xref: /linux/arch/powerpc/xmon/xmon.c (revision ca55b2fef3a9373fcfc30f82fd26bc7fccbda732)
1 /*
2  * Routines providing a simple monitor for use on the PowerMac.
3  *
4  * Copyright (C) 1996-2005 Paul Mackerras.
5  * Copyright (C) 2001 PPC64 Team, IBM Corp
6  * Copyrignt (C) 2006 Michael Ellerman, IBM Corp
7  *
8  *      This program is free software; you can redistribute it and/or
9  *      modify it under the terms of the GNU General Public License
10  *      as published by the Free Software Foundation; either version
11  *      2 of the License, or (at your option) any later version.
12  */
13 #include <linux/errno.h>
14 #include <linux/sched.h>
15 #include <linux/smp.h>
16 #include <linux/mm.h>
17 #include <linux/reboot.h>
18 #include <linux/delay.h>
19 #include <linux/kallsyms.h>
20 #include <linux/kmsg_dump.h>
21 #include <linux/cpumask.h>
22 #include <linux/export.h>
23 #include <linux/sysrq.h>
24 #include <linux/interrupt.h>
25 #include <linux/irq.h>
26 #include <linux/bug.h>
27 #include <linux/nmi.h>
28 #include <linux/ctype.h>
29 
30 #include <asm/ptrace.h>
31 #include <asm/string.h>
32 #include <asm/prom.h>
33 #include <asm/machdep.h>
34 #include <asm/xmon.h>
35 #include <asm/processor.h>
36 #include <asm/pgtable.h>
37 #include <asm/mmu.h>
38 #include <asm/mmu_context.h>
39 #include <asm/cputable.h>
40 #include <asm/rtas.h>
41 #include <asm/sstep.h>
42 #include <asm/irq_regs.h>
43 #include <asm/spu.h>
44 #include <asm/spu_priv1.h>
45 #include <asm/setjmp.h>
46 #include <asm/reg.h>
47 #include <asm/debug.h>
48 #include <asm/hw_breakpoint.h>
49 
50 #ifdef CONFIG_PPC64
51 #include <asm/hvcall.h>
52 #include <asm/paca.h>
53 #endif
54 
55 #if defined(CONFIG_PPC_SPLPAR)
56 #include <asm/plpar_wrappers.h>
57 #else
58 static inline long plapr_set_ciabr(unsigned long ciabr) {return 0; };
59 #endif
60 
61 #include "nonstdio.h"
62 #include "dis-asm.h"
63 
64 #ifdef CONFIG_SMP
65 static cpumask_t cpus_in_xmon = CPU_MASK_NONE;
66 static unsigned long xmon_taken = 1;
67 static int xmon_owner;
68 static int xmon_gate;
69 #else
70 #define xmon_owner 0
71 #endif /* CONFIG_SMP */
72 
73 static unsigned long in_xmon __read_mostly = 0;
74 
75 static unsigned long adrs;
76 static int size = 1;
77 #define MAX_DUMP (128 * 1024)
78 static unsigned long ndump = 64;
79 static unsigned long nidump = 16;
80 static unsigned long ncsum = 4096;
81 static int termch;
82 static char tmpstr[128];
83 
84 static long bus_error_jmp[JMP_BUF_LEN];
85 static int catch_memory_errors;
86 static long *xmon_fault_jmp[NR_CPUS];
87 
88 /* Breakpoint stuff */
89 struct bpt {
90 	unsigned long	address;
91 	unsigned int	instr[2];
92 	atomic_t	ref_count;
93 	int		enabled;
94 	unsigned long	pad;
95 };
96 
97 /* Bits in bpt.enabled */
98 #define BP_CIABR	1
99 #define BP_TRAP		2
100 #define BP_DABR		4
101 
102 #define NBPTS	256
103 static struct bpt bpts[NBPTS];
104 static struct bpt dabr;
105 static struct bpt *iabr;
106 static unsigned bpinstr = 0x7fe00008;	/* trap */
107 
108 #define BP_NUM(bp)	((bp) - bpts + 1)
109 
110 /* Prototypes */
111 static int cmds(struct pt_regs *);
112 static int mread(unsigned long, void *, int);
113 static int mwrite(unsigned long, void *, int);
114 static int handle_fault(struct pt_regs *);
115 static void byterev(unsigned char *, int);
116 static void memex(void);
117 static int bsesc(void);
118 static void dump(void);
119 static void prdump(unsigned long, long);
120 static int ppc_inst_dump(unsigned long, long, int);
121 static void dump_log_buf(void);
122 static void backtrace(struct pt_regs *);
123 static void excprint(struct pt_regs *);
124 static void prregs(struct pt_regs *);
125 static void memops(int);
126 static void memlocate(void);
127 static void memzcan(void);
128 static void memdiffs(unsigned char *, unsigned char *, unsigned, unsigned);
129 int skipbl(void);
130 int scanhex(unsigned long *valp);
131 static void scannl(void);
132 static int hexdigit(int);
133 void getstring(char *, int);
134 static void flush_input(void);
135 static int inchar(void);
136 static void take_input(char *);
137 static unsigned long read_spr(int);
138 static void write_spr(int, unsigned long);
139 static void super_regs(void);
140 static void remove_bpts(void);
141 static void insert_bpts(void);
142 static void remove_cpu_bpts(void);
143 static void insert_cpu_bpts(void);
144 static struct bpt *at_breakpoint(unsigned long pc);
145 static struct bpt *in_breakpoint_table(unsigned long pc, unsigned long *offp);
146 static int  do_step(struct pt_regs *);
147 static void bpt_cmds(void);
148 static void cacheflush(void);
149 static int  cpu_cmd(void);
150 static void csum(void);
151 static void bootcmds(void);
152 static void proccall(void);
153 void dump_segments(void);
154 static void symbol_lookup(void);
155 static void xmon_show_stack(unsigned long sp, unsigned long lr,
156 			    unsigned long pc);
157 static void xmon_print_symbol(unsigned long address, const char *mid,
158 			      const char *after);
159 static const char *getvecname(unsigned long vec);
160 
161 static int do_spu_cmd(void);
162 
163 #ifdef CONFIG_44x
164 static void dump_tlb_44x(void);
165 #endif
166 #ifdef CONFIG_PPC_BOOK3E
167 static void dump_tlb_book3e(void);
168 #endif
169 
170 static int xmon_no_auto_backtrace;
171 
172 extern void xmon_enter(void);
173 extern void xmon_leave(void);
174 
175 #ifdef CONFIG_PPC64
176 #define REG		"%.16lx"
177 #else
178 #define REG		"%.8lx"
179 #endif
180 
181 #ifdef __LITTLE_ENDIAN__
182 #define GETWORD(v)	(((v)[3] << 24) + ((v)[2] << 16) + ((v)[1] << 8) + (v)[0])
183 #else
184 #define GETWORD(v)	(((v)[0] << 24) + ((v)[1] << 16) + ((v)[2] << 8) + (v)[3])
185 #endif
186 
187 static char *help_string = "\
188 Commands:\n\
189   b	show breakpoints\n\
190   bd	set data breakpoint\n\
191   bi	set instruction breakpoint\n\
192   bc	clear breakpoint\n"
193 #ifdef CONFIG_SMP
194   "\
195   c	print cpus stopped in xmon\n\
196   c#	try to switch to cpu number h (in hex)\n"
197 #endif
198   "\
199   C	checksum\n\
200   d	dump bytes\n\
201   di	dump instructions\n\
202   df	dump float values\n\
203   dd	dump double values\n\
204   dl    dump the kernel log buffer\n"
205 #ifdef CONFIG_PPC64
206   "\
207   dp[#]	dump paca for current cpu, or cpu #\n\
208   dpa	dump paca for all possible cpus\n"
209 #endif
210   "\
211   dr	dump stream of raw bytes\n\
212   e	print exception information\n\
213   f	flush cache\n\
214   la	lookup symbol+offset of specified address\n\
215   ls	lookup address of specified symbol\n\
216   m	examine/change memory\n\
217   mm	move a block of memory\n\
218   ms	set a block of memory\n\
219   md	compare two blocks of memory\n\
220   ml	locate a block of memory\n\
221   mz	zero a block of memory\n\
222   mi	show information about memory allocation\n\
223   p 	call a procedure\n\
224   r	print registers\n\
225   s	single step\n"
226 #ifdef CONFIG_SPU_BASE
227 "  ss	stop execution on all spus\n\
228   sr	restore execution on stopped spus\n\
229   sf  #	dump spu fields for spu # (in hex)\n\
230   sd  #	dump spu local store for spu # (in hex)\n\
231   sdi #	disassemble spu local store for spu # (in hex)\n"
232 #endif
233 "  S	print special registers\n\
234   t	print backtrace\n\
235   x	exit monitor and recover\n\
236   X	exit monitor and dont recover\n"
237 #if defined(CONFIG_PPC64) && !defined(CONFIG_PPC_BOOK3E)
238 "  u	dump segment table or SLB\n"
239 #elif defined(CONFIG_PPC_STD_MMU_32)
240 "  u	dump segment registers\n"
241 #elif defined(CONFIG_44x) || defined(CONFIG_PPC_BOOK3E)
242 "  u	dump TLB\n"
243 #endif
244 "  ?	help\n"
245 "  zr	reboot\n\
246   zh	halt\n"
247 ;
248 
249 static struct pt_regs *xmon_regs;
250 
251 static inline void sync(void)
252 {
253 	asm volatile("sync; isync");
254 }
255 
256 static inline void store_inst(void *p)
257 {
258 	asm volatile ("dcbst 0,%0; sync; icbi 0,%0; isync" : : "r" (p));
259 }
260 
261 static inline void cflush(void *p)
262 {
263 	asm volatile ("dcbf 0,%0; icbi 0,%0" : : "r" (p));
264 }
265 
266 static inline void cinval(void *p)
267 {
268 	asm volatile ("dcbi 0,%0; icbi 0,%0" : : "r" (p));
269 }
270 
271 /**
272  * write_ciabr() - write the CIABR SPR
273  * @ciabr:	The value to write.
274  *
275  * This function writes a value to the CIARB register either directly
276  * through mtspr instruction if the kernel is in HV privilege mode or
277  * call a hypervisor function to achieve the same in case the kernel
278  * is in supervisor privilege mode.
279  */
280 static void write_ciabr(unsigned long ciabr)
281 {
282 	if (!cpu_has_feature(CPU_FTR_ARCH_207S))
283 		return;
284 
285 	if (cpu_has_feature(CPU_FTR_HVMODE)) {
286 		mtspr(SPRN_CIABR, ciabr);
287 		return;
288 	}
289 	plapr_set_ciabr(ciabr);
290 }
291 
292 /**
293  * set_ciabr() - set the CIABR
294  * @addr:	The value to set.
295  *
296  * This function sets the correct privilege value into the the HW
297  * breakpoint address before writing it up in the CIABR register.
298  */
299 static void set_ciabr(unsigned long addr)
300 {
301 	addr &= ~CIABR_PRIV;
302 
303 	if (cpu_has_feature(CPU_FTR_HVMODE))
304 		addr |= CIABR_PRIV_HYPER;
305 	else
306 		addr |= CIABR_PRIV_SUPER;
307 	write_ciabr(addr);
308 }
309 
310 /*
311  * Disable surveillance (the service processor watchdog function)
312  * while we are in xmon.
313  * XXX we should re-enable it when we leave. :)
314  */
315 #define SURVEILLANCE_TOKEN	9000
316 
317 static inline void disable_surveillance(void)
318 {
319 #ifdef CONFIG_PPC_PSERIES
320 	/* Since this can't be a module, args should end up below 4GB. */
321 	static struct rtas_args args;
322 
323 	/*
324 	 * At this point we have got all the cpus we can into
325 	 * xmon, so there is hopefully no other cpu calling RTAS
326 	 * at the moment, even though we don't take rtas.lock.
327 	 * If we did try to take rtas.lock there would be a
328 	 * real possibility of deadlock.
329 	 */
330 	args.token = rtas_token("set-indicator");
331 	if (args.token == RTAS_UNKNOWN_SERVICE)
332 		return;
333 	args.token = cpu_to_be32(args.token);
334 	args.nargs = cpu_to_be32(3);
335 	args.nret = cpu_to_be32(1);
336 	args.rets = &args.args[3];
337 	args.args[0] = cpu_to_be32(SURVEILLANCE_TOKEN);
338 	args.args[1] = 0;
339 	args.args[2] = 0;
340 	enter_rtas(__pa(&args));
341 #endif /* CONFIG_PPC_PSERIES */
342 }
343 
344 #ifdef CONFIG_SMP
345 static int xmon_speaker;
346 
347 static void get_output_lock(void)
348 {
349 	int me = smp_processor_id() + 0x100;
350 	int last_speaker = 0, prev;
351 	long timeout;
352 
353 	if (xmon_speaker == me)
354 		return;
355 
356 	for (;;) {
357 		last_speaker = cmpxchg(&xmon_speaker, 0, me);
358 		if (last_speaker == 0)
359 			return;
360 
361 		/*
362 		 * Wait a full second for the lock, we might be on a slow
363 		 * console, but check every 100us.
