Back to home page

LXR

 
 

    


0001 /*
0002  * Low-level exception handling
0003  *
0004  * This file is subject to the terms and conditions of the GNU General Public
0005  * License.  See the file "COPYING" in the main directory of this archive
0006  * for more details.
0007  *
0008  * Copyright (C) 2004 - 2008 by Tensilica Inc.
0009  * Copyright (C) 2015 Cadence Design Systems Inc.
0010  *
0011  * Chris Zankel <chris@zankel.net>
0012  *
0013  */
0014 
0015 #include <linux/linkage.h>
0016 #include <asm/asm-offsets.h>
0017 #include <asm/processor.h>
0018 #include <asm/coprocessor.h>
0019 #include <asm/thread_info.h>
0020 #include <asm/asm-uaccess.h>
0021 #include <asm/unistd.h>
0022 #include <asm/ptrace.h>
0023 #include <asm/current.h>
0024 #include <asm/pgtable.h>
0025 #include <asm/page.h>
0026 #include <asm/signal.h>
0027 #include <asm/tlbflush.h>
0028 #include <variant/tie-asm.h>
0029 
0030 /* Unimplemented features. */
0031 
0032 #undef KERNEL_STACK_OVERFLOW_CHECK
0033 
0034 /* Not well tested.
0035  *
0036  * - fast_coprocessor
0037  */
0038 
0039 /*
0040  * Macro to find first bit set in WINDOWBASE from the left + 1
0041  *
0042  * 100....0 -> 1
0043  * 010....0 -> 2
0044  * 000....1 -> WSBITS
0045  */
0046 
0047     .macro ffs_ws bit mask
0048 
0049 #if XCHAL_HAVE_NSA
0050     nsau    \bit, \mask         # 32-WSBITS ... 31 (32 iff 0)
0051     addi    \bit, \bit, WSBITS - 32 + 1     # uppest bit set -> return 1
0052 #else
0053     movi    \bit, WSBITS
0054 #if WSBITS > 16
0055     _bltui  \mask, 0x10000, 99f
0056     addi    \bit, \bit, -16
0057     extui   \mask, \mask, 16, 16
0058 #endif
0059 #if WSBITS > 8
0060 99: _bltui  \mask, 0x100, 99f
0061     addi    \bit, \bit, -8
0062     srli    \mask, \mask, 8
0063 #endif
0064 99: _bltui  \mask, 0x10, 99f
0065     addi    \bit, \bit, -4
0066     srli    \mask, \mask, 4
0067 99: _bltui  \mask, 0x4, 99f
0068     addi    \bit, \bit, -2
0069     srli    \mask, \mask, 2
0070 99: _bltui  \mask, 0x2, 99f
0071     addi    \bit, \bit, -1
0072 99:
0073 
0074 #endif
0075     .endm
0076 
0077 
0078     .macro  irq_save flags tmp
0079 #if XTENSA_FAKE_NMI
0080 #if defined(CONFIG_DEBUG_KERNEL) && (LOCKLEVEL | TOPLEVEL) >= XCHAL_DEBUGLEVEL
0081     rsr \flags, ps
0082     extui   \tmp, \flags, PS_INTLEVEL_SHIFT, PS_INTLEVEL_WIDTH
0083     bgei    \tmp, LOCKLEVEL, 99f
0084     rsil    \tmp, LOCKLEVEL
0085 99:
0086 #else
0087     movi    \tmp, LOCKLEVEL
0088     rsr \flags, ps
0089     or  \flags, \flags, \tmp
0090     xsr \flags, ps
0091     rsync
0092 #endif
0093 #else
0094     rsil    \flags, LOCKLEVEL
0095 #endif
0096     .endm
0097 
0098 /* ----------------- DEFAULT FIRST LEVEL EXCEPTION HANDLERS ----------------- */
0099 
0100 /*
0101  * First-level exception handler for user exceptions.
0102  * Save some special registers, extra states and all registers in the AR
0103  * register file that were in use in the user task, and jump to the common
0104  * exception code.
0105  * We save SAR (used to calculate WMASK), and WB and WS (we don't have to
0106  * save them for kernel exceptions).
0107  *
0108  * Entry condition for user_exception:
0109  *
0110  *   a0:    trashed, original value saved on stack (PT_AREG0)
0111  *   a1:    a1
0112  *   a2:    new stack pointer, original value in depc
0113  *   a3:    a3
0114  *   depc:  a2, original value saved on stack (PT_DEPC)
0115  *   excsave1:  dispatch table
0116  *
0117  *   PT_DEPC >= VALID_DOUBLE_EXCEPTION_ADDRESS: double exception, DEPC
0118  *       <  VALID_DOUBLE_EXCEPTION_ADDRESS: regular exception
0119  *
0120  * Entry condition for _user_exception:
0121  *
0122  *   a0-a3 and depc have been saved to PT_AREG0...PT_AREG3 and PT_DEPC
0123  *   excsave has been restored, and
0124  *   stack pointer (a1) has been set.
0125  *
0126  * Note: _user_exception might be at an odd address. Don't use call0..call12
0127  */
0128 
0129 ENTRY(user_exception)
0130 
0131     /* Save a1, a2, a3, and set SP. */
0132 
0133     rsr a0, depc
0134     s32i    a1, a2, PT_AREG1
0135     s32i    a0, a2, PT_AREG2
0136     s32i    a3, a2, PT_AREG3
0137     mov a1, a2
0138 
0139     .globl _user_exception
0140 _user_exception:
0141 
0142     /* Save SAR and turn off single stepping */
0143 
0144     movi    a2, 0
0145     wsr a2, depc        # terminate user stack trace with 0
0146     rsr a3, sar
0147     xsr a2, icountlevel
0148     s32i    a3, a1, PT_SAR
0149     s32i    a2, a1, PT_ICOUNTLEVEL
0150 
0151 #if XCHAL_HAVE_THREADPTR
0152     rur a2, threadptr
0153     s32i    a2, a1, PT_THREADPTR
0154 #endif
0155 
0156     /* Rotate ws so that the current windowbase is at bit0. */
0157     /* Assume ws = xxwww1yyyy. Rotate ws right, so that a2 = yyyyxxwww1 */
0158 
0159     rsr a2, windowbase
0160     rsr a3, windowstart
0161     ssr a2
0162     s32i    a2, a1, PT_WINDOWBASE
0163     s32i    a3, a1, PT_WINDOWSTART
0164     slli    a2, a3, 32-WSBITS
0165     src a2, a3, a2
0166     srli    a2, a2, 32-WSBITS
0167     s32i    a2, a1, PT_WMASK    # needed for restoring registers
0168 
0169     /* Save only live registers. */
0170 
0171     _bbsi.l a2, 1, 1f
0172     s32i    a4, a1, PT_AREG4
0173     s32i    a5, a1, PT_AREG5
0174     s32i    a6, a1, PT_AREG6
0175     s32i    a7, a1, PT_AREG7
0176     _bbsi.l a2, 2, 1f
0177     s32i    a8, a1, PT_AREG8
0178     s32i    a9, a1, PT_AREG9
0179     s32i    a10, a1, PT_AREG10
0180     s32i    a11, a1, PT_AREG11
0181     _bbsi.l a2, 3, 1f
0182     s32i    a12, a1, PT_AREG12
0183     s32i    a13, a1, PT_AREG13
0184     s32i    a14, a1, PT_AREG14
0185     s32i    a15, a1, PT_AREG15
0186     _bnei   a2, 1, 1f       # only one valid frame?
0187 
0188     /* Only one valid frame, skip saving regs. */
0189 
0190     j   2f
0191 
0192     /* Save the remaining registers.
0193      * We have to save all registers up to the first '1' from
0194      * the right, except the current frame (bit 0).
0195      * Assume a2 is:  001001000110001
0196      * All register frames starting from the top field to the marked '1'
0197      * must be saved.
0198      */
0199 
0200 1:  addi    a3, a2, -1      # eliminate '1' in bit 0: yyyyxxww0
0201     neg a3, a3          # yyyyxxww0 -> YYYYXXWW1+1
0202     and a3, a3, a2      # max. only one bit is set
0203 
0204     /* Find number of frames to save */
0205 
0206     ffs_ws  a0, a3          # number of frames to the '1' from left
0207 
0208     /* Store information into WMASK:
0209      * bits 0..3: xxx1 masked lower 4 bits of the rotated windowstart,
0210      * bits 4...: number of valid 4-register frames
0211      */
0212 
0213     slli    a3, a0, 4       # number of frames to save in bits 8..4
0214     extui   a2, a2, 0, 4        # mask for the first 16 registers
0215     or  a2, a3, a2
0216     s32i    a2, a1, PT_WMASK    # needed when we restore the reg-file
0217 
0218     /* Save 4 registers at a time */
0219 
0220 1:  rotw    -1
0221     s32i    a0, a5, PT_AREG_END - 16
0222     s32i    a1, a5, PT_AREG_END - 12
0223     s32i    a2, a5, PT_AREG_END - 8
0224     s32i    a3, a5, PT_AREG_END - 4
0225     addi    a0, a4, -1
0226     addi    a1, a5, -16
0227     _bnez   a0, 1b
0228 
0229     /* WINDOWBASE still in SAR! */
0230 
0231     rsr a2, sar         # original WINDOWBASE
0232     movi    a3, 1
0233     ssl a2
0234     sll a3, a3
0235     wsr a3, windowstart     # set corresponding WINDOWSTART bit
0236     wsr a2, windowbase      # and WINDOWSTART
0237     rsync
0238 
0239     /* We are back to the original stack pointer (a1) */
0240 
0241 2:  /* Now, jump to the common exception handler. */
0242 
0243     j   common_exception
0244 
0245 ENDPROC(user_exception)
0246 
0247 /*
0248  * First-level exit handler for kernel exceptions
0249  * Save special registers and the live window frame.
0250  * Note: Even though we changes the stack pointer, we don't have to do a
0251  *   MOVSP here, as we do that when we return from the exception.
