@@ -1502,9 +1502,9 @@ static void build_r4000_tlb_refill_handler(void)
pr_debug("Wrote TLB refill handler (%u instructions).\n",
final_len);
- memcpy((void *)ebase, final_handler, 0x100);
- local_flush_icache_range(ebase, ebase + 0x100);
- dump_handler("r4000_tlb_refill", (u32 *)ebase, (u32 *)(ebase + 0x100));
+ memcpy((void *)ebase, final_handler, 4 * final_len);
+ local_flush_icache_range(ebase, ebase + 4 * final_len);
+ dump_handler("r4000_tlb_refill", (u32 *)ebase, (u32 *)(ebase + 4 * final_len));
}
static void setup_pw(void)
The R5900 TLB refill handler is limited to 128 bytes, corresponding to 32 instructions. Installing a 256 byte TLB refill handler for the R5900 at address 0x80000000 overwrites the performance counter handler at address 0x80000080, according to the TX79 manual[1]: Table 5-2. Exception Vectors for Level 1 exceptions Exceptions | Vector Address | BEV = 0 | BEV = 1 ---------------------+------------+----------- TLB Refill (EXL = 0) | 0x80000000 | 0xBFC00200 TLB Refill (EXL = 1) | 0x80000180 | 0xBFC00380 Interrupt | 0x80000200 | 0xBFC00400 Others | 0x80000180 | 0xBFC00380 ---------------------+------------+----------- Table 5-3. Exception Vectors for Level 2 exceptions Exceptions | Vector Address | DEV = 0 | DEV = 1 ---------------------+------------+----------- Reset, NMI | 0xBFC00000 | 0xBFC00000 Performance Counter | 0x80000080 | 0xBFC00280 Debug, SIO | 0x80000100 | 0xBFC00300 ---------------------+------------+----------- References: [1] "TX System RISC TX79 Core Architecture" manual, revision 2.0, Toshiba Corporation, p. 5-7, https://wiki.qemu.org/File:C790.pdf Signed-off-by: Fredrik Noring <noring@nocrew.org> --- arch/mips/mm/tlbex.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-)