2 * linux/arch/parisc/traps.c
4 * Copyright (C) 1991, 1992 Linus Torvalds
5 * Copyright (C) 1999, 2000 Philipp Rumpf <prumpf@tux.org>
9 * 'Traps.c' handles hardware traps and faults after we have saved some
13 #include <linux/sched.h>
14 #include <linux/kernel.h>
15 #include <linux/string.h>
16 #include <linux/errno.h>
17 #include <linux/ptrace.h>
18 #include <linux/timer.h>
19 #include <linux/delay.h>
21 #include <linux/module.h>
22 #include <linux/smp.h>
23 #include <linux/smp_lock.h>
24 #include <linux/spinlock.h>
25 #include <linux/init.h>
26 #include <linux/interrupt.h>
27 #include <linux/console.h>
28 #include <linux/kallsyms.h>
30 #include <asm/assembly.h>
31 #include <asm/system.h>
32 #include <asm/uaccess.h>
35 #include <asm/traps.h>
36 #include <asm/unaligned.h>
37 #include <asm/atomic.h>
40 #include <asm/pdc_chassis.h>
41 #include <asm/unwind.h>
43 #include "../math-emu/math-emu.h" /* for handle_fpe() */
45 #define PRINT_USER_FAULTS /* (turn this on if you want user faults to be */
46 /* dumped to the console via printk) */
48 #if defined(CONFIG_SMP) || defined(CONFIG_DEBUG_SPINLOCK)
49 DEFINE_SPINLOCK(pa_dbit_lock);
52 int printbinary(char *buf, unsigned long x, int nbits)
54 unsigned long mask = 1UL << (nbits - 1);
56 *buf++ = (mask & x ? '1' : '0');
69 #define FFMT "%016llx" /* fpregs are 64-bit always */
71 #define PRINTREGS(lvl,r,f,fmt,x) \
72 printk("%s%s%02d-%02d " fmt " " fmt " " fmt " " fmt "\n", \
73 lvl, f, (x), (x+3), (r)[(x)+0], (r)[(x)+1], \
74 (r)[(x)+2], (r)[(x)+3])
76 static void print_gr(char *level, struct pt_regs *regs)
81 printk("%s\n", level);
82 printk("%s YZrvWESTHLNXBCVMcbcbcbcbOGFRQPDI\n", level);
83 printbinary(buf, regs->gr[0], 32);
84 printk("%sPSW: %s %s\n", level, buf, print_tainted());
86 for (i = 0; i < 32; i += 4)
87 PRINTREGS(level, regs->gr, "r", RFMT, i);
90 static void print_fr(char *level, struct pt_regs *regs)
94 struct { u32 sw[2]; } s;
96 /* FR are 64bit everywhere. Need to use asm to get the content
97 * of fpsr/fper1, and we assume that we won't have a FP Identify
98 * in our way, otherwise we're screwed.
99 * The fldd is used to restore the T-bit if there was one, as the
100 * store clears it anyway.
