1 /* $NetBSD: trap.c,v 1.113 2002/11/15 20:06:04 manu Exp $ */ 2 3 /* 4 * Copyright (c) 1996 5 * The President and Fellows of Harvard College. All rights reserved. 6 * Copyright (c) 1992, 1993 7 * The Regents of the University of California. All rights reserved. 8 * 9 * This software was developed by the Computer Systems Engineering group 10 * at Lawrence Berkeley Laboratory under DARPA contract BG 91-66 and 11 * contributed to Berkeley. 12 * 13 * All advertising materials mentioning features or use of this software 14 * must display the following acknowledgement: 15 * This product includes software developed by the University of 16 * California, Lawrence Berkeley Laboratory. 17 * This product includes software developed by Harvard University. 18 * 19 * Redistribution and use in source and binary forms, with or without 20 * modification, are permitted provided that the following conditions 21 * are met: 22 * 1. Redistributions of source code must retain the above copyright 23 * notice, this list of conditions and the following disclaimer. 24 * 2. Redistributions in binary form must reproduce the above copyright 25 * notice, this list of conditions and the following disclaimer in the 26 * documentation and/or other materials provided with the distribution. 27 * 3. All advertising materials mentioning features or use of this software 28 * must display the following acknowledgement: 29 * This product includes software developed by the University of 30 * California, Berkeley and its contributors. 31 * This product includes software developed by Harvard University. 32 * 4. Neither the name of the University nor the names of its contributors 33 * may be used to endorse or promote products derived from this software 34 * without specific prior written permission. 35 * 36 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 37 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 39 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 40 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 41 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 42 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 44 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 45 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 46 * SUCH DAMAGE. 47 * 48 * @(#)trap.c 8.4 (Berkeley) 9/23/93 49 */ 50 51 #include "opt_ddb.h" 52 #include "opt_ktrace.h" 53 #include "opt_systrace.h" 54 #include "opt_compat_svr4.h" 55 #include "opt_compat_sunos.h" 56 #include "opt_sparc_arch.h" 57 58 #include <sys/param.h> 59 #include <sys/systm.h> 60 #include <sys/proc.h> 61 #include <sys/user.h> 62 #include <sys/kernel.h> 63 #include <sys/malloc.h> 64 #include <sys/resource.h> 65 #include <sys/signal.h> 66 #include <sys/wait.h> 67 #include <sys/syscall.h> 68 #include <sys/syslog.h> 69 #ifdef KTRACE 70 #include <sys/ktrace.h> 71 #endif 72 #ifdef SYSTRACE 73 #include <sys/systrace.h> 74 #endif 75 76 #include <uvm/uvm_extern.h> 77 78 #include <sparc/sparc/asm.h> 79 #include <machine/cpu.h> 80 #include <machine/ctlreg.h> 81 #include <machine/trap.h> 82 #include <machine/instr.h> 83 #include <machine/pmap.h> 84 85 #ifdef DDB 86 #include <machine/db_machdep.h> 87 #else 88 #include <machine/frame.h> 89 #endif 90 #ifdef COMPAT_SVR4 91 #include <machine/svr4_machdep.h> 92 #endif 93 #ifdef COMPAT_SUNOS 94 extern struct emul emul_sunos; 95 #define SUNOS_MAXSADDR_SLOP (32 * 1024) 96 #endif 97 98 #include <sparc/fpu/fpu_extern.h> 99 #include <sparc/sparc/memreg.h> 100 #include <sparc/sparc/cpuvar.h> 101 102 #ifdef DEBUG 103 int rwindow_debug = 0; 104 #endif 105 106 /* 107 * Initial FPU state is all registers == all 1s, everything else == all 0s. 108 * This makes every floating point register a signalling NaN, with sign bit 109 * set, no matter how it is interpreted. Appendix N of the Sparc V8 document 110 * seems to imply that we should do this, and it does make sense. 111 */ 112 struct fpstate initfpstate = { 113 { ~0, ~0, ~0, ~0, ~0, ~0, ~0, ~0, ~0, ~0, ~0, ~0, ~0, ~0, ~0, ~0, 114 ~0, ~0, ~0, ~0, ~0, ~0, ~0, ~0, ~0, ~0, ~0, ~0, ~0, ~0, ~0, ~0 }, 115 0, 0, 116 }; 117 118 /* 119 * There are more than 100 trap types, but most are unused. 120 * 121 * Trap type 0 is taken over as an `Asynchronous System Trap'. 122 * This is left-over Vax emulation crap that should be fixed. 