2 * Routines providing a simple monitor for use on the PowerMac.
4 * Copyright (C) 1996-2005 Paul Mackerras.
5 * Copyright (C) 2001 PPC64 Team, IBM Corp
6 * Copyrignt (C) 2006 Michael Ellerman, IBM Corp
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version
11 * 2 of the License, or (at your option) any later version.
13 #include <linux/errno.h>
14 #include <linux/sched.h>
15 #include <linux/smp.h>
17 #include <linux/reboot.h>
18 #include <linux/delay.h>
19 #include <linux/kallsyms.h>
20 #include <linux/cpumask.h>
21 #include <linux/export.h>
22 #include <linux/sysrq.h>
23 #include <linux/interrupt.h>
24 #include <linux/irq.h>
25 #include <linux/bug.h>
27 #include <asm/ptrace.h>
28 #include <asm/string.h>
30 #include <asm/machdep.h>
32 #include <asm/processor.h>
33 #include <asm/pgtable.h>
35 #include <asm/mmu_context.h>
36 #include <asm/cputable.h>
38 #include <asm/sstep.h>
39 #include <asm/irq_regs.h>
41 #include <asm/spu_priv1.h>
42 #include <asm/setjmp.h>
46 #include <asm/hvcall.h>
53 #define scanhex xmon_scanhex
54 #define skipbl xmon_skipbl
57 static cpumask_t cpus_in_xmon = CPU_MASK_NONE;
58 static unsigned long xmon_taken = 1;
59 static int xmon_owner;
61 #endif /* CONFIG_SMP */
63 static unsigned long in_xmon __read_mostly = 0;
65 static unsigned long adrs;
67 #define MAX_DUMP (128 * 1024)
68 static unsigned long ndump = 64;
69 static unsigned long nidump = 16;
70 static unsigned long ncsum = 4096;
72 static char tmpstr[128];
74 static long bus_error_jmp[JMP_BUF_LEN];
75 static int catch_memory_errors;
76 static long *xmon_fault_jmp[NR_CPUS];
78 /* Breakpoint stuff */
80 unsigned long address;
81 unsigned int instr[2];
87 /* Bits in bpt.enabled */
88 #define BP_IABR_TE 1 /* IABR translation enabled */
94 static struct bpt bpts[NBPTS];
95 static struct bpt dabr;
96 static struct bpt *iabr;
97 static unsigned bpinstr = 0x7fe00008; /* trap */
99 #define BP_NUM(bp) ((bp) - bpts + 1)
102 static int cmds(struct pt_regs *);
103 static int mread(unsigned long, void *, int);
104 static int mwrite(unsigned long, void *, int);
105 static int handle_fault(struct pt_regs *);
106 static void byterev(unsigned char *, int);
107 static void memex(void);
108 static int bsesc(void);
109 static void dump(void);
110 static void prdump(unsigned long, long);
111 static int ppc_inst_dump(unsigned long, long, int);
112 static void dump_log_buf(void);
113 static void backtrace(struct pt_regs *);
114 static void excprint(struct pt_regs *);
115 static void prregs(struct pt_regs *);
116 static void memops(int);
117 static void memlocate(void);
118 static void memzcan(void);
119 static void memdiffs(unsigned char *, unsigned char *, unsigned, unsigned);
121 int scanhex(unsigned long *valp);
122 static void scannl(void);
123 static int hexdigit(int);
124 void getstring(char *, int);
125 static void flush_input(void);
126 static int inchar(void);
127 static void take_input(char *);
128 static unsigned long read_spr(int);
129 static void write_spr(int, unsigned long);
130 static void super_regs(void);
131 static void remove_bpts(void);
132 static void insert_bpts(void);
133 static void remove_cpu_bpts(void);
134 static void insert_cpu_bpts(void);
135 static struct bpt *at_breakpoint(unsigned long pc);
136 static struct bpt *in_breakpoint_table(unsigned long pc, unsigned long *offp);
137 static int do_step(struct pt_regs *);
138 static void bpt_cmds(void);
139 static void cacheflush(void);
140 static int cpu_cmd(void);
141 static void csum(void);
142 static void bootcmds(void);
143 static void proccall(void);
144 void dump_segments(void);
145 static void symbol_lookup(void);
146 static void xmon_show_stack(unsigned long sp, unsigned long lr,
148 static void xmon_print_symbol(unsigned long address, const char *mid,
150 static const char *getvecname(unsigned long vec);
152 static int do_spu_cmd(void);
155 static void dump_tlb_44x(void);
157 #ifdef CONFIG_PPC_BOOK3E
158 static void dump_tlb_book3e(void);
161 static int xmon_no_auto_backtrace;
163 extern void xmon_enter(void);
164 extern void xmon_leave(void);
168 #define REGS_PER_LINE 4
169 #define LAST_VOLATILE 13
172 #define REGS_PER_LINE 8
173 #define LAST_VOLATILE 12
176 #define GETWORD(v) (((v)[0] << 24) + ((v)[1] << 16) + ((v)[2] << 8) + (v)[3])
178 #define isxdigit(c) (('0' <= (c) && (c) <= '9') \
179 || ('a' <= (c) && (c) <= 'f') \
180 || ('A' <= (c) && (c) <= 'F'))
181 #define isalnum(c) (('0' <= (c) && (c) <= '9') \
182 || ('a' <= (c) && (c) <= 'z') \
183 || ('A' <= (c) && (c) <= 'Z'))
184 #define isspace(c) (c == ' ' || c == '\t' || c == 10 || c == 13 || c == 0)
186 static char *help_string = "\
188 b show breakpoints\n\
189 bd set data breakpoint\n\
190 bi set instruction breakpoint\n\
191 bc clear breakpoint\n"
194 c print cpus stopped in xmon\n\
195 c# try to switch to cpu number h (in hex)\n"
200 di dump instructions\n\
201 df dump float values\n\
202 dd dump double values\n\
203 dl dump the kernel log buffer\n\
204 dr dump stream of raw bytes\n\
205 e print exception information\n\
207 la lookup symbol+offset of specified address\n\
208 ls lookup address of specified symbol\n\
209 m examine/change memory\n\
210 mm move a block of memory\n\
211 ms set a block of memory\n\
212 md compare two blocks of memory\n\
213 ml locate a block of memory\n\
214 mz zero a block of memory\n\
215 mi show information about memory allocation\n\
216 p call a procedure\n\
219 #ifdef CONFIG_SPU_BASE
220 " ss stop execution on all spus\n\
221 sr restore execution on stopped spus\n\
222 sf # dump spu fields for spu # (in hex)\n\
223 sd # dump spu local store for spu # (in hex)\n\
224 sdi # disassemble spu local store for spu # (in hex)\n"
226 " S print special registers\n\
228 x exit monitor and recover\n\
229 X exit monitor and dont recover\n"
230 #if defined(CONFIG_PPC64) && !defined(CONFIG_PPC_BOOK3E)
231 " u dump segment table or SLB\n"
232 #elif defined(CONFIG_PPC_STD_MMU_32)
233 " u dump segment registers\n"
234 #elif defined(CONFIG_44x) || defined(CONFIG_PPC_BOOK3E)
242 static struct pt_regs *xmon_regs;
244 static inline void sync(void)
246 asm volatile("sync; isync");
249 static inline void store_inst(void *p)
251 asm volatile ("dcbst 0,%0; sync; icbi 0,%0; isync" : : "r" (p));
254 static inline void cflush(void *p)
256 asm volatile ("dcbf 0,%0; icbi 0,%0" : : "r" (p));
259 static inline void cinval(void *p)
261 asm volatile ("dcbi 0,%0; icbi 0,%0" : : "r" (p));
265 * Disable surveillance (the service processor watchdog function)
266 * while we are in xmon.
267 * XXX we should re-enable it when we leave. :)
269 #define SURVEILLANCE_TOKEN 9000
271 static inline void disable_surveillance(void)
273 #ifdef CONFIG_PPC_PSERIES
274 /* Since this can't be a module, args should end up below 4GB. */
275 static struct rtas_args args;
278 * At this point we have got all the cpus we can into
279 * xmon, so there is hopefully no other cpu calling RTAS
280 * at the moment, even though we don't take rtas.lock.
281 * If we did try to take rtas.lock there would be a
282 * real possibility of deadlock.
