2 * Copyright (C) 1995-1996 Gary Thomas (gdt@linuxppc.org)
3 * Copyright 2007-2010 Freescale Semiconductor, Inc.
5 * This program is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU General Public License
7 * as published by the Free Software Foundation; either version
8 * 2 of the License, or (at your option) any later version.
10 * Modified by Cort Dougan (cort@cs.nmt.edu)
11 * and Paul Mackerras (paulus@samba.org)
15 * This file handles the architecture-dependent parts of hardware exceptions
18 #include <linux/errno.h>
19 #include <linux/sched.h>
20 #include <linux/sched/debug.h>
21 #include <linux/kernel.h>
23 #include <linux/stddef.h>
24 #include <linux/unistd.h>
25 #include <linux/ptrace.h>
26 #include <linux/user.h>
27 #include <linux/interrupt.h>
28 #include <linux/init.h>
29 #include <linux/extable.h>
30 #include <linux/module.h> /* print_modules */
31 #include <linux/prctl.h>
32 #include <linux/delay.h>
33 #include <linux/kprobes.h>
34 #include <linux/kexec.h>
35 #include <linux/backlight.h>
36 #include <linux/bug.h>
37 #include <linux/kdebug.h>
38 #include <linux/debugfs.h>
39 #include <linux/ratelimit.h>
40 #include <linux/context_tracking.h>
42 #include <asm/emulated_ops.h>
43 #include <asm/pgtable.h>
44 #include <linux/uaccess.h>
46 #include <asm/machdep.h>
50 #ifdef CONFIG_PMAC_BACKLIGHT
51 #include <asm/backlight.h>
54 #include <asm/firmware.h>
55 #include <asm/processor.h>
58 #include <asm/kexec.h>
59 #include <asm/ppc-opcode.h>
61 #include <asm/fadump.h>
62 #include <asm/switch_to.h>
64 #include <asm/debug.h>
65 #include <asm/asm-prototypes.h>
67 #include <sysdev/fsl_pci.h>
68 #include <asm/kprobes.h>
70 #if defined(CONFIG_DEBUGGER) || defined(CONFIG_KEXEC_CORE)
71 int (*__debugger)(struct pt_regs *regs) __read_mostly;
72 int (*__debugger_ipi)(struct pt_regs *regs) __read_mostly;
73 int (*__debugger_bpt)(struct pt_regs *regs) __read_mostly;
74 int (*__debugger_sstep)(struct pt_regs *regs) __read_mostly;
75 int (*__debugger_iabr_match)(struct pt_regs *regs) __read_mostly;
76 int (*__debugger_break_match)(struct pt_regs *regs) __read_mostly;
77 int (*__debugger_fault_handler)(struct pt_regs *regs) __read_mostly;
79 EXPORT_SYMBOL(__debugger);
80 EXPORT_SYMBOL(__debugger_ipi);
81 EXPORT_SYMBOL(__debugger_bpt);
82 EXPORT_SYMBOL(__debugger_sstep);
83 EXPORT_SYMBOL(__debugger_iabr_match);
84 EXPORT_SYMBOL(__debugger_break_match);
85 EXPORT_SYMBOL(__debugger_fault_handler);
88 /* Transactional Memory trap debug */
90 #define TM_DEBUG(x...) printk(KERN_INFO x)
92 #define TM_DEBUG(x...) do { } while(0)
96 * Trap & Exception support
99 #ifdef CONFIG_PMAC_BACKLIGHT
100 static void pmac_backlight_unblank(void)
102 mutex_lock(&pmac_backlight_mutex);
103 if (pmac_backlight) {
104 struct backlight_properties *props;
106 props = &pmac_backlight->props;
107 props->brightness = props->max_brightness;
108 props->power = FB_BLANK_UNBLANK;
109 backlight_update_status(pmac_backlight);
111 mutex_unlock(&pmac_backlight_mutex);
114 static inline void pmac_backlight_unblank(void) { }
117 static arch_spinlock_t die_lock = __ARCH_SPIN_LOCK_UNLOCKED;
118 static int die_owner = -1;
119 static unsigned int die_nest_count;
120 static int die_counter;
122 static unsigned long oops_begin(struct pt_regs *regs)
129 /* racy, but better than risking deadlock. */
130 raw_local_irq_save(flags);
131 cpu = smp_processor_id();
132 if (!arch_spin_trylock(&die_lock)) {
133 if (cpu == die_owner)
134 /* nested oops. should stop eventually */;
136 arch_spin_lock(&die_lock);
142 if (machine_is(powermac))
143 pmac_backlight_unblank();
146 NOKPROBE_SYMBOL(oops_begin);
148 static void oops_end(unsigned long flags, struct pt_regs *regs,
152 add_taint(TAINT_DIE, LOCKDEP_NOW_UNRELIABLE);
156 if (!die_nest_count) {
157 /* Nest count reaches zero, release the lock. */
159 arch_spin_unlock(&die_lock);
161 raw_local_irq_restore(flags);
163 crash_fadump(regs, "die oops");
166 * A system reset (0x100) is a request to dump, so we always send
167 * it through the crashdump code.
169 if (kexec_should_crash(current) || (TRAP(regs) == 0x100)) {
173 * We aren't the primary crash CPU. We need to send it
174 * to a holding pattern to avoid it ending up in the panic
177 crash_kexec_secondary(regs);
184 * While our oops output is serialised by a spinlock, output
185 * from panic() called below can race and corrupt it. If we
186 * know we are going to panic, delay for 1 second so we have a
187 * chance to get clean backtraces from all CPUs that are oopsing.
189 if (in_interrupt() || panic_on_oops || !current->pid ||
190 is_global_init(current)) {
191 mdelay(MSEC_PER_SEC);
195 panic("Fatal exception in interrupt");
197 panic("Fatal exception");
200 NOKPROBE_SYMBOL(oops_end);
202 static int __die(const char *str, struct pt_regs *regs, long err)
204 printk("Oops: %s, sig: %ld [#%d]\n", str, err, ++die_counter);
205 #ifdef CONFIG_PREEMPT
209 printk("SMP NR_CPUS=%d ", NR_CPUS);
211 if (debug_pagealloc_enabled())
212 printk("DEBUG_PAGEALLOC ");
216 printk("%s\n", ppc_md.name ? ppc_md.name : "");
218 if (notify_die(DIE_OOPS, str, regs, err, 255, SIGSEGV) == NOTIFY_STOP)
226 NOKPROBE_SYMBOL(__die);
228 void die(const char *str, struct pt_regs *regs, long err)
235 flags = oops_begin(regs);
236 if (__die(str, regs, err))
238 oops_end(flags, regs, err);
241 void user_single_step_siginfo(struct task_struct *tsk,
242 struct pt_regs *regs, siginfo_t *info)
244 memset(info, 0, sizeof(*info));
245 info->si_signo = SIGTRAP;
246 info->si_code = TRAP_TRACE;
247 info->si_addr = (void __user *)regs->nip;
250 void _exception(int signr, struct pt_regs *regs, int code, unsigned long addr)
253 const char fmt32[] = KERN_INFO "%s[%d]: unhandled signal %d " \
254 "at %08lx nip %08lx lr %08lx code %x\n";
255 const char fmt64[] = KERN_INFO "%s[%d]: unhandled signal %d " \
256 "at %016lx nip %016lx lr %016lx code %x\n";
258 if (!user_mode(regs)) {
259 die("Exception in kernel mode", regs, signr);
263 if (show_unhandled_signals && unhandled_signal(current, signr)) {
264 printk_ratelimited(regs->msr & MSR_64BIT ? fmt64 : fmt32,
265 current->comm, current->pid, signr,
266 addr, regs->nip, regs->link, code);
269 if (arch_irqs_disabled() && !arch_irq_disabled_regs(regs))
272 current->thread.trap_nr = code;
273 memset(&info, 0, sizeof(info));
274 info.si_signo = signr;
276 info.si_addr = (void __user *) addr;
277 force_sig_info(signr, &info, current);
280 void system_reset_exception(struct pt_regs *regs)
282 /* See if any machine dependent calls */
283 if (ppc_md.system_reset_exception) {
284 if (ppc_md.system_reset_exception(regs))
288 die("System Reset", regs, SIGABRT);
290 /* Must die if the interrupt is not recoverable */
291 if (!(regs->msr & MSR_RI))
292 panic("Unrecoverable System Reset");
294 /* What should we do here? We could issue a shutdown or hard reset. */
299 * This function is called in real mode. Strictly no printk's please.
