2 * arch/xtensa/kernel/vectors.S
4 * This file contains all exception vectors (user, kernel, and double),
5 * as well as the window vectors (overflow and underflow), and the debug
6 * vector. These are the primary vectors executed by the processor if an
9 * This file is subject to the terms and conditions of the GNU General
10 * Public License. See the file "COPYING" in the main directory of
11 * this archive for more details.
13 * Copyright (C) 2005 - 2008 Tensilica, Inc.
15 * Chris Zankel <chris@zankel.net>
20 * We use a two-level table approach. The user and kernel exception vectors
21 * use a first-level dispatch table to dispatch the exception to a registered
22 * fast handler or the default handler, if no fast handler was registered.
23 * The default handler sets up a C-stack and dispatches the exception to a
24 * registerd C handler in the second-level dispatch table.
26 * Fast handler entry condition:
28 * a0: trashed, original value saved on stack (PT_AREG0)
30 * a2: new stack pointer, original value in depc
32 * depc: a2, original value saved on stack (PT_DEPC)
35 * The value for PT_DEPC saved to stack also functions as a boolean to
36 * indicate that the exception is either a double or a regular exception:
38 * PT_DEPC >= VALID_DOUBLE_EXCEPTION_ADDRESS: double exception
39 * < VALID_DOUBLE_EXCEPTION_ADDRESS: regular exception
41 * Note: Neither the kernel nor the user exception handler generate literals.
45 #include <linux/linkage.h>
46 #include <asm/ptrace.h>
47 #include <asm/current.h>
48 #include <asm/asm-offsets.h>
49 #include <asm/pgtable.h>
50 #include <asm/processor.h>
52 #include <asm/thread_info.h>
53 #include <asm/vectors.h>
55 #define WINDOW_VECTORS_SIZE 0x180
59 * User exception vector. (Exceptions with PS.UM == 1, PS.EXCM == 0)
61 * We get here when an exception occurred while we were in userland.
62 * We switch to the kernel stack and jump to the first level handler
63 * associated to the exception cause.
65 * Note: the saved kernel stack pointer (EXC_TABLE_KSTK) is already
66 * decremented by PT_USER_SIZE.
69 .section .UserExceptionVector.text, "ax"
71 ENTRY(_UserExceptionVector)
73 xsr a3, excsave1 # save a3 and get dispatch table
74 wsr a2, depc # save a2
75 l32i a2, a3, EXC_TABLE_KSTK # load kernel stack to a2
76 s32i a0, a2, PT_AREG0 # save a0 to ESF
77 rsr a0, exccause # retrieve exception cause
78 s32i a0, a2, PT_DEPC # mark it as a regular exception
79 addx4 a0, a0, a3 # find entry in table
80 l32i a0, a0, EXC_TABLE_FAST_USER # load handler
81 xsr a3, excsave1 # restore a3 and dispatch table
84 ENDPROC(_UserExceptionVector)
87 * Kernel exception vector. (Exceptions with PS.UM == 0, PS.EXCM == 0)
89 * We get this exception when we were already in kernel space.
90 * We decrement the current stack pointer (kernel) by PT_SIZE and
91 * jump to the first-level handler associated with the exception cause.
93 * Note: we need to preserve space for the spill region.
96 .section .KernelExceptionVector.text, "ax"
98 ENTRY(_KernelExceptionVector)
100 xsr a3, excsave1 # save a3, and get dispatch table
101 wsr a2, depc # save a2
102 addi a2, a1, -16-PT_SIZE # adjust stack pointer
103 s32i a0, a2, PT_AREG0 # save a0 to ESF
104 rsr a0, exccause # retrieve exception cause
105 s32i a0, a2, PT_DEPC # mark it as a regular exception
106 addx4 a0, a0, a3 # find entry in table
107 l32i a0, a0, EXC_TABLE_FAST_KERNEL # load handler address
108 xsr a3, excsave1 # restore a3 and dispatch table
111 ENDPROC(_KernelExceptionVector)
114 * Double exception vector (Exceptions with PS.EXCM == 1)
115 * We get this exception when another exception occurs while were are
116 * already in an exception, such as window overflow/underflow exception,
117 * or 'expected' exceptions, for example memory exception when we were trying
118 * to read data from an invalid address in user space.
120 * Note that this vector is never invoked for level-1 interrupts, because such
121 * interrupts are disabled (masked) when PS.EXCM is set.