0252  *   (See comment in the kernel exception exit code)
0253  *
0254  * Entry condition for kernel_exception:
0255  *
0256  *   a0:    trashed, original value saved on stack (PT_AREG0)
0257  *   a1:    a1
0258  *   a2:    new stack pointer, original in DEPC
0259  *   a3:    a3
0260  *   depc:  a2, original value saved on stack (PT_DEPC)
0261  *   excsave_1: dispatch table
0262  *
0263  *   PT_DEPC >= VALID_DOUBLE_EXCEPTION_ADDRESS: double exception, DEPC
0264  *       <  VALID_DOUBLE_EXCEPTION_ADDRESS: regular exception
0265  *
0266  * Entry condition for _kernel_exception:
0267  *
0268  *   a0-a3 and depc have been saved to PT_AREG0...PT_AREG3 and PT_DEPC
0269  *   excsave has been restored, and
0270  *   stack pointer (a1) has been set.
0271  *
0272  * Note: _kernel_exception might be at an odd address. Don't use call0..call12
0273  */
0274 
0275 ENTRY(kernel_exception)
0276 
0277     /* Save a1, a2, a3, and set SP. */
0278 
0279     rsr a0, depc        # get a2
0280     s32i    a1, a2, PT_AREG1
0281     s32i    a0, a2, PT_AREG2
0282     s32i    a3, a2, PT_AREG3
0283     mov a1, a2
0284 
0285     .globl _kernel_exception
0286 _kernel_exception:
0287 
0288     /* Save SAR and turn off single stepping */
0289 
0290     movi    a2, 0
0291     rsr a3, sar
0292     xsr a2, icountlevel
0293     s32i    a3, a1, PT_SAR
0294     s32i    a2, a1, PT_ICOUNTLEVEL
0295 
0296     /* Rotate ws so that the current windowbase is at bit0. */
0297     /* Assume ws = xxwww1yyyy. Rotate ws right, so that a2 = yyyyxxwww1 */
0298 
0299     rsr a2, windowbase      # don't need to save these, we only
0300     rsr a3, windowstart     # need shifted windowstart: windowmask
0301     ssr a2
0302     slli    a2, a3, 32-WSBITS
0303     src a2, a3, a2
0304     srli    a2, a2, 32-WSBITS
0305     s32i    a2, a1, PT_WMASK    # needed for kernel_exception_exit
0306 
0307     /* Save only the live window-frame */
0308 
0309     _bbsi.l a2, 1, 1f
0310     s32i    a4, a1, PT_AREG4
0311     s32i    a5, a1, PT_AREG5
0312     s32i    a6, a1, PT_AREG6
0313     s32i    a7, a1, PT_AREG7
0314     _bbsi.l a2, 2, 1f
0315     s32i    a8, a1, PT_AREG8
0316     s32i    a9, a1, PT_AREG9
0317     s32i    a10, a1, PT_AREG10
0318     s32i    a11, a1, PT_AREG11
0319     _bbsi.l a2, 3, 1f
0320     s32i    a12, a1, PT_AREG12
0321     s32i    a13, a1, PT_AREG13
0322     s32i    a14, a1, PT_AREG14
0323     s32i    a15, a1, PT_AREG15
0324 
0325     _bnei   a2, 1, 1f
0326 
0327     /* Copy spill slots of a0 and a1 to imitate movsp
0328      * in order to keep exception stack continuous
0329      */
0330     l32i    a3, a1, PT_SIZE
0331     l32i    a0, a1, PT_SIZE + 4
0332     s32e    a3, a1, -16
0333     s32e    a0, a1, -12
0334 1:
0335     l32i    a0, a1, PT_AREG0    # restore saved a0
0336     wsr a0, depc
0337 
0338 #ifdef KERNEL_STACK_OVERFLOW_CHECK
0339 
0340     /*  Stack overflow check, for debugging  */
0341     extui   a2, a1, TASK_SIZE_BITS,XX
0342     movi    a3, SIZE??
0343     _bge    a2, a3, out_of_stack_panic
0344 
0345 #endif
0346 
0347 /*
0348  * This is the common exception handler.
0349  * We get here from the user exception handler or simply by falling through
0350  * from the kernel exception handler.
0351  * Save the remaining special registers, switch to kernel mode, and jump
0352  * to the second-level exception handler.
0353  *
0354  */
0355 
0356 common_exception:
0357 
0358     /* Save some registers, disable loops and clear the syscall flag. */
0359 
0360     rsr a2, debugcause
0361     rsr a3, epc1
0362     s32i    a2, a1, PT_DEBUGCAUSE
0363     s32i    a3, a1, PT_PC
0364 
0365     movi    a2, -1
0366     rsr a3, excvaddr
0367     s32i    a2, a1, PT_SYSCALL
0368     movi    a2, 0
0369     s32i    a3, a1, PT_EXCVADDR
0370 #if XCHAL_HAVE_LOOPS
0371     xsr a2, lcount
0372     s32i    a2, a1, PT_LCOUNT
0373 #endif
0374 
0375     /* It is now save to restore the EXC_TABLE_FIXUP variable. */
0376 
0377     rsr a2, exccause
0378     movi    a3, 0
0379     rsr a0, excsave1
0380     s32i    a2, a1, PT_EXCCAUSE
0381     s32i    a3, a0, EXC_TABLE_FIXUP
0382 
0383     /* All unrecoverable states are saved on stack, now, and a1 is valid.
0384      * Now we can allow exceptions again. In case we've got an interrupt
0385      * PS.INTLEVEL is set to LOCKLEVEL disabling furhter interrupts,
0386      * otherwise it's left unchanged.
0387      *
0388      * Set PS(EXCM = 0, UM = 0, RING = 0, OWB = 0, WOE = 1, INTLEVEL = X)
0389      */
0390 
0391     rsr a3, ps
0392     s32i    a3, a1, PT_PS       # save ps
0393 
0394 #if XTENSA_FAKE_NMI
0395     /* Correct PS needs to be saved in the PT_PS:
0396      * - in case of exception or level-1 interrupt it's in the PS,
0397      *   and is already saved.
0398      * - in case of medium level interrupt it's in the excsave2.
0399      */
0400     movi    a0, EXCCAUSE_MAPPED_NMI
0401     extui   a3, a3, PS_INTLEVEL_SHIFT, PS_INTLEVEL_WIDTH
0402     beq a2, a0, .Lmedium_level_irq
0403     bnei    a2, EXCCAUSE_LEVEL1_INTERRUPT, .Lexception
0404     beqz    a3, .Llevel1_irq    # level-1 IRQ sets ps.intlevel to 0
0405 
0406 .Lmedium_level_irq:
0407     rsr a0, excsave2
0408     s32i    a0, a1, PT_PS       # save medium-level interrupt ps
0409     bgei    a3, LOCKLEVEL, .Lexception
0410 
0411 .Llevel1_irq:
0412     movi    a3, LOCKLEVEL
0413 
0414 .Lexception:
0415     movi    a0, 1 << PS_WOE_BIT
0416     or  a3, a3, a0
0417 #else
0418     addi    a2, a2, -EXCCAUSE_LEVEL1_INTERRUPT
0419     movi    a0, LOCKLEVEL
0420     extui   a3, a3, PS_INTLEVEL_SHIFT, PS_INTLEVEL_WIDTH
0421                     # a3 = PS.INTLEVEL
0422     moveqz  a3, a0, a2      # a3 = LOCKLEVEL iff interrupt
0423     movi    a2, 1 << PS_WOE_BIT
0424     or  a3, a3, a2
0425     rsr a2, exccause
0426 #endif
0427 
0428     /* restore return address (or 0 if return to userspace) */
0429     rsr a0, depc
0430     wsr a3, ps
0431     rsync               # PS.WOE => rsync => overflow
0432 
0433     /* Save lbeg, lend */
0434 #if XCHAL_HAVE_LOOPS
0435     rsr a4, lbeg
0436     rsr a3, lend
0437     s32i    a4, a1, PT_LBEG
0438     s32i    a3, a1, PT_LEND
0439 #endif
0440 
0441     /* Save SCOMPARE1 */
0442 
0443 #if XCHAL_HAVE_S32C1I
0444     rsr     a3, scompare1
0445     s32i    a3, a1, PT_SCOMPARE1
0446 #endif
0447 
0448     /* Save optional registers. */
0449 
0450     save_xtregs_opt a1 a3 a4 a5 a6 a7 PT_XTREGS_OPT
0451     
0452     /* Go to second-level dispatcher. Set up parameters to pass to the
0453      * exception handler and call the exception handler.
0454      */
0455 
0456     rsr a4, excsave1
0457     mov a6, a1          # pass stack frame
0458     mov a7, a2          # pass EXCCAUSE
0459     addx4   a4, a2, a4
0460     l32i    a4, a4, EXC_TABLE_DEFAULT       # load handler
0461 
0462     /* Call the second-level handler */
0463 
0464     callx4  a4
0465 
0466     /* Jump here for exception exit */
0467     .global common_exception_return
0468 common_exception_return:
0469 
0470 #if XTENSA_FAKE_NMI
0471     l32i    a2, a1, PT_EXCCAUSE
0472     movi    a3, EXCCAUSE_MAPPED_NMI
0473     beq a2, a3, .LNMIexit
0474 #endif
0475 1:
0476     irq_save a2, a3
0477 #ifdef CONFIG_TRACE_IRQFLAGS
0478     movi    a4, trace_hardirqs_off
0479     callx4  a4
0480 #endif
0481 
0482     /* Jump if we are returning from kernel exceptions. */
0483 
0484     l32i    a3, a1, PT_PS
0485     GET_THREAD_INFO(a2, a1)
0486     l32i    a4, a2, TI_FLAGS
0487     _bbci.l a3, PS_UM_BIT, 6f
0488 
0489     /* Specific to a user exception exit:
0490      * We need to check some flags for signal handling and rescheduling,
0491      * and have to restore WB and WS, extra states, and all registers
0492      * in the register file that were in use in the user task.
0493      * Note that we don't disable interrupts here. 
