traps.c (30351B)
1/* 2 * linux/arch/m68k/kernel/traps.c 3 * 4 * Copyright (C) 1993, 1994 by Hamish Macdonald 5 * 6 * 68040 fixes by Michael Rausch 7 * 68040 fixes by Martin Apel 8 * 68040 fixes and writeback by Richard Zidlicky 9 * 68060 fixes by Roman Hodek 10 * 68060 fixes by Jesper Skov 11 * 12 * This file is subject to the terms and conditions of the GNU General Public 13 * License. See the file COPYING in the main directory of this archive 14 * for more details. 15 */ 16 17/* 18 * Sets up all exception vectors 19 */ 20 21#include <linux/sched.h> 22#include <linux/sched/debug.h> 23#include <linux/signal.h> 24#include <linux/kernel.h> 25#include <linux/mm.h> 26#include <linux/module.h> 27#include <linux/user.h> 28#include <linux/string.h> 29#include <linux/linkage.h> 30#include <linux/init.h> 31#include <linux/ptrace.h> 32#include <linux/kallsyms.h> 33 34#include <asm/setup.h> 35#include <asm/fpu.h> 36#include <linux/uaccess.h> 37#include <asm/traps.h> 38#include <asm/machdep.h> 39#include <asm/siginfo.h> 40#include <asm/tlbflush.h> 41 42static const char *vec_names[] = { 43 [VEC_RESETSP] = "RESET SP", 44 [VEC_RESETPC] = "RESET PC", 45 [VEC_BUSERR] = "BUS ERROR", 46 [VEC_ADDRERR] = "ADDRESS ERROR", 47 [VEC_ILLEGAL] = "ILLEGAL INSTRUCTION", 48 [VEC_ZERODIV] = "ZERO DIVIDE", 49 [VEC_CHK] = "CHK", 50 [VEC_TRAP] = "TRAPcc", 51 [VEC_PRIV] = "PRIVILEGE VIOLATION", 52 [VEC_TRACE] = "TRACE", 53 [VEC_LINE10] = "LINE 1010", 54 [VEC_LINE11] = "LINE 1111", 55 [VEC_RESV12] = "UNASSIGNED RESERVED 12", 56 [VEC_COPROC] = "COPROCESSOR PROTOCOL VIOLATION", 57 [VEC_FORMAT] = "FORMAT ERROR", 58 [VEC_UNINT] = "UNINITIALIZED INTERRUPT", 59 [VEC_RESV16] = "UNASSIGNED RESERVED 16", 60 [VEC_RESV17] = "UNASSIGNED RESERVED 17", 61 [VEC_RESV18] = "UNASSIGNED RESERVED 18", 62 [VEC_RESV19] = "UNASSIGNED RESERVED 19", 63 [VEC_RESV20] = "UNASSIGNED RESERVED 20", 64 [VEC_RESV21] = "UNASSIGNED RESERVED 21", 65 [VEC_RESV22] = "UNASSIGNED RESERVED 22", 66 [VEC_RESV23] = "UNASSIGNED RESERVED 23", 67 [VEC_SPUR] = "SPURIOUS INTERRUPT", 68 [VEC_INT1] = "LEVEL 1 INT", 69 [VEC_INT2] = "LEVEL 2 INT", 70 [VEC_INT3] = "LEVEL 3 INT", 71 [VEC_INT4] = "LEVEL 4 INT", 72 [VEC_INT5] = "LEVEL 5 INT", 73 [VEC_INT6] = "LEVEL 6 INT", 74 [VEC_INT7] = "LEVEL 7 INT", 75 [VEC_SYS] = "SYSCALL", 76 [VEC_TRAP1] = "TRAP #1", 77 [VEC_TRAP2] = "TRAP #2", 78 [VEC_TRAP3] = "TRAP #3", 79 [VEC_TRAP4] = "TRAP #4", 80 [VEC_TRAP5] = "TRAP #5", 81 [VEC_TRAP6] = "TRAP #6", 82 [VEC_TRAP7] = "TRAP #7", 83 [VEC_TRAP8] = "TRAP #8", 84 [VEC_TRAP9] = "TRAP #9", 85 [VEC_TRAP10] = "TRAP #10", 86 [VEC_TRAP11] = "TRAP #11", 87 [VEC_TRAP12] = "TRAP #12", 88 [VEC_TRAP13] = "TRAP #13", 89 [VEC_TRAP14] = "TRAP #14", 90 [VEC_TRAP15] = "TRAP #15", 91 [VEC_FPBRUC] = "FPCP BSUN", 92 [VEC_FPIR] = "FPCP INEXACT", 93 [VEC_FPDIVZ] = "FPCP DIV BY 0", 94 [VEC_FPUNDER] = "FPCP UNDERFLOW", 95 [VEC_FPOE] = "FPCP OPERAND ERROR", 96 [VEC_FPOVER] = "FPCP OVERFLOW", 97 [VEC_FPNAN] = "FPCP SNAN", 98 [VEC_FPUNSUP] = "FPCP UNSUPPORTED OPERATION", 99 [VEC_MMUCFG] = "MMU CONFIGURATION ERROR", 100 [VEC_MMUILL] = "MMU ILLEGAL OPERATION ERROR", 101 [VEC_MMUACC] = "MMU ACCESS LEVEL VIOLATION ERROR", 102 [VEC_RESV59] = "UNASSIGNED RESERVED 59", 103 [VEC_UNIMPEA] = "UNASSIGNED RESERVED 60", 104 [VEC_UNIMPII] = "UNASSIGNED RESERVED 61", 105 [VEC_RESV62] = "UNASSIGNED RESERVED 62", 106 [VEC_RESV63] = "UNASSIGNED RESERVED 63", 107}; 108 109static const char *space_names[] = { 110 [0] = "Space 0", 111 [USER_DATA] = "User Data", 112 [USER_PROGRAM] = "User Program", 113#ifndef CONFIG_SUN3 114 [3] = "Space 3", 115#else 116 [FC_CONTROL] = "Control", 117#endif 118 [4] = "Space 4", 119 [SUPER_DATA] = "Super Data", 120 [SUPER_PROGRAM] = "Super Program", 121 [CPU_SPACE] = "CPU" 122}; 123 124void die_if_kernel(char *,struct pt_regs *,int); 125asmlinkage int do_page_fault(struct pt_regs *regs, unsigned long address, 126 unsigned long error_code); 127int send_fault_sig(struct pt_regs *regs); 128 129asmlinkage void trap_c(struct frame *fp); 130 131#if defined (CONFIG_M68060) 132static inline void access_error060 (struct frame *fp) 133{ 134 unsigned long fslw = fp->un.fmt4.pc; /* is really FSLW for access error */ 135 136 pr_debug("fslw=%#lx, fa=%#lx\n", fslw, fp->un.fmt4.effaddr); 137 138 if (fslw & MMU060_BPE) { 139 /* branch prediction error -> clear branch cache */ 140 __asm__ __volatile__ ("movec %/cacr,%/d0\n\t" 141 "orl #0x00400000,%/d0\n\t" 142 "movec %/d0,%/cacr" 143 : : : "d0" ); 144 /* return if there's no other error */ 145 if (!