284 args.token = rtas_token("set-indicator");
285 if (args.token == RTAS_UNKNOWN_SERVICE)
289 args.rets = &args.args[3];
290 args.args[0] = SURVEILLANCE_TOKEN;
293 enter_rtas(__pa(&args));
294 #endif /* CONFIG_PPC_PSERIES */
298 static int xmon_speaker;
300 static void get_output_lock(void)
302 int me = smp_processor_id() + 0x100;
303 int last_speaker = 0, prev;
306 if (xmon_speaker == me)
309 if (xmon_speaker == 0) {
310 last_speaker = cmpxchg(&xmon_speaker, 0, me);
311 if (last_speaker == 0)
315 while (xmon_speaker == last_speaker) {
318 /* hostile takeover */
319 prev = cmpxchg(&xmon_speaker, last_speaker, me);
320 if (prev == last_speaker)
327 static void release_output_lock(void)
332 int cpus_are_in_xmon(void)
334 return !cpumask_empty(&cpus_in_xmon);
338 static inline int unrecoverable_excp(struct pt_regs *regs)
340 #if defined(CONFIG_4xx) || defined(CONFIG_PPC_BOOK3E)
341 /* We have no MSR_RI bit on 4xx or Book3e, so we simply return false */
344 return ((regs->msr & MSR_RI) == 0);
348 static int xmon_core(struct pt_regs *regs, int fromipi)
352 long recurse_jmp[JMP_BUF_LEN];
353 unsigned long offset;
358 unsigned long timeout;
361 local_irq_save(flags);
363 bp = in_breakpoint_table(regs->nip, &offset);
365 regs->nip = bp->address + offset;
366 atomic_dec(&bp->ref_count);
372 cpu = smp_processor_id();
373 if (cpumask_test_cpu(cpu, &cpus_in_xmon)) {
376 printf("cpu 0x%x: Exception %lx %s in xmon, "
377 "returning to main loop\n",
378 cpu, regs->trap, getvecname(TRAP(regs)));
379 release_output_lock();
380 longjmp(xmon_fault_jmp[cpu], 1);
383 if (setjmp(recurse_jmp) != 0) {
384 if (!in_xmon || !xmon_gate) {
386 printf("xmon: WARNING: bad recursive fault "
387 "on cpu 0x%x\n", cpu);
388 release_output_lock();
391 secondary = !(xmon_taken && cpu == xmon_owner);
395 xmon_fault_jmp[cpu] = recurse_jmp;
396 cpumask_set_cpu(cpu, &cpus_in_xmon);
399 if ((regs->msr & (MSR_IR|MSR_PR|MSR_64BIT)) == (MSR_IR|MSR_64BIT))
400 bp = at_breakpoint(regs->nip);
401 if (bp || unrecoverable_excp(regs))
408 printf("cpu 0x%x stopped at breakpoint 0x%x (",
410 xmon_print_symbol(regs->nip, " ", ")\n");
412 if (unrecoverable_excp(regs))
413 printf("WARNING: exception is not recoverable, "
415 release_output_lock();
420 while (secondary && !xmon_gate) {
424 secondary = test_and_set_bit(0, &in_xmon);
429 if (!secondary && !xmon_gate) {
430 /* we are the first cpu to come in */
431 /* interrupt other cpu(s) */
432 int ncpus = num_online_cpus();
437 smp_send_debugger_break();
438 /* wait for other cpus to come in */
439 for (timeout = 100000000; timeout != 0; --timeout) {
440 if (cpumask_weight(&cpus_in_xmon) >= ncpus)
446 disable_surveillance();
447 /* for breakpoint or single step, print the current instr. */
448 if (bp || TRAP(regs) == 0xd00)
449 ppc_inst_dump(regs->nip, 1, 0);
450 printf("enter ? for help\n");
459 if (cpu == xmon_owner) {
460 if (!test_and_set_bit(0, &xmon_taken)) {
465 while (cpu == xmon_owner)
479 /* have switched to some other cpu */
484 cpumask_clear_cpu(cpu, &cpus_in_xmon);
485 xmon_fault_jmp[cpu] = NULL;
487 /* UP is simple... */
489 printf("Exception %lx %s in xmon, returning to main loop\n",
490 regs->trap, getvecname(TRAP(regs)));
491 longjmp(xmon_fault_jmp[0], 1);
493 if (setjmp(recurse_jmp) == 0) {
494 xmon_fault_jmp[0] = recurse_jmp;
498 bp = at_breakpoint(regs->nip);
500 printf("Stopped at breakpoint %x (", BP_NUM(bp));
501 xmon_print_symbol(regs->nip, " ", ")\n");
503 if (unrecoverable_excp(regs))
504 printf("WARNING: exception is not recoverable, "
507 disable_surveillance();
508 /* for breakpoint or single step, print the current instr. */
509 if (bp || TRAP(regs) == 0xd00)
510 ppc_inst_dump(regs->nip, 1, 0);
511 printf("enter ? for help\n");
521 if (regs->msr & MSR_DE) {
522 bp = at_breakpoint(regs->nip);
524 regs->nip = (unsigned long) &bp->instr[0];
525 atomic_inc(&bp->ref_count);
529 if ((regs->msr & (MSR_IR|MSR_PR|MSR_64BIT)) == (MSR_IR|MSR_64BIT)) {
530 bp = at_breakpoint(regs->nip);
532 int stepped = emulate_step(regs, bp->instr[0]);
534 regs->nip = (unsigned long) &bp->instr[0];
535 atomic_inc(&bp->ref_count);
536 } else if (stepped < 0) {
537 printf("Couldn't single-step %s instruction\n",
538 (IS_RFID(bp->instr[0])? "rfid": "mtmsrd"));
545 local_irq_restore(flags);
547 return cmd != 'X' && cmd != EOF;
550 int xmon(struct pt_regs *excp)
555 ppc_save_regs(®s);
559 return xmon_core(excp, 0);
563 irqreturn_t xmon_irq(int irq, void *d)
566 local_irq_save(flags);
567 printf("Keyboard interrupt\n");
568 xmon(get_irq_regs());
569 local_irq_restore(flags);
573 static int xmon_bpt(struct pt_regs *regs)
576 unsigned long offset;
578 if ((regs->msr & (MSR_IR|MSR_PR|MSR_64BIT)) != (MSR_IR|MSR_64BIT))
581 /* Are we at the trap at bp->instr[1] for some bp? */
582 bp = in_breakpoint_table(regs->nip, &offset);
583 if (bp != NULL && offset == 4) {
584 regs->nip = bp->address + 4;
585 atomic_dec(&bp->ref_count);
589 /* Are we at a breakpoint? */
590 bp = at_breakpoint(regs->nip);
599 static int xmon_sstep(struct pt_regs *regs)
607 static int xmon_dabr_match(struct pt_regs *regs)
609 if ((regs->msr & (MSR_IR|MSR_PR|MSR_64BIT)) != (MSR_IR|MSR_64BIT))
611 if (dabr.enabled == 0)
617 static int xmon_iabr_match(struct pt_regs *regs)
619 if ((regs->msr & (MSR_IR|MSR_PR|MSR_64BIT)) != (MSR_IR|MSR_64BIT))
627 static int xmon_ipi(struct pt_regs *regs)
630 if (in_xmon && !cpumask_test_cpu(smp_processor_id(), &cpus_in_xmon))
636 static int xmon_fault_handler(struct pt_regs *regs)
639 unsigned long offset;
641 if (in_xmon && catch_memory_errors)
642 handle_fault(regs); /* doesn't return */
644 if ((regs->msr & (MSR_IR|MSR_PR|MSR_64BIT)) == (MSR_IR|MSR_64BIT)) {
645 bp = in_breakpoint_table(regs->nip, &offset);
647 regs->nip = bp->address + offset;
648 atomic_dec(&bp->ref_count);
655 static struct bpt *at_breakpoint(unsigned long pc)
661 for (i = 0; i < NBPTS; ++i, ++bp)
662 if (bp->enabled && pc == bp->address)
667 static struct bpt *in_breakpoint_table(unsigned long nip, unsigned long *offp)
671 off = nip - (unsigned long) bpts;
672 if (off >= sizeof(bpts))
674 off %= sizeof(struct bpt);
675 if (off != offsetof(struct bpt, instr[0])
676 && off != offsetof(struct bpt, instr[1]))
678 *offp = off - offsetof(struct bpt, instr[0]);
679 return (struct bpt *) (nip - off);
682 static struct bpt *new_breakpoint(unsigned long a)
687 bp = at_breakpoint(a);
691 for (bp = bpts; bp < &bpts[NBPTS]; ++bp) {
692 if (!bp->enabled && atomic_read(&bp->ref_count) == 0) {
694 bp->instr[1] = bpinstr;
695 store_inst(&bp->instr[1]);
700 printf("Sorry, no free breakpoints. Please clear one first.\n");
704 static void insert_bpts(void)
710 for (i = 0; i < NBPTS; ++i, ++bp) {
711 if ((bp->enabled & (BP_TRAP|BP_IABR)) == 0)
713 if (mread(bp->address, &bp->instr[0], 4) != 4) {
714 printf("Couldn't read instruction at %lx, "
715 "disabling breakpoint there\n", bp->address);
719 if (IS_MTMSRD(bp->instr[0]) || IS_RFID(bp->instr[0])) {
720 printf("Breakpoint at %lx is on an mtmsrd or rfid "
721 "instruction, disabling it\n", bp->address);
725 store_inst(&bp->instr[0]);
726 if (bp->enabled & BP_IABR)
728 if (mwrite(bp->address, &bpinstr, 4) != 4) {
729 printf("Couldn't write instruction at %lx, "
730 "disabling breakpoint there\n", bp->address);
731 bp->enabled &= ~BP_TRAP;
734 store_inst((void *)bp->address);
738 static void insert_cpu_bpts(void)
741 set_dabr(dabr.address | (dabr.enabled & 7));
742 if (iabr && cpu_has_feature(CPU_FTR_IABR))
743 mtspr(SPRN_IABR, iabr->address
744 | (iabr->enabled & (BP_IABR|BP_IABR_TE)));
747 static void remove_bpts(void)
754 for (i = 0; i < NBPTS; ++i, ++bp) {
755 if ((bp->enabled & (BP_TRAP|BP_IABR)) != BP_TRAP)
757 if (mread(bp->address, &instr, 4) == 4
759 && mwrite(bp->address, &bp->instr, 4) != 4)
760 printf("Couldn't remove breakpoint at %lx\n",
763 store_inst((void *)bp->address);
767 static void remove_cpu_bpts(void)
770 if (cpu_has_feature(CPU_FTR_IABR))
774 /* Command interpreting routine */
775 static char *last_cmd;
778 cmds(struct pt_regs *excp)
785 if (!xmon_no_auto_backtrace) {
786 xmon_no_auto_backtrace = 1;
787 xmon_show_stack(excp->gpr[1], excp->link, excp->nip);
792 printf("%x:", smp_processor_id());
793 #endif /* CONFIG_SMP */
799 if (last_cmd == NULL)
801 take_input(last_cmd);
835 prregs(excp); /* print regs */
850 if (do_spu_cmd() == 0)
859 printf(" <no input ...>\n");
863 xmon_puts(help_string);
881 #ifdef CONFIG_PPC_STD_MMU
885 #elif defined(CONFIG_4xx)
889 #elif defined(CONFIG_PPC_BOOK3E)
895 printf("Unrecognized command: ");
897 if (' ' < cmd && cmd <= '~')
900 printf("\\x%x", cmd);
902 } while (cmd != '\n');
903 printf(" (type ? for help)\n");
910 static int do_step(struct pt_regs *regs)
913 mtspr(SPRN_DBCR0, mfspr(SPRN_DBCR0) | DBCR0_IC | DBCR0_IDM);
918 * Step a single instruction.
