2 * Routines providing a simple monitor for use on the PowerMac.
4 * Copyright (C) 1996-2005 Paul Mackerras.
5 * Copyright (C) 2001 PPC64 Team, IBM Corp
6 * Copyrignt (C) 2006 Michael Ellerman, IBM Corp
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version
11 * 2 of the License, or (at your option) any later version.
13 #include <linux/errno.h>
14 #include <linux/sched.h>
15 #include <linux/smp.h>
17 #include <linux/reboot.h>
18 #include <linux/delay.h>
19 #include <linux/kallsyms.h>
20 #include <linux/kmsg_dump.h>
21 #include <linux/cpumask.h>
22 #include <linux/export.h>
23 #include <linux/sysrq.h>
24 #include <linux/interrupt.h>
25 #include <linux/irq.h>
26 #include <linux/bug.h>
28 #include <asm/ptrace.h>
29 #include <asm/string.h>
31 #include <asm/machdep.h>
33 #include <asm/processor.h>
34 #include <asm/pgtable.h>
36 #include <asm/mmu_context.h>
37 #include <asm/cputable.h>
39 #include <asm/sstep.h>
40 #include <asm/irq_regs.h>
42 #include <asm/spu_priv1.h>
43 #include <asm/setjmp.h>
45 #include <asm/debug.h>
46 #include <asm/hw_breakpoint.h>
49 #include <asm/hvcall.h>
57 static cpumask_t cpus_in_xmon = CPU_MASK_NONE;
58 static unsigned long xmon_taken = 1;
59 static int xmon_owner;
63 #endif /* CONFIG_SMP */
65 static unsigned long in_xmon __read_mostly = 0;
67 static unsigned long adrs;
69 #define MAX_DUMP (128 * 1024)
70 static unsigned long ndump = 64;
71 static unsigned long nidump = 16;
72 static unsigned long ncsum = 4096;
74 static char tmpstr[128];
76 static long bus_error_jmp[JMP_BUF_LEN];
77 static int catch_memory_errors;
78 static long *xmon_fault_jmp[NR_CPUS];
80 /* Breakpoint stuff */
82 unsigned long address;
83 unsigned int instr[2];
89 /* Bits in bpt.enabled */
90 #define BP_IABR_TE 1 /* IABR translation enabled */
96 static struct bpt bpts[NBPTS];
97 static struct bpt dabr;
98 static struct bpt *iabr;
99 static unsigned bpinstr = 0x7fe00008; /* trap */
101 #define BP_NUM(bp) ((bp) - bpts + 1)
104 static int cmds(struct pt_regs *);
105 static int mread(unsigned long, void *, int);
106 static int mwrite(unsigned long, void *, int);
107 static int handle_fault(struct pt_regs *);
108 static void byterev(unsigned char *, int);
109 static void memex(void);
110 static int bsesc(void);
111 static void dump(void);
112 static void prdump(unsigned long, long);
113 static int ppc_inst_dump(unsigned long, long, int);
114 static void dump_log_buf(void);
115 static void backtrace(struct pt_regs *);
116 static void excprint(struct pt_regs *);
117 static void prregs(struct pt_regs *);
118 static void memops(int);
119 static void memlocate(void);
120 static void memzcan(void);
121 static void memdiffs(unsigned char *, unsigned char *, unsigned, unsigned);
123 int scanhex(unsigned long *valp);
124 static void scannl(void);
125 static int hexdigit(int);
126 void getstring(char *, int);
127 static void flush_input(void);
128 static int inchar(void);
129 static void take_input(char *);
130 static unsigned long read_spr(int);
131 static void write_spr(int, unsigned long);
132 static void super_regs(void);
133 static void remove_bpts(void);
134 static void insert_bpts(void);
135 static void remove_cpu_bpts(void);
136 static void insert_cpu_bpts(void);
137 static struct bpt *at_breakpoint(unsigned long pc);
138 static struct bpt *in_breakpoint_table(unsigned long pc, unsigned long *offp);
139 static int do_step(struct pt_regs *);
140 static void bpt_cmds(void);
141 static void cacheflush(void);
142 static int cpu_cmd(void);
143 static void csum(void);
144 static void bootcmds(void);
145 static void proccall(void);
146 void dump_segments(void);
147 static void symbol_lookup(void);
148 static void xmon_show_stack(unsigned long sp, unsigned long lr,
150 static void xmon_print_symbol(unsigned long address, const char *mid,
152 static const char *getvecname(unsigned long vec);
154 static int do_spu_cmd(void);
157 static void dump_tlb_44x(void);
159 #ifdef CONFIG_PPC_BOOK3E
160 static void dump_tlb_book3e(void);
163 static int xmon_no_auto_backtrace;
165 extern void xmon_enter(void);
166 extern void xmon_leave(void);
174 #define GETWORD(v) (((v)[0] << 24) + ((v)[1] << 16) + ((v)[2] << 8) + (v)[3])
176 #define isxdigit(c) (('0' <= (c) && (c) <= '9') \
177 || ('a' <= (c) && (c) <= 'f') \
178 || ('A' <= (c) && (c) <= 'F'))
179 #define isalnum(c) (('0' <= (c) && (c) <= '9') \
180 || ('a' <= (c) && (c) <= 'z') \
181 || ('A' <= (c) && (c) <= 'Z'))
182 #define isspace(c) (c == ' ' || c == '\t' || c == 10 || c == 13 || c == 0)
184 static char *help_string = "\
186 b show breakpoints\n\
187 bd set data breakpoint\n\
188 bi set instruction breakpoint\n\
189 bc clear breakpoint\n"
192 c print cpus stopped in xmon\n\
193 c# try to switch to cpu number h (in hex)\n"
198 di dump instructions\n\
199 df dump float values\n\
200 dd dump double values\n\
201 dl dump the kernel log buffer\n"
204 dp[#] dump paca for current cpu, or cpu #\n\
205 dpa dump paca for all possible cpus\n"
208 dr dump stream of raw bytes\n\
209 e print exception information\n\
211 la lookup symbol+offset of specified address\n\
212 ls lookup address of specified symbol\n\
213 m examine/change memory\n\
214 mm move a block of memory\n\
215 ms set a block of memory\n\
216 md compare two blocks of memory\n\
217 ml locate a block of memory\n\
218 mz zero a block of memory\n\
219 mi show information about memory allocation\n\
220 p call a procedure\n\
223 #ifdef CONFIG_SPU_BASE
224 " ss stop execution on all spus\n\
225 sr restore execution on stopped spus\n\
226 sf # dump spu fields for spu # (in hex)\n\
227 sd # dump spu local store for spu # (in hex)\n\
228 sdi # disassemble spu local store for spu # (in hex)\n"
230 " S print special registers\n\
232 x exit monitor and recover\n\
233 X exit monitor and dont recover\n"
234 #if defined(CONFIG_PPC64) && !defined(CONFIG_PPC_BOOK3E)
235 " u dump segment table or SLB\n"
236 #elif defined(CONFIG_PPC_STD_MMU_32)
237 " u dump segment registers\n"
238 #elif defined(CONFIG_44x) || defined(CONFIG_PPC_BOOK3E)
246 static struct pt_regs *xmon_regs;
248 static inline void sync(void)
250 asm volatile("sync; isync");
253 static inline void store_inst(void *p)
255 asm volatile ("dcbst 0,%0; sync; icbi 0,%0; isync" : : "r" (p));
258 static inline void cflush(void *p)
260 asm volatile ("dcbf 0,%0; icbi 0,%0" : : "r" (p));
263 static inline void cinval(void *p)
265 asm volatile ("dcbi 0,%0; icbi 0,%0" : : "r" (p));
269 * Disable surveillance (the service processor watchdog function)
270 * while we are in xmon.
271 * XXX we should re-enable it when we leave. :)
273 #define SURVEILLANCE_TOKEN 9000
275 static inline void disable_surveillance(void)
277 #ifdef CONFIG_PPC_PSERIES
278 /* Since this can't be a module, args should end up below 4GB. */
279 static struct rtas_args args;
282 * At this point we have got all the cpus we can into
283 * xmon, so there is hopefully no other cpu calling RTAS
284 * at the moment, even though we don't take rtas.lock.
285 * If we did try to take rtas.lock there would be a
286 * real possibility of deadlock.