123 */ 124 static const char T[] = "trap"; 125 const char *trap_type[] = { 126 /* non-user vectors */ 127 "ast", /* 0 */ 128 "text fault", /* 1 */ 129 "illegal instruction", /* 2 */ 130 "privileged instruction",/*3 */ 131 "fp disabled", /* 4 */ 132 "window overflow", /* 5 */ 133 "window underflow", /* 6 */ 134 "alignment fault", /* 7 */ 135 "fp exception", /* 8 */ 136 "data fault", /* 9 */ 137 "tag overflow", /* 0a */ 138 T, T, T, T, T, T, /* 0b..10 */ 139 "level 1 int", /* 11 */ 140 "level 2 int", /* 12 */ 141 "level 3 int", /* 13 */ 142 "level 4 int", /* 14 */ 143 "level 5 int", /* 15 */ 144 "level 6 int", /* 16 */ 145 "level 7 int", /* 17 */ 146 "level 8 int", /* 18 */ 147 "level 9 int", /* 19 */ 148 "level 10 int", /* 1a */ 149 "level 11 int", /* 1b */ 150 "level 12 int", /* 1c */ 151 "level 13 int", /* 1d */ 152 "level 14 int", /* 1e */ 153 "level 15 int", /* 1f */ 154 T, T, T, T, T, T, T, T, /* 20..27 */ 155 T, T, T, T, T, T, T, T, /* 28..2f */ 156 T, T, T, T, T, T, /* 30..35 */ 157 "cp disabled", /* 36 */ 158 T, /* 37 */ 159 T, T, T, T, T, T, T, T, /* 38..3f */ 160 "cp exception", /* 40 */ 161 T, T, T, T, T, T, T, /* 41..47 */ 162 T, T, T, T, T, T, T, T, /* 48..4f */ 163 T, T, T, T, T, T, T, T, /* 50..57 */ 164 T, T, T, T, T, T, T, T, /* 58..5f */ 165 T, T, T, T, T, T, T, T, /* 60..67 */ 166 T, T, T, T, T, T, T, T, /* 68..6f */ 167 T, T, T, T, T, T, T, T, /* 70..77 */ 168 T, T, T, T, T, T, T, T, /* 78..7f */ 169 170 /* user (software trap) vectors */ 171 "syscall", /* 80 */ 172 "breakpoint", /* 81 */ 173 "zero divide", /* 82 */ 174 "flush windows", /* 83 */ 175 "clean windows", /* 84 */ 176 "range check", /* 85 */ 177 "fix align", /* 86 */ 178 "integer overflow", /* 87 */ 179 "svr4 syscall", /* 88 */ 180 "4.4 syscall", /* 89 */ 181 "kgdb exec", /* 8a */ 182 T, T, T, T, T, /* 8b..8f */ 183 T, T, T, T, T, T, T, T, /* 9a..97 */ 184 T, T, T, T, T, T, T, T, /* 98..9f */ 185 "svr4 getcc", /* a0 */ 186 "svr4 setcc", /* a1 */ 187 "svr4 getpsr", /* a2 */ 188 "svr4 setpsr", /* a3 */ 189 "svr4 gethrtime", /* a4 */ 190 "svr4 gethrvtime", /* a5 */ 191 T, /* a6 */ 192 "svr4 gethrestime", /* a7 */ 193 }; 194 195 #define N_TRAP_TYPES (sizeof trap_type / sizeof *trap_type) 196 197 static __inline void userret __P((struct proc *, int, u_quad_t)); 198 void trap __P((unsigned, int, int, struct trapframe *)); 199 static __inline void share_fpu __P((struct proc *, struct trapframe *)); 200 void mem_access_fault __P((unsigned, int, u_int, int, int, struct trapframe *)); 201 void mem_access_fault4m __P((unsigned, u_int, u_int, struct trapframe *)); 202 void syscall __P((register_t, struct trapframe *, register_t)); 203 204 int ignore_bogus_traps = 1; 205 206 /* 207 * Define the code needed before returning to user mode, for 208 * trap, mem_access_fault, and syscall. 209 */ 210 static __inline void 211 userret(p, pc, oticks) 212 struct proc *p; 213 int pc; 214 u_quad_t oticks; 215 { 216 int sig; 217 218 /* take pending signals */ 219 while ((sig = CURSIG(p)) != 0) 220 postsig(sig); 221 p->p_priority = p->p_usrpri; 222 if (want_ast) { 223 want_ast = 0; 224 if (p->p_flag & P_OWEUPC) { 225 p->p_flag &= ~P_OWEUPC; 226 ADDUPROF(p); 227 } 228 } 229 if (want_resched) { 230 /* 231 * We are being preempted. 232 */ 233 preempt(NULL); 234 while ((sig = CURSIG(p)) != 0) 235 postsig(sig); 236 } 237 238 /* 239 * If profiling, charge recent system time to the trapped pc. 240 */ 241 if (p->p_flag & P_PROFIL) 242 addupc_task(p, pc, (int)(p->p_sticks - oticks)); 243 244 curcpu()->ci_schedstate.spc_curpriority = p->p_priority; 245 } 246 247 /* 248 * If someone stole the FPU while we were away, do not enable it 249 * on return. This is not done in userret() above as it must follow 250 * the ktrsysret() in syscall(). Actually, it is likely that the 251 * ktrsysret should occur before the call to userret. 252 */ 253 static __inline void share_fpu(p, tf) 254 struct proc *p; 255 struct trapframe *tf; 256 { 257 if ((tf->tf_psr & PSR_EF) != 0 && cpuinfo.fpproc != p) 258 tf->tf_psr &= ~PSR_EF; 259 } 260 261 /* 262 * Called from locore.s trap handling, for non-MMU-related traps. 263 * (MMU-related traps go through mem_access_fault, below.) 264 */ 265 void 266 trap(type, psr, pc, tf) 267 unsigned type; 268 int psr, pc; 269 struct trapframe *tf; 270 { 271 struct proc *p; 272 struct pcb *pcb; 273 int n; 274 char bits[64]; 275 u_quad_t sticks; 276 int sig; 277 u_long ucode; 278 279 /* This steps the PC over the trap. */ 280 #define ADVANCE (n = tf->tf_npc, tf->tf_pc = n, tf->tf_npc = n + 4) 281 282 uvmexp.traps++; /* XXXSMP */ 283 /* 284 * Generally, kernel traps cause a panic. Any exceptions are 285 * handled early here. 286 */ 287 if (psr & PSR_PS) { 288 #ifdef DDB 289 if (type == T_BREAKPOINT) { 290 write_all_windows(); 291 if (kdb_trap(type, tf)) { 292 return; 293 } 294 } 295 #endif 296 #ifdef DIAGNOSTIC 297 /* 298 * Currently, we allow DIAGNOSTIC kernel code to 299 * flush the windows to record stack traces. 