919 * Some instructions we emulate, others we execute with MSR_SE set.
921 static int do_step(struct pt_regs *regs)
926 /* check we are in 64-bit kernel mode, translation enabled */
927 if ((regs->msr & (MSR_64BIT|MSR_PR|MSR_IR)) == (MSR_64BIT|MSR_IR)) {
928 if (mread(regs->nip, &instr, 4) == 4) {
929 stepped = emulate_step(regs, instr);
931 printf("Couldn't single-step %s instruction\n",
932 (IS_RFID(instr)? "rfid": "mtmsrd"));
936 regs->trap = 0xd00 | (regs->trap & 1);
937 printf("stepped to ");
938 xmon_print_symbol(regs->nip, " ", "\n");
939 ppc_inst_dump(regs->nip, 1, 0);
949 static void bootcmds(void)
955 ppc_md.restart(NULL);
962 static int cpu_cmd(void)
969 if (!scanhex(&cpu)) {
970 /* print cpus waiting or in xmon */
971 printf("cpus stopped:");
973 for (cpu = 0; cpu < NR_CPUS; ++cpu) {
974 if (cpumask_test_cpu(cpu, &cpus_in_xmon)) {
980 printf("-%x", cpu - 1);
985 printf("-%x", NR_CPUS - 1);
989 /* try to switch to cpu specified */
990 if (!cpumask_test_cpu(cpu, &cpus_in_xmon)) {
991 printf("cpu 0x%x isn't in xmon\n", cpu);
998 while (!xmon_taken) {
999 if (--timeout == 0) {
1000 if (test_and_set_bit(0, &xmon_taken))
1002 /* take control back */
1004 xmon_owner = smp_processor_id();
1005 printf("cpu %u didn't take control\n", cpu);
1013 #endif /* CONFIG_SMP */
1016 static unsigned short fcstab[256] = {
1017 0x0000, 0x1189, 0x2312, 0x329b, 0x4624, 0x57ad, 0x6536, 0x74bf,
1018 0x8c48, 0x9dc1, 0xaf5a, 0xbed3, 0xca6c, 0xdbe5, 0xe97e, 0xf8f7,
1019 0x1081, 0x0108, 0x3393, 0x221a, 0x56a5, 0x472c, 0x75b7, 0x643e,
1020 0x9cc9, 0x8d40, 0xbfdb, 0xae52, 0xdaed, 0xcb64, 0xf9ff, 0xe876,
1021 0x2102, 0x308b, 0x0210, 0x1399, 0x6726, 0x76af, 0x4434, 0x55bd,
1022 0xad4a, 0xbcc3, 0x8e58, 0x9fd1, 0xeb6e, 0xfae7, 0xc87c, 0xd9f5,
1023 0x3183, 0x200a, 0x1291, 0x0318, 0x77a7, 0x662e, 0x54b5, 0x453c,
1024 0xbdcb, 0xac42, 0x9ed9, 0x8f50, 0xfbef, 0xea66, 0xd8fd, 0xc974,
1025 0x4204, 0x538d, 0x6116, 0x709f, 0x0420, 0x15a9, 0x2732, 0x36bb,
1026 0xce4c, 0xdfc5, 0xed5e, 0xfcd7, 0x8868, 0x99e1, 0xab7a, 0xbaf3,
1027 0x5285, 0x430c, 0x7197, 0x601e, 0x14a1, 0x0528, 0x37b3, 0x263a,
1028 0xdecd, 0xcf44, 0xfddf, 0xec56, 0x98e9, 0x8960, 0xbbfb, 0xaa72,
1029 0x6306, 0x728f, 0x4014, 0x519d, 0x2522, 0x34ab, 0x0630, 0x17b9,
1030 0xef4e, 0xfec7, 0xcc5c, 0xddd5, 0xa96a, 0xb8e3, 0x8a78, 0x9bf1,
1031 0x7387, 0x620e, 0x5095, 0x411c, 0x35a3, 0x242a, 0x16b1, 0x0738,
1032 0xffcf, 0xee46, 0xdcdd, 0xcd54, 0xb9eb, 0xa862, 0x9af9, 0x8b70,
1033 0x8408, 0x9581, 0xa71a, 0xb693, 0xc22c, 0xd3a5, 0xe13e, 0xf0b7,
1034 0x0840, 0x19c9, 0x2b52, 0x3adb, 0x4e64, 0x5fed, 0x6d76, 0x7cff,
1035 0x9489, 0x8500, 0xb79b, 0xa612, 0xd2ad, 0xc324, 0xf1bf, 0xe036,
1036 0x18c1, 0x0948, 0x3bd3, 0x2a5a, 0x5ee5, 0x4f6c, 0x7df7, 0x6c7e,
1037 0xa50a, 0xb483, 0x8618, 0x9791, 0xe32e, 0xf2a7, 0xc03c, 0xd1b5,
1038 0x2942, 0x38cb, 0x0a50, 0x1bd9, 0x6f66, 0x7eef, 0x4c74, 0x5dfd,
1039 0xb58b, 0xa402, 0x9699, 0x8710, 0xf3af, 0xe226, 0xd0bd, 0xc134,
1040 0x39c3, 0x284a, 0x1ad1, 0x0b58, 0x7fe7, 0x6e6e, 0x5cf5, 0x4d7c,
1041 0xc60c, 0xd785, 0xe51e, 0xf497, 0x8028, 0x91a1, 0xa33a, 0xb2b3,
1042 0x4a44, 0x5bcd, 0x6956, 0x78df, 0x0c60, 0x1de9, 0x2f72, 0x3efb,
1043 0xd68d, 0xc704, 0xf59f, 0xe416, 0x90a9, 0x8120, 0xb3bb, 0xa232,
1044 0x5ac5, 0x4b4c, 0x79d7, 0x685e, 0x1ce1, 0x0d68, 0x3ff3, 0x2e7a,
1045 0xe70e, 0xf687, 0xc41c, 0xd595, 0xa12a, 0xb0a3, 0x8238, 0x93b1,
1046 0x6b46, 0x7acf, 0x4854, 0x59dd, 0x2d62, 0x3ceb, 0x0e70, 0x1ff9,
1047 0xf78f, 0xe606, 0xd49d, 0xc514, 0xb1ab, 0xa022, 0x92b9, 0x8330,
1048 0x7bc7, 0x6a4e, 0x58d5, 0x495c, 0x3de3, 0x2c6a, 0x1ef1, 0x0f78
1051 #define FCS(fcs, c) (((fcs) >> 8) ^ fcstab[((fcs) ^ (c)) & 0xff])
1060 if (!scanhex(&adrs))
1062 if (!scanhex(&ncsum))
1065 for (i = 0; i < ncsum; ++i) {
1066 if (mread(adrs+i, &v, 1) == 0) {
1067 printf("csum stopped at %x\n", adrs+i);
1072 printf("%x\n", fcs);
1076 * Check if this is a suitable place to put a breakpoint.