(fslw & MMU060_ERR_BITS) && !(fslw & MMU060_SEE)) 146 return; 147 } 148 149 if (fslw & (MMU060_DESC_ERR | MMU060_WP | MMU060_SP)) { 150 unsigned long errorcode; 151 unsigned long addr = fp->un.fmt4.effaddr; 152 153 if (fslw & MMU060_MA) 154 addr = (addr + PAGE_SIZE - 1) & PAGE_MASK; 155 156 errorcode = 1; 157 if (fslw & MMU060_DESC_ERR) { 158 __flush_tlb040_one(addr); 159 errorcode = 0; 160 } 161 if (fslw & MMU060_W) 162 errorcode |= 2; 163 pr_debug("errorcode = %ld\n", errorcode); 164 do_page_fault(&fp->ptregs, addr, errorcode); 165 } else if (fslw & (MMU060_SEE)){ 166 /* Software Emulation Error. 167 * fault during mem_read/mem_write in ifpsp060/os.S 168 */ 169 send_fault_sig(&fp->ptregs); 170 } else if (!(fslw & (MMU060_RE|MMU060_WE)) || 171 send_fault_sig(&fp->ptregs) > 0) { 172 pr_err("pc=%#lx, fa=%#lx\n", fp->ptregs.pc, 173 fp->un.fmt4.effaddr); 174 pr_err("68060 access error, fslw=%lx\n", fslw); 175 trap_c( fp ); 176 } 177} 178#endif /* CONFIG_M68060 */ 179 180#if defined (CONFIG_M68040) 181static inline unsigned long probe040(int iswrite, unsigned long addr, int wbs) 182{ 183 unsigned long mmusr; 184 185 set_fc(wbs); 186 187 if (iswrite) 188 asm volatile (".chip 68040; ptestw (%0); .chip 68k" : : "a" (addr)); 189 else 190 asm volatile (".chip 68040; ptestr (%0); .chip 68k" : : "a" (addr)); 191 192 asm volatile (".chip 68040; movec %%mmusr,%0; .chip 68k" : "=r" (mmusr)); 193 194 set_fc(USER_DATA); 195 196 return mmusr; 197} 198 199static inline int do_040writeback1(unsigned short wbs, unsigned long wba, 200 unsigned long wbd) 201{ 202 int res = 0; 203 204 set_fc(wbs); 205 206 switch (wbs & WBSIZ_040) { 207 case BA_SIZE_BYTE: 208 res = put_user(wbd & 0xff, (char __user *)wba); 209 break; 210 case BA_SIZE_WORD: 211 res = put_user(wbd & 0xffff, (short __user *)wba); 212 break; 213 case BA_SIZE_LONG: 214 res = put_user(wbd, (int __user *)wba); 215 break; 216 } 217 218 set_fc(USER_DATA); 219 220 pr_debug("do_040writeback1, res=%d\n", res); 221 222 return res; 223} 224 225/* after an exception in a writeback the stack frame corresponding 226 * to that exception is discarded, set a few bits in the old frame 227 * to simulate what it should look like 228 */ 229static inline void fix_xframe040(struct frame *fp, unsigned long wba, unsigned short wbs) 230{ 231 fp->un.fmt7.faddr = wba; 232 fp->un.fmt7.ssw = wbs & 0xff; 233 if (wba != current->thread.faddr) 234 fp->un.fmt7.ssw |= MA_040; 235} 236 237static inline void do_040writebacks(struct frame *fp) 238{ 239 int res = 0; 240#if 0 241 if (fp->un.fmt7.wb1s & WBV_040) 242 pr_err("access_error040: cannot handle 1st writeback. oops.\n"); 243#endif 244 245 if ((fp->un.fmt7.wb2s & WBV_040) && 246 !(fp->un.fmt7.wb2s & WBTT_040)) { 247 res = do_040writeback1(fp->un.fmt7.wb2s, fp->un.fmt7.wb2a, 248 fp->un.fmt7.wb2d); 249 if (res) 250 fix_xframe040(fp, fp->un.fmt7.wb2a, fp->un.fmt7.wb2s); 251 else 252 fp->un.fmt7.wb2s = 0; 253 } 254 255 /* do the 2nd wb only if the first one was successful (except for a kernel wb) */ 256 if (fp->un.fmt7.wb3s & WBV_040 && (!res || fp->un.fmt7.wb3s & 4)) { 257 res = do_040writeback1(fp->un.fmt7.wb3s, fp->un.fmt7.wb3a, 258 fp->un.fmt7.wb3d); 259 if (res) 260 { 261 fix_xframe040(fp, fp->un.fmt7.wb3a, fp->un.fmt7.wb3s); 262 263 fp->un.fmt7.wb2s = fp->un.fmt7.wb3s; 264 fp->un.fmt7.wb3s &= (~WBV_040); 265 fp->un.fmt7.wb2a = fp->un.fmt7.wb3a; 266 fp->un.fmt7.wb2d = fp->un.fmt7.wb3d; 267 } 268 else 269 fp->un.fmt7.wb3s = 0; 270 } 271 272 if (res) 273 send_fault_sig(&fp->ptregs); 274} 275 276/* 277 * called from sigreturn(), must ensure userspace code didn't 278 * manipulate exception frame to circumvent