300 */ 301 if (type == T_FLUSHWIN) { 302 write_all_windows(); 303 ADVANCE; 304 return; 305 } 306 #endif 307 /* 308 * Storing %fsr in cpu_attach will cause this trap 309 * even though the fpu has been enabled, if and only 310 * if there is no FPU. 311 */ 312 if (type == T_FPDISABLED && cold) { 313 ADVANCE; 314 return; 315 } 316 dopanic: 317 printf("trap type 0x%x: pc=0x%x npc=0x%x psr=%s\n", 318 type, pc, tf->tf_npc, bitmask_snprintf(psr, 319 PSR_BITS, bits, sizeof(bits))); 320 #ifdef DDB 321 (void) kdb_trap(type, tf); 322 #endif 323 panic(type < N_TRAP_TYPES ? trap_type[type] : T); 324 /* NOTREACHED */ 325 } 326 if ((p = curproc) == NULL) 327 p = &proc0; 328 sticks = p->p_sticks; 329 pcb = &p->p_addr->u_pcb; 330 p->p_md.md_tf = tf; /* for ptrace/signals */ 331 332 #ifdef FPU_DEBUG 333 if (type != T_FPDISABLED && (tf->tf_psr & PSR_EF) != 0) { 334 if (cpuinfo.fpproc != p) 335 panic("FPU enabled but wrong proc (0)"); 336 savefpstate(p->p_md.md_fpstate); 337 p->p_md.md_fpumid = -1; 338 cpuinfo.fpproc = NULL; 339 tf->tf_psr &= ~PSR_EF; 340 setpsr(getpsr() & ~PSR_EF); 341 } 342 #endif 343 344 sig = 0; 345 ucode = 0; 346 347 switch (type) { 348 349 default: 350 if (type < 0x80) { 351 if (!ignore_bogus_traps) 352 goto dopanic; 353 printf("trap type 0x%x: pc=0x%x npc=0x%x psr=%s\n", 354 type, pc, tf->tf_npc, bitmask_snprintf(psr, 355 PSR_BITS, bits, sizeof(bits))); 356 sig = SIGILL; 357 ucode = type; 358 break; 359 } 360 #if defined(COMPAT_SVR4) 361 badtrap: 362 #endif 363 #ifdef DIAGNOSTIC 364 /* the following message is gratuitous */ 365 /* ... but leave it in until we find anything */ 366 uprintf("%s[%d]: unimplemented software trap 0x%x\n", 367 p->p_comm, p->p_pid, type); 368 #endif 369 sig = SIGILL; 370 ucode = type; 371 break; 372 373 #ifdef COMPAT_SVR4 374 case T_SVR4_GETCC: 375 case T_SVR4_SETCC: 376 case T_SVR4_GETPSR: 377 case T_SVR4_SETPSR: 378 case T_SVR4_GETHRTIME: 379 case T_SVR4_GETHRVTIME: 380 case T_SVR4_GETHRESTIME: 381 if (!svr4_trap(type, p)) 382 goto badtrap; 383 break; 384 #endif 385 386 case T_AST: 387 break; /* the work is all in userret() */ 388 389 case T_ILLINST: 390 case T_UNIMPLFLUSH: 391 if ((sig = emulinstr(pc, tf)) == 0) { 392 ADVANCE; 393 break; 394 } 395 /* XXX - ucode? */ 396 break; 397 398 case T_PRIVINST: 399 sig = SIGILL; 400 /* XXX - ucode? */ 401 break; 402 403 case T_FPDISABLED: { 404 struct fpstate *fs = p->p_md.md_fpstate; 405 406 #ifdef FPU_DEBUG 407 if ((tf->tf_psr & PSR_PS) != 0) { 408 printf("FPU fault from kernel mode, pc=%x\n", pc); 409 #ifdef DDB 410 Debugger(); 411 #endif 412 } 413 #endif 414 415 KERNEL_PROC_LOCK(p); 416 if (fs == NULL) { 417 fs = malloc(sizeof *fs, M_SUBPROC, M_WAITOK); 418 *fs = initfpstate; 419 p->p_md.md_fpstate = fs; 420 } 421 /* 422 * If we have not found an FPU, we have to emulate it. 423 */ 424 if (!cpuinfo.fpupresent) { 425 #ifdef notyet 426 fpu_emulate(p, tf, fs); 427 #else 428 sig = SIGFPE; 429 /* XXX - ucode? */ 430 #endif 431 KERNEL_PROC_UNLOCK(p); 432 break; 433 } 434 /* 435 * We may have more FPEs stored up and/or ops queued. 436 * If they exist, handle them and get out. Otherwise, 437 * resolve the FPU state, turn it on, and try again. 438 */ 439 if (fs->fs_qsize) { 440 fpu_cleanup(p, fs); 441 KERNEL_PROC_UNLOCK(p); 442 break; 443 } 444 #if notyet 445 simple_lock(&cpuinfo.fplock); 446 if (cpuinfo.fpproc != p) { /* we do not have it */ 447 if (cpuinfo.fpproc != NULL) { /* someone else had it*/ 448 savefpstate(cpuinfo.fpproc->p_md.md_fpstate); 449 cpuinfo.fpproc->p_md.md_fpumid = -1; 450 } 451 /* 452 * On MP machines, some of the other FPUs might 453 * still have our state. Tell the owning processor 454 * to save the process' FPU state. 455 */ 456 cpi = p->p_md.md_fpumid; 457 if (cpi != NULL) { 458 if (cpi->mid == cpuinfo.mid) 459 panic("FPU on module %d", mid); 460 LOCK_XPMSG(); 461 simple_lock(&cpi->fplock); 462 simple_lock(&cpi->msg.lock); 463 cpi->msg.tag = XPMSG_SAVEFPU; 464 raise_ipi_wait_and_unlock(cpi); 465 UNLOCK_XPMSG(); 466 } 467 loadfpstate(fs); 468 cpuinfo.fpproc = p; /* now we do have it */ 469 p->p_md.md_fpumid = cpuinfo.mid; 470 } 471 simple_unlock(&cpuinfo.fplock); 472 #else 473 if (cpuinfo.fpproc != p) { /* we do not have it */ 474 int mid; 475 476 mid = p->p_md.md_fpumid; 477 if (cpuinfo.fpproc != NULL) { /* someone else had it*/ 478 savefpstate(cpuinfo.fpproc->p_md.md_fpstate); 479 cpuinfo.fpproc->p_md.md_fpumid = -1; 480 } 481 /* 482 * On MP machines, some of the other FPUs might 483 * still have our state. We can't handle that yet, 484 * so panic if it happens. Possible solutions: 485 * (1) send an inter-processor message to have the 486 * other FPU save the state, or (2) don't do lazy FPU 487 * context switching at all. 488 */ 489 if (mid != -1 && mid != cpuinfo.mid) { 490 printf("own FPU on module %d\n", mid); 491 panic("fix this"); 492 } 493 loadfpstate(fs); 494 cpuinfo.fpproc = p; /* now we do have it */ 495 p->p_md.md_fpumid = cpuinfo.mid; 496 } 497 #endif 498 KERNEL_PROC_UNLOCK(p); 499 tf->tf_psr |= PSR_EF; 500 break; 501 } 502 503 case T_WINOF: 504 KERNEL_PROC_LOCK(p); 505 if (rwindow_save(p)) 506 sigexit(p, SIGILL); 507 KERNEL_PROC_UNLOCK(p); 508 break; 509 510 #define read_rw(src, dst) \ 511 copyin((caddr_t)(src), (caddr_t)(dst), sizeof(struct rwindow)) 512 513 case T_RWRET: 514 /* 515 * T_RWRET is a window load needed in order to rett. 516 * It simply needs the window to which tf->tf_out[6] 517 * (%sp) points. There are no user or saved windows now. 518 * Copy the one from %sp into pcb->pcb_rw[0] and set 519 * nsaved to -1. If we decide to deliver a signal on 520 * our way out, we will clear nsaved. 