trap.c revision 1.82
1 /* $NetBSD: trap.c,v 1.82 2010/03/22 23:27:05 skrll Exp $ */ 2 3 /*- 4 * Copyright (c) 2001, 2002 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Matthew Fredette. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 * POSSIBILITY OF SUCH DAMAGE. 30 */ 31 32 /* $OpenBSD: trap.c,v 1.30 2001/09/19 20:50:56 mickey Exp $ */ 33 34 /* 35 * Copyright (c) 1998-2004 Michael Shalayeff 36 * All rights reserved. 37 * 38 * Redistribution and use in source and binary forms, with or without 39 * modification, are permitted provided that the following conditions 40 * are met: 41 * 1. Redistributions of source code must retain the above copyright 42 * notice, this list of conditions and the following disclaimer. 43 * 2. Redistributions in binary form must reproduce the above copyright 44 * notice, this list of conditions and the following disclaimer in the 45 * documentation and/or other materials provided with the distribution. 46 * 47 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 48 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 49 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 50 * IN NO EVENT SHALL THE AUTHOR OR HIS RELATIVES BE LIABLE FOR ANY DIRECT, 51 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 52 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 53 * SERVICES; LOSS OF MIND, USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 54 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 55 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING 56 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF 57 * THE POSSIBILITY OF SUCH DAMAGE. 58 */ 59 60 #include <sys/cdefs.h> 61 __KERNEL_RCSID(0, "$NetBSD: trap.c,v 1.82 2010/03/22 23:27:05 skrll Exp $"); 62 63 /* #define INTRDEBUG */ 64 /* #define TRAPDEBUG */ 65 /* #define USERTRACE */ 66 67 #include "opt_kgdb.h" 68 #include "opt_ptrace.h" 69 #include "opt_sa.h" 70 71 #include <sys/param.h> 72 #include <sys/systm.h> 73 #include <sys/kernel.h> 74 #include <sys/syscall.h> 75 #include <sys/syscallvar.h> 76 #include <sys/sa.h> 77 #include <sys/savar.h> 78 #include <sys/mutex.h> 79 #include <sys/ktrace.h> 80 #include <sys/proc.h> 81 #include <sys/signalvar.h> 82 #include <sys/acct.h> 83 #include <sys/signal.h> 84 #include <sys/device.h> 85 #include <sys/pool.h> 86 #include <sys/userret.h> 87 88 #include <net/netisr.h> 89 90 #ifdef KGDB 91 #include <sys/kgdb.h> 92 #endif 93 94 #include <uvm/uvm.h> 95 96 #include <machine/iomod.h> 97 #include <machine/cpufunc.h> 98 #include <machine/reg.h> 99 #include <machine/autoconf.h> 100 101 #include <machine/db_machdep.h> 102 103 #include <hppa/hppa/machdep.h> 104 105 #include <ddb/db_output.h> 106 #include <ddb/db_interface.h> 107 108 #ifdef PTRACE 109 void ss_clear_breakpoints(struct lwp *l); 110 int ss_put_value(struct lwp *, vaddr_t, u_int); 111 int ss_get_value(struct lwp *, vaddr_t, u_int *); 112 #endif 113 114 /* single-step breakpoint */ 115 #define SSBREAKPOINT (HPPA_BREAK_KERNEL | (HPPA_BREAK_SS << 13)) 116 117 #if defined(DEBUG) || defined(DIAGNOSTIC) 118 /* 119 * 0x6fc1000 is a stwm r1, d(sr0, sp), which is the last 120 * instruction in the function prologue that gcc -O0 uses. 121 * When we have this instruction we know the relationship 122 * between the stack pointer and the gcc -O0 frame pointer 123 * (in r3, loaded with the initial sp) for the body of a 124 * function. 125 * 126 * If the given instruction is a stwm r1, d(sr0, sp) where 127 * d > 0, we evaluate to d, else we evaluate to zero. 128 */ 129 #define STWM_R1_D_SR0_SP(inst) \ 130 (((inst) & 0xffffc001) == 0x6fc10000 ? (((inst) & 0x00003ff) >> 1) : 0) 131 #endif /* DEBUG || DIAGNOSTIC */ 132 133 const char *trap_type[] = { 134 "invalid", 135 "HPMC", 136 "power failure", 137 "recovery counter", 138 "external interrupt", 139 "LPMC", 140 "ITLB miss fault", 141 "instruction protection", 142 "Illegal instruction", 143 "break instruction", 144 "privileged operation", 145 "privileged register", 146 "overflow", 147 "conditional", 148 "assist exception", 149 "DTLB miss", 150 "ITLB non-access miss", 151 "DTLB non-access miss", 152 "data protection/rights/alignment", 153 "data break", 154 "TLB dirty", 155 "page reference", 156 "assist emulation", 157 "higher-priv transfer", 158 "lower-priv transfer", 159 "taken branch", 160 "data access rights", 161 "data protection", 162 "unaligned data ref", 163 }; 164 int trap_types = __arraycount(trap_type); 