0494      */
0495 
0496     _bbsi.l a4, TIF_NEED_RESCHED, 3f
0497     _bbsi.l a4, TIF_NOTIFY_RESUME, 2f
0498     _bbci.l a4, TIF_SIGPENDING, 5f
0499 
0500 2:  l32i    a4, a1, PT_DEPC
0501     bgeui   a4, VALID_DOUBLE_EXCEPTION_ADDRESS, 4f
0502 
0503     /* Call do_signal() */
0504 
0505 #ifdef CONFIG_TRACE_IRQFLAGS
0506     movi    a4, trace_hardirqs_on
0507     callx4  a4
0508 #endif
0509     rsil    a2, 0
0510     movi    a4, do_notify_resume    # int do_notify_resume(struct pt_regs*)
0511     mov a6, a1
0512     callx4  a4
0513     j   1b
0514 
0515 3:  /* Reschedule */
0516 
0517 #ifdef CONFIG_TRACE_IRQFLAGS
0518     movi    a4, trace_hardirqs_on
0519     callx4  a4
0520 #endif
0521     rsil    a2, 0
0522     movi    a4, schedule    # void schedule (void)
0523     callx4  a4
0524     j   1b
0525 
0526 #ifdef CONFIG_PREEMPT
0527 6:
0528     _bbci.l a4, TIF_NEED_RESCHED, 4f
0529 
0530     /* Check current_thread_info->preempt_count */
0531 
0532     l32i    a4, a2, TI_PRE_COUNT
0533     bnez    a4, 4f
0534     movi    a4, preempt_schedule_irq
0535     callx4  a4
0536     j   1b
0537 #endif
0538 
0539 #if XTENSA_FAKE_NMI
0540 .LNMIexit:
0541     l32i    a3, a1, PT_PS
0542     _bbci.l a3, PS_UM_BIT, 4f
0543 #endif
0544 
0545 5:
0546 #ifdef CONFIG_HAVE_HW_BREAKPOINT
0547     _bbci.l a4, TIF_DB_DISABLED, 7f
0548     movi    a4, restore_dbreak
0549     callx4  a4
0550 7:
0551 #endif
0552 #ifdef CONFIG_DEBUG_TLB_SANITY
0553     l32i    a4, a1, PT_DEPC
0554     bgeui   a4, VALID_DOUBLE_EXCEPTION_ADDRESS, 4f
0555     movi    a4, check_tlb_sanity
0556     callx4  a4
0557 #endif
0558 6:
0559 4:
0560 #ifdef CONFIG_TRACE_IRQFLAGS
0561     extui   a4, a3, PS_INTLEVEL_SHIFT, PS_INTLEVEL_WIDTH
0562     bgei    a4, LOCKLEVEL, 1f
0563     movi    a4, trace_hardirqs_on
0564     callx4  a4
0565 1:
0566 #endif
0567     /* Restore optional registers. */
0568 
0569     load_xtregs_opt a1 a2 a4 a5 a6 a7 PT_XTREGS_OPT
0570 
0571     /* Restore SCOMPARE1 */
0572 
0573 #if XCHAL_HAVE_S32C1I
0574     l32i    a2, a1, PT_SCOMPARE1
0575     wsr     a2, scompare1
0576 #endif
0577     wsr a3, ps      /* disable interrupts */
0578 
0579     _bbci.l a3, PS_UM_BIT, kernel_exception_exit
0580 
0581 user_exception_exit:
0582 
0583     /* Restore the state of the task and return from the exception. */
0584 
0585     /* Switch to the user thread WINDOWBASE. Save SP temporarily in DEPC */
0586 
0587     l32i    a2, a1, PT_WINDOWBASE
0588     l32i    a3, a1, PT_WINDOWSTART
0589     wsr a1, depc        # use DEPC as temp storage
0590     wsr a3, windowstart     # restore WINDOWSTART
0591     ssr a2          # preserve user's WB in the SAR
0592     wsr a2, windowbase      # switch to user's saved WB
0593     rsync
0594     rsr a1, depc        # restore stack pointer
0595     l32i    a2, a1, PT_WMASK    # register frames saved (in bits 4...9)
0596     rotw    -1          # we restore a4..a7
0597     _bltui  a6, 16, 1f      # only have to restore current window?
0598 
0599     /* The working registers are a0 and a3.  We are restoring to
0600      * a4..a7.  Be careful not to destroy what we have just restored.
0601      * Note: wmask has the format YYYYM:
0602      *       Y: number of registers saved in groups of 4
0603      *       M: 4 bit mask of first 16 registers
0604      */
0605 
0606     mov a2, a6
0607     mov a3, a5
0608 
0609 2:  rotw    -1          # a0..a3 become a4..a7
0610     addi    a3, a7, -4*4        # next iteration
0611     addi    a2, a6, -16     # decrementing Y in WMASK
0612     l32i    a4, a3, PT_AREG_END + 0
0613     l32i    a5, a3, PT_AREG_END + 4
0614     l32i    a6, a3, PT_AREG_END + 8
0615     l32i    a7, a3, PT_AREG_END + 12
0616     _bgeui  a2, 16, 2b
0617 
0618     /* Clear unrestored registers (don't leak anything to user-land */
0619 
0620 1:  rsr a0, windowbase
0621     rsr a3, sar
0622     sub a3, a0, a3
0623     beqz    a3, 2f
0624     extui   a3, a3, 0, WBBITS
0625 
0626 1:  rotw    -1
0627     addi    a3, a7, -1
0628     movi    a4, 0
0629     movi    a5, 0
0630     movi    a6, 0
0631     movi    a7, 0
0632     bgei    a3, 1, 1b
0633 
0634     /* We are back were we were when we started.
0635      * Note: a2 still contains WMASK (if we've returned to the original
0636      *   frame where we had loaded a2), or at least the lower 4 bits
0637      *   (if we have restored WSBITS-1 frames).
0638      */
0639 
0640 2:
0641 #if XCHAL_HAVE_THREADPTR
0642     l32i    a3, a1, PT_THREADPTR
0643     wur a3, threadptr
0644 #endif
0645 
0646     j   common_exception_exit
0647 
0648     /* This is the kernel exception exit.
0649      * We avoided to do a MOVSP when we entered the exception, but we
0650      * have to do it here.
0651      */
0652 
0653 kernel_exception_exit:
0654 
0655     /* Check if we have to do a movsp.
0656      *
0657      * We only have to do a movsp if the previous window-frame has
0658      * been spilled to the *temporary* exception stack instead of the
0659      * task's stack. This is the case if the corresponding bit in
0660      * WINDOWSTART for the previous window-frame was set before
0661      * (not spilled) but is zero now (spilled).
0662      * If this bit is zero, all other bits except the one for the
0663      * current window frame are also zero. So, we can use a simple test:
0664      * 'and' WINDOWSTART and WINDOWSTART-1:
0665      *
0666      *  (XXXXXX1[0]* - 1) AND XXXXXX1[0]* = XXXXXX0[0]*
0667      *
0668      * The result is zero only if one bit was set.
0669      *
0670      * (Note: We might have gone through several task switches before
0671      *        we come back to the current task, so WINDOWBASE might be
0672      *        different from the time the exception occurred.)
0673      */
0674 
0675     /* Test WINDOWSTART before and after the exception.
0676      * We actually have WMASK, so we only have to test if it is 1 or not.
0677      */
0678 
0679     l32i    a2, a1, PT_WMASK
0680     _beqi   a2, 1, common_exception_exit    # Spilled before exception,jump
0681 
0682     /* Test WINDOWSTART now. If spilled, do the movsp */
0683 
0684     rsr     a3, windowstart
0685     addi    a0, a3, -1
0686     and     a3, a3, a0
0687     _bnez   a3, common_exception_exit
0688 
0689     /* Do a movsp (we returned from a call4, so we have at least a0..a7) */
0690 
0691     addi    a0, a1, -16
0692     l32i    a3, a0, 0
0693     l32i    a4, a0, 4
0694     s32i    a3, a1, PT_SIZE+0
0695     s32i    a4, a1, PT_SIZE+4
0696     l32i    a3, a0, 8
0697     l32i    a4, a0, 12
0698     s32i    a3, a1, PT_SIZE+8
0699     s32i    a4, a1, PT_SIZE+12
0700 
0701     /* Common exception exit.
0702      * We restore the special register and the current window frame, and
0703      * return from the exception.
0704      *
0705      * Note: We expect a2 to hold PT_WMASK
0706      */
0707 
0708 common_exception_exit:
0709 
0710     /* Restore address registers. */
0711 
0712     _bbsi.l a2, 1, 1f
0713     l32i    a4,  a1, PT_AREG4
0714     l32i    a5,  a1, PT_AREG5
0715     l32i    a6,  a1, PT_AREG6
0716     l32i    a7,  a1, PT_AREG7
0717     _bbsi.l a2, 2, 1f
0718     l32i    a8,  a1, PT_AREG8
0719     l32i    a9,  a1, PT_AREG9
0720     l32i    a10, a1, PT_AREG10
0721     l32i    a11, a1, PT_AREG11
0722     _bbsi.l a2, 3, 1f
0723     l32i    a12, a1, PT_AREG12
0724     l32i    a13, a1, PT_AREG13
0725     l32i    a14, a1, PT_AREG14
0726     l32i    a15, a1, PT_AREG15
0727 
0728     /* Restore PC, SAR */
0729 
0730 1:  l32i    a2, a1, PT_PC
0731     l32i    a3, a1, PT_SAR
0732     wsr a2, epc1
0733     wsr a3, sar
0734 
0735     /* Restore LBEG, LEND, LCOUNT */
0736 #if XCHAL_HAVE_LOOPS
0737     l32i    a2, a1, PT_LBEG
0738     l32i    a3, a1, PT_LEND
0739     wsr a2, lbeg
0740     l32i    a2, a1, PT_LCOUNT
0741     wsr a3, lend
0742     wsr a2, lcount
0743 #endif
0744 
0745     /* We control single stepping through the ICOUNTLEVEL register. */
0746 
0747     l32i    a2, a1, PT_ICOUNTLEVEL
0748     movi    a3, -2
0749     wsr a2, icountlevel
0750     wsr a3, icount
0751 
0752     /* Check if it was double exception. */
0753 
0754     l32i    a0, a1, PT_DEPC
0755     l32i    a3, a1, PT_AREG3
0756     l32i    a2, a1, PT_AREG2
0757     _bgeui  a0, VALID_DOUBLE_EXCEPTION_ADDRESS, 1f
0758 
0759     /* Restore a0...a3 and return */
0760 
0761     l32i    a0, a1, PT_AREG0
0762     l32i    a1, a1, PT_AREG1
0763     rfe
0764 
0765 1:  wsr a0, depc
0766     l32i    a0, a1, PT_AREG0
0767     l32i    a1, a1, PT_AREG1
0768     rfde
0769 
0770 ENDPROC(kernel_exception)
0771 
0772 /*
0773  * Debug exception handler.