301 * regs->nip and regs->msr contains srr0 and ssr1.
303 long machine_check_early(struct pt_regs *regs)
307 __this_cpu_inc(irq_stat.mce_exceptions);
309 add_taint(TAINT_MACHINE_CHECK, LOCKDEP_NOW_UNRELIABLE);
311 if (cur_cpu_spec && cur_cpu_spec->machine_check_early)
312 handled = cur_cpu_spec->machine_check_early(regs);
316 long hmi_exception_realmode(struct pt_regs *regs)
318 __this_cpu_inc(irq_stat.hmi_exceptions);
320 wait_for_subcore_guest_exit();
322 if (ppc_md.hmi_exception_early)
323 ppc_md.hmi_exception_early(regs);
325 wait_for_tb_resync();
333 * I/O accesses can cause machine checks on powermacs.
334 * Check if the NIP corresponds to the address of a sync
335 * instruction for which there is an entry in the exception
337 * Note that the 601 only takes a machine check on TEA
338 * (transfer error ack) signal assertion, and does not
339 * set any of the top 16 bits of SRR1.
342 static inline int check_io_access(struct pt_regs *regs)
345 unsigned long msr = regs->msr;
346 const struct exception_table_entry *entry;
347 unsigned int *nip = (unsigned int *)regs->nip;
349 if (((msr & 0xffff0000) == 0 || (msr & (0x80000 | 0x40000)))
350 && (entry = search_exception_tables(regs->nip)) != NULL) {
352 * Check that it's a sync instruction, or somewhere
353 * in the twi; isync; nop sequence that inb/inw/inl uses.
354 * As the address is in the exception table
355 * we should be able to read the instr there.
356 * For the debug message, we look at the preceding
359 if (*nip == PPC_INST_NOP)
361 else if (*nip == PPC_INST_ISYNC)
363 if (*nip == PPC_INST_SYNC || (*nip >> 26) == OP_TRAP) {
367 rb = (*nip >> 11) & 0x1f;
368 printk(KERN_DEBUG "%s bad port %lx at %p\n",
369 (*nip & 0x100)? "OUT to": "IN from",
370 regs->gpr[rb] - _IO_BASE, nip);
372 regs->nip = extable_fixup(entry);
376 #endif /* CONFIG_PPC32 */
380 #ifdef CONFIG_PPC_ADV_DEBUG_REGS
381 /* On 4xx, the reason for the machine check or program exception
383 #define get_reason(regs) ((regs)->dsisr)
384 #ifndef CONFIG_FSL_BOOKE
385 #define get_mc_reason(regs) ((regs)->dsisr)
387 #define get_mc_reason(regs) (mfspr(SPRN_MCSR))
389 #define REASON_FP ESR_FP
390 #define REASON_ILLEGAL (ESR_PIL | ESR_PUO)
391 #define REASON_PRIVILEGED ESR_PPR
392 #define REASON_TRAP ESR_PTR
394 /* single-step stuff */
395 #define single_stepping(regs) (current->thread.debug.dbcr0 & DBCR0_IC)
396 #define clear_single_step(regs) (current->thread.debug.dbcr0 &= ~DBCR0_IC)
399 /* On non-4xx, the reason for the machine check or program
400 exception is in the MSR. */
401 #define get_reason(regs) ((regs)->msr)
402 #define get_mc_reason(regs) ((regs)->msr)
403 #define REASON_TM 0x200000
404 #define REASON_FP 0x100000
405 #define REASON_ILLEGAL 0x80000
406 #define REASON_PRIVILEGED 0x40000
407 #define REASON_TRAP 0x20000
409 #define single_stepping(regs) ((regs)->msr & MSR_SE)
410 #define clear_single_step(regs) ((regs)->msr &= ~MSR_SE)
413 #if defined(CONFIG_4xx)
414 int machine_check_4xx(struct pt_regs *regs)
416 unsigned long reason = get_mc_reason(regs);
418 if (reason & ESR_IMCP) {
419 printk("Instruction");
420 mtspr(SPRN_ESR, reason & ~ESR_IMCP);
423 printk(" machine check in kernel mode.\n");
428 int machine_check_440A(struct pt_regs *regs)
430 unsigned long reason = get_mc_reason(regs);
432 printk("Machine check in kernel mode.\n");
433 if (reason & ESR_IMCP){
434 printk("Instruction Synchronous Machine Check exception\n");
435 mtspr(SPRN_ESR, reason & ~ESR_IMCP);
438 u32 mcsr = mfspr(SPRN_MCSR);
440 printk("Instruction Read PLB Error\n");
442 printk("Data Read PLB Error\n");
444 printk("Data Write PLB Error\n");
445 if (mcsr & MCSR_TLBP)
446 printk("TLB Parity Error\n");
447 if (mcsr & MCSR_ICP){
448 flush_instruction_cache();
449 printk("I-Cache Parity Error\n");
451 if (mcsr & MCSR_DCSP)
452 printk("D-Cache Search Parity Error\n");
453 if (mcsr & MCSR_DCFP)
454 printk("D-Cache Flush Parity Error\n");
455 if (mcsr & MCSR_IMPE)
456 printk("Machine Check exception is imprecise\n");
459 mtspr(SPRN_MCSR, mcsr);
464 int machine_check_47x(struct pt_regs *regs)
466 unsigned long reason = get_mc_reason(regs);
469 printk(KERN_ERR "Machine check in kernel mode.\n");
470 if (reason & ESR_IMCP) {
472 "Instruction Synchronous Machine Check exception\n");
473 mtspr(SPRN_ESR, reason & ~ESR_IMCP);
476 mcsr = mfspr(SPRN_MCSR);
478 printk(KERN_ERR "Instruction Read PLB Error\n");
480 printk(KERN_ERR "Data Read PLB Error\n");
482 printk(KERN_ERR "Data Write PLB Error\n");
483 if (mcsr & MCSR_TLBP)
484 printk(KERN_ERR "TLB Parity Error\n");
485 if (mcsr & MCSR_ICP) {
486 flush_instruction_cache();
487 printk(KERN_ERR "I-Cache Parity Error\n");
489 if (mcsr & MCSR_DCSP)
490 printk(KERN_ERR "D-Cache Search Parity Error\n");
491 if (mcsr & PPC47x_MCSR_GPR)
492 printk(KERN_ERR "GPR Parity Error\n");
493 if (mcsr & PPC47x_MCSR_FPR)
494 printk(KERN_ERR "FPR Parity Error\n");
495 if (mcsr & PPC47x_MCSR_IPR)
496 printk(KERN_ERR "Machine Check exception is imprecise\n");
499 mtspr(SPRN_MCSR, mcsr);
503 #elif defined(CONFIG_E500)
504 int machine_check_e500mc(struct pt_regs *regs)
506 unsigned long mcsr = mfspr(SPRN_MCSR);
507 unsigned long reason = mcsr;
510 if (reason & MCSR_LD) {
511 recoverable = fsl_rio_mcheck_exception(regs);
512 if (recoverable == 1)
516 printk("Machine check in kernel mode.\n");
517 printk("Caused by (from MCSR=%lx): ", reason);
519 if (reason & MCSR_MCP)
520 printk("Machine Check Signal\n");
522 if (reason & MCSR_ICPERR) {
523 printk("Instruction Cache Parity Error\n");
526 * This is recoverable by invalidating the i-cache.
528 mtspr(SPRN_L1CSR1, mfspr(SPRN_L1CSR1) | L1CSR1_ICFI);
529 while (mfspr(SPRN_L1CSR1) & L1CSR1_ICFI)
533 * This will generally be accompanied by an instruction
534 * fetch error report -- only treat MCSR_IF as fatal
535 * if it wasn't due to an L1 parity error.
