![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to trap.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [MW Coherent from dump] / coherent / b / kernel / i386|
Return to trap.c CVS log | Up to [MW Coherent from dump] / coherent / b / kernel / i386 |
1.1 root 1: /* (lgl-
2: * COHERENT Version 4.0
3: * Copyright (c) 1982, 1992.
4: * An unpublished work by Mark Williams Company, Chicago.
5: * All rights reserved.
6: -lgl) */
7: #include <sys/coherent.h>
8: #include <sys/reg.h>
9: #include <sys/systab.h>
10: #include <errno.h>
11: #include <sys/proc.h>
12: #include <sys/seg.h>
13: #include <signal.h>
14:
15: /* opcodes recognized, and partially emulated, in gp fault handler */
16: #define READ_CR0 1
17: #define WRITE_CR0 2
18: #define READ_CR2 3
19: #define READ_CR3 4
20: #define WRITE_CR3 5
21: #define HALT 6
22: #define IRET 7
23: #define READ_DR0 8
24: #define READ_DR1 9
25: #define READ_DR2 10
26: #define READ_DR3 11
27: #define READ_DR6 12
28: #define READ_DR7 13
29: #define WRITE_DR0 14
30: #define WRITE_DR1 15
31: #define WRITE_DR2 16
32: #define WRITE_DR3 17
33: #define WRITE_DR6 18
34: #define WRITE_DR7 19
35:
36: #define ENTER_OP 0xC8 /* Opcode for 'enter' instruction. */
37: #define IRET_RETRY_LIM 10
38: #define RESUME_FLAG 0x10000 /* RF bit in PSW */
39: #define TRAP_FLAG 0x00100 /* TF bit in PSW */
40:
41: extern unsigned char selkcopy();
42: extern unsigned int DR0,DR1,DR2,DR3,DR7;
43: static int trap_op();
44:
45: /*
46: * Macro RDUMP does register dump, followed by final message.
47: *
48: * Callable only from within trap() or one of its cousins.
49: */
50: #define RDUMP() { \
51: printf("\neax=%x ebx=%x ecx=%x edx=%x\n", eax, ebx, ecx, edx); \
52: printf("esi=%x edi=%x ebp=%x esp=%x\n", esi, edi, ebp, esp); \
53: printf("cs=%x ds=%x es=%x ss=%x fs=%x gs=%x\n", \
54: cs&0xffff, ds&0xffff, es&0xffff, ss&0xffff, fs&0xffff, gs&0xffff); \
55: printf("err #%d eip=%x uesp=%x cmd=%s\n", err, eip, uesp, u.u_comm); \
56: printf("efl=%x ", efl); }
57: /* end RDUMP */
58:
59: /*
60: * Debug only - display 64 words of stack traceback.
61: */
62: #define SDUMP(frame) { \
63: int *ip = frame, i; \
64: for (i=0;i < 32;i++) { \
65: if ((i % 8)==0) \
66: putchar('\n'); \
67: printf("%x ", *ip++); \
68: } \
69: putchar('\n'); \
70: }
71: /* end SDUMP */
72:
73: /*
74: * Global symbols from kernel text.
75: */
76: extern unsigned int _Idle;
77: extern unsigned int __xtrap_break__;
78: extern unsigned int __xtrap_off__;
79: extern unsigned int __xtrap_on__;
80: extern unsigned int sig32;
81: extern unsigned int syc32;
82:
83: /*
84: * iret_flt is set when first bad iret is detected.
85: */
86: static int iret_flt;
87:
88: /*
89: * Trap handler.
90: * The arguments are the registers,
91: * saved on the stack by machine code. This call
92: * is different from most C calls in that the registers
93: * get copied back; if you change a "trap" parameter then
94: * the machine register will be altered when the trap is
95: * dismissed.
96: *
97: * Argument "trapno" is the return eip for the code calling tsave().
