2 * Copyright (c) 2001, Jake Burkholder
3 * Copyright (C) 1994, David Greenman
4 * Copyright (c) 1990, 1993
5 * The Regents of the University of California. All rights reserved.
7 * This code is derived from software contributed to Berkeley by
8 * the University of Utah, and William Jolitz.
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 * 3. All advertising materials mentioning features or use of this software
19 * must display the following acknowledgement:
20 * This product includes software developed by the University of
21 * California, Berkeley and its contributors.
22 * 4. Neither the name of the University nor the names of its contributors
23 * may be used to endorse or promote products derived from this software
24 * without specific prior written permission.
26 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
29 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
38 * from: @(#)trap.c 7.4 (Berkeley) 5/13/91
39 * from: FreeBSD: src/sys/i386/i386/trap.c,v 1.197 2001/07/19
42 #include <sys/cdefs.h>
43 __FBSDID("$FreeBSD$");
47 #include "opt_ktrace.h"
49 #include <sys/param.h>
51 #include <sys/kernel.h>
53 #include <sys/interrupt.h>
56 #include <sys/mutex.h>
57 #include <sys/systm.h>
59 #include <sys/pioctl.h>
60 #include <sys/ptrace.h>
63 #include <sys/signalvar.h>
64 #include <sys/syscall.h>
65 #include <sys/sysctl.h>
66 #include <sys/sysent.h>
67 #include <sys/vmmeter.h>
70 #include <sys/ktrace.h>
72 #include <security/audit/audit.h>
74 #include <dev/ofw/openfirm.h>
78 #include <vm/vm_extern.h>
79 #include <vm/vm_param.h>
80 #include <vm/vm_kern.h>
81 #include <vm/vm_map.h>
82 #include <vm/vm_page.h>
84 #include <machine/cpu.h>
85 #include <machine/frame.h>
86 #include <machine/intr_machdep.h>
87 #include <machine/ofw_machdep.h>
88 #include <machine/pcb.h>
89 #include <machine/smp.h>
90 #include <machine/trap.h>
91 #include <machine/tstate.h>
92 #include <machine/tte.h>
93 #include <machine/tlb.h>
94 #include <machine/tsb.h>
95 #include <machine/watch.h>
105 void trap(struct trapframe *tf);
106 void syscall(struct trapframe *tf);
108 static int fetch_syscall_args(struct thread *td, struct syscall_args *sa);
109 static int trap_cecc(void);
110 static int trap_pfault(struct thread *td, struct trapframe *tf);
112 extern char copy_fault[];
113 extern char copy_nofault_begin[];
114 extern char copy_nofault_end[];
116 extern char fs_fault[];
117 extern char fs_nofault_begin[];
118 extern char fs_nofault_end[];
119 extern char fs_nofault_intr_begin[];
120 extern char fs_nofault_intr_end[];
122 extern char fas_fault[];
123 extern char fas_nofault_begin[];
124 extern char fas_nofault_end[];
126 extern char *syscallnames[];
128 const char *const trap_msg[] = {
130 "instruction access exception",
131 "instruction access error",
132 "instruction access protection",
133 "illtrap instruction",
134 "illegal instruction",
136 "floating point disabled",
137 "floating point exception ieee 754",
138 "floating point exception other",
141 "data access exception",
143 "data access protection",
144 "memory address not aligned",
147 "trap instruction 16",
148 "trap instruction 17",
149 "trap instruction 18",
150 "trap instruction 19",
151 "trap instruction 20",
152 "trap instruction 21",
153 "trap instruction 22",
154 "trap instruction 23",
155 "trap instruction 24",
156 "trap instruction 25",