101 * PA2.0 book says "thou shall not use fstw on FPSR/FPERs" - T-Bone */
102 asm volatile ("fstd %%fr0,0(%1) \n\t"
103 "fldd 0(%1),%%fr0 \n\t"
104 : "=m" (s) : "r" (&s) : "r0");
106 printk("%s\n", level);
107 printk("%s VZOUICununcqcqcqcqcqcrmunTDVZOUI\n", level);
108 printbinary(buf, s.sw[0], 32);
109 printk("%sFPSR: %s\n", level, buf);
110 printk("%sFPER1: %08x\n", level, s.sw[1]);
112 /* here we'll print fr0 again, tho it'll be meaningless */
113 for (i = 0; i < 32; i += 4)
114 PRINTREGS(level, regs->fr, "fr", FFMT, i);
117 void show_regs(struct pt_regs *regs)
121 unsigned long cr30, cr31;
123 level = user_mode(regs) ? KERN_DEBUG : KERN_CRIT;
125 print_gr(level, regs);
127 for (i = 0; i < 8; i += 4)
128 PRINTREGS(level, regs->sr, "sr", RFMT, i);
131 print_fr(level, regs);
135 printk("%s\n", level);
136 printk("%sIASQ: " RFMT " " RFMT " IAOQ: " RFMT " " RFMT "\n",
137 level, regs->iasq[0], regs->iasq[1], regs->iaoq[0], regs->iaoq[1]);
138 printk("%s IIR: %08lx ISR: " RFMT " IOR: " RFMT "\n",
139 level, regs->iir, regs->isr, regs->ior);
140 printk("%s CPU: %8d CR30: " RFMT " CR31: " RFMT "\n",
141 level, current_thread_info()->cpu, cr30, cr31);
142 printk("%s ORIG_R28: " RFMT "\n", level, regs->orig_r28);
144 print_symbol(" IAOQ[0]: %s\n", regs->iaoq[0]);
146 print_symbol(" IAOQ[1]: %s\n", regs->iaoq[1]);
148 print_symbol(" RP(r2): %s\n", regs->gr[2]);
152 void dump_stack(void)
154 show_stack(NULL, NULL);
157 EXPORT_SYMBOL(dump_stack);
159 static void do_show_stack(struct unwind_frame_info *info)
163 printk("Backtrace:\n");
165 if (unwind_once(info) < 0 || info->ip == 0)
168 if (__kernel_text_address(info->ip)) {
169 printk(" [<" RFMT ">] ", info->ip);
170 #ifdef CONFIG_KALLSYMS
171 print_symbol("%s\n", info->ip);
182 void show_stack(struct task_struct *task, unsigned long *s)
184 struct unwind_frame_info info;
191 asm volatile ("copy %%r30, %0" : "=r"(sp));
192 r = kzalloc(sizeof(struct pt_regs), GFP_KERNEL);
195 r->iaoq[0] = (unsigned long)&&HERE;
196 r->gr[2] = (unsigned long)__builtin_return_address(0);
198 unwind_frame_init(&info, current, r);
201 unwind_frame_init_from_blocked_task(&info, task);
204 do_show_stack(&info);
207 void die_if_kernel(char *str, struct pt_regs *regs, long err)
209 if (user_mode(regs)) {
213 printk(KERN_CRIT "%s (pid %d:#%u): %s (code %ld) at " RFMT "\n",
214 current->comm, current->pid, current->xid,
215 str, err, regs->iaoq[0]);
216 #ifdef PRINT_USER_FAULTS
217 /* XXX for debugging only */
223 oops_in_progress = 1;
225 /* Amuse the user in a SPARC fashion */
227 " _______________________________ \n"
228 " < Your System ate a SPARC! Gah! >\n"
229 " ------------------------------- \n"
231 " \\ (xx)\\_______\n"
236 /* unlock the pdc lock if necessary */
237 pdc_emergency_unlock();
239 /* maybe the kernel hasn't booted very far yet and hasn't been able
240 * to initialize the serial or STI console. In that case we should
241 * re-enable the pdc console, so that the user will be able to
242 * identify the problem. */
243 if (!console_drivers)
244 pdc_console_restart();
246 printk(KERN_CRIT "%s (pid %d:#%u): %s (code %ld)\n",
247 current->comm, current->pid, current->xid, str, err);
251 panic("Fatal exception in interrupt");
254 printk(KERN_EMERG "Fatal exception: panic in 5 seconds\n");