1078 static long check_bp_loc(unsigned long addr)
1083 if (!is_kernel_addr(addr)) {
1084 printf("Breakpoints may only be placed at kernel addresses\n");
1087 if (!mread(addr, &instr, sizeof(instr))) {
1088 printf("Can't read instruction at address %lx\n", addr);
1091 if (IS_MTMSRD(instr) || IS_RFID(instr)) {
1092 printf("Breakpoints may not be placed on mtmsrd or rfid "
1099 static char *breakpoint_help_string =
1100 "Breakpoint command usage:\n"
1101 "b show breakpoints\n"
1102 "b <addr> [cnt] set breakpoint at given instr addr\n"
1103 "bc clear all breakpoints\n"
1104 "bc <n/addr> clear breakpoint number n or at addr\n"
1105 "bi <addr> [cnt] set hardware instr breakpoint (POWER3/RS64 only)\n"
1106 "bd <addr> [cnt] set hardware data breakpoint\n"
1116 const char badaddr[] = "Only kernel addresses are permitted "
1117 "for breakpoints\n";
1122 case 'd': /* bd - hardware data breakpoint */
1127 else if (cmd == 'w')
1133 if (scanhex(&dabr.address)) {
1134 if (!is_kernel_addr(dabr.address)) {
1139 dabr.enabled = mode | BP_DABR;
1143 case 'i': /* bi - hardware instr breakpoint */
1144 if (!cpu_has_feature(CPU_FTR_IABR)) {
1145 printf("Hardware instruction breakpoint "
1146 "not supported on this cpu\n");
1150 iabr->enabled &= ~(BP_IABR | BP_IABR_TE);
1155 if (!check_bp_loc(a))
1157 bp = new_breakpoint(a);
1159 bp->enabled |= BP_IABR | BP_IABR_TE;
1167 /* clear all breakpoints */
1168 for (i = 0; i < NBPTS; ++i)
1169 bpts[i].enabled = 0;
1172 printf("All breakpoints cleared\n");
1176 if (a <= NBPTS && a >= 1) {
1177 /* assume a breakpoint number */
1178 bp = &bpts[a-1]; /* bp nums are 1 based */
1180 /* assume a breakpoint address */
1181 bp = at_breakpoint(a);
1183 printf("No breakpoint at %x\n", a);
1188 printf("Cleared breakpoint %x (", BP_NUM(bp));
1189 xmon_print_symbol(bp->address, " ", ")\n");
1197 printf(breakpoint_help_string);
1202 /* print all breakpoints */
1203 printf(" type address\n");
1205 printf(" data "REG" [", dabr.address);
1206 if (dabr.enabled & 1)
1208 if (dabr.enabled & 2)
1212 for (bp = bpts; bp < &bpts[NBPTS]; ++bp) {
1215 printf("%2x %s ", BP_NUM(bp),
1216 (bp->enabled & BP_IABR)? "inst": "trap");
1217 xmon_print_symbol(bp->address, " ", "\n");
1222 if (!check_bp_loc(a))
1224 bp = new_breakpoint(a);
1226 bp->enabled |= BP_TRAP;
1231 /* Very cheap human name for vector lookup. */
1233 const char *getvecname(unsigned long vec)
1238 case 0x100: ret = "(System Reset)"; break;
1239 case 0x200: ret = "(Machine Check)"; break;
1240 case 0x300: ret = "(Data Access)"; break;
1241 case 0x380: ret = "(Data SLB Access)"; break;
1242 case 0x400: ret = "(Instruction Access)"; break;
1243 case 0x480: ret = "(Instruction SLB Access)"; break;
1244 case 0x500: ret = "(Hardware Interrupt)"; break;
1245 case 0x600: ret = "(Alignment)"; break;
1246 case 0x700: ret = "(Program Check)"; break;
1247 case 0x800: ret = "(FPU Unavailable)"; break;
1248 case 0x900: ret = "(Decrementer)"; break;
1249 case 0xc00: ret = "(System Call)"; break;
1250 case 0xd00: ret = "(Single Step)"; break;
1251 case 0xf00: ret = "(Performance Monitor)"; break;
1252 case 0xf20: ret = "(Altivec Unavailable)"; break;
1253 case 0x1300: ret = "(Instruction Breakpoint)"; break;
1259 static void get_function_bounds(unsigned long pc, unsigned long *startp,
1260 unsigned long *endp)
1262 unsigned long size, offset;
1265 *startp = *endp = 0;
1268 if (setjmp(bus_error_jmp) == 0) {
1269 catch_memory_errors = 1;
1271 name = kallsyms_lookup(pc, &size, &offset, NULL, tmpstr);
1273 *startp = pc - offset;
1274 *endp = pc - offset + size;
1278 catch_memory_errors = 0;
1281 static int xmon_depth_to_print = 64;
1283 #define LRSAVE_OFFSET (STACK_FRAME_LR_SAVE * sizeof(unsigned long))
1284 #define MARKER_OFFSET (STACK_FRAME_MARKER * sizeof(unsigned long))
1286 #ifdef __powerpc64__
1287 #define REGS_OFFSET 0x70
1289 #define REGS_OFFSET 16
1292 static void xmon_show_stack(unsigned long sp, unsigned long lr,
1296 unsigned long newsp;
1297 unsigned long marker;
1299 struct pt_regs regs;
1302 if (sp < PAGE_OFFSET) {
1304 printf("SP (%lx) is in userspace\n", sp);
1308 if (!mread(sp + LRSAVE_OFFSET, &ip, sizeof(unsigned long))
1309 || !mread(sp, &newsp, sizeof(unsigned long))) {
1310 printf("Couldn't read stack frame at %lx\n", sp);
1315 * For the first stack frame, try to work out if
1316 * LR and/or the saved LR value in the bottommost
1317 * stack frame are valid.
1319 if ((pc | lr) != 0) {
1320 unsigned long fnstart, fnend;
1321 unsigned long nextip;
1324 get_function_bounds(pc, &fnstart, &fnend);
1327 mread(newsp + LRSAVE_OFFSET, &nextip,
1328 sizeof(unsigned long));
1330 if (lr < PAGE_OFFSET
1331 || (fnstart <= lr && lr < fnend))
1333 } else if (lr == nextip) {
1335 } else if (lr >= PAGE_OFFSET
1336 && !(fnstart <= lr && lr < fnend)) {
1337 printf("[link register ] ");
1338 xmon_print_symbol(lr, " ", "\n");
1341 printf("["REG"] ", sp);
1342 xmon_print_symbol(ip, " ", " (unreliable)\n");
1347 printf("["REG"] ", sp);
1348 xmon_print_symbol(ip, " ", "\n");
1351 /* Look for "regshere" marker to see if this is
1352 an exception frame. */
1353 if (mread(sp + MARKER_OFFSET, &marker, sizeof(unsigned long))
1354 && marker == STACK_FRAME_REGS_MARKER) {
1355 if (mread(sp + REGS_OFFSET, ®s, sizeof(regs))
1357 printf("Couldn't read registers at %lx\n",
1361 printf("--- Exception: %lx %s at ", regs.trap,
1362 getvecname(TRAP(®s)));
1365 xmon_print_symbol(pc, " ", "\n");
1372 } while (count++ < xmon_depth_to_print);
1375 static void backtrace(struct pt_regs *excp)
1380 xmon_show_stack(sp, 0, 0);
1382 xmon_show_stack(excp->gpr[1], excp->link, excp->nip);
1386 static void print_bug_trap(struct pt_regs *regs)
1389 const struct bug_entry *bug;
1392 if (regs->msr & MSR_PR)
1393 return; /* not in kernel */
1394 addr = regs->nip; /* address of trap instruction */
1395 if (addr < PAGE_OFFSET)
1397 bug = find_bug(regs->nip);
1400 if (is_warning_bug(bug))
1403 #ifdef CONFIG_DEBUG_BUGVERBOSE
1404 printf("kernel BUG at %s:%u!\n",
1405 bug->file, bug->line);
1407 printf("kernel BUG at %p!\n", (void *)bug->bug_addr);
1409 #endif /* CONFIG_BUG */
1412 static void excprint(struct pt_regs *fp)
1417 printf("cpu 0x%x: ", smp_processor_id());
1418 #endif /* CONFIG_SMP */
1421 printf("Vector: %lx %s at [%lx]\n", fp->trap, getvecname(trap), fp);
1423 xmon_print_symbol(fp->nip, ": ", "\n");
1425 printf(" lr: ", fp->link);
1426 xmon_print_symbol(fp->link, ": ", "\n");
1428 printf(" sp: %lx\n", fp->gpr[1]);
1429 printf(" msr: %lx\n", fp->msr);
