trap.c revision 1.96 
1/*	$NetBSD: trap.c,v 1.96 2024/01/19 18:18:55 thorpej Exp $	*/
2
3/*
4 * This file was taken from mvme68k/mvme68k/trap.c
5 * should probably be re-synced when needed.
6 * Darrin B. Jewell <jewell@mit.edu> Tue Aug  3 10:53:12 UTC 1999
7 * original cvs id: NetBSD: trap.c,v 1.32 1999/08/03 10:52:06 dbj Exp
8 */
9
10/*
11 * Copyright (c) 1988 University of Utah.
12 * Copyright (c) 1982, 1986, 1990, 1993
13 *	The Regents of the University of California.  All rights reserved.
14 *
15 * This code is derived from software contributed to Berkeley by
16 * the Systems Programming Group of the University of Utah Computer
17 * Science Department.
18 *
19 * Redistribution and use in source and binary forms, with or without
20 * modification, are permitted provided that the following conditions
21 * are met:
22 * 1. Redistributions of source code must retain the above copyright
23 *    notice, this list of conditions and the following disclaimer.
24 * 2. Redistributions in binary form must reproduce the above copyright
25 *    notice, this list of conditions and the following disclaimer in the
26 *    documentation and/or other materials provided with the distribution.
27 * 3. Neither the name of the University nor the names of its contributors
28 *    may be used to endorse or promote products derived from this software
29 *    without specific prior written permission.
30 *
31 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
32 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
33 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
34 * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
35 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
36 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
37 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
38 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
39 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
40 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
41 * SUCH DAMAGE.
42 *
43 * from: Utah $Hdr: trap.c 1.37 92/12/20$
44 *
45 *	@(#)trap.c	8.5 (Berkeley) 1/4/94
46 */
47
48#include <sys/cdefs.h>
49__KERNEL_RCSID(0, "$NetBSD: trap.c,v 1.96 2024/01/19 18:18:55 thorpej Exp $");
50
51#include "opt_ddb.h"
52#include "opt_execfmt.h"
53#include "opt_kgdb.h"
54#include "opt_compat_sunos.h"
55#include "opt_m68k_arch.h"
56
57#include <sys/param.h>
58#include <sys/systm.h>
59#include <sys/proc.h>
60#include <sys/acct.h>
61#include <sys/kernel.h>
62#include <sys/signalvar.h>
63#include <sys/resourcevar.h>
64#include <sys/syscall.h>
65#include <sys/syslog.h>
66#include <sys/userret.h>
67#include <sys/kauth.h>
68
69#ifdef DEBUG
70#include <dev/cons.h>
71#endif
72
73#include <machine/db_machdep.h>
74#include <machine/pcb.h>
75#include <machine/psl.h>
76#include <machine/trap.h>
77#include <machine/cpu.h>
78#include <machine/reg.h>
79
80#include <m68k/cacheops.h>
81
82#include <uvm/uvm_extern.h>
83
84#ifdef COMPAT_SUNOS
85#include <compat/sunos/sunos_syscall.h>
86extern struct emul emul_sunos;
87#endif
88
89#ifdef KGDB
90#include <sys/kgdb.h>
91#endif
92
93void	trap(struct frame *, int, u_int, u_int);
94
95#ifdef DEBUG
96void	dumpssw(u_short);
97void	dumpwb(int, u_short, u_int, u_int);
98#endif
99
100static inline void userret(struct lwp *, struct frame *, u_quad_t, u_int, int);
101
102int	astpending;
103
104const char *trap_type[] = {
105	"Bus error",
106	"Address error",