123 * We decode the exception and take the appropriate action. However, the
124 * double exception vector is much more careful, because a lot more error
125 * cases go through the double exception vector than through the user and
126 * kernel exception vectors.
128 * Occasionally, the kernel expects a double exception to occur. This usually
129 * happens when accessing user-space memory with the user's permissions
130 * (l32e/s32e instructions). The kernel state, though, is not always suitable
131 * for immediate transfer of control to handle_double, where "normal" exception
132 * processing occurs. Also in kernel mode, TLB misses can occur if accessing
133 * vmalloc memory, possibly requiring repair in a double exception handler.
135 * The variable at TABLE_FIXUP offset from the pointer in EXCSAVE_1 doubles as
136 * a boolean variable and a pointer to a fixup routine. If the variable
137 * EXC_TABLE_FIXUP is non-zero, this handler jumps to that address. A value of
138 * zero indicates to use the default kernel/user exception handler.
139 * There is only one exception, when the value is identical to the exc_table
140 * label, the kernel is in trouble. This mechanism is used to protect critical
141 * sections, mainly when the handler writes to the stack to assert the stack
142 * pointer is valid. Once the fixup/default handler leaves that area, the
143 * EXC_TABLE_FIXUP variable is reset to the fixup handler or zero.
145 * Procedures wishing to use this mechanism should set EXC_TABLE_FIXUP to the
146 * nonzero address of a fixup routine before it could cause a double exception
147 * and reset it before it returns.
149 * Some other things to take care of when a fast exception handler doesn't
150 * specify a particular fixup handler but wants to use the default handlers:
152 * - The original stack pointer (in a1) must not be modified. The fast
153 * exception handler should only use a2 as the stack pointer.
155 * - If the fast handler manipulates the stack pointer (in a2), it has to
156 * register a valid fixup handler and cannot use the default handlers.
158 * - The handler can use any other generic register from a3 to a15, but it
159 * must save the content of these registers to stack (PT_AREG3...PT_AREGx)
161 * - These registers must be saved before a double exception can occur.
163 * - If we ever implement handling signals while in double exceptions, the
164 * number of registers a fast handler has saved (excluding a0 and a1) must
165 * be written to PT_AREG1. (1 if only a3 is used, 2 for a3 and a4, etc. )
167 * The fixup handlers are special handlers:
169 * - Fixup entry conditions differ from regular exceptions:
173 * a2: trashed, original value in EXC_TABLE_DOUBLE_SAVE
178 * - When the kernel enters the fixup handler, it still assumes it is in a
179 * critical section, so EXC_TABLE_FIXUP variable is set to exc_table.
180 * The fixup handler, therefore, has to re-register itself as the fixup
181 * handler before it returns from the double exception.
183 * - Fixup handler can share the same exception frame with the fast handler.
184 * The kernel stack pointer is not changed when entering the fixup handler.
186 * - Fixup handlers can jump to the default kernel and user exception
187 * handlers. Before it jumps, though, it has to setup a exception frame
188 * on stack. Because the default handler resets the register fixup handler
189 * the fixup handler must make sure that the default handler returns to
190 * it instead of the exception address, so it can re-register itself as
193 * In case of a critical condition where the kernel cannot recover, we jump
194 * to unrecoverable_exception with the following entry conditions.
195 * All registers a0...a15 are unchanged from the last exception, except:
197 * a0: last address before we jumped to the unrecoverable_exception.
201 * See the handle_alloca_user and spill_registers routines for example clients.
203 * FIXME: Note: we currently don't allow signal handling coming from a double
204 * exception, so the item markt with (*) is not required.
207 .section .DoubleExceptionVector.text, "ax"
208 .begin literal_prefix .DoubleExceptionVector
209 .globl _DoubleExceptionVector_WindowUnderflow
210 .globl _DoubleExceptionVector_WindowOverflow
212 ENTRY(_DoubleExceptionVector)
215 s32i a2, a3, EXC_TABLE_DOUBLE_SAVE
217 /* Check for kernel double exception (usually fatal). */
220 _bbci.l a2, PS_UM_BIT, .Lksp
222 /* Check if we are currently handling a window exception. */
223 /* Note: We don't need to indicate that we enter a critical section. */
225 xsr a0, depc # get DEPC, save a0
227 movi a2, WINDOW_VECTORS_VADDR
228 _bltu a0, a2, .Lfixup
229 addi a2, a2, WINDOW_VECTORS_SIZE
230 _bgeu a0, a2, .Lfixup
232 /* Window overflow/underflow exception. Get stack pointer. */
234 l32i a2, a3, EXC_TABLE_KSTK
236 /* Check for overflow/underflow exception, jump if overflow. */
238 bbci.l a0, 6, _DoubleExceptionVector_WindowOverflow
241 * Restart window underflow exception.