256 panic("Fatal exception");
259 /* Wot's wrong wif bein' racy? */
260 if (current->thread.flags & PARISC_KERNEL_DEATH) {
261 printk(KERN_CRIT "%s() recursion detected.\n", __FUNCTION__);
266 current->thread.flags |= PARISC_KERNEL_DEATH;
270 int syscall_ipi(int (*syscall) (struct pt_regs *), struct pt_regs *regs)
272 return syscall(regs);
275 /* gdb uses break 4,8 */
276 #define GDB_BREAK_INSN 0x10004
277 void handle_gdb_break(struct pt_regs *regs, int wot)
282 si.si_addr = (void __user *) (regs->iaoq[0] & ~3);
283 si.si_signo = SIGTRAP;
285 force_sig_info(SIGTRAP, &si, current);
288 void handle_break(unsigned iir, struct pt_regs *regs)
294 #ifdef PRINT_USER_FAULTS
295 printk(KERN_DEBUG "break 0,0: pid=%d command='%s'\n",
296 current->pid, current->comm);
298 die_if_kernel("Breakpoint", regs, 0);
299 #ifdef PRINT_USER_FAULTS
302 si.si_code = TRAP_BRKPT;
303 si.si_addr = (void __user *) (regs->iaoq[0] & ~3);
304 si.si_signo = SIGTRAP;
305 force_sig_info(SIGTRAP, &si, current);
309 die_if_kernel("Breakpoint", regs, 0);
310 handle_gdb_break(regs, TRAP_BRKPT);
314 #ifdef PRINT_USER_FAULTS
315 printk(KERN_DEBUG "break %#08x: pid=%d command='%s'\n",
316 iir, current->pid, current->comm);
319 si.si_signo = SIGTRAP;
320 si.si_code = TRAP_BRKPT;
321 si.si_addr = (void __user *) (regs->iaoq[0] & ~3);
322 force_sig_info(SIGTRAP, &si, current);
330 printk(KERN_CRIT "TOC call.\n");
334 static void default_trap(int code, struct pt_regs *regs)
336 printk(KERN_ERR "Trap %d on CPU %d\n", code, smp_processor_id());
340 void (*cpu_lpmc) (int code, struct pt_regs *regs) = default_trap;
343 void transfer_pim_to_trap_frame(struct pt_regs *regs)
346 extern unsigned int hpmc_pim_data[];
347 struct pdc_hpmc_pim_11 *pim_narrow;
348 struct pdc_hpmc_pim_20 *pim_wide;
350 if (boot_cpu_data.cpu_type >= pcxu) {
352 pim_wide = (struct pdc_hpmc_pim_20 *)hpmc_pim_data;
355 * Note: The following code will probably generate a
356 * bunch of truncation error warnings from the compiler.
357 * Could be handled with an ifdef, but perhaps there
361 regs->gr[0] = pim_wide->cr[22];
363 for (i = 1; i < 32; i++)
364 regs->gr[i] = pim_wide->gr[i];
366 for (i = 0; i < 32; i++)
367 regs->fr[i] = pim_wide->fr[i];
369 for (i = 0; i < 8; i++)
370 regs->sr[i] = pim_wide->sr[i];
372 regs->iasq[0] = pim_wide->cr[17];
373 regs->iasq[1] = pim_wide->iasq_back;
374 regs->iaoq[0] = pim_wide->cr[18];
375 regs->iaoq[1] = pim_wide->iaoq_back;
377 regs->sar = pim_wide->cr[11];
378 regs->iir = pim_wide->cr[19];
379 regs->isr = pim_wide->cr[20];
380 regs->ior = pim_wide->cr[21];
383 pim_narrow = (struct pdc_hpmc_pim_11 *)hpmc_pim_data;
385 regs->gr[0] = pim_narrow->cr[22];
387 for (i = 1; i < 32; i++)
388 regs->gr[i] = pim_narrow->gr[i];
390 for (i = 0; i < 32; i++)
391 regs->fr[i] = pim_narrow->fr[i];
393 for (i = 0; i < 8; i++)
394 regs->sr[i] = pim_narrow->sr[i];
396 regs->iasq[0] = pim_narrow->cr[17];
397 regs->iasq[1] = pim_narrow->iasq_back;
398 regs->iaoq[0] = pim_narrow->cr[18];
399 regs->iaoq[1] = pim_narrow->iaoq_back;
401 regs->sar = pim_narrow->cr[11];
402 regs->iir = pim_narrow->cr[19];
403 regs->isr = pim_narrow->cr[20];
404 regs->ior = pim_narrow->cr[21];
408 * The following fields only have meaning if we came through
409 * another path. So just zero them here.