98: */
99: trap(gs, fs, es, ds, edi, esi, ebp, esp, ebx, edx, ecx, eax, trapno, err,
100: eip, cs, efl, uesp, ss)
101: char *eip;
102: {
103: register struct systab *stp;
104: register int callnum;
105: register int sigcode;
106: extern int trapcode;
107: extern *mmdata[], mminit;
108: cseg_t *pp;
109: register SEG *segp;
110: int splo, datahi;
111: unsigned int txtlo, txthi;
112: unsigned char opcode; /* Opcode we trapped on. */
113: unsigned short e_arg; /* Argument to 'enter' opcode. */
114: unsigned long newsp; /* Anticipated value for stack pointer. */
115: unsigned int cr2 = 0;
116: unsigned int cpl = cs & SEG_PL;
117:
118: /*
119: * Avoid sign extension confusion on 286 ds
120: */
121: if (ds == (SEG_286_UD | R_USR))
122: uesp = (unsigned short)uesp;
123:
124: if (err==SINMI) {
125: printf("Parity error\n");
126: RDUMP();
127: panic("...");
128: }
129:
130: /*
131: * Expect this to never happen!
132: */
133: if (SELF->p_flags & PFKERN) {
134: panic("pid%d: kernel process trap: err=%x, ip=%x ax=%d",
135: SELF->p_pid, err, eip, eax);
136: }
137:
138: T_HAL(0x4000, printf("T%d ", err));
139: sigcode = 0;
140:
141: u.u_regl = &gs; /* hook in register set for consave/conrest */
142:
143: switch (err) {
144: case SIOSYS:
145: /*
146: * 286 System call.
147: */
148: sigcode = oldsys();
149: break;
150: case SISYS:
151: /*
152: * 386 System call.
153: */
154: u.u_error = 0;
155: callnum = eax;
156:
157: T_PIGGY(4, printf("{%d}", callnum));
158:
159: if (callnum < NMICALL)
160: stp = sysitab + callnum;
161: else if ( callnum == COHCALL )
162: stp = &cohcall;
163: else if ( ((callnum&0xFF)==0x28) && ((callnum>>8)<=H28CALL) )
164: stp = h28itab + ((callnum>>8) - 1);
165: else {
166: sigcode = SIGSYS;
167: goto trapend;
168: }
169:
170: ukcopy(uesp+sizeof(long),u.u_args, stp->s_nargs*sizeof(long));
171: if (u.u_error) {
172: sigcode = SIGSYS;
173: goto trapend;
174: }
175:
176: u.u_io.io_seg = IOUSR;
177: if (envsave(&u.u_sigenv)) {
178: u.u_error = EINTR;
179: } else {
180: eax = (*stp->s_func)(u.u_args[0],
181: u.u_args[1],
182: u.u_args[2],
183: u.u_args[3],
184: u.u_args[4],
185: u.u_args[5]);
186: edx = u.u_rval2;
187: }
188:
189: efl &= ~MFCBIT; /* clear carry flag in return efl */
190: if (u.u_error) {
191: eax = u.u_error;
192: efl |= MFCBIT;
193: }
194: break;
195: /*
196: * Trap.