0774  *
0775  * Currently, we don't support KGDB, so only user application can be debugged.
0776  *
0777  * When we get here,  a0 is trashed and saved to excsave[debuglevel]
0778  */
0779 
0780 ENTRY(debug_exception)
0781 
0782     rsr a0, SREG_EPS + XCHAL_DEBUGLEVEL
0783     bbsi.l  a0, PS_EXCM_BIT, 1f # exception mode
0784 
0785     /* Set EPC1 and EXCCAUSE */
0786 
0787     wsr a2, depc        # save a2 temporarily
0788     rsr a2, SREG_EPC + XCHAL_DEBUGLEVEL
0789     wsr a2, epc1
0790 
0791     movi    a2, EXCCAUSE_MAPPED_DEBUG
0792     wsr a2, exccause
0793 
0794     /* Restore PS to the value before the debug exc but with PS.EXCM set.*/
0795 
0796     movi    a2, 1 << PS_EXCM_BIT
0797     or  a2, a0, a2
0798     wsr a2, ps
0799 
0800     /* Switch to kernel/user stack, restore jump vector, and save a0 */
0801 
0802     bbsi.l  a2, PS_UM_BIT, 2f   # jump if user mode
0803 
0804     addi    a2, a1, -16-PT_SIZE # assume kernel stack
0805 3:
0806     l32i    a0, a3, DT_DEBUG_SAVE
0807     s32i    a1, a2, PT_AREG1
0808     s32i    a0, a2, PT_AREG0
0809     movi    a0, 0
0810     s32i    a0, a2, PT_DEPC     # mark it as a regular exception
0811     xsr a3, SREG_EXCSAVE + XCHAL_DEBUGLEVEL
0812     xsr a0, depc
0813     s32i    a3, a2, PT_AREG3
0814     s32i    a0, a2, PT_AREG2
0815     mov a1, a2
0816 
0817     /* Debug exception is handled as an exception, so interrupts will
0818      * likely be enabled in the common exception handler. Disable
0819      * preemption if we have HW breakpoints to preserve DEBUGCAUSE.DBNUM
0820      * meaning.
0821      */
0822 #if defined(CONFIG_PREEMPT_COUNT) && defined(CONFIG_HAVE_HW_BREAKPOINT)
0823     GET_THREAD_INFO(a2, a1)
0824     l32i    a3, a2, TI_PRE_COUNT
0825     addi    a3, a3, 1
0826     s32i    a3, a2, TI_PRE_COUNT
0827 #endif
0828 
0829     rsr a2, ps
0830     bbsi.l  a2, PS_UM_BIT, _user_exception
0831     j   _kernel_exception
0832 
0833 2:  rsr a2, excsave1
0834     l32i    a2, a2, EXC_TABLE_KSTK  # load kernel stack pointer
0835     j   3b
0836 
0837 #ifdef CONFIG_HAVE_HW_BREAKPOINT
0838     /* Debug exception while in exception mode. This may happen when
0839      * window overflow/underflow handler or fast exception handler hits
0840      * data breakpoint, in which case save and disable all data
0841      * breakpoints, single-step faulting instruction and restore data
0842      * breakpoints.
0843      */
0844 1:
0845     bbci.l  a0, PS_UM_BIT, 1b   # jump if kernel mode
0846 
0847     rsr a0, debugcause
0848     bbsi.l  a0, DEBUGCAUSE_DBREAK_BIT, .Ldebug_save_dbreak
0849 
0850     .set    _index, 0
0851     .rept   XCHAL_NUM_DBREAK
0852     l32i    a0, a3, DT_DBREAKC_SAVE + _index * 4
0853     wsr a0, SREG_DBREAKC + _index
0854     .set    _index, _index + 1
0855     .endr
0856 
0857     l32i    a0, a3, DT_ICOUNT_LEVEL_SAVE
0858     wsr a0, icountlevel
0859 
0860     l32i    a0, a3, DT_ICOUNT_SAVE
0861     xsr a0, icount
0862 
0863     l32i    a0, a3, DT_DEBUG_SAVE
0864     xsr a3, SREG_EXCSAVE + XCHAL_DEBUGLEVEL
0865     rfi XCHAL_DEBUGLEVEL
0866 
0867 .Ldebug_save_dbreak:
0868     .set    _index, 0
0869     .rept   XCHAL_NUM_DBREAK
0870     movi    a0, 0
0871     xsr a0, SREG_DBREAKC + _index
0872     s32i    a0, a3, DT_DBREAKC_SAVE + _index * 4
0873     .set    _index, _index + 1
0874     .endr
0875 
0876     movi    a0, XCHAL_EXCM_LEVEL + 1
0877     xsr a0, icountlevel
0878     s32i    a0, a3, DT_ICOUNT_LEVEL_SAVE
0879 
0880     movi    a0, 0xfffffffe
0881     xsr a0, icount
0882     s32i    a0, a3, DT_ICOUNT_SAVE
0883 
0884     l32i    a0, a3, DT_DEBUG_SAVE
0885     xsr a3, SREG_EXCSAVE + XCHAL_DEBUGLEVEL
0886     rfi XCHAL_DEBUGLEVEL
0887 #else
0888     /* Debug exception while in exception mode. Should not happen. */
0889 1:  j   1b  // FIXME!!
0890 #endif
0891 
0892 ENDPROC(debug_exception)
0893 
0894 /*
0895  * We get here in case of an unrecoverable exception.
0896  * The only thing we can do is to be nice and print a panic message.
0897  * We only produce a single stack frame for panic, so ???
0898  *
0899  *
0900  * Entry conditions:
0901  *
0902  *   - a0 contains the caller address; original value saved in excsave1.
0903  *   - the original a0 contains a valid return address (backtrace) or 0.
0904  *   - a2 contains a valid stackpointer
0905  *
0906  * Notes:
0907  *
0908  *   - If the stack pointer could be invalid, the caller has to setup a
0909  *     dummy stack pointer (e.g. the stack of the init_task)
0910  *
0911  *   - If the return address could be invalid, the caller has to set it
0912  *     to 0, so the backtrace would stop.
0913  *
0914  */
0915     .align 4
0916 unrecoverable_text:
0917     .ascii "Unrecoverable error in exception handler\0"
0918 
0919 ENTRY(unrecoverable_exception)
0920 
0921     movi    a0, 1
0922     movi    a1, 0
0923 
0924     wsr a0, windowstart
0925     wsr a1, windowbase
0926     rsync
0927 
0928     movi    a1, (1 << PS_WOE_BIT) | LOCKLEVEL
0929     wsr a1, ps
0930     rsync
0931 
0932     movi    a1, init_task
0933     movi    a0, 0
0934     addi    a1, a1, PT_REGS_OFFSET
0935 
0936     movi    a4, panic
0937     movi    a6, unrecoverable_text
0938 
0939     callx4  a4
0940 
0941 1:  j   1b
0942 
0943 ENDPROC(unrecoverable_exception)
0944 
0945 /* -------------------------- FAST EXCEPTION HANDLERS ----------------------- */
0946 
0947 /*
0948  * Fast-handler for alloca exceptions
0949  *
0950  *  The ALLOCA handler is entered when user code executes the MOVSP
0951  *  instruction and the caller's frame is not in the register file.
0952  *
0953  * This algorithm was taken from the Ross Morley's RTOS Porting Layer:
0954  *
0955  *    /home/ross/rtos/porting/XtensaRTOS-PortingLayer-20090507/xtensa_vectors.S
0956  *
0957  * It leverages the existing window spill/fill routines and their support for
0958  * double exceptions. The 'movsp' instruction will only cause an exception if
0959  * the next window needs to be loaded. In fact this ALLOCA exception may be
0960  * replaced at some point by changing the hardware to do a underflow exception
0961  * of the proper size instead.
0962  *
0963  * This algorithm simply backs out the register changes started by the user
0964  * excpetion handler, makes it appear that we have started a window underflow
0965  * by rotating the window back and then setting the old window base (OWB) in
0966  * the 'ps' register with the rolled back window base. The 'movsp' instruction
0967  * will be re-executed and this time since the next window frames is in the
0968  * active AR registers it won't cause an exception.
0969  *
0970  * If the WindowUnderflow code gets a TLB miss the page will get mapped
0971  * the the partial windeowUnderflow will be handeled in the double exception
0972  * handler.
0973  *
0974  * Entry condition:
0975  *
0976  *   a0:    trashed, original value saved on stack (PT_AREG0)
0977  *   a1:    a1
0978  *   a2:    new stack pointer, original in DEPC
0979  *   a3:    a3
0980  *   depc:  a2, original value saved on stack (PT_DEPC)
0981  *   excsave_1: dispatch table
0982  *
0983  *   PT_DEPC >= VALID_DOUBLE_EXCEPTION_ADDRESS: double exception, DEPC
0984  *       <  VALID_DOUBLE_EXCEPTION_ADDRESS: regular exception
0985  */
0986 
0987 ENTRY(fast_alloca)
0988     rsr a0, windowbase
0989     rotw    -1
0990     rsr a2, ps
0991     extui   a3, a2, PS_OWB_SHIFT, PS_OWB_WIDTH
0992     xor a3, a3, a4
0993     l32i    a4, a6, PT_AREG0
0994     l32i    a1, a6, PT_DEPC
0995     rsr a6, depc
0996     wsr a1, depc
0997     slli    a3, a3, PS_OWB_SHIFT
0998     xor a2, a2, a3
0999     wsr a2, ps
1000     rsync
1001 
1002     _bbci.l a4, 31, 4f
1003     rotw    -1
1004     _bbci.l a8, 30, 8f
1005     rotw    -1
1006     j   _WindowUnderflow12
1007 8:  j   _WindowUnderflow8
1008 4:  j   _WindowUnderflow4
1009 ENDPROC(fast_alloca)
1010 
1011 /*
1012  * fast system calls.
