si.si_addr = (void __user *) regs->iaoq[0];
731 si.si_addr = (void __user *) regs->ior;
732 force_sig_info(SIGSEGV, &si, current);
736 /* Unaligned data reference trap */
737 handle_unaligned(regs);
741 if (user_mode(regs)) {
742 #ifdef PRINT_USER_FAULTS
743 printk(KERN_DEBUG "\nhandle_interruption() pid=%d command='%s'\n",
744 current->pid, current->comm);
747 /* SIGBUS, for lack of a better one. */
748 si.si_signo = SIGBUS;
749 si.si_code = BUS_OBJERR;
751 si.si_addr = (void __user *) regs->ior;
752 force_sig_info(SIGBUS, &si, current);
755 pdc_chassis_send_status(PDC_CHASSIS_DIRECT_PANIC);
757 parisc_terminate("Unexpected interruption", regs, code, 0);
761 if (user_mode(regs)) {
762 if ((fault_space >> SPACEID_SHIFT) != (regs->sr[7] >> SPACEID_SHIFT)) {
763 #ifdef PRINT_USER_FAULTS
764 if (fault_space == 0)
765 printk(KERN_DEBUG "User Fault on Kernel Space ");
767 printk(KERN_DEBUG "User Fault (long pointer) (fault %d) ",
769 printk("pid=%d command='%s'\n", current->pid, current->comm);
772 si.si_signo = SIGSEGV;
774 si.si_code = SEGV_MAPERR;
775 si.si_addr = (void __user *) regs->ior;
776 force_sig_info(SIGSEGV, &si, current);
783 * The kernel should never fault on its own address space.
786 if (fault_space == 0)
788 pdc_chassis_send_status(PDC_CHASSIS_DIRECT_PANIC);
789 parisc_terminate("Kernel Fault", regs, code, fault_address);
794 do_page_fault(regs, code, fault_address);
798 int __init check_ivt(void *iva)
805 extern void os_hpmc(void);
806 extern void os_hpmc_end(void);
808 if (strcmp((char *)iva, "cows can fly"))
813 for (i = 0; i < 8; i++)
816 /* Compute Checksum for HPMC handler */
818 length = (u32)((unsigned long)os_hpmc_end - (unsigned long)os_hpmc);
821 hpmcp = (u32 *)os_hpmc;
823 for (i=0; i<length/4; i++)
835 extern const void fault_vector_11;
837 extern const void fault_vector_20;
839 void __init trap_init(void)
843 if (boot_cpu_data.cpu_type >= pcxu)
844 iva = (void *) &fault_vector_20;
847 panic("Can't boot 64-bit OS on PA1.1 processor!");
849 iva = (void *) &fault_vector_11;
853 panic("IVT invalid");
git.samba.org / sfrench / cifs-2.6.git / blob