540 if (reason & MCSR_DCPERR_MC) {
541 printk("Data Cache Parity Error\n");
544 * In write shadow mode we auto-recover from the error, but it
545 * may still get logged and cause a machine check. We should
546 * only treat the non-write shadow case as non-recoverable.
548 if (!(mfspr(SPRN_L1CSR2) & L1CSR2_DCWS))
552 if (reason & MCSR_L2MMU_MHIT) {
553 printk("Hit on multiple TLB entries\n");
557 if (reason & MCSR_NMI)
558 printk("Non-maskable interrupt\n");
560 if (reason & MCSR_IF) {
561 printk("Instruction Fetch Error Report\n");
565 if (reason & MCSR_LD) {
566 printk("Load Error Report\n");
570 if (reason & MCSR_ST) {
571 printk("Store Error Report\n");
575 if (reason & MCSR_LDG) {
576 printk("Guarded Load Error Report\n");
580 if (reason & MCSR_TLBSYNC)
581 printk("Simultaneous tlbsync operations\n");
583 if (reason & MCSR_BSL2_ERR) {
584 printk("Level 2 Cache Error\n");
588 if (reason & MCSR_MAV) {
591 addr = mfspr(SPRN_MCAR);
592 addr |= (u64)mfspr(SPRN_MCARU) << 32;
594 printk("Machine Check %s Address: %#llx\n",
595 reason & MCSR_MEA ? "Effective" : "Physical", addr);
599 mtspr(SPRN_MCSR, mcsr);
600 return mfspr(SPRN_MCSR) == 0 && recoverable;
603 int machine_check_e500(struct pt_regs *regs)
605 unsigned long reason = get_mc_reason(regs);
607 if (reason & MCSR_BUS_RBERR) {
608 if (fsl_rio_mcheck_exception(regs))
610 if (fsl_pci_mcheck_exception(regs))
614 printk("Machine check in kernel mode.\n");
615 printk("Caused by (from MCSR=%lx): ", reason);
617 if (reason & MCSR_MCP)
618 printk("Machine Check Signal\n");
619 if (reason & MCSR_ICPERR)
620 printk("Instruction Cache Parity Error\n");
621 if (reason & MCSR_DCP_PERR)
622 printk("Data Cache Push Parity Error\n");
623 if (reason & MCSR_DCPERR)
624 printk("Data Cache Parity Error\n");
625 if (reason & MCSR_BUS_IAERR)
626 printk("Bus - Instruction Address Error\n");
627 if (reason & MCSR_BUS_RAERR)
628 printk("Bus - Read Address Error\n");
629 if (reason & MCSR_BUS_WAERR)
630 printk("Bus - Write Address Error\n");
631 if (reason & MCSR_BUS_IBERR)
632 printk("Bus - Instruction Data Error\n");
633 if (reason & MCSR_BUS_RBERR)
634 printk("Bus - Read Data Bus Error\n");
635 if (reason & MCSR_BUS_WBERR)
636 printk("Bus - Write Data Bus Error\n");
637 if (reason & MCSR_BUS_IPERR)
638 printk("Bus - Instruction Parity Error\n");
639 if (reason & MCSR_BUS_RPERR)
640 printk("Bus - Read Parity Error\n");
645 int machine_check_generic(struct pt_regs *regs)
649 #elif defined(CONFIG_E200)
650 int machine_check_e200(struct pt_regs *regs)
652 unsigned long reason = get_mc_reason(regs);
654 printk("Machine check in kernel mode.\n");
655 printk("Caused by (from MCSR=%lx): ", reason);
657 if (reason & MCSR_MCP)
658 printk("Machine Check Signal\n");
659 if (reason & MCSR_CP_PERR)
660 printk("Cache Push Parity Error\n");
661 if (reason & MCSR_CPERR)
662 printk("Cache Parity Error\n");
663 if (reason & MCSR_EXCP_ERR)
664 printk("ISI, ITLB, or Bus Error on first instruction fetch for an exception handler\n");
665 if (reason & MCSR_BUS_IRERR)
666 printk("Bus - Read Bus Error on instruction fetch\n");
667 if (reason & MCSR_BUS_DRERR)
668 printk("Bus - Read Bus Error on data load\n");
669 if (reason & MCSR_BUS_WRERR)
670 printk("Bus - Write Bus Error on buffered store or cache line push\n");
674 #elif defined(CONFIG_PPC_8xx)
675 int machine_check_8xx(struct pt_regs *regs)
677 unsigned long reason = get_mc_reason(regs);
679 pr_err("Machine check in kernel mode.\n");
680 pr_err("Caused by (from SRR1=%lx): ", reason);
681 if (reason & 0x40000000)
682 pr_err("Fetch error at address %lx\n", regs->nip);
684 pr_err("Data access error at address %lx\n", regs->dar);
687 /* the qspan pci read routines can cause machine checks -- Cort
689 * yuck !!! that totally needs to go away ! There are better ways
690 * to deal with that than having a wart in the mcheck handler.
693 bad_page_fault(regs, regs->dar, SIGBUS);
700 int machine_check_generic(struct pt_regs *regs)
702 unsigned long reason = get_mc_reason(regs);
704 printk("Machine check in kernel mode.\n");
705 printk("Caused by (from SRR1=%lx): ", reason);
706 switch (reason & 0x601F0000) {
708 printk("Machine check signal\n");
710 case 0: /* for 601 */
712 case 0x140000: /* 7450 MSS error and TEA */
713 printk("Transfer error ack signal\n");
716 printk("Data parity error signal\n");
719 printk("Address parity error signal\n");
722 printk("L1 Data Cache error\n");
725 printk("L1 Instruction Cache error\n");
728 printk("L2 data cache parity error\n");
731 printk("Unknown values in msr\n");
735 #endif /* everything else */
737 void machine_check_exception(struct pt_regs *regs)
739 enum ctx_state prev_state = exception_enter();
742 __this_cpu_inc(irq_stat.mce_exceptions);
744 /* See if any machine dependent calls. In theory, we would want
745 * to call the CPU first, and call the ppc_md. one if the CPU
746 * one returns a positive number. However there is existing code
747 * that assumes the board gets a first chance, so let's keep it
748 * that way for now and fix things later. --BenH.
750 if (ppc_md.machine_check_exception)
751 recover = ppc_md.machine_check_exception(regs);
752 else if (cur_cpu_spec->machine_check)
753 recover = cur_cpu_spec->machine_check(regs);
758 if (debugger_fault_handler(regs))
761 if (check_io_access(regs))
764 die("Machine check", regs, SIGBUS);
766 /* Must die if the interrupt is not recoverable */
767 if (!(regs->msr & MSR_RI))
768 panic("Unrecoverable Machine check");
771 exception_exit(prev_state);
774 void SMIException(struct pt_regs *regs)
776 die("System Management Interrupt", regs, SIGABRT);
779 void handle_hmi_exception(struct pt_regs *regs)
781 struct pt_regs *old_regs;
783 old_regs = set_irq_regs(regs);
786 if (ppc_md.handle_hmi_exception)
787 ppc_md.handle_hmi_exception(regs);
790 set_irq_regs(old_regs);
793 void unknown_exception(struct pt_regs *regs)
795 enum ctx_state prev_state = exception_enter();
797 printk("Bad trap at PC: %lx, SR: %lx, vector=%lx\n",
798 regs->nip, regs->msr, regs->trap);
800 _exception(SIGTRAP, regs, 0, 0);
802 exception_exit(prev_state);
805 void instruction_breakpoint_exception(struct pt_regs *regs)
807 enum ctx_state prev_state = exception_enter();
809 if (notify_die(DIE_IABR_MATCH, "iabr_match", regs, 5,
810 5, SIGTRAP) == NOTIFY_STOP)
812 if (debugger_iabr_match(regs))
814 _exception(SIGTRAP, regs, TRAP_BRKPT, regs->nip);
817 exception_exit(prev_state);
820 void RunModeException(struct pt_regs *regs)
822 _exception(SIGTRAP, regs, 0, 0);
825 void single_step_exception(struct pt_regs *regs)
827 enum ctx_state prev_state = exception_enter();
829 clear_single_step(regs);
831 if (kprobe_post_handler(regs))
834 if (notify_die(DIE_SSTEP, "single_step", regs, 5,
835 5, SIGTRAP) == NOTIFY_STOP)
837 if (debugger_sstep(regs))
840 _exception(SIGTRAP, regs, TRAP_TRACE, regs->nip);
843 exception_exit(prev_state);
845 NOKPROBE_SYMBOL(single_step_exception);
848 * After we have successfully emulated an instruction, we have to
849 * check if the instruction was being single-stepped, and if so,
850 * pretend we got a single-step exception. This was pointed out
851 * by Kumar Gala. -- paulus
853 static void emulate_single_step(struct pt_regs *regs)
855 if (single_stepping(regs))
856 single_step_exception(regs);
859 static inline int __parse_fpscr(unsigned long fpscr)
863 /* Invalid operation */
864 if ((fpscr & FPSCR_VE) && (fpscr & FPSCR_VX))
868 else if ((fpscr & FPSCR_OE) && (fpscr & FPSCR_OX))
872 else if ((fpscr & FPSCR_UE) && (fpscr & FPSCR_UX))
876 else if ((fpscr & FPSCR_ZE) && (fpscr & FPSCR_ZX))
880 else if ((fpscr & FPSCR_XE) && (fpscr & FPSCR_XX))
886 static void parse_fpe(struct pt_regs *regs)
890 flush_fp_to_thread(current);
892 code = __parse_fpscr(current->thread.fp_state.fpscr);
894 _exception(SIGFPE, regs, code, regs->nip);
898 * Illegal instruction emulation support. Originally written to
899 * provide the PVR to user applications using the mfspr rd, PVR.