1431 if (trap == 0x300 || trap == 0x380 || trap == 0x600) {
1432 printf(" dar: %lx\n", fp->dar);
1434 printf(" dsisr: %lx\n", fp->dsisr);
1437 printf(" current = 0x%lx\n", current);
1439 printf(" paca = 0x%lx\t softe: %d\t irq_happened: 0x%02x\n",
1440 local_paca, local_paca->soft_enabled, local_paca->irq_happened);
1443 printf(" pid = %ld, comm = %s\n",
1444 current->pid, current->comm);
1451 static void prregs(struct pt_regs *fp)
1455 struct pt_regs regs;
1457 if (scanhex(&base)) {
1458 if (setjmp(bus_error_jmp) == 0) {
1459 catch_memory_errors = 1;
1461 regs = *(struct pt_regs *)base;
1465 catch_memory_errors = 0;
1466 printf("*** Error reading registers from "REG"\n",
1470 catch_memory_errors = 0;
1475 if (FULL_REGS(fp)) {
1476 for (n = 0; n < 16; ++n)
1477 printf("R%.2ld = "REG" R%.2ld = "REG"\n",
1478 n, fp->gpr[n], n+16, fp->gpr[n+16]);
1480 for (n = 0; n < 7; ++n)
1481 printf("R%.2ld = "REG" R%.2ld = "REG"\n",
1482 n, fp->gpr[n], n+7, fp->gpr[n+7]);
1485 for (n = 0; n < 32; ++n) {
1486 printf("R%.2d = %.8x%s", n, fp->gpr[n],
1487 (n & 3) == 3? "\n": " ");
1488 if (n == 12 && !FULL_REGS(fp)) {
1495 xmon_print_symbol(fp->nip, " ", "\n");
1496 if (TRAP(fp) != 0xc00 && cpu_has_feature(CPU_FTR_CFAR)) {
1498 xmon_print_symbol(fp->orig_gpr3, " ", "\n");
1501 xmon_print_symbol(fp->link, " ", "\n");
1502 printf("msr = "REG" cr = %.8lx\n", fp->msr, fp->ccr);
1503 printf("ctr = "REG" xer = "REG" trap = %4lx\n",
1504 fp->ctr, fp->xer, fp->trap);
1506 if (trap == 0x300 || trap == 0x380 || trap == 0x600)
1507 printf("dar = "REG" dsisr = %.8lx\n", fp->dar, fp->dsisr);
1510 static void cacheflush(void)
1513 unsigned long nflush;
1518 scanhex((void *)&adrs);
1523 nflush = (nflush + L1_CACHE_BYTES - 1) / L1_CACHE_BYTES;
1524 if (setjmp(bus_error_jmp) == 0) {
1525 catch_memory_errors = 1;
1529 for (; nflush > 0; --nflush, adrs += L1_CACHE_BYTES)
1530 cflush((void *) adrs);
1532 for (; nflush > 0; --nflush, adrs += L1_CACHE_BYTES)
1533 cinval((void *) adrs);
1536 /* wait a little while to see if we get a machine check */
1539 catch_memory_errors = 0;
1542 static unsigned long
1545 unsigned int instrs[2];
1546 unsigned long (*code)(void);
1547 unsigned long ret = -1UL;
1549 unsigned long opd[3];
1551 opd[0] = (unsigned long)instrs;
1554 code = (unsigned long (*)(void)) opd;
1556 code = (unsigned long (*)(void)) instrs;
1559 /* mfspr r3,n; blr */
1560 instrs[0] = 0x7c6002a6 + ((n & 0x1F) << 16) + ((n & 0x3e0) << 6);
1561 instrs[1] = 0x4e800020;
1563 store_inst(instrs+1);
1565 if (setjmp(bus_error_jmp) == 0) {
1566 catch_memory_errors = 1;
1572 /* wait a little while to see if we get a machine check */
1581 write_spr(int n, unsigned long val)
1583 unsigned int instrs[2];
1584 unsigned long (*code)(unsigned long);
1586 unsigned long opd[3];
1588 opd[0] = (unsigned long)instrs;
1591 code = (unsigned long (*)(unsigned long)) opd;
1593 code = (unsigned long (*)(unsigned long)) instrs;
1596 instrs[0] = 0x7c6003a6 + ((n & 0x1F) << 16) + ((n & 0x3e0) << 6);
1597 instrs[1] = 0x4e800020;
1599 store_inst(instrs+1);
1601 if (setjmp(bus_error_jmp) == 0) {
1602 catch_memory_errors = 1;
1608 /* wait a little while to see if we get a machine check */
1614 static unsigned long regno;
1615 extern char exc_prolog;
1616 extern char dec_exc;
1618 static void super_regs(void)
1625 unsigned long sp, toc;
1626 asm("mr %0,1" : "=r" (sp) :);
1627 asm("mr %0,2" : "=r" (toc) :);
1629 printf("msr = "REG" sprg0= "REG"\n",
1630 mfmsr(), mfspr(SPRN_SPRG0));
1631 printf("pvr = "REG" sprg1= "REG"\n",
1632 mfspr(SPRN_PVR), mfspr(SPRN_SPRG1));
1633 printf("dec = "REG" sprg2= "REG"\n",
1634 mfspr(SPRN_DEC), mfspr(SPRN_SPRG2));
1635 printf("sp = "REG" sprg3= "REG"\n", sp, mfspr(SPRN_SPRG3));
1636 printf("toc = "REG" dar = "REG"\n", toc, mfspr(SPRN_DAR));
1644 val = read_spr(regno);
1646 write_spr(regno, val);
1649 printf("spr %lx = %lx\n", regno, read_spr(regno));
1656 * Stuff for reading and writing memory safely
1659 mread(unsigned long adrs, void *buf, int size)
1665 if (setjmp(bus_error_jmp) == 0) {
1666 catch_memory_errors = 1;
1672 *(u16 *)q = *(u16 *)p;
1675 *(u32 *)q = *(u32 *)p;
1678 *(u64 *)q = *(u64 *)p;
1681 for( ; n < size; ++n) {
1687 /* wait a little while to see if we get a machine check */
1691 catch_memory_errors = 0;
1696 mwrite(unsigned long adrs, void *buf, int size)
1702 if (setjmp(bus_error_jmp) == 0) {
1703 catch_memory_errors = 1;
1709 *(u16 *)p = *(u16 *)q;
1712 *(u32 *)p = *(u32 *)q;
1715 *(u64 *)p = *(u64 *)q;
1718 for ( ; n < size; ++n) {
1724 /* wait a little while to see if we get a machine check */
1728 printf("*** Error writing address %x\n", adrs + n);
1730 catch_memory_errors = 0;
1734 static int fault_type;
1735 static int fault_except;
1736 static char *fault_chars[] = { "--", "**", "##" };
1738 static int handle_fault(struct pt_regs *regs)
1740 fault_except = TRAP(regs);
1741 switch (TRAP(regs)) {
1753 longjmp(bus_error_jmp, 1);
1758 #define SWAP(a, b, t) ((t) = (a), (a) = (b), (b) = (t))
1761 byterev(unsigned char *val, int size)
1767 SWAP(val[0], val[1], t);
1770 SWAP(val[0], val[3], t);
1771 SWAP(val[1], val[2], t);
1773 case 8: /* is there really any use for this? */
1774 SWAP(val[0], val[7], t);
1775 SWAP(val[1], val[6], t);
1776 SWAP(val[2], val[5], t);
1777 SWAP(val[3], val[4], t);
1785 static char *memex_help_string =
1786 "Memory examine command usage:\n"
1787 "m [addr] [flags] examine/change memory\n"
1788 " addr is optional. will start where left off.\n"
1789 " flags may include chars from this set:\n"
1790 " b modify by bytes (default)\n"
1791 " w modify by words (2 byte)\n"
1792 " l modify by longs (4 byte)\n"
1793 " d modify by doubleword (8 byte)\n"
1794 " r toggle reverse byte order mode\n"
1795 " n do not read memory (for i/o spaces)\n"
1796 " . ok to read (default)\n"
1797 "NOTE: flags are saved as defaults\n"
1800 static char *memex_subcmd_help_string =
1801 "Memory examine subcommands:\n"
1802 " hexval write this val to current location\n"
1803 " 'string' write chars from string to this location\n"
1804 " ' increment address\n"
1805 " ^ decrement address\n"
1806 " / increment addr by 0x10. //=0x100, ///=0x1000, etc\n"
1807 " \\ decrement addr by 0x10. \\\\=0x100, \\\\\\=0x1000, etc\n"
1808 " ` clear no-read flag\n"
1809 " ; stay at this addr\n"
1810 " v change to byte mode\n"
1811 " w change to word (2 byte) mode\n"
1812 " l change to long (4 byte) mode\n"
1813 " u change to doubleword (8 byte) mode\n"
1814 " m addr change current addr\n"
1815 " n toggle no-read flag\n"