157 "trap instruction 26",
158 "trap instruction 27",
159 "trap instruction 28",
160 "trap instruction 29",
161 "trap instruction 30",
162 "trap instruction 31",
163 "fast instruction access mmu miss",
164 "fast data access mmu miss",
166 "physical address watchpoint",
167 "virtual address watchpoint",
168 "corrected ecc error",
178 "restore physical watchpoint",
179 "restore virtual watchpoint",
180 "kernel stack fault",
183 static const int trap_sig[] = {
184 SIGILL, /* reserved */
185 SIGILL, /* instruction access exception */
186 SIGILL, /* instruction access error */
187 SIGILL, /* instruction access protection */
188 SIGILL, /* illtrap instruction */
189 SIGILL, /* illegal instruction */
190 SIGBUS, /* privileged opcode */
191 SIGFPE, /* floating point disabled */
192 SIGFPE, /* floating point exception ieee 754 */
193 SIGFPE, /* floating point exception other */
194 SIGEMT, /* tag overflow */
195 SIGFPE, /* division by zero */
196 SIGILL, /* data access exception */
197 SIGILL, /* data access error */
198 SIGBUS, /* data access protection */
199 SIGBUS, /* memory address not aligned */
200 SIGBUS, /* privileged action */
201 SIGBUS, /* async data error */
202 SIGILL, /* trap instruction 16 */
203 SIGILL, /* trap instruction 17 */
204 SIGILL, /* trap instruction 18 */
205 SIGILL, /* trap instruction 19 */
206 SIGILL, /* trap instruction 20 */
207 SIGILL, /* trap instruction 21 */
208 SIGILL, /* trap instruction 22 */
209 SIGILL, /* trap instruction 23 */
210 SIGILL, /* trap instruction 24 */
211 SIGILL, /* trap instruction 25 */
212 SIGILL, /* trap instruction 26 */
213 SIGILL, /* trap instruction 27 */
214 SIGILL, /* trap instruction 28 */
215 SIGILL, /* trap instruction 29 */
216 SIGILL, /* trap instruction 30 */
217 SIGILL, /* trap instruction 31 */
218 SIGSEGV, /* fast instruction access mmu miss */
219 SIGSEGV, /* fast data access mmu miss */
221 -1, /* physical address watchpoint */
222 -1, /* virtual address watchpoint */
223 -1, /* corrected ecc error */
227 SIGTRAP, /* breakpoint */
228 SIGILL, /* clean window */
229 SIGILL, /* range check */
230 SIGILL, /* fix alignment */
231 SIGILL, /* integer overflow */
232 SIGSYS, /* syscall */
233 -1, /* restore physical watchpoint */
234 -1, /* restore virtual watchpoint */
235 -1, /* kernel stack fault */
238 CTASSERT(sizeof(struct trapframe) == 256);
240 int debugger_on_signal = 0;
241 SYSCTL_INT(_debug, OID_AUTO, debugger_on_signal, CTLFLAG_RW,
242 &debugger_on_signal, 0, "");
244 u_int corrected_ecc = 0;
245 SYSCTL_UINT(_machdep, OID_AUTO, corrected_ecc, CTLFLAG_RD, &corrected_ecc, 0,
246 "corrected ECC errors");
249 * SUNW,set-trap-table allows to take over %tba from the PROM, which
250 * will turn off interrupts and handle outstanding ones while doing so,
254 sun4u_set_traptable(void *tba_addr)
262 (cell_t)"SUNW,set-trap-table",
267 args.tba_addr = (cell_t)tba_addr;
272 trap(struct trapframe *tf)
283 CTR4(KTR_TRAP, "trap: %p type=%s (%s) pil=%#lx", td,
284 trap_msg[tf->tf_type & ~T_KERNEL],
285 (TRAPF_USERMODE(tf) ? "user" : "kernel"), rdpr(pil));
287 PCPU_INC(cnt.v_trap);
289 if ((tf->tf_tstate & TSTATE_PRIV) == 0) {
290 KASSERT(td != NULL, ("trap: curthread NULL"));
291 KASSERT(td->td_proc != NULL, ("trap: curproc NULL"));
297 if (td->td_ucred != p->p_ucred)
298 cred_update_thread(td);
300 switch (tf->tf_type) {
