1 /* $NetBSD: trap.c,v 1.108 2001/12/04 00:05:08 darrenr Exp $ */ 2 3 /* 4 * Copyright (c) 1996 5 * The President and Fellows of Harvard College. All rights reserved. 6 * Copyright (c) 1992, 1993 7 * The Regents of the University of California. All rights reserved. 8 * 9 * This software was developed by the Computer Systems Engineering group 10 * at Lawrence Berkeley Laboratory under DARPA contract BG 91-66 and 11 * contributed to Berkeley. 12 * 13 * All advertising materials mentioning features or use of this software 14 * must display the following acknowledgement: 15 * This product includes software developed by the University of 16 * California, Lawrence Berkeley Laboratory. 17 * This product includes software developed by Harvard University. 18 * 19 * Redistribution and use in source and binary forms, with or without 20 * modification, are permitted provided that the following conditions 21 * are met: 22 * 1. Redistributions of source code must retain the above copyright 23 * notice, this list of conditions and the following disclaimer. 24 * 2. Redistributions in binary form must reproduce the above copyright 25 * notice, this list of conditions and the following disclaimer in the 26 * documentation and/or other materials provided with the distribution. 27 * 3. All advertising materials mentioning features or use of this software 28 * must display the following acknowledgement: 29 * This product includes software developed by the University of 30 * California, Berkeley and its contributors. 31 * This product includes software developed by Harvard University. 32 * 4. Neither the name of the University nor the names of its contributors 33 * may be used to endorse or promote products derived from this software 34 * without specific prior written permission. 35 * 36 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 37 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 39 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 40 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 41 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 42 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 44 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 45 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 46 * SUCH DAMAGE. 47 * 48 * @(#)trap.c 8.4 (Berkeley) 9/23/93 49 */ 50 51 #include "opt_ddb.h" 52 #include "opt_ktrace.h" 53 #include "opt_compat_svr4.h" 54 #include "opt_compat_sunos.h" 55 #include "opt_sparc_arch.h" 56 57 #include <sys/param.h> 58 #include <sys/systm.h> 59 #include <sys/proc.h> 60 #include <sys/user.h> 61 #include <sys/kernel.h> 62 #include <sys/malloc.h> 63 #include <sys/resource.h> 64 #include <sys/signal.h> 65 #include <sys/wait.h> 66 #include <sys/syscall.h> 67 #include <sys/syslog.h> 68 #ifdef KTRACE 69 #include <sys/ktrace.h> 70 #endif 71 72 #include <uvm/uvm_extern.h> 73 74 #include <sparc/sparc/asm.h> 75 #include <machine/cpu.h> 76 #include <machine/ctlreg.h> 77 #include <machine/trap.h> 78 #include <machine/instr.h> 79 #include <machine/pmap.h> 80 81 #ifdef DDB 82 #include <machine/db_machdep.h> 83 #else 84 #include <machine/frame.h> 85 #endif 86 #ifdef COMPAT_SVR4 87 #include <machine/svr4_machdep.h> 88 #endif 89 #ifdef COMPAT_SUNOS 90 extern struct emul emul_sunos; 91 #define SUNOS_MAXSADDR_SLOP (32 * 1024) 92 #endif 93 94 #include <sparc/fpu/fpu_extern.h> 95 #include <sparc/sparc/memreg.h> 96 #include <sparc/sparc/cpuvar.h> 97 98 #ifdef DEBUG 99 int rwindow_debug = 0; 100 #endif 101 102 /* 103 * Initial FPU state is all registers == all 1s, everything else == all 0s. 104 * This makes every floating point register a signalling NaN, with sign bit 105 * set, no matter how it is interpreted. Appendix N of the Sparc V8 document 106 * seems to imply that we should do this, and it does make sense. 107 */ 108 struct fpstate initfpstate = { 109 { ~0, ~0, ~0, ~0, ~0, ~0, ~0, ~0, ~0, ~0, ~0, ~0, ~0, ~0, ~0, ~0, 110 ~0, ~0, ~0, ~0, ~0, ~0, ~0, ~0, ~0, ~0, ~0, ~0, ~0, ~0, ~0, ~0 }, 111 0, 0, 112 }; 113 114 /* 115 * There are more than 100 trap types, but most are unused. 116 * 117 * Trap type 0 is taken over as an `Asynchronous System Trap'. 118 * This is left-over Vax emulation crap that should be fixed. 