2 * linux/arch/parisc/traps.c
4 * Copyright (C) 1991, 1992 Linus Torvalds
5 * Copyright (C) 1999, 2000 Philipp Rumpf <prumpf@tux.org>
9 * 'Traps.c' handles hardware traps and faults after we have saved some
13 #include <linux/sched.h>
14 #include <linux/kernel.h>
15 #include <linux/string.h>
16 #include <linux/errno.h>
17 #include <linux/ptrace.h>
18 #include <linux/timer.h>
19 #include <linux/delay.h>
21 #include <linux/module.h>
22 #include <linux/smp.h>
23 #include <linux/spinlock.h>
24 #include <linux/init.h>
25 #include <linux/interrupt.h>
26 #include <linux/console.h>
27 #include <linux/kallsyms.h>
28 #include <linux/bug.h>
30 #include <asm/assembly.h>
31 #include <asm/system.h>
32 #include <asm/uaccess.h>
35 #include <asm/traps.h>
36 #include <asm/unaligned.h>
37 #include <asm/atomic.h>
40 #include <asm/pdc_chassis.h>
41 #include <asm/unwind.h>
42 #include <asm/tlbflush.h>
43 #include <asm/cacheflush.h>
45 #include "../math-emu/math-emu.h" /* for handle_fpe() */
47 #define PRINT_USER_FAULTS /* (turn this on if you want user faults to be */
48 /* dumped to the console via printk) */
50 #if defined(CONFIG_SMP) || defined(CONFIG_DEBUG_SPINLOCK)
51 DEFINE_SPINLOCK(pa_dbit_lock);
54 static int printbinary(char *buf, unsigned long x, int nbits)
56 unsigned long mask = 1UL << (nbits - 1);
58 *buf++ = (mask & x ? '1' : '0');
71 #define FFMT "%016llx" /* fpregs are 64-bit always */
73 #define PRINTREGS(lvl,r,f,fmt,x) \
74 printk("%s%s%02d-%02d " fmt " " fmt " " fmt " " fmt "\n", \
75 lvl, f, (x), (x+3), (r)[(x)+0], (r)[(x)+1], \
76 (r)[(x)+2], (r)[(x)+3])
78 static void print_gr(char *level, struct pt_regs *regs)
83 printk("%s\n", level);
84 printk("%s YZrvWESTHLNXBCVMcbcbcbcbOGFRQPDI\n", level);
85 printbinary(buf, regs->gr[0], 32);
86 printk("%sPSW: %s %s\n", level, buf, print_tainted());
88 for (i = 0; i < 32; i += 4)
89 PRINTREGS(level, regs->gr, "r", RFMT, i);
92 static void print_fr(char *level, struct pt_regs *regs)
96 struct { u32 sw[2]; } s;
98 /* FR are 64bit everywhere. Need to use asm to get the content
99 * of fpsr/fper1, and we assume that we won't have a FP Identify
100 * in our way, otherwise we're screwed.
101 * The fldd is used to restore the T-bit if there was one, as the
102 * store clears it anyway.
