2 * linux/arch/cris/mm/fault.c
4 * Copyright (C) 2000, 2001 Axis Communications AB
9 * Revision 1.1.1.1 2005/04/11 02:49:58 jack
12 * Revision 1.1.1.1 2005/01/10 13:16:04 jack
15 * Revision 1.21 2002/05/28 14:24:56 bjornw
18 * Revision 1.20 2001/11/22 13:34:06 bjornw
19 * * Bug workaround (LX TR89): force a rerun of the whole of an interrupted
20 * unaligned write, because the second half of the write will be corrupted
21 * otherwise. Affected unaligned writes spanning not-yet mapped pages.
22 * * Optimization: use the wr_rd bit in R_MMU_CAUSE to know whether a miss
23 * was due to a read or a write (before we didn't know this until the next
24 * restart of the interrupted instruction, thus wasting one fault-irq)
26 * Revision 1.19 2001/11/12 19:02:10 pkj
27 * Fixed compiler warnings.
29 * Revision 1.18 2001/07/18 22:14:32 bjornw
30 * Enable interrupts in the bulk of do_page_fault
32 * Revision 1.17 2001/07/18 13:07:23 bjornw
33 * * Detect non-existant PTE's in vmalloc pmd synchronization
34 * * Remove comment about fast-paths for VMALLOC_START etc, because all that
35 * was totally bogus anyway it turned out :)
36 * * Fix detection of vmalloc-area synchronization
39 * Revision 1.16 2001/06/13 00:06:08 bjornw
40 * current_pgd should be volatile
42 * Revision 1.15 2001/06/13 00:02:23 bjornw
43 * Use a separate variable to store the current pgd to avoid races in schedule
45 * Revision 1.14 2001/05/16 17:41:07 hp
46 * Last comment tweak further tweaked.
48 * Revision 1.13 2001/05/15 00:58:44 hp
49 * Expand a bit on the comment why we compare address >= TASK_SIZE rather
50 * than >= VMALLOC_START.
52 * Revision 1.12 2001/04/04 10:51:14 bjornw
53 * mmap_sem is grabbed for reading
55 * Revision 1.11 2001/03/23 07:36:07 starvik
56 * Corrected according to review remarks
58 * Revision 1.10 2001/03/21 16:10:11 bjornw
59 * CRIS_FRAME_FIXUP not needed anymore, use FRAME_NORMAL
61 * Revision 1.9 2001/03/05 13:22:20 bjornw
62 * Spell-fix and fix in vmalloc_fault handling
64 * Revision 1.8 2000/11/22 14:45:31 bjornw
65 * * 2.4.0-test10 removed the set_pgdir instantaneous kernel global mapping
66 * into all processes. Instead we fill in the missing PTE entries on demand.
68 * Revision 1.7 2000/11/21 16:39:09 bjornw
69 * fixup switches frametype
71 * Revision 1.6 2000/11/17 16:54:08 bjornw
72 * More detailed siginfo reporting
77 #include <linux/signal.h>
78 #include <linux/sched.h>
79 #include <linux/kernel.h>
80 #include <linux/errno.h>
81 #include <linux/string.h>
82 #include <linux/types.h>
83 #include <linux/ptrace.h>
84 #include <linux/mman.h>
86 #include <linux/interrupt.h>
88 #include <asm/system.h>
89 #include <asm/segment.h>
90 #include <asm/pgtable.h>
91 #include <asm/uaccess.h>
92 #include <asm/svinto.h>
94 extern void die_if_kernel(const char *,struct pt_regs *,long);
96 asmlinkage void do_invalid_op (struct pt_regs *, unsigned long);
97 asmlinkage void do_page_fault(unsigned long address, struct pt_regs *regs,
100 /* debug of low-level TLB reload */
109 /* debug of higher-level faults */
112 /* current active page directory */
114 volatile pgd_t *current_pgd;
116 /* fast TLB-fill fault handler
117 * this is called from entry.S with interrupts disabled
121 handle_mmu_bus_fault(struct pt_regs *regs)
129 int miss, we, writeac;
133 unsigned long address;
135 cause = *R_MMU_CAUSE;
136 select = *R_TLB_SELECT;
138 address = cause & PAGE_MASK; /* get faulting address */
141 page_id = IO_EXTRACT(R_MMU_CAUSE, page_id, cause);
142 acc = IO_EXTRACT(R_MMU_CAUSE, acc_excp, cause);
143 inv = IO_EXTRACT(R_MMU_CAUSE, inv_excp, cause);
144 index = IO_EXTRACT(R_TLB_SELECT, index, select);
146 miss = IO_EXTRACT(R_MMU_CAUSE, miss_excp, cause);
147 we = IO_EXTRACT(R_MMU_CAUSE, we_excp, cause);
148 writeac = IO_EXTRACT(R_MMU_CAUSE, wr_rd, cause);
150 /* ETRAX 100LX TR89 bugfix: if the second half of an unaligned
151 * write causes a MMU-fault, it will not be restarted correctly.