protection, then complete 279 * pending writebacks 280 * we just clear TM2 to turn it into a userspace access 281 */ 282asmlinkage void berr_040cleanup(struct frame *fp) 283{ 284 fp->un.fmt7.wb2s &= ~4; 285 fp->un.fmt7.wb3s &= ~4; 286 287 do_040writebacks(fp); 288} 289 290static inline void access_error040(struct frame *fp) 291{ 292 unsigned short ssw = fp->un.fmt7.ssw; 293 unsigned long mmusr; 294 295 pr_debug("ssw=%#x, fa=%#lx\n", ssw, fp->un.fmt7.faddr); 296 pr_debug("wb1s=%#x, wb2s=%#x, wb3s=%#x\n", fp->un.fmt7.wb1s, 297 fp->un.fmt7.wb2s, fp->un.fmt7.wb3s); 298 pr_debug("wb2a=%lx, wb3a=%lx, wb2d=%lx, wb3d=%lx\n", 299 fp->un.fmt7.wb2a, fp->un.fmt7.wb3a, 300 fp->un.fmt7.wb2d, fp->un.fmt7.wb3d); 301 302 if (ssw & ATC_040) { 303 unsigned long addr = fp->un.fmt7.faddr; 304 unsigned long errorcode; 305 306 /* 307 * The MMU status has to be determined AFTER the address 308 * has been corrected if there was a misaligned access (MA). 309 */ 310 if (ssw & MA_040) 311 addr = (addr + 7) & -8; 312 313 /* MMU error, get the MMUSR info for this access */ 314 mmusr = probe040(!(ssw & RW_040), addr, ssw); 315 pr_debug("mmusr = %lx\n", mmusr); 316 errorcode = 1; 317 if (!(mmusr & MMU_R_040)) { 318 /* clear the invalid atc entry */ 319 __flush_tlb040_one(addr); 320 errorcode = 0; 321 } 322 323 /* despite what documentation seems to say, RMW 324 * accesses have always both the LK and RW bits set */ 325 if (!(ssw & RW_040) || (ssw & LK_040)) 326 errorcode |= 2; 327 328 if (do_page_fault(&fp->ptregs, addr, errorcode)) { 329 pr_debug("do_page_fault() !=0\n"); 330 if (user_mode(&fp->ptregs)){ 331 /* delay writebacks after signal delivery */ 332 pr_debug(".. was usermode - return\n"); 333 return; 334 } 335 /* disable writeback into user space from kernel 336 * (if do_page_fault didn't fix the mapping, 337 * the writeback won't do good) 338 */ 339disable_wb: 340 pr_debug(".. disabling wb2\n"); 341 if (fp->un.fmt7.wb2a == fp->un.fmt7.faddr) 342 fp->un.fmt7.wb2s &= ~WBV_040; 343 if (fp->un.fmt7.wb3a == fp->un.fmt7.faddr) 344 fp->un.fmt7.wb3s &= ~WBV_040; 345 } 346 } else { 347 /* In case of a bus error we either kill the process or expect 348 * the kernel to catch the fault, which then is also responsible 349 * for cleaning up the mess. 350 */ 351 current->thread.signo = SIGBUS; 352 current->thread.faddr = fp->un.fmt7.faddr; 353 if (send_fault_sig(&fp->ptregs) >= 0) 354 pr_err("68040 bus error (ssw=%x, faddr=%lx)\n", ssw, 355 fp->un.fmt7.faddr); 356 goto disable_wb; 357 } 358 359 do_040writebacks(fp); 360} 361#endif /* CONFIG_M68040 */ 362 363#if defined(CONFIG_SUN3) 364#include <asm/sun3mmu.h> 365 366extern int mmu_emu_handle_fault (unsigned long, int, int); 367 368/* sun3 version of bus_error030 */ 369 370static inline void bus_error030 (struct frame *fp) 371{ 372 unsigned char buserr_type = sun3_get_buserr (); 373 unsigned long addr, errorcode; 374 unsigned short ssw = fp->un.fmtb.ssw; 375 extern unsigned long _sun3_map_test_start, _sun3_map_test_end; 376 377 if (ssw & (FC | FB)) 378 pr_debug("Instruction fault at %#010lx\n", 379 ssw & FC ? 380 fp->ptregs.format == 0xa ? fp->ptregs.pc + 2 : fp->un.fmtb.baddr - 2 381 : 382 fp->ptregs.format == 0xa ? fp->ptregs.pc + 4 : fp->un.fmtb.baddr); 383 if (ssw & DF) 384 pr_debug("Data %s fault at %#010lx in %s (pc=%#lx)\n", 385 ssw & RW ? "read" : "write", 386 fp->un.fmtb.daddr, 387 space_names[ssw & DFC], fp->ptregs.pc); 388 389 /* 390 * Check if this page should be demand-mapped. This needs to go before 391 * the testing for a bad kernel-space access (demand-mapping applies 392 * to kernel accesses too). 