165 166 uint8_t fpopmap[] = { 167 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x00, 168 0x00, 0x0c, 0x00, 0x0e, 0x00, 0x00, 0x00, 0x00, 169 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 170 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 171 0x00, 0x00, 0x00, 0x26, 0x00, 0x00, 0x00, 0x00, 172 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 173 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 174 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 175 }; 176 177 volatile int astpending; 178 179 void pmap_hptdump(void); 180 void syscall(struct trapframe *, int *); 181 182 #if defined(DEBUG) 183 struct trapframe *sanity_frame; 184 struct lwp *sanity_lwp; 185 const char *sanity_string; 186 void frame_sanity_check(const char *, int, int, struct trapframe *, 187 struct lwp *); 188 #endif 189 190 191 #ifdef USERTRACE 192 /* 193 * USERTRACE is a crude facility that traces the PC of a single user process. 194 * This tracing is normally activated by the dispatching of a certain syscall 195 * with certain arguments - see the activation code in syscall(). 196 */ 197 static void user_backtrace(struct trapframe *, struct lwp *, int); 198 static void user_backtrace_raw(u_int, u_int); 199 200 u_int rctr_next_iioq; 201 #endif 202 203 static inline void 204 userret(struct lwp *l, register_t pc, u_quad_t oticks) 205 { 206 struct proc *p = l->l_proc; 207 208 if (astpending) { 209 astpending = 0; 210 if (curcpu()->ci_want_resched) { 211 preempt(); 212 } 213 } 214 215 mi_userret(l); 216 217 /* 218 * If profiling, charge recent system time to the trapped pc. 219 */ 220 if (p->p_stflag & PST_PROFIL) { 221 extern int psratio; 222 223 addupc_task(l, pc, (int)(p->p_sticks - oticks) * psratio); 224 } 225 } 226 227 /* 228 * This handles some messy kernel debugger details. 229 * It dispatches into either kgdb or DDB, and knows 230 * about some special things to do, like skipping over 231 * break instructions and how to really set up for 232 * a single-step. 233 */ 234 #if defined(KGDB) || defined(DDB) 235 static int 236 trap_kdebug(int type, int code, struct trapframe *frame) 237 { 238 int handled; 239 u_int tf_iioq_head_old; 240 u_int tf_iioq_tail_old; 241 242 for(;;) { 243 244 /* This trap has not been handled. */ 245 handled = 0; 246 247 /* Remember the instruction offset queue. */ 248 tf_iioq_head_old = frame->tf_iioq_head; 249 tf_iioq_tail_old = frame->tf_iioq_tail; 250 251 #ifdef KGDB 252 /* Let KGDB handle it (if connected) */ 253 if (!handled) 254 handled = kgdb_trap(type, frame); 255 #endif 256 #ifdef DDB 257 /* Let DDB handle it. */ 258 if (!handled) 259 handled = kdb_trap(type, code, frame); 260 #endif 261 262 /* If this trap wasn't handled, return now. */ 263 if (!handled) 264 return(0); 265 266 /* 267 * If the instruction offset queue head changed, but the offset 268 * queue tail didn't, assume that the user wants to jump to the 269 * head offset, and adjust the tail accordingly. This should 270 * fix the kgdb `jump' command, and can help DDB users who `set' 271 * the offset head but forget the tail. 272 */ 273 if (frame->tf_iioq_head != tf_iioq_head_old && 274 frame->tf_iioq_tail == tf_iioq_tail_old) 275 frame->tf_iioq_tail = frame->tf_iioq_head + 4; 276 277 /* 278 * This is some single-stepping support. If we're trying to 279 * step through a nullified instruction, just advance by hand 280 * and trap again. Otherwise, load the recovery counter with 281 * zero. 282 */ 283 if (frame->tf_ipsw & PSW_R) { 284 #ifdef TRAPDEBUG 285 printf("(single stepping at head 0x%x tail 0x%x)\n", 286 frame->tf_iioq_head, frame->tf_iioq_tail); 287 #endif 288 if (frame->tf_ipsw & PSW_N) { 289 #ifdef TRAPDEBUG 290 printf("(single stepping past nullified)\n"); 291 #endif 292 293 /* Advance the program counter. */ 294 frame->tf_iioq_head = frame->tf_iioq_tail; 295 frame->tf_iioq_tail = frame->tf_iioq_head + 4; 296 297 /* Clear flags. */ 298 frame->tf_ipsw &= ~(PSW_N|PSW_X|PSW_Y|PSW_Z|PSW_B|PSW_T|PSW_H|PSW_L); 299 300 /* Simulate another trap. */ 301 type = T_RECOVERY; 302 continue; 303 } 304 frame->tf_rctr = 0; 305 } 306 307 /* We handled this trap. */ 308 return (1); 309 } 310 /* NOTREACHED */ 311 } 312 #else /* !KGDB && !DDB */ 313 #define trap_kdebug(t, c, f) (0) 314 #endif /* !KGDB && !DDB */ 315 316 #if defined(DEBUG) || defined(USERTRACE) 317 /* 318 * These functions give a crude usermode backtrace. They really only work when 319 * code has