152 * This could happen if a write crosses a page-boundary and the
153 * second page is not yet COW'ed or even loaded. The workaround
154 * is to clear the unaligned bit in the CPU status record, so
155 * that the CPU will rerun both the first and second halves of
156 * the instruction. This will not have any sideeffects unless
157 * the first half goes to any device or memory that can't be
158 * written twice, and which is mapped through the MMU.
160 * We only need to do this for writes.
164 regs->csrinstr &= ~(1 << 5);
166 /* Set errcode's R/W flag according to the mode which caused the
170 errcode = writeac << 1;
172 D(printk("bus_fault from IRP 0x%lx: addr 0x%lx, miss %d, inv %d, we %d, acc %d, dx %d pid %d\n",
173 regs->irp, address, miss, inv, we, acc, index, page_id));
175 /* for a miss, we need to reload the TLB entry */
178 /* see if the pte exists at all
179 * refer through current_pgd, dont use mm->pgd
182 pmd = (pmd_t *)(current_pgd + pgd_index(address));
186 printk("bad pgdir entry 0x%lx at 0x%p\n", *(unsigned long*)pmd, pmd);
190 pte = *pte_offset(pmd, address);
191 if (!pte_present(pte))
195 printk(" found pte %lx pg %p ", pte_val(pte), pte_page(pte));
196 if (pte_val(pte) & _PAGE_SILENT_WRITE)
198 if (pte_val(pte) & _PAGE_KERNEL)
200 if (pte_val(pte) & _PAGE_SILENT_READ)
202 if (pte_val(pte) & _PAGE_GLOBAL)
204 if (pte_val(pte) & _PAGE_PRESENT)
206 if (pte_val(pte) & _PAGE_ACCESSED)
208 if (pte_val(pte) & _PAGE_MODIFIED)
210 if (pte_val(pte) & _PAGE_READ)
212 if (pte_val(pte) & _PAGE_WRITE)
213 printk("Writeable ");
217 /* load up the chosen TLB entry
218 * this assumes the pte format is the same as the TLB_LO layout.
220 * the write to R_TLB_LO also writes the vpn and page_id fields from
221 * R_MMU_CAUSE, which we in this case obviously want to keep
224 *R_TLB_LO = pte_val(pte);
229 errcode = 1 | (we << 1);
232 /* leave it to the MM system fault handler below */
233 D(printk("do_page_fault %lx errcode %d\n", address, errcode));
234 do_page_fault(address, regs, errcode);
238 * This routine handles page faults. It determines the address,
239 * and the problem, and then passes it off to one of the appropriate
242 * Notice that the address we're given is aligned to the page the fault
243 * occurred in, since we only get the PFN in R_MMU_CAUSE not the complete
247 * bit 0 == 0 means no page found, 1 means protection fault
248 * bit 1 == 0 means read, 1 means write
250 * If this routine detects a bad access, it returns 1, otherwise it
255 do_page_fault(unsigned long address, struct pt_regs *regs,
258 struct task_struct *tsk;
259 struct mm_struct *mm;
260 struct vm_area_struct * vma;
268 * We fault-in kernel-space virtual memory on-demand. The
269 * 'reference' page table is init_mm.pgd.
271 * NOTE! We MUST NOT take any locks for this case. We may
272 * be in an interrupt or a critical region, and should
273 * only copy the information from the master page table,
276 * NOTE2: This is done so that, when updating the vmalloc
277 * mappings we don't have to walk all processes pgdirs and
278 * add the high mappings all at once. Instead we do it as they
279 * are used. However vmalloc'ed page entries have the PAGE_GLOBAL
280 * bit set so sometimes the TLB can use a lingering entry.
282 * This verifies that the fault happens in kernel space
283 * and that the fault was not a protection error (error_code & 1).
286 if (address >= VMALLOC_START &&
291 /* we can and should enable interrupts at this point */
295 writeaccess = error_code & 2;
296 info.si_code = SEGV_MAPERR;
299 * If we're in an interrupt or have no user
300 * context, we must not take the fault..