107	"Illegal instruction",
108	"Zero divide",
109	"CHK instruction",
110	"TRAPV instruction",
111	"Privilege violation",
112	"Trace trap",
113	"MMU fault",
114	"SSIR trap",
115	"Format error",
116	"68881 exception",
117	"Coprocessor violation",
118	"Async system trap"
119};
120int	trap_types = sizeof trap_type / sizeof trap_type[0];
121
122/*
123 * Size of various exception stack frames (minus the standard 8 bytes)
124 */
125short	exframesize[] = {
126	FMT0SIZE,	/* type 0 - normal (68020/030/040/060) */
127	FMT1SIZE,	/* type 1 - throwaway (68020/030/040) */
128	FMT2SIZE,	/* type 2 - normal 6-word (68020/030/040/060) */
129	FMT3SIZE,	/* type 3 - FP post-instruction (68040/060) */
130	FMT4SIZE,	/* type 4 - access error/fp disabled (68060) */
131	-1, -1,		/* type 5-6 - undefined */
132	FMT7SIZE,	/* type 7 - access error (68040) */
133	58,		/* type 8 - bus fault (68010) */
134	FMT9SIZE,	/* type 9 - coprocessor mid-instruction (68020/030) */
135	FMTASIZE,	/* type A - short bus fault (68020/030) */
136	FMTBSIZE,	/* type B - long bus fault (68020/030) */
137	-1, -1, -1, -1	/* type C-F - undefined */
138};
139
140#ifdef M68060
141#define	KDFAULT_060(c)	(cputype == CPU_68060 && ((c) & FSLW_TM_SV))
142#define	WRFAULT_060(c)	(cputype == CPU_68060 && ((c) & FSLW_RW_W))
143#else
144#define	KDFAULT_060(c)	0
145#define	WRFAULT_060(c)	0
146#endif
147
148#ifdef M68040
149#define	KDFAULT_040(c)	(cputype == CPU_68040 && \
150			 ((c) & SSW4_TMMASK) == SSW4_TMKD)
151#define	WRFAULT_040(c)	(cputype == CPU_68040 && \
152			 ((c) & (SSW4_LK|SSW4_RW)) != SSW4_RW)
153#else
154#define	KDFAULT_040(c)	0
155#define	WRFAULT_040(c)	0
156#endif
157
158#if defined(M68030) || defined(M68020)
159#define	KDFAULT_OTH(c)	(cputype <= CPU_68030 && \
160			 ((c) & (SSW_DF|SSW_FCMASK)) == (SSW_DF|FC_SUPERD))
161#define	WRFAULT_OTH(c)	(cputype <= CPU_68030 && \
162			 (((c) & SSW_DF) != 0 && \
163			 ((((c) & SSW_RW) == 0) || (((c) & SSW_RM) != 0))))
164#else
165#define	KDFAULT_OTH(c)	0
166#define	WRFAULT_OTH(c)	0
167#endif
168
169#define	KDFAULT(c)	(KDFAULT_060(c) || KDFAULT_040(c) || KDFAULT_OTH(c))
170#define	WRFAULT(c)	(WRFAULT_060(c) || WRFAULT_040(c) || WRFAULT_OTH(c))
171
172#ifdef DEBUG
173int mmudebug = 0;
174int mmupid = -1;
175#define MDB_FOLLOW	1
176#define MDB_WBFOLLOW	2
177#define MDB_WBFAILED	4
178#define MDB_ISPID(p)	((p) == mmupid)
179#endif
180
181/*
182 * trap and syscall both need the following work done before returning
183 * to user mode.
184 */
185static inline void
186userret(struct lwp *l, struct frame *fp, u_quad_t oticks, u_int faultaddr,
187    int fromtrap)
188{
189	struct proc *p = l->l_proc;
190#ifdef M68040
191	int sig;
192	int beenhere = 0;
193
194again:
195#endif
196	/* Invoke MI userret code */
197	mi_userret(l);
198
199	/*
200	 * If profiling, charge system time to the trapped pc.
201	 */
202	if (p->p_stflag & PST_PROFIL) {
203		extern int psratio;
204
205		addupc_task(l, fp->f_pc,
206			    (int)(p->p_sticks - oticks) * psratio);
207	}
208#ifdef M68040
209	/*
210	 * Deal with user mode writebacks (from trap, or from sigreturn).
211	 * If any writeback fails, go back and attempt signal delivery.
212	 * unless we have already been here and attempted the writeback
213	 * (e.g. bad address with user ignoring SIGSEGV).  In that case
214	 * we just return to the user without successfully completing
215	 * the writebacks.  Maybe we should just drop the sucker?