364 		 */
365 		timeout = 10000;
366 		while (xmon_speaker == last_speaker) {
367 			if (--timeout > 0) {
368 				udelay(100);
369 				continue;
370 			}
371 
372 			/* hostile takeover */
373 			prev = cmpxchg(&xmon_speaker, last_speaker, me);
374 			if (prev == last_speaker)
375 				return;
376 			break;
377 		}
378 	}
379 }
380 
381 static void release_output_lock(void)
382 {
383 	xmon_speaker = 0;
384 }
385 
386 int cpus_are_in_xmon(void)
387 {
388 	return !cpumask_empty(&cpus_in_xmon);
389 }
390 #endif
391 
392 static inline int unrecoverable_excp(struct pt_regs *regs)
393 {
394 #if defined(CONFIG_4xx) || defined(CONFIG_PPC_BOOK3E)
395 	/* We have no MSR_RI bit on 4xx or Book3e, so we simply return false */
396 	return 0;
397 #else
398 	return ((regs->msr & MSR_RI) == 0);
399 #endif
400 }
401 
402 static int xmon_core(struct pt_regs *regs, int fromipi)
403 {
404 	int cmd = 0;
405 	struct bpt *bp;
406 	long recurse_jmp[JMP_BUF_LEN];
407 	unsigned long offset;
408 	unsigned long flags;
409 #ifdef CONFIG_SMP
410 	int cpu;
411 	int secondary;
412 	unsigned long timeout;
413 #endif
414 
415 	local_irq_save(flags);
416 	hard_irq_disable();
417 
418 	bp = in_breakpoint_table(regs->nip, &offset);
419 	if (bp != NULL) {
420 		regs->nip = bp->address + offset;
421 		atomic_dec(&bp->ref_count);
422 	}
423 
424 	remove_cpu_bpts();
425 
426 #ifdef CONFIG_SMP
427 	cpu = smp_processor_id();
428 	if (cpumask_test_cpu(cpu, &cpus_in_xmon)) {
429 		get_output_lock();
430 		excprint(regs);
431 		printf("cpu 0x%x: Exception %lx %s in xmon, "
432 		       "returning to main loop\n",
433 		       cpu, regs->trap, getvecname(TRAP(regs)));
434 		release_output_lock();
435 		longjmp(xmon_fault_jmp[cpu], 1);
436 	}
437 
438 	if (setjmp(recurse_jmp) != 0) {
439 		if (!in_xmon || !xmon_gate) {
440 			get_output_lock();
441 			printf("xmon: WARNING: bad recursive fault "
442 			       "on cpu 0x%x\n", cpu);
443 			release_output_lock();
444 			goto waiting;
445 		}
446 		secondary = !(xmon_taken && cpu == xmon_owner);
447 		goto cmdloop;
448 	}
449 
450 	xmon_fault_jmp[cpu] = recurse_jmp;
451 
452 	bp = NULL;
453 	if ((regs->msr & (MSR_IR|MSR_PR|MSR_64BIT)) == (MSR_IR|MSR_64BIT))
454 		bp = at_breakpoint(regs->nip);
455 	if (bp || unrecoverable_excp(regs))
456 		fromipi = 0;
457 
458 	if (!fromipi) {
459 		get_output_lock();
460 		excprint(regs);
461 		if (bp) {
462 			printf("cpu 0x%x stopped at breakpoint 0x%lx (",
463 			       cpu, BP_NUM(bp));
464 			xmon_print_symbol(regs->nip, " ", ")\n");
465 		}
466 		if (unrecoverable_excp(regs))
467 			printf("WARNING: exception is not recoverable, "
468 			       "can't continue\n");
469 		release_output_lock();
470 	}
471 
472 	cpumask_set_cpu(cpu, &cpus_in_xmon);
473 
474  waiting:
475 	secondary = 1;
476 	while (secondary && !xmon_gate) {
477 		if (in_xmon == 0) {
478 			if (fromipi)
479 				goto leave;
480 			secondary = test_and_set_bit(0, &in_xmon);
481 		}
482 		barrier();
483 	}
484 
485 	if (!secondary && !xmon_gate) {
486 		/* we are the first cpu to come in */
487 		/* interrupt other cpu(s) */
488 		int ncpus = num_online_cpus();
489 
490 		xmon_owner = cpu;
491 		mb();
492 		if (ncpus > 1) {
493 			smp_send_debugger_break();
494 			/* wait for other cpus to come in */
495 			for (timeout = 100000000; timeout != 0; --timeout) {
496 				if (cpumask_weight(&cpus_in_xmon) >= ncpus)
497 					break;
498 				barrier();
499 			}
500 		}
501 		remove_bpts();
502 		disable_surveillance();
503 		/* for breakpoint or single step, print the current instr. */
504 		if (bp || TRAP(regs) == 0xd00)
505 			ppc_inst_dump(regs->nip, 1, 0);
506 		printf("enter ? for help\n");
507 		mb();
508 		xmon_gate = 1;
509 		barrier();
510 	}
511 
512  cmdloop:
513 	while (in_xmon) {
514 		if (secondary) {
515 			if (cpu == xmon_owner) {
516 				if (!test_and_set_bit(0, &xmon_taken)) {
517 					secondary = 0;
518 					continue;
519 				}
520 				/* missed it */
521 				while (cpu == xmon_owner)
522 					barrier();
523 			}
524 			barrier();
525 		} else {
526 			cmd = cmds(regs);
527 			if (cmd != 0) {
528 				/* exiting xmon */
529 				insert_bpts();
530 				xmon_gate = 0;
531 				wmb();
532 				in_xmon = 0;
533 				break;
534 			}
535 			/* have switched to some other cpu */
536 			secondary = 1;
537 		}
538 	}
539  leave:
540 	cpumask_clear_cpu(cpu, &cpus_in_xmon);
541 	xmon_fault_jmp[cpu] = NULL;
542 #else
543 	/* UP is simple... */
544 	if (in_xmon) {
545 		printf("Exception %lx %s in xmon, returning to main loop\n",
546 		       regs->trap, getvecname(TRAP(regs)));
547 		longjmp(xmon_fault_jmp[0], 1);
548 	}
549 	if (setjmp(recurse_jmp) == 0) {
550 		xmon_fault_jmp[0] = recurse_jmp;
551 		in_xmon = 1;
552 
553 		excprint(regs);
554 		bp = at_breakpoint(regs->nip);
555 		if (bp) {
556 			printf("Stopped at breakpoint %lx (", BP_NUM(bp));
557 			xmon_print_symbol(regs->nip, " ", ")\n");
558 		}
559 		if (unrecoverable_excp(regs))
560 			printf("WARNING: exception is not recoverable, "
561 			       "can't continue\n");
562 		remove_bpts();
563 		disable_surveillance();
564 		/* for breakpoint or single step, print the current instr. */
565 		if (bp || TRAP(regs) == 0xd00)
566 			ppc_inst_dump(regs->nip, 1, 0);
567 		printf("enter ? for help\n");
568 	}
569 
570 	cmd = cmds(regs);
571 
572 	insert_bpts();
573 	in_xmon = 0;
574 #endif
575 
576 #ifdef CONFIG_BOOKE
577 	if (regs->msr & MSR_DE) {
578 		bp = at_breakpoint(regs->nip);
579 		if (bp != NULL) {
580 			regs->nip = (unsigned long) &bp->instr[0];
581 			atomic_inc(&bp->ref_count);
582 		}
583 	}
584 #else
585 	if ((regs->msr & (MSR_IR|MSR_PR|MSR_64BIT)) == (MSR_IR|MSR_64BIT)) {
586 		bp = at_breakpoint(regs->nip);
587 		if (bp != NULL) {
588 			int stepped = emulate_step(regs, bp->instr[0]);
589 			if (stepped == 0) {
590 				regs->nip = (unsigned long) &bp->instr[0];
591 				atomic_inc(&bp->ref_count);
592 			} else if (stepped < 0) {
593 				printf("Couldn't single-step %s instruction\n",
594 				    (IS_RFID(bp->instr[0])? "rfid": "mtmsrd"));
595 			}
596 		}
597 	}
598 #endif
599 	insert_cpu_bpts();
600 
601 	touch_nmi_watchdog();
602 	local_irq_restore(flags);
603 
604 	return cmd != 'X' && cmd != EOF;
605 }
606 
607 int xmon(struct pt_regs *excp)
608 {
609 	struct pt_regs regs;
610 
611 	if (excp == NULL) {
612 		ppc_save_regs(&regs);
613 		excp = &regs;
614 	}
615 
616 	return xmon_core(excp, 0);
617 }
618 EXPORT_SYMBOL(xmon);
619 
620 irqreturn_t xmon_irq(int irq, void *d)
621 {
622 	unsigned long flags;
623 	local_irq_save(flags);
624 	printf("Keyboard interrupt\n");
625 	xmon(get_irq_regs());
626 	local_irq_restore(flags);
627 	return IRQ_HANDLED;
628 }
629 
630 static int xmon_bpt(struct pt_regs *regs)
631 {
632 	struct bpt *bp;
633 	unsigned long offset;
634 
635 	if ((regs->msr & (MSR_IR|MSR_PR|MSR_64BIT)) != (MSR_IR|MSR_64BIT))
636 		return 0;
637 
638 	/* Are we at the trap at bp->instr[1] for some bp? */
639 	bp = in_breakpoint_table(regs->nip, &offset);
640 	if (bp != NULL && offset == 4) {
641 		regs->nip = bp->address + 4;
642 		atomic_dec(&bp->ref_count);
643 		return 1;
644 	}
645 
646 	/* Are we at a breakpoint? */
647 	bp = at_breakpoint(regs->nip);
648 	if (!bp)
649 		return 0;
650 
651 	xmon_core(regs, 0);
652 
653 	return 1;
654 }
655 
656 static int xmon_sstep(struct pt_regs *regs)
657 {
658 	if (user_mode(regs))
659 		return 0;
660 	xmon_core(regs, 0);
661 	return 1;
662 }
663 
664 static int xmon_break_match(struct pt_regs *regs)
665 {
666 	if ((regs->msr & (MSR_IR|MSR_PR|MSR_64BIT)) != (MSR_IR|MSR_64BIT))
667 		return 0;
668 	if (dabr.enabled == 0)
669 		return 0;
670 	xmon_core(regs, 0);
671 	return 1;
672 }
673 
674 static int xmon_iabr_match(struct pt_regs *regs)
675 {
676 	if ((regs->msr & (MSR_IR|MSR_PR|MSR_64BIT)) != (MSR_IR|MSR_64BIT))
677 		return 0;
678 	if (iabr == NULL)
679 		return 0;
680 	xmon_core(regs, 0);
681 	return 1;
682 }
683 
684 static int xmon_ipi(struct pt_regs *regs)
685 {
686 #ifdef CONFIG_SMP
687 	if (in_xmon && !cpumask_test_cpu(smp_processor_id(), &cpus_in_xmon))
688 		xmon_core(regs, 1);
689 #endif
690 	return 0;
691 }
692 
693 static int xmon_fault_handler(struct pt_regs *regs)
694 {
695 	struct bpt *bp;
696 	unsigned long offset;
697 
698 	if (in_xmon && catch_memory_errors)
699 		handle_fault(regs);	/* doesn't return */
700 
701 	if ((regs->msr & (MSR_IR|MSR_PR|MSR_64BIT)) == (MSR_IR|MSR_64BIT)) {
702 		bp = in_breakpoint_table(regs->nip, &offset);
703 		if (bp != NULL) {
704 			regs->nip = bp->address + offset;
705 			atomic_dec(&bp->ref_count);
706 		}
707 	}
708 
709 	return 0;
710 }
711 
712 static struct bpt *at_breakpoint(unsigned long pc)
713 {
714 	int i;
715 	struct bpt *bp;
716 
717 	bp = bpts;
718 	for (i = 0; i < NBPTS; ++i, ++bp)
719 		if (bp->enabled && pc == bp->address)
720 			return bp;
721 	return NULL;
722 }
723 
724 static struct bpt *in_breakpoint_table(unsigned long nip, unsigned long *offp)
725 {
726 	unsigned long off;
727 
728 	off = nip - (unsigned long) bpts;
729 	if (off >= sizeof(bpts))
730 		return NULL;
731 	off %= sizeof(struct bpt);
732 	if (off != offsetof(struct bpt, instr[0])
733 	    && off != offsetof(struct bpt, instr[1]))
734 		return NULL;
735 	*offp = off - offsetof(struct bpt, instr[0]);
736 	return (struct bpt *) (nip - off);
737 }
738 
739 static struct bpt *new_breakpoint(unsigned long a)
740 {
741 	struct bpt *bp;
742 
743 	a &= ~3UL;
744 	bp = at_breakpoint(a);
745 	if (bp)
746 		return bp;
747 
748 	for (bp = bpts; bp < &bpts[NBPTS]; ++bp) {
749 		if (!bp->enabled && atomic_read(&bp->ref_count) == 0) {
750 			bp->address = a;
751 			bp->instr[1] = bpinstr;
752 			store_inst(&bp->instr[1]);
753 			return bp;
754 		}
755 	}
756 
757 	printf("Sorry, no free breakpoints.  Please clear one first.\n");
758 	return NULL;
759 }
760 
761 static void insert_bpts(void)
762 {
763 	int i;
764 	struct bpt *bp;
765 
766 	bp = bpts;
767 	for (i = 0; i < NBPTS; ++i, ++bp) {
768 		if ((bp->enabled & (BP_TRAP|BP_CIABR)) == 0)
769 			continue;
770 		if (mread(bp->address, &bp->instr[0], 4) != 4) {
771 			printf("Couldn't read instruction at %lx, "
772 			       "disabling breakpoint there\n", bp->address);
773 			bp->enabled = 0;
774 			continue;
775 		}
776 		if (IS_MTMSRD(bp->instr[0]) || IS_RFID(bp->instr[0])) {
777 			printf("Breakpoint at %lx is on an mtmsrd or rfid "
778 			       "instruction, disabling it\n", bp->address);
779 			bp->enabled = 0;
780 			continue;
781 		}
782 		store_inst(&bp->instr[0]);
783 		if (bp->enabled & BP_CIABR)
784 			continue;
785 		if (mwrite(bp->address, &bpinstr, 4) != 4) {
786 			printf("Couldn't write instruction at %lx, "
787 			       "disabling breakpoint there\n", bp->address);
788 			bp->enabled &= ~BP_TRAP;
789 			continue;
790 		}
791 		store_inst((void *)bp->address);
792 	}
793 }
794 
795 static void insert_cpu_bpts(void)
796 {
797 	struct arch_hw_breakpoint brk;
798 
799 	if (dabr.enabled) {
800 		brk.address = dabr.address;
801 		brk.type = (dabr.enabled & HW_BRK_TYPE_DABR) | HW_BRK_TYPE_PRIV_ALL;
802 		brk.len = 8;
803 		__set_breakpoint(&brk);
804 	}
805 
806 	if (iabr)
807 		set_ciabr(iabr->address);
808 }
809 
810 static void remove_bpts(void)
811 {
812 	int i;
813 	struct bpt *bp;
814 	unsigned instr;
815 
816 	bp = bpts;
817 	for (i = 0; i < NBPTS; ++i, ++bp) {
818 		if ((bp->enabled & (BP_TRAP|BP_CIABR)) != BP_TRAP)
819 			continue;
820 		if (mread(bp->address, &instr, 4) == 4
821 		    && instr == bpinstr
822 		    && mwrite(bp->address, &bp->instr, 4) != 4)
823 			printf("Couldn't remove breakpoint at %lx\n",
824 			       bp->address);
825 		else
826 			store_inst((void *)bp->address);
827 	}
828 }
829 
830 static void remove_cpu_bpts(void)
831 {
832 	hw_breakpoint_disable();
833 	write_ciabr(0);
834 }
835 
836 /* Command interpreting routine */
837 static char *last_cmd;
838 
839 static int
840 cmds(struct pt_regs *excp)
841 {
842 	int cmd = 0;
843 
844 	last_cmd = NULL;
845 	xmon_regs = excp;
846 
847 	if (!xmon_no_auto_backtrace) {
848 		xmon_no_auto_backtrace = 1;
849 		xmon_show_stack(excp->gpr[1], excp->link, excp->nip);
850 	}
851 
852 	for(;;) {
853 #ifdef CONFIG_SMP
854 		printf("%x:", smp_processor_id());
855 #endif /* CONFIG_SMP */
856 		printf("mon> ");
857 		flush_input();
858 		termch = 0;
859 		cmd = skipbl();
860 		if( cmd == '\n' ) {
861 			if (last_cmd == NULL)
862 				continue;
863 			take_input(last_cmd);
864 			last_cmd = NULL;
865 			cmd = inchar();
866 		}
867 		switch (cmd) {
868 		case 'm':
869 			cmd = inchar();
870 			switch (cmd) {
871 			case 'm':
872 			case 's':
873 			case 'd':
874 				memops(cmd);
875 				break;
876 			case 'l':
877 				memlocate();
878 				break;
879 			case 'z':
880 				memzcan();
881 				break;
882 			case 'i':
883 				show_mem(0);
884 				break;
885 			default:
886 				termch = cmd;
887 				memex();
888 			}
889 			break;
890 		case 'd':
891 			dump();
892 			break;
893 		case 'l':
894 			symbol_lookup();
895 			break;
896 		case 'r':
897 			prregs(excp);	/* print regs */
898 			break;
899 		case 'e':
900 			excprint(excp);
901 			break;
902 		case 'S':
903 			super_regs();
904 			break;
905 		case 't':
906 			backtrace(excp);
907 			break;
908 		case 'f':
909 			cacheflush();
910 			break;
911 		case 's':
912 			if (do_spu_cmd() == 0)
913 				break;
914 			if (do_step(excp))
915 				return cmd;
916 			break;
917 		case 'x':
918 		case 'X':
919 			return cmd;
920 		case EOF:
921 			printf(" <no input ...>\n");
922 			mdelay(2000);
923 			return cmd;
924 		case '?':
925 			xmon_puts(help_string);
926 			break;
927 		case 'b':
928 			bpt_cmds();
929 			break;
930 		case 'C':
931 			csum();
932 			break;
933 		case 'c':
934 			if (cpu_cmd())
935 				return 0;
936 			break;
937 		case 'z':
938 			bootcmds();
939 			break;
940 		case 'p':
941 			proccall();
942 			break;
943 #ifdef CONFIG_PPC_STD_MMU
944 		case 'u':
945 			dump_segments();
946 			break;
947 #elif defined(CONFIG_44x)
948 		case 'u':
949 			dump_tlb_44x();
950 			break;
951 #elif defined(CONFIG_PPC_BOOK3E)
952 		case 'u':
953 			dump_tlb_book3e();
954 			break;
955 #endif
956 		default:
957 			printf("Unrecognized command: ");
958 			do {
959 				if (' ' < cmd && cmd <= '~')
960 					putchar(cmd);
961 				else
962 					printf("\\x%x", cmd);
963 				cmd = inchar();
964 			} while (cmd != '\n');
965 			printf(" (type ? for help)\n");
966 			break;
967 		}
968 	}
969 }
970 
971 #ifdef CONFIG_BOOKE
972 static int do_step(struct pt_regs *regs)
973 {
974 	regs->msr |= MSR_DE;
975 	mtspr(SPRN_DBCR0, mfspr(SPRN_DBCR0) | DBCR0_IC | DBCR0_IDM);
976 	return 1;
977 }
978 #else
979 /*
980  * Step a single instruction.