been compiled without optimization, as they assume a certain func- 320 * tion prologue sets up a frame pointer and stores the return pointer and arg- 321 * uments in it. 322 */ 323 static void 324 user_backtrace_raw(u_int pc, u_int fp) 325 { 326 int frame_number; 327 int arg_number; 328 329 for (frame_number = 0; 330 frame_number < 100 && pc > HPPA_PC_PRIV_MASK && fp; 331 frame_number++) { 332 333 printf("%3d: pc=%08x%s fp=0x%08x", frame_number, 334 pc & ~HPPA_PC_PRIV_MASK, USERMODE(pc) ? " " : "**", fp); 335 for(arg_number = 0; arg_number < 4; arg_number++) 336 printf(" arg%d=0x%08x", arg_number, 337 (int) fuword(HPPA_FRAME_CARG(arg_number, fp))); 338 printf("\n"); 339 pc = fuword(((register_t *) fp) - 5); /* fetch rp */ 340 if (pc == -1) { 341 printf(" fuword for pc failed\n"); 342 break; 343 } 344 fp = fuword(((register_t *) fp) + 0); /* fetch previous fp */ 345 if (fp == -1) { 346 printf(" fuword for fp failed\n"); 347 break; 348 } 349 } 350 printf(" backtrace stopped with pc %08x fp 0x%08x\n", pc, fp); 351 } 352 353 static void 354 user_backtrace(struct trapframe *tf, struct lwp *l, int type) 355 { 356 struct proc *p = l->l_proc; 357 u_int pc, fp, inst; 358 359 /* 360 * Display any trap type that we have. 361 */ 362 if (type >= 0) 363 printf("pid %d (%s) trap #%d\n", 364 p->p_pid, p->p_comm, type & ~T_USER); 365 366 /* 367 * Assuming that the frame pointer in r3 is valid, 368 * dump out a stack trace. 369 */ 370 fp = tf->tf_r3; 371 printf("pid %d (%s) backtrace, starting with fp 0x%08x\n", 372 p->p_pid, p->p_comm, fp); 373 user_backtrace_raw(tf->tf_iioq_head, fp); 374 375 /* 376 * In case the frame pointer in r3 is not valid, assuming the stack 377 * pointer is valid and the faulting function is a non-leaf, if we can 378 * find its prologue we can recover its frame pointer. 379 */ 380 pc = tf->tf_iioq_head; 381 fp = tf->tf_sp - HPPA_FRAME_SIZE; 382 printf("pid %d (%s) backtrace, starting with sp 0x%08x pc 0x%08x\n", 383 p->p_pid, p->p_comm, tf->tf_sp, pc); 384 for (pc &= ~HPPA_PC_PRIV_MASK; pc > 0; pc -= sizeof(inst)) { 385 inst = fuword((register_t *) pc); 386 if (inst == -1) { 387 printf(" fuword for inst at pc %08x failed\n", pc); 388 break; 389 } 390 /* Check for the prologue instruction that sets sp. */ 391 if (STWM_R1_D_SR0_SP(inst)) { 392 fp = tf->tf_sp - STWM_R1_D_SR0_SP(inst); 393 printf(" sp from fp at pc %08x: %08x\n", pc, inst); 394 break; 395 } 396 } 397 user_backtrace_raw(tf->tf_iioq_head, fp); 398 } 399 #endif /* DEBUG || USERTRACE */ 400 401 #ifdef DEBUG 402 /* 403 * This sanity-checks a trapframe. It is full of various assumptions about 404 * what a healthy CPU state should be, with some documented elsewhere, some not. 405 */ 406 void 407 frame_sanity_check(const char *func, int line, int type, struct trapframe *tf, 408 struct lwp *l) 409 { 410 extern int kernel_text; 411 extern int etext; 412 extern register_t kpsw; 413 414 #define SANITY(e) \ 415 do { \ 416 if (sanity_frame == NULL && !(e)) { \ 417 sanity_frame = tf; \ 418 sanity_lwp = l; \ 419 sanity_string = #e; \ 420 } \ 421 } while (/* CONSTCOND */ 0) 422 423 KASSERT(l != NULL); 424 SANITY((tf->tf_ipsw & kpsw) == kpsw); 425 SANITY((kpsw & PSW_I) == 0 || tf->tf_eiem != 0); 426 if (tf->tf_iisq_head == HPPA_SID_KERNEL) { 427 vaddr_t minsp, maxsp, uv; 428 429 uv = uvm_lwp_getuarea(l); 430 431 /* 432 * If the trap happened in the gateway page, we take the easy 433 * way out and assume that the trapframe is okay. 434 */ 435 if ((tf->tf_iioq_head & ~PAGE_MASK) == SYSCALLGATE) 436 goto out; 437 438 SANITY(!USERMODE(tf->tf_iioq_head)); 439 SANITY(!USERMODE(tf->tf_iioq_tail)); 440 441 /* 442 * Don't check the instruction queues or stack on interrupts 443 * as we could be be in the sti code (outside normal kernel 444 * text) or switching LWPs (curlwp and sp are not in sync) 445 */ 446 if ((type & ~T_USER) == T_INTERRUPT) 447 goto out; 448 449 SANITY(tf->tf_iioq_head >= (u_int) &kernel_text); 450 SANITY(tf->tf_iioq_head < (u_int) &etext); 451 SANITY(tf->tf_iioq_tail >= (u_int) &kernel_text); 452 SANITY(tf->tf_iioq_tail < (u_int) &etext); 453 454 maxsp = uv + USPACE + PAGE_SIZE; 455 minsp = uv + PAGE_SIZE; 456 457 SANITY(tf->tf_sp >= minsp && tf->tf_sp < maxsp); 458 } else { 459 struct pcb *pcb = lwp_getpcb(l); 460 461 SANITY(USERMODE(tf->tf_iioq_head)); 462 SANITY(USERMODE(tf->tf_iioq_tail)); 463 SANITY(tf->tf_cr30 == (u_int)pcb->pcb_fpregs); 464 } 465 #undef SANITY 466 out: 