197: */
198: case SIDIV:
199: sigcode = SIGFPE;
200: break;
201:
202: case SISST:
203: sigcode = SIGTRAP;
204: break;
205:
206: case SIBPT:
207: sigcode = SIGTRAP;
208: break;
209:
210: case SIOVF:
211: sigcode = SIGEMT;
212: break;
213:
214: case SIBND:
215: /*
216: * Bound
217: */
218: sigcode = SIGIOT;
219: break;
220:
221: case SIOP:
222: /*
223: * Invalid opcode
224: */
225: if (cpl < 2) {
226: int *ip = (int *)eip;
227:
228: RDUMP();
229: printf("(eip)=%x %x %x ", ip[0], ip[1], ip[2]);
230: panic("Invalid Opcode");
231: }
232: sigcode = SIGILL;
233: break;
234:
235: #if 0
236: case SIXNP:
237: /*
238: * Processor extension not available
239: */
240: if (int11() & 2) /* NDP present */
241: ndpNewOwner();
242: else
243: sigcode = SIGFPE;
244: break;
245: #endif
246:
247: case SIDBL:
248: /*
249: * Double exception
250: */
251: panic("double exception: cs=%x ip=%x", cs, eip);
252: sigcode = SIGSEGV;
253: break;
254:
255: case SIXS:
256: /*
257: * Processor extension segment overrun
258: */
259: sigcode = SIGSEGV;
260: break;
261:
262: case SITS:
263: /*
264: * Invalid task state segment
265: */
266: panic("invalid tss: cs=%x ip=%x", cs, eip);
267: sigcode = SIGSEGV;
268: break;
269:
270: case SINP:
271: /*
272: * Segment not present
273: */
274: sigcode = SIGSEGV;
275: break;
276:
277: case SISS:
278: /*
279: * Stack segment overrun/not present
280: */
281: sigcode = SIGKILL;
282: break;
283: default:
284: RDUMP();
285: panic("Fatal Trap");
286: }
287:
288: trapend:
289: /*
290: * Send user a signal.
291: * If not a breakpoint, do console register dump.
292: */
293: if (sigcode) {
294: if (sigcode != SIGTRAP) {
295: RDUMP();
296: printf("sigcode=#%d User Trap\n", sigcode);
297: }
298: sendsig(sigcode, SELF);
299: }
300: }
301:
302: /*
303: * trap_op()
304: *
305: * Look at the trapped instruction.
306: * If it's one of a select few, recognize and return the type.
307: * Otherwise, return 0.
308: *
309: * This could be fancier, but all we want to look for is:
310: * (for CRx and DRx, second operand is limited to %eax).
311: * 0F 20 C0 READ_CR0
312: * 0F 22 C0 WRITE_CR0
313: * 0F 20 D0 READ_CR2
314: * 0F 20 D8 READ_CR3
315: * 0F 22 D8 WRITE_CR3
316: * CF IRET
317: * F4 HALT
318: * 0F 23 C0 WRITE_DR0
319: * 0F 23 C8 WRITE_DR1
320: * 0F 23 D0 WRITE_DR2
321: * 0F 23 D8 WRITE_DR3
322: * 0F 23 F0 WRITE_DR6
323: * 0F 23 F8 WRITE_DR7
324: * 0F 21 C0 READ_DR0
325: * 0F 21 C8 READ_DR1
326: * 0F 21 D0 READ_DR2
327: * 0F 21 D8 READ_DR3
328: * 0F 21 F0 READ_DR6
329: * 0F 21 F8 READ_DR7
330: */
331: static int
332: trap_op(cs,eip)
333: unsigned int cs, eip;
334: {
335: int ret = 0;
336:
337: switch (selkcopy(cs,eip)) {
338: case 0x0F:
339: switch (selkcopy(cs,eip+1)) {
340: case 0x20:
341: switch (selkcopy(cs,eip+2)) {
342: case 0xC0:
343: ret = READ_CR0;
344: break;
345: case 0xD0:
346: ret = READ_CR2;
347: break;
348: case 0xD8:
349: ret = READ_CR3;
350: break;
351: }
352: break;
353: case 0x21:
354: switch (selkcopy(cs,eip+2)) {
355: case 0xC0:
356: ret = READ_DR0;
357: break;
358: case 0xC8:
359: ret = READ_DR1;
360: break;
361: case 0xD0:
362: ret = READ_DR2;
363: break;
364: case 0xD8:
365: ret = READ_DR3;
366: break;
367: case 0xF0:
368: ret = READ_DR6;
369: break;
370: case 0xF8:
371: ret = READ_DR7;
372: break;
373: }
374: break;
375: case 0x22:
376: switch (selkcopy(cs,eip+2)) {
377: case 0xC0:
378: ret = WRITE_CR0;
379: break;
380: case 0xD8:
381: ret = WRITE_CR3;
382: break;
383: }
384: break;
385: case 0x23:
386: switch (selkcopy(cs,eip+2)) {
387: case 0xC0:
388: ret = WRITE_DR0;
389: break;
390: case 0xC8:
391: ret = WRITE_DR1;
392: break;
393: case 0xD0:
394: ret = WRITE_DR2;
395: break;
396: case 0xD8:
397: ret = WRITE_DR3;
398: break;
399: case 0xF0:
400: ret = WRITE_DR6;
401: break;
402: case 0xF8:
403: ret = WRITE_DR7;
404: break;
405: }
406: break;
407: }
408: break;
409: case 0xF4:
410: ret = HALT;
411: break;
412: case 0xCF:
413: ret = IRET;
414: break;
415: }
416: return ret;
417: }
418:
419: /*
420: * Kernel debugger.