900 * Return non-zero if we can't emulate, or -EFAULT if the associated
901 * memory access caused an access fault. Return zero on success.
903 * There are a couple of ways to do this, either "decode" the instruction
904 * or directly match lots of bits. In this case, matching lots of
905 * bits is faster and easier.
908 static int emulate_string_inst(struct pt_regs *regs, u32 instword)
910 u8 rT = (instword >> 21) & 0x1f;
911 u8 rA = (instword >> 16) & 0x1f;
912 u8 NB_RB = (instword >> 11) & 0x1f;
917 /* Early out if we are an invalid form of lswx */
918 if ((instword & PPC_INST_STRING_MASK) == PPC_INST_LSWX)
919 if ((rT == rA) || (rT == NB_RB))
922 EA = (rA == 0) ? 0 : regs->gpr[rA];
924 switch (instword & PPC_INST_STRING_MASK) {
928 num_bytes = regs->xer & 0x7f;
932 num_bytes = (NB_RB == 0) ? 32 : NB_RB;
938 while (num_bytes != 0)
941 u32 shift = 8 * (3 - (pos & 0x3));
943 /* if process is 32-bit, clear upper 32 bits of EA */
944 if ((regs->msr & MSR_64BIT) == 0)
947 switch ((instword & PPC_INST_STRING_MASK)) {
950 if (get_user(val, (u8 __user *)EA))
952 /* first time updating this reg,
956 regs->gpr[rT] |= val << shift;
960 val = regs->gpr[rT] >> shift;
961 if (put_user(val, (u8 __user *)EA))
965 /* move EA to next address */
969 /* manage our position within the register */
980 static int emulate_popcntb_inst(struct pt_regs *regs, u32 instword)
985 ra = (instword >> 16) & 0x1f;
986 rs = (instword >> 21) & 0x1f;
989 tmp = tmp - ((tmp >> 1) & 0x5555555555555555ULL);
990 tmp = (tmp & 0x3333333333333333ULL) + ((tmp >> 2) & 0x3333333333333333ULL);
991 tmp = (tmp + (tmp >> 4)) & 0x0f0f0f0f0f0f0f0fULL;
997 static int emulate_isel(struct pt_regs *regs, u32 instword)
999 u8 rT = (instword >> 21) & 0x1f;
1000 u8 rA = (instword >> 16) & 0x1f;
1001 u8 rB = (instword >> 11) & 0x1f;
1002 u8 BC = (instword >> 6) & 0x1f;
1006 tmp = (rA == 0) ? 0 : regs->gpr[rA];
1007 bit = (regs->ccr >> (31 - BC)) & 0x1;
1009 regs->gpr[rT] = bit ? tmp : regs->gpr[rB];
1014 #ifdef CONFIG_PPC_TRANSACTIONAL_MEM
1015 static inline bool tm_abort_check(struct pt_regs *regs, int cause)
1017 /* If we're emulating a load/store in an active transaction, we cannot
1018 * emulate it as the kernel operates in transaction suspended context.
1019 * We need to abort the transaction. This creates a persistent TM
1020 * abort so tell the user what caused it with a new code.
1022 if (MSR_TM_TRANSACTIONAL(regs->msr)) {
1030 static inline bool tm_abort_check(struct pt_regs *regs, int reason)
1036 static int emulate_instruction(struct pt_regs *regs)
1041 if (!user_mode(regs))
1043 CHECK_FULL_REGS(regs);
1045 if (get_user(instword, (u32 __user *)(regs->nip)))
1048 /* Emulate the mfspr rD, PVR. */
1049 if ((instword & PPC_INST_MFSPR_PVR_MASK) == PPC_INST_MFSPR_PVR) {
1050 PPC_WARN_EMULATED(mfpvr, regs);
1051 rd = (instword >> 21) & 0x1f;
1052 regs->gpr[rd] = mfspr(SPRN_PVR);
1056 /* Emulating the dcba insn is just a no-op. */
1057 if ((instword & PPC_INST_DCBA_MASK) == PPC_INST_DCBA) {
1058 PPC_WARN_EMULATED(dcba, regs);
1062 /* Emulate the mcrxr insn. */
1063 if ((instword & PPC_INST_MCRXR_MASK) == PPC_INST_MCRXR) {
1064 int shift = (instword >> 21) & 0x1c;
1065 unsigned long msk = 0xf0000000UL >> shift;
1067 PPC_WARN_EMULATED(mcrxr, regs);
1068 regs->ccr = (regs->ccr & ~msk) | ((regs->xer >> shift) & msk);
1069 regs->xer &= ~0xf0000000UL;
1073 /* Emulate load/store string insn. */
1074 if ((instword & PPC_INST_STRING_GEN_MASK) == PPC_INST_STRING) {
1075 if (tm_abort_check(regs,
1076 TM_CAUSE_EMULATE | TM_CAUSE_PERSISTENT))
1078 PPC_WARN_EMULATED(string, regs);
1079 return emulate_string_inst(regs, instword);
1082 /* Emulate the popcntb (Population Count Bytes) instruction. */
1083 if ((instword & PPC_INST_POPCNTB_MASK) == PPC_INST_POPCNTB) {
1084 PPC_WARN_EMULATED(popcntb, regs);
1085 return emulate_popcntb_inst(regs, instword);
1088 /* Emulate isel (Integer Select) instruction */
1089 if ((instword & PPC_INST_ISEL_MASK) == PPC_INST_ISEL) {
1090 PPC_WARN_EMULATED(isel, regs);
1091 return emulate_isel(regs, instword);
1094 /* Emulate sync instruction variants */
1095 if ((instword & PPC_INST_SYNC_MASK) == PPC_INST_SYNC) {
1096 PPC_WARN_EMULATED(sync, regs);
1097 asm volatile("sync");
1102 /* Emulate the mfspr rD, DSCR. */
1103 if ((((instword & PPC_INST_MFSPR_DSCR_USER_MASK) ==
1104 PPC_INST_MFSPR_DSCR_USER) ||
1105 ((instword & PPC_INST_MFSPR_DSCR_MASK) ==
1106 PPC_INST_MFSPR_DSCR)) &&
1107 cpu_has_feature(CPU_FTR_DSCR)) {
1108 PPC_WARN_EMULATED(mfdscr, regs);
1109 rd = (instword >> 21) & 0x1f;
1110 regs->gpr[rd] = mfspr(SPRN_DSCR);