467 if (sanity_frame == tf) { 468 printf("insanity: '%s' in func %s at line %d type 0x%x tf %p " 469 "lwp %p sp 0x%x pc 0x%x\n", sanity_string, func, line, type, 470 sanity_frame, sanity_lwp, tf->tf_sp, tf->tf_iioq_head); 471 (void) trap_kdebug(T_IBREAK, 0, tf); 472 sanity_frame = NULL; 473 sanity_lwp = NULL; 474 } 475 } 476 #endif /* DEBUG */ 477 478 void 479 trap(int type, struct trapframe *frame) 480 { 481 struct lwp *l; 482 struct proc *p; 483 struct pcb *pcb; 484 vaddr_t va; 485 struct vm_map *map; 486 struct vmspace *vm; 487 vm_prot_t vftype; 488 pa_space_t space; 489 ksiginfo_t ksi; 490 u_int opcode, onfault; 491 int ret; 492 const char *tts = "reserved"; 493 int trapnum; 494 #ifdef DIAGNOSTIC 495 extern int emergency_stack_start, emergency_stack_end; 496 int oldcpl = cpl; 497 #endif 498 499 trapnum = type & ~T_USER; 500 opcode = frame->tf_iir; 501 if (trapnum == T_ITLBMISS || trapnum == T_ITLBMISSNA || 502 trapnum == T_IBREAK || trapnum == T_TAKENBR) { 503 va = frame->tf_iioq_head; 504 space = frame->tf_iisq_head; 505 vftype = VM_PROT_EXECUTE; 506 } else { 507 va = frame->tf_ior; 508 space = frame->tf_isr; 509 vftype = inst_store(opcode) ? VM_PROT_WRITE : VM_PROT_READ; 510 } 511 512 KASSERT(curlwp != NULL); 513 l = curlwp; 514 p = l->l_proc; 515 if ((type & T_USER) != 0) 516 LWP_CACHE_CREDS(l, p); 517 518 #ifdef DIAGNOSTIC 519 /* 520 * If we are on the emergency stack, then we either got 521 * a fault on the kernel stack, or we're just handling 522 * a trap for the machine check handler (which also 523 * runs on the emergency stack). 524 * 525 * We *very crudely* differentiate between the two cases 526 * by checking the faulting instruction: if it is the 527 * function prologue instruction that stores the old 528 * frame pointer and updates the stack pointer, we assume 529 * that we faulted on the kernel stack. 530 * 531 * In this case, not completing that instruction will 532 * probably confuse backtraces in kgdb/ddb. Completing 533 * it would be difficult, because we already faulted on 534 * that part of the stack, so instead we fix up the 535 * frame as if the function called has just returned. 536 * This has peculiar knowledge about what values are in 537 * what registers during the "normal gcc -g" prologue. 538 */ 539 if (&type >= &emergency_stack_start && 540 &type < &emergency_stack_end && 541 type != T_IBREAK && STWM_R1_D_SR0_SP(opcode)) { 542 /* Restore the caller's frame pointer. */ 543 frame->tf_r3 = frame->tf_r1; 544 /* Restore the caller's instruction offsets. */ 545 frame->tf_iioq_head = frame->tf_rp; 546 frame->tf_iioq_tail = frame->tf_iioq_head + 4; 547 goto dead_end; 548 } 549 #endif /* DIAGNOSTIC */ 550 551 #ifdef DEBUG 552 frame_sanity_check(__func__, __LINE__, type, frame, l); 553 #endif /* DEBUG */ 554 555 if (frame->tf_flags & TFF_LAST) 556 l->l_md.md_regs = frame; 557 558 if (trapnum <= trap_types) 559 tts = trap_type[trapnum]; 560 561 #ifdef TRAPDEBUG 562 if (trapnum != T_INTERRUPT && trapnum != T_IBREAK) 563 printf("trap: %d, %s for %x:%lx at %x:%x, fp=%p, rp=%x\n", 564 type, tts, space, va, frame->tf_iisq_head, 565 frame->tf_iioq_head, frame, frame->tf_rp); 566 else if (trapnum == T_IBREAK) 567 printf("trap: break instruction %x:%x at %x:%x, fp=%p\n", 568 break5(opcode), break13(opcode), 569 frame->tf_iisq_head, frame->tf_iioq_head, frame); 570 571 { 572 extern int etext; 573 if (frame < (struct trapframe *)&etext) { 574 printf("trap: bogus frame ptr %p\n", frame); 575 goto dead_end; 576 } 577 } 578 #endif 579 580 pcb = lwp_getpcb(l); 581 582 /* If this is a trap, not an interrupt, reenable interrupts. */ 583 if (trapnum != T_INTERRUPT) { 584 uvmexp.traps++; 585 mtctl(frame->tf_eiem, CR_EIEM); 586 } 587 588 switch (type) { 589 case T_NONEXIST: 590 case T_NONEXIST|T_USER: 591 #if !defined(DDB) && !defined(KGDB) 592 /* we've got screwed up by the central scrutinizer */ 593 panic ("trap: elvis has just left the building!"); 594 break; 595 #else 596 goto dead_end; 597 #endif 598 case T_RECOVERY|T_USER: 599 #ifdef USERTRACE 600 for(;;) { 601 if (frame->tf_iioq_head != rctr_next_iioq) 602 printf("-%08x\nr %08x", 603 rctr_next_iioq - 4, 604 frame->tf_iioq_head); 605 rctr_next_iioq = frame->tf_iioq_head + 4; 606 if (frame->tf_ipsw & PSW_N) { 607 /* Advance the program counter. */ 608 frame->tf_iioq_head = frame->tf_iioq_tail; 609 frame->tf_iioq_tail = frame->tf_iioq_head + 4; 610 /* Clear flags. */ 611 frame->tf_ipsw &= ~(PSW_N|PSW_X|PSW_Y|PSW_Z|PSW_B|PSW_T|PSW_H|PSW_L); 612 /* Simulate another trap. */ 613 continue; 614 } 615 break; 616 } 617 frame->tf_rctr = 0; 618 break; 619 #endif /* USERTRACE */ 620 case T_RECOVERY: 621 #if !defined(DDB) && !defined(KGDB) 622 /* XXX will implement later */ 623 printf ("trap: handicapped"); 624 break; 625 #else 626 goto dead_end; 627 #endif 628 629 case T_EMULATION | T_USER: 630 #ifdef FPEMUL 631 hppa_fpu_emulate(frame, l, opcode); 632 #else /* !FPEMUL */ 633 /* 634 * We don't have FPU emulation, so signal the 635 * process with a SIGFPE. 