119 */ 120 static const char T[] = "trap"; 121 const char *trap_type[] = { 122 /* non-user vectors */ 123 "ast", /* 0 */ 124 "text fault", /* 1 */ 125 "illegal instruction", /* 2 */ 126 "privileged instruction",/*3 */ 127 "fp disabled", /* 4 */ 128 "window overflow", /* 5 */ 129 "window underflow", /* 6 */ 130 "alignment fault", /* 7 */ 131 "fp exception", /* 8 */ 132 "data fault", /* 9 */ 133 "tag overflow", /* 0a */ 134 T, T, T, T, T, T, /* 0b..10 */ 135 "level 1 int", /* 11 */ 136 "level 2 int", /* 12 */ 137 "level 3 int", /* 13 */ 138 "level 4 int", /* 14 */ 139 "level 5 int", /* 15 */ 140 "level 6 int", /* 16 */ 141 "level 7 int", /* 17 */ 142 "level 8 int", /* 18 */ 143 "level 9 int", /* 19 */ 144 "level 10 int", /* 1a */ 145 "level 11 int", /* 1b */ 146 "level 12 int", /* 1c */ 147 "level 13 int", /* 1d */ 148 "level 14 int", /* 1e */ 149 "level 15 int", /* 1f */ 150 T, T, T, T, T, T, T, T, /* 20..27 */ 151 T, T, T, T, T, T, T, T, /* 28..2f */ 152 T, T, T, T, T, T, /* 30..35 */ 153 "cp disabled", /* 36 */ 154 T, /* 37 */ 155 T, T, T, T, T, T, T, T, /* 38..3f */ 156 "cp exception", /* 40 */ 157 T, T, T, T, T, T, T, /* 41..47 */ 158 T, T, T, T, T, T, T, T, /* 48..4f */ 159 T, T, T, T, T, T, T, T, /* 50..57 */ 160 T, T, T, T, T, T, T, T, /* 58..5f */ 161 T, T, T, T, T, T, T, T, /* 60..67 */ 162 T, T, T, T, T, T, T, T, /* 68..6f */ 163 T, T, T, T, T, T, T, T, /* 70..77 */ 164 T, T, T, T, T, T, T, T, /* 78..7f */ 165 166 /* user (software trap) vectors */ 167 "syscall", /* 80 */ 168 "breakpoint", /* 81 */ 169 "zero divide", /* 82 */ 170 "flush windows", /* 83 */ 171 "clean windows", /* 84 */ 172 "range check", /* 85 */ 173 "fix align", /* 86 */ 174 "integer overflow", /* 87 */ 175 "svr4 syscall", /* 88 */ 176 "4.4 syscall", /* 89 */ 177 "kgdb exec", /* 8a */ 178 T, T, T, T, T, /* 8b..8f */ 179 T, T, T, T, T, T, T, T, /* 9a..97 */ 180 T, T, T, T, T, T, T, T, /* 98..9f */ 181 "svr4 getcc", /* a0 */ 182 "svr4 setcc", /* a1 */ 183 "svr4 getpsr", /* a2 */ 184 "svr4 setpsr", /* a3 */ 185 "svr4 gethrtime", /* a4 */ 186 "svr4 gethrvtime", /* a5 */ 187 T, /* a6 */ 188 "svr4 gethrestime", /* a7 */ 189 }; 190 191 #define N_TRAP_TYPES (sizeof trap_type / sizeof *trap_type) 192 193 static __inline void userret __P((struct proc *, int, u_quad_t)); 194 void trap __P((unsigned, int, int, struct trapframe *)); 195 static __inline void share_fpu __P((struct proc *, struct trapframe *)); 196 void mem_access_fault __P((unsigned, int, u_int, int, int, struct trapframe *)); 197 void mem_access_fault4m __P((unsigned, u_int, u_int, struct trapframe *)); 198 void syscall __P((register_t, struct trapframe *, register_t)); 199 200 int ignore_bogus_traps = 1; 201 202 /* 203 * Define the code needed before returning to user mode, for 204 * trap, mem_access_fault, and syscall. 205 */ 206 static __inline void 207 userret(p, pc, oticks) 208 struct proc *p; 209 int pc; 210 u_quad_t oticks; 211 { 212 int sig; 213 214 /* take pending signals */ 215 while ((sig = CURSIG(p)) != 0) 216 postsig(sig); 217 p->p_priority = p->p_usrpri; 218 if (want_ast) { 219 want_ast = 0; 220 if (p->p_flag & P_OWEUPC) { 221 p->p_flag &= ~P_OWEUPC; 222 ADDUPROF(p); 223 } 224 } 225 if (want_resched) { 226 /* 227 * We are being preempted. 228 */ 229 preempt(NULL); 230 while ((sig = CURSIG(p)) != 0) 231 postsig(sig); 232 } 233 234 /* 235 * If profiling, charge recent system time to the trapped pc. 236 */ 237 if (p->p_flag & P_PROFIL) 238 addupc_task(p, pc, (int)(p->p_sticks - oticks)); 239 240 curcpu()->ci_schedstate.spc_curpriority = p->p_priority; 241 } 242 243 /* 244 * If someone stole the FPU while we were away, do not enable it 245 * on return. This is not done in userret() above as it must follow 246 * the ktrsysret() in syscall(). Actually, it is likely that the 247 * ktrsysret should occur before the call to userret. 248 */ 249 static __inline void share_fpu(p, tf) 250 struct proc *p; 251 struct trapframe *tf; 252 { 253 if ((tf->tf_psr & PSR_EF) != 0 && cpuinfo.fpproc != p) 254 tf->tf_psr &= ~PSR_EF; 255 } 256 257 /* 258 * Called from locore.s trap handling, for non-MMU-related traps. 259 * (MMU-related traps go through mem_access_fault, below.) 260 */ 261 void 262 trap(type, psr, pc, tf) 263 unsigned type; 264 int psr, pc; 265 struct trapframe *tf; 266 { 267 struct proc *p; 268 struct pcb *pcb; 269 int n; 270 char bits[64]; 271 u_quad_t sticks; 272 int sig; 273 u_long ucode; 274 275 /* This steps the PC over the trap. */ 276 #define ADVANCE (n = tf->tf_npc, tf->tf_pc = n, tf->tf_npc = n + 4) 277 278 uvmexp.traps++; /* XXXSMP */ 279 /* 280 * Generally, kernel traps cause a panic. Any exceptions are 281 * handled early here. 282 */ 283 if (psr & PSR_PS) { 284 #ifdef DDB 285 if (type == T_BREAKPOINT) { 286 write_all_windows(); 287 if (kdb_trap(type, tf)) { 288 return; 289 } 290 } 291 #endif 292 #ifdef DIAGNOSTIC 293 /* 294 * Currently, we allow DIAGNOSTIC kernel code to 295 * flush the windows to record stack traces. 