393 */ 394 395 if ((ssw & DF) 396 && (buserr_type & (SUN3_BUSERR_PROTERR | SUN3_BUSERR_INVALID))) { 397 if (mmu_emu_handle_fault (fp->un.fmtb.daddr, ssw & RW, 0)) 398 return; 399 } 400 401 /* Check for kernel-space pagefault (BAD). */ 402 if (fp->ptregs.sr & PS_S) { 403 /* kernel fault must be a data fault to user space */ 404 if (! ((ssw & DF) && ((ssw & DFC) == USER_DATA))) { 405 // try checking the kernel mappings before surrender 406 if (mmu_emu_handle_fault (fp->un.fmtb.daddr, ssw & RW, 1)) 407 return; 408 /* instruction fault or kernel data fault! */ 409 if (ssw & (FC | FB)) 410 pr_err("Instruction fault at %#010lx\n", 411 fp->ptregs.pc); 412 if (ssw & DF) { 413 /* was this fault incurred testing bus mappings? */ 414 if((fp->ptregs.pc >= (unsigned long)&_sun3_map_test_start) && 415 (fp->ptregs.pc <= (unsigned long)&_sun3_map_test_end)) { 416 send_fault_sig(&fp->ptregs); 417 return; 418 } 419 420 pr_err("Data %s fault at %#010lx in %s (pc=%#lx)\n", 421 ssw & RW ? "read" : "write", 422 fp->un.fmtb.daddr, 423 space_names[ssw & DFC], fp->ptregs.pc); 424 } 425 pr_err("BAD KERNEL BUSERR\n"); 426 427 die_if_kernel("Oops", &fp->ptregs,0); 428 force_sig(SIGKILL); 429 return; 430 } 431 } else { 432 /* user fault */ 433 if (!(ssw & (FC | FB)) && !(ssw & DF)) 434 /* not an instruction fault or data fault! BAD */ 435 panic ("USER BUSERR w/o instruction or data fault"); 436 } 437 438 439 /* First handle the data fault, if any. */ 440 if (ssw & DF) { 441 addr = fp->un.fmtb.daddr; 442 443// errorcode bit 0: 0 -> no page 1 -> protection fault 444// errorcode bit 1: 0 -> read fault 1 -> write fault 445 446// (buserr_type & SUN3_BUSERR_PROTERR) -> protection fault 447// (buserr_type & SUN3_BUSERR_INVALID) -> invalid page fault 448 449 if (buserr_type & SUN3_BUSERR_PROTERR) 450 errorcode = 0x01; 451 else if (buserr_type & SUN3_BUSERR_INVALID) 452 errorcode = 0x00; 453 else { 454 pr_debug("*** unexpected busfault type=%#04x\n", 455 buserr_type); 456 pr_debug("invalid %s access at %#lx from pc %#lx\n", 457 !(ssw & RW) ? "write" : "read", addr, 458 fp->ptregs.pc); 459 die_if_kernel ("Oops", &fp->ptregs, buserr_type); 460 force_sig (SIGBUS); 461 return; 462 } 463 464//todo: wtf is RM bit? --m 465 if (!(ssw & RW) || ssw & RM) 466 errorcode |= 0x02; 467 468 /* Handle page fault. */ 469 do_page_fault (&fp->ptregs, addr, errorcode); 470 471 /* Retry the data fault now. */ 472 return; 473 } 474 475 /* Now handle the instruction fault. */ 476 477 /* Get the fault address. */ 478 if (fp->ptregs.format == 0xA) 479 addr = fp->ptregs.pc + 4; 480 else 481 addr = fp->un.fmtb.baddr; 482 if (ssw & FC) 483 addr -= 2; 484 485 if (buserr_type & SUN3_BUSERR_INVALID) { 486 if (!mmu_emu_handle_fault(addr, 1, 0)) 487 do_page_fault (&fp->ptregs, addr, 0); 488 } else { 489 pr_debug("protection fault on insn access (segv).\n"); 490 force_sig (SIGSEGV); 491 } 492} 493#else 494#if defined(CPU_M68020_OR_M68030) 495static inline void bus_error030 (struct frame *fp) 496{ 497 volatile unsigned short temp; 498 unsigned short mmusr; 499 unsigned long addr, errorcode; 500 unsigned short ssw = fp->un.fmtb.ssw; 501#ifdef DEBUG 502 unsigned long desc; 503#endif 504 505 pr_debug("pid = %x ", current->pid); 506 pr_debug("SSW=%#06x ", ssw); 507 508 if (ssw & (FC | FB)) 509 pr_debug("Instruction fault at %#010lx\n", 510 ssw & FC ? 511 fp->ptregs.format == 0xa ? fp->ptregs.pc + 2 : fp->un.fmtb.baddr - 2 512 : 513 fp->ptregs.format == 0xa ? fp->ptregs.pc + 4 : fp->un.fmtb.baddr); 514 if (ssw & DF) 515 pr_debug("Data %s fault at %#010lx in %s (pc=%#lx)\n", 516 ssw & RW ? "read" : "write", 517 fp->un.fmtb.daddr, 518 space_names[ssw & DFC], fp->ptregs.pc); 519 520 /* ++andreas: If a data fault and an instruction fault happen 521 at the same time map in both pages. */ 522 523 /* First handle the data fault, if any. */ 524 if (ssw & DF) { 525 addr = fp->un.fmtb.daddr; 526 527#ifdef DEBUG 528 asm volatile ("ptestr %3,%2@,#7,%0\n\t" 529 "pmove %%psr,%1" 530 : "=a&" (desc), "=m" (temp) 531 : "a" (addr), "d" (ssw)); 532 pr_debug("mmusr is %#x for addr %#lx in task %p\n", 533 temp, addr, current); 534 pr_debug("descriptor address is 0x%p, contents %#lx\n", 535 __va(desc), *(unsigned long *)__va(desc)); 536#else 537 asm volatile ("ptestr %2,%1@,#7\n\t" 538 "pmove %%psr,%0" 539 : "=m" (temp) : "a" (addr), "d" (ssw)); 540#endif 541 mmusr = temp; 542 errorcode = (mmusr & MMU_I) ? 0 : 1; 543 if (!