245 * a2 = new sp based on KSTK from exc_table
247 * excsave_1 = orig a3
249 * We return to the instruction in user space that caused the window
250 * underflow exception. Therefore, we change window base to the value
251 * before we entered the window underflow exception and prepare the
252 * registers to return as if we were coming from a regular exception
253 * by changing depc (in a0).
254 * Note: We can trash the current window frame (a0...a3) and depc!
256 _DoubleExceptionVector_WindowUnderflow:
258 wsr a2, depc # save stack pointer temporarily
260 extui a0, a0, PS_OWB_SHIFT, PS_OWB_WIDTH
264 /* We are now in the previous window frame. Save registers again. */
266 xsr a2, depc # save a2 and get stack pointer
267 s32i a0, a2, PT_AREG0
270 s32i a0, a2, PT_DEPC # mark it as a regular exception
273 l32i a0, a0, EXC_TABLE_FAST_USER
277 * We only allow the ITLB miss exception if we are in kernel space.
278 * All other exceptions are unexpected and thus unrecoverable!
282 .extern fast_second_level_miss_double_kernel
284 .Lksp: /* a0: a0, a1: a1, a2: a2, a3: trashed, depc: depc, excsave: a3 */
287 beqi a3, EXCCAUSE_ITLB_MISS, 1f
288 addi a3, a3, -EXCCAUSE_DTLB_MISS
289 bnez a3, .Lunrecoverable
290 1: movi a3, fast_second_level_miss_double_kernel
293 .equ .Lksp, .Lunrecoverable
296 /* Critical! We can't handle this situation. PANIC! */
298 .extern unrecoverable_exception
300 .Lunrecoverable_fixup:
301 l32i a2, a3, EXC_TABLE_DOUBLE_SAVE
307 movi a0, unrecoverable_exception
310 .Lfixup:/* Check for a fixup handler or if we were in a critical section. */
312 /* a0: depc, a1: a1, a2: trash, a3: exctable, depc: a0, excsave1: a3 */
314 /* Enter critical section. */
316 l32i a2, a3, EXC_TABLE_FIXUP
317 s32i a3, a3, EXC_TABLE_FIXUP
318 beq a2, a3, .Lunrecoverable_fixup # critical section
319 beqz a2, .Ldflt # no handler was registered
321 /* a0: depc, a1: a1, a2: trash, a3: exctable, depc: a0, excsave: a3 */
325 .Ldflt: /* Get stack pointer. */
327 l32i a2, a3, EXC_TABLE_DOUBLE_SAVE
328 addi a2, a2, -PT_USER_SIZE
330 /* a0: depc, a1: a1, a2: kstk, a3: exctable, depc: a0, excsave: a3 */
333 l32i a0, a3, EXC_TABLE_DOUBLE_SAVE
335 s32i a0, a2, PT_AREG0
337 /* a0: avail, a1: a1, a2: kstk, a3: exctable, depc: a2, excsave: a3 */
342 l32i a0, a0, EXC_TABLE_FAST_USER
346 * Restart window OVERFLOW exception.
350 * a2 = new sp based on KSTK from exc_table
352 * excsave_1 = orig a3
354 * We return to the instruction in user space that caused the window
355 * overflow exception. Therefore, we change window base to the value
356 * before we entered the window overflow exception and prepare the
357 * registers to return as if we were coming from a regular exception
358 * by changing DEPC (in a0).
360 * NOTE: We CANNOT trash the current window frame (a0...a3), but we
363 * The tricky part here is that overflow8 and overflow12 handlers
364 * save a0, then clobber a0. To restart the handler, we have to restore
365 * a0 if the double exception was past the point where a0 was clobbered.