302 case T_DATA_PROTECTION:
305 case T_INSTRUCTION_MISS:
306 sig = trap_pfault(td, tf);
309 sig = rwindow_load(td, tf, 2);
312 sig = rwindow_load(td, tf, 1);
315 sig = rwindow_save(td);
317 case T_CORRECTED_ECC_ERROR:
321 if (tf->tf_type < 0 || tf->tf_type >= T_MAX)
322 panic("trap: bad trap type %#lx (user)",
324 else if (trap_sig[tf->tf_type] == -1)
325 panic("trap: %s (user)",
326 trap_msg[tf->tf_type]);
327 sig = trap_sig[tf->tf_type];
332 /* Translate fault for emulators. */
333 if (p->p_sysent->sv_transtrap != NULL) {
334 sig = p->p_sysent->sv_transtrap(sig,
337 if (debugger_on_signal &&
338 (sig == 4 || sig == 10 || sig == 11))
339 kdb_enter(KDB_WHY_TRAPSIG, "trapsig");
340 ksiginfo_init_trap(&ksi);
342 ksi.ksi_code = (int)tf->tf_type; /* XXX not POSIX */
343 ksi.ksi_addr = (void *)addr;
344 ksi.ksi_trapno = (int)tf->tf_type;
345 trapsignal(td, &ksi);
349 mtx_assert(&Giant, MA_NOTOWNED);
351 KASSERT((tf->tf_type & T_KERNEL) != 0,
352 ("trap: kernel trap isn't"));
359 switch (tf->tf_type & ~T_KERNEL) {
362 error = (kdb_trap(tf->tf_type, 0, tf) == 0);
366 case T_PA_WATCHPOINT:
367 case T_VA_WATCHPOINT:
368 error = db_watch_trap(tf);
372 case T_DATA_PROTECTION:
373 case T_INSTRUCTION_MISS:
374 error = trap_pfault(td, tf);
376 case T_DATA_EXCEPTION:
377 case T_MEM_ADDRESS_NOT_ALIGNED:
378 if ((tf->tf_sfsr & MMU_SFSR_FV) != 0 &&
379 MMU_SFSR_GET_ASI(tf->tf_sfsr) == ASI_AIUP) {
380 if (tf->tf_tpc >= (u_long)copy_nofault_begin &&
381 tf->tf_tpc <= (u_long)copy_nofault_end) {
382 tf->tf_tpc = (u_long)copy_fault;
383 tf->tf_tnpc = tf->tf_tpc + 4;
387 if (tf->tf_tpc >= (u_long)fs_nofault_begin &&
388 tf->tf_tpc <= (u_long)fs_nofault_end) {
389 tf->tf_tpc = (u_long)fs_fault;
390 tf->tf_tnpc = tf->tf_tpc + 4;
399 * Handle PCI poke/peek as per UltraSPARC IIi
400 * User's Manual 16.2.1, modulo checking the
401 * TPC as USIII CPUs generate a precise trap
402 * instead of a special deferred one.
404 if (tf->tf_tpc > (u_long)fas_nofault_begin &&
405 tf->tf_tpc < (u_long)fas_nofault_end) {
407 cache_enable(PCPU_GET(impl));
408 tf->tf_tpc = (u_long)fas_fault;
409 tf->tf_tnpc = tf->tf_tpc + 4;
415 case T_CORRECTED_ECC_ERROR:
424 tf->tf_type &= ~T_KERNEL;
425 if (tf->tf_type < 0 || tf->tf_type >= T_MAX)
426 panic("trap: bad trap type %#lx (kernel)",
428 else if (trap_sig[tf->tf_type] == -1)
429 panic("trap: %s (kernel)",
430 trap_msg[tf->tf_type]);
433 CTR1(KTR_TRAP, "trap: td=%p return", td);
442 * Turn off (non-)correctable error reporting while we're dealing
445 eee = ldxa(0, ASI_ESTATE_ERROR_EN_REG);
446 stxa_sync(0, ASI_ESTATE_ERROR_EN_REG, eee & ~(AA_ESTATE_NCEEN |
448 /* Flush the caches in order ensure no corrupt data got installed. */
450 /* Ensure the caches are still turned on (should be). */
451 cache_enable(PCPU_GET(impl));
452 /* Clear the the error from the AFSR. */
453 stxa_sync(0, ASI_AFSR, ldxa(0, ASI_AFSR));
455 printf("corrected ECC error\n");
456 /* Turn (non-)correctable error reporting back on. */
457 stxa_sync(0, ASI_ESTATE_ERROR_EN_REG, eee);
462 trap_pfault(struct thread *td, struct trapframe *tf)
468 vm_map_entry_t entry;
476 KASSERT(td->td_pcb != NULL, ("trap_pfault: pcb NULL"));
477 KASSERT(td->td_proc != NULL, ("trap_pfault: curproc NULL"));
478 KASSERT(td->td_proc->p_vmspace != NULL, ("trap_pfault: vmspace NULL"));
483 ctx = TLB_TAR_CTX(tf->tf_tar);
484 type = tf->tf_type & ~T_KERNEL;