296 */ 297 if (type == T_FLUSHWIN) { 298 write_all_windows(); 299 ADVANCE; 300 return; 301 } 302 #endif 303 /* 304 * Storing %fsr in cpu_attach will cause this trap 305 * even though the fpu has been enabled, if and only 306 * if there is no FPU. 307 */ 308 if (type == T_FPDISABLED && cold) { 309 ADVANCE; 310 return; 311 } 312 dopanic: 313 printf("trap type 0x%x: pc=0x%x npc=0x%x psr=%s\n", 314 type, pc, tf->tf_npc, bitmask_snprintf(psr, 315 PSR_BITS, bits, sizeof(bits))); 316 #ifdef DDB 317 (void) kdb_trap(type, tf); 318 #endif 319 panic(type < N_TRAP_TYPES ? trap_type[type] : T); 320 /* NOTREACHED */ 321 } 322 if ((p = curproc) == NULL) 323 p = &proc0; 324 sticks = p->p_sticks; 325 pcb = &p->p_addr->u_pcb; 326 p->p_md.md_tf = tf; /* for ptrace/signals */ 327 328 #ifdef FPU_DEBUG 329 if (type != T_FPDISABLED && (tf->tf_psr & PSR_EF) != 0) { 330 if (cpuinfo.fpproc != p) 331 panic("FPU enabled but wrong proc (0)"); 332 savefpstate(p->p_md.md_fpstate); 333 p->p_md.md_fpumid = -1; 334 cpuinfo.fpproc = NULL; 335 tf->tf_psr &= ~PSR_EF; 336 setpsr(getpsr() & ~PSR_EF); 337 } 338 #endif 339 340 sig = 0; 341 ucode = 0; 342 343 switch (type) { 344 345 default: 346 if (type < 0x80) { 347 if (!ignore_bogus_traps) 348 goto dopanic; 349 printf("trap type 0x%x: pc=0x%x npc=0x%x psr=%s\n", 350 type, pc, tf->tf_npc, bitmask_snprintf(psr, 351 PSR_BITS, bits, sizeof(bits))); 352 sig = SIGILL; 353 ucode = type; 354 break; 355 } 356 #if defined(COMPAT_SVR4) 357 badtrap: 358 #endif 359 #ifdef DIAGNOSTIC 360 /* the following message is gratuitous */ 361 /* ... but leave it in until we find anything */ 362 uprintf("%s[%d]: unimplemented software trap 0x%x\n", 363 p->p_comm, p->p_pid, type); 364 #endif 365 sig = SIGILL; 366 ucode = type; 367 break; 368 369 #ifdef COMPAT_SVR4 370 case T_SVR4_GETCC: 371 case T_SVR4_SETCC: 372 case T_SVR4_GETPSR: 373 case T_SVR4_SETPSR: 374 case T_SVR4_GETHRTIME: 375 case T_SVR4_GETHRVTIME: 376 case T_SVR4_GETHRESTIME: 377 if (!svr4_trap(type, p)) 378 goto badtrap; 379 break; 380 #endif 381 382 case T_AST: 383 break; /* the work is all in userret() */ 384 385 case T_ILLINST: 386 case T_UNIMPLFLUSH: 387 if ((sig = emulinstr(pc, tf)) == 0) { 388 ADVANCE; 389 break; 390 } 391 /* XXX - ucode? */ 392 break; 393 394 case T_PRIVINST: 395 sig = SIGILL; 396 /* XXX - ucode? */ 397 break; 398 399 case T_FPDISABLED: { 400 struct fpstate *fs = p->p_md.md_fpstate; 401 402 #ifdef FPU_DEBUG 403 if ((tf->tf_psr & PSR_PS) != 0) { 404 printf("FPU fault from kernel mode, pc=%x\n", pc); 405 #ifdef DDB 406 Debugger(); 407 #endif 408 } 409 #endif 410 411 KERNEL_PROC_LOCK(p); 412 if (fs == NULL) { 413 fs = malloc(sizeof *fs, M_SUBPROC, M_WAITOK); 414 *fs = initfpstate; 415 p->p_md.md_fpstate = fs; 416 } 417 /* 418 * If we have not found an FPU, we have to emulate it. 419 */ 420 if (!cpuinfo.fpupresent) { 421 #ifdef notyet 422 fpu_emulate(p, tf, fs); 423 #else 424 sig = SIGFPE; 425 /* XXX - ucode? */ 426 #endif 427 KERNEL_PROC_UNLOCK(p); 428 break; 429 } 430 /* 431 * We may have more FPEs stored up and/or ops queued. 432 * If they exist, handle them and get out. Otherwise, 433 * resolve the FPU state, turn it on, and try again. 434 */ 435 if (fs->fs_qsize) { 436 fpu_cleanup(p, fs); 437 KERNEL_PROC_UNLOCK(p); 438 break; 439 } 440 #if notyet 441 simple_lock(&cpuinfo.fplock); 442 if (cpuinfo.fpproc != p) { /* we do not have it */ 443 if (cpuinfo.fpproc != NULL) { /* someone else had it*/ 444 savefpstate(cpuinfo.fpproc->p_md.md_fpstate); 445 cpuinfo.fpproc->p_md.md_fpumid = -1; 446 } 447 /* 448 * On MP machines, some of the other FPUs might 449 * still have our state. Tell the owning processor 450 * to save the process' FPU state. 451 */ 452 cpi = p->p_md.md_fpumid; 453 if (cpi != NULL) { 454 if (cpi->mid == cpuinfo.mid) 455 panic("FPU on module %d\n", mid); 456 LOCK_XPMSG(); 457 simple_lock(&cpi->fplock); 458 simple_lock(&cpi->msg.lock); 459 cpi->msg.tag = XPMSG_SAVEFPU; 460 raise_ipi_wait_and_unlock(cpi); 461 UNLOCK_XPMSG(); 462 } 463 loadfpstate(fs); 464 cpuinfo.fpproc = p; /* now we do have it */ 465 p->p_md.md_fpumid = cpuinfo.mid; 466 } 467 simple_unlock(&cpuinfo.fplock); 468 #else 469 if (cpuinfo.fpproc != p) { /* we do not have it */ 470 int mid; 471 472 mid = p->p_md.md_fpumid; 473 if (cpuinfo.fpproc != NULL) { /* someone else had it*/ 474 savefpstate(cpuinfo.fpproc->p_md.md_fpstate); 475 cpuinfo.fpproc->p_md.md_fpumid = -1; 476 } 477 /* 478 * On MP machines, some of the other FPUs might 479 * still have our state. We can't handle that yet, 480 * so panic if it happens. Possible solutions: 481 * (1) send an inter-processor message to have the 482 * other FPU save the state, or (2) don't do lazy FPU 483 * context switching at all. 484 */ 485 if (mid != -1 && mid != cpuinfo.mid) { 486 printf("own FPU on module %d\n", mid); 487 panic("fix this"); 488 } 489 loadfpstate(fs); 490 cpuinfo.fpproc = p; /* now we do have it */ 491 p->p_md.md_fpumid = cpuinfo.mid; 492 } 493 #endif 494 KERNEL_PROC_UNLOCK(p); 495 tf->tf_psr |= PSR_EF; 496 break; 497 } 498 499 case T_WINOF: 500 KERNEL_PROC_LOCK(p); 501 if (rwindow_save(p)) 502 sigexit(p, SIGILL); 503 KERNEL_PROC_UNLOCK(p); 504 break; 505 506 #define read_rw(src, dst) \ 507 copyin((caddr_t)(src), (caddr_t)(dst), sizeof(struct rwindow)) 508 509 case T_RWRET: 510 /* 511 * T_RWRET is a window load needed in order to rett. 512 * It simply needs the window to which tf->tf_out[6] 513 * (%sp) points. There are no user or saved windows now. 514 * Copy the one from %sp into pcb->pcb_rw[0] and set 515 * nsaved to -1. If we decide to deliver a signal on 516 * our way out, we will clear nsaved. 