636 */ 637 638 KSI_INIT_TRAP(&ksi); 639 ksi.ksi_signo = SIGFPE; 640 ksi.ksi_code = SI_NOINFO; 641 ksi.ksi_trap = type; 642 ksi.ksi_addr = (void *)frame->tf_iioq_head; 643 trapsignal(l, &ksi); 644 #endif /* !FPEMUL */ 645 break; 646 647 case T_DATALIGN: 648 onfault = pcb->pcb_onfault; 649 if (onfault) { 650 ret = EFAULT; 651 do_onfault: 652 frame->tf_iioq_head = onfault; 653 frame->tf_iioq_tail = frame->tf_iioq_head + 4; 654 frame->tf_ret0 = ret; 655 break; 656 } 657 /*FALLTHROUGH*/ 658 659 #ifdef DIAGNOSTIC 660 /* these just can't happen ever */ 661 case T_PRIV_OP: 662 case T_PRIV_REG: 663 /* these just can't make it to the trap() ever */ 664 case T_HPMC: 665 case T_HPMC | T_USER: 666 case T_EMULATION: 667 case T_EXCEPTION: 668 #endif 669 case T_IBREAK: 670 case T_DBREAK: 671 dead_end: 672 if (type & T_USER) { 673 #ifdef DEBUG 674 user_backtrace(frame, l, type); 675 #endif 676 KSI_INIT_TRAP(&ksi); 677 ksi.ksi_signo = SIGILL; 678 ksi.ksi_code = ILL_ILLTRP; 679 ksi.ksi_trap = type; 680 ksi.ksi_addr = (void *)frame->tf_iioq_head; 681 trapsignal(l, &ksi); 682 break; 683 } 684 if (trap_kdebug(type, va, frame)) 685 return; 686 else if (type == T_DATALIGN) 687 panic ("trap: %s at 0x%x", tts, (u_int) va); 688 else 689 panic ("trap: no debugger for \"%s\" (%d)", tts, type); 690 break; 691 692 case T_IBREAK | T_USER: 693 case T_DBREAK | T_USER: 694 KSI_INIT_TRAP(&ksi); 695 ksi.ksi_signo = SIGTRAP; 696 ksi.ksi_code = TRAP_TRACE; 697 ksi.ksi_trap = trapnum; 698 ksi.ksi_addr = (void *)frame->tf_iioq_head; 699 #ifdef PTRACE 700 ss_clear_breakpoints(l); 701 if (opcode == SSBREAKPOINT) 702 ksi.ksi_code = TRAP_BRKPT; 703 #endif 704 /* pass to user debugger */ 705 trapsignal(l, &ksi); 706 707 break; 708 709 #ifdef PTRACE 710 case T_TAKENBR | T_USER: 711 ss_clear_breakpoints(l); 712 713 KSI_INIT_TRAP(&ksi); 714 ksi.ksi_signo = SIGTRAP; 715 ksi.ksi_code = TRAP_TRACE; 716 ksi.ksi_trap = trapnum; 717 ksi.ksi_addr = (void *)frame->tf_iioq_head; 718 719 /* pass to user debugger */ 720 trapsignal(l, &ksi); 721 break; 722 #endif 723 724 case T_EXCEPTION | T_USER: { /* co-proc assist trap */ 725 uint64_t *fpp; 726 uint32_t *pex, ex, inst; 727 int i; 728 729 hppa_fpu_flush(l); 730 fpp = (uint64_t *)pcb->pcb_fpregs; 731 732 /* skip the status register */ 733 pex = (uint32_t *)&fpp[0]; 734 pex++; 735 736 /* loop through the exception registers */ 737 for (i = 1; i < 8 && !*pex; i++, pex++) 738 ; 739 KASSERT(i < 8); 740 ex = *pex; 741 *pex = 0; 742 743 /* reset the trap flag, as if there was none */ 744 fpp[0] &= ~(((uint64_t)HPPA_FPU_T) << 32); 745 746 /* emulate the instruction */ 747 inst = ((uint32_t)fpopmap[ex >> 26] << 26) | (ex & 0x03ffffff); 748 hppa_fpu_emulate(frame, l, inst); 749 } 750 break; 751 752 case T_OVERFLOW | T_USER: 753 KSI_INIT_TRAP(&ksi); 754 ksi.ksi_signo = SIGFPE; 755 ksi.ksi_code = SI_NOINFO; 756 ksi.ksi_trap = type; 757 ksi.ksi_addr = (void *)va; 758 trapsignal(l, &ksi); 759 break; 760 761 case T_CONDITION | T_USER: 762 KSI_INIT_TRAP(&ksi); 763 ksi.ksi_signo = SIGFPE; 764 ksi.ksi_code = FPE_INTDIV; 765 ksi.ksi_trap = type; 766 ksi.ksi_addr = (void *)va; 767 trapsignal(l, &ksi); 768 break; 769 770 case T_ILLEGAL | T_USER: 771 #ifdef DEBUG 772 user_backtrace(frame, l, type); 773 #endif 774 KSI_INIT_TRAP(&ksi); 775 ksi.ksi_signo = SIGILL; 776 ksi.ksi_code = ILL_ILLOPC; 777 ksi.ksi_trap = type; 778 ksi.ksi_addr = (void *)va; 779 trapsignal(l, &ksi); 780 break; 781 782 case T_PRIV_OP | T_USER: 783 #ifdef DEBUG 784 user_backtrace(frame, l, type); 785 #endif 786 KSI_INIT_TRAP(&ksi); 787 ksi.ksi_signo = SIGILL; 788 ksi.ksi_code = ILL_PRVOPC; 789 ksi.ksi_trap = type; 790 ksi.ksi_addr = (void *)va; 791 trapsignal(l, &ksi); 792 break; 793 794 case T_PRIV_REG | T_USER: 795 #ifdef DEBUG 796 user_backtrace(frame, l, type); 797 #endif 798 KSI_INIT_TRAP(&ksi); 799 ksi.ksi_signo = SIGILL; 800 ksi.ksi_code = ILL_PRVREG; 801 ksi.ksi_trap = type; 802 ksi.ksi_addr = (void *)va; 803 trapsignal(l, &ksi); 804 break; 805 806 /* these should never got here */ 807 case T_HIGHERPL | T_USER: 808 case T_LOWERPL | T_USER: 809 KSI_INIT_TRAP(&ksi); 810 ksi.ksi_signo = SIGSEGV; 811 ksi.ksi_code = SEGV_ACCERR; 812 ksi.ksi_trap = type; 813 ksi.ksi_addr = (void *)va; 814 trapsignal(l, &ksi); 815 break; 816 817 case T_IPROT | T_USER: 818 case T_DPROT | T_USER: 819 KSI_INIT_TRAP(&ksi); 820 ksi.ksi_signo = SIGSEGV; 821 ksi.ksi_code = SEGV_ACCERR; 822 ksi.ksi_trap = type; 823 ksi.ksi_addr = (void *)va; 824 trapsignal(l, &ksi); 825 break; 826 827 case T_DATACC: case T_USER | T_DATACC: 828 case T_ITLBMISS: case T_USER | T_ITLBMISS: 829 case T_DTLBMISS: case T_USER | T_DTLBMISS: 830 case T_ITLBMISSNA: case T_USER | T_ITLBMISSNA: 831 case T_DTLBMISSNA: case T_USER | T_DTLBMISSNA: 832 case T_TLB_DIRTY: case T_USER | T_TLB_DIRTY: 833 vm = p->p_vmspace; 834 835 if (!vm) { 836 #ifdef TRAPDEBUG 837 printf("trap: no vm, p=%p\n", p); 838 #endif 839 goto dead_end; 840 } 841 842 /* 843 * it could be a kernel map for exec_map faults 844 */ 845 if (!(type & T_USER) && space == HPPA_SID_KERNEL) 846 map = kernel_map; 847 else { 848 map = &vm->vm_map; 849 if ((l->l_flag & LW_SA) 850 && (~l->l_pflag & LP_SA_NOBLOCK)) { 851 l->l_savp->savp_faultaddr = va; 852 l->l_pflag |= LP_SA_PAGEFAULT; 853 } 854 } 855 856 va = trunc_page(va); 857 858 if (map->pmap->pm_space != space) { 859 #ifdef TRAPDEBUG 860 printf("trap: space mismatch %d != %d\n", 861 space, map->pmap->pm_space); 862 #endif 863 /* actually dump the user, crap the kernel */ 864 goto dead_end; 865 } 866 867 /* Never call uvm_fault in interrupt context. */ 868 KASSERT(hppa_intr_depth == 0); 869 870 onfault = pcb->pcb_onfault; 871 pcb->pcb_onfault = 0; 872 ret = uvm_fault(map, va, vftype); 873 pcb->pcb_onfault = onfault; 874 875 #ifdef TRAPDEBUG 876 printf("uvm_fault(%p, %x, %d)=%d\n", 877 map, (u_int)va, vftype, ret); 878 #endif 879 880 if (map != kernel_map) 881 l->l_pflag &= ~LP_SA_PAGEFAULT; 882 883 /* 884 * If this was a stack access we keep track of the maximum 885 * accessed stack size. Also, if uvm_fault gets a protection 886 * failure it is due to accessing the stack region outside 887 * the current limit and we need to reflect that as an access 888 * error. 889 */ 890 if (map != kernel_map && va >= (vaddr_t)vm->vm_minsaddr) { 891 if (ret == 0) 892 uvm_grow(l->l_proc, va); 893 else if (ret == EACCES) 894 ret = EFAULT; 895 } 896 897 if (ret != 0) { 898 if (type & T_USER) { 899 #ifdef DEBUG 900 user_backtrace(frame, l, type); 901 #endif 902 KSI_INIT_TRAP(&ksi); 903 ksi.ksi_signo = SIGSEGV; 904 ksi.ksi_code = (ret == EACCES ? 905 SEGV_ACCERR : SEGV_MAPERR); 906 ksi.ksi_trap = type; 907 ksi.ksi_addr = (void *)va; 908 trapsignal(l, &ksi); 909 } else { 910 if (onfault) { 911 goto do_onfault; 912 } 913 panic("trap: uvm_fault(%p, %lx, %d): %d", 914 map, va, vftype, ret); 915 } 916 } 917 break; 918 919 case T_DATALIGN | T_USER: 920 #ifdef DEBUG 921 user_backtrace(frame, l, type); 922 #endif 923 KSI_INIT_TRAP(&ksi); 924 ksi.ksi_signo = SIGBUS; 925 ksi.ksi_code = BUS_ADRALN; 926 ksi.ksi_trap = type; 927 ksi.ksi_addr = (void *)va; 928 trapsignal(l, &ksi); 929 break; 930 931 case T_INTERRUPT: 932 case T_INTERRUPT|T_USER: 933 hppa_intr(frame); 934 mtctl(frame->tf_eiem, CR_EIEM); 935 break; 936 937 case T_LOWERPL: 938 case T_DPROT: 939 case T_IPROT: 940 case T_OVERFLOW: 941 case T_CONDITION: 942 case T_ILLEGAL: 943 case T_HIGHERPL: 944 case T_TAKENBR: 945 case T_POWERFAIL: 946 case T_LPMC: 947 case T_PAGEREF: 948 case T_DATAPID: case T_DATAPID | T_USER: 949 if (0 /* T-chip */) { 950 break; 951 } 952 /* FALLTHROUGH to unimplemented */ 953 default: 954 panic ("trap: unimplemented \'%s\' (%d)", tts, type); 955 } 956 957 #ifdef DIAGNOSTIC 958 if (cpl != oldcpl) 959 printf("WARNING: SPL (%d) NOT LOWERED ON TRAP (%d) EXIT\n", 960 cpl, trapnum); 961 #endif 962 963 if (type & T_USER) 964 userret(l, l->l_md.md_regs->tf_iioq_head, 0); 965 966 #ifdef DEBUG 967 frame_sanity_check(__func__, __LINE__, type, frame, l); 968 if (frame->tf_flags & TFF_LAST && (curlwp->l_flag & LW_IDLE) == 0) 969 frame_sanity_check(__func__, __LINE__, type, curlwp->l_md.md_regs, 970 curlwp); 971 #endif /* DEBUG */ 972 } 973 974 void 975 child_return(void *arg) 976 { 977 struct lwp *l = arg; 978 979 /* 980 * Return values in the frame set by cpu_lwp_fork(). 