421: *
422: * Runs in ring 0.
423: */
424: __debug_ker__(gs, fs, es, ds, edi, esi, ebp, esp, ebx, edx, ecx, eax, trapno,
425: err, eip, cs, efl, uesp, ss)
426: {
427: unsigned int dr6 = read_dr6();
428: unsigned cpl = cs & SEG_PL;
429: int do_rdump = 1;
430:
431: if (dr6 & 0xf) { /* report breakpoint exception(s) */
432: printf("Breakpoint ");
433: if (dr6 & 1)
434: printf("DR0=%x ", DR0);
435: if (dr6 & 2)
436: printf("DR1=%x ", DR1);
437: if (dr6 & 4)
438: printf("DR2=%x ", DR2);
439: if (dr6 & 8)
440: printf("DR3=%x ", DR3);
441: printf("DR7=%x\n", DR7);
442: }
443: if (dr6 & 0xf000) { /* report other debug exception(s) */
444: if (dr6 & 0x8000)
445: printf("Switch to debugged task\n");
446: if (dr6 & 0x4000) {
447: /* Single Step */
448: switch(cpl) {
449: /*
450: * If user code trapped, send signal
451: * and suppress console register dump.
452: */
453: case DPL_1:
454: /*
455: * Turn off single-stepping when entering
456: * Ring 1.
457: */
458: if (eip == &syc32 || eip == &sig32) {
459: do_rdump = 0;
460: } else {
461: printf("/nefl=%x No single stepping the kernel.\n", efl);
462: SDUMP(uesp);
463: }
464: efl &= ~TRAP_FLAG;
465: break;
466: case DPL_3:
467: do_rdump = 0;
468: T_HAL(0x20000, printf("Kernel SSTEP eip=%x efl=%x ", eip, efl));
469: sendsig(SIGTRAP, SELF);
470: break;
471: }
472: }
473: if (dr6 & 0x2000) {
474: printf("ICE in use\n");
475: eip += 3;
476: }
477: }
478: if (do_rdump) {
479: RDUMP();
480: }
481: write_dr6(0);
482: efl |= RESUME_FLAG;
483: return;
484: }
485:
486: /*
487: * General protection fault handler.
488: * Entered via a ring 0 gate.
489: */
490: gpfault(gs, fs, es, ds, edi, esi, ebp, esp, ebx, edx, ecx, eax, trapno, err,
491: eip, cs, efl, uesp, ss)
492: char *eip;
493: {
494: unsigned cpl = cs & SEG_PL;
495:
496: /*
497: * Switch on CPL of code that trapped.
498: */
499: switch(cpl) {
500: case DPL_0:
501: /*
502: * Ring 0 should not gp fault.
503: */
504: RDUMP();
505: T_HAL(0x1000, SDUMP(&uesp));
506: T_HAL(0x1000, SDUMP(*((&uesp) + 2)));
507: panic("System GP Fault from Ring 0");
508: break;
509: case DPL_1:
510: /*
511: * If ring 1 faulted on a valid request, emulate the
512: * request while running in ring 0.