517 */ 518 KERNEL_PROC_LOCK(p); 519 if (pcb->pcb_uw || pcb->pcb_nsaved) 520 panic("trap T_RWRET 1"); 521 #ifdef DEBUG 522 if (rwindow_debug) 523 printf("%s[%d]: rwindow: pcb<-stack: 0x%x\n", 524 p->p_comm, p->p_pid, tf->tf_out[6]); 525 #endif 526 if (read_rw(tf->tf_out[6], &pcb->pcb_rw[0])) 527 sigexit(p, SIGILL); 528 if (pcb->pcb_nsaved) 529 panic("trap T_RWRET 2"); 530 pcb->pcb_nsaved = -1; /* mark success */ 531 KERNEL_PROC_UNLOCK(p); 532 break; 533 534 case T_WINUF: 535 /* 536 * T_WINUF is a real window underflow, from a restore 537 * instruction. It needs to have the contents of two 538 * windows---the one belonging to the restore instruction 539 * itself, which is at its %sp, and the one belonging to 540 * the window above, which is at its %fp or %i6---both 541 * in the pcb. The restore's window may still be in 542 * the cpu; we need to force it out to the stack. 543 */ 544 KERNEL_PROC_LOCK(p); 545 #ifdef DEBUG 546 if (rwindow_debug) 547 printf("%s[%d]: rwindow: T_WINUF 0: pcb<-stack: 0x%x\n", 548 p->p_comm, p->p_pid, tf->tf_out[6]); 549 #endif 550 write_user_windows(); 551 if (rwindow_save(p) || read_rw(tf->tf_out[6], &pcb->pcb_rw[0])) 552 sigexit(p, SIGILL); 553 #ifdef DEBUG 554 if (rwindow_debug) 555 printf("%s[%d]: rwindow: T_WINUF 1: pcb<-stack: 0x%x\n", 556 p->p_comm, p->p_pid, pcb->pcb_rw[0].rw_in[6]); 557 #endif 558 if (read_rw(pcb->pcb_rw[0].rw_in[6], &pcb->pcb_rw[1])) 559 sigexit(p, SIGILL); 560 if (pcb->pcb_nsaved) 561 panic("trap T_WINUF"); 562 pcb->pcb_nsaved = -1; /* mark success */ 563 KERNEL_PROC_UNLOCK(p); 564 break; 565 566 case T_ALIGN: 567 if ((p->p_md.md_flags & MDP_FIXALIGN) != 0) { 568 KERNEL_PROC_LOCK(p); 569 n = fixalign(p, tf); 570 KERNEL_PROC_UNLOCK(p); 571 if (n == 0) { 572 ADVANCE; 573 break; 574 } 575 } 576 sig = SIGBUS; 577 /* XXX - ucode? */ 578 break; 579 580 case T_FPE: 581 /* 582 * Clean up after a floating point exception. 583 * fpu_cleanup can (and usually does) modify the 584 * state we save here, so we must `give up' the FPU 585 * chip context. (The software and hardware states 586 * will not match once fpu_cleanup does its job, so 587 * we must not save again later.) 588 */ 589 KERNEL_PROC_LOCK(p); 590 if (p != cpuinfo.fpproc) 591 panic("fpe without being the FP user"); 592 savefpstate(p->p_md.md_fpstate); 593 cpuinfo.fpproc = NULL; 594 /* tf->tf_psr &= ~PSR_EF; */ /* share_fpu will do this */ 595 fpu_cleanup(p, p->p_md.md_fpstate); 596 KERNEL_PROC_UNLOCK(p); 597 /* fpu_cleanup posts signals if needed */ 598 #if 0 /* ??? really never??? */ 599 ADVANCE; 600 #endif 601 break; 602 603 case T_TAGOF: 604 sig = SIGEMT; 605 /* XXX - ucode? */ 606 break; 607 608 case T_CPDISABLED: 609 uprintf("coprocessor instruction\n"); /* XXX */ 610 sig = SIGILL; 611 /* XXX - ucode? */ 612 break; 613 614 case T_BREAKPOINT: 615 sig = SIGTRAP; 616 break; 617 618 case T_DIV0: 619 case T_IDIV0: 620 ADVANCE; 621 sig = SIGFPE; 622 ucode = FPE_INTDIV_TRAP; 623 break; 624 625 case T_FLUSHWIN: 626 write_user_windows(); 627 #ifdef probably_slower_since_this_is_usually_false 628 KERNEL_PROC_LOCK(p); 629 if (pcb->pcb_nsaved && rwindow_save(p)) 630 sigexit(p, SIGILL); 631 KERNEL_PROC_UNLOCK(p); 632 #endif 633 ADVANCE; 634 break; 635 636 case T_CLEANWIN: 637 uprintf("T_CLEANWIN\n"); /* XXX */ 638 ADVANCE; 639 break; 640 641 case T_RANGECHECK: 642 uprintf("T_RANGECHECK\n"); /* XXX */ 643 ADVANCE; 644 sig = SIGILL; 645 /* XXX - ucode? */ 646 break; 647 648 case T_FIXALIGN: 649 #ifdef DEBUG_ALIGN 650 uprintf("T_FIXALIGN\n"); 651 #endif 652 /* User wants us to fix alignment faults */ 653 p->p_md.md_flags |= MDP_FIXALIGN; 654 ADVANCE; 655 break; 656 657 case T_INTOF: 658 uprintf("T_INTOF\n"); /* XXX */ 659 ADVANCE; 660 sig = SIGFPE; 661 ucode = FPE_INTOVF_TRAP; 662 break; 663 } 664 if (sig != 0) { 665 KERNEL_PROC_LOCK(p); 666 trapsignal(p, sig, ucode); 667 KERNEL_PROC_UNLOCK(p); 668 } 669 userret(p, pc, sticks); 670 share_fpu(p, tf); 671 #undef ADVANCE 672 } 673 674 /* 675 * Save windows from PCB into user stack, and return 0. This is used on 676 * window overflow pseudo-traps (from locore.s, just before returning to 677 * user mode) and when ptrace or sendsig needs a consistent state. 678 * As a side effect, rwindow_save() always sets pcb_nsaved to 0, 679 * clobbering the `underflow restore' indicator if it was -1. 680 * 681 * If the windows cannot be saved, pcb_nsaved is restored and we return -1. 