981  * Some instructions we emulate, others we execute with MSR_SE set.
982  */
983 static int do_step(struct pt_regs *regs)
984 {
985 	unsigned int instr;
986 	int stepped;
987 
988 	/* check we are in 64-bit kernel mode, translation enabled */
989 	if ((regs->msr & (MSR_64BIT|MSR_PR|MSR_IR)) == (MSR_64BIT|MSR_IR)) {
990 		if (mread(regs->nip, &instr, 4) == 4) {
991 			stepped = emulate_step(regs, instr);
992 			if (stepped < 0) {
993 				printf("Couldn't single-step %s instruction\n",
994 				       (IS_RFID(instr)? "rfid": "mtmsrd"));
995 				return 0;
996 			}
997 			if (stepped > 0) {
998 				regs->trap = 0xd00 | (regs->trap & 1);
999 				printf("stepped to ");
1000 				xmon_print_symbol(regs->nip, " ", "\n");
1001 				ppc_inst_dump(regs->nip, 1, 0);
1002 				return 0;
1003 			}
1004 		}
1005 	}
1006 	regs->msr |= MSR_SE;
1007 	return 1;
1008 }
1009 #endif
1010 
1011 static void bootcmds(void)
1012 {
1013 	int cmd;
1014 
1015 	cmd = inchar();
1016 	if (cmd == 'r')
1017 		ppc_md.restart(NULL);
1018 	else if (cmd == 'h')
1019 		ppc_md.halt();
1020 	else if (cmd == 'p')
1021 		if (pm_power_off)
1022 			pm_power_off();
1023 }
1024 
1025 static int cpu_cmd(void)
1026 {
1027 #ifdef CONFIG_SMP
1028 	unsigned long cpu, first_cpu, last_cpu;
1029 	int timeout;
1030 
1031 	if (!scanhex(&cpu)) {
1032 		/* print cpus waiting or in xmon */
1033 		printf("cpus stopped:");
1034 		last_cpu = first_cpu = NR_CPUS;
1035 		for_each_possible_cpu(cpu) {
1036 			if (cpumask_test_cpu(cpu, &cpus_in_xmon)) {
1037 				if (cpu == last_cpu + 1) {
1038 					last_cpu = cpu;
1039 				} else {
1040 					if (last_cpu != first_cpu)
1041 						printf("-0x%lx", last_cpu);
1042 					last_cpu = first_cpu = cpu;
1043 					printf(" 0x%lx", cpu);
1044 				}
1045 			}
1046 		}
1047 		if (last_cpu != first_cpu)
1048 			printf("-0x%lx", last_cpu);
1049 		printf("\n");
1050 		return 0;
1051 	}
1052 	/* try to switch to cpu specified */
1053 	if (!cpumask_test_cpu(cpu, &cpus_in_xmon)) {
1054 		printf("cpu 0x%x isn't in xmon\n", cpu);
1055 		return 0;
1056 	}
1057 	xmon_taken = 0;
1058 	mb();
1059 	xmon_owner = cpu;
1060 	timeout = 10000000;
1061 	while (!xmon_taken) {
1062 		if (--timeout == 0) {
1063 			if (test_and_set_bit(0, &xmon_taken))
1064 				break;
1065 			/* take control back */
1066 			mb();
1067 			xmon_owner = smp_processor_id();
1068 			printf("cpu 0x%x didn't take control\n", cpu);
1069 			return 0;
1070 		}
1071 		barrier();
1072 	}
1073 	return 1;
1074 #else
1075 	return 0;
1076 #endif /* CONFIG_SMP */
1077 }
1078 
1079 static unsigned short fcstab[256] = {
1080 	0x0000, 0x1189, 0x2312, 0x329b, 0x4624, 0x57ad, 0x6536, 0x74bf,
1081 	0x8c48, 0x9dc1, 0xaf5a, 0xbed3, 0xca6c, 0xdbe5, 0xe97e, 0xf8f7,
1082 	0x1081, 0x0108, 0x3393, 0x221a, 0x56a5, 0x472c, 0x75b7, 0x643e,
1083 	0x9cc9, 0x8d40, 0xbfdb, 0xae52, 0xdaed, 0xcb64, 0xf9ff, 0xe876,
1084 	0x2102, 0x308b, 0x0210, 0x1399, 0x6726, 0x76af, 0x4434, 0x55bd,
1085 	0xad4a, 0xbcc3, 0x8e58, 0x9fd1, 0xeb6e, 0xfae7, 0xc87c, 0xd9f5,
1086 	0x3183, 0x200a, 0x1291, 0x0318, 0x77a7, 0x662e, 0x54b5, 0x453c,
1087 	0xbdcb, 0xac42, 0x9ed9, 0x8f50, 0xfbef, 0xea66, 0xd8fd, 0xc974,
1088 	0x4204, 0x538d, 0x6116, 0x709f, 0x0420, 0x15a9, 0x2732, 0x36bb,
1089 	0xce4c, 0xdfc5, 0xed5e, 0xfcd7, 0x8868, 0x99e1, 0xab7a, 0xbaf3,
1090 	0x5285, 0x430c, 0x7197, 0x601e, 0x14a1, 0x0528, 0x37b3, 0x263a,
1091 	0xdecd, 0xcf44, 0xfddf, 0xec56, 0x98e9, 0x8960, 0xbbfb, 0xaa72,
1092 	0x6306, 0x728f, 0x4014, 0x519d, 0x2522, 0x34ab, 0x0630, 0x17b9,
1093 	0xef4e, 0xfec7, 0xcc5c, 0xddd5, 0xa96a, 0xb8e3, 0x8a78, 0x9bf1,
1094 	0x7387, 0x620e, 0x5095, 0x411c, 0x35a3, 0x242a, 0x16b1, 0x0738,
1095 	0xffcf, 0xee46, 0xdcdd, 0xcd54, 0xb9eb, 0xa862, 0x9af9, 0x8b70,
1096 	0x8408, 0x9581, 0xa71a, 0xb693, 0xc22c, 0xd3a5, 0xe13e, 0xf0b7,
1097 	0x0840, 0x19c9, 0x2b52, 0x3adb, 0x4e64, 0x5fed, 0x6d76, 0x7cff,
1098 	0x9489, 0x8500, 0xb79b, 0xa612, 0xd2ad, 0xc324, 0xf1bf, 0xe036,
1099 	0x18c1, 0x0948, 0x3bd3, 0x2a5a, 0x5ee5, 0x4f6c, 0x7df7, 0x6c7e,
1100 	0xa50a, 0xb483, 0x8618, 0x9791, 0xe32e, 0xf2a7, 0xc03c, 0xd1b5,
1101 	0x2942, 0x38cb, 0x0a50, 0x1bd9, 0x6f66, 0x7eef, 0x4c74, 0x5dfd,
1102 	0xb58b, 0xa402, 0x9699, 0x8710, 0xf3af, 0xe226, 0xd0bd, 0xc134,
1103 	0x39c3, 0x284a, 0x1ad1, 0x0b58, 0x7fe7, 0x6e6e, 0x5cf5, 0x4d7c,
1104 	0xc60c, 0xd785, 0xe51e, 0xf497, 0x8028, 0x91a1, 0xa33a, 0xb2b3,
1105 	0x4a44, 0x5bcd, 0x6956, 0x78df, 0x0c60, 0x1de9, 0x2f72, 0x3efb,
1106 	0xd68d, 0xc704, 0xf59f, 0xe416, 0x90a9, 0x8120, 0xb3bb, 0xa232,
1107 	0x5ac5, 0x4b4c, 0x79d7, 0x685e, 0x1ce1, 0x0d68, 0x3ff3, 0x2e7a,
1108 	0xe70e, 0xf687, 0xc41c, 0xd595, 0xa12a, 0xb0a3, 0x8238, 0x93b1,
1109 	0x6b46, 0x7acf, 0x4854, 0x59dd, 0x2d62, 0x3ceb, 0x0e70, 0x1ff9,
1110 	0xf78f, 0xe606, 0xd49d, 0xc514, 0xb1ab, 0xa022, 0x92b9, 0x8330,
1111 	0x7bc7, 0x6a4e, 0x58d5, 0x495c, 0x3de3, 0x2c6a, 0x1ef1, 0x0f78
1112 };
1113 
1114 #define FCS(fcs, c)	(((fcs) >> 8) ^ fcstab[((fcs) ^ (c)) & 0xff])
1115 
1116 static void
1117 csum(void)
1118 {
1119 	unsigned int i;
1120 	unsigned short fcs;
1121 	unsigned char v;
1122 
1123 	if (!scanhex(&adrs))
1124 		return;
1125 	if (!scanhex(&ncsum))
1126 		return;
1127 	fcs = 0xffff;
1128 	for (i = 0; i < ncsum; ++i) {
1129 		if (mread(adrs+i, &v, 1) == 0) {
1130 			printf("csum stopped at "REG"\n", adrs+i);
1131 			break;
1132 		}
1133 		fcs = FCS(fcs, v);
1134 	}
1135 	printf("%x\n", fcs);
1136 }
1137 
1138 /*
1139  * Check if this is a suitable place to put a breakpoint.