303 if (in_interrupt() || !mm)
306 down_read(&mm->mmap_sem);
307 vma = find_vma(mm, address);
310 if (vma->vm_start <= address)
312 if (!(vma->vm_flags & VM_GROWSDOWN))
314 if (user_mode(regs)) {
316 * accessing the stack below usp is always a bug.
317 * we get page-aligned addresses so we can only check
318 * if we're within a page from usp, but that might be
319 * enough to catch brutal errors at least.
321 if (address + PAGE_SIZE < rdusp())
324 if (expand_stack(vma, address))
328 * Ok, we have a good vm_area for this memory access, so
333 info.si_code = SEGV_ACCERR;
335 /* first do some preliminary protection checks */
338 if (!(vma->vm_flags & VM_WRITE))
341 if (!(vma->vm_flags & (VM_READ | VM_EXEC)))
346 * If for any reason at all we couldn't handle the fault,
347 * make sure we exit gracefully rather than endlessly redo
351 switch (handle_mm_fault(mm, vma, address, writeaccess)) {
364 up_read(&mm->mmap_sem);
368 * Something tried to access memory that isn't in our memory map..
369 * Fix it, but check if it's kernel or user first..
373 up_read(&mm->mmap_sem);
375 bad_area_nosemaphore:
376 DPG(show_registers(regs));
378 /* User mode accesses just cause a SIGSEGV */
380 if (user_mode(regs)) {
381 info.si_signo = SIGSEGV;
383 /* info.si_code has been set above */
384 info.si_addr = (void *)address;
385 force_sig_info(SIGSEGV, &info, tsk);
391 /* Are we prepared to handle this kernel fault?
393 * (The kernel has valid exception-points in the source
394 * when it acesses user-memory. When it fails in one
395 * of those points, we find it in a table and do a jump
396 * to some fixup code that loads an appropriate error
400 if ((fixup = search_exception_table(regs->irp)) != 0) {
401 /* Adjust the instruction pointer in the stackframe */
405 /* We do not want to return by restoring the CPU-state
406 * anymore, so switch frame-types (see ptrace.h)
409 regs->frametype = CRIS_FRAME_NORMAL;
411 D(printk("doing fixup to 0x%lx\n", fixup));
416 * Oops. The kernel tried to access some bad page. We'll have to
417 * terminate things with extreme prejudice.
420 if ((unsigned long) (address) < PAGE_SIZE)
421 printk(KERN_ALERT "Unable to handle kernel NULL pointer dereference");
423 printk(KERN_ALERT "Unable to handle kernel access");
424 printk(" at virtual address %08lx\n",address);
426 die_if_kernel("Oops", regs, error_code);
431 * We ran out of memory, or some other thing happened to us that made
432 * us unable to handle the page fault gracefully.
436 up_read(&mm->mmap_sem);
437 printk("VM: killing process %s\n", tsk->comm);
443 up_read(&mm->mmap_sem);
446 * Send a sigbus, regardless of whether we were in kernel
449 info.si_signo = SIGBUS;
451 info.si_code = BUS_ADRERR;
452 info.si_addr = (void *)address;
453 force_sig_info(SIGBUS, &info, tsk);
455 /* Kernel mode? Handle exceptions or die */
456 if (!user_mode(regs))
463 * Synchronize this task's top level page-table
464 * with the 'reference' page table.
466 * Use current_pgd instead of tsk->active_mm->pgd
467 * since the latter might be unavailable if this
468 * code is executed in a misfortunately run irq
469 * (like inside schedule() between switch_mm and
473 int offset = pgd_index(address);
478 pgd = (pgd_t *)current_pgd + offset;
479 pgd_k = init_mm.pgd + offset;
481 /* Since we're two-level, we don't need to do both
482 * set_pgd and set_pmd (they do the same thing). If
483 * we go three-level at some point, do the right thing
484 * with pgd_present and set_pgd here.
486 * Also, since the vmalloc area is global, we don't
487 * need to copy individual PTE's, it is enough to
488 * copy the pgd pointer into the pte page of the
489 * root task. If that is there, we'll find our pte if
493 pmd = pmd_offset(pgd, address);
494 pmd_k = pmd_offset(pgd_k, address);
496 if (!pmd_present(*pmd_k))
497 goto bad_area_nosemaphore;
499 set_pmd(pmd, *pmd_k);
501 /* Make sure the actual PTE exists as well to
502 * catch kernel vmalloc-area accesses to non-mapped
503 * addresses. If we don't do this, this will just
504 * silently loop forever.
507 pte_k = pte_offset(pmd_k, address);
508 if (!pte_present(*pte_k))
projects / linux-2.4.21-pre4.git / blob