216	 */
217	if (cputype == CPU_68040 && fp->f_format == FMT7) {
218		if (beenhere) {
219#ifdef DEBUG
220			if (mmudebug & MDB_WBFAILED)
221				printf(fromtrap ?
222		"pid %d(%s): writeback aborted, pc=%x, fa=%x\n" :
223		"pid %d(%s): writeback aborted in sigreturn, pc=%x\n",
224				    p->p_pid, p->p_comm, fp->f_pc, faultaddr);
225#endif
226		} else if ((sig = m68040_writeback(fp, fromtrap))) {
227			ksiginfo_t ksi;
228			beenhere = 1;
229			oticks = p->p_sticks;
230			(void)memset(&ksi, 0, sizeof(ksi));
231			ksi.ksi_signo = sig;
232			ksi.ksi_addr = (void *)faultaddr;
233			ksi.ksi_code = BUS_OBJERR;
234			trapsignal(l, &ksi);
235			goto again;
236		}
237	}
238#endif
239}
240
241/*
242 * Used by the common m68k syscall() and child_return() functions.
243 * XXX: Temporary until all m68k ports share common trap()/userret() code.
244 */
245void machine_userret(struct lwp *, struct frame *, u_quad_t);
246
247void
248machine_userret(struct lwp *l, struct frame *f, u_quad_t t)
249{
250
251	userret(l, f, t, 0, 0);
252}
253
254/*
255 * Trap is called from locore to handle most types of processor traps,
256 * including events such as simulated software interrupts/AST's.
257 * System calls are broken out for efficiency.
258 */
259/*ARGSUSED*/
260void
261trap(struct frame *fp, int type, unsigned code, unsigned v)
262{
263	struct lwp *l;
264	struct proc *p;
265	struct pcb *pcb;
266	void *onfault;
267	ksiginfo_t ksi;
268	int s;
269	int rv;
270	u_quad_t sticks = 0 /* XXX initialiser works around compiler bug */;
271	static int panicking __diagused;
272
273	curcpu()->ci_data.cpu_ntrap++;
274	l = curlwp;
275	p = l->l_proc;
276	pcb = lwp_getpcb(l);
277
278	KSI_INIT_TRAP(&ksi);
279	ksi.ksi_trap = type & ~T_USER;
280
281	if (USERMODE(fp->f_sr)) {
282		type |= T_USER;
283		sticks = p->p_sticks;
284		l->l_md.md_regs = fp->f_regs;
285	}
286	switch (type) {
287
288	default:
289	dopanic:
290		/*
291		 * Let the kernel debugger see the trap frame that
292		 * caused us to panic.  This is a convenience so
293		 * one can see registers at the point of failure.
294		 */
295		s = splhigh();
296		panicking = 1;
297		printf("trap type %d, code = 0x%x, v = 0x%x\n", type, code, v);
298		printf("%s program counter = 0x%x\n",
299		    (type & T_USER) ? "user" : "kernel", fp->f_pc);
300#ifdef KGDB
301		/* If connected, step or cont returns 1 */
302		if (kgdb_trap(type, (db_regs_t *)fp))
303			goto kgdb_cont;
304#endif
305#ifdef DDB
306		(void)kdb_trap(type, (db_regs_t *)fp);
307#endif
308#ifdef KGDB
309	kgdb_cont:
310#endif
311		splx(s);
312		if (panicstr) {
313			printf("trap during panic!\n");
314#ifdef DEBUG
315			/* XXX should be a machine-dependent hook */
316			printf("(press a key)\n");
317			cnpollc(1);
318			(void)cngetc();
319			cnpollc(0);
320#endif
321		}
322		regdump((struct trapframe *)fp, 128);
323		type &= ~T_USER;
324		if ((u_int)type < trap_types)
325			panic(trap_type[type]);
326		panic("trap");
327
328	case T_BUSERR:		/* kernel bus error */
329		onfault = pcb->pcb_onfault;
330		if (onfault == NULL)
331			goto dopanic;
332		rv = EFAULT;
333		/* FALLTHROUGH */
334
335	copyfault:
336		/*
337		 * If we have arranged to catch this fault in any of the
338		 * copy to/from user space routines, set PC to return to
339		 * indicated location and set flag informing buserror code
340		 * that it may need to clean up stack frame.