682 */ 683 int 684 rwindow_save(p) 685 struct proc *p; 686 { 687 struct pcb *pcb = &p->p_addr->u_pcb; 688 struct rwindow *rw = &pcb->pcb_rw[0]; 689 int i; 690 691 i = pcb->pcb_nsaved; 692 if (i < 0) { 693 pcb->pcb_nsaved = 0; 694 return (0); 695 } 696 if (i == 0) 697 return (0); 698 #ifdef DEBUG 699 if (rwindow_debug) 700 printf("%s[%d]: rwindow: pcb->stack:", p->p_comm, p->p_pid); 701 #endif 702 do { 703 #ifdef DEBUG 704 if (rwindow_debug) 705 printf(" 0x%x", rw[1].rw_in[6]); 706 #endif 707 if (copyout((caddr_t)rw, (caddr_t)rw[1].rw_in[6], 708 sizeof *rw)) 709 return (-1); 710 rw++; 711 } while (--i > 0); 712 #ifdef DEBUG 713 if (rwindow_debug) 714 printf("\n"); 715 #endif 716 pcb->pcb_nsaved = 0; 717 return (0); 718 } 719 720 /* 721 * Kill user windows (before exec) by writing back to stack or pcb 722 * and then erasing any pcb tracks. Otherwise we might try to write 723 * the registers into the new process after the exec. 724 */ 725 void 726 kill_user_windows(p) 727 struct proc *p; 728 { 729 730 write_user_windows(); 731 p->p_addr->u_pcb.pcb_nsaved = 0; 732 } 733 734 /* 735 * Called from locore.s trap handling, for synchronous memory faults. 736 * 737 * This duplicates a lot of logic in trap() and perhaps should be 738 * moved there; but the bus-error-register parameters are unique to 739 * this routine. 740 * 741 * Since synchronous errors accumulate during prefetch, we can have 742 * more than one `cause'. But we do not care what the cause, here; 743 * we just want to page in the page and try again. 744 */ 745 void 746 mem_access_fault(type, ser, v, pc, psr, tf) 747 unsigned type; 748 int ser; 749 u_int v; 750 int pc, psr; 751 struct trapframe *tf; 752 { 753 #if defined(SUN4) || defined(SUN4C) 754 struct proc *p; 755 struct vmspace *vm; 756 vaddr_t va; 757 int rv = EFAULT; 758 vm_prot_t atype; 759 int onfault; 760 u_quad_t sticks; 761 char bits[64]; 762 763 uvmexp.traps++; 764 if ((p = curproc) == NULL) /* safety check */ 765 p = &proc0; 766 sticks = p->p_sticks; 767 768 if ((psr & PSR_PS) == 0) 769 KERNEL_PROC_LOCK(p); 770 771 #ifdef FPU_DEBUG 772 if ((tf->tf_psr & PSR_EF) != 0) { 773 if (cpuinfo.fpproc != p) 774 panic("FPU enabled but wrong proc (1)"); 775 savefpstate(p->p_md.md_fpstate); 776 p->p_md.md_fpumid = -1; 777 cpuinfo.fpproc = NULL; 778 tf->tf_psr &= ~PSR_EF; 779 setpsr(getpsr() & ~PSR_EF); 780 } 781 #endif 782 783 /* 784 * Figure out what to pass the VM code, and ignore the sva register 785 * value in v on text faults (text faults are always at pc). 786 * Kernel faults are somewhat different: text faults are always 787 * illegal, and data faults are extra complex. User faults must 788 * set p->p_md.md_tf, in case we decide to deliver a signal. Check 789 * for illegal virtual addresses early since those can induce more 790 * faults. 791 */ 792 if (type == T_TEXTFAULT) 793 v = pc; 794 if (VA_INHOLE(v)) { 795 rv = EACCES; 796 goto fault; 797 } 798 atype = ser & SER_WRITE ? VM_PROT_WRITE : VM_PROT_READ; 799 va = trunc_page(v); 800 if (psr & PSR_PS) { 801 extern char Lfsbail[]; 802 if (type == T_TEXTFAULT) { 803 (void) splhigh(); 804 printf("text fault: pc=0x%x ser=%s\n", pc, 805 bitmask_snprintf(ser, SER_BITS, bits, sizeof(bits))); 806 panic("kernel fault"); 807 /* NOTREACHED */ 808 } 809 /* 810 * If this was an access that we shouldn't try to page in, 811 * resume at the fault handler without any action. 812 */ 813 if (p->p_addr && p->p_addr->u_pcb.pcb_onfault == Lfsbail) 814 goto kfault; 815 816 /* 817 * During autoconfiguration, faults are never OK unless 818 * pcb_onfault is set. Once running normally we must allow 819 * exec() to cause copy-on-write faults to kernel addresses. 820 */ 821 if (cold) 822 goto kfault; 823 if (va >= KERNBASE) { 824 rv = uvm_fault(kernel_map, va, 0, atype); 825 if (rv == 0) 826 return; 827 goto kfault; 828 } 829 } else 830 p->p_md.md_tf = tf; 831 832 /* 833 * mmu_pagein returns -1 if the page is already valid, in which 834 * case we have a hard fault; it returns 1 if it loads a segment 835 * that got bumped out via LRU replacement. 836 */ 837 vm = p->p_vmspace; 838 rv = mmu_pagein(vm->vm_map.pmap, va, 839 ser & SER_WRITE ? VM_PROT_WRITE : VM_PROT_READ); 840 if (rv < 0) { 841 rv = EACCES; 842 goto fault; 843 } 844 if (rv > 0) 845 goto out; 846 847 /* alas! must call the horrible vm code */ 848 rv = uvm_fault(&vm->vm_map, (vaddr_t)va, 0, atype); 849 if (rv == EACCES) { 850 rv = EFAULT; 851 } 852 853 /* 854 * If this was a stack access we keep track of the maximum 855 * accessed stack size. Also, if vm_fault gets a protection 856 * failure it is due to accessing the stack region outside 857 * the current limit and we need to reflect that as an access 858 * error. 859 */ 860 if ((caddr_t)va >= vm->vm_maxsaddr 861 #ifdef COMPAT_SUNOS 862 && !(p->p_emul == &emul_sunos && va < USRSTACK - 863 (vaddr_t)p->p_limit->pl_rlimit[RLIMIT_STACK].rlim_cur + 864 SUNOS_MAXSADDR_SLOP) 865 #endif 866 && rv == 0) { 867 vaddr_t nss = btoc(USRSTACK - va); 868 if (nss > vm->vm_ssize) 869 vm->vm_ssize = nss; 870 } 871 if (rv == 0) { 872 /* 873 * pmap_enter() does not enter all requests made from 874 * vm_fault into the MMU (as that causes unnecessary 875 * entries for `wired' pages). Instead, we call 876 * mmu_pagein here to make sure the new PTE gets installed. 