419 * This routine is called as a last resort when everything else
420 * has gone clearly wrong. We get called for faults in kernel space,
423 void parisc_terminate(char *msg, struct pt_regs *regs, int code, unsigned long offset)
425 static DEFINE_SPINLOCK(terminate_lock);
427 oops_in_progress = 1;
431 spin_lock(&terminate_lock);
433 /* unlock the pdc lock if necessary */
434 pdc_emergency_unlock();
436 /* restart pdc console if necessary */
437 if (!console_drivers)
438 pdc_console_restart();
440 /* Not all paths will gutter the processor... */
444 transfer_pim_to_trap_frame(regs);
454 /* show_stack(NULL, (unsigned long *)regs->gr[30]); */
455 struct unwind_frame_info info;
456 unwind_frame_init(&info, current, regs);
457 do_show_stack(&info);
461 printk(KERN_CRIT "%s: Code=%d regs=%p (Addr=" RFMT ")\n",
462 msg, code, regs, offset);
465 spin_unlock(&terminate_lock);
467 /* put soft power button back under hardware control;
468 * if the user had pressed it once at any time, the
469 * system will shut down immediately right here. */
470 pdc_soft_power_button(0);
472 /* Call kernel panic() so reboot timeouts work properly
473 * FIXME: This function should be on the list of
474 * panic notifiers, and we should call panic
475 * directly from the location that we wish.
476 * e.g. We should not call panic from
477 * parisc_terminate, but rather the oter way around.
478 * This hack works, prints the panic message twice,
479 * and it enables reboot timers!
484 void handle_interruption(int code, struct pt_regs *regs)
486 unsigned long fault_address = 0;
487 unsigned long fault_space = 0;
491 pdc_console_restart(); /* switch back to pdc if HPMC */
496 * If the priority level is still user, and the
497 * faulting space is not equal to the active space
498 * then the user is attempting something in a space
499 * that does not belong to them. Kill the process.
501 * This is normally the situation when the user
502 * attempts to jump into the kernel space at the
503 * wrong offset, be it at the gateway page or a
506 * We cannot normally signal the process because it
507 * could *be* on the gateway page, and processes
508 * executing on the gateway page can't have signals
511 * We merely readjust the address into the users
512 * space, at a destination address of zero, and
513 * allow processing to continue.
515 if (((unsigned long)regs->iaoq[0] & 3) &&
516 ((unsigned long)regs->iasq[0] != (unsigned long)regs->sr[7])) {
517 /* Kill the user process later */
518 regs->iaoq[0] = 0 | 3;
519 regs->iaoq[1] = regs->iaoq[0] + 4;
520 regs->iasq[0] = regs->iasq[0] = regs->sr[7];
521 regs->gr[0] &= ~PSW_B;
526 printk(KERN_CRIT "Interruption # %d\n", code);
532 /* High-priority machine check (HPMC) */
534 /* set up a new led state on systems shipped with a LED State panel */
535 pdc_chassis_send_status(PDC_CHASSIS_DIRECT_HPMC);
537 parisc_terminate("High Priority Machine Check (HPMC)",
542 /* Power failure interrupt */
543 printk(KERN_CRIT "Power failure interrupt !\n");
547 /* Recovery counter trap */
548 regs->gr[0] &= ~PSW_R;
549 if (user_space(regs))
550 handle_gdb_break(regs, TRAP_TRACE);
551 /* else this must be the start of a syscall - just let it run */
555 /* Low-priority machine check */
556 pdc_chassis_send_status(PDC_CHASSIS_DIRECT_LPMC);
563 /* Instruction TLB miss fault/Instruction page fault */
564 fault_address = regs->iaoq[0];
565 fault_space = regs->iasq[0];
569 /* Illegal instruction trap */
570 die_if_kernel("Illegal instruction", regs, code);
571 si.si_code = ILL_ILLOPC;
575 /* Break instruction trap */
576 handle_break(regs->iir,regs);
580 /* Privileged operation trap */
581 die_if_kernel("Privileged operation", regs, code);
582 si.si_code = ILL_PRVOPC;
586 /* Privileged register trap */
587 if ((regs->iir & 0xffdfffe0) == 0x034008a0) {
589 /* This is a MFCTL cr26/cr27 to gr instruction.