513: */
514: switch(trap_op(cs,eip)) {
515: case READ_CR0:
516: eax = read_cr0();
517: eip += 3;
518: break;
519: #if 0
520: case WRITE_CR0:
521: if (eax & 4)
522: setfpe(0);
523: else
524: setfpe(1);
525: eip += 3;
526: break;
527: #endif
528: case READ_CR2:
529: eax = read_cr2();
530: eip += 3;
531: break;
532: case READ_CR3:
533: eax = read_cr3();
534: eip += 3;
535: break;
536: #if 0
537: case WRITE_CR3:
538: mmuupdnR0();
539: eip += 3;
540: break;
541: #endif
542: case IRET:
543: /*
544: * Some CPU's wrongly generate GP faults on IRET
545: * from inner ring to ring 3.
546: * Fix is to retry the instruction a few times.
547: */
548: if (!iret_flt) {
549: iret_flt = 1;
550: printf("CPU Bug: "
551: "Spurious GP Fault on Iret to Ring 3.\n");
552: }
553: break;
554: case READ_DR0:
555: eax = read_dr0();
556: eip += 3;
557: break;
558: case READ_DR1:
559: eax = read_dr1();
560: eip += 3;
561: break;
562: case READ_DR2:
563: eax = read_dr2();
564: eip += 3;
565: break;
566: case READ_DR3:
567: eax = read_dr3();
568: eip += 3;
569: break;
570: case READ_DR6:
571: eax = read_dr6();
572: eip += 3;
573: break;
574: case READ_DR7:
575: eax = read_dr7();
576: eip += 3;
577: break;
578: case WRITE_DR0:
579: write_dr0(eax);
580: eip += 3;
581: break;
582: case WRITE_DR1:
583: write_dr1(eax);
584: eip += 3;
585: break;
586: case WRITE_DR2:
587: write_dr2(eax);
588: eip += 3;
589: break;
590: case WRITE_DR3:
591: write_dr3(eax);
592: eip += 3;
593: break;
594: case WRITE_DR6:
595: write_dr6(eax);
596: eip += 3;
597: break;
598: case WRITE_DR7:
599: write_dr7(eax);
600: eip += 3;
601: break;
602: #if 0
603: case WRITE_DR7:
604: /*
605: * Expect breakpoint info in globals DR0-3,DR7.
606: */
607: printf("Setting DR0=%x DR1=%x DR2=%x DR3=%x DR7=%x\n",
608: DR0, DR1, DR2, DR3, DR7);
609: write_dr0(DR0);
610: write_dr1(DR1);
611: write_dr2(DR2);
612: write_dr3(DR3);
613: write_dr7(DR7);
614: eip += 3;
615: break;
616: #endif
617: default:
618: if (eip >= &__xtrap_on__ && eip < &__xtrap_off__) {
619: SET_U_ERROR(EFAULT, "copy gp");
620: eip = &__xtrap_break__;
621: } else {
622: RDUMP();
623: T_HAL(0x1000, SDUMP(uesp));
624: panic("System GP Fault from Ring 1");
625: }
626: }
627: goto gpdone;
628: break;
629: case DPL_2:
630: /*
631: * Nothing should be running in Ring 2.
632: */
633: case DPL_3:
634: /*
635: * Ring 3 gp fault means errant user process.
636: */
637: RDUMP();
638: printf("User GP Violation\n");
639: sendsig(SIGSEGV, SELF);
640: break;
641: }
642: gpdone:
643: return;
644: }
645:
646: /*
647: * User debugger.
648: *
649: * Runs in ring 1.
650: */
651: __debug_usr__(gs, fs, es, ds, edi, esi, ebp, esp, ebx, edx, ecx, eax, trapno,
652: err, eip, cs, efl, uesp, ss)
653: {
654: unsigned int dr6 = read_dr6();
655: unsigned cpl = cs & SEG_PL;
656: int do_rdump = 1;
657:
658: if (dr6 & 0xf) { /* report breakpoint exception(s) */
659: printf("Breakpoint ");
660: if (dr6 & 1)
661: printf("DR0=%x ", DR0);
662: if (dr6 & 2)
663: printf("DR1=%x ", DR1);
664: if (dr6 & 4)
665: printf("DR2=%x ", DR2);
666: if (dr6 & 8)
667: printf("DR3=%x ", DR3);
668: printf("DR7=%x\n", DR7);
669: }
670: if (dr6 & 0xf000) { /* report other debug exception(s) */
671: if (dr6 & 0x8000)
672: printf("Switch to debugged task\n");
673: if (dr6 & 0x4000) {
674: /* Single Step */
675: switch(cpl) {
676: /*
677: * If user code trapped, send signal
678: * and suppress console register dump.