288 args.token = rtas_token("set-indicator");
289 if (args.token == RTAS_UNKNOWN_SERVICE)
293 args.rets = &args.args[3];
294 args.args[0] = SURVEILLANCE_TOKEN;
297 enter_rtas(__pa(&args));
298 #endif /* CONFIG_PPC_PSERIES */
302 static int xmon_speaker;
304 static void get_output_lock(void)
306 int me = smp_processor_id() + 0x100;
307 int last_speaker = 0, prev;
310 if (xmon_speaker == me)
313 if (xmon_speaker == 0) {
314 last_speaker = cmpxchg(&xmon_speaker, 0, me);
315 if (last_speaker == 0)
319 while (xmon_speaker == last_speaker) {
322 /* hostile takeover */
323 prev = cmpxchg(&xmon_speaker, last_speaker, me);
324 if (prev == last_speaker)
331 static void release_output_lock(void)
336 int cpus_are_in_xmon(void)
338 return !cpumask_empty(&cpus_in_xmon);
342 static inline int unrecoverable_excp(struct pt_regs *regs)
344 #if defined(CONFIG_4xx) || defined(CONFIG_PPC_BOOK3E)
345 /* We have no MSR_RI bit on 4xx or Book3e, so we simply return false */
348 return ((regs->msr & MSR_RI) == 0);
352 static int xmon_core(struct pt_regs *regs, int fromipi)
356 long recurse_jmp[JMP_BUF_LEN];
357 unsigned long offset;
362 unsigned long timeout;
365 local_irq_save(flags);
367 bp = in_breakpoint_table(regs->nip, &offset);
369 regs->nip = bp->address + offset;
370 atomic_dec(&bp->ref_count);
376 cpu = smp_processor_id();
377 if (cpumask_test_cpu(cpu, &cpus_in_xmon)) {
380 printf("cpu 0x%x: Exception %lx %s in xmon, "
381 "returning to main loop\n",
382 cpu, regs->trap, getvecname(TRAP(regs)));
383 release_output_lock();
384 longjmp(xmon_fault_jmp[cpu], 1);
387 if (setjmp(recurse_jmp) != 0) {
388 if (!in_xmon || !xmon_gate) {
390 printf("xmon: WARNING: bad recursive fault "
391 "on cpu 0x%x\n", cpu);
392 release_output_lock();
395 secondary = !(xmon_taken && cpu == xmon_owner);
399 xmon_fault_jmp[cpu] = recurse_jmp;
400 cpumask_set_cpu(cpu, &cpus_in_xmon);
403 if ((regs->msr & (MSR_IR|MSR_PR|MSR_64BIT)) == (MSR_IR|MSR_64BIT))
404 bp = at_breakpoint(regs->nip);
405 if (bp || unrecoverable_excp(regs))
412 printf("cpu 0x%x stopped at breakpoint 0x%x (",
414 xmon_print_symbol(regs->nip, " ", ")\n");
416 if (unrecoverable_excp(regs))
417 printf("WARNING: exception is not recoverable, "
419 release_output_lock();
424 while (secondary && !xmon_gate) {
428 secondary = test_and_set_bit(0, &in_xmon);
433 if (!secondary && !xmon_gate) {
434 /* we are the first cpu to come in */
435 /* interrupt other cpu(s) */
436 int ncpus = num_online_cpus();
441 smp_send_debugger_break();
442 /* wait for other cpus to come in */
443 for (timeout = 100000000; timeout != 0; --timeout) {
444 if (cpumask_weight(&cpus_in_xmon) >= ncpus)
450 disable_surveillance();
451 /* for breakpoint or single step, print the current instr. */
452 if (bp || TRAP(regs) == 0xd00)
453 ppc_inst_dump(regs->nip, 1, 0);
454 printf("enter ? for help\n");
463 if (cpu == xmon_owner) {
464 if (!test_and_set_bit(0, &xmon_taken)) {
469 while (cpu == xmon_owner)
483 /* have switched to some other cpu */
488 cpumask_clear_cpu(cpu, &cpus_in_xmon);
489 xmon_fault_jmp[cpu] = NULL;
491 /* UP is simple... */
493 printf("Exception %lx %s in xmon, returning to main loop\n",
494 regs->trap, getvecname(TRAP(regs)));
495 longjmp(xmon_fault_jmp[0], 1);
497 if (setjmp(recurse_jmp) == 0) {
498 xmon_fault_jmp[0] = recurse_jmp;
502 bp = at_breakpoint(regs->nip);
504 printf("Stopped at breakpoint %x (", BP_NUM(bp));
505 xmon_print_symbol(regs->nip, " ", ")\n");
507 if (unrecoverable_excp(regs))
508 printf("WARNING: exception is not recoverable, "
511 disable_surveillance();
512 /* for breakpoint or single step, print the current instr. */
513 if (bp || TRAP(regs) == 0xd00)
514 ppc_inst_dump(regs->nip, 1, 0);
515 printf("enter ? for help\n");
525 if (regs->msr & MSR_DE) {
526 bp = at_breakpoint(regs->nip);
528 regs->nip = (unsigned long) &bp->instr[0];
529 atomic_inc(&bp->ref_count);
533 if ((regs->msr & (MSR_IR|MSR_PR|MSR_64BIT)) == (MSR_IR|MSR_64BIT)) {
534 bp = at_breakpoint(regs->nip);
536 int stepped = emulate_step(regs, bp->instr[0]);
538 regs->nip = (unsigned long) &bp->instr[0];
539 atomic_inc(&bp->ref_count);
540 } else if (stepped < 0) {
541 printf("Couldn't single-step %s instruction\n",
542 (IS_RFID(bp->instr[0])? "rfid": "mtmsrd"));
549 local_irq_restore(flags);
551 return cmd != 'X' && cmd != EOF;
554 int xmon(struct pt_regs *excp)
559 ppc_save_regs(®s);
563 return xmon_core(excp, 0);
567 irqreturn_t xmon_irq(int irq, void *d)
570 local_irq_save(flags);
571 printf("Keyboard interrupt\n");
572 xmon(get_irq_regs());
573 local_irq_restore(flags);
577 static int xmon_bpt(struct pt_regs *regs)
580 unsigned long offset;
582 if ((regs->msr & (MSR_IR|MSR_PR|MSR_64BIT)) != (MSR_IR|MSR_64BIT))
585 /* Are we at the trap at bp->instr[1] for some bp? */
586 bp = in_breakpoint_table(regs->nip, &offset);
587 if (bp != NULL && offset == 4) {
588 regs->nip = bp->address + 4;
589 atomic_dec(&bp->ref_count);
593 /* Are we at a breakpoint? */
594 bp = at_breakpoint(regs->nip);
603 static int xmon_sstep(struct pt_regs *regs)
611 static int xmon_break_match(struct pt_regs *regs)
613 if ((regs->msr & (MSR_IR|MSR_PR|MSR_64BIT)) != (MSR_IR|MSR_64BIT))
615 if (dabr.enabled == 0)
621 static int xmon_iabr_match(struct pt_regs *regs)
623 if ((regs->msr & (MSR_IR|MSR_PR|MSR_64BIT)) != (MSR_IR|MSR_64BIT))
631 static int xmon_ipi(struct pt_regs *regs)
634 if (in_xmon && !cpumask_test_cpu(smp_processor_id(), &cpus_in_xmon))
640 static int xmon_fault_handler(struct pt_regs *regs)
643 unsigned long offset;
645 if (in_xmon && catch_memory_errors)
646 handle_fault(regs); /* doesn't return */
648 if ((regs->msr & (MSR_IR|MSR_PR|MSR_64BIT)) == (MSR_IR|MSR_64BIT)) {
649 bp = in_breakpoint_table(regs->nip, &offset);
651 regs->nip = bp->address + offset;
652 atomic_dec(&bp->ref_count);
659 static struct bpt *at_breakpoint(unsigned long pc)
665 for (i = 0; i < NBPTS; ++i, ++bp)
666 if (bp->enabled && pc == bp->address)
671 static struct bpt *in_breakpoint_table(unsigned long nip, unsigned long *offp)
675 off = nip - (unsigned long) bpts;
676 if (off >= sizeof(bpts))
678 off %= sizeof(struct bpt);
679 if (off != offsetof(struct bpt, instr[0])
680 && off != offsetof(struct bpt, instr[1]))
682 *offp = off - offsetof(struct bpt, instr[0]);
683 return (struct bpt *) (nip - off);
686 static struct bpt *new_breakpoint(unsigned long a)
691 bp = at_breakpoint(a);
695 for (bp = bpts; bp < &bpts[NBPTS]; ++bp) {
696 if (!bp->enabled && atomic_read(&bp->ref_count) == 0) {
698 bp->instr[1] = bpinstr;
699 store_inst(&bp->instr[1]);
704 printf("Sorry, no free breakpoints. Please clear one first.\n");
708 static void insert_bpts(void)
714 for (i = 0; i < NBPTS; ++i, ++bp) {
715 if ((bp->enabled & (BP_TRAP|BP_IABR)) == 0)
717 if (mread(bp->address, &bp->instr[0], 4) != 4) {
718 printf("Couldn't read instruction at %lx, "
719 "disabling breakpoint there\n", bp->address);
723 if (IS_MTMSRD(bp->instr[0]) || IS_RFID(bp->instr[0])) {
724 printf("Breakpoint at %lx is on an mtmsrd or rfid "
725 "instruction, disabling it\n", bp->address);
729 store_inst(&bp->instr[0]);
730 if (bp->enabled & BP_IABR)
732 if (mwrite(bp->address, &bpinstr, 4) != 4) {
733 printf("Couldn't write instruction at %lx, "
734 "disabling breakpoint there\n", bp->address);
735 bp->enabled &= ~BP_TRAP;
738 store_inst((void *)bp->address);
742 static void insert_cpu_bpts(void)
744 struct arch_hw_breakpoint brk;
747 brk.address = dabr.address;
748 brk.type = (dabr.enabled & HW_BRK_TYPE_DABR) | HW_BRK_TYPE_PRIV_ALL;
750 set_breakpoint(&brk);
752 if (iabr && cpu_has_feature(CPU_FTR_IABR))
753 mtspr(SPRN_IABR, iabr->address
754 | (iabr->enabled & (BP_IABR|BP_IABR_TE)));
757 static void remove_bpts(void)
764 for (i = 0; i < NBPTS; ++i, ++bp) {
765 if ((bp->enabled & (BP_TRAP|BP_IABR)) != BP_TRAP)
767 if (mread(bp->address, &instr, 4) == 4
769 && mwrite(bp->address, &bp->instr, 4) != 4)
770 printf("Couldn't remove breakpoint at %lx\n",
773 store_inst((void *)bp->address);
777 static void remove_cpu_bpts(void)
779 hw_breakpoint_disable();
780 if (cpu_has_feature(CPU_FTR_IABR))
784 /* Command interpreting routine */
785 static char *last_cmd;
788 cmds(struct pt_regs *excp)
795 if (!xmon_no_auto_backtrace) {
796 xmon_no_auto_backtrace = 1;
797 xmon_show_stack(excp->gpr[1], excp->link, excp->nip);
802 printf("%x:", smp_processor_id());
803 #endif /* CONFIG_SMP */
809 if (last_cmd == NULL)
811 take_input(last_cmd);
845 prregs(excp); /* print regs */
860 if (do_spu_cmd() == 0)
869 printf(" <no input ...>\n");
873 xmon_puts(help_string);
891 #ifdef CONFIG_PPC_STD_MMU
895 #elif defined(CONFIG_4xx)
899 #elif defined(CONFIG_PPC_BOOK3E)
905 printf("Unrecognized command: ");
907 if (' ' < cmd && cmd <= '~')
910 printf("\\x%x", cmd);
912 } while (cmd != '\n');
913 printf(" (type ? for help)\n");
920 static int do_step(struct pt_regs *regs)
923 mtspr(SPRN_DBCR0, mfspr(SPRN_DBCR0) | DBCR0_IC | DBCR0_IDM);
928 * Step a single instruction.