103 * PA2.0 book says "thou shall not use fstw on FPSR/FPERs" - T-Bone */
104 asm volatile ("fstd %%fr0,0(%1) \n\t"
105 "fldd 0(%1),%%fr0 \n\t"
106 : "=m" (s) : "r" (&s) : "r0");
108 printk("%s\n", level);
109 printk("%s VZOUICununcqcqcqcqcqcrmunTDVZOUI\n", level);
110 printbinary(buf, s.sw[0], 32);
111 printk("%sFPSR: %s\n", level, buf);
112 printk("%sFPER1: %08x\n", level, s.sw[1]);
114 /* here we'll print fr0 again, tho it'll be meaningless */
115 for (i = 0; i < 32; i += 4)
116 PRINTREGS(level, regs->fr, "fr", FFMT, i);
119 void show_regs(struct pt_regs *regs)
123 unsigned long cr30, cr31;
125 level = user_mode(regs) ? KERN_DEBUG : KERN_CRIT;
127 print_gr(level, regs);
129 for (i = 0; i < 8; i += 4)
130 PRINTREGS(level, regs->sr, "sr", RFMT, i);
133 print_fr(level, regs);
137 printk("%s\n", level);
138 printk("%sIASQ: " RFMT " " RFMT " IAOQ: " RFMT " " RFMT "\n",
139 level, regs->iasq[0], regs->iasq[1], regs->iaoq[0], regs->iaoq[1]);
140 printk("%s IIR: %08lx ISR: " RFMT " IOR: " RFMT "\n",
141 level, regs->iir, regs->isr, regs->ior);
142 printk("%s CPU: %8d CR30: " RFMT " CR31: " RFMT "\n",
143 level, current_thread_info()->cpu, cr30, cr31);
144 printk("%s ORIG_R28: " RFMT "\n", level, regs->orig_r28);
146 print_symbol(" IAOQ[0]: %s\n", regs->iaoq[0]);
148 print_symbol(" IAOQ[1]: %s\n", regs->iaoq[1]);
150 print_symbol(" RP(r2): %s\n", regs->gr[2]);
154 void dump_stack(void)
156 show_stack(NULL, NULL);
159 EXPORT_SYMBOL(dump_stack);
161 static void do_show_stack(struct unwind_frame_info *info)
165 printk(KERN_CRIT "Backtrace:\n");
167 if (unwind_once(info) < 0 || info->ip == 0)
170 if (__kernel_text_address(info->ip)) {
171 printk("%s [<" RFMT ">] ", (i&0x3)==1 ? KERN_CRIT : "", info->ip);
172 #ifdef CONFIG_KALLSYMS
173 print_symbol("%s\n", info->ip);
184 void show_stack(struct task_struct *task, unsigned long *s)
186 struct unwind_frame_info info;
192 asm volatile ("copy %%r30, %0" : "=r"(sp));
196 memset(&r, 0, sizeof(struct pt_regs));
197 r.iaoq[0] = (unsigned long)&&HERE;
198 r.gr[2] = (unsigned long)__builtin_return_address(0);
201 unwind_frame_init(&info, current, &r);
204 unwind_frame_init_from_blocked_task(&info, task);
207 do_show_stack(&info);
210 int is_valid_bugaddr(unsigned long iaoq)
215 void die_if_kernel(char *str, struct pt_regs *regs, long err)
217 if (user_mode(regs)) {
221 printk(KERN_CRIT "%s (pid %d): %s (code %ld) at " RFMT "\n",
222 current->comm, task_pid_nr(current), str, err, regs->iaoq[0]);
223 #ifdef PRINT_USER_FAULTS
224 /* XXX for debugging only */
230 oops_in_progress = 1;
232 /* Amuse the user in a SPARC fashion */
234 KERN_CRIT " _______________________________ \n"
235 KERN_CRIT " < Your System ate a SPARC! Gah! >\n"
236 KERN_CRIT " ------------------------------- \n"
237 KERN_CRIT " \\ ^__^\n"
238 KERN_CRIT " \\ (xx)\\_______\n"
239 KERN_CRIT " (__)\\ )\\/\\\n"
240 KERN_CRIT " U ||----w |\n"
241 KERN_CRIT " || ||\n");
243 /* unlock the pdc lock if necessary */
244 pdc_emergency_unlock();
246 /* maybe the kernel hasn't booted very far yet and hasn't been able
247 * to initialize the serial or STI console. In that case we should
248 * re-enable the pdc console, so that the user will be able to
249 * identify the problem. */
250 if (!console_drivers)
251 pdc_console_restart();
254 printk(KERN_CRIT "%s (pid %d): %s (code %ld)\n",
255 current->comm, task_pid_nr(current), str, err);