1113 /* Emulate the mtspr DSCR, rD. */
1114 if ((((instword & PPC_INST_MTSPR_DSCR_USER_MASK) ==
1115 PPC_INST_MTSPR_DSCR_USER) ||
1116 ((instword & PPC_INST_MTSPR_DSCR_MASK) ==
1117 PPC_INST_MTSPR_DSCR)) &&
1118 cpu_has_feature(CPU_FTR_DSCR)) {
1119 PPC_WARN_EMULATED(mtdscr, regs);
1120 rd = (instword >> 21) & 0x1f;
1121 current->thread.dscr = regs->gpr[rd];
1122 current->thread.dscr_inherit = 1;
1123 mtspr(SPRN_DSCR, current->thread.dscr);
1131 int is_valid_bugaddr(unsigned long addr)
1133 return is_kernel_addr(addr);
1136 #ifdef CONFIG_MATH_EMULATION
1137 static int emulate_math(struct pt_regs *regs)
1140 extern int do_mathemu(struct pt_regs *regs);
1142 ret = do_mathemu(regs);
1144 PPC_WARN_EMULATED(math, regs);
1148 emulate_single_step(regs);
1152 code = __parse_fpscr(current->thread.fp_state.fpscr);
1153 _exception(SIGFPE, regs, code, regs->nip);
1157 _exception(SIGSEGV, regs, SEGV_MAPERR, regs->nip);
1164 static inline int emulate_math(struct pt_regs *regs) { return -1; }
1167 void program_check_exception(struct pt_regs *regs)
1169 enum ctx_state prev_state = exception_enter();
1170 unsigned int reason = get_reason(regs);
1172 /* We can now get here via a FP Unavailable exception if the core
1173 * has no FPU, in that case the reason flags will be 0 */
1175 if (reason & REASON_FP) {
1176 /* IEEE FP exception */
1180 if (reason & REASON_TRAP) {
1181 unsigned long bugaddr;
1182 /* Debugger is first in line to stop recursive faults in
1183 * rcu_lock, notify_die, or atomic_notifier_call_chain */
1184 if (debugger_bpt(regs))
1187 if (kprobe_handler(regs))
1190 /* trap exception */
1191 if (notify_die(DIE_BPT, "breakpoint", regs, 5, 5, SIGTRAP)
1195 bugaddr = regs->nip;
1197 * Fixup bugaddr for BUG_ON() in real mode
1199 if (!is_kernel_addr(bugaddr) && !(regs->msr & MSR_IR))
1200 bugaddr += PAGE_OFFSET;
1202 if (!(regs->msr & MSR_PR) && /* not user-mode */
1203 report_bug(bugaddr, regs) == BUG_TRAP_TYPE_WARN) {
1207 _exception(SIGTRAP, regs, TRAP_BRKPT, regs->nip);
1210 #ifdef CONFIG_PPC_TRANSACTIONAL_MEM
1211 if (reason & REASON_TM) {
1212 /* This is a TM "Bad Thing Exception" program check.
1214 * - An rfid/hrfid/mtmsrd attempts to cause an illegal
1215 * transition in TM states.
1216 * - A trechkpt is attempted when transactional.
1217 * - A treclaim is attempted when non transactional.
1218 * - A tend is illegally attempted.
1219 * - writing a TM SPR when transactional.
1221 if (!user_mode(regs) &&
1222 report_bug(regs->nip, regs) == BUG_TRAP_TYPE_WARN) {
1226 /* If usermode caused this, it's done something illegal and
1227 * gets a SIGILL slap on the wrist. We call it an illegal
1228 * operand to distinguish from the instruction just being bad
1229 * (e.g. executing a 'tend' on a CPU without TM!); it's an
1230 * illegal /placement/ of a valid instruction.
1232 if (user_mode(regs)) {
1233 _exception(SIGILL, regs, ILL_ILLOPN, regs->nip);
1236 printk(KERN_EMERG "Unexpected TM Bad Thing exception "
1237 "at %lx (msr 0x%x)\n", regs->nip, reason);
1238 die("Unrecoverable exception", regs, SIGABRT);
1244 * If we took the program check in the kernel skip down to sending a
1245 * SIGILL. The subsequent cases all relate to emulating instructions
1246 * which we should only do for userspace. We also do not want to enable
1247 * interrupts for kernel faults because that might lead to further
1248 * faults, and loose the context of the original exception.
1250 if (!user_mode(regs))
1253 /* We restore the interrupt state now */
1254 if (!arch_irq_disabled_regs(regs))
1257 /* (reason & REASON_ILLEGAL) would be the obvious thing here,
1258 * but there seems to be a hardware bug on the 405GP (RevD)
1259 * that means ESR is sometimes set incorrectly - either to
1260 * ESR_DST (!?) or 0. In the process of chasing this with the
1261 * hardware people - not sure if it can happen on any illegal
1262 * instruction or only on FP instructions, whether there is a
1263 * pattern to occurrences etc. -dgibson 31/Mar/2003
1265 if (!emulate_math(regs))
1268 /* Try to emulate it if we should. */
1269 if (reason & (REASON_ILLEGAL | REASON_PRIVILEGED)) {
1270 switch (emulate_instruction(regs)) {
1273 emulate_single_step(regs);
1276 _exception(SIGSEGV, regs, SEGV_MAPERR, regs->nip);
1282 if (reason & REASON_PRIVILEGED)
1283 _exception(SIGILL, regs, ILL_PRVOPC, regs->nip);
1285 _exception(SIGILL, regs, ILL_ILLOPC, regs->nip);
1288 exception_exit(prev_state);
1290 NOKPROBE_SYMBOL(program_check_exception);
1293 * This occurs when running in hypervisor mode on POWER6 or later
1294 * and an illegal instruction is encountered.