929 * Some instructions we emulate, others we execute with MSR_SE set.
931 static int do_step(struct pt_regs *regs)
936 /* check we are in 64-bit kernel mode, translation enabled */
937 if ((regs->msr & (MSR_64BIT|MSR_PR|MSR_IR)) == (MSR_64BIT|MSR_IR)) {
938 if (mread(regs->nip, &instr, 4) == 4) {
939 stepped = emulate_step(regs, instr);
941 printf("Couldn't single-step %s instruction\n",
942 (IS_RFID(instr)? "rfid": "mtmsrd"));
946 regs->trap = 0xd00 | (regs->trap & 1);
947 printf("stepped to ");
948 xmon_print_symbol(regs->nip, " ", "\n");
949 ppc_inst_dump(regs->nip, 1, 0);
959 static void bootcmds(void)
965 ppc_md.restart(NULL);
972 static int cpu_cmd(void)
979 if (!scanhex(&cpu)) {
980 /* print cpus waiting or in xmon */
981 printf("cpus stopped:");
983 for_each_possible_cpu(cpu) {
984 if (cpumask_test_cpu(cpu, &cpus_in_xmon)) {
990 printf("-%x", cpu - 1);
995 printf("-%x", NR_CPUS - 1);
999 /* try to switch to cpu specified */
1000 if (!cpumask_test_cpu(cpu, &cpus_in_xmon)) {
1001 printf("cpu 0x%x isn't in xmon\n", cpu);
1008 while (!xmon_taken) {
1009 if (--timeout == 0) {
1010 if (test_and_set_bit(0, &xmon_taken))
1012 /* take control back */
1014 xmon_owner = smp_processor_id();
1015 printf("cpu %u didn't take control\n", cpu);
1023 #endif /* CONFIG_SMP */
1026 static unsigned short fcstab[256] = {
1027 0x0000, 0x1189, 0x2312, 0x329b, 0x4624, 0x57ad, 0x6536, 0x74bf,
1028 0x8c48, 0x9dc1, 0xaf5a, 0xbed3, 0xca6c, 0xdbe5, 0xe97e, 0xf8f7,
1029 0x1081, 0x0108, 0x3393, 0x221a, 0x56a5, 0x472c, 0x75b7, 0x643e,
1030 0x9cc9, 0x8d40, 0xbfdb, 0xae52, 0xdaed, 0xcb64, 0xf9ff, 0xe876,
1031 0x2102, 0x308b, 0x0210, 0x1399, 0x6726, 0x76af, 0x4434, 0x55bd,
1032 0xad4a, 0xbcc3, 0x8e58, 0x9fd1, 0xeb6e, 0xfae7, 0xc87c, 0xd9f5,
1033 0x3183, 0x200a, 0x1291, 0x0318, 0x77a7, 0x662e, 0x54b5, 0x453c,
1034 0xbdcb, 0xac42, 0x9ed9, 0x8f50, 0xfbef, 0xea66, 0xd8fd, 0xc974,
1035 0x4204, 0x538d, 0x6116, 0x709f, 0x0420, 0x15a9, 0x2732, 0x36bb,
1036 0xce4c, 0xdfc5, 0xed5e, 0xfcd7, 0x8868, 0x99e1, 0xab7a, 0xbaf3,
1037 0x5285, 0x430c, 0x7197, 0x601e, 0x14a1, 0x0528, 0x37b3, 0x263a,
1038 0xdecd, 0xcf44, 0xfddf, 0xec56, 0x98e9, 0x8960, 0xbbfb, 0xaa72,
1039 0x6306, 0x728f, 0x4014, 0x519d, 0x2522, 0x34ab, 0x0630, 0x17b9,
1040 0xef4e, 0xfec7, 0xcc5c, 0xddd5, 0xa96a, 0xb8e3, 0x8a78, 0x9bf1,
1041 0x7387, 0x620e, 0x5095, 0x411c, 0x35a3, 0x242a, 0x16b1, 0x0738,
1042 0xffcf, 0xee46, 0xdcdd, 0xcd54, 0xb9eb, 0xa862, 0x9af9, 0x8b70,
1043 0x8408, 0x9581, 0xa71a, 0xb693, 0xc22c, 0xd3a5, 0xe13e, 0xf0b7,
1044 0x0840, 0x19c9, 0x2b52, 0x3adb, 0x4e64, 0x5fed, 0x6d76, 0x7cff,
1045 0x9489, 0x8500, 0xb79b, 0xa612, 0xd2ad, 0xc324, 0xf1bf, 0xe036,
1046 0x18c1, 0x0948, 0x3bd3, 0x2a5a, 0x5ee5, 0x4f6c, 0x7df7, 0x6c7e,
1047 0xa50a, 0xb483, 0x8618, 0x9791, 0xe32e, 0xf2a7, 0xc03c, 0xd1b5,
1048 0x2942, 0x38cb, 0x0a50, 0x1bd9, 0x6f66, 0x7eef, 0x4c74, 0x5dfd,
1049 0xb58b, 0xa402, 0x9699, 0x8710, 0xf3af, 0xe226, 0xd0bd, 0xc134,
1050 0x39c3, 0x284a, 0x1ad1, 0x0b58, 0x7fe7, 0x6e6e, 0x5cf5, 0x4d7c,
1051 0xc60c, 0xd785, 0xe51e, 0xf497, 0x8028, 0x91a1, 0xa33a, 0xb2b3,
1052 0x4a44, 0x5bcd, 0x6956, 0x78df, 0x0c60, 0x1de9, 0x2f72, 0x3efb,
1053 0xd68d, 0xc704, 0xf59f, 0xe416, 0x90a9, 0x8120, 0xb3bb, 0xa232,
1054 0x5ac5, 0x4b4c, 0x79d7, 0x685e, 0x1ce1, 0x0d68, 0x3ff3, 0x2e7a,
1055 0xe70e, 0xf687, 0xc41c, 0xd595, 0xa12a, 0xb0a3, 0x8238, 0x93b1,
1056 0x6b46, 0x7acf, 0x4854, 0x59dd, 0x2d62, 0x3ceb, 0x0e70, 0x1ff9,
1057 0xf78f, 0xe606, 0xd49d, 0xc514, 0xb1ab, 0xa022, 0x92b9, 0x8330,
1058 0x7bc7, 0x6a4e, 0x58d5, 0x495c, 0x3de3, 0x2c6a, 0x1ef1, 0x0f78
1061 #define FCS(fcs, c) (((fcs) >> 8) ^ fcstab[((fcs) ^ (c)) & 0xff])
1070 if (!scanhex(&adrs))
1072 if (!scanhex(&ncsum))
1075 for (i = 0; i < ncsum; ++i) {
1076 if (mread(adrs+i, &v, 1) == 0) {
1077 printf("csum stopped at %x\n", adrs+i);
1082 printf("%x\n", fcs);
1086 * Check if this is a suitable place to put a breakpoint.