981 */ 982 983 userret(l, l->l_md.md_regs->tf_iioq_head, 0); 984 ktrsysret(SYS_fork, 0, 0); 985 #ifdef DEBUG 986 frame_sanity_check(__func__, __LINE__, 0, l->l_md.md_regs, l); 987 #endif /* DEBUG */ 988 } 989 990 #ifdef PTRACE 991 992 #include <sys/ptrace.h> 993 994 int 995 ss_get_value(struct lwp *l, vaddr_t addr, u_int *value) 996 { 997 struct uio uio; 998 struct iovec iov; 999 1000 iov.iov_base = (void *)value; 1001 iov.iov_len = sizeof(u_int); 1002 uio.uio_iov = &iov; 1003 uio.uio_iovcnt = 1; 1004 uio.uio_offset = (off_t)addr; 1005 uio.uio_resid = sizeof(u_int); 1006 uio.uio_rw = UIO_READ; 1007 UIO_SETUP_SYSSPACE(&uio); 1008 1009 return (process_domem(curlwp, l, &uio)); 1010 } 1011 1012 int 1013 ss_put_value(struct lwp *l, vaddr_t addr, u_int value) 1014 { 1015 struct uio uio; 1016 struct iovec iov; 1017 1018 iov.iov_base = (void *)&value; 1019 iov.iov_len = sizeof(u_int); 1020 uio.uio_iov = &iov; 1021 uio.uio_iovcnt = 1; 1022 uio.uio_offset = (off_t)addr; 1023 uio.uio_resid = sizeof(u_int); 1024 uio.uio_rw = UIO_WRITE; 1025 UIO_SETUP_SYSSPACE(&uio); 1026 1027 return (process_domem(curlwp, l, &uio)); 1028 } 1029 1030 void 1031 ss_clear_breakpoints(struct lwp *l) 1032 { 1033 /* Restore origional instructions. */ 1034 if (l->l_md.md_bpva != 0) { 1035 ss_put_value(l, l->l_md.md_bpva, l->l_md.md_bpsave[0]); 1036 ss_put_value(l, l->l_md.md_bpva + 4, l->l_md.md_bpsave[1]); 1037 l->l_md.md_bpva = 0; 1038 } 1039 } 1040 1041 1042 int 1043 process_sstep(struct lwp *l, int sstep) 1044 { 1045 struct trapframe *tf = l->l_md.md_regs; 1046 int error; 1047 1048 ss_clear_breakpoints(l); 1049 1050 /* We're continuing... */ 1051 /* Don't touch the syscall gateway page. */ 1052 /* XXX head */ 1053 if (sstep == 0 || 1054 (tf->tf_iioq_tail & ~PAGE_MASK) == SYSCALLGATE) { 1055 tf->tf_ipsw &= ~PSW_T; 1056 return 0; 1057 } 1058 1059 l->l_md.md_bpva = tf->tf_iioq_tail & ~HPPA_PC_PRIV_MASK; 1060 1061 /* 1062 * Insert two breakpoint instructions; the first one might be 1063 * nullified. Of course we need to save two instruction 1064 * first. 1065 */ 1066 1067 error = ss_get_value(l, l->l_md.md_bpva, &l->l_md.md_bpsave[0]); 1068 if (error) 1069 return (error); 1070 error = ss_get_value(l, l->l_md.md_bpva + 4, &l->l_md.md_bpsave[1]); 1071 if (error) 1072 return (error); 1073 1074 error = ss_put_value(l, l->l_md.md_bpva, SSBREAKPOINT); 1075 if (error) 1076 return error; 1077 error = ss_put_value(l, l->l_md.md_bpva + 4, SSBREAKPOINT); 1078 if (error) 1079 return error; 1080 1081 tf->tf_ipsw |= PSW_T; 1082 1083 return 0; 1084 } 1085 #endif 1086 1087 1088 /* 1089 * call actual syscall routine 1090 * from the low-level syscall handler: 1091 * - all HPPA_FRAME_NARGS syscall's arguments supposed to be copied onto 1092 * our stack, this wins compared to copyin just needed amount anyway 1093 * - register args are copied onto stack too 1094 */ 1095 void 1096 syscall(struct trapframe *frame, int *args) 1097 { 1098 struct lwp *l; 1099 struct proc *p; 1100 const struct sysent *callp; 1101 size_t nargs64; 1102 int nsys, code, error; 1103 int tmp; 1104 int rval[2]; 1105 #ifdef DIAGNOSTIC 1106 int oldcpl = cpl; 1107 #endif 1108 1109 uvmexp.syscalls++; 1110 1111 #ifdef DEBUG 1112 frame_sanity_check(__func__, __LINE__, 0, frame, curlwp); 1113 #endif /* DEBUG */ 1114 1115 if (!USERMODE(frame->tf_iioq_head)) 1116 panic("syscall"); 1117 1118 KASSERT(curlwp != NULL); 1119 l = curlwp; 1120 p = l->l_proc; 1121 l->l_md.md_regs = frame; 1122 nsys = p->p_emul->e_nsysent; 1123 callp = p->p_emul->e_sysent; 1124 code = frame->tf_t1; 1125 LWP_CACHE_CREDS(l, p); 1126 1127 #ifdef KERN_SA 1128 if (__predict_false((l->l_savp) 1129 && (l->l_savp->savp_pflags & SAVP_FLAG_DELIVERING))) 1130 l->l_savp->savp_pflags &= ~SAVP_FLAG_DELIVERING; 1131 #endif 1132 1133 /* 1134 * Restarting a system call is touchy on the HPPA, because syscall 1135 * arguments are passed in registers and the program counter of the 1136 * syscall "point" isn't easily divined. 1137 * 1138 * We handle the first problem by assuming that we will have to restart 1139 * this system call, so we stuff the first four words of the original 1140 * arguments back into the frame as arg0...arg3, which is where we 1141 * found them in the first place. Any further arguments are (still) on 1142 * the user's stack and the syscall code will fetch them from there 1143 * (again). 1144 * 1145 * The program counter problem is addressed below. 