521 */ 522 KERNEL_PROC_LOCK(p); 523 if (pcb->pcb_uw || pcb->pcb_nsaved) 524 panic("trap T_RWRET 1"); 525 #ifdef DEBUG 526 if (rwindow_debug) 527 printf("%s[%d]: rwindow: pcb<-stack: 0x%x\n", 528 p->p_comm, p->p_pid, tf->tf_out[6]); 529 #endif 530 if (read_rw(tf->tf_out[6], &pcb->pcb_rw[0])) 531 sigexit(p, SIGILL); 532 if (pcb->pcb_nsaved) 533 panic("trap T_RWRET 2"); 534 pcb->pcb_nsaved = -1; /* mark success */ 535 KERNEL_PROC_UNLOCK(p); 536 break; 537 538 case T_WINUF: 539 /* 540 * T_WINUF is a real window underflow, from a restore 541 * instruction. It needs to have the contents of two 542 * windows---the one belonging to the restore instruction 543 * itself, which is at its %sp, and the one belonging to 544 * the window above, which is at its %fp or %i6---both 545 * in the pcb. The restore's window may still be in 546 * the cpu; we need to force it out to the stack. 547 */ 548 KERNEL_PROC_LOCK(p); 549 #ifdef DEBUG 550 if (rwindow_debug) 551 printf("%s[%d]: rwindow: T_WINUF 0: pcb<-stack: 0x%x\n", 552 p->p_comm, p->p_pid, tf->tf_out[6]); 553 #endif 554 write_user_windows(); 555 if (rwindow_save(p) || read_rw(tf->tf_out[6], &pcb->pcb_rw[0])) 556 sigexit(p, SIGILL); 557 #ifdef DEBUG 558 if (rwindow_debug) 559 printf("%s[%d]: rwindow: T_WINUF 1: pcb<-stack: 0x%x\n", 560 p->p_comm, p->p_pid, pcb->pcb_rw[0].rw_in[6]); 561 #endif 562 if (read_rw(pcb->pcb_rw[0].rw_in[6], &pcb->pcb_rw[1])) 563 sigexit(p, SIGILL); 564 if (pcb->pcb_nsaved) 565 panic("trap T_WINUF"); 566 pcb->pcb_nsaved = -1; /* mark success */ 567 KERNEL_PROC_UNLOCK(p); 568 break; 569 570 case T_ALIGN: 571 if ((p->p_md.md_flags & MDP_FIXALIGN) != 0) { 572 KERNEL_PROC_LOCK(p); 573 n = fixalign(p, tf); 574 KERNEL_PROC_UNLOCK(p); 575 if (n == 0) { 576 ADVANCE; 577 break; 578 } 579 } 580 sig = SIGBUS; 581 /* XXX - ucode? */ 582 break; 583 584 case T_FPE: 585 /* 586 * Clean up after a floating point exception. 587 * fpu_cleanup can (and usually does) modify the 588 * state we save here, so we must `give up' the FPU 589 * chip context. (The software and hardware states 590 * will not match once fpu_cleanup does its job, so 591 * we must not save again later.) 592 */ 593 KERNEL_PROC_LOCK(p); 594 if (p != cpuinfo.fpproc) 595 panic("fpe without being the FP user"); 596 savefpstate(p->p_md.md_fpstate); 597 cpuinfo.fpproc = NULL; 598 /* tf->tf_psr &= ~PSR_EF; */ /* share_fpu will do this */ 599 fpu_cleanup(p, p->p_md.md_fpstate); 600 KERNEL_PROC_UNLOCK(p); 601 /* fpu_cleanup posts signals if needed */ 602 #if 0 /* ??? really never??? */ 603 ADVANCE; 604 #endif 605 break; 606 607 case T_TAGOF: 608 sig = SIGEMT; 609 /* XXX - ucode? */ 610 break; 611 612 case T_CPDISABLED: 613 uprintf("coprocessor instruction\n"); /* XXX */ 614 sig = SIGILL; 615 /* XXX - ucode? */ 616 break; 617 618 case T_BREAKPOINT: 619 sig = SIGTRAP; 620 break; 621 622 case T_DIV0: 623 case T_IDIV0: 624 ADVANCE; 625 sig = SIGFPE; 626 ucode = FPE_INTDIV_TRAP; 627 break; 628 629 case T_FLUSHWIN: 630 write_user_windows(); 631 #ifdef probably_slower_since_this_is_usually_false 632 KERNEL_PROC_LOCK(p); 633 if (pcb->pcb_nsaved && rwindow_save(p)) 634 sigexit(p, SIGILL); 635 KERNEL_PROC_UNLOCK(p); 636 #endif 637 ADVANCE; 638 break; 639 640 case T_CLEANWIN: 641 uprintf("T_CLEANWIN\n"); /* XXX */ 642 ADVANCE; 643 break; 644 645 case T_RANGECHECK: 646 uprintf("T_RANGECHECK\n"); /* XXX */ 647 ADVANCE; 648 sig = SIGILL; 649 /* XXX - ucode? */ 650 break; 651 652 case T_FIXALIGN: 653 #ifdef DEBUG_ALIGN 654 uprintf("T_FIXALIGN\n"); 655 #endif 656 /* User wants us to fix alignment faults */ 657 p->p_md.md_flags |= MDP_FIXALIGN; 658 ADVANCE; 659 break; 660 661 case T_INTOF: 662 uprintf("T_INTOF\n"); /* XXX */ 663 ADVANCE; 664 sig = SIGFPE; 665 ucode = FPE_INTOVF_TRAP; 666 break; 667 } 668 if (sig != 0) { 669 KERNEL_PROC_LOCK(p); 670 trapsignal(p, sig, ucode); 671 KERNEL_PROC_UNLOCK(p); 672 } 673 userret(p, pc, sticks); 674 share_fpu(p, tf); 675 #undef ADVANCE 676 } 677 678 /* 679 * Save windows from PCB into user stack, and return 0. This is used on 680 * window overflow pseudo-traps (from locore.s, just before returning to 681 * user mode) and when ptrace or sendsig needs a consistent state. 682 * As a side effect, rwindow_save() always sets pcb_nsaved to 0, 683 * clobbering the `underflow restore' indicator if it was -1. 684 * 685 * If the windows cannot be saved, pcb_nsaved is restored and we return -1. 