1816 " r toggle byte reverse flag\n"
1817 " < count back up count bytes\n"
1818 " > count skip forward count bytes\n"
1819 " x exit this mode\n"
1825 int cmd, inc, i, nslash;
1827 unsigned char val[16];
1829 scanhex((void *)&adrs);
1832 printf(memex_help_string);
1838 while ((cmd = skipbl()) != '\n') {
1840 case 'b': size = 1; break;
1841 case 'w': size = 2; break;
1842 case 'l': size = 4; break;
1843 case 'd': size = 8; break;
1844 case 'r': brev = !brev; break;
1845 case 'n': mnoread = 1; break;
1846 case '.': mnoread = 0; break;
1855 n = mread(adrs, val, size);
1856 printf(REG"%c", adrs, brev? 'r': ' ');
1861 for (i = 0; i < n; ++i)
1862 printf("%.2x", val[i]);
1863 for (; i < size; ++i)
1864 printf("%s", fault_chars[fault_type]);
1871 for (i = 0; i < size; ++i)
1872 val[i] = n >> (i * 8);
1875 mwrite(adrs, val, size);
1888 else if( n == '\'' )
1890 for (i = 0; i < size; ++i)
1891 val[i] = n >> (i * 8);
1894 mwrite(adrs, val, size);
1931 adrs -= 1 << nslash;
1935 adrs += 1 << nslash;
1939 adrs += 1 << -nslash;
1943 adrs -= 1 << -nslash;
1946 scanhex((void *)&adrs);
1965 printf(memex_subcmd_help_string);
1980 case 'n': c = '\n'; break;
1981 case 'r': c = '\r'; break;
1982 case 'b': c = '\b'; break;
1983 case 't': c = '\t'; break;
1988 static void xmon_rawdump (unsigned long adrs, long ndump)
1991 unsigned char temp[16];
1993 for (n = ndump; n > 0;) {
1995 nr = mread(adrs, temp, r);
1997 for (m = 0; m < r; ++m) {
1999 printf("%.2x", temp[m]);
2001 printf("%s", fault_chars[fault_type]);
2010 #define isxdigit(c) (('0' <= (c) && (c) <= '9') \
2011 || ('a' <= (c) && (c) <= 'f') \
2012 || ('A' <= (c) && (c) <= 'F'))
2019 if ((isxdigit(c) && c != 'f' && c != 'd') || c == '\n')
2021 scanhex((void *)&adrs);
2028 else if (nidump > MAX_DUMP)
2030 adrs += ppc_inst_dump(adrs, nidump, 1);
2032 } else if (c == 'l') {
2034 } else if (c == 'r') {
2038 xmon_rawdump(adrs, ndump);
2045 else if (ndump > MAX_DUMP)
2047 prdump(adrs, ndump);
2054 prdump(unsigned long adrs, long ndump)
2056 long n, m, c, r, nr;
2057 unsigned char temp[16];
2059 for (n = ndump; n > 0;) {
2063 nr = mread(adrs, temp, r);
2065 for (m = 0; m < r; ++m) {
2066 if ((m & (sizeof(long) - 1)) == 0 && m > 0)
2069 printf("%.2x", temp[m]);
2071 printf("%s", fault_chars[fault_type]);
2073 for (; m < 16; ++m) {
2074 if ((m & (sizeof(long) - 1)) == 0)
2079 for (m = 0; m < r; ++m) {
2082 putchar(' ' <= c && c <= '~'? c: '.');
2095 typedef int (*instruction_dump_func)(unsigned long inst, unsigned long addr);
2098 generic_inst_dump(unsigned long adr, long count, int praddr,
2099 instruction_dump_func dump_func)
2102 unsigned long first_adr;
2103 unsigned long inst, last_inst = 0;
2104 unsigned char val[4];
2107 for (first_adr = adr; count > 0; --count, adr += 4) {
2108 nr = mread(adr, val, 4);
2111 const char *x = fault_chars[fault_type];
2112 printf(REG" %s%s%s%s\n", adr, x, x, x, x);
2116 inst = GETWORD(val);
2117 if (adr > first_adr && inst == last_inst) {
2127 printf(REG" %.8x", adr, inst);
2129 dump_func(inst, adr);
2132 return adr - first_adr;
2136 ppc_inst_dump(unsigned long adr, long count, int praddr)
2138 return generic_inst_dump(adr, count, praddr, print_insn_powerpc);
2142 print_address(unsigned long addr)
2144 xmon_print_symbol(addr, "\t# ", "");
2150 const unsigned long size = 128;
2151 unsigned long end, addr;
2152 unsigned char buf[size + 1];
2157 if (setjmp(bus_error_jmp) != 0) {
2158 printf("Unable to lookup symbol __log_buf!\n");
2162 catch_memory_errors = 1;
2164 addr = kallsyms_lookup_name("__log_buf");
2167 printf("Symbol __log_buf not found!\n");
2169 end = addr + (1 << CONFIG_LOG_BUF_SHIFT);
2170 while (addr < end) {
2171 if (! mread(addr, buf, size)) {
2172 printf("Can't read memory at address 0x%lx\n", addr);
2178 if (strlen(buf) < size)
2186 /* wait a little while to see if we get a machine check */
2188 catch_memory_errors = 0;
2192 * Memory operations - move, set, print differences
2194 static unsigned long mdest; /* destination address */
2195 static unsigned long msrc; /* source address */
2196 static unsigned long mval; /* byte value to set memory to */
2197 static unsigned long mcount; /* # bytes to affect */
2198 static unsigned long mdiffs; /* max # differences to print */
2203 scanhex((void *)&mdest);
2204 if( termch != '\n' )
2206 scanhex((void *)(cmd == 's'? &mval: &msrc));
2207 if( termch != '\n' )
2209 scanhex((void *)&mcount);
2212 memmove((void *)mdest, (void *)msrc, mcount);
2215 memset((void *)mdest, mval, mcount);
2218 if( termch != '\n' )
2220 scanhex((void *)&mdiffs);
2221 memdiffs((unsigned char *)mdest, (unsigned char *)msrc, mcount, mdiffs);
2227 memdiffs(unsigned char *p1, unsigned char *p2, unsigned nb, unsigned maxpr)
2232 for( n = nb; n > 0; --n )
2233 if( *p1++ != *p2++ )
2234 if( ++prt <= maxpr )
2235 printf("%.16x %.2x # %.16x %.2x\n", p1 - 1,
2236 p1[-1], p2 - 1, p2[-1]);
2238 printf("Total of %d differences\n", prt);
2241 static unsigned mend;
2242 static unsigned mask;
2248 unsigned char val[4];
2251 scanhex((void *)&mdest);
2252 if (termch != '\n') {
2254 scanhex((void *)&mend);
2255 if (termch != '\n') {
2257 scanhex((void *)&mval);
2259 if (termch != '\n') termch = 0;
2260 scanhex((void *)&mask);
2264 for (a = mdest; a < mend; a += 4) {
2265 if (mread(a, val, 4) == 4
2266 && ((GETWORD(val) ^ mval) & mask) == 0) {
2267 printf("%.16x: %.16x\n", a, GETWORD(val));
2274 static unsigned long mskip = 0x1000;
2275 static unsigned long mlim = 0xffffffff;
2285 if (termch != '\n') termch = 0;
2287 if (termch != '\n') termch = 0;
2290 for (a = mdest; a < mlim; a += mskip) {
2291 ok = mread(a, &v, 1);
2293 printf("%.8x .. ", a);
2294 } else if (!ok && ook)
2295 printf("%.8x\n", a - mskip);
2301 printf("%.8x\n", a - mskip);
2304 static void proccall(void)
2306 unsigned long args[8];
2309 typedef unsigned long (*callfunc_t)(unsigned long, unsigned long,
2310 unsigned long, unsigned long, unsigned long,
2311 unsigned long, unsigned long, unsigned long);
2314 if (!scanhex(&adrs))
2318 for (i = 0; i < 8; ++i)
2320 for (i = 0; i < 8; ++i) {
2321 if (!scanhex(&args[i]) || termch == '\n')
2325 func = (callfunc_t) adrs;
2327 if (setjmp(bus_error_jmp) == 0) {
2328 catch_memory_errors = 1;
2330 ret = func(args[0], args[1], args[2], args[3],
2331 args[4], args[5], args[6], args[7]);
2333 printf("return value is %x\n", ret);
2335 printf("*** %x exception occurred\n", fault_except);
2337 catch_memory_errors = 0;
2340 /* Input scanning routines */
2351 while( c == ' ' || c == '\t' )