(ssw & RW) || (ssw & RM)) 544 errorcode |= 2; 545 546 if (mmusr & (MMU_I | MMU_WP)) { 547 if (ssw & 4) { 548 pr_err("Data %s fault at %#010lx in %s (pc=%#lx)\n", 549 ssw & RW ? "read" : "write", 550 fp->un.fmtb.daddr, 551 space_names[ssw & DFC], fp->ptregs.pc); 552 goto buserr; 553 } 554 /* Don't try to do anything further if an exception was 555 handled. */ 556 if (do_page_fault (&fp->ptregs, addr, errorcode) < 0) 557 return; 558 } else if (!(mmusr & MMU_I)) { 559 /* probably a 020 cas fault */ 560 if (!(ssw & RM) && send_fault_sig(&fp->ptregs) > 0) 561 pr_err("unexpected bus error (%#x,%#x)\n", ssw, 562 mmusr); 563 } else if (mmusr & (MMU_B|MMU_L|MMU_S)) { 564 pr_err("invalid %s access at %#lx from pc %#lx\n", 565 !(ssw & RW) ? "write" : "read", addr, 566 fp->ptregs.pc); 567 die_if_kernel("Oops",&fp->ptregs,mmusr); 568 force_sig(SIGSEGV); 569 return; 570 } else { 571#if 0 572 static volatile long tlong; 573#endif 574 575 pr_err("weird %s access at %#lx from pc %#lx (ssw is %#x)\n", 576 !(ssw & RW) ? "write" : "read", addr, 577 fp->ptregs.pc, ssw); 578 asm volatile ("ptestr #1,%1@,#0\n\t" 579 "pmove %%psr,%0" 580 : "=m" (temp) 581 : "a" (addr)); 582 mmusr = temp; 583 584 pr_err("level 0 mmusr is %#x\n", mmusr); 585#if 0 586 asm volatile ("pmove %%tt0,%0" 587 : "=m" (tlong)); 588 pr_debug("tt0 is %#lx, ", tlong); 589 asm volatile ("pmove %%tt1,%0" 590 : "=m" (tlong)); 591 pr_debug("tt1 is %#lx\n", tlong); 592#endif 593 pr_debug("Unknown SIGSEGV - 1\n"); 594 die_if_kernel("Oops",&fp->ptregs,mmusr); 595 force_sig(SIGSEGV); 596 return; 597 } 598 599 /* setup an ATC entry for the access about to be retried */ 600 if (!(ssw & RW) || (ssw & RM)) 601 asm volatile ("ploadw %1,%0@" : /* no outputs */ 602 : "a" (addr), "d" (ssw)); 603 else 604 asm volatile ("ploadr %1,%0@" : /* no outputs */ 605 : "a" (addr), "d" (ssw)); 606 } 607 608 /* Now handle the instruction fault. */ 609 610 if (!(ssw & (FC|FB))) 611 return; 612 613 if (fp->ptregs.sr & PS_S) { 614 pr_err("Instruction fault at %#010lx\n", fp->ptregs.pc); 615 buserr: 616 pr_err("BAD KERNEL BUSERR\n"); 617 die_if_kernel("Oops",&fp->ptregs,0); 618 force_sig(SIGKILL); 619 return; 620 } 621 622 /* get the fault address */ 623 if (fp->ptregs.format == 10) 624 addr = fp->ptregs.pc + 4; 625 else 626 addr = fp->un.fmtb.baddr; 627 if (ssw & FC) 628 addr -= 2; 629 630 if ((ssw & DF) && ((addr ^ fp->un.fmtb.daddr) & PAGE_MASK) == 0) 631 /* Insn fault on same page as data fault. But we 632 should still create the ATC entry. */ 633 goto create_atc_entry; 634 635#ifdef DEBUG 636 asm volatile ("ptestr #1,%2@,#7,%0\n\t" 637 "pmove %%psr,%1" 638 : "=a&" (desc), "=m" (temp) 639 : "a" (addr)); 640 pr_debug("mmusr is %#x for addr %#lx in task %p\n", 641 temp, addr, current); 642 pr_debug("descriptor address is 0x%p, contents %#lx\n", 643 __va(desc), *(unsigned long *)__va(desc)); 644#else 645 asm volatile ("ptestr #1,%1@,#7\n\t" 646 "pmove %%psr,%0" 647 : "=m" (temp) : "a" (addr)); 648#endif 649 mmusr = temp; 650 if (mmusr & MMU_I) 651 do_page_fault (&fp->ptregs, addr, 0); 652 else if (mmusr & (MMU_B|MMU_L|MMU_S)) { 653 pr_err("invalid insn access at %#lx from pc %#lx\n", 654 addr, fp->ptregs.pc); 655 pr_debug("Unknown SIGSEGV - 2\n"); 656 die_if_kernel("Oops",&fp->ptregs,mmusr); 657 force_sig(SIGSEGV); 658 return; 659 } 660 661create_atc_entry: 662 /* setup an ATC entry for the access about to be retried */ 663 asm volatile ("ploadr #2,%0@" : /* no outputs */ 664 : "a" (addr)); 665} 666#endif /* CPU_M68020_OR_M68030 */ 667#endif /* !CONFIG_SUN3 */ 668 669#if defined(CONFIG_COLDFIRE) && defined(CONFIG_MMU) 670#include <asm/mcfmmu.h> 671 672/* 673 * The following table converts the FS encoding of a ColdFire 674 * exception stack frame into the error_code value needed by 675 * do_fault. 