1088 static long check_bp_loc(unsigned long addr)
1093 if (!is_kernel_addr(addr)) {
1094 printf("Breakpoints may only be placed at kernel addresses\n");
1097 if (!mread(addr, &instr, sizeof(instr))) {
1098 printf("Can't read instruction at address %lx\n", addr);
1101 if (IS_MTMSRD(instr) || IS_RFID(instr)) {
1102 printf("Breakpoints may not be placed on mtmsrd or rfid "
1109 static char *breakpoint_help_string =
1110 "Breakpoint command usage:\n"
1111 "b show breakpoints\n"
1112 "b <addr> [cnt] set breakpoint at given instr addr\n"
1113 "bc clear all breakpoints\n"
1114 "bc <n/addr> clear breakpoint number n or at addr\n"
1115 "bi <addr> [cnt] set hardware instr breakpoint (POWER3/RS64 only)\n"
1116 "bd <addr> [cnt] set hardware data breakpoint\n"
1126 const char badaddr[] = "Only kernel addresses are permitted "
1127 "for breakpoints\n";
1132 case 'd': /* bd - hardware data breakpoint */
1137 else if (cmd == 'w')
1143 if (scanhex(&dabr.address)) {
1144 if (!is_kernel_addr(dabr.address)) {
1148 dabr.address &= ~HW_BRK_TYPE_DABR;
1149 dabr.enabled = mode | BP_DABR;
1153 case 'i': /* bi - hardware instr breakpoint */
1154 if (!cpu_has_feature(CPU_FTR_IABR)) {
1155 printf("Hardware instruction breakpoint "
1156 "not supported on this cpu\n");
1160 iabr->enabled &= ~(BP_IABR | BP_IABR_TE);
1165 if (!check_bp_loc(a))
1167 bp = new_breakpoint(a);
1169 bp->enabled |= BP_IABR | BP_IABR_TE;
1177 /* clear all breakpoints */
1178 for (i = 0; i < NBPTS; ++i)
1179 bpts[i].enabled = 0;
1182 printf("All breakpoints cleared\n");
1186 if (a <= NBPTS && a >= 1) {
1187 /* assume a breakpoint number */
1188 bp = &bpts[a-1]; /* bp nums are 1 based */
1190 /* assume a breakpoint address */
1191 bp = at_breakpoint(a);
1193 printf("No breakpoint at %x\n", a);
1198 printf("Cleared breakpoint %x (", BP_NUM(bp));
1199 xmon_print_symbol(bp->address, " ", ")\n");
1207 printf(breakpoint_help_string);
1212 /* print all breakpoints */
1213 printf(" type address\n");
1215 printf(" data "REG" [", dabr.address);
1216 if (dabr.enabled & 1)
1218 if (dabr.enabled & 2)
1222 for (bp = bpts; bp < &bpts[NBPTS]; ++bp) {
1225 printf("%2x %s ", BP_NUM(bp),
1226 (bp->enabled & BP_IABR)? "inst": "trap");
1227 xmon_print_symbol(bp->address, " ", "\n");
1232 if (!check_bp_loc(a))
1234 bp = new_breakpoint(a);
1236 bp->enabled |= BP_TRAP;
1241 /* Very cheap human name for vector lookup. */
1243 const char *getvecname(unsigned long vec)
1248 case 0x100: ret = "(System Reset)"; break;
1249 case 0x200: ret = "(Machine Check)"; break;
1250 case 0x300: ret = "(Data Access)"; break;
1251 case 0x380: ret = "(Data SLB Access)"; break;
1252 case 0x400: ret = "(Instruction Access)"; break;
1253 case 0x480: ret = "(Instruction SLB Access)"; break;
1254 case 0x500: ret = "(Hardware Interrupt)"; break;
1255 case 0x600: ret = "(Alignment)"; break;
1256 case 0x700: ret = "(Program Check)"; break;
1257 case 0x800: ret = "(FPU Unavailable)"; break;
1258 case 0x900: ret = "(Decrementer)"; break;
1259 case 0xc00: ret = "(System Call)"; break;
1260 case 0xd00: ret = "(Single Step)"; break;
1261 case 0xf00: ret = "(Performance Monitor)"; break;
1262 case 0xf20: ret = "(Altivec Unavailable)"; break;
1263 case 0x1300: ret = "(Instruction Breakpoint)"; break;
1269 static void get_function_bounds(unsigned long pc, unsigned long *startp,
1270 unsigned long *endp)
1272 unsigned long size, offset;
1275 *startp = *endp = 0;
1278 if (setjmp(bus_error_jmp) == 0) {
1279 catch_memory_errors = 1;
1281 name = kallsyms_lookup(pc, &size, &offset, NULL, tmpstr);
1283 *startp = pc - offset;
1284 *endp = pc - offset + size;
1288 catch_memory_errors = 0;
1291 #define LRSAVE_OFFSET (STACK_FRAME_LR_SAVE * sizeof(unsigned long))
1292 #define MARKER_OFFSET (STACK_FRAME_MARKER * sizeof(unsigned long))
1294 static void xmon_show_stack(unsigned long sp, unsigned long lr,
1297 int max_to_print = 64;
1299 unsigned long newsp;
1300 unsigned long marker;
1301 struct pt_regs regs;
1303 while (max_to_print--) {
1304 if (sp < PAGE_OFFSET) {
1306 printf("SP (%lx) is in userspace\n", sp);
1310 if (!mread(sp + LRSAVE_OFFSET, &ip, sizeof(unsigned long))
1311 || !mread(sp, &newsp, sizeof(unsigned long))) {
1312 printf("Couldn't read stack frame at %lx\n", sp);
1317 * For the first stack frame, try to work out if
1318 * LR and/or the saved LR value in the bottommost
1319 * stack frame are valid.
1321 if ((pc | lr) != 0) {
1322 unsigned long fnstart, fnend;
1323 unsigned long nextip;
1326 get_function_bounds(pc, &fnstart, &fnend);
1329 mread(newsp + LRSAVE_OFFSET, &nextip,
1330 sizeof(unsigned long));
1332 if (lr < PAGE_OFFSET
1333 || (fnstart <= lr && lr < fnend))
1335 } else if (lr == nextip) {
1337 } else if (lr >= PAGE_OFFSET
1338 && !(fnstart <= lr && lr < fnend)) {
1339 printf("[link register ] ");
1340 xmon_print_symbol(lr, " ", "\n");
1343 printf("["REG"] ", sp);
1344 xmon_print_symbol(ip, " ", " (unreliable)\n");
1349 printf("["REG"] ", sp);
1350 xmon_print_symbol(ip, " ", "\n");
1353 /* Look for "regshere" marker to see if this is
1354 an exception frame. */
1355 if (mread(sp + MARKER_OFFSET, &marker, sizeof(unsigned long))
1356 && marker == STACK_FRAME_REGS_MARKER) {
1357 if (mread(sp + STACK_FRAME_OVERHEAD, ®s, sizeof(regs))
1359 printf("Couldn't read registers at %lx\n",
1360 sp + STACK_FRAME_OVERHEAD);
1363 printf("--- Exception: %lx %s at ", regs.trap,
1364 getvecname(TRAP(®s)));
1367 xmon_print_symbol(pc, " ", "\n");
1377 static void backtrace(struct pt_regs *excp)
1382 xmon_show_stack(sp, 0, 0);
1384 xmon_show_stack(excp->gpr[1], excp->link, excp->nip);
1388 static void print_bug_trap(struct pt_regs *regs)
1391 const struct bug_entry *bug;
1394 if (regs->msr & MSR_PR)
1395 return; /* not in kernel */
1396 addr = regs->nip; /* address of trap instruction */
1397 if (addr < PAGE_OFFSET)
1399 bug = find_bug(regs->nip);
1402 if (is_warning_bug(bug))
1405 #ifdef CONFIG_DEBUG_BUGVERBOSE
1406 printf("kernel BUG at %s:%u!\n",
1407 bug->file, bug->line);
1409 printf("kernel BUG at %p!\n", (void *)bug->bug_addr);
1411 #endif /* CONFIG_BUG */
1414 static void excprint(struct pt_regs *fp)
1419 printf("cpu 0x%x: ", smp_processor_id());
1420 #endif /* CONFIG_SMP */
1423 printf("Vector: %lx %s at [%lx]\n", fp->trap, getvecname(trap), fp);
1425 xmon_print_symbol(fp->nip, ": ", "\n");
1427 printf(" lr: ", fp->link);
1428 xmon_print_symbol(fp->link, ": ", "\n");
1430 printf(" sp: %lx\n", fp->gpr[1]);
1431 printf(" msr: %lx\n", fp->msr);
1433 if (trap == 0x300 || trap == 0x380 || trap == 0x600) {
1434 printf(" dar: %lx\n", fp->dar);
1436 printf(" dsisr: %lx\n", fp->dsisr);
1439 printf(" current = 0x%lx\n", current);
1441 printf(" paca = 0x%lx\t softe: %d\t irq_happened: 0x%02x\n",
1442 local_paca, local_paca->soft_enabled, local_paca->irq_happened);