1140  */
1141 static long check_bp_loc(unsigned long addr)
1142 {
1143 	unsigned int instr;
1144 
1145 	addr &= ~3;
1146 	if (!is_kernel_addr(addr)) {
1147 		printf("Breakpoints may only be placed at kernel addresses\n");
1148 		return 0;
1149 	}
1150 	if (!mread(addr, &instr, sizeof(instr))) {
1151 		printf("Can't read instruction at address %lx\n", addr);
1152 		return 0;
1153 	}
1154 	if (IS_MTMSRD(instr) || IS_RFID(instr)) {
1155 		printf("Breakpoints may not be placed on mtmsrd or rfid "
1156 		       "instructions\n");
1157 		return 0;
1158 	}
1159 	return 1;
1160 }
1161 
1162 static char *breakpoint_help_string =
1163     "Breakpoint command usage:\n"
1164     "b                show breakpoints\n"
1165     "b <addr> [cnt]   set breakpoint at given instr addr\n"
1166     "bc               clear all breakpoints\n"
1167     "bc <n/addr>      clear breakpoint number n or at addr\n"
1168     "bi <addr> [cnt]  set hardware instr breakpoint (POWER8 only)\n"
1169     "bd <addr> [cnt]  set hardware data breakpoint\n"
1170     "";
1171 
1172 static void
1173 bpt_cmds(void)
1174 {
1175 	int cmd;
1176 	unsigned long a;
1177 	int mode, i;
1178 	struct bpt *bp;
1179 	const char badaddr[] = "Only kernel addresses are permitted "
1180 		"for breakpoints\n";
1181 
1182 	cmd = inchar();
1183 	switch (cmd) {
1184 #ifndef CONFIG_8xx
1185 	case 'd':	/* bd - hardware data breakpoint */
1186 		mode = 7;
1187 		cmd = inchar();
1188 		if (cmd == 'r')
1189 			mode = 5;
1190 		else if (cmd == 'w')
1191 			mode = 6;
1192 		else
1193 			termch = cmd;
1194 		dabr.address = 0;
1195 		dabr.enabled = 0;
1196 		if (scanhex(&dabr.address)) {
1197 			if (!is_kernel_addr(dabr.address)) {
1198 				printf(badaddr);
1199 				break;
1200 			}
1201 			dabr.address &= ~HW_BRK_TYPE_DABR;
1202 			dabr.enabled = mode | BP_DABR;
1203 		}
1204 		break;
1205 
1206 	case 'i':	/* bi - hardware instr breakpoint */
1207 		if (!cpu_has_feature(CPU_FTR_ARCH_207S)) {
1208 			printf("Hardware instruction breakpoint "
1209 			       "not supported on this cpu\n");
1210 			break;
1211 		}
1212 		if (iabr) {
1213 			iabr->enabled &= ~BP_CIABR;
1214 			iabr = NULL;
1215 		}
1216 		if (!scanhex(&a))
1217 			break;
1218 		if (!check_bp_loc(a))
1219 			break;
1220 		bp = new_breakpoint(a);
1221 		if (bp != NULL) {
1222 			bp->enabled |= BP_CIABR;
1223 			iabr = bp;
1224 		}
1225 		break;
1226 #endif
1227 
1228 	case 'c':
1229 		if (!scanhex(&a)) {
1230 			/* clear all breakpoints */
1231 			for (i = 0; i < NBPTS; ++i)
1232 				bpts[i].enabled = 0;
1233 			iabr = NULL;
1234 			dabr.enabled = 0;
1235 			printf("All breakpoints cleared\n");
1236 			break;
1237 		}
1238 
1239 		if (a <= NBPTS && a >= 1) {
1240 			/* assume a breakpoint number */
1241 			bp = &bpts[a-1];	/* bp nums are 1 based */
1242 		} else {
1243 			/* assume a breakpoint address */
1244 			bp = at_breakpoint(a);
1245 			if (bp == NULL) {
1246 				printf("No breakpoint at %lx\n", a);
1247 				break;
1248 			}
1249 		}
1250 
1251 		printf("Cleared breakpoint %lx (", BP_NUM(bp));
1252 		xmon_print_symbol(bp->address, " ", ")\n");
1253 		bp->enabled = 0;
1254 		break;
1255 
1256 	default:
1257 		termch = cmd;
1258 		cmd = skipbl();
1259 		if (cmd == '?') {
1260 			printf(breakpoint_help_string);
1261 			break;
1262 		}
1263 		termch = cmd;
1264 		if (!scanhex(&a)) {
1265 			/* print all breakpoints */
1266 			printf("   type            address\n");
1267 			if (dabr.enabled) {
1268 				printf("   data   "REG"  [", dabr.address);
1269 				if (dabr.enabled & 1)
1270 					printf("r");
1271 				if (dabr.enabled & 2)
1272 					printf("w");
1273 				printf("]\n");
1274 			}
1275 			for (bp = bpts; bp < &bpts[NBPTS]; ++bp) {
1276 				if (!bp->enabled)
1277 					continue;
1278 				printf("%2x %s   ", BP_NUM(bp),
1279 				    (bp->enabled & BP_CIABR) ? "inst": "trap");
1280 				xmon_print_symbol(bp->address, "  ", "\n");
1281 			}
1282 			break;
1283 		}
1284 
1285 		if (!check_bp_loc(a))
1286 			break;
1287 		bp = new_breakpoint(a);
1288 		if (bp != NULL)
1289 			bp->enabled |= BP_TRAP;
1290 		break;
1291 	}
1292 }
1293 
1294 /* Very cheap human name for vector lookup. */
1295 static
1296 const char *getvecname(unsigned long vec)
1297 {
1298 	char *ret;
1299 
1300 	switch (vec) {
1301 	case 0x100:	ret = "(System Reset)"; break;
1302 	case 0x200:	ret = "(Machine Check)"; break;
1303 	case 0x300:	ret = "(Data Access)"; break;
1304 	case 0x380:	ret = "(Data SLB Access)"; break;
1305 	case 0x400:	ret = "(Instruction Access)"; break;
1306 	case 0x480:	ret = "(Instruction SLB Access)"; break;
1307 	case 0x500:	ret = "(Hardware Interrupt)"; break;
1308 	case 0x600:	ret = "(Alignment)"; break;
1309 	case 0x700:	ret = "(Program Check)"; break;
1310 	case 0x800:	ret = "(FPU Unavailable)"; break;
1311 	case 0x900:	ret = "(Decrementer)"; break;
1312 	case 0x980:	ret = "(Hypervisor Decrementer)"; break;
1313 	case 0xa00:	ret = "(Doorbell)"; break;
1314 	case 0xc00:	ret = "(System Call)"; break;
1315 	case 0xd00:	ret = "(Single Step)"; break;
1316 	case 0xe40:	ret = "(Emulation Assist)"; break;
1317 	case 0xe60:	ret = "(HMI)"; break;
1318 	case 0xe80:	ret = "(Hypervisor Doorbell)"; break;
1319 	case 0xf00:	ret = "(Performance Monitor)"; break;
1320 	case 0xf20:	ret = "(Altivec Unavailable)"; break;
1321 	case 0x1300:	ret = "(Instruction Breakpoint)"; break;
1322 	case 0x1500:	ret = "(Denormalisation)"; break;
1323 	case 0x1700:	ret = "(Altivec Assist)"; break;
1324 	default: ret = "";
1325 	}
1326 	return ret;
1327 }
1328 
1329 static void get_function_bounds(unsigned long pc, unsigned long *startp,
1330 				unsigned long *endp)
1331 {
1332 	unsigned long size, offset;
1333 	const char *name;
1334 
1335 	*startp = *endp = 0;
1336 	if (pc == 0)
1337 		return;
1338 	if (setjmp(bus_error_jmp) == 0) {
1339 		catch_memory_errors = 1;
1340 		sync();
1341 		name = kallsyms_lookup(pc, &size, &offset, NULL, tmpstr);
1342 		if (name != NULL) {
1343 			*startp = pc - offset;
1344 			*endp = pc - offset + size;
1345 		}
1346 		sync();
1347 	}
1348 	catch_memory_errors = 0;
1349 }
1350 
1351 #define LRSAVE_OFFSET		(STACK_FRAME_LR_SAVE * sizeof(unsigned long))
1352 #define MARKER_OFFSET		(STACK_FRAME_MARKER * sizeof(unsigned long))
1353 
1354 static void xmon_show_stack(unsigned long sp, unsigned long lr,
1355 			    unsigned long pc)
1356 {
1357 	int max_to_print = 64;
1358 	unsigned long ip;
1359 	unsigned long newsp;
1360 	unsigned long marker;
1361 	struct pt_regs regs;
1362 
1363 	while (max_to_print--) {
1364 		if (sp < PAGE_OFFSET) {
1365 			if (sp != 0)
1366 				printf("SP (%lx) is in userspace\n", sp);
1367 			break;
1368 		}
1369 
1370 		if (!mread(sp + LRSAVE_OFFSET, &ip, sizeof(unsigned long))
1371 		    || !mread(sp, &newsp, sizeof(unsigned long))) {
1372 			printf("Couldn't read stack frame at %lx\n", sp);
1373 			break;
1374 		}
1375 
1376 		/*
1377 		 * For the first stack frame, try to work out if
1378 		 * LR and/or the saved LR value in the bottommost
1379 		 * stack frame are valid.
1380 		 */
1381 		if ((pc | lr) != 0) {
1382 			unsigned long fnstart, fnend;
1383 			unsigned long nextip;
1384 			int printip = 1;
1385 
1386 			get_function_bounds(pc, &fnstart, &fnend);
1387 			nextip = 0;
1388 			if (newsp > sp)
1389 				mread(newsp + LRSAVE_OFFSET, &nextip,
1390 				      sizeof(unsigned long));
1391 			if (lr == ip) {
1392 				if (lr < PAGE_OFFSET
1393 				    || (fnstart <= lr && lr < fnend))
1394 					printip = 0;
1395 			} else if (lr == nextip) {
1396 				printip = 0;
1397 			} else if (lr >= PAGE_OFFSET
1398 				   && !(fnstart <= lr && lr < fnend)) {
1399 				printf("[link register   ] ");
1400 				xmon_print_symbol(lr, " ", "\n");
1401 			}
1402 			if (printip) {
1403 				printf("["REG"] ", sp);
1404 				xmon_print_symbol(ip, " ", " (unreliable)\n");
1405 			}
1406 			pc = lr = 0;
1407 
1408 		} else {
1409 			printf("["REG"] ", sp);
1410 			xmon_print_symbol(ip, " ", "\n");
1411 		}
1412 
1413 		/* Look for "regshere" marker to see if this is
1414 		   an exception frame. */
1415 		if (mread(sp + MARKER_OFFSET, &marker, sizeof(unsigned long))
1416 		    && marker == STACK_FRAME_REGS_MARKER) {
1417 			if (mread(sp + STACK_FRAME_OVERHEAD, &regs, sizeof(regs))
1418 			    != sizeof(regs)) {
1419 				printf("Couldn't read registers at %lx\n",
1420 				       sp + STACK_FRAME_OVERHEAD);
1421 				break;
1422 			}
1423 			printf("--- Exception: %lx %s at ", regs.trap,
1424 			       getvecname(TRAP(&regs)));
1425 			pc = regs.nip;
1426 			lr = regs.link;
1427 			xmon_print_symbol(pc, " ", "\n");
1428 		}
1429 
1430 		if (newsp == 0)
1431 			break;
1432 
1433 		sp = newsp;
1434 	}
1435 }
1436 
1437 static void backtrace(struct pt_regs *excp)
1438 {
1439 	unsigned long sp;
1440 
1441 	if (scanhex(&sp))
1442 		xmon_show_stack(sp, 0, 0);
1443 	else
1444 		xmon_show_stack(excp->gpr[1], excp->link, excp->nip);
1445 	scannl();
1446 }
1447 
1448 static void print_bug_trap(struct pt_regs *regs)
1449 {
1450 #ifdef CONFIG_BUG
1451 	const struct bug_entry *bug;
1452 	unsigned long addr;
1453 
1454 	if (regs->msr & MSR_PR)
1455 		return;		/* not in kernel */
1456 	addr = regs->nip;	/* address of trap instruction */
1457 	if (addr < PAGE_OFFSET)
1458 		return;
1459 	bug = find_bug(regs->nip);
1460 	if (bug == NULL)
1461 		return;
1462 	if (is_warning_bug(bug))
1463 		return;
1464 
1465 #ifdef CONFIG_DEBUG_BUGVERBOSE
1466 	printf("kernel BUG at %s:%u!\n",
1467 	       bug->file, bug->line);
1468 #else
1469 	printf("kernel BUG at %p!\n", (void *)bug->bug_addr);
1470 #endif
1471 #endif /* CONFIG_BUG */
1472 }
1473 
1474 static void excprint(struct pt_regs *fp)
1475 {
1476 	unsigned long trap;
1477 
1478 #ifdef CONFIG_SMP
1479 	printf("cpu 0x%x: ", smp_processor_id());
1480 #endif /* CONFIG_SMP */
1481 
1482 	trap = TRAP(fp);
1483 	printf("Vector: %lx %s at [%lx]\n", fp->trap, getvecname(trap), fp);
1484 	printf("    pc: ");
1485 	xmon_print_symbol(fp->nip, ": ", "\n");
1486 
1487 	printf("    lr: ", fp->link);
1488 	xmon_print_symbol(fp->link, ": ", "\n");
1489 
1490 	printf("    sp: %lx\n", fp->gpr[1]);
1491 	printf("   msr: %lx\n", fp->msr);
1492 
1493 	if (trap == 0x300 || trap == 0x380 || trap == 0x600 || trap == 0x200) {
1494 		printf("   dar: %lx\n", fp->dar);
1495 		if (trap != 0x380)
1496 			printf(" dsisr: %lx\n", fp->dsisr);
1497 	}
1498 
1499 	printf("  current = 0x%lx\n", current);
1500 #ifdef CONFIG_PPC64
1501 	printf("  paca    = 0x%lx\t softe: %d\t irq_happened: 0x%02x\n",
1502 	       local_paca, local_paca->soft_enabled, local_paca->irq_happened);
1503 #endif
1504 	if (current) {
1505 		printf("    pid   = %ld, comm = %s\n",
1506 		       current->pid, current->comm);
1507 	}
1508 
1509 	if (trap == 0x700)
1510 		print_bug_trap(fp);
1511 }
1512 
1513 static void prregs(struct pt_regs *fp)
1514 {
1515 	int n, trap;
1516 	unsigned long base;
1517 	struct pt_regs regs;
1518 
1519 	if (scanhex(&base)) {
1520 		if (setjmp(bus_error_jmp) == 0) {
1521 			catch_memory_errors = 1;
1522 			sync();