679: */
680: case DPL_1:
681: /*
682: * Turn off single-stepping when entering
683: * Ring 1.
684: */
685: if (eip == &syc32 || eip == &sig32) {
686: do_rdump = 0;
687: } else {
688: printf("/nefl=%x No single stepping the kernel.\n", efl);
689: SDUMP(uesp);
690: }
691: efl &= ~TRAP_FLAG;
692: break;
693: case DPL_3:
694: do_rdump = 0;
695: T_HAL(0x20000, printf("User SSTEP eip=%x efl=%x ", eip, efl));
696: sendsig(SIGTRAP, SELF);
697: break;
698: }
699: }
700: if (dr6 & 0x2000) {
701: printf("ICE in use\n");
702: eip += 3;
703: }
704: }
705: if (do_rdump) {
706: RDUMP();
707: }
708: write_dr6(0);
709: efl |= RESUME_FLAG;
710: return;
711: }
712:
713: irqblab(gs, fs, es, ds, edi, esi, ebp, esp, ebx, edx, ecx, eax, trapno,
714: err, eip, cs, efl, uesp, ss)
715: {
716: puts("*ip=");
717: print32(eip);
718: puts(" *err=");
719: print32(err);
720: if ((err & 0xff) == 0x40) {
721: int irqno = (err >> 8) & 0xFF;
722: print8(irqno);
723: } else if (err == 2) {
724: puts("NMI ");
725: }
726: }
727:
728: pagefault(gs, fs, es, ds, edi, esi, ebp, esp, ebx, edx, ecx, eax, trapno, err,
729: eip, cs, efl, uesp, ss)
730: char *eip;
731: {
732: register struct systab *stp;
733: register int callnum;
734: register int sigcode;
735: extern int trapcode;
736: extern *mmdata[], mminit;
737: cseg_t *pp;
738: register SEG *segp;
739: int splo, datahi;
740: unsigned int txtlo, txthi;
741: unsigned char opcode; /* Opcode we trapped on. */
742: unsigned short e_arg; /* Argument to 'enter' opcode. */
743: unsigned long newsp; /* Anticipated value for stack pointer. */
744: unsigned int cr2 = 0;
745: unsigned int cpl = cs & SEG_PL;
746:
747: /*
748: * Avoid sign extension confusion on 286 ds
749: */
750: if (ds == (SEG_286_UD | R_USR))
751: uesp = (unsigned short)uesp;
752:
753: /*
754: * Expect this to never happen!
755: */
756: if (SELF->p_flags&PFKERN) {
757: panic("pid%d: kernel process trap: err=%x, ip=%x ax=%d",
758: SELF->p_pid, err, eip, eax);
759: }
760:
761: T_HAL(0x4000, printf("T%d ", err));
762: sigcode = 0;
763:
764: u.u_regl = &gs; /* hook in register set for consave/conrest */
765:
766: {
767: /*
768: * Page fault
769: */
770: cr2 = read_cr2();
771: if (cpl < 2) {
772: /*
773: * If page fault during Ring 1 copy service routine,
774: * such as kucopy or ukcopy, set u_error and abort
775: * the copy, but don't send signal to the user.