1013  *
1014  * WARNING:  The kernel doesn't save the entire user context before
1015  * handling a fast system call.  These functions are small and short,
1016  * usually offering some functionality not available to user tasks.
1017  *
1018  * BE CAREFUL TO PRESERVE THE USER'S CONTEXT.
1019  *
1020  * Entry condition:
1021  *
1022  *   a0:    trashed, original value saved on stack (PT_AREG0)
1023  *   a1:    a1
1024  *   a2:    new stack pointer, original in DEPC
1025  *   a3:    a3
1026  *   depc:  a2, original value saved on stack (PT_DEPC)
1027  *   excsave_1: dispatch table
1028  */
1029 
1030 ENTRY(fast_syscall_kernel)
1031 
1032     /* Skip syscall. */
1033 
1034     rsr a0, epc1
1035     addi    a0, a0, 3
1036     wsr a0, epc1
1037 
1038     l32i    a0, a2, PT_DEPC
1039     bgeui   a0, VALID_DOUBLE_EXCEPTION_ADDRESS, fast_syscall_unrecoverable
1040 
1041     rsr a0, depc            # get syscall-nr
1042     _beqz   a0, fast_syscall_spill_registers
1043     _beqi   a0, __NR_xtensa, fast_syscall_xtensa
1044 
1045     j   kernel_exception
1046 
1047 ENDPROC(fast_syscall_kernel)
1048 
1049 ENTRY(fast_syscall_user)
1050 
1051     /* Skip syscall. */
1052 
1053     rsr a0, epc1
1054     addi    a0, a0, 3
1055     wsr a0, epc1
1056 
1057     l32i    a0, a2, PT_DEPC
1058     bgeui   a0, VALID_DOUBLE_EXCEPTION_ADDRESS, fast_syscall_unrecoverable
1059 
1060     rsr a0, depc            # get syscall-nr
1061     _beqz   a0, fast_syscall_spill_registers
1062     _beqi   a0, __NR_xtensa, fast_syscall_xtensa
1063 
1064     j   user_exception
1065 
1066 ENDPROC(fast_syscall_user)
1067 
1068 ENTRY(fast_syscall_unrecoverable)
1069 
1070     /* Restore all states. */
1071 
1072     l32i    a0, a2, PT_AREG0        # restore a0
1073     xsr     a2, depc                # restore a2, depc
1074 
1075     wsr     a0, excsave1
1076     movi    a0, unrecoverable_exception
1077     callx0  a0
1078 
1079 ENDPROC(fast_syscall_unrecoverable)
1080 
1081 /*
1082  * sysxtensa syscall handler
1083  *
1084  * int sysxtensa (SYS_XTENSA_ATOMIC_SET,     ptr, val,    unused);
1085  * int sysxtensa (SYS_XTENSA_ATOMIC_ADD,     ptr, val,    unused);
1086  * int sysxtensa (SYS_XTENSA_ATOMIC_EXG_ADD, ptr, val,    unused);
1087  * int sysxtensa (SYS_XTENSA_ATOMIC_CMP_SWP, ptr, oldval, newval);
1088  *        a2            a6                   a3    a4      a5
1089  *
1090  * Entry condition:
1091  *
1092  *   a0:    a2 (syscall-nr), original value saved on stack (PT_AREG0)
1093  *   a1:    a1
1094  *   a2:    new stack pointer, original in a0 and DEPC
1095  *   a3:    a3
1096  *   a4..a15:   unchanged
1097  *   depc:  a2, original value saved on stack (PT_DEPC)
1098  *   excsave_1: dispatch table
1099  *
1100  *   PT_DEPC >= VALID_DOUBLE_EXCEPTION_ADDRESS: double exception, DEPC
1101  *       <  VALID_DOUBLE_EXCEPTION_ADDRESS: regular exception
1102  *
1103  * Note: we don't have to save a2; a2 holds the return value
1104  *
1105  * We use the two macros TRY and CATCH:
1106  *
1107  * TRY   adds an entry to the __ex_table fixup table for the immediately
1108  *   following instruction.
1109  *
1110  * CATCH catches any exception that occurred at one of the preceding TRY
1111  *       statements and continues from there
1112  *
1113  * Usage TRY    l32i    a0, a1, 0
1114  *      <other code>
1115  *   done:  rfe
1116  *   CATCH  <set return code>
1117  *      j done
1118  */
1119 
1120 #ifdef CONFIG_FAST_SYSCALL_XTENSA
1121 
1122 #define TRY                             \
1123     .section __ex_table, "a";                   \
1124     .word   66f, 67f;                       \
1125     .text;                              \
1126 66:
1127 
1128 #define CATCH                               \
1129 67:
1130 
1131 ENTRY(fast_syscall_xtensa)
1132 
1133     s32i    a7, a2, PT_AREG7    # we need an additional register
1134     movi    a7, 4           # sizeof(unsigned int)
1135     access_ok a3, a7, a0, a2, .Leac # a0: scratch reg, a2: sp
1136 
1137     _bgeui  a6, SYS_XTENSA_COUNT, .Lill
1138     _bnei   a6, SYS_XTENSA_ATOMIC_CMP_SWP, .Lnswp
1139 
1140     /* Fall through for ATOMIC_CMP_SWP. */
1141 
1142 .Lswp:  /* Atomic compare and swap */
1143 
1144 TRY l32i    a0, a3, 0       # read old value
1145     bne a0, a4, 1f      # same as old value? jump
1146 TRY s32i    a5, a3, 0       # different, modify value
1147     l32i    a7, a2, PT_AREG7    # restore a7
1148     l32i    a0, a2, PT_AREG0    # restore a0
1149     movi    a2, 1           # and return 1
1150     rfe
1151 
1152 1:  l32i    a7, a2, PT_AREG7    # restore a7
1153     l32i    a0, a2, PT_AREG0    # restore a0
1154     movi    a2, 0           # return 0 (note that we cannot set
1155     rfe
1156 
1157 .Lnswp: /* Atomic set, add, and exg_add. */
1158 
1159 TRY l32i    a7, a3, 0       # orig
1160     addi    a6, a6, -SYS_XTENSA_ATOMIC_SET
1161     add a0, a4, a7      # + arg
1162     moveqz  a0, a4, a6      # set
1163     addi    a6, a6, SYS_XTENSA_ATOMIC_SET
1164 TRY s32i    a0, a3, 0       # write new value
1165 
1166     mov a0, a2
1167     mov a2, a7
1168     l32i    a7, a0, PT_AREG7    # restore a7
1169     l32i    a0, a0, PT_AREG0    # restore a0
1170     rfe
1171 
1172 CATCH
1173 .Leac:  l32i    a7, a2, PT_AREG7    # restore a7
1174     l32i    a0, a2, PT_AREG0    # restore a0
1175     movi    a2, -EFAULT
1176     rfe
1177 
1178 .Lill:  l32i    a7, a2, PT_AREG7    # restore a7
1179     l32i    a0, a2, PT_AREG0    # restore a0
1180     movi    a2, -EINVAL
1181     rfe
1182 
1183 ENDPROC(fast_syscall_xtensa)
1184 
1185 #else /* CONFIG_FAST_SYSCALL_XTENSA */
1186 
1187 ENTRY(fast_syscall_xtensa)
1188 
1189     l32i    a0, a2, PT_AREG0        # restore a0
1190     movi    a2, -ENOSYS
1191     rfe
1192 
1193 ENDPROC(fast_syscall_xtensa)
1194 
1195 #endif /* CONFIG_FAST_SYSCALL_XTENSA */
1196 
1197 
1198 /* fast_syscall_spill_registers.
1199  *
1200  * Entry condition:
1201  *
1202  *   a0:    trashed, original value saved on stack (PT_AREG0)
1203  *   a1:    a1
1204  *   a2:    new stack pointer, original in DEPC
1205  *   a3:    a3
1206  *   depc:  a2, original value saved on stack (PT_DEPC)
1207  *   excsave_1: dispatch table
1208  *
1209  * Note: We assume the stack pointer is EXC_TABLE_KSTK in the fixup handler.
1210  */
1211 
1212 #ifdef CONFIG_FAST_SYSCALL_SPILL_REGISTERS
1213 
1214 ENTRY(fast_syscall_spill_registers)
1215 
1216     /* Register a FIXUP handler (pass current wb as a parameter) */
1217 
1218     xsr a3, excsave1
1219     movi    a0, fast_syscall_spill_registers_fixup
1220     s32i    a0, a3, EXC_TABLE_FIXUP
1221     rsr a0, windowbase
1222     s32i    a0, a3, EXC_TABLE_PARAM
1223     xsr a3, excsave1        # restore a3 and excsave_1
1224 
1225     /* Save a3, a4 and SAR on stack. */
1226 
1227     rsr a0, sar
1228     s32i    a3, a2, PT_AREG3
1229     s32i    a0, a2, PT_SAR
1230 
1231     /* The spill routine might clobber a4, a7, a8, a11, a12, and a15. */
1232 
1233     s32i    a4, a2, PT_AREG4
1234     s32i    a7, a2, PT_AREG7
1235     s32i    a8, a2, PT_AREG8
1236     s32i    a11, a2, PT_AREG11
1237     s32i    a12, a2, PT_AREG12
1238     s32i    a15, a2, PT_AREG15
1239 
1240     /*
1241      * Rotate ws so that the current windowbase is at bit 0.
1242      * Assume ws = xxxwww1yy (www1 current window frame).
1243      * Rotate ws right so that a4 = yyxxxwww1.
