diff --git a/arch/mips/mm/tlbex.c b/arch/mips/mm/tlbex.c index d356953509e6..1bd134b6f033 100644 --- a/arch/mips/mm/tlbex.c +++ b/arch/mips/mm/tlbex.c @@ -1404,6 +1404,10 @@ static void build_r4000_tlb_refill_handler(void) * unused. */ switch (boot_cpu_type()) { + case CPU_R5900: + if ((p - tlb_handler) > 32) + panic("TLB refill handler space exceeded"); + /* Fallthrough */ default: if (sizeof(long) == 4) { case CPU_LOONGSON2:
The R5900 TLB refill handler is limited to 32 instructions (0x80 bytes, which is 0x80000080 - 0x80000000) according to the TX79 manual[1]: Table 5-2. Exception Vectors for Level 1 exceptions Exceptions | Vector Address | BEV = 0 | BEV = 1 ---------------------+------------+----------- TLB Refill (EXL = 0) | 0x80000000 | 0xBFC00200 TLB Refill (EXL = 1) | 0x80000180 | 0xBFC00380 Interrupt | 0x80000200 | 0xBFC00400 Others | 0x80000180 | 0xBFC00380 ---------------------+------------+----------- Table 5-3. Exception Vectors for Level 2 exceptions Exceptions | Vector Address | DEV = 0 | DEV = 1 ---------------------+------------+----------- Reset, NMI | 0xBFC00000 | 0xBFC00000 Performance Counter | 0x80000080 | 0xBFC00280 Debug, SIO | 0x80000100 | 0xBFC00300 ---------------------+------------+----------- References: [1] "TX System RISC TX79 Core Architecture" manual, revision 2.0, Toshiba Corporation, p. 5-7, https://wiki.qemu.org/File:C790.pdf Signed-off-by: Fredrik Noring <noring@nocrew.org> --- arch/mips/mm/tlbex.c | 4 ++++ 1 file changed, 4 insertions(+)