1445 printf(" pid = %ld, comm = %s\n",
1446 current->pid, current->comm);
1453 static void prregs(struct pt_regs *fp)
1457 struct pt_regs regs;
1459 if (scanhex(&base)) {
1460 if (setjmp(bus_error_jmp) == 0) {
1461 catch_memory_errors = 1;
1463 regs = *(struct pt_regs *)base;
1467 catch_memory_errors = 0;
1468 printf("*** Error reading registers from "REG"\n",
1472 catch_memory_errors = 0;
1477 if (FULL_REGS(fp)) {
1478 for (n = 0; n < 16; ++n)
1479 printf("R%.2ld = "REG" R%.2ld = "REG"\n",
1480 n, fp->gpr[n], n+16, fp->gpr[n+16]);
1482 for (n = 0; n < 7; ++n)
1483 printf("R%.2ld = "REG" R%.2ld = "REG"\n",
1484 n, fp->gpr[n], n+7, fp->gpr[n+7]);
1487 for (n = 0; n < 32; ++n) {
1488 printf("R%.2d = %.8x%s", n, fp->gpr[n],
1489 (n & 3) == 3? "\n": " ");
1490 if (n == 12 && !FULL_REGS(fp)) {
1497 xmon_print_symbol(fp->nip, " ", "\n");
1498 if (TRAP(fp) != 0xc00 && cpu_has_feature(CPU_FTR_CFAR)) {
1500 xmon_print_symbol(fp->orig_gpr3, " ", "\n");
1503 xmon_print_symbol(fp->link, " ", "\n");
1504 printf("msr = "REG" cr = %.8lx\n", fp->msr, fp->ccr);
1505 printf("ctr = "REG" xer = "REG" trap = %4lx\n",
1506 fp->ctr, fp->xer, fp->trap);
1508 if (trap == 0x300 || trap == 0x380 || trap == 0x600)
1509 printf("dar = "REG" dsisr = %.8lx\n", fp->dar, fp->dsisr);
1512 static void cacheflush(void)
1515 unsigned long nflush;
1520 scanhex((void *)&adrs);
1525 nflush = (nflush + L1_CACHE_BYTES - 1) / L1_CACHE_BYTES;
1526 if (setjmp(bus_error_jmp) == 0) {
1527 catch_memory_errors = 1;
1531 for (; nflush > 0; --nflush, adrs += L1_CACHE_BYTES)
1532 cflush((void *) adrs);
1534 for (; nflush > 0; --nflush, adrs += L1_CACHE_BYTES)
1535 cinval((void *) adrs);
1538 /* wait a little while to see if we get a machine check */
1541 catch_memory_errors = 0;
1544 static unsigned long
1547 unsigned int instrs[2];
1548 unsigned long (*code)(void);
1549 unsigned long ret = -1UL;
1551 unsigned long opd[3];
1553 opd[0] = (unsigned long)instrs;
1556 code = (unsigned long (*)(void)) opd;
1558 code = (unsigned long (*)(void)) instrs;
1561 /* mfspr r3,n; blr */
1562 instrs[0] = 0x7c6002a6 + ((n & 0x1F) << 16) + ((n & 0x3e0) << 6);
1563 instrs[1] = 0x4e800020;
1565 store_inst(instrs+1);
1567 if (setjmp(bus_error_jmp) == 0) {
1568 catch_memory_errors = 1;
1574 /* wait a little while to see if we get a machine check */
1583 write_spr(int n, unsigned long val)
1585 unsigned int instrs[2];
1586 unsigned long (*code)(unsigned long);
1588 unsigned long opd[3];
1590 opd[0] = (unsigned long)instrs;
1593 code = (unsigned long (*)(unsigned long)) opd;
1595 code = (unsigned long (*)(unsigned long)) instrs;
1598 instrs[0] = 0x7c6003a6 + ((n & 0x1F) << 16) + ((n & 0x3e0) << 6);
1599 instrs[1] = 0x4e800020;
1601 store_inst(instrs+1);
1603 if (setjmp(bus_error_jmp) == 0) {
1604 catch_memory_errors = 1;
1610 /* wait a little while to see if we get a machine check */
1616 static unsigned long regno;
1617 extern char exc_prolog;
1618 extern char dec_exc;
1620 static void super_regs(void)
1627 unsigned long sp, toc;
1628 asm("mr %0,1" : "=r" (sp) :);
1629 asm("mr %0,2" : "=r" (toc) :);
1631 printf("msr = "REG" sprg0= "REG"\n",
1632 mfmsr(), mfspr(SPRN_SPRG0));
1633 printf("pvr = "REG" sprg1= "REG"\n",
1634 mfspr(SPRN_PVR), mfspr(SPRN_SPRG1));
1635 printf("dec = "REG" sprg2= "REG"\n",
1636 mfspr(SPRN_DEC), mfspr(SPRN_SPRG2));
1637 printf("sp = "REG" sprg3= "REG"\n", sp, mfspr(SPRN_SPRG3));
1638 printf("toc = "REG" dar = "REG"\n", toc, mfspr(SPRN_DAR));
1646 val = read_spr(regno);
1648 write_spr(regno, val);
1651 printf("spr %lx = %lx\n", regno, read_spr(regno));
1658 * Stuff for reading and writing memory safely
1661 mread(unsigned long adrs, void *buf, int size)
1667 if (setjmp(bus_error_jmp) == 0) {
1668 catch_memory_errors = 1;
1674 *(u16 *)q = *(u16 *)p;
1677 *(u32 *)q = *(u32 *)p;
1680 *(u64 *)q = *(u64 *)p;
1683 for( ; n < size; ++n) {
1689 /* wait a little while to see if we get a machine check */
1693 catch_memory_errors = 0;
1698 mwrite(unsigned long adrs, void *buf, int size)
1704 if (setjmp(bus_error_jmp) == 0) {
1705 catch_memory_errors = 1;
1711 *(u16 *)p = *(u16 *)q;
1714 *(u32 *)p = *(u32 *)q;
1717 *(u64 *)p = *(u64 *)q;
1720 for ( ; n < size; ++n) {
1726 /* wait a little while to see if we get a machine check */
1730 printf("*** Error writing address %x\n", adrs + n);
1732 catch_memory_errors = 0;
1736 static int fault_type;
1737 static int fault_except;
1738 static char *fault_chars[] = { "--", "**", "##" };
1740 static int handle_fault(struct pt_regs *regs)
1742 fault_except = TRAP(regs);
1743 switch (TRAP(regs)) {
1755 longjmp(bus_error_jmp, 1);
1760 #define SWAP(a, b, t) ((t) = (a), (a) = (b), (b) = (t))
1763 byterev(unsigned char *val, int size)
1769 SWAP(val[0], val[1], t);
1772 SWAP(val[0], val[3], t);
1773 SWAP(val[1], val[2], t);
1775 case 8: /* is there really any use for this? */
1776 SWAP(val[0], val[7], t);
1777 SWAP(val[1], val[6], t);
1778 SWAP(val[2], val[5], t);
1779 SWAP(val[3], val[4], t);
1787 static char *memex_help_string =
1788 "Memory examine command usage:\n"
1789 "m [addr] [flags] examine/change memory\n"
1790 " addr is optional. will start where left off.\n"
1791 " flags may include chars from this set:\n"
1792 " b modify by bytes (default)\n"
1793 " w modify by words (2 byte)\n"
1794 " l modify by longs (4 byte)\n"
1795 " d modify by doubleword (8 byte)\n"
1796 " r toggle reverse byte order mode\n"
1797 " n do not read memory (for i/o spaces)\n"
1798 " . ok to read (default)\n"
1799 "NOTE: flags are saved as defaults\n"
1802 static char *memex_subcmd_help_string =
1803 "Memory examine subcommands:\n"
1804 " hexval write this val to current location\n"
1805 " 'string' write chars from string to this location\n"
1806 " ' increment address\n"
1807 " ^ decrement address\n"
1808 " / increment addr by 0x10. //=0x100, ///=0x1000, etc\n"
1809 " \\ decrement addr by 0x10. \\\\=0x100, \\\\\\=0x1000, etc\n"
1810 " ` clear no-read flag\n"
1811 " ; stay at this addr\n"
1812 " v change to byte mode\n"
1813 " w change to word (2 byte) mode\n"
1814 " l change to long (4 byte) mode\n"
1815 " u change to doubleword (8 byte) mode\n"
1816 " m addr change current addr\n"
1817 " n toggle no-read flag\n"
1818 " r toggle byte reverse flag\n"
1819 " < count back up count bytes\n"
1820 " > count skip forward count bytes\n"
1821 " x exit this mode\n"
1827 int cmd, inc, i, nslash;
1829 unsigned char val[16];
1831 scanhex((void *)&adrs);
1834 printf(memex_help_string);
1840 while ((cmd = skipbl()) != '\n') {
1842 case 'b': size = 1; break;
1843 case 'w': size = 2; break;
1844 case 'l': size = 4; break;
1845 case 'd': size = 8; break;
1846 case 'r': brev = !brev; break;
1847 case 'n': mnoread = 1; break;
1848 case '.': mnoread = 0; break;
1857 n = mread(adrs, val, size);
1858 printf(REG"%c", adrs, brev? 'r': ' ');