676*/ 677static const unsigned char fs_err_code[] = { 678 0, /* 0000 */ 679 0, /* 0001 */ 680 0, /* 0010 */ 681 0, /* 0011 */ 682 1, /* 0100 */ 683 0, /* 0101 */ 684 0, /* 0110 */ 685 0, /* 0111 */ 686 2, /* 1000 */ 687 3, /* 1001 */ 688 2, /* 1010 */ 689 0, /* 1011 */ 690 1, /* 1100 */ 691 1, /* 1101 */ 692 0, /* 1110 */ 693 0 /* 1111 */ 694}; 695 696static inline void access_errorcf(unsigned int fs, struct frame *fp) 697{ 698 unsigned long mmusr, addr; 699 unsigned int err_code; 700 int need_page_fault; 701 702 mmusr = mmu_read(MMUSR); 703 addr = mmu_read(MMUAR); 704 705 /* 706 * error_code: 707 * bit 0 == 0 means no page found, 1 means protection fault 708 * bit 1 == 0 means read, 1 means write 709 */ 710 switch (fs) { 711 case 5: /* 0101 TLB opword X miss */ 712 need_page_fault = cf_tlb_miss(&fp->ptregs, 0, 0, 0); 713 addr = fp->ptregs.pc; 714 break; 715 case 6: /* 0110 TLB extension word X miss */ 716 need_page_fault = cf_tlb_miss(&fp->ptregs, 0, 0, 1); 717 addr = fp->ptregs.pc + sizeof(long); 718 break; 719 case 10: /* 1010 TLB W miss */ 720 need_page_fault = cf_tlb_miss(&fp->ptregs, 1, 1, 0); 721 break; 722 case 14: /* 1110 TLB R miss */ 723 need_page_fault = cf_tlb_miss(&fp->ptregs, 0, 1, 0); 724 break; 725 default: 726 /* 0000 Normal */ 727 /* 0001 Reserved */ 728 /* 0010 Interrupt during debug service routine */ 729 /* 0011 Reserved */ 730 /* 0100 X Protection */ 731 /* 0111 IFP in emulator mode */ 732 /* 1000 W Protection*/ 733 /* 1001 Write error*/ 734 /* 1011 Reserved*/ 735 /* 1100 R Protection*/ 736 /* 1101 R Protection*/ 737 /* 1111 OEP in emulator mode*/ 738 need_page_fault = 1; 739 break; 740 } 741 742 if (need_page_fault) { 743 err_code = fs_err_code[fs]; 744 if ((fs == 13) && (mmusr & MMUSR_WF)) /* rd-mod-wr access */ 745 err_code |= 2; /* bit1 - write, bit0 - protection */ 746 do_page_fault(&fp->ptregs, addr, err_code); 747 } 748} 749#endif /* CONFIG_COLDFIRE CONFIG_MMU */ 750 751asmlinkage void buserr_c(struct frame *fp) 752{ 753 /* Only set esp0 if coming from user mode */ 754 if (user_mode(&fp->ptregs)) 755 current->thread.esp0 = (unsigned long) fp; 756 757 pr_debug("*** Bus Error *** Format is %x\n", fp->ptregs.format); 758 759#if defined(CONFIG_COLDFIRE) && defined(CONFIG_MMU) 760 if (CPU_IS_COLDFIRE) { 761 unsigned int fs; 762 fs = (fp->ptregs.vector & 0x3) | 763 ((fp->ptregs.vector & 0xc00) >> 8); 764 switch (fs) { 765 case 0x5: 766 case 0x6: 767 case 0x7: 768 case 0x9: 769 case 0xa: 770 case 0xd: 771 case 0xe: 772 case 0xf: 773 access_errorcf(fs, fp); 774 return; 775 default: 776 break; 777 } 778 } 779#endif /* CONFIG_COLDFIRE && CONFIG_MMU */ 780 781 switch (fp->ptregs.format) { 782#if defined (CONFIG_M68060) 783 case 4: /* 68060 access error */ 784 access_error060 (fp); 785 break; 786#endif 787#if defined (CONFIG_M68040) 788 case 0x7: /* 68040 access error */ 789 access_error040 (fp); 790 break; 791#endif 792#if defined (CPU_M68020_OR_M68030) 793 case 0xa: 794 case 0xb: 795 bus_error030 (fp); 796 break; 797#endif 798 default: 799 die_if_kernel("bad frame format",&fp->ptregs,0); 800 pr_debug("Unknown SIGSEGV - 4\n"); 801 force_sig(SIGSEGV); 802 } 803} 804 805 806static int kstack_depth_to_print = 48; 807 808static void show_trace(unsigned long *stack, const char *loglvl) 809{ 810 unsigned long *endstack; 811 unsigned long addr; 812 int i; 813 814 printk("%sCall Trace:", loglvl); 815 addr = (unsigned long)stack + THREAD_SIZE - 1; 816 endstack = (unsigned long *)(addr & -THREAD_SIZE); 817 i = 0; 818 while (stack + 1 <= endstack) { 819 addr = *stack++; 820 /* 821 * If the address is either in the text segment of the 822 * kernel, or in the region which contains vmalloc'ed 823 * memory, it *may* be the address of a calling 824 * routine; if so, print it so that someone tracing 825 * down the cause of the crash will be able to figure 826 * out the call path that was taken. 