1 /*
2 * linux/arch/arm/kernel/traps.c
3 *
4 * Copyright (C) 1995-2002 Russell King
5 * Fragments that appear the same as linux/arch/i386/kernel/traps.c (C) Linus Torvalds
6 *
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License version 2 as
9 * published by the Free Software Foundation.
10 *
11 * 'traps.c' handles hardware exceptions after we have saved some state in
12 * 'linux/arch/arm/lib/traps.S'. Mostly a debugging aid, but will probably
13 * kill the offending process.
14 */
15 #include <linux/config.h>
16 #include <linux/types.h>
17 #include <linux/kernel.h>
18 #include <linux/signal.h>
19 #include <linux/sched.h>
20 #include <linux/mm.h>
21 #include <linux/spinlock.h>
22 #include <linux/personality.h>
23 #include <linux/ptrace.h>
24 #include <linux/elf.h>
25 #include <linux/interrupt.h>
26 #include <linux/init.h>
27
28 #include <asm/pgtable.h>
29 #include <asm/system.h>
30 #include <asm/uaccess.h>
31 #include <asm/unistd.h>
32
33 #include "ptrace.h"
34
35 extern void c_backtrace (unsigned long fp, int pmode);
36 extern void show_pte(struct mm_struct *mm, unsigned long addr);
37
38 const char *processor_modes[]=
39 { "USER_26", "FIQ_26" , "IRQ_26" , "SVC_26" , "UK4_26" , "UK5_26" , "UK6_26" , "UK7_26" ,
40 "UK8_26" , "UK9_26" , "UK10_26", "UK11_26", "UK12_26", "UK13_26", "UK14_26", "UK15_26",
41 "USER_32", "FIQ_32" , "IRQ_32" , "SVC_32" , "UK4_32" , "UK5_32" , "UK6_32" , "ABT_32" ,
42 "UK8_32" , "UK9_32" , "UK10_32", "UND_32" , "UK12_32", "UK13_32", "UK14_32", "SYS_32"
43 };
44
45 static const char *handler[]= { "prefetch abort", "data abort", "address exception", "interrupt" };
46
47 /*
48 * Stack pointers should always be within the kernels view of
49 * physical memory. If it is not there, then we can't dump
50 * out any information relating to the stack.
51 */
verify_stack(unsigned long sp)52 static int verify_stack(unsigned long sp)
53 {
54 if (sp < PAGE_OFFSET || (sp > (unsigned long)high_memory && high_memory != 0))
55 return -EFAULT;
56
57 return 0;
58 }
59
60 /*
61 * Dump out the contents of some memory nicely...
62 */
dump_mem(const char * str,unsigned long bottom,unsigned long top)63 static void dump_mem(const char *str, unsigned long bottom, unsigned long top)
64 {
65 unsigned long p = bottom & ~31;
66 mm_segment_t fs;
67 int i;
68
69 /*
70 * We need to switch to kernel mode so that we can use __get_user
71 * to safely read from kernel space. Note that we now dump the
72 * code first, just in case the backtrace kills us.
73 */
74 fs = get_fs();
75 set_fs(KERNEL_DS);
76
77 printk("%s(0x%08lx to 0x%08lx)\n", str, bottom, top);
78
79 for (p = bottom & ~31; p < top;) {
80 printk("%04lx: ", p & 0xffff);
81
82 for (i = 0; i < 8; i++, p += 4) {
83 unsigned int val;
84
85 if (p < bottom || p >= top)
86 printk(" ");
87 else {
88 __get_user(val, (unsigned long *)p);
89 printk("%08x ", val);
90 }
91 }
92 printk ("\n");
93 }
94
95 set_fs(fs);
96 }
97
dump_instr(struct pt_regs * regs)98 static void dump_instr(struct pt_regs *regs)
99 {
100 unsigned long addr = instruction_pointer(regs);
101 const int thumb = thumb_mode(regs);
102 const int width = thumb ? 4 : 8;
103 mm_segment_t fs;
104 int i;
105
106 /*
107 * We need to switch to kernel mode so that we can use __get_user
108 * to safely read from kernel space. Note that we now dump the
109 * code first, just in case the backtrace kills us.