367 * To keep things simple, we take advantage of the fact all overflow
368 * handlers save a0 in their very first instruction. If DEPC was past
369 * that instruction, we can safely restore a0 from where it was saved
372 * a0: depc, a1: a1, a2: kstk, a3: exc_table, depc: a0, excsave1: a3
374 _DoubleExceptionVector_WindowOverflow:
375 extui a2, a0, 0, 6 # get offset into 64-byte vector handler
376 beqz a2, 1f # if at start of vector, don't restore
379 bbsi.l a0, 8, 1f # don't restore except for overflow 8 and 12
382 * This fixup handler is for the extremely unlikely case where the
383 * overflow handler's reference thru a0 gets a hardware TLB refill
384 * that bumps out the (distinct, aliasing) TLB entry that mapped its
385 * prior references thru a9/a13, and where our reference now thru
386 * a9/a13 gets a 2nd-level miss exception (not hardware TLB refill).
388 movi a2, window_overflow_restore_a0_fixup
389 s32i a2, a3, EXC_TABLE_FIXUP
390 l32i a2, a3, EXC_TABLE_DOUBLE_SAVE
396 * Restore a0 as saved by _WindowOverflow8().
400 wsr a0, depc # replace the saved a0
405 * Restore a0 as saved by _WindowOverflow12().
409 wsr a0, depc # replace the saved a0
413 s32i a0, a3, EXC_TABLE_FIXUP
414 s32i a2, a3, EXC_TABLE_DOUBLE_SAVE
417 * Restore WindowBase while leaving all address registers restored.
418 * We have to use ROTW for this, because WSR.WINDOWBASE requires
419 * an address register (which would prevent restore).
421 * Window Base goes from 0 ... 7 (Module 8)
422 * Window Start is 8 bits; Ex: (0b1010 1010):0x55 from series of call4s
426 extui a0, a0, PS_OWB_SHIFT, PS_OWB_WIDTH
431 l32i a2, a3, EXC_TABLE_DOUBLE_SAVE
440 * We are now in the user code's original window frame.
441 * Process the exception as a user exception as if it was
442 * taken by the user code.
444 * This is similar to the user exception vector,
445 * except that PT_DEPC isn't set to EXCCAUSE.
450 l32i a2, a3, EXC_TABLE_KSTK
451 s32i a0, a2, PT_AREG0
456 _DoubleExceptionVector_handle_exception:
457 addi a0, a0, -EXCCAUSE_UNALIGNED
460 l32i a0, a0, EXC_TABLE_FAST_USER + 4 * EXCCAUSE_UNALIGNED
464 movi a0, user_exception
479 ENDPROC(_DoubleExceptionVector)
482 * Fixup handler for TLB miss in double exception handler for window owerflow.
483 * We get here with windowbase set to the window that was being spilled and
484 * a0 trashed. a0 bit 7 determines if this is a call8 (bit clear) or call12
487 * We do the following here:
488 * - go to the original window retaining a0 value;
489 * - set up exception stack to return back to appropriate a0 restore code
490 * (we'll need to rotate window back and there's no place to save this
491 * information, use different return address for that);
492 * - handle the exception;
493 * - go to the window that was being spilled;
494 * - set up window_overflow_restore_a0_fixup as a fixup routine;
496 * - restore the original window;
497 * - reset the default fixup routine;
498 * - return to user. By the time we get to this fixup handler all information
499 * about the conditions of the original double exception that happened in
500 * the window overflow handler is lost, so we just return to userspace to
501 * retry overflow from start.
503 * a0: value of depc, original value in depc
504 * a2: trashed, original value in EXC_TABLE_DOUBLE_SAVE
505 * a3: exctable, original value in excsave1
508 ENTRY(window_overflow_restore_a0_fixup)
511 extui a0, a0, PS_OWB_SHIFT, PS_OWB_WIDTH
515 l32i a2, a3, EXC_TABLE_DOUBLE_SAVE
518 _beqi a0, 1, .Lhandle_1
519 _beqi a0, 3, .Lhandle_3
521 .macro overflow_fixup_handle_exception_pane n
528 l32i a2, a3, EXC_TABLE_KSTK
529 s32i a0, a2, PT_AREG0
531 movi a0, .Lrestore_\n
534 j _DoubleExceptionVector_handle_exception
538 overflow_fixup_handle_exception_pane 2
540 overflow_fixup_handle_exception_pane 1
542 overflow_fixup_handle_exception_pane 3
544 .macro overflow_fixup_restore_a0_pane n
547 /* Need to preserve a0 value here to be able to handle exception
548 * that may occur on a0 reload from stack. It may occur because
549 * TLB miss handler may not be atomic and pointer to page table
550 * may be lost before we get here. There are no free registers,
551 * so we need to use EXC_TABLE_DOUBLE_SAVE area.