257 /* Wot's wrong wif bein' racy? */
258 if (current->thread.flags & PARISC_KERNEL_DEATH) {
259 printk(KERN_CRIT "%s() recursion detected.\n", __FUNCTION__);
263 current->thread.flags |= PARISC_KERNEL_DEATH;
267 add_taint(TAINT_DIE);
270 panic("Fatal exception in interrupt");
273 printk(KERN_EMERG "Fatal exception: panic in 5 seconds\n");
275 panic("Fatal exception");
281 int syscall_ipi(int (*syscall) (struct pt_regs *), struct pt_regs *regs)
283 return syscall(regs);
286 /* gdb uses break 4,8 */
287 #define GDB_BREAK_INSN 0x10004
288 static void handle_gdb_break(struct pt_regs *regs, int wot)
292 si.si_signo = SIGTRAP;
295 si.si_addr = (void __user *) (regs->iaoq[0] & ~3);
296 force_sig_info(SIGTRAP, &si, current);
299 static void handle_break(struct pt_regs *regs)
301 unsigned iir = regs->iir;
303 if (unlikely(iir == PARISC_BUG_BREAK_INSN && !user_mode(regs))) {
304 /* check if a BUG() or WARN() trapped here. */
305 enum bug_trap_type tt;
306 tt = report_bug(regs->iaoq[0] & ~3, regs);
307 if (tt == BUG_TRAP_TYPE_WARN) {
310 return; /* return to next instruction when WARN_ON(). */
312 die_if_kernel("Unknown kernel breakpoint", regs,
313 (tt == BUG_TRAP_TYPE_NONE) ? 9 : 0);
316 #ifdef PRINT_USER_FAULTS
317 if (unlikely(iir != GDB_BREAK_INSN)) {
318 printk(KERN_DEBUG "break %d,%d: pid=%d command='%s'\n",
319 iir & 31, (iir>>13) & ((1<<13)-1),
320 task_pid_nr(current), current->comm);
325 /* send standard GDB signal */
326 handle_gdb_break(regs, TRAP_BRKPT);
329 static void default_trap(int code, struct pt_regs *regs)
331 printk(KERN_ERR "Trap %d on CPU %d\n", code, smp_processor_id());
335 void (*cpu_lpmc) (int code, struct pt_regs *regs) __read_mostly = default_trap;
338 void transfer_pim_to_trap_frame(struct pt_regs *regs)
341 extern unsigned int hpmc_pim_data[];
342 struct pdc_hpmc_pim_11 *pim_narrow;
343 struct pdc_hpmc_pim_20 *pim_wide;
345 if (boot_cpu_data.cpu_type >= pcxu) {
347 pim_wide = (struct pdc_hpmc_pim_20 *)hpmc_pim_data;
350 * Note: The following code will probably generate a
351 * bunch of truncation error warnings from the compiler.
352 * Could be handled with an ifdef, but perhaps there
356 regs->gr[0] = pim_wide->cr[22];
358 for (i = 1; i < 32; i++)
359 regs->gr[i] = pim_wide->gr[i];
361 for (i = 0; i < 32; i++)
362 regs->fr[i] = pim_wide->fr[i];
364 for (i = 0; i < 8; i++)
365 regs->sr[i] = pim_wide->sr[i];
367 regs->iasq[0] = pim_wide->cr[17];
368 regs->iasq[1] = pim_wide->iasq_back;
369 regs->iaoq[0] = pim_wide->cr[18];
370 regs->iaoq[1] = pim_wide->iaoq_back;
372 regs->sar = pim_wide->cr[11];
373 regs->iir = pim_wide->cr[19];
374 regs->isr = pim_wide->cr[20];
375 regs->ior = pim_wide->cr[21];
378 pim_narrow = (struct pdc_hpmc_pim_11 *)hpmc_pim_data;
380 regs->gr[0] = pim_narrow->cr[22];
382 for (i = 1; i < 32; i++)
383 regs->gr[i] = pim_narrow->gr[i];
385 for (i = 0; i < 32; i++)
386 regs->fr[i] = pim_narrow->fr[i];
388 for (i = 0; i < 8; i++)
389 regs->sr[i] = pim_narrow->sr[i];
391 regs->iasq[0] = pim_narrow->cr[17];
392 regs->iasq[1] = pim_narrow->iasq_back;
393 regs->iaoq[0] = pim_narrow->cr[18];
394 regs->iaoq[1] = pim_narrow->iaoq_back;
396 regs->sar = pim_narrow->cr[11];
397 regs->iir = pim_narrow->cr[19];
398 regs->isr = pim_narrow->cr[20];
399 regs->ior = pim_narrow->cr[21];
403 * The following fields only have meaning if we came through
404 * another path. So just zero them here.