110 */
111 fs = get_fs();
112 set_fs(KERNEL_DS);
113
114 printk("Code: ");
115 for (i = -4; i < 1; i++) {
116 unsigned int val, bad;
117
118 if (thumb)
119 bad = __get_user(val, &((u16 *)addr)[i]);
120 else
121 bad = __get_user(val, &((u32 *)addr)[i]);
122
123 if (!bad)
124 printk(i == 0 ? "(%0*x) " : "%0*x ", width, val);
125 else {
126 printk("bad PC value.");
127 break;
128 }
129 }
130 printk("\n");
131
132 set_fs(fs);
133 }
134
I_really_mean_dump_stack_so_dont_mess_with_me(struct task_struct * tsk,unsigned long sp)135 static void I_really_mean_dump_stack_so_dont_mess_with_me(struct task_struct *tsk, unsigned long sp)
136 {
137 dump_mem("Stack: ", sp, 8192+(unsigned long)tsk);
138 }
139
dump_backtrace(struct pt_regs * regs,struct task_struct * tsk)140 static void dump_backtrace(struct pt_regs *regs, struct task_struct *tsk)
141 {
142 unsigned int fp = regs->ARM_fp;
143 char *msg = "";
144 int ok = 1;
145
146 #ifdef CONFIG_FRAME_POINTER
147 if (!fp) {
148 msg = "no frame pointer";
149 ok = 0;
150 } else if (verify_stack(fp)) {
151 msg = "invalid frame pointer";
152 ok = 0;
153 } else if (fp < 4096+(unsigned long)tsk)
154 msg = "frame pointer underflow";
155 #else
156 msg = "not available";
157 ok = 0;
158 #endif
159
160 printk("Backtrace: %s\n", msg);
161
162 if (ok)
163 c_backtrace(fp, processor_mode(regs));
164 }
165
166 /*
167 * This is called from SysRq-T (show_task) to display the current
168 * call trace for each process. Very useful.
169 */
show_trace_task(struct task_struct * tsk)170 void show_trace_task(struct task_struct *tsk)
171 {
172 if (tsk != current) {
173 unsigned int fp = thread_saved_fp(&tsk->thread);
174 c_backtrace(fp, 0x10);
175 }
176 }
177
178 spinlock_t die_lock = SPIN_LOCK_UNLOCKED;
179
180 /*
181 * This function is protected against re-entrancy.
182 */
die(const char * str,struct pt_regs * regs,int err)183 NORET_TYPE void die(const char *str, struct pt_regs *regs, int err)
184 {
185 struct task_struct *tsk = current;
186
187 console_verbose();
188 spin_lock_irq(&die_lock);
189
190 printk("Internal error: %s: %x\n", str, err);
191 printk("CPU: %d\n", smp_processor_id());
192 show_regs(regs);
193 printk("Process %s (pid: %d, stack limit = 0x%p)\n",
194 current->comm, current->pid, tsk + 1);
195
196 if (!user_mode(regs) || in_interrupt()) {
197 I_really_mean_dump_stack_so_dont_mess_with_me(tsk, (unsigned long)(regs + 1));
198 dump_backtrace(regs, tsk);
199 dump_instr(regs);
200 }
201
202 spin_unlock_irq(&die_lock);
203 do_exit(SIGSEGV);
204 }
205
die_if_kernel(const char * str,struct pt_regs * regs,int err)206 void die_if_kernel(const char *str, struct pt_regs *regs, int err)
207 {
208 if (user_mode(regs))
209 return;
210
211 die(str, regs, err);
212 }
213
do_undefinstr(int address,struct pt_regs * regs,int mode)214 asmlinkage void do_undefinstr(int address, struct pt_regs *regs, int mode)
215 {
216 unsigned long *pc;
217 siginfo_t info;
218
219 /*
220 * According to the ARM ARM, PC is 2 or 4 bytes ahead, depending
221 * whether we're in Thumb mode or not.