590 * PCXS traps on this, so we need to emulate it.
593 if (regs->iir & 0x00200000)
594 regs->gr[regs->iir & 0x1f] = mfctl(27);
596 regs->gr[regs->iir & 0x1f] = mfctl(26);
598 regs->iaoq[0] = regs->iaoq[1];
600 regs->iasq[0] = regs->iasq[1];
604 die_if_kernel("Privileged register usage", regs, code);
605 si.si_code = ILL_PRVREG;
607 si.si_signo = SIGILL;
609 si.si_addr = (void __user *) regs->iaoq[0];
610 force_sig_info(SIGILL, &si, current);
614 /* Overflow Trap, let the userland signal handler do the cleanup */
615 si.si_signo = SIGFPE;
616 si.si_code = FPE_INTOVF;
617 si.si_addr = (void __user *) regs->iaoq[0];
618 force_sig_info(SIGFPE, &si, current);
623 The condition succees in an instruction which traps
626 si.si_signo = SIGFPE;
627 /* Set to zero, and let the userspace app figure it out from
628 the insn pointed to by si_addr */
630 si.si_addr = (void __user *) regs->iaoq[0];
631 force_sig_info(SIGFPE, &si, current);
634 /* The kernel doesn't want to handle condition codes */
638 /* Assist Exception Trap, i.e. floating point exception. */
639 die_if_kernel("Floating point exception", regs, 0); /* quiet */
644 /* Data TLB miss fault/Data page fault */
647 /* Non-access instruction TLB miss fault */
648 /* The instruction TLB entry needed for the target address of the FIC
649 is absent, and hardware can't find it, so we get to cleanup */
652 /* Non-access data TLB miss fault/Non-access data page fault */
654 Still need to add slow path emulation code here!
655 If the insn used a non-shadow register, then the tlb
656 handlers could not have their side-effect (e.g. probe
657 writing to a target register) emulated since rfir would
658 erase the changes to said register. Instead we have to
659 setup everything, call this function we are in, and emulate
660 by hand. Technically we need to emulate:
661 fdc,fdce,pdc,"fic,4f",prober,probeir,probew, probeiw
663 fault_address = regs->ior;
664 fault_space = regs->isr;
668 /* PCXS only -- later cpu's split this into types 26,27 & 28 */
669 /* Check for unaligned access */
670 if (check_unaligned(regs)) {
671 handle_unaligned(regs);
676 /* PCXL: Data memory access rights trap */
677 fault_address = regs->ior;
678 fault_space = regs->isr;
682 /* Data memory break trap */
683 regs->gr[0] |= PSW_X; /* So we can single-step over the trap */
686 /* Page reference trap */
687 handle_gdb_break(regs, TRAP_HWBKPT);
691 /* Taken branch trap */
692 regs->gr[0] &= ~PSW_T;
693 if (user_space(regs))
694 handle_gdb_break(regs, TRAP_BRANCH);
695 /* else this must be the start of a syscall - just let it
701 /* Instruction access rights */
702 /* PCXL: Instruction memory protection trap */
705 * This could be caused by either: 1) a process attempting
706 * to execute within a vma that does not have execute
707 * permission, or 2) an access rights violation caused by a
708 * flush only translation set up by ptep_get_and_clear().