1863 for (i = 0; i < n; ++i)
1864 printf("%.2x", val[i]);
1865 for (; i < size; ++i)
1866 printf("%s", fault_chars[fault_type]);
1873 for (i = 0; i < size; ++i)
1874 val[i] = n >> (i * 8);
1877 mwrite(adrs, val, size);
1890 else if( n == '\'' )
1892 for (i = 0; i < size; ++i)
1893 val[i] = n >> (i * 8);
1896 mwrite(adrs, val, size);
1933 adrs -= 1 << nslash;
1937 adrs += 1 << nslash;
1941 adrs += 1 << -nslash;
1945 adrs -= 1 << -nslash;
1948 scanhex((void *)&adrs);
1967 printf(memex_subcmd_help_string);
1982 case 'n': c = '\n'; break;
1983 case 'r': c = '\r'; break;
1984 case 'b': c = '\b'; break;
1985 case 't': c = '\t'; break;
1990 static void xmon_rawdump (unsigned long adrs, long ndump)
1993 unsigned char temp[16];
1995 for (n = ndump; n > 0;) {
1997 nr = mread(adrs, temp, r);
1999 for (m = 0; m < r; ++m) {
2001 printf("%.2x", temp[m]);
2003 printf("%s", fault_chars[fault_type]);
2013 static void dump_one_paca(int cpu)
2015 struct paca_struct *p;
2017 if (setjmp(bus_error_jmp) != 0) {
2018 printf("*** Error dumping paca for cpu 0x%x!\n", cpu);
2022 catch_memory_errors = 1;
2027 printf("paca for cpu 0x%x @ %p:\n", cpu, p);
2029 printf(" %-*s = %s\n", 16, "possible", cpu_possible(cpu) ? "yes" : "no");
2030 printf(" %-*s = %s\n", 16, "present", cpu_present(cpu) ? "yes" : "no");
2031 printf(" %-*s = %s\n", 16, "online", cpu_online(cpu) ? "yes" : "no");
2033 #define DUMP(paca, name, format) \
2034 printf(" %-*s = %#-*"format"\t(0x%lx)\n", 16, #name, 18, paca->name, \
2035 offsetof(struct paca_struct, name));
2037 DUMP(p, lock_token, "x");
2038 DUMP(p, paca_index, "x");
2039 DUMP(p, kernel_toc, "lx");
2040 DUMP(p, kernelbase, "lx");
2041 DUMP(p, kernel_msr, "lx");
2042 #ifdef CONFIG_PPC_STD_MMU_64
2043 DUMP(p, stab_real, "lx");
2044 DUMP(p, stab_addr, "lx");
2046 DUMP(p, emergency_sp, "p");
2047 DUMP(p, data_offset, "lx");
2048 DUMP(p, hw_cpu_id, "x");
2049 DUMP(p, cpu_start, "x");
2050 DUMP(p, kexec_state, "x");
2051 DUMP(p, __current, "p");
2052 DUMP(p, kstack, "lx");
2053 DUMP(p, stab_rr, "lx");
2054 DUMP(p, saved_r1, "lx");
2055 DUMP(p, trap_save, "x");
2056 DUMP(p, soft_enabled, "x");
2057 DUMP(p, irq_happened, "x");
2058 DUMP(p, io_sync, "x");
2059 DUMP(p, irq_work_pending, "x");
2060 DUMP(p, nap_state_lost, "x");
2064 catch_memory_errors = 0;
2068 static void dump_all_pacas(void)
2072 if (num_possible_cpus() == 0) {
2073 printf("No possible cpus, use 'dp #' to dump individual cpus\n");
2077 for_each_possible_cpu(cpu)
2081 static void dump_pacas(void)
2092 termch = c; /* Put c back, it wasn't 'a' */
2097 dump_one_paca(xmon_owner);
2101 #define isxdigit(c) (('0' <= (c) && (c) <= '9') \
2102 || ('a' <= (c) && (c) <= 'f') \
2103 || ('A' <= (c) && (c) <= 'F'))
2118 if ((isxdigit(c) && c != 'f' && c != 'd') || c == '\n')
2120 scanhex((void *)&adrs);
2127 else if (nidump > MAX_DUMP)
2129 adrs += ppc_inst_dump(adrs, nidump, 1);
2131 } else if (c == 'l') {
2133 } else if (c == 'r') {
2137 xmon_rawdump(adrs, ndump);
2144 else if (ndump > MAX_DUMP)
2146 prdump(adrs, ndump);
2153 prdump(unsigned long adrs, long ndump)
2155 long n, m, c, r, nr;
2156 unsigned char temp[16];
2158 for (n = ndump; n > 0;) {
2162 nr = mread(adrs, temp, r);
2164 for (m = 0; m < r; ++m) {
2165 if ((m & (sizeof(long) - 1)) == 0 && m > 0)
2168 printf("%.2x", temp[m]);
2170 printf("%s", fault_chars[fault_type]);
2172 for (; m < 16; ++m) {
2173 if ((m & (sizeof(long) - 1)) == 0)
2178 for (m = 0; m < r; ++m) {
2181 putchar(' ' <= c && c <= '~'? c: '.');
2194 typedef int (*instruction_dump_func)(unsigned long inst, unsigned long addr);
2197 generic_inst_dump(unsigned long adr, long count, int praddr,
2198 instruction_dump_func dump_func)
2201 unsigned long first_adr;
2202 unsigned long inst, last_inst = 0;
2203 unsigned char val[4];
2206 for (first_adr = adr; count > 0; --count, adr += 4) {
2207 nr = mread(adr, val, 4);
2210 const char *x = fault_chars[fault_type];
2211 printf(REG" %s%s%s%s\n", adr, x, x, x, x);
2215 inst = GETWORD(val);
2216 if (adr > first_adr && inst == last_inst) {
2226 printf(REG" %.8x", adr, inst);
2228 dump_func(inst, adr);
2231 return adr - first_adr;
2235 ppc_inst_dump(unsigned long adr, long count, int praddr)
2237 return generic_inst_dump(adr, count, praddr, print_insn_powerpc);
2241 print_address(unsigned long addr)
2243 xmon_print_symbol(addr, "\t# ", "");
2249 struct kmsg_dumper dumper = { .active = 1 };
2250 unsigned char buf[128];
2253 if (setjmp(bus_error_jmp) != 0) {
2254 printf("Error dumping printk buffer!\n");
2258 catch_memory_errors = 1;
2261 kmsg_dump_rewind_nolock(&dumper);
2262 while (kmsg_dump_get_line_nolock(&dumper, false, buf, sizeof(buf), &len)) {
2268 /* wait a little while to see if we get a machine check */
2270 catch_memory_errors = 0;
2274 * Memory operations - move, set, print differences
2276 static unsigned long mdest; /* destination address */
2277 static unsigned long msrc; /* source address */
2278 static unsigned long mval; /* byte value to set memory to */
2279 static unsigned long mcount; /* # bytes to affect */
2280 static unsigned long mdiffs; /* max # differences to print */
2285 scanhex((void *)&mdest);
2286 if( termch != '\n' )
2288 scanhex((void *)(cmd == 's'? &mval: &msrc));
2289 if( termch != '\n' )
2291 scanhex((void *)&mcount);
2294 memmove((void *)mdest, (void *)msrc, mcount);
2297 memset((void *)mdest, mval, mcount);
2300 if( termch != '\n' )
2302 scanhex((void *)&mdiffs);
2303 memdiffs((unsigned char *)mdest, (unsigned char *)msrc, mcount, mdiffs);
2309 memdiffs(unsigned char *p1, unsigned char *p2, unsigned nb, unsigned maxpr)
2314 for( n = nb; n > 0; --n )
2315 if( *p1++ != *p2++ )
2316 if( ++prt <= maxpr )
2317 printf("%.16x %.2x # %.16x %.2x\n", p1 - 1,
2318 p1[-1], p2 - 1, p2[-1]);
2320 printf("Total of %d differences\n", prt);
2323 static unsigned mend;
2324 static unsigned mask;
2330 unsigned char val[4];
2333 scanhex((void *)&mdest);
2334 if (termch != '\n') {
2336 scanhex((void *)&mend);
2337 if (termch != '\n') {
2339 scanhex((void *)&mval);
2341 if (termch != '\n') termch = 0;
2342 scanhex((void *)&mask);
2346 for (a = mdest; a < mend; a += 4) {
2347 if (mread(a, val, 4) == 4
2348 && ((GETWORD(val) ^ mval) & mask) == 0) {
2349 printf("%.16x: %.16x\n", a, GETWORD(val));
2356 static unsigned long mskip = 0x1000;
2357 static unsigned long mlim = 0xffffffff;
2367 if (termch != '\n') termch = 0;
2369 if (termch != '\n') termch = 0;
2372 for (a = mdest; a < mlim; a += mskip) {
2373 ok = mread(a, &v, 1);
2375 printf("%.8x .. ", a);
2376 } else if (!ok && ook)
2377 printf("%.8x\n", a - mskip);
2383 printf("%.8x\n", a - mskip);
2386 static void proccall(void)
2388 unsigned long args[8];
2391 typedef unsigned long (*callfunc_t)(unsigned long, unsigned long,
2392 unsigned long, unsigned long, unsigned long,