686 */ 687 int 688 rwindow_save(p) 689 struct proc *p; 690 { 691 struct pcb *pcb = &p->p_addr->u_pcb; 692 struct rwindow *rw = &pcb->pcb_rw[0]; 693 int i; 694 695 i = pcb->pcb_nsaved; 696 if (i < 0) { 697 pcb->pcb_nsaved = 0; 698 return (0); 699 } 700 if (i == 0) 701 return (0); 702 #ifdef DEBUG 703 if (rwindow_debug) 704 printf("%s[%d]: rwindow: pcb->stack:", p->p_comm, p->p_pid); 705 #endif 706 do { 707 #ifdef DEBUG 708 if (rwindow_debug) 709 printf(" 0x%x", rw[1].rw_in[6]); 710 #endif 711 if (copyout((caddr_t)rw, (caddr_t)rw[1].rw_in[6], 712 sizeof *rw)) 713 return (-1); 714 rw++; 715 } while (--i > 0); 716 #ifdef DEBUG 717 if (rwindow_debug) 718 printf("\n"); 719 #endif 720 pcb->pcb_nsaved = 0; 721 return (0); 722 } 723 724 /* 725 * Kill user windows (before exec) by writing back to stack or pcb 726 * and then erasing any pcb tracks. Otherwise we might try to write 727 * the registers into the new process after the exec. 728 */ 729 void 730 kill_user_windows(p) 731 struct proc *p; 732 { 733 734 write_user_windows(); 735 p->p_addr->u_pcb.pcb_nsaved = 0; 736 } 737 738 /* 739 * Called from locore.s trap handling, for synchronous memory faults. 740 * 741 * This duplicates a lot of logic in trap() and perhaps should be 742 * moved there; but the bus-error-register parameters are unique to 743 * this routine. 744 * 745 * Since synchronous errors accumulate during prefetch, we can have 746 * more than one `cause'. But we do not care what the cause, here; 747 * we just want to page in the page and try again. 748 */ 749 void 750 mem_access_fault(type, ser, v, pc, psr, tf) 751 unsigned type; 752 int ser; 753 u_int v; 754 int pc, psr; 755 struct trapframe *tf; 756 { 757 #if defined(SUN4) || defined(SUN4C) 758 struct proc *p; 759 struct vmspace *vm; 760 vaddr_t va; 761 int rv = EFAULT; 762 vm_prot_t atype; 763 int onfault; 764 u_quad_t sticks; 765 char bits[64]; 766 767 uvmexp.traps++; 768 if ((p = curproc) == NULL) /* safety check */ 769 p = &proc0; 770 sticks = p->p_sticks; 771 772 if ((psr & PSR_PS) == 0) 773 KERNEL_PROC_LOCK(p); 774 775 #ifdef FPU_DEBUG 776 if ((tf->tf_psr & PSR_EF) != 0) { 777 if (cpuinfo.fpproc != p) 778 panic("FPU enabled but wrong proc (1)"); 779 savefpstate(p->p_md.md_fpstate); 780 p->p_md.md_fpumid = -1; 781 cpuinfo.fpproc = NULL; 782 tf->tf_psr &= ~PSR_EF; 783 setpsr(getpsr() & ~PSR_EF); 784 } 785 #endif 786 787 /* 788 * Figure out what to pass the VM code, and ignore the sva register 789 * value in v on text faults (text faults are always at pc). 790 * Kernel faults are somewhat different: text faults are always 791 * illegal, and data faults are extra complex. User faults must 792 * set p->p_md.md_tf, in case we decide to deliver a signal. Check 793 * for illegal virtual addresses early since those can induce more 794 * faults. 795 */ 796 if (type == T_TEXTFAULT) 797 v = pc; 798 if (VA_INHOLE(v)) { 799 rv = EACCES; 800 goto fault; 801 } 802 atype = ser & SER_WRITE ? VM_PROT_WRITE : VM_PROT_READ; 803 va = trunc_page(v); 804 if (psr & PSR_PS) { 805 extern char Lfsbail[]; 806 if (type == T_TEXTFAULT) { 807 (void) splhigh(); 808 printf("text fault: pc=0x%x ser=%s\n", pc, 809 bitmask_snprintf(ser, SER_BITS, bits, sizeof(bits))); 810 panic("kernel fault"); 811 /* NOTREACHED */ 812 } 813 /* 814 * If this was an access that we shouldn't try to page in, 815 * resume at the fault handler without any action. 816 */ 817 if (p->p_addr && p->p_addr->u_pcb.pcb_onfault == Lfsbail) 818 goto kfault; 819 820 /* 821 * During autoconfiguration, faults are never OK unless 822 * pcb_onfault is set. Once running normally we must allow 823 * exec() to cause copy-on-write faults to kernel addresses. 824 */ 825 if (cold) 826 goto kfault; 827 if (va >= KERNBASE) { 828 rv = uvm_fault(kernel_map, va, 0, atype); 829 if (rv == 0) 830 return; 831 goto kfault; 832 } 833 } else 834 p->p_md.md_tf = tf; 835 836 /* 837 * mmu_pagein returns -1 if the page is already valid, in which 838 * case we have a hard fault; it returns 1 if it loads a segment 839 * that got bumped out via LRU replacement. 840 */ 841 vm = p->p_vmspace; 842 rv = mmu_pagein(vm->vm_map.pmap, va, 843 ser & SER_WRITE ? VM_PROT_WRITE : VM_PROT_READ); 844 if (rv < 0) { 845 rv = EACCES; 846 goto fault; 847 } 848 if (rv > 0) 849 goto out; 850 851 /* alas! must call the horrible vm code */ 852 rv = uvm_fault(&vm->vm_map, (vaddr_t)va, 0, atype); 853 if (rv == EACCES) { 854 rv = EFAULT; 855 } 856 857 /* 858 * If this was a stack access we keep track of the maximum 859 * accessed stack size. Also, if vm_fault gets a protection 860 * failure it is due to accessing the stack region outside 861 * the current limit and we need to reflect that as an access 862 * error. 863 */ 864 if ((caddr_t)va >= vm->vm_maxsaddr 865 #ifdef COMPAT_SUNOS 866 && !