341		 */
342		fp->f_stackadj = exframesize[fp->f_format];
343		fp->f_format = fp->f_vector = 0;
344		fp->f_pc = (int)onfault;
345		fp->f_regs[D0] = rv;
346		return;
347
348	case T_BUSERR|T_USER:	/* bus error */
349	case T_ADDRERR|T_USER:	/* address error */
350		ksi.ksi_addr = (void *)v;
351		ksi.ksi_signo = SIGBUS;
352		ksi.ksi_code = (type == (T_BUSERR|T_USER)) ?
353			BUS_OBJERR : BUS_ADRERR;
354		break;
355
356	case T_COPERR:		/* kernel coprocessor violation */
357	case T_FMTERR|T_USER:	/* do all RTE errors come in as T_USER? */
358	case T_FMTERR:		/* ...just in case... */
359	/*
360	 * The user has most likely trashed the RTE or FP state info
361	 * in the stack frame of a signal handler.
362	 */
363		printf("pid %d: kernel %s exception\n", p->p_pid,
364		       type==T_COPERR ? "coprocessor" : "format");
365		type |= T_USER;
366
367		mutex_enter(p->p_lock);
368		SIGACTION(p, SIGILL).sa_handler = SIG_DFL;
369		sigdelset(&p->p_sigctx.ps_sigignore, SIGILL);
370		sigdelset(&p->p_sigctx.ps_sigcatch, SIGILL);
371		sigdelset(&l->l_sigmask, SIGILL);
372		mutex_exit(p->p_lock);
373
374		ksi.ksi_signo = SIGILL;
375		ksi.ksi_addr = (void *)(int)fp->f_format;
376				/* XXX was ILL_RESAD_FAULT */
377		ksi.ksi_code = (type == T_COPERR) ?
378			ILL_COPROC : ILL_ILLOPC;
379		break;
380
381	case T_COPERR|T_USER:	/* user coprocessor violation */
382	/* What is a proper response here? */
383		ksi.ksi_signo = SIGFPE;
384		ksi.ksi_code = FPE_FLTINV;
385		break;
386
387	case T_FPERR|T_USER:	/* 68881 exceptions */
388	/*
389	 * We pass along the 68881 status register which locore stashed
390	 * in code for us.
391	 */
392		ksi.ksi_signo = SIGFPE;
393		ksi.ksi_code = fpsr2siginfocode(code);
394		break;
395
396#ifdef M68040
397	case T_FPEMULI|T_USER:	/* unimplemented FP instruction */
398	case T_FPEMULD|T_USER:	/* unimplemented FP data type */
399		/* XXX need to FSAVE */
400		printf("pid %d(%s): unimplemented FP %s at %x (EA %x)\n",
401		       p->p_pid, p->p_comm,
402		       fp->f_format == 2 ? "instruction" : "data type",
403		       fp->f_pc, fp->f_fmt2.f_iaddr);
404		/* XXX need to FRESTORE */
405		ksi.ksi_signo = SIGFPE;
406		ksi.ksi_code = FPE_FLTINV;
407		break;
408#endif
409
410	case T_ILLINST|T_USER:	/* illegal instruction fault */
411	case T_PRIVINST|T_USER:	/* privileged instruction fault */
412		ksi.ksi_addr = (void *)(int)fp->f_format;
413				/* XXX was ILL_PRIVIN_FAULT */
414		ksi.ksi_signo = SIGILL;
415		ksi.ksi_code = (type == (T_PRIVINST|T_USER)) ?