1244      */
1245 
1246     rsr a0, windowbase
1247     rsr a3, windowstart     # a3 = xxxwww1yy
1248     ssr a0          # holds WB
1249     slli    a0, a3, WSBITS
1250     or  a3, a3, a0      # a3 = xxxwww1yyxxxwww1yy
1251     srl a3, a3          # a3 = 00xxxwww1yyxxxwww1
1252 
1253     /* We are done if there are no more than the current register frame. */
1254 
1255     extui   a3, a3, 1, WSBITS-1 # a3 = 0yyxxxwww
1256     movi    a0, (1 << (WSBITS-1))
1257     _beqz   a3, .Lnospill       # only one active frame? jump
1258 
1259     /* We want 1 at the top, so that we return to the current windowbase */
1260 
1261     or  a3, a3, a0      # 1yyxxxwww
1262 
1263     /* Skip empty frames - get 'oldest' WINDOWSTART-bit. */
1264 
1265     wsr a3, windowstart     # save shifted windowstart
1266     neg a0, a3
1267     and a3, a0, a3      # first bit set from right: 000010000
1268 
1269     ffs_ws  a0, a3          # a0: shifts to skip empty frames
1270     movi    a3, WSBITS
1271     sub a0, a3, a0      # WSBITS-a0:number of 0-bits from right
1272     ssr a0          # save in SAR for later.
1273 
1274     rsr a3, windowbase
1275     add a3, a3, a0
1276     wsr a3, windowbase
1277     rsync
1278 
1279     rsr a3, windowstart
1280     srl a3, a3          # shift windowstart
1281 
1282     /* WB is now just one frame below the oldest frame in the register
1283        window. WS is shifted so the oldest frame is in bit 0, thus, WB
1284        and WS differ by one 4-register frame. */
1285 
1286     /* Save frames. Depending what call was used (call4, call8, call12),
1287      * we have to save 4,8. or 12 registers.
1288      */
1289 
1290 
1291 .Lloop: _bbsi.l a3, 1, .Lc4
1292     _bbci.l a3, 2, .Lc12
1293 
1294 .Lc8:   s32e    a4, a13, -16
1295     l32e    a4, a5, -12
1296     s32e    a8, a4, -32
1297     s32e    a5, a13, -12
1298     s32e    a6, a13, -8
1299     s32e    a7, a13, -4
1300     s32e    a9, a4, -28
1301     s32e    a10, a4, -24
1302     s32e    a11, a4, -20
1303     srli    a11, a3, 2      # shift windowbase by 2
1304     rotw    2
1305     _bnei   a3, 1, .Lloop
1306     j   .Lexit
1307 
1308 .Lc4:   s32e    a4, a9, -16
1309     s32e    a5, a9, -12
1310     s32e    a6, a9, -8
1311     s32e    a7, a9, -4
1312 
1313     srli    a7, a3, 1
1314     rotw    1
1315     _bnei   a3, 1, .Lloop
1316     j   .Lexit
1317 
1318 .Lc12:  _bbci.l a3, 3, .Linvalid_mask   # bit 2 shouldn't be zero!
1319 
1320     /* 12-register frame (call12) */
1321 
1322     l32e    a0, a5, -12
1323     s32e    a8, a0, -48
1324     mov a8, a0
1325 
1326     s32e    a9, a8, -44
1327     s32e    a10, a8, -40
1328     s32e    a11, a8, -36
1329     s32e    a12, a8, -32
1330     s32e    a13, a8, -28
1331     s32e    a14, a8, -24
1332     s32e    a15, a8, -20
1333     srli    a15, a3, 3
1334 
1335     /* The stack pointer for a4..a7 is out of reach, so we rotate the
1336      * window, grab the stackpointer, and rotate back.
1337      * Alternatively, we could also use the following approach, but that
1338      * makes the fixup routine much more complicated:
1339      * rotw 1
1340      * s32e a0, a13, -16
1341      * ...
1342      * rotw 2
1343      */
1344 
1345     rotw    1
1346     mov a4, a13
1347     rotw    -1
1348 
1349     s32e    a4, a8, -16
1350     s32e    a5, a8, -12
1351     s32e    a6, a8, -8
1352     s32e    a7, a8, -4
1353 
1354     rotw    3
1355 
1356     _beqi   a3, 1, .Lexit
1357     j   .Lloop
1358 
1359 .Lexit:
1360 
1361     /* Done. Do the final rotation and set WS */
1362 
1363     rotw    1
1364     rsr a3, windowbase
1365     ssl a3
1366     movi    a3, 1
1367     sll a3, a3
1368     wsr a3, windowstart
1369 .Lnospill:
1370 
1371     /* Advance PC, restore registers and SAR, and return from exception. */
1372 
1373     l32i    a3, a2, PT_SAR
1374     l32i    a0, a2, PT_AREG0
1375     wsr a3, sar
1376     l32i    a3, a2, PT_AREG3
1377 
1378     /* Restore clobbered registers. */
1379 
1380     l32i    a4, a2, PT_AREG4
1381     l32i    a7, a2, PT_AREG7
1382     l32i    a8, a2, PT_AREG8
1383     l32i    a11, a2, PT_AREG11
1384     l32i    a12, a2, PT_AREG12
1385     l32i    a15, a2, PT_AREG15
1386 
1387     movi    a2, 0
1388     rfe
1389 
1390 .Linvalid_mask:
1391 
1392     /* We get here because of an unrecoverable error in the window
1393      * registers, so set up a dummy frame and kill the user application.
1394      * Note: We assume EXC_TABLE_KSTK contains a valid stack pointer.
1395      */
1396 
1397     movi    a0, 1
1398     movi    a1, 0
1399 
1400     wsr a0, windowstart
1401     wsr a1, windowbase
1402     rsync
1403 
1404     movi    a0, 0
1405 
1406     rsr a3, excsave1
1407     l32i    a1, a3, EXC_TABLE_KSTK
1408 
1409     movi    a4, (1 << PS_WOE_BIT) | LOCKLEVEL
1410     wsr a4, ps
1411     rsync
1412 
1413     movi    a6, SIGSEGV
1414     movi    a4, do_exit
1415     callx4  a4
1416 
1417     /* shouldn't return, so panic */
1418 
1419     wsr a0, excsave1
1420     movi    a0, unrecoverable_exception
1421     callx0  a0      # should not return
1422 1:  j   1b
1423 
1424 
1425 ENDPROC(fast_syscall_spill_registers)
1426 
1427 /* Fixup handler.
1428  *
1429  * We get here if the spill routine causes an exception, e.g. tlb miss.
1430  * We basically restore WINDOWBASE and WINDOWSTART to the condition when
1431  * we entered the spill routine and jump to the user exception handler.
1432  *
1433  * Note that we only need to restore the bits in windowstart that have not
1434  * been spilled yet by the _spill_register routine. Luckily, a3 contains a
1435  * rotated windowstart with only those bits set for frames that haven't been
1436  * spilled yet. Because a3 is rotated such that bit 0 represents the register
1437  * frame for the current windowbase - 1, we need to rotate a3 left by the
1438  * value of the current windowbase + 1 and move it to windowstart.
1439  *
1440  * a0: value of depc, original value in depc
1441  * a2: trashed, original value in EXC_TABLE_DOUBLE_SAVE
1442  * a3: exctable, original value in excsave1
1443  */
1444 
1445 ENTRY(fast_syscall_spill_registers_fixup)
1446 
1447     rsr a2, windowbase  # get current windowbase (a2 is saved)
1448     xsr a0, depc    # restore depc and a0
1449     ssl a2      # set shift (32 - WB)
1450 
1451     /* We need to make sure the current registers (a0-a3) are preserved.
1452      * To do this, we simply set the bit for the current window frame
1453      * in WS, so that the exception handlers save them to the task stack.
1454      *
1455      * Note: we use a3 to set the windowbase, so we take a special care
1456      * of it, saving it in the original _spill_registers frame across
1457      * the exception handler call.
1458      */
1459 
1460     xsr a3, excsave1    # get spill-mask
1461     slli    a3, a3, 1   # shift left by one
1462     addi    a3, a3, 1   # set the bit for the current window frame
1463 
1464     slli    a2, a3, 32-WSBITS
1465     src a2, a3, a2  # a2 = xxwww1yyxxxwww1yy......
1466     wsr a2, windowstart # set corrected windowstart
1467 
1468     srli    a3, a3, 1
1469     rsr a2, excsave1
1470     l32i    a2, a2, EXC_TABLE_DOUBLE_SAVE   # restore a2
1471     xsr a2, excsave1
1472     s32i    a3, a2, EXC_TABLE_DOUBLE_SAVE   # save a3
1473     l32i    a3, a2, EXC_TABLE_PARAM # original WB (in user task)
1474     xsr a2, excsave1
1475 
1476     /* Return to the original (user task) WINDOWBASE.
1477      * We leave the following frame behind:
1478      * a0, a1, a2   same
1479      * a3:      trashed (saved in EXC_TABLE_DOUBLE_SAVE)
1480      * depc:    depc (we have to return to that address)
1481      * excsave_1:   exctable
1482      */
1483 
1484     wsr a3, windowbase
1485     rsync
1486 
1487     /* We are now in the original frame when we entered _spill_registers:
1488      *  a0: return address
1489      *  a1: used, stack pointer
1490      *  a2: kernel stack pointer
1491      *  a3: available
1492      *  depc: exception address
1493      *  excsave: exctable
1494      * Note: This frame might be the same as above.
1495      */
1496 
1497     /* Setup stack pointer. */
1498 
1499     addi    a2, a2, -PT_USER_SIZE
1500     s32i    a0, a2, PT_AREG0
1501 
1502     /* Make sure we return to this fixup handler. */
1503 
1504     movi    a3, fast_syscall_spill_registers_fixup_return
1505     s32i    a3, a2, PT_DEPC     # setup depc
1506 
1507     /* Jump to the exception handler. */
1508 
1509     rsr a3, excsave1
1510     rsr a0, exccause
1511     addx4   a0, a0, a3                  # find entry in table
1512     l32i    a0, a0, EXC_TABLE_FAST_USER     # load handler
1513     l32i    a3, a3, EXC_TABLE_DOUBLE_SAVE
1514     jx  a0
1515 
1516 ENDPROC(fast_syscall_spill_registers_fixup)
1517 
1518 ENTRY(fast_syscall_spill_registers_fixup_return)
1519 
1520     /* When we return here, all registers have been restored (a2: DEPC) */
1521 
1522     wsr a2, depc        # exception address
1523 
1524     /* Restore fixup handler. */
1525 
1526     rsr a2, excsave1
1527     s32i    a3, a2, EXC_TABLE_DOUBLE_SAVE
1528     movi    a3, fast_syscall_spill_registers_fixup
1529     s32i    a3, a2, EXC_TABLE_FIXUP
1530     rsr a3, windowbase
1531     s32i    a3, a2, EXC_TABLE_PARAM
1532     l32i    a2, a2, EXC_TABLE_KSTK
1533 
1534     /* Load WB at the time the exception occurred. */
1535 
1536     rsr a3, sar         # WB is still in SAR
1537     neg a3, a3
1538     wsr a3, windowbase
1539     rsync
1540 
1541     rsr a3, excsave1
1542     l32i    a3, a3, EXC_TABLE_DOUBLE_SAVE
1543 
1544     rfde
1545 
1546 ENDPROC(fast_syscall_spill_registers_fixup_return)
1547 
1548 #else /* CONFIG_FAST_SYSCALL_SPILL_REGISTERS */
1549 
1550 ENTRY(fast_syscall_spill_registers)
1551 
1552     l32i    a0, a2, PT_AREG0        # restore a0
1553     movi    a2, -ENOSYS
1554     rfe
1555 
1556 ENDPROC(fast_syscall_spill_registers)
1557 
1558 #endif /* CONFIG_FAST_SYSCALL_SPILL_REGISTERS */
1559 
1560 #ifdef CONFIG_MMU
1561 /*
1562  * We should never get here. Bail out!