2393 unsigned long, unsigned long, unsigned long);
2396 if (!scanhex(&adrs))
2400 for (i = 0; i < 8; ++i)
2402 for (i = 0; i < 8; ++i) {
2403 if (!scanhex(&args[i]) || termch == '\n')
2407 func = (callfunc_t) adrs;
2409 if (setjmp(bus_error_jmp) == 0) {
2410 catch_memory_errors = 1;
2412 ret = func(args[0], args[1], args[2], args[3],
2413 args[4], args[5], args[6], args[7]);
2415 printf("return value is %x\n", ret);
2417 printf("*** %x exception occurred\n", fault_except);
2419 catch_memory_errors = 0;
2422 /* Input scanning routines */
2433 while( c == ' ' || c == '\t' )
2439 static char *regnames[N_PTREGS] = {
2440 "r0", "r1", "r2", "r3", "r4", "r5", "r6", "r7",
2441 "r8", "r9", "r10", "r11", "r12", "r13", "r14", "r15",
2442 "r16", "r17", "r18", "r19", "r20", "r21", "r22", "r23",
2443 "r24", "r25", "r26", "r27", "r28", "r29", "r30", "r31",
2444 "pc", "msr", "or3", "ctr", "lr", "xer", "ccr",
2450 "trap", "dar", "dsisr", "res"
2454 scanhex(unsigned long *vp)
2461 /* parse register name */
2465 for (i = 0; i < sizeof(regname) - 1; ++i) {
2474 for (i = 0; i < N_PTREGS; ++i) {
2475 if (strcmp(regnames[i], regname) == 0) {
2476 if (xmon_regs == NULL) {
2477 printf("regs not available\n");
2480 *vp = ((unsigned long *)xmon_regs)[i];
2484 printf("invalid register name '%%%s'\n", regname);
2488 /* skip leading "0x" if any */
2502 } else if (c == '$') {
2504 for (i=0; i<63; i++) {
2514 if (setjmp(bus_error_jmp) == 0) {
2515 catch_memory_errors = 1;
2517 *vp = kallsyms_lookup_name(tmpstr);
2520 catch_memory_errors = 0;
2522 printf("unknown symbol '%s'\n", tmpstr);
2555 static int hexdigit(int c)
2557 if( '0' <= c && c <= '9' )
2559 if( 'A' <= c && c <= 'F' )
2560 return c - ('A' - 10);
2561 if( 'a' <= c && c <= 'f' )
2562 return c - ('a' - 10);
2567 getstring(char *s, int size)
2578 } while( c != ' ' && c != '\t' && c != '\n' );
2583 static char line[256];
2584 static char *lineptr;
2595 if (lineptr == NULL || *lineptr == 0) {
2596 if (xmon_gets(line, sizeof(line)) == NULL) {
2606 take_input(char *str)
2615 int type = inchar();
2617 static char tmp[64];
2622 xmon_print_symbol(addr, ": ", "\n");
2627 if (setjmp(bus_error_jmp) == 0) {
2628 catch_memory_errors = 1;
2630 addr = kallsyms_lookup_name(tmp);
2632 printf("%s: %lx\n", tmp, addr);
2634 printf("Symbol '%s' not found.\n", tmp);
2637 catch_memory_errors = 0;
2644 /* Print an address in numeric and symbolic form (if possible) */
2645 static void xmon_print_symbol(unsigned long address, const char *mid,
2649 const char *name = NULL;
2650 unsigned long offset, size;
2652 printf(REG, address);
2653 if (setjmp(bus_error_jmp) == 0) {
2654 catch_memory_errors = 1;
2656 name = kallsyms_lookup(address, &size, &offset, &modname,
2659 /* wait a little while to see if we get a machine check */
2663 catch_memory_errors = 0;
2666 printf("%s%s+%#lx/%#lx", mid, name, offset, size);
2668 printf(" [%s]", modname);
2670 printf("%s", after);
2673 #ifdef CONFIG_PPC_BOOK3S_64
2674 static void dump_slb(void)
2677 unsigned long esid,vsid,valid;
2680 printf("SLB contents of cpu %x\n", smp_processor_id());
2682 for (i = 0; i < mmu_slb_size; i++) {
2683 asm volatile("slbmfee %0,%1" : "=r" (esid) : "r" (i));
2684 asm volatile("slbmfev %0,%1" : "=r" (vsid) : "r" (i));
2685 valid = (esid & SLB_ESID_V);
2686 if (valid | esid | vsid) {
2687 printf("%02d %016lx %016lx", i, esid, vsid);
2689 llp = vsid & SLB_VSID_LLP;
2690 if (vsid & SLB_VSID_B_1T) {
2691 printf(" 1T ESID=%9lx VSID=%13lx LLP:%3lx \n",
2693 (vsid & ~SLB_VSID_B) >> SLB_VSID_SHIFT_1T,
2696 printf(" 256M ESID=%9lx VSID=%13lx LLP:%3lx \n",
2698 (vsid & ~SLB_VSID_B) >> SLB_VSID_SHIFT,
2707 static void dump_stab(void)
2710 unsigned long *tmp = (unsigned long *)local_paca->stab_addr;
2712 printf("Segment table contents of cpu %x\n", smp_processor_id());
2714 for (i = 0; i < PAGE_SIZE/16; i++) {
2721 printf("%03d %016lx ", i, a);
2722 printf("%016lx\n", b);
2727 void dump_segments(void)
2729 if (mmu_has_feature(MMU_FTR_SLB))
2736 #ifdef CONFIG_PPC_STD_MMU_32
2737 void dump_segments(void)
2742 for (i = 0; i < 16; ++i)
2743 printf(" %x", mfsrin(i));
2749 static void dump_tlb_44x(void)
2753 for (i = 0; i < PPC44x_TLB_SIZE; i++) {
2754 unsigned long w0,w1,w2;
2755 asm volatile("tlbre %0,%1,0" : "=r" (w0) : "r" (i));
2756 asm volatile("tlbre %0,%1,1" : "=r" (w1) : "r" (i));
2757 asm volatile("tlbre %0,%1,2" : "=r" (w2) : "r" (i));
2758 printf("[%02x] %08x %08x %08x ", i, w0, w1, w2);
2759 if (w0 & PPC44x_TLB_VALID) {
2760 printf("V %08x -> %01x%08x %c%c%c%c%c",
2761 w0 & PPC44x_TLB_EPN_MASK,
2762 w1 & PPC44x_TLB_ERPN_MASK,
2763 w1 & PPC44x_TLB_RPN_MASK,
2764 (w2 & PPC44x_TLB_W) ? 'W' : 'w',
2765 (w2 & PPC44x_TLB_I) ? 'I' : 'i',
2766 (w2 & PPC44x_TLB_M) ? 'M' : 'm',
2767 (w2 & PPC44x_TLB_G) ? 'G' : 'g',
2768 (w2 & PPC44x_TLB_E) ? 'E' : 'e');
2773 #endif /* CONFIG_44x */
2775 #ifdef CONFIG_PPC_BOOK3E
2776 static void dump_tlb_book3e(void)
2778 u32 mmucfg, pidmask, lpidmask;
2780 int i, tlb, ntlbs, pidsz, lpidsz, rasz, lrat = 0;
2782 static const char *pgsz_names[] = {
2817 /* Gather some infos about the MMU */
2818 mmucfg = mfspr(SPRN_MMUCFG);
2819 mmu_version = (mmucfg & 3) + 1;
2820 ntlbs = ((mmucfg >> 2) & 3) + 1;
2821 pidsz = ((mmucfg >> 6) & 0x1f) + 1;
2822 lpidsz = (mmucfg >> 24) & 0xf;
2823 rasz = (mmucfg >> 16) & 0x7f;
2824 if ((mmu_version > 1) && (mmucfg & 0x10000))
2826 printf("Book3E MMU MAV=%d.0,%d TLBs,%d-bit PID,%d-bit LPID,%d-bit RA\n",
2827 mmu_version, ntlbs, pidsz, lpidsz, rasz);
2828 pidmask = (1ul << pidsz) - 1;
2829 lpidmask = (1ul << lpidsz) - 1;
2830 ramask = (1ull << rasz) - 1;
2832 for (tlb = 0; tlb < ntlbs; tlb++) {
2834 int nent, assoc, new_cc = 1;
2835 printf("TLB %d:\n------\n", tlb);
2838 tlbcfg = mfspr(SPRN_TLB0CFG);
2841 tlbcfg = mfspr(SPRN_TLB1CFG);
2844 tlbcfg = mfspr(SPRN_TLB2CFG);
2847 tlbcfg = mfspr(SPRN_TLB3CFG);
2850 printf("Unsupported TLB number !\n");
2853 nent = tlbcfg & 0xfff;
2854 assoc = (tlbcfg >> 24) & 0xff;
2855 for (i = 0; i < nent; i++) {
2856 u32 mas0 = MAS0_TLBSEL(tlb);
2857 u32 mas1 = MAS1_TSIZE(BOOK3E_PAGESZ_4K);
2860 int esel = i, cc = i;
2868 mas0 |= MAS0_ESEL(esel);
2869 mtspr(SPRN_MAS0, mas0);
2870 mtspr(SPRN_MAS1, mas1);
2871 mtspr(SPRN_MAS2, mas2);
2872 asm volatile("tlbre 0,0,0" : : : "memory");
2873 mas1 = mfspr(SPRN_MAS1);
2874 mas2 = mfspr(SPRN_MAS2);
2875 mas7_mas3 = mfspr(SPRN_MAS7_MAS3);
2876 if (assoc && (i % assoc) == 0)
2878 if (!(mas1 & MAS1_VALID))
2881 printf("%04x- ", i);
2883 printf("%04x-%c", cc, 'A' + esel);
2885 printf(" |%c", 'A' + esel);
2887 printf(" %016llx %04x %s %c%c AS%c",
2889 (mas1 >> 16) & 0x3fff,
2890 pgsz_names[(mas1 >> 7) & 0x1f],
2891 mas1 & MAS1_IND ? 'I' : ' ',
2892 mas1 & MAS1_IPROT ? 'P' : ' ',
2893 mas1 & MAS1_TS ? '1' : '0');
2894 printf(" %c%c%c%c%c%c%c",
2895 mas2 & MAS2_X0 ? 'a' : ' ',