414 * This routine is called as a last resort when everything else
415 * has gone clearly wrong. We get called for faults in kernel space,
418 void parisc_terminate(char *msg, struct pt_regs *regs, int code, unsigned long offset)
420 static DEFINE_SPINLOCK(terminate_lock);
422 oops_in_progress = 1;
426 spin_lock(&terminate_lock);
428 /* unlock the pdc lock if necessary */
429 pdc_emergency_unlock();
431 /* restart pdc console if necessary */
432 if (!console_drivers)
433 pdc_console_restart();
435 /* Not all paths will gutter the processor... */
439 transfer_pim_to_trap_frame(regs);
449 /* show_stack(NULL, (unsigned long *)regs->gr[30]); */
450 struct unwind_frame_info info;
451 unwind_frame_init(&info, current, regs);
452 do_show_stack(&info);
456 printk(KERN_CRIT "%s: Code=%d regs=%p (Addr=" RFMT ")\n",
457 msg, code, regs, offset);
460 spin_unlock(&terminate_lock);
462 /* put soft power button back under hardware control;
463 * if the user had pressed it once at any time, the
464 * system will shut down immediately right here. */
465 pdc_soft_power_button(0);
467 /* Call kernel panic() so reboot timeouts work properly
468 * FIXME: This function should be on the list of
469 * panic notifiers, and we should call panic
470 * directly from the location that we wish.
471 * e.g. We should not call panic from
472 * parisc_terminate, but rather the oter way around.
473 * This hack works, prints the panic message twice,
474 * and it enables reboot timers!
479 void handle_interruption(int code, struct pt_regs *regs)
481 unsigned long fault_address = 0;
482 unsigned long fault_space = 0;
486 pdc_console_restart(); /* switch back to pdc if HPMC */
491 * If the priority level is still user, and the
492 * faulting space is not equal to the active space
493 * then the user is attempting something in a space
494 * that does not belong to them. Kill the process.
496 * This is normally the situation when the user
497 * attempts to jump into the kernel space at the
498 * wrong offset, be it at the gateway page or a
501 * We cannot normally signal the process because it
502 * could *be* on the gateway page, and processes
503 * executing on the gateway page can't have signals
506 * We merely readjust the address into the users
507 * space, at a destination address of zero, and
508 * allow processing to continue.
510 if (((unsigned long)regs->iaoq[0] & 3) &&
511 ((unsigned long)regs->iasq[0] != (unsigned long)regs->sr[7])) {
512 /* Kill the user process later */
513 regs->iaoq[0] = 0 | 3;
514 regs->iaoq[1] = regs->iaoq[0] + 4;
515 regs->iasq[0] = regs->iasq[0] = regs->sr[7];
516 regs->gr[0] &= ~PSW_B;
521 printk(KERN_CRIT "Interruption # %d\n", code);
527 /* High-priority machine check (HPMC) */
529 /* set up a new led state on systems shipped with a LED State panel */
530 pdc_chassis_send_status(PDC_CHASSIS_DIRECT_HPMC);
532 parisc_terminate("High Priority Machine Check (HPMC)",
537 /* Power failure interrupt */
538 printk(KERN_CRIT "Power failure interrupt !\n");
542 /* Recovery counter trap */
543 regs->gr[0] &= ~PSW_R;
544 if (user_space(regs))
545 handle_gdb_break(regs, TRAP_TRACE);
546 /* else this must be the start of a syscall - just let it run */
550 /* Low-priority machine check */
551 pdc_chassis_send_status(PDC_CHASSIS_DIRECT_LPMC);
559 /* Instruction TLB miss fault/Instruction page fault */
560 fault_address = regs->iaoq[0];
561 fault_space = regs->iasq[0];
565 /* Illegal instruction trap */
566 die_if_kernel("Illegal instruction", regs, code);
567 si.si_code = ILL_ILLOPC;
571 /* Break instruction trap */
576 /* Privileged operation trap */
577 die_if_kernel("Privileged operation", regs, code);
578 si.si_code = ILL_PRVOPC;
582 /* Privileged register trap */
583 if ((regs->iir & 0xffdfffe0) == 0x034008a0) {
585 /* This is a MFCTL cr26/cr27 to gr instruction.