222 */
223 regs->ARM_pc -= thumb_mode(regs) ? 2 : 4;
224 pc = (unsigned long *)instruction_pointer(regs);
225
226 #ifdef CONFIG_DEBUG_USER
227 printk(KERN_INFO "%s (%d): undefined instruction: pc=%p\n",
228 current->comm, current->pid, pc);
229 dump_instr(regs);
230 #endif
231
232 current->thread.error_code = 0;
233 current->thread.trap_no = 6;
234
235 info.si_signo = SIGILL;
236 info.si_errno = 0;
237 info.si_code = ILL_ILLOPC;
238 info.si_addr = pc;
239
240 force_sig_info(SIGILL, &info, current);
241
242 die_if_kernel("Oops - undefined instruction", regs, mode);
243 }
244
245 #ifdef CONFIG_CPU_26
do_excpt(int address,struct pt_regs * regs,int mode)246 asmlinkage void do_excpt(int address, struct pt_regs *regs, int mode)
247 {
248 siginfo_t info;
249
250 #ifdef CONFIG_DEBUG_USER
251 printk(KERN_INFO "%s (%d): address exception: pc=%08lx\n",
252 current->comm, current->pid, instruction_pointer(regs));
253 dump_instr(regs);
254 #endif
255
256 current->thread.error_code = 0;
257 current->thread.trap_no = 11;
258
259 info.si_signo = SIGBUS;
260 info.si_errno = 0;
261 info.si_code = BUS_ADRERR;
262 info.si_addr = (void *)address;
263
264 force_sig_info(SIGBUS, &info, current);
265
266 die_if_kernel("Oops - address exception", regs, mode);
267 }
268 #endif
269
do_unexp_fiq(struct pt_regs * regs)270 asmlinkage void do_unexp_fiq (struct pt_regs *regs)
271 {
272 #ifndef CONFIG_IGNORE_FIQ
273 printk("Hmm. Unexpected FIQ received, but trying to continue\n");
274 printk("You may have a hardware problem...\n");
275 #endif
276 }
277
278 /*
279 * bad_mode handles the impossible case in the vectors. If you see one of
280 * these, then it's extremely serious, and could mean you have buggy hardware.
281 * It never returns, and never tries to sync. We hope that we can at least
282 * dump out some state information...
283 */
bad_mode(struct pt_regs * regs,int reason,int proc_mode)284 asmlinkage void bad_mode(struct pt_regs *regs, int reason, int proc_mode)
285 {
286 unsigned int vectors = vectors_base();
287
288 console_verbose();
289
290 printk(KERN_CRIT "Bad mode in %s handler detected: mode %s\n",
291 handler[reason], processor_modes[proc_mode]);
292
293 /*
294 * Dump out the vectors and stub routines. Maybe a better solution
295 * would be to dump them out only if we detect that they are corrupted.
296 */
297 dump_mem(KERN_CRIT "Vectors: ", vectors, vectors + 0x40);
298 dump_mem(KERN_CRIT "Stubs: ", vectors + 0x200, vectors + 0x4b8);
299
300 die("Oops", regs, 0);
301 local_irq_disable();
302 panic("bad mode");
303 }
304
bad_syscall(int n,struct pt_regs * regs)305 static int bad_syscall(int n, struct pt_regs *regs)
306 {
307 siginfo_t info;
308
309 /* You might think just testing `handler' would be enough, but PER_LINUX
310 * points it to no_lcall7 to catch undercover SVr4 binaries. Gutted.