1563  */
1564 
1565 ENTRY(fast_second_level_miss_double_kernel)
1566 
1567 1:  movi    a0, unrecoverable_exception
1568     callx0  a0      # should not return
1569 1:  j   1b
1570 
1571 ENDPROC(fast_second_level_miss_double_kernel)
1572 
1573 /* First-level entry handler for user, kernel, and double 2nd-level
1574  * TLB miss exceptions.  Note that for now, user and kernel miss
1575  * exceptions share the same entry point and are handled identically.
1576  *
1577  * An old, less-efficient C version of this function used to exist.
1578  * We include it below, interleaved as comments, for reference.
1579  *
1580  * Entry condition:
1581  *
1582  *   a0:    trashed, original value saved on stack (PT_AREG0)
1583  *   a1:    a1
1584  *   a2:    new stack pointer, original in DEPC
1585  *   a3:    a3
1586  *   depc:  a2, original value saved on stack (PT_DEPC)
1587  *   excsave_1: dispatch table
1588  *
1589  *   PT_DEPC >= VALID_DOUBLE_EXCEPTION_ADDRESS: double exception, DEPC
1590  *       <  VALID_DOUBLE_EXCEPTION_ADDRESS: regular exception
1591  */
1592 
1593 ENTRY(fast_second_level_miss)
1594 
1595     /* Save a1 and a3. Note: we don't expect a double exception. */
1596 
1597     s32i    a1, a2, PT_AREG1
1598     s32i    a3, a2, PT_AREG3
1599 
1600     /* We need to map the page of PTEs for the user task.  Find
1601      * the pointer to that page.  Also, it's possible for tsk->mm
1602      * to be NULL while tsk->active_mm is nonzero if we faulted on
1603      * a vmalloc address.  In that rare case, we must use
1604      * active_mm instead to avoid a fault in this handler.  See
1605      *
1606      * http://mail.nl.linux.org/linux-mm/2002-08/msg00258.html
1607      *   (or search Internet on "mm vs. active_mm")
1608      *
1609      *  if (!mm)
1610      *      mm = tsk->active_mm;
1611      *  pgd = pgd_offset (mm, regs->excvaddr);
1612      *  pmd = pmd_offset (pgd, regs->excvaddr);
1613      *  pmdval = *pmd;
1614      */
1615 
1616     GET_CURRENT(a1,a2)
1617     l32i    a0, a1, TASK_MM     # tsk->mm
1618     beqz    a0, 9f
1619 
1620 8:  rsr a3, excvaddr        # fault address
1621     _PGD_OFFSET(a0, a3, a1)
1622     l32i    a0, a0, 0       # read pmdval
1623     beqz    a0, 2f
1624 
1625     /* Read ptevaddr and convert to top of page-table page.
1626      *
1627      *  vpnval = read_ptevaddr_register() & PAGE_MASK;
1628      *  vpnval += DTLB_WAY_PGTABLE;
1629      *  pteval = mk_pte (virt_to_page(pmd_val(pmdval)), PAGE_KERNEL);
1630      *  write_dtlb_entry (pteval, vpnval);
1631      *
1632      * The messy computation for 'pteval' above really simplifies
1633      * into the following:
1634      *
1635      * pteval = ((pmdval - PAGE_OFFSET + PHYS_OFFSET) & PAGE_MASK)
1636      *                 | PAGE_DIRECTORY
1637      */
1638 
1639     movi    a1, (PHYS_OFFSET - PAGE_OFFSET) & 0xffffffff
1640     add a0, a0, a1      # pmdval - PAGE_OFFSET
1641     extui   a1, a0, 0, PAGE_SHIFT   # ... & PAGE_MASK
1642     xor a0, a0, a1
1643 
1644     movi    a1, _PAGE_DIRECTORY
1645     or  a0, a0, a1      # ... | PAGE_DIRECTORY
1646 
1647     /*
1648      * We utilize all three wired-ways (7-9) to hold pmd translations.
1649      * Memory regions are mapped to the DTLBs according to bits 28 and 29.
1650      * This allows to map the three most common regions to three different
1651      * DTLBs:
1652      *  0,1 -> way 7    program (0040.0000) and virtual (c000.0000)
1653      *  2   -> way 8    shared libaries (2000.0000)
1654      *  3   -> way 0    stack (3000.0000)
1655      */
1656 
1657     extui   a3, a3, 28, 2       # addr. bit 28 and 29   0,1,2,3
1658     rsr a1, ptevaddr
1659     addx2   a3, a3, a3      # ->            0,3,6,9
1660     srli    a1, a1, PAGE_SHIFT
1661     extui   a3, a3, 2, 2        # ->            0,0,1,2
1662     slli    a1, a1, PAGE_SHIFT  # ptevaddr & PAGE_MASK
1663     addi    a3, a3, DTLB_WAY_PGD
1664     add a1, a1, a3      # ... + way_number
1665 
1666 3:  wdtlb   a0, a1
1667     dsync
1668 
1669     /* Exit critical section. */
1670 
1671 4:  rsr a3, excsave1
1672     movi    a0, 0
1673     s32i    a0, a3, EXC_TABLE_FIXUP
1674 
1675     /* Restore the working registers, and return. */
1676 
1677     l32i    a0, a2, PT_AREG0
1678     l32i    a1, a2, PT_AREG1
1679     l32i    a3, a2, PT_AREG3
1680     l32i    a2, a2, PT_DEPC
1681 
1682     bgeui   a2, VALID_DOUBLE_EXCEPTION_ADDRESS, 1f
1683 
1684     /* Restore excsave1 and return. */
1685 
1686     rsr a2, depc
1687     rfe
1688 
1689     /* Return from double exception. */
1690 
1691 1:  xsr a2, depc
1692     esync
1693     rfde
1694 
1695 9:  l32i    a0, a1, TASK_ACTIVE_MM  # unlikely case mm == 0
1696     bnez    a0, 8b
1697 
1698     /* Even more unlikely case active_mm == 0.
1699      * We can get here with NMI in the middle of context_switch that
1700      * touches vmalloc area.
1701      */
1702     movi    a0, init_mm
1703     j   8b
1704 
1705 #if (DCACHE_WAY_SIZE > PAGE_SIZE)
1706 
1707 2:  /* Special case for cache aliasing.
1708      * We (should) only get here if a clear_user_page, copy_user_page
1709      * or the aliased cache flush functions got preemptively interrupted 
1710      * by another task. Re-establish temporary mapping to the 
1711      * TLBTEMP_BASE areas.
1712      */
1713 
1714     /* We shouldn't be in a double exception */
1715 
1716     l32i    a0, a2, PT_DEPC
1717     bgeui   a0, VALID_DOUBLE_EXCEPTION_ADDRESS, 2f
1718 
1719     /* Make sure the exception originated in the special functions */
1720 
1721     movi    a0, __tlbtemp_mapping_start
1722     rsr a3, epc1
1723     bltu    a3, a0, 2f
1724     movi    a0, __tlbtemp_mapping_end
1725     bgeu    a3, a0, 2f
1726 
1727     /* Check if excvaddr was in one of the TLBTEMP_BASE areas. */
1728 
1729     movi    a3, TLBTEMP_BASE_1
1730     rsr a0, excvaddr
1731     bltu    a0, a3, 2f
1732 
1733     addi    a1, a0, -TLBTEMP_SIZE
1734     bgeu    a1, a3, 2f
1735 
1736     /* Check if we have to restore an ITLB mapping. */
1737 
1738     movi    a1, __tlbtemp_mapping_itlb
1739     rsr a3, epc1
1740     sub a3, a3, a1
1741 
1742     /* Calculate VPN */
1743 
1744     movi    a1, PAGE_MASK
1745     and a1, a1, a0
1746 
1747     /* Jump for ITLB entry */
1748 
1749     bgez    a3, 1f
1750 
1751     /* We can use up to two TLBTEMP areas, one for src and one for dst. */
1752 
1753     extui   a3, a0, PAGE_SHIFT + DCACHE_ALIAS_ORDER, 1
1754     add a1, a3, a1
1755 
1756     /* PPN is in a6 for the first TLBTEMP area and in a7 for the second. */
1757 
1758     mov a0, a6
1759     movnez  a0, a7, a3
1760     j   3b
1761 
1762     /* ITLB entry. We only use dst in a6. */
1763 
1764 1:  witlb   a6, a1
1765     isync
1766     j   4b
1767 
1768 
1769 #endif  // DCACHE_WAY_SIZE > PAGE_SIZE
1770 
1771 
1772 2:  /* Invalid PGD, default exception handling */
1773 
1774     rsr a1, depc
1775     s32i    a1, a2, PT_AREG2
1776     mov a1, a2
1777 
1778     rsr a2, ps
1779     bbsi.l  a2, PS_UM_BIT, 1f
1780     j   _kernel_exception
1781 1:  j   _user_exception
1782 
1783 ENDPROC(fast_second_level_miss)
1784 
1785 /*
1786  * StoreProhibitedException
1787  *
1788  * Update the pte and invalidate the itlb mapping for this pte.
