Implement a slightly different window spill/fill algorithm for dealing

with user windows in kernel mode.  We split the windows using %otherwin,
but instead of spilling user window directly to the pcb, we attempt to
spill to user space.  If this fails because a stack page is not resident
(or the stack is smashed), the fault handler at tl 2 will detect the
situation and resume at tl 1 again where recovery code can spill to the
pcb.  Any windows that have been saved to the pcb will be copied out to
the user stack on return from kernel mode.

Add a first stab at 32 bit window handling.  This uses much of the same
recovery code as above because the alignment of the stack pointer is used
to detect 32 bit code.  Attempting to spill a 32 bit window to a 64 bit
stack, or vice versa, will cause an alignment fault.  The recovery code
then changes the window state to vector to a 32 bit spill/fill handler
and retries the faulting instruction.

Add ktr traces in useful places during trap processing.

Adjust comments to reflect new code and add many more.

sys/sparc64/include/frame.h

@@ -39,7 +39,8 @@ struct	trapframe {
 	u_long	tf_tpc;
 	u_long	tf_tstate;
 	u_long	tf_type;
-	void	*tf_arg;
+	u_long	tf_wstate;
+	uintptr_t tf_arg;
 };
 #define	tf_sp	tf_out[6]
 
@@ -74,13 +75,16 @@ struct	frame {
 /*
  * Frame used for pcb_wscratch.
  */
-struct	wsframe {
-	u_long	wsf_local[8];
-	u_long	wsf_in[8];
-	u_long	wsf_sp;
-	u_long	wsf_inuse;
+struct	rwindow {
+	u_long	rw_local[8];
+	u_long	rw_in[8];
 };
 
+struct proc;
+
+int	rwindow_save(struct proc *p);
+int	rwindow_load(struct proc *p, struct trapframe *tf, int n);
+
 int	kdb_trap(struct trapframe *tf);
 
 #endif /* !_MACHINE_FRAME_H_ */

sys/sparc64/include/pcb.h

@@ -44,14 +44,14 @@
 /* NOTE: pcb_fpstate must be aligned on a 64 byte boundary. */
 struct	pcb {
 	struct	fpstate	pcb_fpstate;
+	u_long	pcb_cwp;
 	u_long	pcb_fp;
 	u_long	pcb_pc;
 	u_long	pcb_y;
 	caddr_t	pcb_onfault;
-	u_long	pcb_inwinop;
-	u_long	pcb_cwp;
-	u_long	pcb_ws_inuse;
-	struct	wsframe pcb_wscratch[MAXWIN];
+	u_long	pcb_nsaved;
+	u_long	pcb_rwsp[MAXWIN];
+	struct	rwindow pcb_rw[MAXWIN];
 };
 
 struct	md_coredump {

sys/sparc64/include/wstate.h

@@ -0,0 +1,90 @@
+/*-
+ * Copyright (c) 1997 Berkeley Software Design, Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. Berkeley Software Design Inc's name may not be used to endorse or
+ *    promote products derived from this software without specific prior
+ *    written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY BERKELEY SOFTWARE DESIGN INC ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL BERKELEY SOFTWARE DESIGN INC BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ *	from: BSDI: wstate.h,v 1.4 1997/09/18 13:05:51 torek Exp
+ * $FreeBSD$
+ */
+
+#ifndef	_MACHINE_WSTATE_H_
+#define	_MACHINE_WSTATE_H_
+
+/*
+ * Window state register bits.
+ *
+ * There really are no bits per se, just the two fields WSTATE.NORMAL
+ * and WSTATE.OTHER.  The rest is up to software.
+ *
+ * We use WSTATE_NORMAL to represent user mode or kernel mode saves
+ * (whichever is currently in effect) and WSTATE_OTHER to represent
+ * user mode saves (only).
+ *
+ * We use the low bit to suggest 32-bit mode, with the next bit set
+ * once we succeed in saving in some mode.  That is, if the WSTATE_ASSUME
+ * bit is set, the spill or fill handler we use will be one that makes
+ * an assumption about the proper window-save mode.  If the spill or
+ * fill fails with an alignment fault, the spill or fill op should
+ * take the `assume' bit away retry the instruction that caused the
+ * spill or fill.  This will use the new %wstate, which will test for
+ * which mode to use.  The alignment fault code helps us out here by
+ * resuming the spill vector at offset +70, where we are allowed to
+ * execute two instructions (i.e., write to %wstate and RETRY).
+ *
+ * If the ASSUME bit is not set when the alignment fault occurs, the
+ * given stack pointer is hopelessly wrong (and the spill, if it is a
+ * spill, should be done as a sort of "panic spill") -- so those two
+ * instructions will be a branch sequence.
+ *
+ * Note that locore.s assumes this same bit layout (since the translation
+ * from "bits" to "{spill,fill}_N_{normal,other}" is done in hardware).
+ *
+ * The value 0 is preferred for unknown to make it easy to start in
+ * unknown state and continue in whichever state unknown succeeds in --
+ * a successful "other" save, for instance, can just set %wstate to
+ * ASSUMExx << USERSHIFT and thus leave the kernel state "unknown".
+ *
+ * We also need values for managing the somewhat tricky transition from
+ * user to kernel and back, so we use the one remaining free bit to mean
+ * "although this looks like kernel mode, the window(s) involved are
+ * user windows and should be saved ASI_AIUP".  Everything else is
+ * otherwise the same, but we need not bother with assumptions in this
+ * mode (we expect it to apply to at most one window spill or fill),
+ * i.e., WSTATE_TRANSITION can ignore WSTATE_ASSUME if it likes.
+ */
+
+#define	WSTATE_32BIT		1	/* if set, probably 32-bit mode */
+#define	WSTATE_ASSUME		2	/* if set, assume 32 or 64 */
+#define	WSTATE_TRANSITION	4	/* if set, force user window */
+
+#define	WSTATE_TEST64		0	/* test, but anticipate 64-bit mode */
+#define	WSTATE_TEST32		1	/* test, but anticipate 32-bit mode */
+#define	WSTATE_ASSUME64		2	/* assume 64-bit mode */
+#define	WSTATE_ASSUME32		3	/* assume 32-bit mode */
+
+#define	WSTATE_MASK		7	/* for WSTATE.NORMAL */
+#define	WSTATE_USERSHIFT	3	/* for WSTATE.OTHER / user */
+
+#endif /* !_MACHINE_WSTATE_H_ */