311 */
312 if (current->personality != PER_LINUX && current->exec_domain->handler) {
313 /* Hand it off to iBCS. The extra parameter and consequent type
314 * forcing is necessary because of the weird ARM calling convention.
315 */
316 current->exec_domain->handler(n, regs);
317 return regs->ARM_r0;
318 }
319
320 #ifdef CONFIG_DEBUG_USER
321 printk(KERN_ERR "[%d] %s: obsolete system call %08x.\n",
322 current->pid, current->comm, n);
323 dump_instr(regs);
324 #endif
325
326 info.si_signo = SIGILL;
327 info.si_errno = 0;
328 info.si_code = ILL_ILLTRP;
329 info.si_addr = (void *)instruction_pointer(regs) -
330 (thumb_mode(regs) ? 2 : 4);
331
332 force_sig_info(SIGILL, &info, current);
333 die_if_kernel("Oops", regs, n);
334 return regs->ARM_r0;
335 }
336
337 /*
338 * Handle all unrecognised system calls.
339 * 0x9f0000 - 0x9fffff are some more esoteric system calls
340 */
341 #define NR(x) ((__ARM_NR_##x) - __ARM_NR_BASE)
arm_syscall(int no,struct pt_regs * regs)342 asmlinkage int arm_syscall(int no, struct pt_regs *regs)
343 {
344 siginfo_t info;
345
346 if ((no >> 16) != 0x9f)
347 return bad_syscall(no, regs);
348
349 switch (no & 0xffff) {
350 case 0: /* branch through 0 */
351 info.si_signo = SIGSEGV;
352 info.si_errno = 0;
353 info.si_code = SEGV_MAPERR;
354 info.si_addr = NULL;
355
356 force_sig_info(SIGSEGV, &info, current);
357
358 die_if_kernel("branch through zero", regs, 0);
359 return 0;
360
361 case NR(breakpoint): /* SWI BREAK_POINT */
362 ptrace_break(current, regs);
363 return regs->ARM_r0;
364
365 #ifdef CONFIG_CPU_32
366 /*
367 * Flush a region from virtual address 'r0' to virtual address 'r1'
368 * _inclusive_. There is no alignment requirement on either address;
369 * user space does not need to know the hardware cache layout.
370 *
371 * r2 contains flags. It should ALWAYS be passed as ZERO until it
372 * is defined to be something else. For now we ignore it, but may
373 * the fires of hell burn in your belly if you break this rule. ;)
374 *
375 * (at a later date, we may want to allow this call to not flush
376 * various aspects of the cache. Passing '0' will guarantee that
377 * everything necessary gets flushed to maintain consistency in
378 * the specified region).
379 */
380 case NR(cacheflush):
381 cpu_cache_clean_invalidate_range(regs->ARM_r0, regs->ARM_r1, 1);
382 return 0;
383
384 case NR(usr26):
385 if (!(elf_hwcap & HWCAP_26BIT))
386 break;
387 regs->ARM_cpsr &= ~0x10;
388 return regs->ARM_r0;
389
390 case NR(usr32):
391 if (!(elf_hwcap & HWCAP_26BIT))
392 break;
393 regs->ARM_cpsr |= 0x10;
394 return regs->ARM_r0;
395 #else
396 case NR(cacheflush):
397 return 0;
398
399 case NR(usr26):
400 case NR(usr32):
401 break;
402 #endif
403
404 default:
405 /* Calls 9f00xx..9f07ff are defined to return -ENOSYS
406 if not implemented, rather than raising SIGILL. This
407 way the calling program can gracefully determine whether
408 a feature is supported. */
409 if (no <= 0x7ff)
410 return -ENOSYS;
411 break;
412 }
413 #ifdef CONFIG_DEBUG_USER
414 /*
415 * experience shows that these seem to indicate that
416 * something catastrophic has happened
417 */
418 printk("[%d] %s: arm syscall %d\n", current->pid, current->comm, no);
419 dump_instr(regs);
420 if (user_mode(regs)) {
421 show_regs(regs);
422 c_backtrace(regs->ARM_fp, processor_mode(regs));
423 }
424 #endif
425 info.si_signo = SIGILL;
426 info.si_errno = 0;
427 info.si_code = ILL_ILLTRP;
428 info.si_addr = (void *)instruction_pointer(regs) -
429 (thumb_mode(regs) ? 2 : 4);
430
431 force_sig_info(SIGILL, &info, current);
432 die_if_kernel("Oops", regs, no);
433 return 0;
434 }
435
__bad_xchg(volatile void * ptr,int size)436 void __bad_xchg(volatile void *ptr, int size)
437 {
438 printk("xchg: bad data size: pc 0x%p, ptr 0x%p, size %d\n",
439 __builtin_return_address(0), ptr, size);
440 BUG();
441 }
442
443 /*
444 * A data abort trap was taken, but we did not handle the instruction.