1296 void emulation_assist_interrupt(struct pt_regs *regs)
1298 regs->msr |= REASON_ILLEGAL;
1299 program_check_exception(regs);
1301 NOKPROBE_SYMBOL(emulation_assist_interrupt);
1303 void alignment_exception(struct pt_regs *regs)
1305 enum ctx_state prev_state = exception_enter();
1306 int sig, code, fixed = 0;
1308 /* We restore the interrupt state now */
1309 if (!arch_irq_disabled_regs(regs))
1312 if (tm_abort_check(regs, TM_CAUSE_ALIGNMENT | TM_CAUSE_PERSISTENT))
1315 /* we don't implement logging of alignment exceptions */
1316 if (!(current->thread.align_ctl & PR_UNALIGN_SIGBUS))
1317 fixed = fix_alignment(regs);
1320 regs->nip += 4; /* skip over emulated instruction */
1321 emulate_single_step(regs);
1325 /* Operand address was bad */
1326 if (fixed == -EFAULT) {
1333 if (user_mode(regs))
1334 _exception(sig, regs, code, regs->dar);
1336 bad_page_fault(regs, regs->dar, sig);
1339 exception_exit(prev_state);
1342 void slb_miss_bad_addr(struct pt_regs *regs)
1344 enum ctx_state prev_state = exception_enter();
1346 if (user_mode(regs))
1347 _exception(SIGSEGV, regs, SEGV_BNDERR, regs->dar);
1349 bad_page_fault(regs, regs->dar, SIGSEGV);
1351 exception_exit(prev_state);
1354 void StackOverflow(struct pt_regs *regs)
1356 printk(KERN_CRIT "Kernel stack overflow in process %p, r1=%lx\n",
1357 current, regs->gpr[1]);
1360 panic("kernel stack overflow");
1363 void nonrecoverable_exception(struct pt_regs *regs)
1365 printk(KERN_ERR "Non-recoverable exception at PC=%lx MSR=%lx\n",
1366 regs->nip, regs->msr);
1368 die("nonrecoverable exception", regs, SIGKILL);
1371 void kernel_fp_unavailable_exception(struct pt_regs *regs)
1373 enum ctx_state prev_state = exception_enter();
1375 printk(KERN_EMERG "Unrecoverable FP Unavailable Exception "
1376 "%lx at %lx\n", regs->trap, regs->nip);
1377 die("Unrecoverable FP Unavailable Exception", regs, SIGABRT);
1379 exception_exit(prev_state);
1382 void altivec_unavailable_exception(struct pt_regs *regs)
1384 enum ctx_state prev_state = exception_enter();
1386 if (user_mode(regs)) {
1387 /* A user program has executed an altivec instruction,
1388 but this kernel doesn't support altivec. */
1389 _exception(SIGILL, regs, ILL_ILLOPC, regs->nip);
1393 printk(KERN_EMERG "Unrecoverable VMX/Altivec Unavailable Exception "
1394 "%lx at %lx\n", regs->trap, regs->nip);
1395 die("Unrecoverable VMX/Altivec Unavailable Exception", regs, SIGABRT);
1398 exception_exit(prev_state);
1401 void vsx_unavailable_exception(struct pt_regs *regs)
1403 if (user_mode(regs)) {
1404 /* A user program has executed an vsx instruction,
1405 but this kernel doesn't support vsx. */
1406 _exception(SIGILL, regs, ILL_ILLOPC, regs->nip);
1410 printk(KERN_EMERG "Unrecoverable VSX Unavailable Exception "
1411 "%lx at %lx\n", regs->trap, regs->nip);
1412 die("Unrecoverable VSX Unavailable Exception", regs, SIGABRT);
1416 static void tm_unavailable(struct pt_regs *regs)
1418 #ifdef CONFIG_PPC_TRANSACTIONAL_MEM
1419 if (user_mode(regs)) {
1420 current->thread.load_tm++;
1421 regs->msr |= MSR_TM;
1423 tm_restore_sprs(¤t->thread);
1427 pr_emerg("Unrecoverable TM Unavailable Exception "
1428 "%lx at %lx\n", regs->trap, regs->nip);
1429 die("Unrecoverable TM Unavailable Exception", regs, SIGABRT);
1432 void facility_unavailable_exception(struct pt_regs *regs)
1434 static char *facility_strings[] = {
1435 [FSCR_FP_LG] = "FPU",
1436 [FSCR_VECVSX_LG] = "VMX/VSX",
1437 [FSCR_DSCR_LG] = "DSCR",
1438 [FSCR_PM_LG] = "PMU SPRs",
1439 [FSCR_BHRB_LG] = "BHRB",
1440 [FSCR_TM_LG] = "TM",
1441 [FSCR_EBB_LG] = "EBB",
1442 [FSCR_TAR_LG] = "TAR",
1444 char *facility = "unknown";
1450 hv = (regs->trap == 0xf80);
1452 value = mfspr(SPRN_HFSCR);
1454 value = mfspr(SPRN_FSCR);
1456 status = value >> 56;
1457 if (status == FSCR_DSCR_LG) {
1459 * User is accessing the DSCR register using the problem
1460 * state only SPR number (0x03) either through a mfspr or
1461 * a mtspr instruction. If it is a write attempt through
1462 * a mtspr, then we set the inherit bit. This also allows
1463 * the user to write or read the register directly in the
1464 * future by setting via the FSCR DSCR bit. But in case it
1465 * is a read DSCR attempt through a mfspr instruction, we
1466 * just emulate the instruction instead. This code path will
1467 * always emulate all the mfspr instructions till the user
1468 * has attempted at least one mtspr instruction. This way it
1469 * preserves the same behaviour when the user is accessing
1470 * the DSCR through privilege level only SPR number (0x11)
1471 * which is emulated through illegal instruction exception.
1472 * We always leave HFSCR DSCR set.
1474 if (get_user(instword, (u32 __user *)(regs->nip))) {
1475 pr_err("Failed to fetch the user instruction\n");
1479 /* Write into DSCR (mtspr 0x03, RS) */
1480 if ((instword & PPC_INST_MTSPR_DSCR_USER_MASK)
1481 == PPC_INST_MTSPR_DSCR_USER) {
1482 rd = (instword >> 21) & 0x1f;
1483 current->thread.dscr = regs->gpr[rd];
1484 current->thread.dscr_inherit = 1;
1485 current->thread.fscr |= FSCR_DSCR;
1486 mtspr(SPRN_FSCR, current->thread.fscr);
1489 /* Read from DSCR (mfspr RT, 0x03) */
1490 if ((instword & PPC_INST_MFSPR_DSCR_USER_MASK)
1491 == PPC_INST_MFSPR_DSCR_USER) {
1492 if (emulate_instruction(regs)) {
1493 pr_err("DSCR based mfspr emulation failed\n");
1497 emulate_single_step(regs);
1502 if (status == FSCR_TM_LG) {
1504 * If we're here then the hardware is TM aware because it
1505 * generated an exception with FSRM_TM set.
1507 * If cpu_has_feature(CPU_FTR_TM) is false, then either firmware
1508 * told us not to do TM, or the kernel is not built with TM
1511 * If both of those things are true, then userspace can spam the
1512 * console by triggering the printk() below just by continually
1513 * doing tbegin (or any TM instruction). So in that case just
1514 * send the process a SIGILL immediately.
1516 if (!cpu_has_feature(CPU_FTR_TM))
1519 tm_unavailable(regs);
1523 if ((hv || status >= 2) &&
1524 (status < ARRAY_SIZE(facility_strings)) &&
1525 facility_strings[status])
1526 facility = facility_strings[status];
1528 /* We restore the interrupt state now */
1529 if (!arch_irq_disabled_regs(regs))
1532 pr_err_ratelimited("%sFacility '%s' unavailable (%d), exception at 0x%lx, MSR=%lx\n",
1533 hv ? "Hypervisor " : "", facility, status, regs->nip, regs->msr);
1536 if (user_mode(regs)) {
1537 _exception(SIGILL, regs, ILL_ILLOPC, regs->nip);
1541 die("Unexpected facility unavailable exception", regs, SIGABRT);
1545 #ifdef CONFIG_PPC_TRANSACTIONAL_MEM
1547 void fp_unavailable_tm(struct pt_regs *regs)
1549 /* Note: This does not handle any kind of FP laziness. */
1551 TM_DEBUG("FP Unavailable trap whilst transactional at 0x%lx, MSR=%lx\n",
1552 regs->nip, regs->msr);
1554 /* We can only have got here if the task started using FP after
1555 * beginning the transaction. So, the transactional regs are just a
1556 * copy of the checkpointed ones. But, we still need to recheckpoint
1557 * as we're enabling FP for the process; it will return, abort the
1558 * transaction, and probably retry but now with FP enabled. So the
1559 * checkpointed FP registers need to be loaded.
1561 tm_reclaim_current(TM_CAUSE_FAC_UNAV);
1562 /* Reclaim didn't save out any FPRs to transact_fprs. */
1564 /* Enable FP for the task: */
1565 regs->msr |= (MSR_FP | current->thread.fpexc_mode);
1567 /* This loads and recheckpoints the FP registers from
1568 * thread.fpr[]. They will remain in registers after the
1569 * checkpoint so we don't need to reload them after.
1570 * If VMX is in use, the VRs now hold checkpointed values,
1571 * so we don't want to load the VRs from the thread_struct.
1573 tm_recheckpoint(¤t->thread, MSR_FP);
1575 /* If VMX is in use, get the transactional values back */
1576 if (regs->msr & MSR_VEC) {
1577 msr_check_and_set(MSR_VEC);
1578 load_vr_state(¤t->thread.vr_state);
1579 /* At this point all the VSX state is loaded, so enable it */
1580 regs->msr |= MSR_VSX;
1584 void altivec_unavailable_tm(struct pt_regs *regs)
1586 /* See the comments in fp_unavailable_tm(). This function operates
1590 TM_DEBUG("Vector Unavailable trap whilst transactional at 0x%lx,"
1592 regs->nip, regs->msr);
1593 tm_reclaim_current(TM_CAUSE_FAC_UNAV);
1594 regs->msr |= MSR_VEC;
1595 tm_recheckpoint(¤t->thread, MSR_VEC);
1596 current->thread.used_vr = 1;
1598 if (regs->msr & MSR_FP) {
1599 msr_check_and_set(MSR_FP);
1600 load_fp_state(¤t->thread.fp_state);
1601 regs->msr |= MSR_VSX;
1605 void vsx_unavailable_tm(struct pt_regs *regs)
1607 unsigned long orig_msr = regs->msr;
1609 /* See the comments in fp_unavailable_tm(). This works similarly,
1610 * though we're loading both FP and VEC registers in here.