2896 mas2 & MAS2_X1 ? 'v' : ' ',
2897 mas2 & MAS2_W ? 'w' : ' ',
2898 mas2 & MAS2_I ? 'i' : ' ',
2899 mas2 & MAS2_M ? 'm' : ' ',
2900 mas2 & MAS2_G ? 'g' : ' ',
2901 mas2 & MAS2_E ? 'e' : ' ');
2902 printf(" %016llx", mas7_mas3 & ramask & ~0x7ffull);
2903 if (mas1 & MAS1_IND)
2905 pgsz_names[(mas7_mas3 >> 1) & 0x1f]);
2907 printf(" U%c%c%c S%c%c%c\n",
2908 mas7_mas3 & MAS3_UX ? 'x' : ' ',
2909 mas7_mas3 & MAS3_UW ? 'w' : ' ',
2910 mas7_mas3 & MAS3_UR ? 'r' : ' ',
2911 mas7_mas3 & MAS3_SX ? 'x' : ' ',
2912 mas7_mas3 & MAS3_SW ? 'w' : ' ',
2913 mas7_mas3 & MAS3_SR ? 'r' : ' ');
2917 #endif /* CONFIG_PPC_BOOK3E */
2919 static void xmon_init(int enable)
2923 __debugger_ipi = xmon_ipi;
2924 __debugger_bpt = xmon_bpt;
2925 __debugger_sstep = xmon_sstep;
2926 __debugger_iabr_match = xmon_iabr_match;
2927 __debugger_break_match = xmon_break_match;
2928 __debugger_fault_handler = xmon_fault_handler;
2931 __debugger_ipi = NULL;
2932 __debugger_bpt = NULL;
2933 __debugger_sstep = NULL;
2934 __debugger_iabr_match = NULL;
2935 __debugger_break_match = NULL;
2936 __debugger_fault_handler = NULL;
2940 #ifdef CONFIG_MAGIC_SYSRQ
2941 static void sysrq_handle_xmon(int key)
2943 /* ensure xmon is enabled */
2945 debugger(get_irq_regs());
2948 static struct sysrq_key_op sysrq_xmon_op = {
2949 .handler = sysrq_handle_xmon,
2951 .action_msg = "Entering xmon",
2954 static int __init setup_xmon_sysrq(void)
2956 register_sysrq_key('x', &sysrq_xmon_op);
2959 __initcall(setup_xmon_sysrq);
2960 #endif /* CONFIG_MAGIC_SYSRQ */
2962 static int __initdata xmon_early, xmon_off;
2964 static int __init early_parse_xmon(char *p)
2966 if (!p || strncmp(p, "early", 5) == 0) {
2967 /* just "xmon" is equivalent to "xmon=early" */
2970 } else if (strncmp(p, "on", 2) == 0)
2972 else if (strncmp(p, "off", 3) == 0)
2974 else if (strncmp(p, "nobt", 4) == 0)
2975 xmon_no_auto_backtrace = 1;
2981 early_param("xmon", early_parse_xmon);
2983 void __init xmon_setup(void)
2985 #ifdef CONFIG_XMON_DEFAULT
2993 #ifdef CONFIG_SPU_BASE
2997 u64 saved_mfc_sr1_RW;
2998 u32 saved_spu_runcntl_RW;
2999 unsigned long dump_addr;
3003 #define XMON_NUM_SPUS 16 /* Enough for current hardware */
3005 static struct spu_info spu_info[XMON_NUM_SPUS];
3007 void xmon_register_spus(struct list_head *list)
3011 list_for_each_entry(spu, list, full_list) {
3012 if (spu->number >= XMON_NUM_SPUS) {
3017 spu_info[spu->number].spu = spu;
3018 spu_info[spu->number].stopped_ok = 0;
3019 spu_info[spu->number].dump_addr = (unsigned long)
3020 spu_info[spu->number].spu->local_store;
3024 static void stop_spus(void)
3030 for (i = 0; i < XMON_NUM_SPUS; i++) {
3031 if (!spu_info[i].spu)
3034 if (setjmp(bus_error_jmp) == 0) {
3035 catch_memory_errors = 1;
3038 spu = spu_info[i].spu;
3040 spu_info[i].saved_spu_runcntl_RW =
3041 in_be32(&spu->problem->spu_runcntl_RW);
3043 tmp = spu_mfc_sr1_get(spu);
3044 spu_info[i].saved_mfc_sr1_RW = tmp;
3046 tmp &= ~MFC_STATE1_MASTER_RUN_CONTROL_MASK;
3047 spu_mfc_sr1_set(spu, tmp);
3052 spu_info[i].stopped_ok = 1;
3054 printf("Stopped spu %.2d (was %s)\n", i,
3055 spu_info[i].saved_spu_runcntl_RW ?
3056 "running" : "stopped");
3058 catch_memory_errors = 0;
3059 printf("*** Error stopping spu %.2d\n", i);
3061 catch_memory_errors = 0;
3065 static void restart_spus(void)
3070 for (i = 0; i < XMON_NUM_SPUS; i++) {
3071 if (!spu_info[i].spu)
3074 if (!spu_info[i].stopped_ok) {
3075 printf("*** Error, spu %d was not successfully stopped"
3076 ", not restarting\n", i);
3080 if (setjmp(bus_error_jmp) == 0) {
3081 catch_memory_errors = 1;
3084 spu = spu_info[i].spu;
3085 spu_mfc_sr1_set(spu, spu_info[i].saved_mfc_sr1_RW);
3086 out_be32(&spu->problem->spu_runcntl_RW,
3087 spu_info[i].saved_spu_runcntl_RW);
3092 printf("Restarted spu %.2d\n", i);
3094 catch_memory_errors = 0;
3095 printf("*** Error restarting spu %.2d\n", i);
3097 catch_memory_errors = 0;
3101 #define DUMP_WIDTH 23
3102 #define DUMP_VALUE(format, field, value) \
3104 if (setjmp(bus_error_jmp) == 0) { \
3105 catch_memory_errors = 1; \
3107 printf(" %-*s = "format"\n", DUMP_WIDTH, \
3112 catch_memory_errors = 0; \
3113 printf(" %-*s = *** Error reading field.\n", \
3114 DUMP_WIDTH, #field); \
3116 catch_memory_errors = 0; \
3119 #define DUMP_FIELD(obj, format, field) \
3120 DUMP_VALUE(format, field, obj->field)
3122 static void dump_spu_fields(struct spu *spu)
3124 printf("Dumping spu fields at address %p:\n", spu);
3126 DUMP_FIELD(spu, "0x%x", number);
3127 DUMP_FIELD(spu, "%s", name);
3128 DUMP_FIELD(spu, "0x%lx", local_store_phys);
3129 DUMP_FIELD(spu, "0x%p", local_store);
3130 DUMP_FIELD(spu, "0x%lx", ls_size);
3131 DUMP_FIELD(spu, "0x%x", node);
3132 DUMP_FIELD(spu, "0x%lx", flags);
3133 DUMP_FIELD(spu, "%d", class_0_pending);
3134 DUMP_FIELD(spu, "0x%lx", class_0_dar);
3135 DUMP_FIELD(spu, "0x%lx", class_1_dar);
3136 DUMP_FIELD(spu, "0x%lx", class_1_dsisr);
3137 DUMP_FIELD(spu, "0x%lx", irqs[0]);
3138 DUMP_FIELD(spu, "0x%lx", irqs[1]);
3139 DUMP_FIELD(spu, "0x%lx", irqs[2]);
3140 DUMP_FIELD(spu, "0x%x", slb_replace);
3141 DUMP_FIELD(spu, "%d", pid);
3142 DUMP_FIELD(spu, "0x%p", mm);
3143 DUMP_FIELD(spu, "0x%p", ctx);
3144 DUMP_FIELD(spu, "0x%p", rq);
3145 DUMP_FIELD(spu, "0x%p", timestamp);
3146 DUMP_FIELD(spu, "0x%lx", problem_phys);
3147 DUMP_FIELD(spu, "0x%p", problem);
3148 DUMP_VALUE("0x%x", problem->spu_runcntl_RW,
3149 in_be32(&spu->problem->spu_runcntl_RW));
3150 DUMP_VALUE("0x%x", problem->spu_status_R,
3151 in_be32(&spu->problem->spu_status_R));
3152 DUMP_VALUE("0x%x", problem->spu_npc_RW,
3153 in_be32(&spu->problem->spu_npc_RW));
3154 DUMP_FIELD(spu, "0x%p", priv2);
3155 DUMP_FIELD(spu, "0x%p", pdata);
3159 spu_inst_dump(unsigned long adr, long count, int praddr)
3161 return generic_inst_dump(adr, count, praddr, print_insn_spu);
3164 static void dump_spu_ls(unsigned long num, int subcmd)
3166 unsigned long offset, addr, ls_addr;
3168 if (setjmp(bus_error_jmp) == 0) {
3169 catch_memory_errors = 1;
3171 ls_addr = (unsigned long)spu_info[num].spu->local_store;
3175 catch_memory_errors = 0;
3176 printf("*** Error: accessing spu info for spu %d\n", num);
3179 catch_memory_errors = 0;
3181 if (scanhex(&offset))
3182 addr = ls_addr + offset;
3184 addr = spu_info[num].dump_addr;
3186 if (addr >= ls_addr + LS_SIZE) {
3187 printf("*** Error: address outside of local store\n");
3193 addr += spu_inst_dump(addr, 16, 1);
3203 spu_info[num].dump_addr = addr;
3206 static int do_spu_cmd(void)
3208 static unsigned long num = 0;
3209 int cmd, subcmd = 0;
3221 if (isxdigit(subcmd) || subcmd == '\n')
3225 if (num >= XMON_NUM_SPUS || !spu_info[num].spu) {
3226 printf("*** Error: invalid spu number\n");
3232 dump_spu_fields(spu_info[num].spu);
3235 dump_spu_ls(num, subcmd);
3246 #else /* ! CONFIG_SPU_BASE */
3247 static int do_spu_cmd(void)