827 */ 828 if (__kernel_text_address(addr)) { 829#ifndef CONFIG_KALLSYMS 830 if (i % 5 == 0) 831 pr_cont("\n "); 832#endif 833 pr_cont(" [<%08lx>] %pS\n", addr, (void *)addr); 834 i++; 835 } 836 } 837 pr_cont("\n"); 838} 839 840void show_registers(struct pt_regs *regs) 841{ 842 struct frame *fp = (struct frame *)regs; 843 u16 c, *cp; 844 unsigned long addr; 845 int i; 846 847 print_modules(); 848 pr_info("PC: [<%08lx>] %pS\n", regs->pc, (void *)regs->pc); 849 pr_info("SR: %04x SP: %p a2: %08lx\n", regs->sr, regs, regs->a2); 850 pr_info("d0: %08lx d1: %08lx d2: %08lx d3: %08lx\n", 851 regs->d0, regs->d1, regs->d2, regs->d3); 852 pr_info("d4: %08lx d5: %08lx a0: %08lx a1: %08lx\n", 853 regs->d4, regs->d5, regs->a0, regs->a1); 854 855 pr_info("Process %s (pid: %d, task=%p)\n", 856 current->comm, task_pid_nr(current), current); 857 addr = (unsigned long)&fp->un; 858 pr_info("Frame format=%X ", regs->format); 859 switch (regs->format) { 860 case 0x2: 861 pr_cont("instr addr=%08lx\n", fp->un.fmt2.iaddr); 862 addr += sizeof(fp->un.fmt2); 863 break; 864 case 0x3: 865 pr_cont("eff addr=%08lx\n", fp->un.fmt3.effaddr); 866 addr += sizeof(fp->un.fmt3); 867 break; 868 case 0x4: 869 if (CPU_IS_060) 870 pr_cont("fault addr=%08lx fslw=%08lx\n", 871 fp->un.fmt4.effaddr, fp->un.fmt4.pc); 872 else 873 pr_cont("eff addr=%08lx pc=%08lx\n", 874 fp->un.fmt4.effaddr, fp->un.fmt4.pc); 875 addr += sizeof(fp->un.fmt4); 876 break; 877 case 0x7: 878 pr_cont("eff addr=%08lx ssw=%04x faddr=%08lx\n", 879 fp->un.fmt7.effaddr, fp->un.fmt7.ssw, fp->un.fmt7.faddr); 880 pr_info("wb 1 stat/addr/data: %04x %08lx %08lx\n", 881 fp->un.fmt7.wb1s, fp->un.fmt7.wb1a, fp->un.fmt7.wb1dpd0); 882 pr_info("wb 2 stat/addr/data: %04x %08lx %08lx\n", 883 fp->un.fmt7.wb2s, fp->un.fmt7.wb2a, fp->un.fmt7.wb2d); 884 pr_info("wb 3 stat/addr/data: %04x %08lx %08lx\n", 885 fp->un.fmt7.wb3s, fp->un.fmt7.wb3a, fp->un.fmt7.wb3d); 886 pr_info("push data: %08lx %08lx %08lx %08lx\n", 887 fp->un.fmt7.wb1dpd0, fp->un.fmt7.pd1, fp->un.fmt7.pd2, 888 fp->un.fmt7.pd3); 889 addr += sizeof(fp->un.fmt7); 890 break; 891 case 0x9: 892 pr_cont("instr addr=%08lx\n", fp->un.fmt9.iaddr); 893 addr += sizeof(fp->un.fmt9); 894 break; 895 case 0xa: 896 pr_cont("ssw=%04x isc=%04x isb=%04x daddr=%08lx dobuf=%08lx\n", 897 fp->un.fmta.ssw, fp->un.fmta.isc, fp->un.fmta.isb, 898 fp->un.fmta.daddr, fp->un.fmta.dobuf); 899 addr += sizeof(fp->un.fmta); 900 break; 901 case 0xb: 902 pr_cont("ssw=%04x isc=%04x isb=%04x daddr=%08lx dobuf=%08lx\n", 903 fp->un.fmtb.ssw, fp->un.fmtb.isc, fp->un.fmtb.isb, 904 fp->un.fmtb.daddr, fp->un.fmtb.dobuf); 905 pr_info("baddr=%08lx dibuf=%08lx ver=%x\n", 906 fp->un.fmtb.baddr, fp->un.fmtb.dibuf, fp->un.fmtb.ver); 907 addr += sizeof(fp->un.fmtb); 908 break; 909 default: 910 pr_cont("\n"); 911 } 912 show_stack(NULL, (unsigned long *)addr, KERN_INFO); 913 914 pr_info("Code:"); 915 cp = (u16 *)regs->pc; 916 for (i = -8; i < 16; i++) { 917 if (get_kernel_nofault(c, cp + i) && i >= 0) { 918 pr_cont(" Bad PC value."); 919 break; 920 } 921 if (i) 922 pr_cont(" %04x", c); 923 else 924 pr_cont(" <%04x>", c); 925 } 926 pr_cont("\n"); 927} 928 929void show_stack(struct task_struct *task, unsigned long *stack, 930 const char *loglvl) 931{ 932 unsigned long *p; 933 unsigned long *endstack; 934 int i; 935 936 if (!stack) { 937 if (task) 938 stack = (unsigned long *)task->thread.esp0; 939 else 940 stack = (unsigned long *)&stack; 941 } 942 endstack = (unsigned long *)(((unsigned long)stack + THREAD_SIZE - 1) & -THREAD_SIZE); 943 944 printk("%sStack from %08lx:", loglvl, (unsigned long)stack); 945 p = stack; 946 for (i = 0; i < kstack_depth_to_print; i++) { 947 if (p + 1 > endstack) 948 break; 949 if (i % 8 == 0) 950 pr_cont("\n "); 951 pr_cont(" %08lx", *p++); 952 } 953 pr_cont("\n"); 954 show_trace(stack, loglvl); 955} 956 957/* 958 * The vector number returned in the frame pointer may also contain 959 * the "fs" (Fault Status) bits on ColdFire. These are in the bottom 960 * 2 bits, and upper 2 bits. So we need to mask out the real vector 961 * number before using it in comparisons. You don't need to do this on 962 * real 68k parts, but it won't hurt either. 963 */ 964 965void bad_super_trap (struct frame *fp) 966{ 967 int vector = (fp->ptregs.vector >> 2) & 0xff; 968 969 console_verbose(); 970 if (vector < ARRAY_SIZE(vec_names)) 971 pr_err("*** %s *** FORMAT=%X\n", 972 vec_names[vector], 973 fp->ptregs.format); 974 else 975 pr_err("*** Exception %d *** FORMAT=%X\n", 976 vector, fp->ptregs.format); 977 if (vector == VEC_ADDRERR && CPU_IS_020_OR_030) { 978 unsigned short ssw = fp->un.fmtb.ssw; 979 980 pr_err("SSW=%#06x ", ssw); 981 982 if (ssw & RC) 983 pr_err("Pipe stage C instruction fault at %#010lx\n", 984 (fp->ptregs.format) == 0xA ? 