709 * So we check the vma permissions to differentiate the two.
710 * If the vma indicates we have execute permission, then
711 * the cause is the latter one. In this case, we need to
712 * call do_page_fault() to fix the problem.
715 if (user_mode(regs)) {
716 struct vm_area_struct *vma;
718 down_read(¤t->mm->mmap_sem);
719 vma = find_vma(current->mm,regs->iaoq[0]);
720 if (vma && (regs->iaoq[0] >= vma->vm_start)
721 && (vma->vm_flags & VM_EXEC)) {
723 fault_address = regs->iaoq[0];
724 fault_space = regs->iasq[0];
726 up_read(¤t->mm->mmap_sem);
727 break; /* call do_page_fault() */
729 up_read(¤t->mm->mmap_sem);
733 /* Data memory protection ID trap */
734 die_if_kernel("Protection id trap", regs, code);
735 si.si_code = SEGV_MAPERR;
736 si.si_signo = SIGSEGV;
739 si.si_addr = (void __user *) regs->iaoq[0];
741 si.si_addr = (void __user *) regs->ior;
742 force_sig_info(SIGSEGV, &si, current);
746 /* Unaligned data reference trap */
747 handle_unaligned(regs);
751 if (user_mode(regs)) {
752 #ifdef PRINT_USER_FAULTS
753 printk(KERN_DEBUG "\nhandle_interruption() pid=%d command='%s'\n",
754 current->pid, current->comm);
757 /* SIGBUS, for lack of a better one. */
758 si.si_signo = SIGBUS;
759 si.si_code = BUS_OBJERR;
761 si.si_addr = (void __user *) regs->ior;
762 force_sig_info(SIGBUS, &si, current);
765 pdc_chassis_send_status(PDC_CHASSIS_DIRECT_PANIC);
767 parisc_terminate("Unexpected interruption", regs, code, 0);
771 if (user_mode(regs)) {
772 if ((fault_space >> SPACEID_SHIFT) != (regs->sr[7] >> SPACEID_SHIFT)) {
773 #ifdef PRINT_USER_FAULTS
774 if (fault_space == 0)
775 printk(KERN_DEBUG "User Fault on Kernel Space ");
777 printk(KERN_DEBUG "User Fault (long pointer) (fault %d) ",
779 printk("pid=%d command='%s'\n", current->pid, current->comm);
782 si.si_signo = SIGSEGV;
784 si.si_code = SEGV_MAPERR;
785 si.si_addr = (void __user *) regs->ior;
786 force_sig_info(SIGSEGV, &si, current);
793 * The kernel should never fault on its own address space.
796 if (fault_space == 0)
798 pdc_chassis_send_status(PDC_CHASSIS_DIRECT_PANIC);
799 parisc_terminate("Kernel Fault", regs, code, fault_address);
804 do_page_fault(regs, code, fault_address);
808 int __init check_ivt(void *iva)
815 extern void os_hpmc(void);
816 extern void os_hpmc_end(void);
818 if (strcmp((char *)iva, "cows can fly"))
823 for (i = 0; i < 8; i++)
826 /* Compute Checksum for HPMC handler */
828 length = (u32)((unsigned long)os_hpmc_end - (unsigned long)os_hpmc);
831 hpmcp = (u32 *)os_hpmc;
833 for (i=0; i<length/4; i++)
845 extern const void fault_vector_11;
847 extern const void fault_vector_20;
849 void __init trap_init(void)
853 if (boot_cpu_data.cpu_type >= pcxu)
854 iva = (void *) &fault_vector_20;
857 panic("Can't boot 64-bit OS on PA1.1 processor!");
859 iva = (void *) &fault_vector_11;
863 panic("IVT invalid");