485 va = TLB_TAR_VA(tf->tf_tar);
487 CTR4(KTR_TRAP, "trap_pfault: td=%p pm_ctx=%#lx va=%#lx ctx=%#lx",
488 td, p->p_vmspace->vm_pmap.pm_context[curcpu], va, ctx);
490 if (type == T_DATA_PROTECTION) {
491 prot = VM_PROT_WRITE;
492 flags = VM_FAULT_DIRTY;
494 if (type == T_DATA_MISS)
497 prot = VM_PROT_READ | VM_PROT_EXECUTE;
498 flags = VM_FAULT_NORMAL;
501 if (ctx != TLB_CTX_KERNEL) {
502 if ((tf->tf_tstate & TSTATE_PRIV) != 0 &&
503 (tf->tf_tpc >= (u_long)fs_nofault_intr_begin &&
504 tf->tf_tpc <= (u_long)fs_nofault_intr_end)) {
505 tf->tf_tpc = (u_long)fs_fault;
506 tf->tf_tnpc = tf->tf_tpc + 4;
511 * This is a fault on non-kernel virtual memory.
516 * Keep swapout from messing with us during this
523 /* Fault in the user page. */
524 rv = vm_fault(&vm->vm_map, va, prot, flags);
527 * Now the process can be swapped again.
534 * This is a fault on kernel virtual memory. Attempts to
535 * access kernel memory from user mode cause privileged
536 * action traps, not page fault.
538 KASSERT(tf->tf_tstate & TSTATE_PRIV,
539 ("trap_pfault: fault on nucleus context from user mode"));
541 if (tf->tf_tpc >= (u_long)copy_nofault_begin &&
542 tf->tf_tpc <= (u_long)copy_nofault_end) {
543 vm_map_lock_read(kernel_map);
544 if (vm_map_lookup_entry(kernel_map, va, &entry) &&
545 (entry->eflags & MAP_ENTRY_NOFAULT) != 0) {
546 tf->tf_tpc = (u_long)copy_fault;
547 tf->tf_tnpc = tf->tf_tpc + 4;
548 vm_map_unlock_read(kernel_map);
551 vm_map_unlock_read(kernel_map);
555 * We don't have to worry about process locking or stacks in
558 rv = vm_fault(kernel_map, va, prot, VM_FAULT_NORMAL);
561 CTR3(KTR_TRAP, "trap_pfault: return td=%p va=%#lx rv=%d",
563 if (rv == KERN_SUCCESS)
565 if (ctx != TLB_CTX_KERNEL && (tf->tf_tstate & TSTATE_PRIV) != 0) {
566 if (tf->tf_tpc >= (u_long)fs_nofault_begin &&
567 tf->tf_tpc <= (u_long)fs_nofault_end) {
568 tf->tf_tpc = (u_long)fs_fault;
569 tf->tf_tnpc = tf->tf_tpc + 4;
572 if (tf->tf_tpc >= (u_long)copy_nofault_begin &&
573 tf->tf_tpc <= (u_long)copy_nofault_end) {
574 tf->tf_tpc = (u_long)copy_fault;
575 tf->tf_tnpc = tf->tf_tpc + 4;
579 return ((rv == KERN_PROTECTION_FAILURE) ? SIGBUS : SIGSEGV);
582 /* Maximum number of arguments that can be passed via the out registers. */
583 #define REG_MAXARGS 6
586 fetch_syscall_args(struct thread *td, struct syscall_args *sa)
588 struct trapframe *tf;
597 regcnt = REG_MAXARGS;
599 sa->code = tf->tf_global[1];
601 if (p->p_sysent->sv_prepsyscall) {
603 (*p->p_sysent->sv_prepsyscall)(tf, sa->args, &sa->code,
606 } else if (sa->code == SYS_syscall || sa->code == SYS___syscall) {
607 sa->code = tf->tf_out[reg++];
611 if (p->p_sysent->sv_mask)
612 sa->code &= p->p_sysent->sv_mask;
614 if (sa->code >= p->p_sysent->sv_size)
615 sa->callp = &p->p_sysent->sv_table[0];
617 sa->callp = &p->p_sysent->sv_table[sa->code];
619 sa->narg = sa->callp->sy_narg;
620 KASSERT(sa->narg <= sizeof(sa->args) / sizeof(sa->args[0]),
621 ("Too many syscall arguments!"));
624 bcopy(&tf->tf_out[reg], sa->args, sizeof(sa->args[0]) * regcnt);
625 if (sa->narg > regcnt)
626 error = copyin((void *)(tf->tf_out[6] + SPOFF +
627 offsetof(struct frame, fr_pad[6])), &sa->args[regcnt],
628 (sa->narg - regcnt) * sizeof(sa->args[0]));
631 * This may result in two records if debugger modified
632 * registers or memory during sleep at stop/ptrace point.