1146 */ 1147 frame->tf_arg0 = args[0]; 1148 frame->tf_arg1 = args[1]; 1149 frame->tf_arg2 = args[2]; 1150 frame->tf_arg3 = args[3]; 1151 1152 /* 1153 * Some special handling for the syscall(2) and 1154 * __syscall(2) system calls. 1155 */ 1156 switch (code) { 1157 case SYS_syscall: 1158 code = *args; 1159 args += 1; 1160 break; 1161 case SYS___syscall: 1162 if (callp != sysent) 1163 break; 1164 /* 1165 * NB: even though __syscall(2) takes a quad_t containing the 1166 * system call number, because our argument copying word-swaps 1167 * 64-bit arguments, the least significant word of that quad_t 1168 * is the first word in the argument array. 1169 */ 1170 code = *args; 1171 args += 2; 1172 } 1173 1174 /* 1175 * Stacks growing from lower addresses to higher addresses are not 1176 * really such a good idea, because it makes it impossible to overlay a 1177 * struct on top of C stack arguments (the arguments appear in 1178 * reversed order). 1179 * 1180 * You can do the obvious thing (as locore.S does) and copy argument 1181 * words one by one, laying them out in the "right" order in the dest- 1182 * ination buffer, but this ends up word-swapping multi-word arguments 1183 * (like off_t). 1184 * 1185 * FIXME - this works only on native binaries and 1186 * will probably screw up any and all emulation. 1187 * 1188 */ 1189 1190 if (code < 0 || code >= nsys) 1191 callp += p->p_emul->e_nosys; /* bad syscall # */ 1192 else 1193 callp += code; 1194 1195 nargs64 = SYCALL_NARGS64(callp); 1196 if (nargs64 != 0) { 1197 size_t nargs = callp->sy_narg; 1198 1199 for (size_t i = 0; i < nargs + nargs64;) { 1200 if (SYCALL_ARG_64_P(callp, i)) { 1201 tmp = args[i]; 1202 args[i] = args[i + 1]; 1203 args[i + 1] = tmp; 1204 i += 2; 1205 } else 1206 i++; 1207 } 1208 } 1209 1210 #ifdef USERTRACE 1211 if (0) { 1212 user_backtrace(frame, l, -1); 1213 frame->tf_ipsw |= PSW_R; 1214 frame->tf_rctr = 0; 1215 printf("r %08x", frame->tf_iioq_head); 1216 rctr_next_iioq = frame->tf_iioq_head + 4; 1217 } 1218 #endif 1219 1220 error = 0; 1221 if (__predict_false(p->p_trace_enabled)) { 1222 error = trace_enter(code, args, callp->sy_narg); 1223 if (error) 1224 goto out; 1225 } 1226 1227 rval[0] = 0; 1228 rval[1] = 0; 1229 error = sy_call(callp, l, args, rval); 1230 out: 1231 switch (error) { 1232 case 0: 1233 l = curlwp; /* changes on exec() */ 1234 frame = l->l_md.md_regs; 1235 frame->tf_ret0 = rval[0]; 1236 frame->tf_ret1 = rval[1]; 1237 frame->tf_t1 = 0; 1238 break; 1239 case ERESTART: 1240 /* 1241 * Now we have to wind back the instruction offset queue to the 1242 * point where the system call will be made again. This is 1243 * inherently tied to the SYSCALL macro. 1244 * 1245 * Currently, the part of the SYSCALL macro that we want to re- 1246 * run reads as: 1247 * 1248 * ldil L%SYSCALLGATE, r1 1249 * ble 4(sr7, r1) 1250 * ldi __CONCAT(SYS_,x), t1 1251 * comb,<> %r0, %t1, __cerror 1252 * 1253 * And our offset queue head points to the comb instruction. 1254 * So we need to subtract twelve to reach the ldil. 1255 */ 1256 frame->tf_iioq_head -= 12; 1257 frame->tf_iioq_tail = frame->tf_iioq_head + 4; 1258 break; 1259 case EJUSTRETURN: 1260 p = curproc; 1261 break; 1262 default: 1263 if (p->p_emul->e_errno) 1264 error = p->p_emul->e_errno[error]; 1265 frame->tf_t1 = error; 1266 break; 1267 } 1268 1269 if (__predict_false(p->p_trace_enabled)) 1270 trace_exit(code, rval, error); 1271 1272 userret(l, frame->tf_iioq_head, 0); 1273 1274 #ifdef DIAGNOSTIC 1275 if (cpl != oldcpl) { 1276 printf("WARNING: SPL (0x%x) NOT LOWERED ON " 1277 "syscall(0x%x, 0x%x, 0x%x, 0x%x...) EXIT, PID %d\n", 1278 cpl, code, args[0], args[1], args[2], p->p_pid); 1279 cpl = oldcpl; 1280 } 1281 #endif 1282 1283 #ifdef DEBUG 1284 frame_sanity_check(__func__, __LINE__, 0, frame, l); 1285 #endif /* DEBUG */ 1286 } 1287 1288 /* 1289 * Start a new LWP 1290 */ 1291 void 1292 startlwp(void *arg) 1293 { 1294 int err; 1295 ucontext_t *uc = arg; 1296 struct lwp *l = curlwp; 1297 1298 err = cpu_setmcontext(l, &uc->uc_mcontext, uc->uc_flags); 1299 #if DIAGNOSTIC 1300 if (err) { 1301 printf("Error %d from cpu_setmcontext.", err); 1302 } 1303 #endif 1304 pool_put(&lwp_uc_pool, uc); 1305 1306 userret(l, l->l_md.md_regs->tf_iioq_head, 0); 1307 } 1308 1309 /* 1310 * XXX This is a terrible name. 1311 */ 1312 void 1313 upcallret(struct lwp *l) 1314 { 1315 userret(l, l->l_md.md_regs->tf_iioq_head, 0); 1316 } 1317
Indexes created Wed Oct 01 07:09:59 GMT 2025