416			ILL_PRVOPC : ILL_ILLOPC;
417		break;
418
419	case T_ZERODIV|T_USER:	/* Divide by zero */
420		ksi.ksi_addr = (void *)(int)fp->f_format;
421				/* XXX was FPE_INTDIV_TRAP */
422		ksi.ksi_signo = SIGFPE;
423		ksi.ksi_code = FPE_FLTDIV;
424		break;
425
426	case T_CHKINST|T_USER:	/* CHK instruction trap */
427		ksi.ksi_addr = (void *)(int)fp->f_format;
428				/* XXX was FPE_SUBRNG_TRAP */
429		ksi.ksi_signo = SIGFPE;
430		break;
431
432	case T_TRAPVINST|T_USER:	/* TRAPV instruction trap */
433		ksi.ksi_addr = (void *)(int)fp->f_format;
434				/* XXX was FPE_INTOVF_TRAP */
435		ksi.ksi_signo = SIGFPE;
436		break;
437
438	/*
439	 * XXX: Trace traps are a nightmare.
440	 *
441	 *	HP-UX uses trap #1 for breakpoints,
442	 *	NetBSD/m68k uses trap #2,
443	 *	SUN 3.x uses trap #15,
444	 *	DDB and KGDB uses trap #15 (for kernel breakpoints;
445	 *	handled elsewhere).
446	 *
447	 * NetBSD and HP-UX traps both get mapped by locore.s into T_TRACE.
448	 * SUN 3.x traps get passed through as T_TRAP15 and are not really
449	 * supported yet.
450	 *
451	 * XXX: We should never get kernel-mode T_TRAP15
452	 * XXX: because locore.s now gives them special treatment.
453	 */
454	case T_TRAP15:		/* kernel breakpoint */
455#ifdef DEBUG
456		printf("unexpected kernel trace trap, type = %d\n", type);
457		printf("program counter = 0x%x\n", fp->f_pc);
458#endif
459		fp->f_sr &= ~PSL_T;
460		return;
461
462	case T_TRACE|T_USER:	/* user trace trap */
463#ifdef COMPAT_SUNOS
464		/*
465		 * SunOS uses Trap #2 for a "CPU cache flush".
466		 * Just flush the on-chip caches and return.
467		 */
468		if (p->p_emul == &emul_sunos) {
469			ICIA();
470			DCIU();
471			return;
472		}
473#endif
474		/* FALLTHROUGH */
475	case T_TRACE:		/* tracing a trap instruction */
476	case T_TRAP15|T_USER:	/* SUN user trace trap */
477		fp->f_sr &= ~PSL_T;
478		ksi.ksi_signo = SIGTRAP;
479		break;
480
481	case T_ASTFLT:		/* system async trap, cannot happen */
482		goto dopanic;
483
484	case T_ASTFLT|T_USER:	/* user async trap */
485		astpending = 0;
486		/*
487		 * We check for software interrupts first.  This is because
488		 * they are at a higher level than ASTs, and on a VAX would
489		 * interrupt the AST.  We assume that if we are processing
490		 * an AST that we must be at IPL0 so we don't bother to
491		 * check.  Note that we ensure that we are at least at SIR
492		 * IPL while processing the SIR.
493		 */
494		spl1();
495		/* fall into... */
496
497	case T_SSIR:		/* software interrupt */
498	case T_SSIR|T_USER:
499		/*
500		 * If this was not an AST trap, we are all done.
501		 */
502		if (type != (T_ASTFLT|T_USER)) {
503			curcpu()->ci_data.cpu_ntrap--;
504			return;
505		}
506		spl0();
507		if (l->l_pflag & LP_OWEUPC) {
508			l->l_pflag &= ~LP_OWEUPC;
509			ADDUPROF(l);
510		}
511		goto out;
512
513	case T_MMUFLT:		/* kernel mode page fault */
514	case T_MMUFLT|T_USER:	/* page fault */
515	    {
516		vaddr_t va;
517		struct vmspace *vm = p->p_vmspace;
518		struct vm_map *map;
519		vm_prot_t ftype;
520		extern struct vm_map *kernel_map;
521
522		onfault = pcb->pcb_onfault;
523
524#ifdef DEBUG
525		if ((mmudebug & MDB_WBFOLLOW) || MDB_ISPID(p->p_pid))
526		printf("trap: T_MMUFLT pid=%d, code=%x, v=%x, pc=%x, sr=%x\n",
527		       p->p_pid, code, v, fp->f_pc, fp->f_sr);
528#endif
529		/*
530		 * It is only a kernel address space fault iff:
531		 * 	1. (type & T_USER) == 0  and
532		 * 	2. pcb_onfault not set or
533		 *	3. pcb_onfault set but supervisor space data fault
534		 * The last can occur during an exec() copyin where the
535		 * argument space is lazy-allocated.