1612 * If FP isn't in use, load FP regs. If VEC isn't in use, load VEC
1613 * regs. Either way, set MSR_VSX.
1616 TM_DEBUG("VSX Unavailable trap whilst transactional at 0x%lx,"
1618 regs->nip, regs->msr);
1620 current->thread.used_vsr = 1;
1622 /* If FP and VMX are already loaded, we have all the state we need */
1623 if ((orig_msr & (MSR_FP | MSR_VEC)) == (MSR_FP | MSR_VEC)) {
1624 regs->msr |= MSR_VSX;
1628 /* This reclaims FP and/or VR regs if they're already enabled */
1629 tm_reclaim_current(TM_CAUSE_FAC_UNAV);
1631 regs->msr |= MSR_VEC | MSR_FP | current->thread.fpexc_mode |
1634 /* This loads & recheckpoints FP and VRs; but we have
1635 * to be sure not to overwrite previously-valid state.
1637 tm_recheckpoint(¤t->thread, regs->msr & ~orig_msr);
1639 msr_check_and_set(orig_msr & (MSR_FP | MSR_VEC));
1641 if (orig_msr & MSR_FP)
1642 load_fp_state(¤t->thread.fp_state);
1643 if (orig_msr & MSR_VEC)
1644 load_vr_state(¤t->thread.vr_state);
1646 #endif /* CONFIG_PPC_TRANSACTIONAL_MEM */
1648 void performance_monitor_exception(struct pt_regs *regs)
1650 __this_cpu_inc(irq_stat.pmu_irqs);
1656 void SoftwareEmulation(struct pt_regs *regs)
1658 CHECK_FULL_REGS(regs);
1660 if (!user_mode(regs)) {
1662 die("Kernel Mode Unimplemented Instruction or SW FPU Emulation",
1666 if (!emulate_math(regs))
1669 _exception(SIGILL, regs, ILL_ILLOPC, regs->nip);
1671 #endif /* CONFIG_8xx */
1673 #ifdef CONFIG_PPC_ADV_DEBUG_REGS
1674 static void handle_debug(struct pt_regs *regs, unsigned long debug_status)
1678 * Determine the cause of the debug event, clear the
1679 * event flags and send a trap to the handler. Torez
1681 if (debug_status & (DBSR_DAC1R | DBSR_DAC1W)) {
1682 dbcr_dac(current) &= ~(DBCR_DAC1R | DBCR_DAC1W);
1683 #ifdef CONFIG_PPC_ADV_DEBUG_DAC_RANGE
1684 current->thread.debug.dbcr2 &= ~DBCR2_DAC12MODE;
1686 do_send_trap(regs, mfspr(SPRN_DAC1), debug_status, TRAP_HWBKPT,
1689 } else if (debug_status & (DBSR_DAC2R | DBSR_DAC2W)) {
1690 dbcr_dac(current) &= ~(DBCR_DAC2R | DBCR_DAC2W);
1691 do_send_trap(regs, mfspr(SPRN_DAC2), debug_status, TRAP_HWBKPT,
1694 } else if (debug_status & DBSR_IAC1) {
1695 current->thread.debug.dbcr0 &= ~DBCR0_IAC1;
1696 dbcr_iac_range(current) &= ~DBCR_IAC12MODE;
1697 do_send_trap(regs, mfspr(SPRN_IAC1), debug_status, TRAP_HWBKPT,
1700 } else if (debug_status & DBSR_IAC2) {
1701 current->thread.debug.dbcr0 &= ~DBCR0_IAC2;
1702 do_send_trap(regs, mfspr(SPRN_IAC2), debug_status, TRAP_HWBKPT,
1705 } else if (debug_status & DBSR_IAC3) {
1706 current->thread.debug.dbcr0 &= ~DBCR0_IAC3;
1707 dbcr_iac_range(current) &= ~DBCR_IAC34MODE;
1708 do_send_trap(regs, mfspr(SPRN_IAC3), debug_status, TRAP_HWBKPT,
1711 } else if (debug_status & DBSR_IAC4) {
1712 current->thread.debug.dbcr0 &= ~DBCR0_IAC4;
1713 do_send_trap(regs, mfspr(SPRN_IAC4), debug_status, TRAP_HWBKPT,
1718 * At the point this routine was called, the MSR(DE) was turned off.
1719 * Check all other debug flags and see if that bit needs to be turned
1722 if (DBCR_ACTIVE_EVENTS(current->thread.debug.dbcr0,
1723 current->thread.debug.dbcr1))
1724 regs->msr |= MSR_DE;
1726 /* Make sure the IDM flag is off */
1727 current->thread.debug.dbcr0 &= ~DBCR0_IDM;
1730 mtspr(SPRN_DBCR0, current->thread.debug.dbcr0);
1733 void DebugException(struct pt_regs *regs, unsigned long debug_status)
1735 current->thread.debug.dbsr = debug_status;
1737 /* Hack alert: On BookE, Branch Taken stops on the branch itself, while
1738 * on server, it stops on the target of the branch. In order to simulate
1739 * the server behaviour, we thus restart right away with a single step
1740 * instead of stopping here when hitting a BT
1742 if (debug_status & DBSR_BT) {
1743 regs->msr &= ~MSR_DE;
1746 mtspr(SPRN_DBCR0, mfspr(SPRN_DBCR0) & ~DBCR0_BT);
1747 /* Clear the BT event */
1748 mtspr(SPRN_DBSR, DBSR_BT);
1750 /* Do the single step trick only when coming from userspace */
1751 if (user_mode(regs)) {
1752 current->thread.debug.dbcr0 &= ~DBCR0_BT;
1753 current->thread.debug.dbcr0 |= DBCR0_IDM | DBCR0_IC;
1754 regs->msr |= MSR_DE;
1758 if (kprobe_post_handler(regs))
1761 if (notify_die(DIE_SSTEP, "block_step", regs, 5,
1762 5, SIGTRAP) == NOTIFY_STOP) {
1765 if (debugger_sstep(regs))
1767 } else if (debug_status & DBSR_IC) { /* Instruction complete */
1768 regs->msr &= ~MSR_DE;
1770 /* Disable instruction completion */
1771 mtspr(SPRN_DBCR0, mfspr(SPRN_DBCR0) & ~DBCR0_IC);
1772 /* Clear the instruction completion event */
1773 mtspr(SPRN_DBSR, DBSR_IC);
1775 if (kprobe_post_handler(regs))
1778 if (notify_die(DIE_SSTEP, "single_step", regs, 5,
1779 5, SIGTRAP) == NOTIFY_STOP) {
1783 if (debugger_sstep(regs))
1786 if (user_mode(regs)) {
1787 current->thread.debug.dbcr0 &= ~DBCR0_IC;
1788 if (DBCR_ACTIVE_EVENTS(current->thread.debug.dbcr0,
1789 current->thread.debug.dbcr1))
1790 regs->msr |= MSR_DE;
1792 /* Make sure the IDM bit is off */
1793 current->thread.debug.dbcr0 &= ~DBCR0_IDM;
1796 _exception(SIGTRAP, regs, TRAP_TRACE, regs->nip);
1798 handle_debug(regs, debug_status);
1800 NOKPROBE_SYMBOL(DebugException);
1801 #endif /* CONFIG_PPC_ADV_DEBUG_REGS */
1803 #if !defined(CONFIG_TAU_INT)
1804 void TAUException(struct pt_regs *regs)
1806 printk("TAU trap at PC: %lx, MSR: %lx, vector=%lx %s\n",
1807 regs->nip, regs->msr, regs->trap, print_tainted());
1809 #endif /* CONFIG_INT_TAU */
1811 #ifdef CONFIG_ALTIVEC
1812 void altivec_assist_exception(struct pt_regs *regs)
1816 if (!user_mode(regs)) {
1817 printk(KERN_EMERG "VMX/Altivec assist exception in kernel mode"
1818 " at %lx\n", regs->nip);
1819 die("Kernel VMX/Altivec assist exception", regs, SIGILL);
1822 flush_altivec_to_thread(current);
1824 PPC_WARN_EMULATED(altivec, regs);