(p->p_emul == &emul_sunos && va < USRSTACK - 867 (vaddr_t)p->p_limit->pl_rlimit[RLIMIT_STACK].rlim_cur + 868 SUNOS_MAXSADDR_SLOP) 869 #endif 870 && rv == 0) { 871 vaddr_t nss = btoc(USRSTACK - va); 872 if (nss > vm->vm_ssize) 873 vm->vm_ssize = nss; 874 } 875 if (rv == 0) { 876 /* 877 * pmap_enter() does not enter all requests made from 878 * vm_fault into the MMU (as that causes unnecessary 879 * entries for `wired' pages). Instead, we call 880 * mmu_pagein here to make sure the new PTE gets installed. 881 */ 882 (void) mmu_pagein(vm->vm_map.pmap, va, VM_PROT_NONE); 883 } else { 884 /* 885 * Pagein failed. If doing copyin/out, return to onfault 886 * address. Any other page fault in kernel, die; if user 887 * fault, deliver SIGSEGV. 888 */ 889 fault: 890 if (psr & PSR_PS) { 891 kfault: 892 onfault = p->p_addr ? 893 (int)p->p_addr->u_pcb.pcb_onfault : 0; 894 if (!onfault) { 895 (void) splhigh(); 896 printf("data fault: pc=0x%x addr=0x%x ser=%s\n", 897 pc, v, bitmask_snprintf(ser, SER_BITS, 898 bits, sizeof(bits))); 899 panic("kernel fault"); 900 /* NOTREACHED */ 901 } 902 tf->tf_pc = onfault; 903 tf->tf_npc = onfault + 4; 904 tf->tf_out[0] = rv; 905 return; 906 } 907 if (rv == ENOMEM) { 908 printf("UVM: pid %d (%s), uid %d killed: out of swap\n", 909 p->p_pid, p->p_comm, 910 p->p_cred && p->p_ucred ? 911 p->p_ucred->cr_uid : -1); 912 trapsignal(p, SIGKILL, (u_int)v); 913 } else 914 trapsignal(p, SIGSEGV, (u_int)v); 915 } 916 out: 917 if ((psr & PSR_PS) == 0) { 918 KERNEL_PROC_UNLOCK(p); 919 userret(p, pc, sticks); 920 share_fpu(p, tf); 921 } 922 #endif /* Sun4/Sun4C */ 923 } 924 925 #if defined(SUN4M) /* 4m version of mem_access_fault() follows */ 926 static int tfaultaddr = (int) 0xdeadbeef; 927 928 void 929 mem_access_fault4m(type, sfsr, sfva, tf) 930 unsigned type; 931 u_int sfsr; 932 u_int sfva; 933 struct trapframe *tf; 934 { 935 int pc, psr; 936 struct proc *p; 937 struct vmspace *vm; 938 vaddr_t va; 939 int rv = EFAULT; 940 vm_prot_t atype; 941 int onfault; 942 u_quad_t sticks; 943 char bits[64]; 944 945 uvmexp.traps++; /* XXXSMP */ 946 947 if ((p = curproc) == NULL) /* safety check */ 948 p = &proc0; 949 sticks = p->p_sticks; 950 951 #ifdef FPU_DEBUG 952 if ((tf->tf_psr & PSR_EF) != 0) { 953 if (cpuinfo.fpproc != p) 954 panic("FPU enabled but wrong proc (2)"); 955 savefpstate(p->p_md.md_fpstate); 956 p->p_md.md_fpumid = -1; 957 cpuinfo.fpproc = NULL; 958 tf->tf_psr &= ~PSR_EF; 959 setpsr(getpsr() & ~PSR_EF); 960 } 961 #endif 962 963 pc = tf->tf_pc; /* These are needed below */ 964 psr = tf->tf_psr; 965 966 /* 967 * Our first priority is handling serious faults, such as 968 * parity errors or async faults that might have come through here. 969 * If afsr & AFSR_AFO != 0, then we're on a HyperSPARC and we 970 * got an async fault. We pass it on to memerr4m. Similarly, if 971 * the trap was T_STOREBUFFAULT, we pass it on to memerr4m. 972 * If we have a data fault, but SFSR_FAV is not set in the sfsr, 973 * then things are really bizarre, and we treat it as a hard 974 * error and pass it on to memerr4m. See section 8.12.4 in the 975 * SuperSPARC user's guide for more info, and for a possible 976 * solution which we don't implement here. 977 * Note: store buffer faults may also lead to a level 15 interrupt 978 * being posted to the module (see sun4m system architecture, 979 * section B.I.9). 980 */ 981 if (type == T_STOREBUFFAULT || 982 (type == T_DATAFAULT && (sfsr & SFSR_FAV) == 0)) { 983 (*cpuinfo.memerr)(type, sfsr, sfva, tf); 984 /* 985 * If we get here, exit the trap handler and wait for the 986 * trap to re-occur. 987 */ 988 goto out_nounlock; 989 } 990 991 if ((psr & PSR_PS) == 0) 992 KERNEL_PROC_LOCK(p); 993 else 994 KERNEL_LOCK(LK_CANRECURSE|LK_EXCLUSIVE); 995 996 /* 997 * Figure out what to pass the VM code. We cannot ignore the sfva 998 * register on text faults, since this might be a trap on an 999 * alternate-ASI access to code space. However, if we're on a 1000 * supersparc, we can't help using PC, since we don't get a VA in 1001 * sfva. 1002 * Kernel faults are somewhat different: text faults are always 1003 * illegal, and data faults are extra complex. User faults must 1004 * set p->p_md.md_tf, in case we decide to deliver a signal. Check 1005 * for illegal virtual addresses early since those can induce more 1006 * faults. 1007 * All translation faults are illegal, and result in a SIGSEGV 1008 * being delivered to the running process (or a kernel panic, for 1009 * a kernel fault). We check the translation first to make sure 1010 * it is not spurious. 1011 * Also, note that in the case where we have an overwritten 1012 * text fault (OW==1, AT==2,3), we attempt to service the 1013 * second (overwriting) fault, then restart the instruction 1014 * (which is from the first fault) and allow the first trap 1015 * to reappear. XXX is this right? It will probably change... 