445 * Try to abort the user program, or panic if it was the kernel.
446 */
447 asmlinkage void
baddataabort(int code,unsigned long instr,struct pt_regs * regs)448 baddataabort(int code, unsigned long instr, struct pt_regs *regs)
449 {
450 unsigned long addr = instruction_pointer(regs);
451 siginfo_t info;
452
453 #ifdef CONFIG_DEBUG_USER
454 printk(KERN_ERR "[%d] %s: bad data abort: code %d instr 0x%08lx\n",
455 current->pid, current->comm, code, instr);
456 dump_instr(regs);
457 show_pte(current->mm, addr);
458 #endif
459
460 info.si_signo = SIGILL;
461 info.si_errno = 0;
462 info.si_code = ILL_ILLOPC;
463 info.si_addr = (void *)addr;
464
465 force_sig_info(SIGILL, &info, current);
466 die_if_kernel("unknown data abort code", regs, instr);
467 }
468
__bug(const char * file,int line,void * data)469 void __bug(const char *file, int line, void *data)
470 {
471 printk(KERN_CRIT"kernel BUG at %s:%d!", file, line);
472 if (data)
473 printk(KERN_CRIT" - extra data = %p", data);
474 printk("\n");
475 *(int *)0 = 0;
476 }
477
__readwrite_bug(const char * fn)478 void __readwrite_bug(const char *fn)
479 {
480 printk("%s called, but not implemented", fn);
481 BUG();
482 }
483
__pte_error(const char * file,int line,unsigned long val)484 void __pte_error(const char *file, int line, unsigned long val)
485 {
486 printk("%s:%d: bad pte %08lx.\n", file, line, val);
487 }
488
__pmd_error(const char * file,int line,unsigned long val)489 void __pmd_error(const char *file, int line, unsigned long val)
490 {
491 printk("%s:%d: bad pmd %08lx.\n", file, line, val);
492 }
493
__pgd_error(const char * file,int line,unsigned long val)494 void __pgd_error(const char *file, int line, unsigned long val)
495 {
496 printk("%s:%d: bad pgd %08lx.\n", file, line, val);
497 }
498
__div0(void)499 asmlinkage void __div0(void)
500 {
501 printk("Division by zero in kernel.\n");
502 __backtrace();
503 }
504
abort(void)505 void abort(void)
506 {
507 BUG();
508
509 /* if that doesn't kill us, halt */
510 panic("Oops failed to kill thread");
511 }
512
trap_init(void)513 void __init trap_init(void)
514 {
515 extern void __trap_init(unsigned long);
516 unsigned long base = vectors_base();
517
518 __trap_init(base);
519 if (base != 0)
520 printk(KERN_DEBUG "Relocating machine vectors to 0x%08lx\n",
521 base);
522 #ifdef CONFIG_CPU_32
523 modify_domain(DOMAIN_USER, DOMAIN_CLIENT);
524 #endif
525 }
526