877 */ 878 (void) mmu_pagein(vm->vm_map.pmap, va, VM_PROT_NONE); 879 } else { 880 /* 881 * Pagein failed. If doing copyin/out, return to onfault 882 * address. Any other page fault in kernel, die; if user 883 * fault, deliver SIGSEGV. 884 */ 885 fault: 886 if (psr & PSR_PS) { 887 kfault: 888 onfault = p->p_addr ? 889 (int)p->p_addr->u_pcb.pcb_onfault : 0; 890 if (!onfault) { 891 (void) splhigh(); 892 printf("data fault: pc=0x%x addr=0x%x ser=%s\n", 893 pc, v, bitmask_snprintf(ser, SER_BITS, 894 bits, sizeof(bits))); 895 panic("kernel fault"); 896 /* NOTREACHED */ 897 } 898 tf->tf_pc = onfault; 899 tf->tf_npc = onfault + 4; 900 tf->tf_out[0] = rv; 901 return; 902 } 903 if (rv == ENOMEM) { 904 printf("UVM: pid %d (%s), uid %d killed: out of swap\n", 905 p->p_pid, p->p_comm, 906 p->p_cred && p->p_ucred ? 907 p->p_ucred->cr_uid : -1); 908 trapsignal(p, SIGKILL, (u_int)v); 909 } else 910 trapsignal(p, SIGSEGV, (u_int)v); 911 } 912 out: 913 if ((psr & PSR_PS) == 0) { 914 KERNEL_PROC_UNLOCK(p); 915 userret(p, pc, sticks); 916 share_fpu(p, tf); 917 } 918 #endif /* Sun4/Sun4C */ 919 } 920 921 #if defined(SUN4M) /* 4m version of mem_access_fault() follows */ 922 static int tfaultaddr = (int) 0xdeadbeef; 923 924 void 925 mem_access_fault4m(type, sfsr, sfva, tf) 926 unsigned type; 927 u_int sfsr; 928 u_int sfva; 929 struct trapframe *tf; 930 { 931 int pc, psr; 932 struct proc *p; 933 struct vmspace *vm; 934 vaddr_t va; 935 int rv = EFAULT; 936 vm_prot_t atype; 937 int onfault; 938 u_quad_t sticks; 939 char bits[64]; 940 941 uvmexp.traps++; /* XXXSMP */ 942 943 if ((p = curproc) == NULL) /* safety check */ 944 p = &proc0; 945 sticks = p->p_sticks; 946 947 #ifdef FPU_DEBUG 948 if ((tf->tf_psr & PSR_EF) != 0) { 949 if (cpuinfo.fpproc != p) 950 panic("FPU enabled but wrong proc (2)"); 951 savefpstate(p->p_md.md_fpstate); 952 p->p_md.md_fpumid = -1; 953 cpuinfo.fpproc = NULL; 954 tf->tf_psr &= ~PSR_EF; 955 setpsr(getpsr() & ~PSR_EF); 956 } 957 #endif 958 959 pc = tf->tf_pc; /* These are needed below */ 960 psr = tf->tf_psr; 961 962 /* 963 * Our first priority is handling serious faults, such as 964 * parity errors or async faults that might have come through here. 965 * If afsr & AFSR_AFO != 0, then we're on a HyperSPARC and we 966 * got an async fault. We pass it on to memerr4m. Similarly, if 967 * the trap was T_STOREBUFFAULT, we pass it on to memerr4m. 968 * If we have a data fault, but SFSR_FAV is not set in the sfsr, 969 * then things are really bizarre, and we treat it as a hard 970 * error and pass it on to memerr4m. See section 8.12.4 in the 971 * SuperSPARC user's guide for more info, and for a possible 972 * solution which we don't implement here. 973 * Note: store buffer faults may also lead to a level 15 interrupt 974 * being posted to the module (see sun4m system architecture, 975 * section B.I.9). 976 */ 977 if (type == T_STOREBUFFAULT || 978 (type == T_DATAFAULT && (sfsr & SFSR_FAV) == 0)) { 979 (*cpuinfo.memerr)(type, sfsr, sfva, tf); 980 /* 981 * If we get here, exit the trap handler and wait for the 982 * trap to re-occur. 983 */ 984 goto out_nounlock; 985 } 986 987 if ((psr & PSR_PS) == 0) 988 KERNEL_PROC_LOCK(p); 989 else 990 KERNEL_LOCK(LK_CANRECURSE|LK_EXCLUSIVE); 991 992 /* 993 * Figure out what to pass the VM code. We cannot ignore the sfva 994 * register on text faults, since this might be a trap on an 995 * alternate-ASI access to code space. However, if we're on a 996 * supersparc, we can't help using PC, since we don't get a VA in 997 * sfva. 998 * Kernel faults are somewhat different: text faults are always 999 * illegal, and data faults are extra complex. User faults must 1000 * set p->p_md.md_tf, in case we decide to deliver a signal. Check 1001 * for illegal virtual addresses early since those can induce more 1002 * faults. 1003 * All translation faults are illegal, and result in a SIGSEGV 1004 * being delivered to the running process (or a kernel panic, for 1005 * a kernel fault). We check the translation first to make sure 1006 * it is not spurious. 1007 * Also, note that in the case where we have an overwritten 1008 * text fault (OW==1, AT==2,3), we attempt to service the 1009 * second (overwriting) fault, then restart the instruction 1010 * (which is from the first fault) and allow the first trap 1011 * to reappear. XXX is this right? It will probably change... 1012 */ 1013 if ((sfsr & SFSR_FT) == SFSR_FT_NONE) 1014 goto out; /* No fault. Why were we called? */ 1015 1016 /* 1017 * NOTE: the per-CPU fault status register readers (in locore) 1018 * may already have decided to pass `pc' in `sfva', so we avoid 1019 * testing CPU types here. 1020 * Q: test SFSR_FAV in the locore stubs too? 1021 */ 1022 if ((sfsr & SFSR_FAV) == 0) { 1023 if (type == T_TEXTFAULT) 1024 sfva = pc; 1025 else { 1026 rv = EACCES; 1027 goto fault; 1028 } 1029 } 1030 1031 if ((sfsr & SFSR_FT) == SFSR_FT_TRANSERR) { 1032 /* 1033 * Translation errors are always fatal, as they indicate 1034 * a corrupt translation (page) table hierarchy. 