1523 			regs = *(struct pt_regs *)base;
1524 			sync();
1525 			__delay(200);
1526 		} else {
1527 			catch_memory_errors = 0;
1528 			printf("*** Error reading registers from "REG"\n",
1529 			       base);
1530 			return;
1531 		}
1532 		catch_memory_errors = 0;
1533 		fp = &regs;
1534 	}
1535 
1536 #ifdef CONFIG_PPC64
1537 	if (FULL_REGS(fp)) {
1538 		for (n = 0; n < 16; ++n)
1539 			printf("R%.2ld = "REG"   R%.2ld = "REG"\n",
1540 			       n, fp->gpr[n], n+16, fp->gpr[n+16]);
1541 	} else {
1542 		for (n = 0; n < 7; ++n)
1543 			printf("R%.2ld = "REG"   R%.2ld = "REG"\n",
1544 			       n, fp->gpr[n], n+7, fp->gpr[n+7]);
1545 	}
1546 #else
1547 	for (n = 0; n < 32; ++n) {
1548 		printf("R%.2d = %.8x%s", n, fp->gpr[n],
1549 		       (n & 3) == 3? "\n": "   ");
1550 		if (n == 12 && !FULL_REGS(fp)) {
1551 			printf("\n");
1552 			break;
1553 		}
1554 	}
1555 #endif
1556 	printf("pc  = ");
1557 	xmon_print_symbol(fp->nip, " ", "\n");
1558 	if (TRAP(fp) != 0xc00 && cpu_has_feature(CPU_FTR_CFAR)) {
1559 		printf("cfar= ");
1560 		xmon_print_symbol(fp->orig_gpr3, " ", "\n");
1561 	}
1562 	printf("lr  = ");
1563 	xmon_print_symbol(fp->link, " ", "\n");
1564 	printf("msr = "REG"   cr  = %.8lx\n", fp->msr, fp->ccr);
1565 	printf("ctr = "REG"   xer = "REG"   trap = %4lx\n",
1566 	       fp->ctr, fp->xer, fp->trap);
1567 	trap = TRAP(fp);
1568 	if (trap == 0x300 || trap == 0x380 || trap == 0x600)
1569 		printf("dar = "REG"   dsisr = %.8lx\n", fp->dar, fp->dsisr);
1570 }
1571 
1572 static void cacheflush(void)
1573 {
1574 	int cmd;
1575 	unsigned long nflush;
1576 
1577 	cmd = inchar();
1578 	if (cmd != 'i')
1579 		termch = cmd;
1580 	scanhex((void *)&adrs);
1581 	if (termch != '\n')
1582 		termch = 0;
1583 	nflush = 1;
1584 	scanhex(&nflush);
1585 	nflush = (nflush + L1_CACHE_BYTES - 1) / L1_CACHE_BYTES;
1586 	if (setjmp(bus_error_jmp) == 0) {
1587 		catch_memory_errors = 1;
1588 		sync();
1589 
1590 		if (cmd != 'i') {
1591 			for (; nflush > 0; --nflush, adrs += L1_CACHE_BYTES)
1592 				cflush((void *) adrs);
1593 		} else {
1594 			for (; nflush > 0; --nflush, adrs += L1_CACHE_BYTES)
1595 				cinval((void *) adrs);
1596 		}
1597 		sync();
1598 		/* wait a little while to see if we get a machine check */
1599 		__delay(200);
1600 	}
1601 	catch_memory_errors = 0;
1602 }
1603 
1604 static unsigned long
1605 read_spr(int n)
1606 {
1607 	unsigned int instrs[2];
1608 	unsigned long (*code)(void);
1609 	unsigned long ret = -1UL;
1610 #ifdef CONFIG_PPC64
1611 	unsigned long opd[3];
1612 
1613 	opd[0] = (unsigned long)instrs;
1614 	opd[1] = 0;
1615 	opd[2] = 0;
1616 	code = (unsigned long (*)(void)) opd;
1617 #else
1618 	code = (unsigned long (*)(void)) instrs;
1619 #endif
1620 
1621 	/* mfspr r3,n; blr */
1622 	instrs[0] = 0x7c6002a6 + ((n & 0x1F) << 16) + ((n & 0x3e0) << 6);
1623 	instrs[1] = 0x4e800020;
1624 	store_inst(instrs);
1625 	store_inst(instrs+1);
1626 
1627 	if (setjmp(bus_error_jmp) == 0) {
1628 		catch_memory_errors = 1;
1629 		sync();
1630 
1631 		ret = code();
1632 
1633 		sync();
1634 		/* wait a little while to see if we get a machine check */
1635 		__delay(200);
1636 		n = size;
1637 	}
1638 
1639 	return ret;
1640 }
1641 
1642 static void
1643 write_spr(int n, unsigned long val)
1644 {
1645 	unsigned int instrs[2];
1646 	unsigned long (*code)(unsigned long);
1647 #ifdef CONFIG_PPC64
1648 	unsigned long opd[3];
1649 
1650 	opd[0] = (unsigned long)instrs;
1651 	opd[1] = 0;
1652 	opd[2] = 0;
1653 	code = (unsigned long (*)(unsigned long)) opd;
1654 #else
1655 	code = (unsigned long (*)(unsigned long)) instrs;
1656 #endif
1657 
1658 	instrs[0] = 0x7c6003a6 + ((n & 0x1F) << 16) + ((n & 0x3e0) << 6);
1659 	instrs[1] = 0x4e800020;
1660 	store_inst(instrs);
1661 	store_inst(instrs+1);
1662 
1663 	if (setjmp(bus_error_jmp) == 0) {
1664 		catch_memory_errors = 1;
1665 		sync();
1666 
1667 		code(val);
1668 
1669 		sync();
1670 		/* wait a little while to see if we get a machine check */
1671 		__delay(200);
1672 		n = size;
1673 	}
1674 }
1675 
1676 static unsigned long regno;
1677 extern char exc_prolog;
1678 extern char dec_exc;
1679 
1680 static void super_regs(void)
1681 {
1682 	int cmd;
1683 	unsigned long val;
1684 
1685 	cmd = skipbl();
1686 	if (cmd == '\n') {
1687 		unsigned long sp, toc;
1688 		asm("mr %0,1" : "=r" (sp) :);
1689 		asm("mr %0,2" : "=r" (toc) :);
1690 
1691 		printf("msr  = "REG"  sprg0= "REG"\n",
1692 		       mfmsr(), mfspr(SPRN_SPRG0));
1693 		printf("pvr  = "REG"  sprg1= "REG"\n",
1694 		       mfspr(SPRN_PVR), mfspr(SPRN_SPRG1));
1695 		printf("dec  = "REG"  sprg2= "REG"\n",
1696 		       mfspr(SPRN_DEC), mfspr(SPRN_SPRG2));
1697 		printf("sp   = "REG"  sprg3= "REG"\n", sp, mfspr(SPRN_SPRG3));
1698 		printf("toc  = "REG"  dar  = "REG"\n", toc, mfspr(SPRN_DAR));
1699 
1700 		return;
1701 	}
1702 
1703 	scanhex(&regno);
1704 	switch (cmd) {
1705 	case 'w':
1706 		val = read_spr(regno);
1707 		scanhex(&val);
1708 		write_spr(regno, val);
1709 		/* fall through */
1710 	case 'r':
1711 		printf("spr %lx = %lx\n", regno, read_spr(regno));
1712 		break;
1713 	}
1714 	scannl();
1715 }
1716 
1717 /*
1718  * Stuff for reading and writing memory safely
1719  */
1720 static int
1721 mread(unsigned long adrs, void *buf, int size)
1722 {
1723 	volatile int n;
1724 	char *p, *q;
1725 
1726 	n = 0;
1727 	if (setjmp(bus_error_jmp) == 0) {
1728 		catch_memory_errors = 1;
1729 		sync();
1730 		p = (char *)adrs;
1731 		q = (char *)buf;
1732 		switch (size) {
1733 		case 2:
1734 			*(u16 *)q = *(u16 *)p;
1735 			break;
1736 		case 4:
1737 			*(u32 *)q = *(u32 *)p;
1738 			break;
1739 		case 8:
1740 			*(u64 *)q = *(u64 *)p;
1741 			break;
1742 		default:
1743 			for( ; n < size; ++n) {
1744 				*q++ = *p++;
1745 				sync();
1746 			}
1747 		}
1748 		sync();
1749 		/* wait a little while to see if we get a machine check */
1750 		__delay(200);
1751 		n = size;
1752 	}
1753 	catch_memory_errors = 0;
1754 	return n;
1755 }
1756 
1757 static int
1758 mwrite(unsigned long adrs, void *buf, int size)
1759 {
1760 	volatile int n;
1761 	char *p, *q;
1762 
1763 	n = 0;
1764 	if (setjmp(bus_error_jmp) == 0) {
1765 		catch_memory_errors = 1;
1766 		sync();
1767 		p = (char *) adrs;
1768 		q = (char *) buf;
1769 		switch (size) {
1770 		case 2:
1771 			*(u16 *)p = *(u16 *)q;
1772 			break;
1773 		case 4:
1774 			*(u32 *)p = *(u32 *)q;
1775 			break;
1776 		case 8:
1777 			*(u64 *)p = *(u64 *)q;
1778 			break;
1779 		default:
1780 			for ( ; n < size; ++n) {
1781 				*p++ = *q++;
1782 				sync();
1783 			}
1784 		}
1785 		sync();
1786 		/* wait a little while to see if we get a machine check */
1787 		__delay(200);
1788 		n = size;
1789 	} else {
1790 		printf("*** Error writing address "REG"\n", adrs + n);
1791 	}
1792 	catch_memory_errors = 0;
1793 	return n;
1794 }
1795 
1796 static int fault_type;
1797 static int fault_except;
1798 static char *fault_chars[] = { "--", "**", "##" };
1799 
1800 static int handle_fault(struct pt_regs *regs)
1801 {
1802 	fault_except = TRAP(regs);
1803 	switch (TRAP(regs)) {
1804 	case 0x200:
1805 		fault_type = 0;
1806 		break;
1807 	case 0x300:
1808 	case 0x380:
1809 		fault_type = 1;
1810 		break;
1811 	default:
1812 		fault_type = 2;
1813 	}
1814 
1815 	longjmp(bus_error_jmp, 1);
1816 
1817 	return 0;
1818 }
1819 
1820 #define SWAP(a, b, t)	((t) = (a), (a) = (b), (b) = (t))
1821 
1822 static void
1823 byterev(unsigned char *val, int size)
1824 {
1825 	int t;
1826 
1827 	switch (size) {
1828 	case 2:
1829 		SWAP(val[0], val[1], t);
1830 		break;
1831 	case 4:
1832 		SWAP(val[0], val[3], t);
1833 		SWAP(val[1], val[2], t);
1834 		break;
1835 	case 8: /* is there really any use for this? */
1836 		SWAP(val[0], val[7], t);
1837 		SWAP(val[1], val[6], t);
1838 		SWAP(val[2], val[5], t);
1839 		SWAP(val[3], val[4], t);
1840 		break;
1841 	}
1842 }
1843 
1844 static int brev;
1845 static int mnoread;
1846 
1847 static char *memex_help_string =
1848     "Memory examine command usage:\n"
1849     "m [addr] [flags] examine/change memory\n"
1850     "  addr is optional.  will start where left off.\n"
1851     "  flags may include chars from this set:\n"
1852     "    b   modify by bytes (default)\n"
1853     "    w   modify by words (2 byte)\n"
1854     "    l   modify by longs (4 byte)\n"
1855     "    d   modify by doubleword (8 byte)\n"
1856     "    r   toggle reverse byte order mode\n"
1857     "    n   do not read memory (for i/o spaces)\n"
1858     "    .   ok to read (default)\n"
1859     "NOTE: flags are saved as defaults\n"
1860     "";
1861 
1862 static char *memex_subcmd_help_string =
1863     "Memory examine subcommands:\n"
1864     "  hexval   write this val to current location\n"
1865     "  'string' write chars from string to this location\n"
1866     "  '        increment address\n"
1867     "  ^        decrement address\n"
1868     "  /        increment addr by 0x10.  //=0x100, ///=0x1000, etc\n"
1869     "  \\        decrement addr by 0x10.  \\\\=0x100, \\\\\\=0x1000, etc\n"
1870     "  `        clear no-read flag\n"
1871     "  ;        stay at this addr\n"
1872     "  v        change to byte mode\n"
1873     "  w        change to word (2 byte) mode\n"
1874     "  l        change to long (4 byte) mode\n"
1875     "  u        change to doubleword (8 byte) mode\n"
1876     "  m addr   change current addr\n"
1877     "  n        toggle no-read flag\n"
1878     "  r        toggle byte reverse flag\n"
1879     "  < count  back up count bytes\n"
1880     "  > count  skip forward count bytes\n"
1881     "  x        exit this mode\n"
1882     "";
1883 
1884 static void
1885 memex(void)
1886 {
1887 	int cmd, inc, i, nslash;
1888 	unsigned long n;
1889 	unsigned char val[16];
1890 
1891 	scanhex((void *)&adrs);
1892 	cmd = skipbl();
1893 	if (cmd == '?') {
1894 		printf(memex_help_string);
1895 		return;
1896 	} else {
1897 		termch = cmd;
1898 	}
1899 	last_cmd = "m\n";
1900 	while ((cmd = skipbl()) != '\n') {
1901 		switch( cmd ){
1902 		case 'b':	size = 1;	break;
1903 		case 'w':	size = 2;	break;
1904 		case 'l':	size = 4;	break;
1905 		case 'd':	size = 8;	break;
1906 		case 'r': 	brev = !brev;	break;
1907 		case 'n':	mnoread = 1;	break;
1908 		case '.':	mnoread = 0;	break;
1909 		}
1910 	}
1911 	if( size <= 0 )
1912 		size = 1;
1913 	else if( size > 8 )
1914 		size = 8;
1915 	for(;;){
1916 		if (!mnoread)
1917 			n = mread(adrs, val, size);
1918 		printf(REG"%c", adrs, brev? 'r': ' ');
1919 		if (!mnoread) {
1920 			if (brev)
1921 				byterev(val, size);
1922 			putchar(' ');
1923 			for (i = 0; i < n; ++i)
1924 				printf("%.2x", val[i]);
1925 			for (; i < size; ++i)
1926 				printf("%s", fault_chars[fault_type]);
1927 		}
1928 		putchar(' ');
1929 		inc = size;
1930 		nslash = 0;
1931 		for(;;){
1932 			if( scanhex(&n) ){
1933 				for (i = 0; i < size; ++i)
1934 					val[i] = n >> (i * 8);
1935 				if (!brev)
1936 					byterev(val, size);
1937 				mwrite(adrs, val, size);
1938 				inc = size;
1939 			}
1940 			cmd = skipbl();
1941 			if (cmd == '\n')
1942 				break;