554 s32i a2, a3, EXC_TABLE_DOUBLE_SAVE
555 movi a2, window_overflow_restore_a0_fixup
556 s32i a2, a3, EXC_TABLE_FIXUP
557 l32i a2, a3, EXC_TABLE_DOUBLE_SAVE
570 overflow_fixup_restore_a0_pane 2
574 s32i a2, a3, EXC_TABLE_DOUBLE_SAVE
576 s32i a2, a3, EXC_TABLE_FIXUP
577 l32i a2, a3, EXC_TABLE_DOUBLE_SAVE
582 overflow_fixup_restore_a0_pane 1
583 j .Lset_default_fixup
585 overflow_fixup_restore_a0_pane 3
586 j .Lset_default_fixup
588 ENDPROC(window_overflow_restore_a0_fixup)
592 * Debug interrupt vector
594 * There is not much space here, so simply jump to another handler.
595 * EXCSAVE[DEBUGLEVEL] has been set to that handler.
598 .section .DebugInterruptVector.text, "ax"
600 ENTRY(_DebugInterruptVector)
602 xsr a0, SREG_EXCSAVE + XCHAL_DEBUGLEVEL
605 ENDPROC(_DebugInterruptVector)
610 * Medium priority level interrupt vectors
612 * Each takes less than 16 (0x10) bytes, no literals, by placing
613 * the extra 8 bytes that would otherwise be required in the window
614 * vectors area where there is space. With relocatable vectors,
615 * all vectors are within ~ 4 kB range of each other, so we can
616 * simply jump (J) to another vector without having to use JX.
618 * common_exception code gets current IRQ level in PS.INTLEVEL
619 * and preserves it for the IRQ handling time.
622 .macro irq_entry_level level
624 .if XCHAL_EXCM_LEVEL >= \level
625 .section .Level\level\()InterruptVector.text, "ax"
626 ENTRY(_Level\level\()InterruptVector)
630 movi a0, EXCCAUSE_LEVEL1_INTERRUPT
633 # branch to user or kernel vector
634 j _SimulateUserKernelVectorException
646 /* Window overflow and underflow handlers.
647 * The handlers must be 64 bytes apart, first starting with the underflow
648 * handlers underflow-4 to underflow-12, then the overflow handlers
649 * overflow-4 to overflow-12.
651 * Note: We rerun the underflow handlers if we hit an exception, so
652 * we try to access any page that would cause a page fault early.
655 #define ENTRY_ALIGN64(name) \
660 .section .WindowVectors.text, "ax"
663 /* 4-Register Window Overflow Vector (Handler) */
665 ENTRY_ALIGN64(_WindowOverflow4)
673 ENDPROC(_WindowOverflow4)
676 #if XCHAL_EXCM_LEVEL >= 2
677 /* Not a window vector - but a convenient location
678 * (where we know there's space) for continuation of
679 * medium priority interrupt dispatch code.
680 * On entry here, a0 contains PS, and EPC2 contains saved a0:
683 _SimulateUserKernelVectorException:
684 addi a0, a0, (1 << PS_EXCM_BIT)
686 bbsi.l a0, PS_UM_BIT, 1f # branch if user mode
687 rsr a0, excsave2 # restore a0
688 j _KernelExceptionVector # simulate kernel vector exception
689 1: rsr a0, excsave2 # restore a0
690 j _UserExceptionVector # simulate user vector exception
694 /* 4-Register Window Underflow Vector (Handler) */
696 ENTRY_ALIGN64(_WindowUnderflow4)
704 ENDPROC(_WindowUnderflow4)
706 /* 8-Register Window Overflow Vector (Handler) */
708 ENTRY_ALIGN64(_WindowOverflow8)
721 ENDPROC(_WindowOverflow8)
723 /* 8-Register Window Underflow Vector (Handler) */
725 ENTRY_ALIGN64(_WindowUnderflow8)
738 ENDPROC(_WindowUnderflow8)
740 /* 12-Register Window Overflow Vector (Handler) */
742 ENTRY_ALIGN64(_WindowOverflow12)
759 ENDPROC(_WindowOverflow12)
761 /* 12-Register Window Underflow Vector (Handler) */
763 ENTRY_ALIGN64(_WindowUnderflow12)
780 ENDPROC(_WindowUnderflow12)