1035 */ 1036 rv = EACCES; 1037 1038 /* XXXSMP - why bother with this anyway? */ 1039 if (tfaultaddr == sfva) /* Prevent infinite loops w/a static */ 1040 goto fault; 1041 tfaultaddr = sfva; 1042 if ((lda((sfva & 0xFFFFF000) | ASI_SRMMUFP_LN, ASI_SRMMUFP) & 1043 SRMMU_TETYPE) != SRMMU_TEPTE) 1044 goto fault; /* Translation bad */ 1045 lda(SRMMU_SFSR, ASI_SRMMU); 1046 #ifdef DEBUG 1047 printf("mem_access_fault4m: SFSR_FT_TRANSERR: " 1048 "pid %d, va 0x%x: retrying\n", p->p_pid, sfva); 1049 #endif 1050 goto out; /* Translation OK, retry operation */ 1051 } 1052 1053 va = trunc_page(sfva); 1054 1055 if (((sfsr & SFSR_AT_TEXT) || type == T_TEXTFAULT) && 1056 !(sfsr & SFSR_AT_STORE) && (sfsr & SFSR_OW)) { 1057 if (psr & PSR_PS) /* never allow in kernel */ 1058 goto kfault; 1059 #if 0 1060 /* 1061 * Double text fault. The evil "case 5" from the HS manual... 1062 * Attempt to handle early fault. Ignores ASI 8,9 issue...may 1063 * do a useless VM read. 1064 * XXX: Is this really necessary? 1065 */ 1066 if (cpuinfo.cpu_type == CPUTYP_HS_MBUS) { 1067 /* On HS, we have va for both */ 1068 vm = p->p_vmspace; 1069 if (uvm_fault(&vm->vm_map, trunc_page(pc), 1070 0, VM_PROT_READ) != 0) 1071 #ifdef DEBUG 1072 printf("mem_access_fault: " 1073 "can't pagein 1st text fault.\n") 1074 #endif 1075 ; 1076 } 1077 #endif 1078 } 1079 1080 /* Now munch on protections... */ 1081 atype = sfsr & SFSR_AT_STORE ? VM_PROT_WRITE : VM_PROT_READ; 1082 if (psr & PSR_PS) { 1083 extern char Lfsbail[]; 1084 if (sfsr & SFSR_AT_TEXT || type == T_TEXTFAULT) { 1085 (void) splhigh(); 1086 printf("text fault: pc=0x%x sfsr=%s sfva=0x%x\n", pc, 1087 bitmask_snprintf(sfsr, SFSR_BITS, bits, 1088 sizeof(bits)), sfva); 1089 panic("kernel fault"); 1090 /* NOTREACHED */ 1091 } 1092 /* 1093 * If this was an access that we shouldn't try to page in, 1094 * resume at the fault handler without any action. 1095 */ 1096 if (p->p_addr && p->p_addr->u_pcb.pcb_onfault == Lfsbail) 1097 goto kfault; 1098 1099 /* 1100 * During autoconfiguration, faults are never OK unless 1101 * pcb_onfault is set. Once running normally we must allow 1102 * exec() to cause copy-on-write faults to kernel addresses. 1103 */ 1104 if (cold) 1105 goto kfault; 1106 if (va >= KERNBASE) { 1107 rv = uvm_fault(kernel_map, va, 0, atype); 1108 if (rv == 0) { 1109 KERNEL_UNLOCK(); 1110 return; 1111 } 1112 goto kfault; 1113 } 1114 } else 1115 p->p_md.md_tf = tf; 1116 1117 vm = p->p_vmspace; 1118 1119 /* alas! must call the horrible vm code */ 1120 rv = uvm_fault(&vm->vm_map, (vaddr_t)va, 0, atype); 1121 if (rv == EACCES) { 1122 rv = EFAULT; 1123 } 1124 1125 /* 1126 * If this was a stack access we keep track of the maximum 1127 * accessed stack size. Also, if vm_fault gets a protection 1128 * failure it is due to accessing the stack region outside 1129 * the current limit and we need to reflect that as an access 1130 * error. 1131 */ 1132 if ((caddr_t)va >= vm->vm_maxsaddr && rv == 0) { 1133 vaddr_t nss = btoc(USRSTACK - va); 1134 if (nss > vm->vm_ssize) 1135 vm->vm_ssize = nss; 1136 } 1137 if (rv != 0) { 1138 /* 1139 * Pagein failed. If doing copyin/out, return to onfault 1140 * address. Any other page fault in kernel, die; if user 1141 * fault, deliver SIGSEGV. 1142 */ 1143 fault: 1144 if (psr & PSR_PS) { 1145 kfault: 1146 onfault = p->p_addr ? 1147 (int)p->p_addr->u_pcb.pcb_onfault : 0; 1148 if (!onfault) { 1149 (void) splhigh(); 1150 printf("data fault: pc=0x%x addr=0x%x sfsr=%s\n", 1151 pc, sfva, bitmask_snprintf(sfsr, SFSR_BITS, 1152 bits, sizeof(bits))); 1153 panic("kernel fault"); 1154 /* NOTREACHED */ 1155 } 1156 tf->tf_pc = onfault; 1157 tf->tf_npc = onfault + 4; 1158 tf->tf_out[0] = rv; 1159 KERNEL_UNLOCK(); 1160 return; 1161 } 1162 if (rv == ENOMEM) { 1163 printf("UVM: pid %d (%s), uid %d killed: out of swap\n", 1164 p->p_pid, p->p_comm, 1165 p->p_cred && p->p_ucred ? 1166 p->p_ucred->cr_uid : -1); 1167 trapsignal(p, SIGKILL, (u_int)sfva); 1168 } else 1169 trapsignal(p, SIGSEGV, (u_int)sfva); 1170 } 1171 out: 1172 if ((psr & PSR_PS) == 0) { 1173 KERNEL_PROC_UNLOCK(p); 1174 out_nounlock: 1175 userret(p, pc, sticks); 1176 share_fpu(p, tf); 1177 } 1178 else 1179 KERNEL_UNLOCK(); 1180 } 1181 #endif 1182 1183 /* 1184 * System calls. `pc' is just a copy of tf->tf_pc. 1185 * 1186 * Note that the things labelled `out' registers in the trapframe were the 1187 * `in' registers within the syscall trap code (because of the automatic 1188 * `save' effect of each trap). They are, however, the %o registers of the 1189 * thing that made the system call, and are named that way here. 1190 */ 1191 void 1192 syscall(code, tf, pc) 1193 register_t code; 1194 