985 fp->ptregs.pc + 2 : fp->un.fmtb.baddr - 2); 986 if (ssw & RB) 987 pr_err("Pipe stage B instruction fault at %#010lx\n", 988 (fp->ptregs.format) == 0xA ? 989 fp->ptregs.pc + 4 : fp->un.fmtb.baddr); 990 if (ssw & DF) 991 pr_err("Data %s fault at %#010lx in %s (pc=%#lx)\n", 992 ssw & RW ? "read" : "write", 993 fp->un.fmtb.daddr, space_names[ssw & DFC], 994 fp->ptregs.pc); 995 } 996 pr_err("Current process id is %d\n", task_pid_nr(current)); 997 die_if_kernel("BAD KERNEL TRAP", &fp->ptregs, 0); 998} 999 1000asmlinkage void trap_c(struct frame *fp) 1001{ 1002 int sig, si_code; 1003 void __user *addr; 1004 int vector = (fp->ptregs.vector >> 2) & 0xff; 1005 1006 if (fp->ptregs.sr & PS_S) { 1007 if (vector == VEC_TRACE) { 1008 /* traced a trapping instruction on a 68020/30, 1009 * real exception will be executed afterwards. 1010 */ 1011 return; 1012 } 1013#ifdef CONFIG_MMU 1014 if (fixup_exception(&fp->ptregs)) 1015 return; 1016#endif 1017 bad_super_trap(fp); 1018 return; 1019 } 1020 1021 /* send the appropriate signal to the user program */ 1022 switch (vector) { 1023 case VEC_ADDRERR: 1024 si_code = BUS_ADRALN; 1025 sig = SIGBUS; 1026 break; 1027 case VEC_ILLEGAL: 1028 case VEC_LINE10: 1029 case VEC_LINE11: 1030 si_code = ILL_ILLOPC; 1031 sig = SIGILL; 1032 break; 1033 case VEC_PRIV: 1034 si_code = ILL_PRVOPC; 1035 sig = SIGILL; 1036 break; 1037 case VEC_COPROC: 1038 si_code = ILL_COPROC; 1039 sig = SIGILL; 1040 break; 1041 case VEC_TRAP1: 1042 case VEC_TRAP2: 1043 case VEC_TRAP3: 1044 case VEC_TRAP4: 1045 case VEC_TRAP5: 1046 case VEC_TRAP6: 1047 case VEC_TRAP7: 1048 case VEC_TRAP8: 1049 case VEC_TRAP9: 1050 case VEC_TRAP10: 1051 case VEC_TRAP11: 1052 case VEC_TRAP12: 1053 case VEC_TRAP13: 1054 case VEC_TRAP14: 1055 si_code = ILL_ILLTRP; 1056 sig = SIGILL; 1057 break; 1058 case VEC_FPBRUC: 1059 case VEC_FPOE: 1060 case VEC_FPNAN: 1061 si_code = FPE_FLTINV; 1062 sig = SIGFPE; 1063 break; 1064 case VEC_FPIR: 1065 si_code = FPE_FLTRES; 1066 sig = SIGFPE; 1067 break; 1068 case VEC_FPDIVZ: 1069 si_code = FPE_FLTDIV; 1070 sig = SIGFPE; 1071 break; 1072 case VEC_FPUNDER: 1073 si_code = FPE_FLTUND; 1074 sig = SIGFPE; 1075 break; 1076 case VEC_FPOVER: 1077 si_code = FPE_FLTOVF; 1078 sig = SIGFPE; 1079 break; 1080 case VEC_ZERODIV: 1081 si_code = FPE_INTDIV; 1082 sig = SIGFPE; 1083 break; 1084 case VEC_CHK: 1085 case VEC_TRAP: 1086 si_code = FPE_INTOVF; 1087 sig = SIGFPE; 1088 break; 1089 case VEC_TRACE: /* ptrace single step */ 1090 si_code = TRAP_TRACE; 1091 sig = SIGTRAP; 1092 break; 1093 case VEC_TRAP15: /* breakpoint */ 1094 si_code = TRAP_BRKPT; 1095 sig = SIGTRAP; 1096 break; 1097 default: 1098 si_code = ILL_ILLOPC; 1099 sig = SIGILL; 1100 break; 1101 } 1102 switch (fp->ptregs.format) { 1103 default: 1104 addr = (void __user *) fp->ptregs.pc; 1105 break; 1106 case 2: 1107 addr = (void __user *) fp->un.fmt2.iaddr; 1108 break; 1109 case 7: 1110 addr = (void __user *) fp->un.fmt7.effaddr; 1111 break; 1112 case 9: 1113 addr = (void __user *) fp->un.fmt9.iaddr; 1114 break; 1115 case 10: 1116 addr = (void __user *) fp->un.fmta.daddr; 1117 break; 1118 case 11: 1119 addr = (void __user*) fp->un.fmtb.daddr; 1120 break; 1121 } 1122 force_sig_fault(sig, si_code, addr); 1123} 1124 1125void die_if_kernel (char *str, struct pt_regs *fp, int nr) 1126{ 1127 if (!(fp->sr & PS_S)) 1128 return; 1129 1130 console_verbose(); 1131 pr_crit("%s: %08x\n", str, nr); 1132 show_registers(fp); 1133 add_taint(TAINT_DIE, LOCKDEP_NOW_UNRELIABLE); 1134 make_task_dead(SIGSEGV); 1135} 1136 1137asmlinkage void set_esp0(unsigned long ssp) 1138{ 1139 current->thread.esp0 = ssp; 1140} 1141 1142/* 1143 * This function is called if an error occur while accessing 1144 * user-space from the fpsp040 code. 1145 */ 1146asmlinkage void fpsp040_die(void) 1147{ 1148 force_exit_sig(SIGSEGV); 1149} 1150 1151#ifdef CONFIG_M68KFPU_EMU 1152asmlinkage void fpemu_signal(int signal, int code, void *addr) 1153{ 1154 force_sig_fault(signal, code, addr); 1155} 1156#endif