sys/sparc64/sparc64/rwindow.c

@@ -0,0 +1,100 @@
+/*-
+ * Copyright (c) 1997 Berkeley Software Design, Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. Berkeley Software Design Inc's name may not be used to endorse or
+ *    promote products derived from this software without specific prior
+ *    written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY BERKELEY SOFTWARE DESIGN INC ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL BERKELEY SOFTWARE DESIGN INC BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ *	from: BSDI: trap.c,v 1.17.2.9 1999/10/19 15:29:52 cp Exp
+ * $FreeBSD$
+ */
+
+#include <sys/param.h>
+#include <sys/systm.h>
+#include <sys/ktr.h>
+#include <sys/proc.h>
+#include <sys/user.h>
+
+#include <machine/frame.h>
+
+int
+rwindow_load(struct proc *p, struct trapframe *tf, int n)
+{
+	struct rwindow rw;
+	u_long usp;
+	int error;
+	int i;
+
+	/*
+	 * In case current window is still only on-chip, push it out;
+	 * if it cannot get all the way out, we cannot continue either.
+	 */
+	if ((error = rwindow_save(p)) != 0)
+		return (error);
+	usp = tf->tf_out[6];
+	CTR3(KTR_TRAP, "rwindow_load: p=%p (%s) n=%d",
+	    p, p->p_comm, n);
+	for (i = 0; i < n; i++) {
+		CTR1(KTR_TRAP, "rwindow_load: usp=%#lx", usp);
+		usp += SPOFF;
+		error = copyin((void *)usp, &rw, sizeof rw);
+		usp = rw.rw_in[6];
+	}
+	CTR1(KTR_TRAP, "rwindow_load: error=%d", error);
+	return (error);
+}
+
+int
+rwindow_save(struct proc *p)
+{
+	struct rwindow *rw;
+	struct pcb *pcb;
+	u_long *ausp;
+	u_long usp;
+	int error;
+	int i;
+
+	flushw();
+	pcb = &p->p_addr->u_pcb;
+	i = pcb->pcb_nsaved;
+	CTR3(KTR_TRAP, "rwindow_save: p=%p (%s) nsaved=%d", p, p->p_comm, i);
+	if (i == 0)
+		return (0);
+	ausp = pcb->pcb_rwsp;
+	rw = pcb->pcb_rw;
+	error = 0;
+	do {
+		usp = *ausp;
+		CTR1(KTR_TRAP, "rwindow_save: usp=%#lx", usp);
+		usp += SPOFF;
+		error = copyout(rw, (void *)usp, sizeof *rw);
+		if (error)
+			break;
+		ausp++;
+		rw++;
+	} while (--i > 0);
+	CTR1(KTR_TRAP, "rwindow_save: error=%d", error);
+	if (error == 0)
+		pcb->pcb_nsaved = 0;
+	return (error);
+}