struct trapframe *tf; 1195 register_t pc; 1196 { 1197 int i, nsys, *ap, nap; 1198 const struct sysent *callp; 1199 struct proc *p; 1200 int error, new; 1201 struct args { 1202 register_t i[8]; 1203 } args; 1204 register_t rval[2]; 1205 u_quad_t sticks; 1206 1207 uvmexp.syscalls++; /* XXXSMP */ 1208 p = curproc; 1209 1210 1211 #ifdef DIAGNOSTIC 1212 if (tf->tf_psr & PSR_PS) 1213 panic("syscall"); 1214 if (cpuinfo.curpcb != &p->p_addr->u_pcb) 1215 panic("syscall cpcb/ppcb"); 1216 if (tf != (struct trapframe *)((caddr_t)cpuinfo.curpcb + USPACE) - 1) 1217 panic("syscall trapframe"); 1218 #endif 1219 sticks = p->p_sticks; 1220 p->p_md.md_tf = tf; 1221 new = code & (SYSCALL_G7RFLAG | SYSCALL_G2RFLAG); 1222 code &= ~(SYSCALL_G7RFLAG | SYSCALL_G2RFLAG); 1223 1224 #ifdef FPU_DEBUG 1225 if ((tf->tf_psr & PSR_EF) != 0) { 1226 if (cpuinfo.fpproc != p) 1227 panic("FPU enabled but wrong proc (3)"); 1228 savefpstate(p->p_md.md_fpstate); 1229 p->p_md.md_fpumid = -1; 1230 cpuinfo.fpproc = NULL; 1231 tf->tf_psr &= ~PSR_EF; 1232 setpsr(getpsr() & ~PSR_EF); 1233 } 1234 #endif 1235 1236 callp = p->p_emul->e_sysent; 1237 nsys = p->p_emul->e_nsysent; 1238 1239 /* 1240 * The first six system call arguments are in the six %o registers. 1241 * Any arguments beyond that are in the `argument extension' area 1242 * of the user's stack frame (see <machine/frame.h>). 1243 * 1244 * Check for ``special'' codes that alter this, namely syscall and 1245 * __syscall. The latter takes a quad syscall number, so that other 1246 * arguments are at their natural alignments. Adjust the number 1247 * of ``easy'' arguments as appropriate; we will copy the hard 1248 * ones later as needed. 1249 */ 1250 ap = &tf->tf_out[0]; 1251 nap = 6; 1252 1253 switch (code) { 1254 case SYS_syscall: 1255 code = *ap++; 1256 nap--; 1257 break; 1258 case SYS___syscall: 1259 if (!(p->p_emul->e_flags & EMUL_HAS_SYS___syscall)) 1260 break; 1261 code = ap[_QUAD_LOWWORD]; 1262 ap += 2; 1263 nap -= 2; 1264 break; 1265 } 1266 1267 if (code < 0 || code >= nsys) 1268 callp += p->p_emul->e_nosys; 1269 else { 1270 callp += code; 1271 i = callp->sy_argsize / sizeof(register_t); 1272 if (i > nap) { /* usually false */ 1273 if (i > 8) 1274 panic("syscall nargs"); 1275 error = copyin((caddr_t)tf->tf_out[6] + 1276 offsetof(struct frame, fr_argx), 1277 (caddr_t)&args.i[nap], (i - nap) * sizeof(register_t)); 1278 if (error) { 1279 #ifdef KTRACE 1280 if (KTRPOINT(p, KTR_SYSCALL)) 1281 ktrsyscall(p, code, 1282 callp->sy_argsize, args.i); 1283 #endif 1284 goto bad; 1285 } 1286 i = nap; 1287 } 1288 copywords(ap, args.i, i * sizeof(register_t)); 1289 } 1290 #ifdef SYSCALL_DEBUG 1291 scdebug_call(p, code, args.i); 1292 #endif /* SYSCALL_DEBUG */ 1293 1294 /* Lock the kernel if the syscall isn't MP-safe. */ 1295 if ((callp->sy_flags & SYCALL_MPSAFE) == 0) 1296 KERNEL_PROC_LOCK(p); 1297 1298 #ifdef KTRACE 1299 if (KTRPOINT(p, KTR_SYSCALL)) 1300 ktrsyscall(p, code, callp->sy_argsize, args.i); 1301 #endif 1302 rval[0] = 0; 1303 rval[1] = tf->tf_out[1]; 1304 error = (*callp->sy_call)(p, &args, rval); 1305 1306 if ((callp->sy_flags & SYCALL_MPSAFE) == 0) 1307 KERNEL_PROC_UNLOCK(p); 1308 1309 switch (error) { 1310 case 0: 1311 /* Note: fork() does not return here in the child */ 1312 tf->tf_out[0] = rval[0]; 1313 tf->tf_out[1] = rval[1]; 1314 if (new) { 1315 /* jmp %g2 (or %g7, deprecated) on success */ 1316 i = tf->tf_global[new & SYSCALL_G2RFLAG ? 2 : 7]; 1317 if (i & 3) { 1318 error = EINVAL; 1319 goto bad; 1320 } 1321 } else { 1322 /* old system call convention: clear C on success */ 1323 tf->tf_psr &= ~PSR_C; /* success */ 1324 i = tf->tf_npc; 1325 } 1326 tf->tf_pc = i; 1327 tf->tf_npc = i + 4; 1328 break; 1329 1330 case ERESTART: 1331 case EJUSTRETURN: 1332 /* nothing to do */ 1333 break; 1334 1335 default: 1336 bad: 1337 if (p->p_emul->e_errno) 1338 error = p->p_emul->e_errno[error]; 1339 tf->tf_out[0] = error; 1340 tf->tf_psr |= PSR_C; /* fail */ 1341 i = tf->tf_npc; 1342 tf->tf_pc = i; 1343 tf->tf_npc = i + 4; 1344 break; 1345 } 1346 1347 #ifdef SYSCALL_DEBUG 1348 scdebug_ret(p, code, error, rval); 1349 #endif /* SYSCALL_DEBUG */ 1350 userret(p, pc, sticks); 1351 #ifdef KTRACE 1352 if (KTRPOINT(p, KTR_SYSRET)) { 1353 KERNEL_PROC_LOCK(p); 1354 ktrsysret(p, code, error, rval[0]); 1355 KERNEL_PROC_UNLOCK(p); 1356 } 1357 #endif 1358 share_fpu(p, tf); 1359 } 1360 1361 /* 1362 * Process the tail end of a fork() for the child. 1363 */ 1364 void 1365 child_return(arg) 1366 void *arg; 1367 { 1368 struct proc *p = arg; 1369 1370 /* 1371 * Return values in the frame set by cpu_fork(). 1372 */ 1373 KERNEL_PROC_UNLOCK(p); 1374 userret(p, p->p_md.md_tf->tf_pc, 0); 1375 #ifdef KTRACE 1376 if (KTRPOINT(p, KTR_SYSRET)) { 1377 KERNEL_PROC_LOCK(p); 1378 ktrsysret(p, 1379 (p->p_flag & P_PPWAIT) ? SYS_vfork : SYS_fork, 0, 0); 1380 KERNEL_PROC_UNLOCK(p); 1381 } 1382 #endif 1383 } 1384