635 if (KTRPOINT(td, KTR_SYSCALL))
636 ktrsyscall(sa->code, sa->narg, sa->argp);
643 * The arguments to the syscall are passed in the out registers by the caller,
644 * and are saved in the trap frame. The syscall number is passed in %g1 (and
645 * also saved in the trap frame).
648 syscall(struct trapframe *tf)
650 struct syscall_args sa;
656 KASSERT(td != NULL, ("trap: curthread NULL"));
657 KASSERT(td->td_proc != NULL, ("trap: curproc NULL"));
659 PCPU_INC(cnt.v_syscall);
665 if (td->td_ucred != p->p_ucred)
666 cred_update_thread(td);
667 if ((p->p_flag & P_TRACED) != 0) {
669 td->td_dbgflags &= ~TDB_USERWR;
674 * For syscalls, we don't want to retry the faulting instruction
675 * (usually), instead we need to advance one instruction.
677 td->td_pcb->pcb_tpc = tf->tf_tpc;
680 error = fetch_syscall_args(td, &sa);
681 CTR5(KTR_SYSC, "syscall: td=%p %s(%#lx, %#lx, %#lx)", td,
682 syscallnames[sa.code], sa.argp[0], sa.argp[1], sa.argp[2]);
685 td->td_retval[0] = 0;
686 td->td_retval[1] = 0;
688 STOPEVENT(p, S_SCE, sa.narg);
689 PTRACESTOP_SC(p, td, S_PT_SCE);
690 if ((td->td_dbgflags & TDB_USERWR) != 0) {
692 * Reread syscall number and arguments if
693 * debugger modified registers or memory.
695 error = fetch_syscall_args(td, &sa);
698 td->td_retval[1] = 0;
701 AUDIT_SYSCALL_ENTER(sa.code, td);
702 error = (*sa.callp->sy_call)(td, sa.argp);
703 AUDIT_SYSCALL_EXIT(error, td);
705 CTR5(KTR_SYSC, "syscall: p=%p error=%d %s return %#lx %#lx",
706 p, error, syscallnames[sa.code], td->td_retval[0],
710 cpu_set_syscall_retval(td, error);
713 * Check for misbehavior.
715 WITNESS_WARN(WARN_PANIC, NULL, "System call %s returning",
716 (sa.code >= 0 && sa.code < SYS_MAXSYSCALL) ?
717 syscallnames[sa.code] : "???");
718 KASSERT(td->td_critnest == 0,
719 ("System call %s returning in a critical section",
720 (sa.code >= 0 && sa.code < SYS_MAXSYSCALL) ?
721 syscallnames[sa.code] : "???"));
722 KASSERT(td->td_locks == 0,
723 ("System call %s returning with %d locks held",
724 (sa.code >= 0 && sa.code < SYS_MAXSYSCALL) ?
725 syscallnames[sa.code] : "???", td->td_locks));
728 * Handle reschedule and other end-of-syscall issues.
733 if (KTRPOINT(td, KTR_SYSRET))
734 ktrsysret(sa.code, error, td->td_retval[0]);
737 * This works because errno is findable through the
738 * register set. If we ever support an emulation where this
739 * is not the case, this code will need to be revisited.
741 STOPEVENT(p, S_SCX, sa.code);
743 PTRACESTOP_SC(p, td, S_PT_SCX);
projects / FreeBSD / releng / 8.1.git / blob