2357 static char *regnames[N_PTREGS] = {
2358 "r0", "r1", "r2", "r3", "r4", "r5", "r6", "r7",
2359 "r8", "r9", "r10", "r11", "r12", "r13", "r14", "r15",
2360 "r16", "r17", "r18", "r19", "r20", "r21", "r22", "r23",
2361 "r24", "r25", "r26", "r27", "r28", "r29", "r30", "r31",
2362 "pc", "msr", "or3", "ctr", "lr", "xer", "ccr",
2368 "trap", "dar", "dsisr", "res"
2372 scanhex(unsigned long *vp)
2379 /* parse register name */
2383 for (i = 0; i < sizeof(regname) - 1; ++i) {
2392 for (i = 0; i < N_PTREGS; ++i) {
2393 if (strcmp(regnames[i], regname) == 0) {
2394 if (xmon_regs == NULL) {
2395 printf("regs not available\n");
2398 *vp = ((unsigned long *)xmon_regs)[i];
2402 printf("invalid register name '%%%s'\n", regname);
2406 /* skip leading "0x" if any */
2420 } else if (c == '$') {
2422 for (i=0; i<63; i++) {
2432 if (setjmp(bus_error_jmp) == 0) {
2433 catch_memory_errors = 1;
2435 *vp = kallsyms_lookup_name(tmpstr);
2438 catch_memory_errors = 0;
2440 printf("unknown symbol '%s'\n", tmpstr);
2473 static int hexdigit(int c)
2475 if( '0' <= c && c <= '9' )
2477 if( 'A' <= c && c <= 'F' )
2478 return c - ('A' - 10);
2479 if( 'a' <= c && c <= 'f' )
2480 return c - ('a' - 10);
2485 getstring(char *s, int size)
2496 } while( c != ' ' && c != '\t' && c != '\n' );
2501 static char line[256];
2502 static char *lineptr;
2513 if (lineptr == NULL || *lineptr == 0) {
2514 if (xmon_gets(line, sizeof(line)) == NULL) {
2524 take_input(char *str)
2533 int type = inchar();
2535 static char tmp[64];
2540 xmon_print_symbol(addr, ": ", "\n");
2545 if (setjmp(bus_error_jmp) == 0) {
2546 catch_memory_errors = 1;
2548 addr = kallsyms_lookup_name(tmp);
2550 printf("%s: %lx\n", tmp, addr);
2552 printf("Symbol '%s' not found.\n", tmp);
2555 catch_memory_errors = 0;
2562 /* Print an address in numeric and symbolic form (if possible) */
2563 static void xmon_print_symbol(unsigned long address, const char *mid,
2567 const char *name = NULL;
2568 unsigned long offset, size;
2570 printf(REG, address);
2571 if (setjmp(bus_error_jmp) == 0) {
2572 catch_memory_errors = 1;
2574 name = kallsyms_lookup(address, &size, &offset, &modname,
2577 /* wait a little while to see if we get a machine check */
2581 catch_memory_errors = 0;
2584 printf("%s%s+%#lx/%#lx", mid, name, offset, size);
2586 printf(" [%s]", modname);
2588 printf("%s", after);
2591 #ifdef CONFIG_PPC_BOOK3S_64
2592 static void dump_slb(void)
2595 unsigned long esid,vsid,valid;
2598 printf("SLB contents of cpu %x\n", smp_processor_id());
2600 for (i = 0; i < mmu_slb_size; i++) {
2601 asm volatile("slbmfee %0,%1" : "=r" (esid) : "r" (i));
2602 asm volatile("slbmfev %0,%1" : "=r" (vsid) : "r" (i));
2603 valid = (esid & SLB_ESID_V);
2604 if (valid | esid | vsid) {
2605 printf("%02d %016lx %016lx", i, esid, vsid);
2607 llp = vsid & SLB_VSID_LLP;
2608 if (vsid & SLB_VSID_B_1T) {
2609 printf(" 1T ESID=%9lx VSID=%13lx LLP:%3lx \n",
2611 (vsid & ~SLB_VSID_B) >> SLB_VSID_SHIFT_1T,
2614 printf(" 256M ESID=%9lx VSID=%13lx LLP:%3lx \n",
2616 (vsid & ~SLB_VSID_B) >> SLB_VSID_SHIFT,
2625 static void dump_stab(void)
2628 unsigned long *tmp = (unsigned long *)local_paca->stab_addr;
2630 printf("Segment table contents of cpu %x\n", smp_processor_id());
2632 for (i = 0; i < PAGE_SIZE/16; i++) {
2639 printf("%03d %016lx ", i, a);
2640 printf("%016lx\n", b);
2645 void dump_segments(void)
2647 if (mmu_has_feature(MMU_FTR_SLB))
2654 #ifdef CONFIG_PPC_STD_MMU_32
2655 void dump_segments(void)
2660 for (i = 0; i < 16; ++i)
2661 printf(" %x", mfsrin(i));
2667 static void dump_tlb_44x(void)
2671 for (i = 0; i < PPC44x_TLB_SIZE; i++) {
2672 unsigned long w0,w1,w2;
2673 asm volatile("tlbre %0,%1,0" : "=r" (w0) : "r" (i));
2674 asm volatile("tlbre %0,%1,1" : "=r" (w1) : "r" (i));
2675 asm volatile("tlbre %0,%1,2" : "=r" (w2) : "r" (i));
2676 printf("[%02x] %08x %08x %08x ", i, w0, w1, w2);
2677 if (w0 & PPC44x_TLB_VALID) {
2678 printf("V %08x -> %01x%08x %c%c%c%c%c",
2679 w0 & PPC44x_TLB_EPN_MASK,
2680 w1 & PPC44x_TLB_ERPN_MASK,
2681 w1 & PPC44x_TLB_RPN_MASK,
2682 (w2 & PPC44x_TLB_W) ? 'W' : 'w',
2683 (w2 & PPC44x_TLB_I) ? 'I' : 'i',
2684 (w2 & PPC44x_TLB_M) ? 'M' : 'm',
2685 (w2 & PPC44x_TLB_G) ? 'G' : 'g',
2686 (w2 & PPC44x_TLB_E) ? 'E' : 'e');
2691 #endif /* CONFIG_44x */
2693 #ifdef CONFIG_PPC_BOOK3E
2694 static void dump_tlb_book3e(void)
2696 u32 mmucfg, pidmask, lpidmask;
2698 int i, tlb, ntlbs, pidsz, lpidsz, rasz, lrat = 0;
2700 static const char *pgsz_names[] = {
2735 /* Gather some infos about the MMU */
2736 mmucfg = mfspr(SPRN_MMUCFG);
2737 mmu_version = (mmucfg & 3) + 1;
2738 ntlbs = ((mmucfg >> 2) & 3) + 1;
2739 pidsz = ((mmucfg >> 6) & 0x1f) + 1;
2740 lpidsz = (mmucfg >> 24) & 0xf;
2741 rasz = (mmucfg >> 16) & 0x7f;
2742 if ((mmu_version > 1) && (mmucfg & 0x10000))
2744 printf("Book3E MMU MAV=%d.0,%d TLBs,%d-bit PID,%d-bit LPID,%d-bit RA\n",
2745 mmu_version, ntlbs, pidsz, lpidsz, rasz);
2746 pidmask = (1ul << pidsz) - 1;
2747 lpidmask = (1ul << lpidsz) - 1;
2748 ramask = (1ull << rasz) - 1;
2750 for (tlb = 0; tlb < ntlbs; tlb++) {
2752 int nent, assoc, new_cc = 1;
2753 printf("TLB %d:\n------\n", tlb);
2756 tlbcfg = mfspr(SPRN_TLB0CFG);
2759 tlbcfg = mfspr(SPRN_TLB1CFG);
2762 tlbcfg = mfspr(SPRN_TLB2CFG);
2765 tlbcfg = mfspr(SPRN_TLB3CFG);
2768 printf("Unsupported TLB number !\n");
2771 nent = tlbcfg & 0xfff;
2772 assoc = (tlbcfg >> 24) & 0xff;
2773 for (i = 0; i < nent; i++) {
2774 u32 mas0 = MAS0_TLBSEL(tlb);
2775 u32 mas1 = MAS1_TSIZE(BOOK3E_PAGESZ_4K);
2778 int esel = i, cc = i;
2786 mas0 |= MAS0_ESEL(esel);
2787 mtspr(SPRN_MAS0, mas0);
2788 mtspr(SPRN_MAS1, mas1);
2789 mtspr(SPRN_MAS2, mas2);
2790 asm volatile("tlbre 0,0,0" : : : "memory");
2791 mas1 = mfspr(SPRN_MAS1);
2792 mas2 = mfspr(SPRN_MAS2);
2793 mas7_mas3 = mfspr(SPRN_MAS7_MAS3);
2794 if (assoc && (i % assoc) == 0)
2796 if (!(mas1 & MAS1_VALID))
2799 printf("%04x- ", i);
2801 printf("%04x-%c", cc, 'A' + esel);
2803 printf(" |%c", 'A' + esel);
2805 printf(" %016llx %04x %s %c%c AS%c",
2807 (mas1 >> 16) & 0x3fff,
2808 pgsz_names[(mas1 >> 7) & 0x1f],
2809 mas1 & MAS1_IND ? 'I' : ' ',
2810 mas1 & MAS1_IPROT ? 'P' : ' ',
2811 mas1 & MAS1_TS ? '1' : '0');
2812 printf(" %c%c%c%c%c%c%c",
2813 mas2 & MAS2_X0 ? 'a' : ' ',
2814 mas2 & MAS2_X1 ? 'v' : ' ',
2815 mas2 & MAS2_W ? 'w' : ' ',
2816 mas2 & MAS2_I ? 'i' : ' ',
2817 mas2 & MAS2_M ? 'm' : ' ',
2818 mas2 & MAS2_G ? 'g' : ' ',
2819 mas2 & MAS2_E ? 'e' : ' ');
2820 printf(" %016llx", mas7_mas3 & ramask & ~0x7ffull);
2821 if (mas1 & MAS1_IND)