536		 */
537		if ((type & T_USER) == 0 && (onfault == NULL || KDFAULT(code)))
538			map = kernel_map;
539		else {
540			map = vm ? &vm->vm_map : kernel_map;
541		}
542
543		if (WRFAULT(code))
544			ftype = VM_PROT_WRITE;
545		else
546			ftype = VM_PROT_READ;
547
548		va = trunc_page((vaddr_t)v);
549
550		if (map == kernel_map && va == 0) {
551			printf("trap: bad kernel %s access at 0x%x\n",
552			    (ftype & VM_PROT_WRITE) ? "read/write" :
553			    "read", v);
554			goto dopanic;
555		}
556
557#ifdef DIAGNOSTIC
558		if (intr_depth && !panicking) {
559			printf("trap: calling uvm_fault() from interrupt!\n");
560			goto dopanic;
561		}
562#endif
563
564		pcb->pcb_onfault = NULL;
565		rv = uvm_fault(map, va, ftype);
566		pcb->pcb_onfault = onfault;
567#ifdef DEBUG
568		if (rv && MDB_ISPID(p->p_pid))
569			printf("uvm_fault(%p, 0x%lx, 0x%x) -> 0x%x\n",
570			    map, va, ftype, rv);
571#endif
572		/*
573		 * If this was a stack access we keep track of the maximum
574		 * accessed stack size.  Also, if vm_fault gets a protection
575		 * failure it is due to accessing the stack region outside
576		 * the current limit and we need to reflect that as an access
577		 * error.
578		 */
579		if (rv == 0) {
580			if (map != kernel_map && (void *)va >= vm->vm_maxsaddr)
581				uvm_grow(p, va);
582
583			if (type == T_MMUFLT) {
584#ifdef M68040
585				if (cputype == CPU_68040)
586					(void) m68040_writeback(fp, 1);
587#endif
588				return;
589			}
590			goto out;
591		}
592		if (rv == EACCES) {
593			ksi.ksi_code = SEGV_ACCERR;
594			rv = EFAULT;
595		} else
596			ksi.ksi_code = SEGV_MAPERR;
597		if (type == T_MMUFLT) {
598			if (onfault)
599				goto copyfault;
600			printf("uvm_fault(%p, 0x%lx, 0x%x) -> 0x%x\n",
601			    map, va, ftype, rv);
602			printf("  type %x, code [mmu,,ssw]: %x\n",
603			       type, code);
604			goto dopanic;
605		}
606		ksi.ksi_addr = (void *)v;
607		switch (rv) {
608		case ENOMEM:
609			printf("UVM: pid %d (%s), uid %d killed: out of swap\n",
610			       p->p_pid, p->p_comm,
611			       l->l_cred ?
612			       kauth_cred_geteuid(l->l_cred) : -1);
613			ksi.ksi_signo = SIGKILL;
614			break;
615		case EINVAL:
616			ksi.ksi_signo = SIGBUS;
617			ksi.ksi_code = BUS_ADRERR;
618			break;
619		case EACCES:
620			ksi.ksi_signo = SIGSEGV;
621			ksi.ksi_code = SEGV_ACCERR;
622			break;
623		default:
624			ksi.ksi_signo = SIGSEGV;
625			ksi.ksi_code = SEGV_MAPERR;
626			break;
627		}
628		break;
629	    }
630	}
631	trapsignal(l, &ksi);
632	if ((type & T_USER) == 0)
633		return;
634out:
635	userret(l, fp, sticks, v, 1);
636}
637