776: */
777: if (eip >= &__xtrap_on__ && eip < &__xtrap_off__) {
778: T_HAL(0x1000, printf("copy trapped "));
779: SET_U_ERROR(EFAULT, "copy service");
780: eip = &__xtrap_break__;
781: goto pf_end;
782: } else {
783: printf("&uesp=>");
784: SDUMP(&uesp);
785: #if 0
786: printf("*(&uesp + 2)=>");
787: SDUMP(*((&uesp) + 2));
788: #endif
789: printf("cr2=%x", cr2);
790: RDUMP();
791: panic("Kernel Page Fault");
792: }
793: }
794:
795: /* Check for stack underflow. */
796:
797: /*
798: * I think 'splo' is being calculated in a bass-ackwards way,
799: * and that 'datahi' is just wrong, but I'm not certain,
800: * so the fixes are #if 0'd out. -piggy
801: *
802: * I'll take out the 0 some day and test these changes.
803: */
804: segp = u.u_segl[SISTACK].sr_segp;
805: #if 0
806: splo = u.u_segl[SISTACK].sr_base - segp->s_size;
807: datahi = u.u_segl[SIPDATA].sr_base + u.u_segl[SIPDATA].sr_size;
808: #else
809: splo = (XMODE_286) ? ISP_286 : ISP_386;
810: splo -= segp->s_size;
811: datahi = u.u_segl[SIPDATA].sr_size;
812: #endif /* 0 */
813:
814: /*
815: * Catch bad function pointer here - don't want to restart
816: * the user instruction and get runaway segv's.
817: *
818: * For 286 executables, eip starts at 0, but cs points to
819: * descriptor SEG_286_UII which adds 0x400000 (UII_BASE).
820: */
821: txtlo = u.u_segl[SISTEXT].sr_base;
822: if (XMODE_286)
823: txtlo -= UII_BASE;
824: txthi = txtlo + u.u_segl[SISTEXT].sr_size;
825: if (eip < txtlo || eip > txthi) {
826: T_HAL(0x1000, printf("Bad eip, txtlo=%x txthi=%x\n",
827: txtlo, txthi));
828: goto bad_pf;
829: }
830:
831: /*
832: * If we trapped on an 'enter' instruction, the stack
833: * pointer (uesp) has not yet been decremented. In
834: * order to correctly process such a stack overflow,
835: * we must look at the _expected_ value for uesp.
836: * NB: We COPY uesp, because that arg gets loaded back
837: * into the real esp--when we return from the trap the
838: * enter instruction will decrement the esp.
839: */
840: newsp = uesp;
841: opcode = selkcopy(cs, eip);
842: if (ENTER_OP == opcode) {
843: e_arg = (selkcopy(cs, eip+2)<<8) + selkcopy(cs, eip+1);
844: newsp -= e_arg;
845: }
846:
847: if (cr2 <= splo
848: && newsp <= splo
849: && newsp > datahi
850: && btoc(datahi) < btocrd(splo)) {
851: pp = c_extend(segp->s_vmem, btoc(segp->s_size));
852: if (pp==0) {
853: T_HAL(0x1000, printf("c_extend(%x,%x)=0 ",
854: segp->s_vmem, btoc(segp->s_size)));
855: goto bad_pf;
856: }
857:
858: segp->s_vmem = pp;
859: segp->s_size += NBPC;
860: if (sproto(0)==0) {
861: T_HAL(0x1000, printf("sproto(0)=0 "));
862: goto bad_pf;
863: }
864:
865: segload();
866: goto pf_end;
867: }
868:
869: /*
870: * Catch bad data pointer here - don't want to restart
871: * the user instruction and get runaway segv's.
872: */
873: {
874: T_HAL(0x1000, printf("Bad data, splo=%x datahi=%x\n",
875: splo, datahi));
876: }
877:
878: bad_pf:
879: /*
880: * User generated unacceptable page fault.
881: */
882: sigcode = SIGSEGV;
883: printf("\ncr2=%x ", cr2);
884: }
885:
886: pf_end:
887: /*
888: * Send user a signal.
889: * If not a breakpoint, do console register dump.
890: */
891: if (sigcode) {
892: RDUMP();
893: printf("sigcode=#%d User Page Fault\n", sigcode);
894: sendsig(sigcode, SELF);
895: }
896: }
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.