1016 */ 1017 if ((sfsr & SFSR_FT) == SFSR_FT_NONE) 1018 goto out; /* No fault. Why were we called? */ 1019 1020 /* 1021 * NOTE: the per-CPU fault status register readers (in locore) 1022 * may already have decided to pass `pc' in `sfva', so we avoid 1023 * testing CPU types here. 1024 * Q: test SFSR_FAV in the locore stubs too? 1025 */ 1026 if ((sfsr & SFSR_FAV) == 0) { 1027 if (type == T_TEXTFAULT) 1028 sfva = pc; 1029 else { 1030 rv = EACCES; 1031 goto fault; 1032 } 1033 } 1034 1035 if ((sfsr & SFSR_FT) == SFSR_FT_TRANSERR) { 1036 /* 1037 * Translation errors are always fatal, as they indicate 1038 * a corrupt translation (page) table hierarchy. 1039 */ 1040 rv = EACCES; 1041 1042 /* XXXSMP - why bother with this anyway? */ 1043 if (tfaultaddr == sfva) /* Prevent infinite loops w/a static */ 1044 goto fault; 1045 tfaultaddr = sfva; 1046 if ((lda((sfva & 0xFFFFF000) | ASI_SRMMUFP_LN, ASI_SRMMUFP) & 1047 SRMMU_TETYPE) != SRMMU_TEPTE) 1048 goto fault; /* Translation bad */ 1049 lda(SRMMU_SFSR, ASI_SRMMU); 1050 #ifdef DEBUG 1051 printf("mem_access_fault4m: SFSR_FT_TRANSERR: " 1052 "pid %d, va 0x%x: retrying\n", p->p_pid, sfva); 1053 #endif 1054 goto out; /* Translation OK, retry operation */ 1055 } 1056 1057 va = trunc_page(sfva); 1058 1059 if (((sfsr & SFSR_AT_TEXT) || type == T_TEXTFAULT) && 1060 !(sfsr & SFSR_AT_STORE) && (sfsr & SFSR_OW)) { 1061 if (psr & PSR_PS) /* never allow in kernel */ 1062 goto kfault; 1063 #if 0 1064 /* 1065 * Double text fault. The evil "case 5" from the HS manual... 1066 * Attempt to handle early fault. Ignores ASI 8,9 issue...may 1067 * do a useless VM read. 1068 * XXX: Is this really necessary? 1069 */ 1070 if (cpuinfo.cpu_type == CPUTYP_HS_MBUS) { 1071 /* On HS, we have va for both */ 1072 vm = p->p_vmspace; 1073 if (uvm_fault(&vm->vm_map, trunc_page(pc), 1074 0, VM_PROT_READ) != 0) 1075 #ifdef DEBUG 1076 printf("mem_access_fault: " 1077 "can't pagein 1st text fault.\n") 1078 #endif 1079 ; 1080 } 1081 #endif 1082 } 1083 1084 /* Now munch on protections... */ 1085 atype = sfsr & SFSR_AT_STORE ? VM_PROT_WRITE : VM_PROT_READ; 1086 if (psr & PSR_PS) { 1087 extern char Lfsbail[]; 1088 if (sfsr & SFSR_AT_TEXT || type == T_TEXTFAULT) { 1089 (void) splhigh(); 1090 printf("text fault: pc=0x%x sfsr=%s sfva=0x%x\n", pc, 1091 bitmask_snprintf(sfsr, SFSR_BITS, bits, 1092 sizeof(bits)), sfva); 1093 panic("kernel fault"); 1094 /* NOTREACHED */ 1095 } 1096 /* 1097 * If this was an access that we shouldn't try to page in, 1098 * resume at the fault handler without any action. 1099 */ 1100 if (p->p_addr && p->p_addr->u_pcb.pcb_onfault == Lfsbail) 1101 goto kfault; 1102 1103 /* 1104 * During autoconfiguration, faults are never OK unless 1105 * pcb_onfault is set. Once running normally we must allow 1106 * exec() to cause copy-on-write faults to kernel addresses. 1107 */ 1108 if (cold) 1109 goto kfault; 1110 if (va >= KERNBASE) { 1111 rv = uvm_fault(kernel_map, va, 0, atype); 1112 if (rv == 0) { 1113 KERNEL_UNLOCK(); 1114 return; 1115 } 1116 goto kfault; 1117 } 1118 } else 1119 p->p_md.md_tf = tf; 1120 1121 vm = p->p_vmspace; 1122 1123 /* alas! must call the horrible vm code */ 1124 rv = uvm_fault(&vm->vm_map, (vaddr_t)va, 0, atype); 1125 if (rv == EACCES) { 1126 rv = EFAULT; 1127 } 1128 1129 /* 1130 * If this was a stack access we keep track of the maximum 1131 * accessed stack size. Also, if vm_fault gets a protection 1132 * failure it is due to accessing the stack region outside 1133 * the current limit and we need to reflect that as an access 1134 * error. 1135 */ 1136 if ((caddr_t)va >= vm->vm_maxsaddr && rv == 0) { 1137 vaddr_t nss = btoc(USRSTACK - va); 1138 if (nss > vm->vm_ssize) 1139 vm->vm_ssize = nss; 1140 } 1141 if (rv != 0) { 1142 /* 1143 * Pagein failed. If doing copyin/out, return to onfault 1144 * address. Any other page fault in kernel, die; if user 1145 * fault, deliver SIGSEGV. 1146 */ 1147 fault: 1148 if (psr & PSR_PS) { 1149 kfault: 1150 onfault = p->p_addr ? 1151 (int)p->p_addr->u_pcb.pcb_onfault : 0; 1152 if (!onfault) { 1153 (void) splhigh(); 1154 printf("data fault: pc=0x%x addr=0x%x sfsr=%s\n", 1155 pc, sfva, bitmask_snprintf(sfsr, SFSR_BITS, 1156 bits, sizeof(bits))); 1157 panic("kernel fault"); 1158 /* NOTREACHED */ 1159 } 1160 tf->tf_pc = onfault; 1161 tf->tf_npc = onfault + 4; 1162 tf->tf_out[0] = rv; 1163 KERNEL_UNLOCK(); 1164 return; 1165 } 1166 if (rv == ENOMEM) { 1167 printf("UVM: pid %d (%s), uid %d killed: out of swap\n", 1168 p->p_pid, p->p_comm, 1169 p->p_cred && p->p_ucred ? 