586 * PCXS traps on this, so we need to emulate it.
589 if (regs->iir & 0x00200000)
590 regs->gr[regs->iir & 0x1f] = mfctl(27);
592 regs->gr[regs->iir & 0x1f] = mfctl(26);
594 regs->iaoq[0] = regs->iaoq[1];
596 regs->iasq[0] = regs->iasq[1];
600 die_if_kernel("Privileged register usage", regs, code);
601 si.si_code = ILL_PRVREG;
603 si.si_signo = SIGILL;
605 si.si_addr = (void __user *) regs->iaoq[0];
606 force_sig_info(SIGILL, &si, current);
610 /* Overflow Trap, let the userland signal handler do the cleanup */
611 si.si_signo = SIGFPE;
612 si.si_code = FPE_INTOVF;
613 si.si_addr = (void __user *) regs->iaoq[0];
614 force_sig_info(SIGFPE, &si, current);
619 The condition succeeds in an instruction which traps
622 si.si_signo = SIGFPE;
623 /* Set to zero, and let the userspace app figure it out from
624 the insn pointed to by si_addr */
626 si.si_addr = (void __user *) regs->iaoq[0];
627 force_sig_info(SIGFPE, &si, current);
630 /* The kernel doesn't want to handle condition codes */
634 /* Assist Exception Trap, i.e. floating point exception. */
635 die_if_kernel("Floating point exception", regs, 0); /* quiet */
640 /* Data TLB miss fault/Data page fault */
643 /* Non-access instruction TLB miss fault */
644 /* The instruction TLB entry needed for the target address of the FIC
645 is absent, and hardware can't find it, so we get to cleanup */
648 /* Non-access data TLB miss fault/Non-access data page fault */
650 Still need to add slow path emulation code here!
651 If the insn used a non-shadow register, then the tlb
652 handlers could not have their side-effect (e.g. probe
653 writing to a target register) emulated since rfir would
654 erase the changes to said register. Instead we have to
655 setup everything, call this function we are in, and emulate
656 by hand. Technically we need to emulate:
657 fdc,fdce,pdc,"fic,4f",prober,probeir,probew, probeiw
659 fault_address = regs->ior;
660 fault_space = regs->isr;
664 /* PCXS only -- later cpu's split this into types 26,27 & 28 */
665 /* Check for unaligned access */
666 if (check_unaligned(regs)) {
667 handle_unaligned(regs);
672 /* PCXL: Data memory access rights trap */
673 fault_address = regs->ior;
674 fault_space = regs->isr;
678 /* Data memory break trap */
679 regs->gr[0] |= PSW_X; /* So we can single-step over the trap */
682 /* Page reference trap */
683 handle_gdb_break(regs, TRAP_HWBKPT);
687 /* Taken branch trap */
688 regs->gr[0] &= ~PSW_T;
689 if (user_space(regs))
690 handle_gdb_break(regs, TRAP_BRANCH);
691 /* else this must be the start of a syscall - just let it
697 /* Instruction access rights */
698 /* PCXL: Instruction memory protection trap */
701 * This could be caused by either: 1) a process attempting
702 * to execute within a vma that does not have execute
703 * permission, or 2) an access rights violation caused by a
704 * flush only translation set up by ptep_get_and_clear().