2823 pgsz_names[(mas7_mas3 >> 1) & 0x1f]);
2825 printf(" U%c%c%c S%c%c%c\n",
2826 mas7_mas3 & MAS3_UX ? 'x' : ' ',
2827 mas7_mas3 & MAS3_UW ? 'w' : ' ',
2828 mas7_mas3 & MAS3_UR ? 'r' : ' ',
2829 mas7_mas3 & MAS3_SX ? 'x' : ' ',
2830 mas7_mas3 & MAS3_SW ? 'w' : ' ',
2831 mas7_mas3 & MAS3_SR ? 'r' : ' ');
2835 #endif /* CONFIG_PPC_BOOK3E */
2837 static void xmon_init(int enable)
2841 __debugger_ipi = xmon_ipi;
2842 __debugger_bpt = xmon_bpt;
2843 __debugger_sstep = xmon_sstep;
2844 __debugger_iabr_match = xmon_iabr_match;
2845 __debugger_dabr_match = xmon_dabr_match;
2846 __debugger_fault_handler = xmon_fault_handler;
2849 __debugger_ipi = NULL;
2850 __debugger_bpt = NULL;
2851 __debugger_sstep = NULL;
2852 __debugger_iabr_match = NULL;
2853 __debugger_dabr_match = NULL;
2854 __debugger_fault_handler = NULL;
2859 #ifdef CONFIG_MAGIC_SYSRQ
2860 static void sysrq_handle_xmon(int key)
2862 /* ensure xmon is enabled */
2864 debugger(get_irq_regs());
2867 static struct sysrq_key_op sysrq_xmon_op = {
2868 .handler = sysrq_handle_xmon,
2870 .action_msg = "Entering xmon",
2873 static int __init setup_xmon_sysrq(void)
2875 register_sysrq_key('x', &sysrq_xmon_op);
2878 __initcall(setup_xmon_sysrq);
2879 #endif /* CONFIG_MAGIC_SYSRQ */
2881 static int __initdata xmon_early, xmon_off;
2883 static int __init early_parse_xmon(char *p)
2885 if (!p || strncmp(p, "early", 5) == 0) {
2886 /* just "xmon" is equivalent to "xmon=early" */
2889 } else if (strncmp(p, "on", 2) == 0)
2891 else if (strncmp(p, "off", 3) == 0)
2893 else if (strncmp(p, "nobt", 4) == 0)
2894 xmon_no_auto_backtrace = 1;
2900 early_param("xmon", early_parse_xmon);
2902 void __init xmon_setup(void)
2904 #ifdef CONFIG_XMON_DEFAULT
2912 #ifdef CONFIG_SPU_BASE
2916 u64 saved_mfc_sr1_RW;
2917 u32 saved_spu_runcntl_RW;
2918 unsigned long dump_addr;
2922 #define XMON_NUM_SPUS 16 /* Enough for current hardware */
2924 static struct spu_info spu_info[XMON_NUM_SPUS];
2926 void xmon_register_spus(struct list_head *list)
2930 list_for_each_entry(spu, list, full_list) {
2931 if (spu->number >= XMON_NUM_SPUS) {
2936 spu_info[spu->number].spu = spu;
2937 spu_info[spu->number].stopped_ok = 0;
2938 spu_info[spu->number].dump_addr = (unsigned long)
2939 spu_info[spu->number].spu->local_store;
2943 static void stop_spus(void)
2949 for (i = 0; i < XMON_NUM_SPUS; i++) {
2950 if (!spu_info[i].spu)
2953 if (setjmp(bus_error_jmp) == 0) {
2954 catch_memory_errors = 1;
2957 spu = spu_info[i].spu;
2959 spu_info[i].saved_spu_runcntl_RW =
2960 in_be32(&spu->problem->spu_runcntl_RW);
2962 tmp = spu_mfc_sr1_get(spu);
2963 spu_info[i].saved_mfc_sr1_RW = tmp;
2965 tmp &= ~MFC_STATE1_MASTER_RUN_CONTROL_MASK;
2966 spu_mfc_sr1_set(spu, tmp);
2971 spu_info[i].stopped_ok = 1;
2973 printf("Stopped spu %.2d (was %s)\n", i,
2974 spu_info[i].saved_spu_runcntl_RW ?
2975 "running" : "stopped");
2977 catch_memory_errors = 0;
2978 printf("*** Error stopping spu %.2d\n", i);
2980 catch_memory_errors = 0;
2984 static void restart_spus(void)
2989 for (i = 0; i < XMON_NUM_SPUS; i++) {
2990 if (!spu_info[i].spu)
2993 if (!spu_info[i].stopped_ok) {
2994 printf("*** Error, spu %d was not successfully stopped"
2995 ", not restarting\n", i);
2999 if (setjmp(bus_error_jmp) == 0) {
3000 catch_memory_errors = 1;
3003 spu = spu_info[i].spu;
3004 spu_mfc_sr1_set(spu, spu_info[i].saved_mfc_sr1_RW);
3005 out_be32(&spu->problem->spu_runcntl_RW,
3006 spu_info[i].saved_spu_runcntl_RW);
3011 printf("Restarted spu %.2d\n", i);
3013 catch_memory_errors = 0;
3014 printf("*** Error restarting spu %.2d\n", i);
3016 catch_memory_errors = 0;
3020 #define DUMP_WIDTH 23
3021 #define DUMP_VALUE(format, field, value) \
3023 if (setjmp(bus_error_jmp) == 0) { \
3024 catch_memory_errors = 1; \
3026 printf(" %-*s = "format"\n", DUMP_WIDTH, \
3031 catch_memory_errors = 0; \
3032 printf(" %-*s = *** Error reading field.\n", \
3033 DUMP_WIDTH, #field); \
3035 catch_memory_errors = 0; \
3038 #define DUMP_FIELD(obj, format, field) \
3039 DUMP_VALUE(format, field, obj->field)
3041 static void dump_spu_fields(struct spu *spu)
3043 printf("Dumping spu fields at address %p:\n", spu);
3045 DUMP_FIELD(spu, "0x%x", number);
3046 DUMP_FIELD(spu, "%s", name);
3047 DUMP_FIELD(spu, "0x%lx", local_store_phys);
3048 DUMP_FIELD(spu, "0x%p", local_store);
3049 DUMP_FIELD(spu, "0x%lx", ls_size);
3050 DUMP_FIELD(spu, "0x%x", node);
3051 DUMP_FIELD(spu, "0x%lx", flags);
3052 DUMP_FIELD(spu, "%d", class_0_pending);
3053 DUMP_FIELD(spu, "0x%lx", class_0_dar);
3054 DUMP_FIELD(spu, "0x%lx", class_1_dar);
3055 DUMP_FIELD(spu, "0x%lx", class_1_dsisr);
3056 DUMP_FIELD(spu, "0x%lx", irqs[0]);
3057 DUMP_FIELD(spu, "0x%lx", irqs[1]);
3058 DUMP_FIELD(spu, "0x%lx", irqs[2]);
3059 DUMP_FIELD(spu, "0x%x", slb_replace);
3060 DUMP_FIELD(spu, "%d", pid);
3061 DUMP_FIELD(spu, "0x%p", mm);
3062 DUMP_FIELD(spu, "0x%p", ctx);
3063 DUMP_FIELD(spu, "0x%p", rq);
3064 DUMP_FIELD(spu, "0x%p", timestamp);
3065 DUMP_FIELD(spu, "0x%lx", problem_phys);
3066 DUMP_FIELD(spu, "0x%p", problem);
3067 DUMP_VALUE("0x%x", problem->spu_runcntl_RW,
3068 in_be32(&spu->problem->spu_runcntl_RW));
3069 DUMP_VALUE("0x%x", problem->spu_status_R,
3070 in_be32(&spu->problem->spu_status_R));
3071 DUMP_VALUE("0x%x", problem->spu_npc_RW,
3072 in_be32(&spu->problem->spu_npc_RW));
3073 DUMP_FIELD(spu, "0x%p", priv2);
3074 DUMP_FIELD(spu, "0x%p", pdata);
3078 spu_inst_dump(unsigned long adr, long count, int praddr)
3080 return generic_inst_dump(adr, count, praddr, print_insn_spu);
3083 static void dump_spu_ls(unsigned long num, int subcmd)
3085 unsigned long offset, addr, ls_addr;
3087 if (setjmp(bus_error_jmp) == 0) {
3088 catch_memory_errors = 1;
3090 ls_addr = (unsigned long)spu_info[num].spu->local_store;
3094 catch_memory_errors = 0;
3095 printf("*** Error: accessing spu info for spu %d\n", num);
3098 catch_memory_errors = 0;
3100 if (scanhex(&offset))
3101 addr = ls_addr + offset;
3103 addr = spu_info[num].dump_addr;
3105 if (addr >= ls_addr + LS_SIZE) {
3106 printf("*** Error: address outside of local store\n");
3112 addr += spu_inst_dump(addr, 16, 1);
3122 spu_info[num].dump_addr = addr;
3125 static int do_spu_cmd(void)
3127 static unsigned long num = 0;
3128 int cmd, subcmd = 0;
3140 if (isxdigit(subcmd) || subcmd == '\n')
3144 if (num >= XMON_NUM_SPUS || !spu_info[num].spu) {
3145 printf("*** Error: invalid spu number\n");
3151 dump_spu_fields(spu_info[num].spu);
3154 dump_spu_ls(num, subcmd);
3165 #else /* ! CONFIG_SPU_BASE */
3166 static int do_spu_cmd(void)