1943 			inc = 0;
1944 			switch (cmd) {
1945 			case '\'':
1946 				for(;;){
1947 					n = inchar();
1948 					if( n == '\\' )
1949 						n = bsesc();
1950 					else if( n == '\'' )
1951 						break;
1952 					for (i = 0; i < size; ++i)
1953 						val[i] = n >> (i * 8);
1954 					if (!brev)
1955 						byterev(val, size);
1956 					mwrite(adrs, val, size);
1957 					adrs += size;
1958 				}
1959 				adrs -= size;
1960 				inc = size;
1961 				break;
1962 			case ',':
1963 				adrs += size;
1964 				break;
1965 			case '.':
1966 				mnoread = 0;
1967 				break;
1968 			case ';':
1969 				break;
1970 			case 'x':
1971 			case EOF:
1972 				scannl();
1973 				return;
1974 			case 'b':
1975 			case 'v':
1976 				size = 1;
1977 				break;
1978 			case 'w':
1979 				size = 2;
1980 				break;
1981 			case 'l':
1982 				size = 4;
1983 				break;
1984 			case 'u':
1985 				size = 8;
1986 				break;
1987 			case '^':
1988 				adrs -= size;
1989 				break;
1990 			case '/':
1991 				if (nslash > 0)
1992 					adrs -= 1 << nslash;
1993 				else
1994 					nslash = 0;
1995 				nslash += 4;
1996 				adrs += 1 << nslash;
1997 				break;
1998 			case '\\':
1999 				if (nslash < 0)
2000 					adrs += 1 << -nslash;
2001 				else
2002 					nslash = 0;
2003 				nslash -= 4;
2004 				adrs -= 1 << -nslash;
2005 				break;
2006 			case 'm':
2007 				scanhex((void *)&adrs);
2008 				break;
2009 			case 'n':
2010 				mnoread = 1;
2011 				break;
2012 			case 'r':
2013 				brev = !brev;
2014 				break;
2015 			case '<':
2016 				n = size;
2017 				scanhex(&n);
2018 				adrs -= n;
2019 				break;
2020 			case '>':
2021 				n = size;
2022 				scanhex(&n);
2023 				adrs += n;
2024 				break;
2025 			case '?':
2026 				printf(memex_subcmd_help_string);
2027 				break;
2028 			}
2029 		}
2030 		adrs += inc;
2031 	}
2032 }
2033 
2034 static int
2035 bsesc(void)
2036 {
2037 	int c;
2038 
2039 	c = inchar();
2040 	switch( c ){
2041 	case 'n':	c = '\n';	break;
2042 	case 'r':	c = '\r';	break;
2043 	case 'b':	c = '\b';	break;
2044 	case 't':	c = '\t';	break;
2045 	}
2046 	return c;
2047 }
2048 
2049 static void xmon_rawdump (unsigned long adrs, long ndump)
2050 {
2051 	long n, m, r, nr;
2052 	unsigned char temp[16];
2053 
2054 	for (n = ndump; n > 0;) {
2055 		r = n < 16? n: 16;
2056 		nr = mread(adrs, temp, r);
2057 		adrs += nr;
2058 		for (m = 0; m < r; ++m) {
2059 			if (m < nr)
2060 				printf("%.2x", temp[m]);
2061 			else
2062 				printf("%s", fault_chars[fault_type]);
2063 		}
2064 		n -= r;
2065 		if (nr < r)
2066 			break;
2067 	}
2068 	printf("\n");
2069 }
2070 
2071 #ifdef CONFIG_PPC64
2072 static void dump_one_paca(int cpu)
2073 {
2074 	struct paca_struct *p;
2075 
2076 	if (setjmp(bus_error_jmp) != 0) {
2077 		printf("*** Error dumping paca for cpu 0x%x!\n", cpu);
2078 		return;
2079 	}
2080 
2081 	catch_memory_errors = 1;
2082 	sync();
2083 
2084 	p = &paca[cpu];
2085 
2086 	printf("paca for cpu 0x%x @ %p:\n", cpu, p);
2087 
2088 	printf(" %-*s = %s\n", 16, "possible", cpu_possible(cpu) ? "yes" : "no");
2089 	printf(" %-*s = %s\n", 16, "present", cpu_present(cpu) ? "yes" : "no");
2090 	printf(" %-*s = %s\n", 16, "online", cpu_online(cpu) ? "yes" : "no");
2091 
2092 #define DUMP(paca, name, format) \
2093 	printf(" %-*s = %#-*"format"\t(0x%lx)\n", 16, #name, 18, paca->name, \
2094 		offsetof(struct paca_struct, name));
2095 
2096 	DUMP(p, lock_token, "x");
2097 	DUMP(p, paca_index, "x");
2098 	DUMP(p, kernel_toc, "lx");
2099 	DUMP(p, kernelbase, "lx");
2100 	DUMP(p, kernel_msr, "lx");
2101 	DUMP(p, emergency_sp, "p");
2102 #ifdef CONFIG_PPC_BOOK3S_64
2103 	DUMP(p, mc_emergency_sp, "p");
2104 	DUMP(p, in_mce, "x");
2105 #endif
2106 	DUMP(p, data_offset, "lx");
2107 	DUMP(p, hw_cpu_id, "x");
2108 	DUMP(p, cpu_start, "x");
2109 	DUMP(p, kexec_state, "x");
2110 	DUMP(p, __current, "p");
2111 	DUMP(p, kstack, "lx");
2112 	DUMP(p, stab_rr, "lx");
2113 	DUMP(p, saved_r1, "lx");
2114 	DUMP(p, trap_save, "x");
2115 	DUMP(p, soft_enabled, "x");
2116 	DUMP(p, irq_happened, "x");
2117 	DUMP(p, io_sync, "x");
2118 	DUMP(p, irq_work_pending, "x");
2119 	DUMP(p, nap_state_lost, "x");
2120 
2121 #undef DUMP
2122 
2123 	catch_memory_errors = 0;
2124 	sync();
2125 }
2126 
2127 static void dump_all_pacas(void)
2128 {
2129 	int cpu;
2130 
2131 	if (num_possible_cpus() == 0) {
2132 		printf("No possible cpus, use 'dp #' to dump individual cpus\n");
2133 		return;
2134 	}
2135 
2136 	for_each_possible_cpu(cpu)
2137 		dump_one_paca(cpu);
2138 }
2139 
2140 static void dump_pacas(void)
2141 {
2142 	unsigned long num;
2143 	int c;
2144 
2145 	c = inchar();
2146 	if (c == 'a') {
2147 		dump_all_pacas();
2148 		return;
2149 	}
2150 
2151 	termch = c;	/* Put c back, it wasn't 'a' */
2152 
2153 	if (scanhex(&num))
2154 		dump_one_paca(num);
2155 	else
2156 		dump_one_paca(xmon_owner);
2157 }
2158 #endif
2159 
2160 static void
2161 dump(void)
2162 {
2163 	int c;
2164 
2165 	c = inchar();
2166 
2167 #ifdef CONFIG_PPC64
2168 	if (c == 'p') {
2169 		dump_pacas();
2170 		return;
2171 	}
2172 #endif
2173 
2174 	if ((isxdigit(c) && c != 'f' && c != 'd') || c == '\n')
2175 		termch = c;
2176 	scanhex((void *)&adrs);
2177 	if (termch != '\n')
2178 		termch = 0;
2179 	if (c == 'i') {
2180 		scanhex(&nidump);
2181 		if (nidump == 0)
2182 			nidump = 16;
2183 		else if (nidump > MAX_DUMP)
2184 			nidump = MAX_DUMP;
2185 		adrs += ppc_inst_dump(adrs, nidump, 1);
2186 		last_cmd = "di\n";
2187 	} else if (c == 'l') {
2188 		dump_log_buf();
2189 	} else if (c == 'r') {
2190 		scanhex(&ndump);
2191 		if (ndump == 0)
2192 			ndump = 64;
2193 		xmon_rawdump(adrs, ndump);
2194 		adrs += ndump;
2195 		last_cmd = "dr\n";
2196 	} else {
2197 		scanhex(&ndump);
2198 		if (ndump == 0)
2199 			ndump = 64;
2200 		else if (ndump > MAX_DUMP)
2201 			ndump = MAX_DUMP;
2202 		prdump(adrs, ndump);
2203 		adrs += ndump;
2204 		last_cmd = "d\n";
2205 	}
2206 }
2207 
2208 static void
2209 prdump(unsigned long adrs, long ndump)
2210 {
2211 	long n, m, c, r, nr;
2212 	unsigned char temp[16];
2213 
2214 	for (n = ndump; n > 0;) {
2215 		printf(REG, adrs);
2216 		putchar(' ');
2217 		r = n < 16? n: 16;
2218 		nr = mread(adrs, temp, r);
2219 		adrs += nr;
2220 		for (m = 0; m < r; ++m) {
2221 			if ((m & (sizeof(long) - 1)) == 0 && m > 0)
2222 				putchar(' ');
2223 			if (m < nr)
2224 				printf("%.2x", temp[m]);
2225 			else
2226 				printf("%s", fault_chars[fault_type]);
2227 		}
2228 		for (; m < 16; ++m) {
2229 			if ((m & (sizeof(long) - 1)) == 0)
2230 				putchar(' ');
2231 			printf("  ");
2232 		}
2233 		printf("  |");
2234 		for (m = 0; m < r; ++m) {
2235 			if (m < nr) {
2236 				c = temp[m];
2237 				putchar(' ' <= c && c <= '~'? c: '.');
2238 			} else
2239 				putchar(' ');
2240 		}
2241 		n -= r;
2242 		for (; m < 16; ++m)
2243 			putchar(' ');
2244 		printf("|\n");
2245 		if (nr < r)
2246 			break;
2247 	}
2248 }
2249 
2250 typedef int (*instruction_dump_func)(unsigned long inst, unsigned long addr);
2251 
2252 static int
2253 generic_inst_dump(unsigned long adr, long count, int praddr,
2254 			instruction_dump_func dump_func)
2255 {
2256 	int nr, dotted;
2257 	unsigned long first_adr;
2258 	unsigned long inst, last_inst = 0;
2259 	unsigned char val[4];
2260 
2261 	dotted = 0;
2262 	for (first_adr = adr; count > 0; --count, adr += 4) {
2263 		nr = mread(adr, val, 4);
2264 		if (nr == 0) {
2265 			if (praddr) {
2266 				const char *x = fault_chars[fault_type];
2267 				printf(REG"  %s%s%s%s\n", adr, x, x, x, x);
2268 			}
2269 			break;
2270 		}
2271 		inst = GETWORD(val);
2272 		if (adr > first_adr && inst == last_inst) {
2273 			if (!dotted) {
2274 				printf(" ...\n");
2275 				dotted = 1;
2276 			}
2277 			continue;
2278 		}
2279 		dotted = 0;
2280 		last_inst = inst;
2281 		if (praddr)
2282 			printf(REG"  %.8x", adr, inst);
2283 		printf("\t");
2284 		dump_func(inst, adr);
2285 		printf("\n");
2286 	}
2287 	return adr - first_adr;
2288 }
2289 
2290 static int
2291 ppc_inst_dump(unsigned long adr, long count, int praddr)
2292 {
2293 	return generic_inst_dump(adr, count, praddr, print_insn_powerpc);
2294 }
2295 
2296 void
2297 print_address(unsigned long addr)
2298 {
2299 	xmon_print_symbol(addr, "\t# ", "");
2300 }
2301 
2302 void
2303 dump_log_buf(void)
2304 {
2305 	struct kmsg_dumper dumper = { .active = 1 };
2306 	unsigned char buf[128];
2307 	size_t len;
2308 
2309 	if (setjmp(bus_error_jmp) != 0) {
2310 		printf("Error dumping printk buffer!\n");
2311 		return;
2312 	}
2313 
2314 	catch_memory_errors = 1;
2315 	sync();
2316 
2317 	kmsg_dump_rewind_nolock(&dumper);
2318 	while (kmsg_dump_get_line_nolock(&dumper, false, buf, sizeof(buf), &len)) {
2319 		buf[len] = '\0';
2320 		printf("%s", buf);
2321 	}
2322 
2323 	sync();
2324 	/* wait a little while to see if we get a machine check */
2325 	__delay(200);
2326 	catch_memory_errors = 0;
2327 }
2328 
2329 /*
2330  * Memory operations - move, set, print differences
2331  */
2332 static unsigned long mdest;		/* destination address */
2333 static unsigned long msrc;		/* source address */
2334 static unsigned long mval;		/* byte value to set memory to */
2335 static unsigned long mcount;		/* # bytes to affect */
2336 static unsigned long mdiffs;		/* max # differences to print */
2337 
2338 static void
2339 memops(int cmd)
2340 {
2341 	scanhex((void *)&mdest);
2342 	if( termch != '\n' )
2343 		termch = 0;
2344 	scanhex((void *)(cmd == 's'? &mval: &msrc));
2345 	if( termch != '\n' )
2346 		termch = 0;
2347 	scanhex((void *)&mcount);
2348 	switch( cmd ){
2349 	case 'm':
2350 		memmove((void *)mdest, (void *)msrc, mcount);
2351 		break;
2352 	case 's':
2353 		memset((void *)mdest, mval, mcount);
2354 		break;
2355 	case 'd':
2356 		if( termch != '\n' )
2357 			termch = 0;
2358 		scanhex((void *)&mdiffs);
2359 		memdiffs((unsigned char *)mdest, (unsigned char *)msrc, mcount, mdiffs);
2360 		break;
2361 	}
2362 }
2363 
2364 static void
2365 memdiffs(unsigned char *p1, unsigned char *p2, unsigned nb, unsigned maxpr)
2366 {
2367 	unsigned n, prt;
2368 
2369 	prt = 0;
2370 	for( n = nb; n > 0; --n )
2371 		if( *p1++ != *p2++ )
2372 			if( ++prt <= maxpr )
2373 				printf("%.16x %.2x # %.16x %.2x\n", p1 - 1,
2374 					p1[-1], p2 - 1, p2[-1]);
2375 	if( prt > maxpr )
2376 		printf("Total of %d differences\n", prt);
2377 }
2378 
2379 static unsigned mend;
2380 static unsigned mask;
2381 
2382 static void
2383 memlocate(void)
2384 {
2385 	unsigned a, n;
2386 	unsigned char val[4];
2387 
2388 	last_cmd = "ml";
2389 	scanhex((void *)&mdest);
2390 	if (termch != '\n') {
2391 		termch = 0;
2392 		scanhex((void *)&mend);
2393 		if (termch != '\n') {
2394 			termch = 0;
2395 			scanhex((void *)&mval);
2396 			mask = ~0;
2397 			if (termch != '\n') termch = 0;
2398 			scanhex((void *)&mask);
2399 		}
2400 	}
2401 	n = 0;
2402 	for (a = mdest; a < mend; a += 4) {
2403 		if (mread(a, val, 4) == 4
2404 			&& ((GETWORD(val) ^ mval) & mask) == 0) {
2405 			printf("%.16x:  %.16x\n", a, GETWORD(val));
2406 			if (++n >= 10)
2407 				break;