705 * So we check the vma permissions to differentiate the two.
706 * If the vma indicates we have execute permission, then
707 * the cause is the latter one. In this case, we need to
708 * call do_page_fault() to fix the problem.
711 if (user_mode(regs)) {
712 struct vm_area_struct *vma;
714 down_read(¤t->mm->mmap_sem);
715 vma = find_vma(current->mm,regs->iaoq[0]);
716 if (vma && (regs->iaoq[0] >= vma->vm_start)
717 && (vma->vm_flags & VM_EXEC)) {
719 fault_address = regs->iaoq[0];
720 fault_space = regs->iasq[0];
722 up_read(¤t->mm->mmap_sem);
723 break; /* call do_page_fault() */
725 up_read(¤t->mm->mmap_sem);
729 /* Data memory protection ID trap */
730 die_if_kernel("Protection id trap", regs, code);
731 si.si_code = SEGV_MAPERR;
732 si.si_signo = SIGSEGV;
735 si.si_addr = (void __user *) regs->iaoq[0];
737 si.si_addr = (void __user *) regs->ior;
738 force_sig_info(SIGSEGV, &si, current);
742 /* Unaligned data reference trap */
743 handle_unaligned(regs);
747 if (user_mode(regs)) {
748 #ifdef PRINT_USER_FAULTS
749 printk(KERN_DEBUG "\nhandle_interruption() pid=%d command='%s'\n",
750 task_pid_nr(current), current->comm);
753 /* SIGBUS, for lack of a better one. */
754 si.si_signo = SIGBUS;
755 si.si_code = BUS_OBJERR;
757 si.si_addr = (void __user *) regs->ior;
758 force_sig_info(SIGBUS, &si, current);
761 pdc_chassis_send_status(PDC_CHASSIS_DIRECT_PANIC);
763 parisc_terminate("Unexpected interruption", regs, code, 0);
767 if (user_mode(regs)) {
768 if ((fault_space >> SPACEID_SHIFT) != (regs->sr[7] >> SPACEID_SHIFT)) {
769 #ifdef PRINT_USER_FAULTS
770 if (fault_space == 0)
771 printk(KERN_DEBUG "User Fault on Kernel Space ");
773 printk(KERN_DEBUG "User Fault (long pointer) (fault %d) ",
775 printk("pid=%d command='%s'\n", task_pid_nr(current), current->comm);
778 si.si_signo = SIGSEGV;
780 si.si_code = SEGV_MAPERR;
781 si.si_addr = (void __user *) regs->ior;
782 force_sig_info(SIGSEGV, &si, current);
789 * The kernel should never fault on its own address space.
792 if (fault_space == 0)
794 pdc_chassis_send_status(PDC_CHASSIS_DIRECT_PANIC);
795 parisc_terminate("Kernel Fault", regs, code, fault_address);
800 do_page_fault(regs, code, fault_address);
804 int __init check_ivt(void *iva)
806 extern const u32 os_hpmc[];
807 extern const u32 os_hpmc_end[];
815 if (strcmp((char *)iva, "cows can fly"))
820 for (i = 0; i < 8; i++)
823 /* Compute Checksum for HPMC handler */
825 length = os_hpmc_end - os_hpmc;
828 hpmcp = (u32 *)os_hpmc;
830 for (i=0; i<length/4; i++)
842 extern const void fault_vector_11;
844 extern const void fault_vector_20;
846 void __init trap_init(void)
850 if (boot_cpu_data.cpu_type >= pcxu)
851 iva = (void *) &fault_vector_20;
854 panic("Can't boot 64-bit OS on PA1.1 processor!");
856 iva = (void *) &fault_vector_11;
860 panic("IVT invalid");
projects / linux-2.6 / blob