1789  *
1790  * Entry condition:
1791  *
1792  *   a0:    trashed, original value saved on stack (PT_AREG0)
1793  *   a1:    a1
1794  *   a2:    new stack pointer, original in DEPC
1795  *   a3:    a3
1796  *   depc:  a2, original value saved on stack (PT_DEPC)
1797  *   excsave_1: dispatch table
1798  *
1799  *   PT_DEPC >= VALID_DOUBLE_EXCEPTION_ADDRESS: double exception, DEPC
1800  *       <  VALID_DOUBLE_EXCEPTION_ADDRESS: regular exception
1801  */
1802 
1803 ENTRY(fast_store_prohibited)
1804 
1805     /* Save a1 and a3. */
1806 
1807     s32i    a1, a2, PT_AREG1
1808     s32i    a3, a2, PT_AREG3
1809 
1810     GET_CURRENT(a1,a2)
1811     l32i    a0, a1, TASK_MM     # tsk->mm
1812     beqz    a0, 9f
1813 
1814 8:  rsr a1, excvaddr        # fault address
1815     _PGD_OFFSET(a0, a1, a3)
1816     l32i    a0, a0, 0
1817     beqz    a0, 2f
1818 
1819     /*
1820      * Note that we test _PAGE_WRITABLE_BIT only if PTE is present
1821      * and is not PAGE_NONE. See pgtable.h for possible PTE layouts.
1822      */
1823 
1824     _PTE_OFFSET(a0, a1, a3)
1825     l32i    a3, a0, 0       # read pteval
1826     movi    a1, _PAGE_CA_INVALID
1827     ball    a3, a1, 2f
1828     bbci.l  a3, _PAGE_WRITABLE_BIT, 2f
1829 
1830     movi    a1, _PAGE_ACCESSED | _PAGE_DIRTY | _PAGE_HW_WRITE
1831     or  a3, a3, a1
1832     rsr a1, excvaddr
1833     s32i    a3, a0, 0
1834 
1835     /* We need to flush the cache if we have page coloring. */
1836 #if (DCACHE_WAY_SIZE > PAGE_SIZE) && XCHAL_DCACHE_IS_WRITEBACK
1837     dhwb    a0, 0
1838 #endif
1839     pdtlb   a0, a1
1840     wdtlb   a3, a0
1841 
1842     /* Exit critical section. */
1843 
1844     movi    a0, 0
1845     rsr a3, excsave1
1846     s32i    a0, a3, EXC_TABLE_FIXUP
1847 
1848     /* Restore the working registers, and return. */
1849 
1850     l32i    a3, a2, PT_AREG3
1851     l32i    a1, a2, PT_AREG1
1852     l32i    a0, a2, PT_AREG0
1853     l32i    a2, a2, PT_DEPC
1854 
1855     bgeui   a2, VALID_DOUBLE_EXCEPTION_ADDRESS, 1f
1856 
1857     rsr a2, depc
1858     rfe
1859 
1860     /* Double exception. Restore FIXUP handler and return. */
1861 
1862 1:  xsr a2, depc
1863     esync
1864     rfde
1865 
1866 9:  l32i    a0, a1, TASK_ACTIVE_MM  # unlikely case mm == 0
1867     j   8b
1868 
1869 2:  /* If there was a problem, handle fault in C */
1870 
1871     rsr a3, depc    # still holds a2
1872     s32i    a3, a2, PT_AREG2
1873     mov a1, a2
1874 
1875     rsr a2, ps
1876     bbsi.l  a2, PS_UM_BIT, 1f
1877     j   _kernel_exception
1878 1:  j   _user_exception
1879 
1880 ENDPROC(fast_store_prohibited)
1881 
1882 #endif /* CONFIG_MMU */
1883 
1884 /*
1885  * System Calls.
1886  *
1887  * void system_call (struct pt_regs* regs, int exccause)
1888  *                            a2                 a3
1889  */
1890 
1891 ENTRY(system_call)
1892 
1893     entry   a1, 32
1894 
1895     /* regs->syscall = regs->areg[2] */
1896 
1897     l32i    a3, a2, PT_AREG2
1898     mov a6, a2
1899     movi    a4, do_syscall_trace_enter
1900     s32i    a3, a2, PT_SYSCALL
1901     callx4  a4
1902 
1903     /* syscall = sys_call_table[syscall_nr] */
1904 
1905     movi    a4, sys_call_table;
1906     movi    a5, __NR_syscall_count
1907     movi    a6, -ENOSYS
1908     bgeu    a3, a5, 1f
1909 
1910     addx4   a4, a3, a4
1911     l32i    a4, a4, 0
1912     movi    a5, sys_ni_syscall;
1913     beq a4, a5, 1f
1914 
1915     /* Load args: arg0 - arg5 are passed via regs. */
1916 
1917     l32i    a6, a2, PT_AREG6
1918     l32i    a7, a2, PT_AREG3
1919     l32i    a8, a2, PT_AREG4
1920     l32i    a9, a2, PT_AREG5
1921     l32i    a10, a2, PT_AREG8
1922     l32i    a11, a2, PT_AREG9
1923 
1924     /* Pass one additional argument to the syscall: pt_regs (on stack) */
1925     s32i    a2, a1, 0
1926 
1927     callx4  a4
1928 
1929 1:  /* regs->areg[2] = return_value */
1930 
1931     s32i    a6, a2, PT_AREG2
1932     movi    a4, do_syscall_trace_leave
1933     mov a6, a2
1934     callx4  a4
1935     retw
1936 
1937 ENDPROC(system_call)
1938 
1939 /*
1940  * Spill live registers on the kernel stack macro.
1941  *
1942  * Entry condition: ps.woe is set, ps.excm is cleared
1943  * Exit condition: windowstart has single bit set
1944  * May clobber: a12, a13
1945  */
1946     .macro  spill_registers_kernel
1947 
1948 #if XCHAL_NUM_AREGS > 16
1949     call12  1f
1950     _j  2f
1951     retw
1952     .align  4
1953 1:
1954     _entry  a1, 48
1955     addi    a12, a0, 3
1956 #if XCHAL_NUM_AREGS > 32
1957     .rept   (XCHAL_NUM_AREGS - 32) / 12
1958     _entry  a1, 48
1959     mov a12, a0
1960     .endr
1961 #endif
1962     _entry  a1, 16
1963 #if XCHAL_NUM_AREGS % 12 == 0
1964     mov a8, a8
1965 #elif XCHAL_NUM_AREGS % 12 == 4
1966     mov a12, a12
1967 #elif XCHAL_NUM_AREGS % 12 == 8
1968     mov a4, a4
1969 #endif
1970     retw
1971 2:
1972 #else
1973     mov a12, a12
1974 #endif
1975     .endm
1976 
1977 /*
1978  * Task switch.
1979  *
1980  * struct task*  _switch_to (struct task* prev, struct task* next)
1981  *         a2                              a2                 a3
1982  */
1983 
1984 ENTRY(_switch_to)
1985 
1986     entry   a1, 48
1987 
1988     mov a11, a3         # and 'next' (a3)
1989 
1990     l32i    a4, a2, TASK_THREAD_INFO
1991     l32i    a5, a3, TASK_THREAD_INFO
1992 
1993     save_xtregs_user a4 a6 a8 a9 a12 a13 THREAD_XTREGS_USER
1994 
1995 #if THREAD_RA > 1020 || THREAD_SP > 1020
1996     addi    a10, a2, TASK_THREAD
1997     s32i    a0, a10, THREAD_RA - TASK_THREAD    # save return address
1998     s32i    a1, a10, THREAD_SP - TASK_THREAD    # save stack pointer
1999 #else
2000     s32i    a0, a2, THREAD_RA   # save return address
2001     s32i    a1, a2, THREAD_SP   # save stack pointer
2002 #endif
2003 
2004     /* Disable ints while we manipulate the stack pointer. */
2005 
2006     irq_save a14, a3
2007     rsync
2008 
2009     /* Switch CPENABLE */
2010 
2011 #if (XTENSA_HAVE_COPROCESSORS || XTENSA_HAVE_IO_PORTS)
2012     l32i    a3, a5, THREAD_CPENABLE
2013     xsr a3, cpenable
2014     s32i    a3, a4, THREAD_CPENABLE
2015 #endif
2016 
2017     /* Flush register file. */
2018 
2019     spill_registers_kernel
2020 
2021     /* Set kernel stack (and leave critical section)
2022      * Note: It's save to set it here. The stack will not be overwritten
2023      *       because the kernel stack will only be loaded again after
2024      *       we return from kernel space.
2025      */
2026 
2027     rsr a3, excsave1        # exc_table
2028     addi    a7, a5, PT_REGS_OFFSET
2029     s32i    a7, a3, EXC_TABLE_KSTK
2030 
2031     /* restore context of the task 'next' */
2032 
2033     l32i    a0, a11, THREAD_RA  # restore return address
2034     l32i    a1, a11, THREAD_SP  # restore stack pointer
2035 
2036     load_xtregs_user a5 a6 a8 a9 a12 a13 THREAD_XTREGS_USER
2037 
2038     wsr a14, ps
2039     rsync
2040 
2041     retw
2042 
2043 ENDPROC(_switch_to)
2044 
2045 ENTRY(ret_from_fork)
2046 
2047     /* void schedule_tail (struct task_struct *prev)
2048      * Note: prev is still in a6 (return value from fake call4 frame)
2049      */
2050     movi    a4, schedule_tail
2051     callx4  a4
2052 
2053     movi    a4, do_syscall_trace_leave
2054     mov a6, a1
2055     callx4  a4
2056 
2057     j   common_exception_return
2058 
2059 ENDPROC(ret_from_fork)
2060 
2061 /*
2062  * Kernel thread creation helper
2063  * On entry, set up by copy_thread: a2 = thread_fn, a3 = thread_fn arg
2064  *           left from _switch_to: a6 = prev
2065  */
2066 ENTRY(ret_from_kernel_thread)
2067 
2068     call4   schedule_tail
2069     mov a6, a3
2070     callx4  a2
2071     j   common_exception_return
2072 
2073 ENDPROC(ret_from_kernel_thread)