2408 		}
2409 	}
2410 }
2411 
2412 static unsigned long mskip = 0x1000;
2413 static unsigned long mlim = 0xffffffff;
2414 
2415 static void
2416 memzcan(void)
2417 {
2418 	unsigned char v;
2419 	unsigned a;
2420 	int ok, ook;
2421 
2422 	scanhex(&mdest);
2423 	if (termch != '\n') termch = 0;
2424 	scanhex(&mskip);
2425 	if (termch != '\n') termch = 0;
2426 	scanhex(&mlim);
2427 	ook = 0;
2428 	for (a = mdest; a < mlim; a += mskip) {
2429 		ok = mread(a, &v, 1);
2430 		if (ok && !ook) {
2431 			printf("%.8x .. ", a);
2432 		} else if (!ok && ook)
2433 			printf("%.8x\n", a - mskip);
2434 		ook = ok;
2435 		if (a + mskip < a)
2436 			break;
2437 	}
2438 	if (ook)
2439 		printf("%.8x\n", a - mskip);
2440 }
2441 
2442 static void proccall(void)
2443 {
2444 	unsigned long args[8];
2445 	unsigned long ret;
2446 	int i;
2447 	typedef unsigned long (*callfunc_t)(unsigned long, unsigned long,
2448 			unsigned long, unsigned long, unsigned long,
2449 			unsigned long, unsigned long, unsigned long);
2450 	callfunc_t func;
2451 
2452 	if (!scanhex(&adrs))
2453 		return;
2454 	if (termch != '\n')
2455 		termch = 0;
2456 	for (i = 0; i < 8; ++i)
2457 		args[i] = 0;
2458 	for (i = 0; i < 8; ++i) {
2459 		if (!scanhex(&args[i]) || termch == '\n')
2460 			break;
2461 		termch = 0;
2462 	}
2463 	func = (callfunc_t) adrs;
2464 	ret = 0;
2465 	if (setjmp(bus_error_jmp) == 0) {
2466 		catch_memory_errors = 1;
2467 		sync();
2468 		ret = func(args[0], args[1], args[2], args[3],
2469 			   args[4], args[5], args[6], args[7]);
2470 		sync();
2471 		printf("return value is 0x%lx\n", ret);
2472 	} else {
2473 		printf("*** %x exception occurred\n", fault_except);
2474 	}
2475 	catch_memory_errors = 0;
2476 }
2477 
2478 /* Input scanning routines */
2479 int
2480 skipbl(void)
2481 {
2482 	int c;
2483 
2484 	if( termch != 0 ){
2485 		c = termch;
2486 		termch = 0;
2487 	} else
2488 		c = inchar();
2489 	while( c == ' ' || c == '\t' )
2490 		c = inchar();
2491 	return c;
2492 }
2493 
2494 #define N_PTREGS	44
2495 static char *regnames[N_PTREGS] = {
2496 	"r0", "r1", "r2", "r3", "r4", "r5", "r6", "r7",
2497 	"r8", "r9", "r10", "r11", "r12", "r13", "r14", "r15",
2498 	"r16", "r17", "r18", "r19", "r20", "r21", "r22", "r23",
2499 	"r24", "r25", "r26", "r27", "r28", "r29", "r30", "r31",
2500 	"pc", "msr", "or3", "ctr", "lr", "xer", "ccr",
2501 #ifdef CONFIG_PPC64
2502 	"softe",
2503 #else
2504 	"mq",
2505 #endif
2506 	"trap", "dar", "dsisr", "res"
2507 };
2508 
2509 int
2510 scanhex(unsigned long *vp)
2511 {
2512 	int c, d;
2513 	unsigned long v;
2514 
2515 	c = skipbl();
2516 	if (c == '%') {
2517 		/* parse register name */
2518 		char regname[8];
2519 		int i;
2520 
2521 		for (i = 0; i < sizeof(regname) - 1; ++i) {
2522 			c = inchar();
2523 			if (!isalnum(c)) {
2524 				termch = c;
2525 				break;
2526 			}
2527 			regname[i] = c;
2528 		}
2529 		regname[i] = 0;
2530 		for (i = 0; i < N_PTREGS; ++i) {
2531 			if (strcmp(regnames[i], regname) == 0) {
2532 				if (xmon_regs == NULL) {
2533 					printf("regs not available\n");
2534 					return 0;
2535 				}
2536 				*vp = ((unsigned long *)xmon_regs)[i];
2537 				return 1;
2538 			}
2539 		}
2540 		printf("invalid register name '%%%s'\n", regname);
2541 		return 0;
2542 	}
2543 
2544 	/* skip leading "0x" if any */
2545 
2546 	if (c == '0') {
2547 		c = inchar();
2548 		if (c == 'x') {
2549 			c = inchar();
2550 		} else {
2551 			d = hexdigit(c);
2552 			if (d == EOF) {
2553 				termch = c;
2554 				*vp = 0;
2555 				return 1;
2556 			}
2557 		}
2558 	} else if (c == '$') {
2559 		int i;
2560 		for (i=0; i<63; i++) {
2561 			c = inchar();
2562 			if (isspace(c) || c == '\0') {
2563 				termch = c;
2564 				break;
2565 			}
2566 			tmpstr[i] = c;
2567 		}
2568 		tmpstr[i++] = 0;
2569 		*vp = 0;
2570 		if (setjmp(bus_error_jmp) == 0) {
2571 			catch_memory_errors = 1;
2572 			sync();
2573 			*vp = kallsyms_lookup_name(tmpstr);
2574 			sync();
2575 		}
2576 		catch_memory_errors = 0;
2577 		if (!(*vp)) {
2578 			printf("unknown symbol '%s'\n", tmpstr);
2579 			return 0;
2580 		}
2581 		return 1;
2582 	}
2583 
2584 	d = hexdigit(c);
2585 	if (d == EOF) {
2586 		termch = c;
2587 		return 0;
2588 	}
2589 	v = 0;
2590 	do {
2591 		v = (v << 4) + d;
2592 		c = inchar();
2593 		d = hexdigit(c);
2594 	} while (d != EOF);
2595 	termch = c;
2596 	*vp = v;
2597 	return 1;
2598 }
2599 
2600 static void
2601 scannl(void)
2602 {
2603 	int c;
2604 
2605 	c = termch;
2606 	termch = 0;
2607 	while( c != '\n' )
2608 		c = inchar();
2609 }
2610 
2611 static int hexdigit(int c)
2612 {
2613 	if( '0' <= c && c <= '9' )
2614 		return c - '0';
2615 	if( 'A' <= c && c <= 'F' )
2616 		return c - ('A' - 10);
2617 	if( 'a' <= c && c <= 'f' )
2618 		return c - ('a' - 10);
2619 	return EOF;
2620 }
2621 
2622 void
2623 getstring(char *s, int size)
2624 {
2625 	int c;
2626 
2627 	c = skipbl();
2628 	do {
2629 		if( size > 1 ){
2630 			*s++ = c;
2631 			--size;
2632 		}
2633 		c = inchar();
2634 	} while( c != ' ' && c != '\t' && c != '\n' );
2635 	termch = c;
2636 	*s = 0;
2637 }
2638 
2639 static char line[256];
2640 static char *lineptr;
2641 
2642 static void
2643 flush_input(void)
2644 {
2645 	lineptr = NULL;
2646 }
2647 
2648 static int
2649 inchar(void)
2650 {
2651 	if (lineptr == NULL || *lineptr == 0) {
2652 		if (xmon_gets(line, sizeof(line)) == NULL) {
2653 			lineptr = NULL;
2654 			return EOF;
2655 		}
2656 		lineptr = line;
2657 	}
2658 	return *lineptr++;
2659 }
2660 
2661 static void
2662 take_input(char *str)
2663 {
2664 	lineptr = str;
2665 }
2666 
2667 
2668 static void
2669 symbol_lookup(void)
2670 {
2671 	int type = inchar();
2672 	unsigned long addr;
2673 	static char tmp[64];
2674 
2675 	switch (type) {
2676 	case 'a':
2677 		if (scanhex(&addr))
2678 			xmon_print_symbol(addr, ": ", "\n");
2679 		termch = 0;
2680 		break;
2681 	case 's':
2682 		getstring(tmp, 64);
2683 		if (setjmp(bus_error_jmp) == 0) {
2684 			catch_memory_errors = 1;
2685 			sync();
2686 			addr = kallsyms_lookup_name(tmp);
2687 			if (addr)
2688 				printf("%s: %lx\n", tmp, addr);
2689 			else
2690 				printf("Symbol '%s' not found.\n", tmp);
2691 			sync();
2692 		}
2693 		catch_memory_errors = 0;
2694 		termch = 0;
2695 		break;
2696 	}
2697 }
2698 
2699 
2700 /* Print an address in numeric and symbolic form (if possible) */
2701 static void xmon_print_symbol(unsigned long address, const char *mid,
2702 			      const char *after)
2703 {
2704 	char *modname;
2705 	const char *name = NULL;
2706 	unsigned long offset, size;
2707 
2708 	printf(REG, address);
2709 	if (setjmp(bus_error_jmp) == 0) {
2710 		catch_memory_errors = 1;
2711 		sync();
2712 		name = kallsyms_lookup(address, &size, &offset, &modname,
2713 				       tmpstr);
2714 		sync();
2715 		/* wait a little while to see if we get a machine check */
2716 		__delay(200);
2717 	}
2718 
2719 	catch_memory_errors = 0;
2720 
2721 	if (name) {
2722 		printf("%s%s+%#lx/%#lx", mid, name, offset, size);
2723 		if (modname)
2724 			printf(" [%s]", modname);
2725 	}
2726 	printf("%s", after);
2727 }
2728 
2729 #ifdef CONFIG_PPC_BOOK3S_64
2730 void dump_segments(void)
2731 {
2732 	int i;
2733 	unsigned long esid,vsid;
2734 	unsigned long llp;
2735 
2736 	printf("SLB contents of cpu 0x%x\n", smp_processor_id());
2737 
2738 	for (i = 0; i < mmu_slb_size; i++) {
2739 		asm volatile("slbmfee  %0,%1" : "=r" (esid) : "r" (i));
2740 		asm volatile("slbmfev  %0,%1" : "=r" (vsid) : "r" (i));
2741 		if (esid || vsid) {
2742 			printf("%02d %016lx %016lx", i, esid, vsid);
2743 			if (esid & SLB_ESID_V) {
2744 				llp = vsid & SLB_VSID_LLP;
2745 				if (vsid & SLB_VSID_B_1T) {
2746 					printf("  1T  ESID=%9lx  VSID=%13lx LLP:%3lx \n",
2747 						GET_ESID_1T(esid),
2748 						(vsid & ~SLB_VSID_B) >> SLB_VSID_SHIFT_1T,
2749 						llp);
2750 				} else {
2751 					printf(" 256M ESID=%9lx  VSID=%13lx LLP:%3lx \n",
2752 						GET_ESID(esid),
2753 						(vsid & ~SLB_VSID_B) >> SLB_VSID_SHIFT,
2754 						llp);
2755 				}
2756 			} else
2757 				printf("\n");
2758 		}
2759 	}
2760 }
2761 #endif
2762 
2763 #ifdef CONFIG_PPC_STD_MMU_32
2764 void dump_segments(void)
2765 {
2766 	int i;
2767 
2768 	printf("sr0-15 =");
2769 	for (i = 0; i < 16; ++i)
2770 		printf(" %x", mfsrin(i));
2771 	printf("\n");
2772 }
2773 #endif
2774 
2775 #ifdef CONFIG_44x
2776 static void dump_tlb_44x(void)
2777 {
2778 	int i;
2779 
2780 	for (i = 0; i < PPC44x_TLB_SIZE; i++) {
2781 		unsigned long w0,w1,w2;
2782 		asm volatile("tlbre  %0,%1,0" : "=r" (w0) : "r" (i));
2783 		asm volatile("tlbre  %0,%1,1" : "=r" (w1) : "r" (i));
2784 		asm volatile("tlbre  %0,%1,2" : "=r" (w2) : "r" (i));
2785 		printf("[%02x] %08x %08x %08x ", i, w0, w1, w2);
2786 		if (w0 & PPC44x_TLB_VALID) {
2787 			printf("V %08x -> %01x%08x %c%c%c%c%c",
2788 			       w0 & PPC44x_TLB_EPN_MASK,
2789 			       w1 & PPC44x_TLB_ERPN_MASK,
2790 			       w1 & PPC44x_TLB_RPN_MASK,
2791 			       (w2 & PPC44x_TLB_W) ? 'W' : 'w',
2792 			       (w2 & PPC44x_TLB_I) ? 'I' : 'i',
2793 			       (w2 & PPC44x_TLB_M) ? 'M' : 'm',
2794 			       (w2 & PPC44x_TLB_G) ? 'G' : 'g',
2795 			       (w2 & PPC44x_TLB_E) ? 'E' : 'e');
2796 		}
2797 		printf("\n");
2798 	}
2799 }
2800 #endif /* CONFIG_44x */
2801 
2802 #ifdef CONFIG_PPC_BOOK3E
2803 static void dump_tlb_book3e(void)
2804 {
2805 	u32 mmucfg, pidmask, lpidmask;
2806 	u64 ramask;
2807 	int i, tlb, ntlbs, pidsz, lpidsz, rasz, lrat = 0;
2808 	int mmu_version;
2809 	static const char *pgsz_names[] = {
2810 		"  1K",
2811 		"  2K",
2812 		"  4K",
2813 		"  8K",
2814 		" 16K",
2815 		" 32K",
2816 		" 64K",
2817 		"128K",
2818 		"256K",
2819 		"512K",
2820 		"  1M",
2821 		"  2M",
2822 		"  4M",
2823 		"  8M",
2824 		" 16M",
2825 		" 32M",
2826 		" 64M",
2827 		"128M",
2828 		"256M",
2829 		"512M",
2830 		"  1G",
2831 		"  2G",
2832 		"  4G",
2833 		"  8G",
2834 		" 16G",
2835 		" 32G",
2836 		" 64G",
2837 		"128G",
2838 		"256G",
2839 		"512G",
2840 		"  1T",
2841 		"  2T",
2842 	};
2843 
2844 	/* Gather some infos about the MMU */
2845 	mmucfg = mfspr(SPRN_MMUCFG);
2846 	mmu_version = (mmucfg & 3) + 1;
2847 	ntlbs = ((mmucfg >> 2) & 3) + 1;
2848 	pidsz = ((mmucfg >> 6) & 0x1f) + 1;
2849 	lpidsz = (mmucfg >> 24) & 0xf;
2850 	rasz = (mmucfg >> 16) & 0x7f;
2851 	if ((mmu_version > 1) && (mmucfg & 0x10000))
2852 		lrat = 1;
2853 	printf("Book3E MMU MAV=%d.0,%d TLBs,%d-bit PID,%d-bit LPID,%d-bit RA\n",
2854 	       mmu_version, ntlbs, pidsz, lpidsz, rasz);
2855 	pidmask = (1ul << pidsz) - 1;
2856 	lpidmask = (1ul << lpidsz) - 1;
2857 	ramask = (1ull << rasz) - 1;
2858 
2859 	for (tlb = 0; tlb < ntlbs; tlb++) {
2860 		u32 tlbcfg;
2861 		int nent, assoc, new_cc = 1;
2862 		printf("TLB %d:\n------\n", tlb);
2863 		switch(tlb) {
2864 		case 0:
2865 			tlbcfg = mfspr(SPRN_TLB0CFG);
2866 			break;
2867 		case 1:
2868 			tlbcfg = mfspr(SPRN_TLB1CFG);
2869 			break;
2870 		case 2:
2871 			tlbcfg = mfspr(SPRN_TLB2CFG);
2872 			break;
2873 		case 3:
2874 			tlbcfg = mfspr(SPRN_TLB3CFG);
2875 			break;
2876 		default:
2877 			printf("Unsupported TLB number !\n");
2878 			continue;
2879 		}
2880 		nent = tlbcfg & 0xfff;
2881 		assoc = (tlbcfg >> 24) & 0xff;
2882 		for (i = 0; i < nent; i++) {
2883 			u32 mas0 = MAS0_TLBSEL(tlb);
2884 			u32 mas1 = MAS1_TSIZE(BOOK3E_PAGESZ_4K);
2885 			u64 mas2 = 0;
2886 			u64 mas7_mas3;
2887 			int esel = i, cc = i;
2888 
2889 			if (assoc != 0) {
2890 				cc = i / assoc;
2891 				esel = i % assoc;
2892 				mas2 = cc * 0x1000;
2893 			}
2894 
2895 			mas0 |= MAS0_ESEL(esel);
2896 			mtspr(SPRN_MAS0, mas0);
2897 			mtspr(SPRN_MAS1, mas1);
2898 			mtspr(SPRN_MAS2, mas2);
2899 			asm volatile("tlbre  0,0,0" : : : "memory");
2900 			mas1 = mfspr(SPRN_MAS1);
2901 			mas2 = mfspr(SPRN_MAS2);
2902 			mas7_mas3 = mfspr(SPRN_MAS7_MAS3);
2903 			if (assoc && (i % assoc) == 0)
2904 				new_cc = 1;
2905 			if (!(mas1 & MAS1_VALID))
2906 				continue;
2907 			if (assoc == 0)
2908 				printf("%04x- ", i);
2909 			else if (new_cc)
2910 				printf("%04x-%c", cc, 'A' + esel);
2911 			else
2912 				printf("    |%c", 'A' + esel);
2913 			new_cc = 0;
2914 			printf(" %016llx %04x %s %c%c AS%c",
2915 			       mas2 & ~0x3ffull,
2916 			       (mas1 >> 16) & 0x3fff,
2917 			       pgsz_names[(mas1 >> 7) & 0x1f],
2918 			       mas1 & MAS1_IND ? 'I' : ' ',
2919 			       mas1 & MAS1_IPROT ? 'P' : ' ',
2920 			       mas1 & MAS1_TS ? '1' : '0');
2921 			printf(" %c%c%c%c%c%c%c",
2922 			       mas2 & MAS2_X0 ? 'a' : ' ',
2923 			       mas2 & MAS2_X1 ? 'v' : ' ',
2924 			       mas2 & MAS2_W  ? 'w' : ' ',
2925 			       mas2 & MAS2_I  ? 'i' : ' ',
2926 			       mas2 & MAS2_M  ? 'm' : ' ',
2927 			       mas2 & MAS2_G  ? 'g' : ' ',
2928 			       mas2 & MAS2_E  ? 'e' : ' ');
2929 			printf(" %016llx", mas7_mas3 & ramask & ~0x7ffull);
2930 			if (mas1 & MAS1_IND)
2931 				printf(" %s\n",
2932 				       pgsz_names[(mas7_mas3 >> 1) & 0x1f]);
2933 			else
2934 				printf(" U%c%c%c S%c%c%c\n",
2935 				       mas7_mas3 & MAS3_UX ? 'x' : ' ',
2936 				       mas7_mas3 & MAS3_UW ? 'w' : ' ',
2937 				       mas7_mas3 & MAS3_UR ? 'r' : ' ',
2938 				       mas7_mas3 & MAS3_SX ? 'x' : ' ',
2939 				       mas7_mas3 & MAS3_SW ? 'w' : ' ',
2940 				       mas7_mas3 & MAS3_SR ? 'r' : ' ');
2941 		}
2942 	}
2943 }
2944 #endif /* CONFIG_PPC_BOOK3E */
2945 
2946 static void xmon_init(int enable)
2947 {
2948 	if (enable) {
2949 		__debugger = xmon;
2950 		__debugger_ipi = xmon_ipi;
2951 		__debugger_bpt = xmon_bpt;
2952 		__debugger_sstep = xmon_sstep;
2953 		__debugger_iabr_match = xmon_iabr_match;
2954 		__debugger_break_match = xmon_break_match;
2955 		__debugger_fault_handler = xmon_fault_handler;
2956 	} else {
2957 		__debugger = NULL;
2958 		__debugger_ipi = NULL;
2959 		__debugger_bpt = NULL;
2960 		__debugger_sstep = NULL;
2961 		__debugger_iabr_match = NULL;
2962 		__debugger_break_match = NULL;
2963 		__debugger_fault_handler = NULL;
2964 	}
2965 }
2966 
2967 #ifdef CONFIG_MAGIC_SYSRQ
2968 static void sysrq_handle_xmon(int key)
2969 {
2970 	/* ensure xmon is enabled */
2971 	xmon_init(1);
2972 	debugger(get_irq_regs());
2973 }
2974 
2975 static struct sysrq_key_op sysrq_xmon_op = {
2976 	.handler =	sysrq_handle_xmon,
2977 	.help_msg =	"xmon(x)",
2978 	.action_msg =	"Entering xmon",
2979 };
2980 
2981 static int __init setup_xmon_sysrq(void)
2982 {
2983 	register_sysrq_key('x', &sysrq_xmon_op);
2984 	return 0;
2985 }
2986 __initcall(setup_xmon_sysrq);
2987 #endif /* CONFIG_MAGIC_SYSRQ */
2988 
2989 static int __initdata xmon_early, xmon_off;
2990 
2991 static int __init early_parse_xmon(char *p)
2992 {
2993 	if (!p || strncmp(p, "early", 5) == 0) {
2994 		/* just "xmon" is equivalent to "xmon=early" */
2995 		xmon_init(1);
2996 		xmon_early = 1;
2997 	} else if (strncmp(p, "on", 2) == 0)
2998 		xmon_init(1);
2999 	else if (strncmp(p, "off", 3) == 0)
3000 		xmon_off = 1;
3001 	else if (strncmp(p, "nobt", 4) == 0)
3002 		xmon_no_auto_backtrace = 1;
3003 	else
3004 		return 1;
3005 
3006 	return 0;
3007 }
3008 early_param("xmon", early_parse_xmon);
3009 
3010 void __init xmon_setup(void)
3011 {
3012 #ifdef CONFIG_XMON_DEFAULT
3013 	if (!xmon_off)
3014 		xmon_init(1);
3015 #endif
3016 	if (xmon_early)
3017 		debugger(NULL);
3018 }
3019 
3020 #ifdef CONFIG_SPU_BASE
3021 
3022 struct spu_info {
3023 	struct spu *spu;
3024 	u64 saved_mfc_sr1_RW;
3025 	u32 saved_spu_runcntl_RW;
3026 	unsigned long dump_addr;
3027 	u8 stopped_ok;
3028 };
3029 
3030 #define XMON_NUM_SPUS	16	/* Enough for current hardware */
3031 
3032 static struct spu_info spu_info[XMON_NUM_SPUS];
3033 
3034 void xmon_register_spus(struct list_head *list)
3035 {
3036 	struct spu *spu;
3037 
3038 	list_for_each_entry(spu, list, full_list) {
3039 		if (spu->number >= XMON_NUM_SPUS) {
3040 			WARN_ON(1);
3041 			continue;
3042 		}
3043 
3044 		spu_info[spu->number].spu = spu;
3045 		spu_info[spu->number].stopped_ok = 0;
3046 		spu_info[spu->number].dump_addr = (unsigned long)
3047 				spu_info[spu->number].spu->local_store;
3048 	}
3049 }
3050 
3051 static void stop_spus(void)
3052 {
3053 	struct spu *spu;
3054 	int i;
3055 	u64 tmp;
3056 
3057 	for (i = 0; i < XMON_NUM_SPUS; i++) {
3058 		if (!spu_info[i].spu)
3059 			continue;
3060 
3061 		if (setjmp(bus_error_jmp) == 0) {
3062 			catch_memory_errors = 1;
3063 			sync();
3064 
3065 			spu = spu_info[i].spu;
3066 
3067 			spu_info[i].saved_spu_runcntl_RW =
3068 				in_be32(&spu->problem->spu_runcntl_RW);
3069 
3070 			tmp = spu_mfc_sr1_get(spu);
3071 			spu_info[i].saved_mfc_sr1_RW = tmp;
3072 
3073 			tmp &= ~MFC_STATE1_MASTER_RUN_CONTROL_MASK;
3074 			spu_mfc_sr1_set(spu, tmp);
3075 
3076 			sync();
3077 			__delay(200);
3078 
3079 			spu_info[i].stopped_ok = 1;
3080 
3081 			printf("Stopped spu %.2d (was %s)\n", i,
3082 					spu_info[i].saved_spu_runcntl_RW ?
3083 					"running" : "stopped");
3084 		} else {
3085 			catch_memory_errors = 0;
3086 			printf("*** Error stopping spu %.2d\n", i);
3087 		}
3088 		catch_memory_errors = 0;
3089 	}
3090 }
3091 
3092 static void restart_spus(void)
3093 {
3094 	struct spu *spu;
3095 	int i;
3096 
3097 	for (i = 0; i < XMON_NUM_SPUS; i++) {
3098 		if (!spu_info[i].spu)
3099 			continue;
3100 
3101 		if (!spu_info[i].stopped_ok) {
3102 			printf("*** Error, spu %d was not successfully stopped"
3103 					", not restarting\n", i);
3104 			continue;
3105 		}
3106 
3107 		if (setjmp(bus_error_jmp) == 0) {
3108 			catch_memory_errors = 1;
3109 			sync();
3110 
3111 			spu = spu_info[i].spu;
3112 			spu_mfc_sr1_set(spu, spu_info[i].saved_mfc_sr1_RW);
3113 			out_be32(&spu->problem->spu_runcntl_RW,
3114 					spu_info[i].saved_spu_runcntl_RW);
3115 
3116 			sync();
3117 			__delay(200);
3118 
3119 			printf("Restarted spu %.2d\n", i);
3120 		} else {
3121 			catch_memory_errors = 0;
3122 			printf("*** Error restarting spu %.2d\n", i);
3123 		}
3124 		catch_memory_errors = 0;
3125 	}
3126 }
3127 
3128 #define DUMP_WIDTH	23
3129 #define DUMP_VALUE(format, field, value)				\
3130 do {									\
3131 	if (setjmp(bus_error_jmp) == 0) {				\
3132 		catch_memory_errors = 1;				\
3133 		sync();							\
3134 		printf("  %-*s = "format"\n", DUMP_WIDTH,		\
3135 				#field, value);				\
3136 		sync();							\
3137 		__delay(200);						\
3138 	} else {							\
3139 		catch_memory_errors = 0;				\
3140 		printf("  %-*s = *** Error reading field.\n",		\
3141 					DUMP_WIDTH, #field);		\
3142 	}								\
3143 	catch_memory_errors = 0;					\
3144 } while (0)
3145 
3146 #define DUMP_FIELD(obj, format, field)	\
3147 	DUMP_VALUE(format, field, obj->field)
3148 
3149 static void dump_spu_fields(struct spu *spu)
3150 {
3151 	printf("Dumping spu fields at address %p:\n", spu);
3152 
3153 	DUMP_FIELD(spu, "0x%x", number);
3154 	DUMP_FIELD(spu, "%s", name);
3155 	DUMP_FIELD(spu, "0x%lx", local_store_phys);
3156 	DUMP_FIELD(spu, "0x%p", local_store);
3157 	DUMP_FIELD(spu, "0x%lx", ls_size);
3158 	DUMP_FIELD(spu, "0x%x", node);
3159 	DUMP_FIELD(spu, "0x%lx", flags);
3160 	DUMP_FIELD(spu, "%d", class_0_pending);
3161 	DUMP_FIELD(spu, "0x%lx", class_0_dar);
3162 	DUMP_FIELD(spu, "0x%lx", class_1_dar);
3163 	DUMP_FIELD(spu, "0x%lx", class_1_dsisr);
3164 	DUMP_FIELD(spu, "0x%lx", irqs[0]);
3165 	DUMP_FIELD(spu, "0x%lx", irqs[1]);
3166 	DUMP_FIELD(spu, "0x%lx", irqs[2]);
3167 	DUMP_FIELD(spu, "0x%x", slb_replace);
3168 	DUMP_FIELD(spu, "%d", pid);
3169 	DUMP_FIELD(spu, "0x%p", mm);
3170 	DUMP_FIELD(spu, "0x%p", ctx);
3171 	DUMP_FIELD(spu, "0x%p", rq);
3172 	DUMP_FIELD(spu, "0x%p", timestamp);
3173 	DUMP_FIELD(spu, "0x%lx", problem_phys);
3174 	DUMP_FIELD(spu, "0x%p", problem);
3175 	DUMP_VALUE("0x%x", problem->spu_runcntl_RW,
3176 			in_be32(&spu->problem->spu_runcntl_RW));
3177 	DUMP_VALUE("0x%x", problem->spu_status_R,
3178 			in_be32(&spu->problem->spu_status_R));
3179 	DUMP_VALUE("0x%x", problem->spu_npc_RW,
3180 			in_be32(&spu->problem->spu_npc_RW));
3181 	DUMP_FIELD(spu, "0x%p", priv2);
3182 	DUMP_FIELD(spu, "0x%p", pdata);
3183 }
3184 
3185 int
3186 spu_inst_dump(unsigned long adr, long count, int praddr)
3187 {
3188 	return generic_inst_dump(adr, count, praddr, print_insn_spu);
3189 }
3190 
3191 static void dump_spu_ls(unsigned long num, int subcmd)
3192 {
3193 	unsigned long offset, addr, ls_addr;
3194 
3195 	if (setjmp(bus_error_jmp) == 0) {
3196 		catch_memory_errors = 1;
3197 		sync();
3198 		ls_addr = (unsigned long)spu_info[num].spu->local_store;
3199 		sync();
3200 		__delay(200);
3201 	} else {
3202 		catch_memory_errors = 0;
3203 		printf("*** Error: accessing spu info for spu %d\n", num);
3204 		return;
3205 	}
3206 	catch_memory_errors = 0;
3207 
3208 	if (scanhex(&offset))
3209 		addr = ls_addr + offset;
3210 	else
3211 		addr = spu_info[num].dump_addr;
3212 
3213 	if (addr >= ls_addr + LS_SIZE) {
3214 		printf("*** Error: address outside of local store\n");
3215 		return;
3216 	}
3217 
3218 	switch (subcmd) {
3219 	case 'i':
3220 		addr += spu_inst_dump(addr, 16, 1);
3221 		last_cmd = "sdi\n";
3222 		break;
3223 	default:
3224 		prdump(addr, 64);
3225 		addr += 64;
3226 		last_cmd = "sd\n";
3227 		break;
3228 	}
3229 
3230 	spu_info[num].dump_addr = addr;
3231 }
3232 
3233 static int do_spu_cmd(void)
3234 {
3235 	static unsigned long num = 0;
3236 	int cmd, subcmd = 0;
3237 
3238 	cmd = inchar();
3239 	switch (cmd) {
3240 	case 's':
3241 		stop_spus();
3242 		break;
3243 	case 'r':
3244 		restart_spus();
3245 		break;
3246 	case 'd':
3247 		subcmd = inchar();
3248 		if (isxdigit(subcmd) || subcmd == '\n')
3249 			termch = subcmd;
3250 	case 'f':
3251 		scanhex(&num);
3252 		if (num >= XMON_NUM_SPUS || !spu_info[num].spu) {
3253 			printf("*** Error: invalid spu number\n");
3254 			return 0;
3255 		}
3256 
3257 		switch (cmd) {
3258 		case 'f':
3259 			dump_spu_fields(spu_info[num].spu);
3260 			break;
3261 		default:
3262 			dump_spu_ls(num, subcmd);
3263 			break;
3264 		}
3265 
3266 		break;
3267 	default:
3268 		return -1;
3269 	}
3270 
3271 	return 0;
3272 }
3273 #else /* ! CONFIG_SPU_BASE */
3274 static int do_spu_cmd(void)
3275 {
3276 	return -1;
3277 }
3278 #endif
3279