1825 err = emulate_altivec(regs);
1827 regs->nip += 4; /* skip emulated instruction */
1828 emulate_single_step(regs);
1832 if (err == -EFAULT) {
1833 /* got an error reading the instruction */
1834 _exception(SIGSEGV, regs, SEGV_ACCERR, regs->nip);
1836 /* didn't recognize the instruction */
1837 /* XXX quick hack for now: set the non-Java bit in the VSCR */
1838 printk_ratelimited(KERN_ERR "Unrecognized altivec instruction "
1839 "in %s at %lx\n", current->comm, regs->nip);
1840 current->thread.vr_state.vscr.u[3] |= 0x10000;
1843 #endif /* CONFIG_ALTIVEC */
1845 #ifdef CONFIG_FSL_BOOKE
1846 void CacheLockingException(struct pt_regs *regs, unsigned long address,
1847 unsigned long error_code)
1849 /* We treat cache locking instructions from the user
1850 * as priv ops, in the future we could try to do
1853 if (error_code & (ESR_DLK|ESR_ILK))
1854 _exception(SIGILL, regs, ILL_PRVOPC, regs->nip);
1857 #endif /* CONFIG_FSL_BOOKE */
1860 void SPEFloatingPointException(struct pt_regs *regs)
1862 extern int do_spe_mathemu(struct pt_regs *regs);
1863 unsigned long spefscr;
1868 flush_spe_to_thread(current);
1870 spefscr = current->thread.spefscr;
1871 fpexc_mode = current->thread.fpexc_mode;
1873 if ((spefscr & SPEFSCR_FOVF) && (fpexc_mode & PR_FP_EXC_OVF)) {
1876 else if ((spefscr & SPEFSCR_FUNF) && (fpexc_mode & PR_FP_EXC_UND)) {
1879 else if ((spefscr & SPEFSCR_FDBZ) && (fpexc_mode & PR_FP_EXC_DIV))
1881 else if ((spefscr & SPEFSCR_FINV) && (fpexc_mode & PR_FP_EXC_INV)) {
1884 else if ((spefscr & (SPEFSCR_FG | SPEFSCR_FX)) && (fpexc_mode & PR_FP_EXC_RES))
1887 err = do_spe_mathemu(regs);
1889 regs->nip += 4; /* skip emulated instruction */
1890 emulate_single_step(regs);
1894 if (err == -EFAULT) {
1895 /* got an error reading the instruction */
1896 _exception(SIGSEGV, regs, SEGV_ACCERR, regs->nip);
1897 } else if (err == -EINVAL) {
1898 /* didn't recognize the instruction */
1899 printk(KERN_ERR "unrecognized spe instruction "
1900 "in %s at %lx\n", current->comm, regs->nip);
1902 _exception(SIGFPE, regs, code, regs->nip);
1908 void SPEFloatingPointRoundException(struct pt_regs *regs)
1910 extern int speround_handler(struct pt_regs *regs);
1914 if (regs->msr & MSR_SPE)
1915 giveup_spe(current);
1919 err = speround_handler(regs);
1921 regs->nip += 4; /* skip emulated instruction */
1922 emulate_single_step(regs);
1926 if (err == -EFAULT) {
1927 /* got an error reading the instruction */
1928 _exception(SIGSEGV, regs, SEGV_ACCERR, regs->nip);
1929 } else if (err == -EINVAL) {
1930 /* didn't recognize the instruction */
1931 printk(KERN_ERR "unrecognized spe instruction "
1932 "in %s at %lx\n", current->comm, regs->nip);
1934 _exception(SIGFPE, regs, 0, regs->nip);
1941 * We enter here if we get an unrecoverable exception, that is, one
1942 * that happened at a point where the RI (recoverable interrupt) bit
1943 * in the MSR is 0. This indicates that SRR0/1 are live, and that
1944 * we therefore lost state by taking this exception.
1946 void unrecoverable_exception(struct pt_regs *regs)
1948 printk(KERN_EMERG "Unrecoverable exception %lx at %lx\n",
1949 regs->trap, regs->nip);
1950 die("Unrecoverable exception", regs, SIGABRT);
1953 #if defined(CONFIG_BOOKE_WDT) || defined(CONFIG_40x)
1955 * Default handler for a Watchdog exception,
1956 * spins until a reboot occurs
1958 void __attribute__ ((weak)) WatchdogHandler(struct pt_regs *regs)
1960 /* Generic WatchdogHandler, implement your own */
1961 mtspr(SPRN_TCR, mfspr(SPRN_TCR)&(~TCR_WIE));
1965 void WatchdogException(struct pt_regs *regs)
1967 printk (KERN_EMERG "PowerPC Book-E Watchdog Exception\n");
1968 WatchdogHandler(regs);
1973 * We enter here if we discover during exception entry that we are
1974 * running in supervisor mode with a userspace value in the stack pointer.
1976 void kernel_bad_stack(struct pt_regs *regs)
1978 printk(KERN_EMERG "Bad kernel stack pointer %lx at %lx\n",
1979 regs->gpr[1], regs->nip);
1980 die("Bad kernel stack pointer", regs, SIGABRT);
1983 void __init trap_init(void)
1988 #ifdef CONFIG_PPC_EMULATED_STATS
1990 #define WARN_EMULATED_SETUP(type) .type = { .name = #type }
1992 struct ppc_emulated ppc_emulated = {
1993 #ifdef CONFIG_ALTIVEC
1994 WARN_EMULATED_SETUP(altivec),
1996 WARN_EMULATED_SETUP(dcba),
1997 WARN_EMULATED_SETUP(dcbz),
1998 WARN_EMULATED_SETUP(fp_pair),
1999 WARN_EMULATED_SETUP(isel),
2000 WARN_EMULATED_SETUP(mcrxr),
2001 WARN_EMULATED_SETUP(mfpvr),
2002 WARN_EMULATED_SETUP(multiple),
2003 WARN_EMULATED_SETUP(popcntb),
2004 WARN_EMULATED_SETUP(spe),
2005 WARN_EMULATED_SETUP(string),
2006 WARN_EMULATED_SETUP(sync),
2007 WARN_EMULATED_SETUP(unaligned),
2008 #ifdef CONFIG_MATH_EMULATION
2009 WARN_EMULATED_SETUP(math),
2012 WARN_EMULATED_SETUP(vsx),
2015 WARN_EMULATED_SETUP(mfdscr),
2016 WARN_EMULATED_SETUP(mtdscr),
2017 WARN_EMULATED_SETUP(lq_stq),
2021 u32 ppc_warn_emulated;
2023 void ppc_warn_emulated_print(const char *type)
2025 pr_warn_ratelimited("%s used emulated %s instruction\n", current->comm,
2029 static int __init ppc_warn_emulated_init(void)
2031 struct dentry *dir, *d;
2033 struct ppc_emulated_entry *entries = (void *)&ppc_emulated;
2035 if (!powerpc_debugfs_root)
2038 dir = debugfs_create_dir("emulated_instructions",
2039 powerpc_debugfs_root);
2043 d = debugfs_create_u32("do_warn", S_IRUGO | S_IWUSR, dir,
2044 &ppc_warn_emulated);
2048 for (i = 0; i < sizeof(ppc_emulated)/sizeof(*entries); i++) {
2049 d = debugfs_create_u32(entries[i].name, S_IRUGO | S_IWUSR, dir,
2050 (u32 *)&entries[i].val.counter);
2058 debugfs_remove_recursive(dir);
2062 device_initcall(ppc_warn_emulated_init);
2064 #endif /* CONFIG_PPC_EMULATED_STATS */
projects / karo-tx-linux.git / blob