1170 p->p_ucred->cr_uid : -1); 1171 trapsignal(p, SIGKILL, (u_int)sfva); 1172 } else 1173 trapsignal(p, SIGSEGV, (u_int)sfva); 1174 } 1175 out: 1176 if ((psr & PSR_PS) == 0) { 1177 KERNEL_PROC_UNLOCK(p); 1178 out_nounlock: 1179 userret(p, pc, sticks); 1180 share_fpu(p, tf); 1181 } 1182 else 1183 KERNEL_UNLOCK(); 1184 } 1185 #endif 1186 1187 /* 1188 * System calls. `pc' is just a copy of tf->tf_pc. 1189 * 1190 * Note that the things labelled `out' registers in the trapframe were the 1191 * `in' registers within the syscall trap code (because of the automatic 1192 * `save' effect of each trap). They are, however, the %o registers of the 1193 * thing that made the system call, and are named that way here. 1194 */ 1195 void 1196 syscall(code, tf, pc) 1197 register_t code; 1198 struct trapframe *tf; 1199 register_t pc; 1200 { 1201 int i, nsys, *ap, nap; 1202 const struct sysent *callp; 1203 struct proc *p; 1204 int error, new; 1205 struct args { 1206 register_t i[8]; 1207 } args; 1208 register_t rval[2]; 1209 u_quad_t sticks; 1210 1211 uvmexp.syscalls++; /* XXXSMP */ 1212 p = curproc; 1213 1214 1215 #ifdef DIAGNOSTIC 1216 if (tf->tf_psr & PSR_PS) 1217 panic("syscall"); 1218 if (cpuinfo.curpcb != &p->p_addr->u_pcb) 1219 panic("syscall cpcb/ppcb"); 1220 if (tf != (struct trapframe *)((caddr_t)cpuinfo.curpcb + USPACE) - 1) 1221 panic("syscall trapframe"); 1222 #endif 1223 sticks = p->p_sticks; 1224 p->p_md.md_tf = tf; 1225 new = code & (SYSCALL_G7RFLAG | SYSCALL_G2RFLAG); 1226 code &= ~(SYSCALL_G7RFLAG | SYSCALL_G2RFLAG); 1227 1228 #ifdef FPU_DEBUG 1229 if ((tf->tf_psr & PSR_EF) != 0) { 1230 if (cpuinfo.fpproc != p) 1231 panic("FPU enabled but wrong proc (3)"); 1232 savefpstate(p->p_md.md_fpstate); 1233 p->p_md.md_fpumid = -1; 1234 cpuinfo.fpproc = NULL; 1235 tf->tf_psr &= ~PSR_EF; 1236 setpsr(getpsr() & ~PSR_EF); 1237 } 1238 #endif 1239 1240 callp = p->p_emul->e_sysent; 1241 nsys = p->p_emul->e_nsysent; 1242 1243 /* 1244 * The first six system call arguments are in the six %o registers. 1245 * Any arguments beyond that are in the `argument extension' area 1246 * of the user's stack frame (see <machine/frame.h>). 1247 * 1248 * Check for ``special'' codes that alter this, namely syscall and 1249 * __syscall. The latter takes a quad syscall number, so that other 1250 * arguments are at their natural alignments. Adjust the number 1251 * of ``easy'' arguments as appropriate; we will copy the hard 1252 * ones later as needed. 1253 */ 1254 ap = &tf->tf_out[0]; 1255 nap = 6; 1256 1257 switch (code) { 1258 case SYS_syscall: 1259 code = *ap++; 1260 nap--; 1261 break; 1262 case SYS___syscall: 1263 if (!(p->p_emul->e_flags & EMUL_HAS_SYS___syscall)) 1264 break; 1265 code = ap[_QUAD_LOWWORD]; 1266 ap += 2; 1267 nap -= 2; 1268 break; 1269 } 1270 1271 if (code < 0 || code >= nsys) 1272 callp += p->p_emul->e_nosys; 1273 else { 1274 callp += code; 1275 i = callp->sy_argsize / sizeof(register_t); 1276 if (i > nap) { /* usually false */ 1277 if (i > 8) 1278 panic("syscall nargs"); 1279 error = copyin((caddr_t)tf->tf_out[6] + 1280 offsetof(struct frame, fr_argx), 1281 (caddr_t)&args.i[nap], (i - nap) * sizeof(register_t)); 1282 if (error) 1283 goto bad; 1284 i = nap; 1285 } 1286 copywords(ap, args.i, i * sizeof(register_t)); 1287 } 1288 1289 /* Lock the kernel if the syscall isn't MP-safe. */ 1290 if ((callp->sy_flags & SYCALL_MPSAFE) == 0) 1291 KERNEL_PROC_LOCK(p); 1292 1293 if ((error = trace_enter(p, code, code, args.i, rval)) != 0) 1294 goto bad; 1295 1296 rval[0] = 0; 1297 rval[1] = tf->tf_out[1]; 1298 error = (*callp->sy_call)(p, &args, rval); 1299 1300 if ((callp->sy_flags & SYCALL_MPSAFE) == 0) 1301 KERNEL_PROC_UNLOCK(p); 1302 1303 switch (error) { 1304 case 0: 1305 /* Note: fork() does not return here in the child */ 1306 tf->tf_out[0] = rval[0]; 1307 tf->tf_out[1] = rval[1]; 1308 if (new) { 1309 /* jmp %g2 (or %g7, deprecated) on success */ 1310 i = tf->tf_global[new & SYSCALL_G2RFLAG ? 2 : 7]; 1311 if (i & 3) { 1312 error = EINVAL; 1313 goto bad; 1314 } 1315 } else { 1316 /* old system call convention: clear C on success */ 1317 tf->tf_psr &= ~PSR_C; /* success */ 1318 i = tf->tf_npc; 1319 } 1320 tf->tf_pc = i; 1321 tf->tf_npc = i + 4; 1322 break; 1323 1324 case ERESTART: 1325 case EJUSTRETURN: 1326 /* nothing to do */ 1327 break; 1328 1329 default: 1330 bad: 1331 if (p->p_emul->e_errno) 1332 error = p->p_emul->e_errno[error]; 1333 tf->tf_out[0] = error; 1334 tf->tf_psr |= PSR_C; /* fail */ 1335 i = tf->tf_npc; 1336 tf->tf_pc = i; 1337 tf->tf_npc = i + 4; 1338 break; 1339 } 1340 1341 trace_exit(p, code, args.i, rval, error); 1342 1343 userret(p, pc, sticks); 1344 share_fpu(p, tf); 1345 } 1346 1347 /* 1348 * Process the tail end of a fork() for the child. 1349 */ 1350 void 1351 child_return(arg) 1352 void *arg; 1353 { 1354 struct proc *p = arg; 1355 1356 /* 1357 * Return values in the frame set by cpu_fork(). 1358 */ 1359 KERNEL_PROC_UNLOCK(p); 1360 userret(p, p->p_md.md_tf->tf_pc, 0); 1361 #ifdef KTRACE 1362 if (KTRPOINT(p, KTR_SYSRET)) { 1363 KERNEL_PROC_LOCK(p); 1364 ktrsysret(p, 1365 (p->p_flag & P_PPWAIT) ? SYS_vfork : SYS_fork, 0, 0); 1366 KERNEL_PROC_UNLOCK(p); 1367 } 1368 #endif 1369 } 1370